Re: Containerize dovecot?
On 8/24/21 6:46 PM, William Edwards wrote: I think the general concensus is that containerisation isn't always better than 'normal' VMs. 'Easy deployment & scaling' is also perfectly possible without containers. Without a doubt VMs are a good solution. Containers use some of the same technology however and since they're based on the Linux kernel API they can do it with a bit more performance (as opposed to emulating hardware). While the performance hit for a VM is small, most of the folks who use containers are trying to squeeze as many apps in a "multi-tenant" host which means every CPU cycle matters. Also, with recent CGROUPS 2 changes there's the ability to nest containers. I think overall containers offer a "capability based" paradigm while VMs offer an emulation paradigm. In theory the capability based paradigm ought to be easier to use and more flexible so it's reasonable that folks want to use it for things like Dovecot. MRob schreef op 2021-08-25 00:01: Thank to other responses with links that i'll learning from! Thanks you very much On 2021-08-24 00:35, Marc wrote: What are you trying to achieve with containerizing? hmm, easy deployment & scaling? also reslient against hardware crashes, etc. You have to take into account that your storage is persistant, Persistent storage is definitely something to think about and plan for but most containerization solutions offer easy ways to mount persistent storage into containers. This can be an advantage, your business logic can run in the container to which you ascribe a certain amount of CPU per your needs and your persistent data can live on the host file system. Have you see what challenge this poses? Love to hear your opinion about it. Maybe this is where using object-storage backend becomes more powerful solution? you have to take into account getting something like proxy to redirect traffic etc etc. Indeed, ingress and egress as well as networking become more complex. Yes I thought also proxy/director also become containerized. You said this for teaching a certain point? If you want to deploy the container on a orchestrator so it is going to be (re)started on a random hosts. you mention so because all hosts must be connected to same storage? I managed to get this to work via alpine linux (nice small), but I think I am going back to vm. what reasons? what kind of vm do you use? Hello, anyone here has containerized dovecot? Can I ask general advice and experience please? are there any recommended articles/tutorial for containerize deploymnt and auto-scaling? Thank you. Cheers, Jeremiah
Using a DICT PROXY with SQL for AUTH
https://doc.dovecot.org/configuration_manual/dict/#dict-sql
https://doc.dovecot.org/configuration_manual/dict/#dict-proxy
https://doc.dovecot.org/configuration_manual/dict/proxy/
I can't get the complete picture from these pages how to implement proxy
with sql. I have direct sql setup now, how do i use this with proxy?
passdb {
driver = sql
args = /etc/dovecot/mysql_login
}
userdb {
driver = prefetch
}
/etc/dovecot/mysql_login:
driver = mysql
connect = host=/var/lib/mysql/mysql.sock dbname=redacted
user=redacted password=redacted
default_pass_scheme = redacted
password_query = SELECT ...
I feel like there is a disconnect. It says how to make a proxy service
with service dict{} and it says put a dict name but where? And how do i
connect my password_query to a dict? Or can you not use the proxy
service for auth service?
"The contains the dict name in the dict { .. }
settings"
service dict(1) {
unix_listener dict(2) {
mode = 0600
user = vmail
}
}
What is the dict name, the first dict(1) or the second dict(2) or
neither? Can you change "dict" in the service or unix_listner or does it
always have to be "dict"?
Can you use dict-async with sql?
Re: Over Quota Reply Codes
For the record, we also use 554 for Over Quota, but it is an interesting
topic for conversation, eg why do we even indicate a permanent failure,
when of course the person might make room in the next couple of hours.
It MIGHT be preferred to let the sender know as soon as possible, so he
can advise the recipient by alternative means...
Maybe more clarity can be gleaned from RFC's on this matter, but in the
end it is up to the email provider, which method they think is better.
Just make sure you also include an obvious message, eg.
lmprintf("554 User [%s] is over quota.\r\n", LM_STRING_BUFFER(addr));
On 2021-09-01 4:11 p.m., dove...@ptld.com wrote:
Dovecot quota plugin returns code 554 5.2.2 when a user inbox is full.
Why 554 (transaction failed) instead of 552 (exceeded storage
allocation)? Im curious behind the logic as im trying to determine the
best code to use to reject a user sending more emails than their
number-of-emails-limit quota.
