Re: [Dovecot] pigeonhole: naming and versioning
On 07/04/10 21:08, Axel Thimm wrote: b) The versioning seems to go from 0.1.15 to 0.1.13. From a packager's POV it would be better to allow a natural version upgrade path. Perhaps the version in hg is just not updated? Since -sieve and -managesieve codebases have been merged, the ideal version number from a packaging POV would be higher than last -managesieve release (0.11.11) to ensure simpler upgrade paths on -managesieve packages. -- Angel Marin http://anmar.eu.org/
Re: [Dovecot] pigeonhole: naming and versioning
On 07/04/10 21:08, Axel Thimm wrote: b) The versioning seems to go from 0.1.15 to 0.1.13. From a packager's POV it would be better to allow a natural version upgrade path. Perhaps the version in hg is just not updated? Since -sieve and -managesieve codebases have been merged, the ideal version number from a packaging POV would be higher than last -managesieve release (0.11.11) to ensure simpler upgrade paths on -managesieve packages. -- Angel Marin http://anmar.eu.org/
Re: [Dovecot] GSSAPI Authentication in v1.2.1
Phillip Macey wrote: In the release notes for v1.2.2, Timo said: Found and fixes several v1.2-specific bugs. Hopefully it's now stable for most people's usage. * GSSAPI: More changes to authentication. Hopefully good now. What were the GSSAPI changes? I am having problems with _some_ of my users using GSSAPI auth. I am using version 1.2.1. The client (thunderbird) reports that the server does not support 'secure authentication'. When I switch on auth_debug in dovecot, I see errors such as these in the logs: Aug 3 16:45:57 fury dovecot: auth(default): client in: AUTH1 GSSAPI service=imaplip=10.1.0.20 rip=10.8.5.72 lport=143 rport=4027 Aug 3 16:45:57 fury dovecot: auth(default): gssapi(?,10.8.5.72): Using all keytab entries Aug 3 16:45:57 fury dovecot: auth(default): client out: CONT 1 Aug 3 16:45:57 fury dovecot: imap-login: Disconnected: Input buffer full (auth failed, 1 attempts): method=GSSAPI, rip=10.8.5.72, lip=10.1.0.20 Other users work perfectly (eg. all of the user accounts I tested against). Would this have been a bug that was fixed in 1.2.2 or is it something else? If it is most likely something else, I will post `dovecot -n`. Same here (1.2.3), it's been working fine adding all possible principals to the keytab and setting: auth_gssapi_hostname = $ALL There are all sorts of resolvers out there that seem to mess with principal name selection on the clients all the time. Weird thing is this particular one didn't happen with 1.1.x -- Angel Marin http://anmar.eu.org/
Re: [Dovecot] CentOS 5 ... again
Scott Silva wrote: on 2-9-2009 8:07 PM Linux Advocate spake the following: guys , i m new to centos. i have learned to use yum and the priority plugin. Does the atrpm repo provide the most up to date version of dovecot? i have the following repos configured -epel and rpm forge besides thestandard base,updates,addons,extras repos. Atrpms is the most up to date version I have found so far, and it looks like it is recently up to 1.1.11. They also have the 1.0 branch if you need it. I usually leave it disabled and only enable it with the yum --enablerepo=atrpms update dovecot command when I want to update dovecot. It seems a little too cutting edge for my tastes on a server. Others are OK with it being enabled, so YMMV. If you only want to pull dovecot from atrpms, add a includepkgs option to the repo definition[1] and leave it enabled. You'll see dovecot updates just like any other package without having to use the whole repo: [atrpms] name=Red Hat Enterprise $releasever - $basearch - ATrpms baseurl=http://dl.atrpms.net/el$releasever-$basearch/atrpms/stable gpgcheck=1 gpgkey=http://ATrpms.net/RPM-GPG-KEY.atrpms enabled=1 includepkgs=dovecot* [atrpms-testing] name=Red Hat Enterprise $releasever - $basearch - ATrpms-testing baseurl=http://dl.atrpms.net/el$releasever-$basearch/atrpms/testing gpgcheck=1 gpgkey=http://ATrpms.net/RPM-GPG-KEY.atrpms enabled=1 includepkgs=dovecot* [1] http://atrpms.net/install.html -- Angel Marin http://anmar.eu.org/
Re: [Dovecot] [PATCH] Support GSS-SPNEGO natively
Jason Gunthorpe wrote: I cooked this up while trying to figure out why thunderbird on Windows w/ SSPI was not working, but it