If anyone has an option to share on the best code to return it would be
appreciated;
550 (policy reasons)
552 (exceeded ... allocation)
554 (transaction failed)
5.2.2 (mailbox full)
5.5.3 (Too many recipients)
5.7.0 (Other security related)
5.7.1 (delivery not authorized)
Which fits best?
--
"Catch the Magic of Linux..."
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.
604-682-0300 Beautiful British Columbia, Canada
This email and any electronic data contained are confidential and intended
solely for the use of the individual or entity to which they are addressed.
Please note that any views or opinions presented in this email are solely
those of the author and are not intended to represent those of the company.
Re: Dovecot - FTS Solr: disk usage & position information?
Hi Vincent, thanks for your investigations! Il 01/09/21 11:27, Vincent Brillault ha scritto: Dear all, Just a status update, in case this can help others. We went forward and disabled the position information indexing and the re-indexed of our mail data (over a couple of days to avoid overloading the systems). Before the re-indexing we had 1.33 TiB in our Solr Indexes. After re-indexation, we had only 542 GiB, that's a 60% of our storage requirements for our FTS indexes :) this optimization also produce a less RAM requirements on Solr server? So far, we haven't been reported any issue or measurable differences by our users concerning the quality of the FTS. From further debugging, as discussed on the solr-user mailing list (https://lists.apache.org/thread.html/rcdf8bb97be0839e57928ad5fa34501ec8a73392c11248db91206bc33%40%3Cusers.solr.apache.org%3E), I've come to the conclusion that, with the current integration between Dovecot and Solr (esp the fact that `"` is escaped), it's impossible to trigger phrase queries from user queries as long as autoGeneratePhraseQueries is false. I've attached the schema.xml and solrconfig.xml we are now using with Solr 8.6.0, in case there is any interest from others. Let me know if you prefer a MR to update the xmls present in https://github.com/dovecot/core/tree/master/doc. The attached schema and config file also works with Solr 7.7.0? Since dovecot provide schema and config for 7.7.0 will be useful for many of us a path based on it. Thanks -- Alessio Cecchi Postmaster @ http://www.qboxmail.it https://www.linkedin.com/in/alessice
Dovecot, Last Login Plugin and PostfixAdmin
https://doc.dovecot.org/configuration_manual/lastlogin_plugin/ Is there any documentation about how to get the "Last Login" info into the PostfixAdmin database ?
Re: maildirfolder file created in maildir root during auto-creation with 2.3.4.1 but not 2.2.27
Hello,
thanks for the reply.
On Thu, 2 Sep 2021 12:47:43 +0300 (EEST) Aki Tuomi wrote:
> Would it be possible to workaround this with:
>
> mail_location = maildir:~/Mail/
>
Maybe, but that is not feasible in our deployment, which is LDAP driven
and thus looks like this:
mail_location = maildir:%h
Changing this in-situ by attaching a "/Mail/" to the location for literally
hundreds of thousands mailboxes clearly is a no-go, nor would I look
forward to go fix up all the other places and scripts that assume a
certain directory structure.
Regards,
Christian
> Aki
>
> > On 02/09/2021 11:21 Christian Balzer wrote:
> >
> >
> > Hello,
> >
> > it is now nearly 2 years later and we are running 2.3.13 with this bug
> > still present.
> > Would be nice if it were acknowledged at least if not even fixed.
> > And it was confirmed by other people who contacted me directly after
> > seeing the original report here.
> >
> > Regards,
> >
> > Christian
> >
> > On Wed, 5 Feb 2020 16:13:37 +0900 Christian Balzer wrote:
> >
> > > Hello,
> > >
> > > On Wed, 5 Feb 2020 08:58:29 +0200 Aki Tuomi wrote:
> > >
> > > > Can you provide full doveconf -n output? Also how are you delivering
> > > > mail?
> > > >
> > > As pretty much implied, Exim is delivering mails, w/o problems.
> > > And if it gets to create the home directory, everything is fine
> > > and maildirsize gets put there.
> > >
> > > But if the first access is via the newer dovecot the bogus maildirfolder
> > > file gets created in the home directory and prevents Exim (and itself?)
> > > from putting a maildirsize there.
> > >
> > > My bet is that that something in the auto-create logic changed or the
> > > "mail_home" needing to be set explicitly instead of defaulting to
> > > mail_location if unset, etc.
> > >
> > > Redacted and relevant parts only:
> > > ---
> > > # 2.3.4.1 (f79e8e7e4): /etc/dovecot/dovecot.conf
> > > # Pigeonhole version 0.5.4 ()
> > > # OS: Linux 4.19.0-6-amd64 x86_64 Debian 10.2
> > > # Hostname: testbox.gol.com
> > > auth_default_realm = gol.com
> > > default_client_limit = 16384
> > > default_process_limit = 1024
> > > first_valid_uid = 8
> > > imap_hibernate_timeout = 30 secs
> > > imap_idle_notify_interval = 8 mins
> > > imap_logout_format = in=%i out=%o head=<%{fetch_hdr_count}>
> > > del=<%{deleted}> exp=<%{expunged}> trash=<%{trashed}> session=<%{session}>
> > > login_trusted_networks = some.net.work
> > > mail_gid = 8
> > > mail_location = maildir:%h
> > > mail_privileged_group = mail
> > > mail_uid = 8
> > > mailbox_idle_check_interval = 1 mins
> > > maildir_very_dirty_syncs = yes
> > >
> > > passdb {
> > > args = /etc/dovecot/dovecot-ldap.conf.ext
> > > driver = ldap
> > > }
> > > plugin {
> > > quota = maildir:User
> > > quota_rule = ?:storage=200M
> > > quota_rule2 = Trash:storage=+50M
> > > sieve = file:~/sieve;active=~/.dovecot.sieve
> > > }
> > >
> > > userdb {
> > > args = /etc/dovecot/dovecot-ldap.conf.ext
> > > driver = ldap
> > > }
> > > verbose_proctitle = yes
> > > protocol imap {
> > > mail_max_userip_connections = 40
> > > mail_plugins = quota imap_quota
> > > }
> > > protocol pop3 {
> > > mail_plugins = quota
> > > }
> > > ---
> > >
> > > Regards,
> > >
> > > Christian
> > > > Aki
> > > >
> > > > On 5.2.2020 4.24, Christian Balzer wrote:
> > > > >
> > > > > Hello,
> > > > >
> > > > > as the tin says.
> > > > > I have several servers running 2.2.27 (Debian stretch) and am adding
> > > > > new
> > > > > ones with 2.3.4.1 (Debian buster).
> > > > > The configs were upgraded where needed but neither 10-mail.conf nor
> > > > > 15-mailboxes.conf were changed.
> > > > > 15-mailboxes is all commented out (I guess the default is auto-create,
> > > > > which isn't documented anywhere I could find) and the only
> > > > > non-comments in
> > > > > 10-mail.conf are
> > > > > ---
> > > > > mail_location = maildir:%h
> > > > > mail_privileged_group = mail
> > > > > ---
> > > > >
> > > > > So yes, no namespaces are explicitly defined/declared.
> > > > >
> > > > >
> > > > > The 2.3.4.1 version wrongly creates a maildirfolder file in the home
> > > > > directory (maildir root), preventing exim from correctly
> > > > > creating/using
> > > > > maildirsize.
> > > > >
> > > > > a) Is this expected behavior and can it be changed?
> > > > > b) How can I disable inbox auto-creation if a) doesn't pan out?
> > > > >
> > > > > Thanks,
> > > > >
> > > > > Christian
> > > >
> > >
> > >
> > > --
> > > Christian BalzerNetwork/Systems Engineer
> > > ch...@gol.com Rakuten Mobile Inc.
> > >
> >
> >
> > --
> > Christian BalzerNetwork/Systems Engineer
> > ch...@gol.com Rakuten Communications
>
--
Christian BalzerNetwork/Systems Engineer
ch...@gol.com Rakuten Communications
Re: maildirfolder file created in maildir root during auto-creation with 2.3.4.1 but not 2.2.27
Would it be possible to workaround this with:
mail_location = maildir:~/Mail/
Aki
> On 02/09/2021 11:21 Christian Balzer wrote:
>
>
> Hello,
>
> it is now nearly 2 years later and we are running 2.3.13 with this bug
> still present.
> Would be nice if it were acknowledged at least if not even fixed.
> And it was confirmed by other people who contacted me directly after
> seeing the original report here.
>
> Regards,
>
> Christian
>
> On Wed, 5 Feb 2020 16:13:37 +0900 Christian Balzer wrote:
>
> > Hello,
> >
> > On Wed, 5 Feb 2020 08:58:29 +0200 Aki Tuomi wrote:
> >
> > > Can you provide full doveconf -n output? Also how are you delivering mail?
> > >
> > As pretty much implied, Exim is delivering mails, w/o problems.
> > And if it gets to create the home directory, everything is fine
> > and maildirsize gets put there.
> >
> > But if the first access is via the newer dovecot the bogus maildirfolder
> > file gets created in the home directory and prevents Exim (and itself?)
> > from putting a maildirsize there.
> >
> > My bet is that that something in the auto-create logic changed or the
> > "mail_home" needing to be set explicitly instead of defaulting to
> > mail_location if unset, etc.
> >
> > Redacted and relevant parts only:
> > ---
> > # 2.3.4.1 (f79e8e7e4): /etc/dovecot/dovecot.conf
> > # Pigeonhole version 0.5.4 ()
> > # OS: Linux 4.19.0-6-amd64 x86_64 Debian 10.2
> > # Hostname: testbox.gol.com
> > auth_default_realm = gol.com
> > default_client_limit = 16384
> > default_process_limit = 1024
> > first_valid_uid = 8
> > imap_hibernate_timeout = 30 secs
> > imap_idle_notify_interval = 8 mins
> > imap_logout_format = in=%i out=%o head=<%{fetch_hdr_count}>
> > del=<%{deleted}> exp=<%{expunged}> trash=<%{trashed}> session=<%{session}>
> > login_trusted_networks = some.net.work
> > mail_gid = 8
> > mail_location = maildir:%h
> > mail_privileged_group = mail
> > mail_uid = 8
> > mailbox_idle_check_interval = 1 mins
> > maildir_very_dirty_syncs = yes
> >
> > passdb {
> > args = /etc/dovecot/dovecot-ldap.conf.ext
> > driver = ldap
> > }
> > plugin {
> > quota = maildir:User
> > quota_rule = ?:storage=200M
> > quota_rule2 = Trash:storage=+50M
> > sieve = file:~/sieve;active=~/.dovecot.sieve
> > }
> >
> > userdb {
> > args = /etc/dovecot/dovecot-ldap.conf.ext
> > driver = ldap
> > }
> > verbose_proctitle = yes
> > protocol imap {
> > mail_max_userip_connections = 40
> > mail_plugins = quota imap_quota
> > }
> > protocol pop3 {
> > mail_plugins = quota
> > }
> > ---
> >
> > Regards,
> >
> > Christian
> > > Aki
> > >
> > > On 5.2.2020 4.24, Christian Balzer wrote:
> > > >
> > > > Hello,
> > > >
> > > > as the tin says.
> > > > I have several servers running 2.2.27 (Debian stretch) and am adding new
> > > > ones with 2.3.4.1 (Debian buster).
> > > > The configs were upgraded where needed but neither 10-mail.conf nor
> > > > 15-mailboxes.conf were changed.
> > > > 15-mailboxes is all commented out (I guess the default is auto-create,
> > > > which isn't documented anywhere I could find) and the only non-comments
> > > > in
> > > > 10-mail.conf are
> > > > ---
> > > > mail_location = maildir:%h
> > > > mail_privileged_group = mail
> > > > ---
> > > >
> > > > So yes, no namespaces are explicitly defined/declared.
> > > >
> > > >
> > > > The 2.3.4.1 version wrongly creates a maildirfolder file in the home
> > > > directory (maildir root), preventing exim from correctly creating/using
> > > > maildirsize.
> > > >
> > > > a) Is this expected behavior and can it be changed?
> > > > b) How can I disable inbox auto-creation if a) doesn't pan out?
> > > >
> > > > Thanks,
> > > >
> > > > Christian
> > >
> >
> >
> > --
> > Christian BalzerNetwork/Systems Engineer
> > ch...@gol.com Rakuten Mobile Inc.
> >
>
>
> --
> Christian BalzerNetwork/Systems Engineer
> ch...@gol.com Rakuten Communications
Re: maildirfolder file created in maildir root during auto-creation with 2.3.4.1 but not 2.2.27
Hello,
it is now nearly 2 years later and we are running 2.3.13 with this bug
still present.
Would be nice if it were acknowledged at least if not even fixed.
And it was confirmed by other people who contacted me directly after
seeing the original report here.
Regards,
Christian
On Wed, 5 Feb 2020 16:13:37 +0900 Christian Balzer wrote:
> Hello,
>
> On Wed, 5 Feb 2020 08:58:29 +0200 Aki Tuomi wrote:
>
> > Can you provide full doveconf -n output? Also how are you delivering mail?
> >
> As pretty much implied, Exim is delivering mails, w/o problems.
> And if it gets to create the home directory, everything is fine
> and maildirsize gets put there.
>
> But if the first access is via the newer dovecot the bogus maildirfolder
> file gets created in the home directory and prevents Exim (and itself?)
> from putting a maildirsize there.
>
> My bet is that that something in the auto-create logic changed or the
> "mail_home" needing to be set explicitly instead of defaulting to
> mail_location if unset, etc.
>
> Redacted and relevant parts only:
> ---
> # 2.3.4.1 (f79e8e7e4): /etc/dovecot/dovecot.conf
> # Pigeonhole version 0.5.4 ()
> # OS: Linux 4.19.0-6-amd64 x86_64 Debian 10.2
> # Hostname: testbox.gol.com
> auth_default_realm = gol.com
> default_client_limit = 16384
> default_process_limit = 1024
> first_valid_uid = 8
> imap_hibernate_timeout = 30 secs
> imap_idle_notify_interval = 8 mins
> imap_logout_format = in=%i out=%o head=<%{fetch_hdr_count}> del=<%{deleted}>
> exp=<%{expunged}> trash=<%{trashed}> session=<%{session}>
> login_trusted_networks = some.net.work
> mail_gid = 8
> mail_location = maildir:%h
> mail_privileged_group = mail
> mail_uid = 8
> mailbox_idle_check_interval = 1 mins
> maildir_very_dirty_syncs = yes
>
> passdb {
> args = /etc/dovecot/dovecot-ldap.conf.ext
> driver = ldap
> }
> plugin {
> quota = maildir:User
> quota_rule = ?:storage=200M
> quota_rule2 = Trash:storage=+50M
> sieve = file:~/sieve;active=~/.dovecot.sieve
> }
>
> userdb {
> args = /etc/dovecot/dovecot-ldap.conf.ext
> driver = ldap
> }
> verbose_proctitle = yes
> protocol imap {
> mail_max_userip_connections = 40
> mail_plugins = quota imap_quota
> }
> protocol pop3 {
> mail_plugins = quota
> }
> ---
>
> Regards,
>
> Christian
> > Aki
> >
> > On 5.2.2020 4.24, Christian Balzer wrote:
> > >
> > > Hello,
> > >
> > > as the tin says.
> > > I have several servers running 2.2.27 (Debian stretch) and am adding new
> > > ones with 2.3.4.1 (Debian buster).
> > > The configs were upgraded where needed but neither 10-mail.conf nor
> > > 15-mailboxes.conf were changed.
> > > 15-mailboxes is all commented out (I guess the default is auto-create,
> > > which isn't documented anywhere I could find) and the only non-comments in
> > > 10-mail.conf are
> > > ---
> > > mail_location = maildir:%h
> > > mail_privileged_group = mail
> > > ---
> > >
> > > So yes, no namespaces are explicitly defined/declared.
> > >
> > >
> > > The 2.3.4.1 version wrongly creates a maildirfolder file in the home
> > > directory (maildir root), preventing exim from correctly creating/using
> > > maildirsize.
> > >
> > > a) Is this expected behavior and can it be changed?
> > > b) How can I disable inbox auto-creation if a) doesn't pan out?
> > >
> > > Thanks,
> > >
> > > Christian
> >
>
>
> --
> Christian BalzerNetwork/Systems Engineer
> ch...@gol.com Rakuten Mobile Inc.
>
--
Christian BalzerNetwork/Systems Engineer
ch...@gol.com Rakuten Communications
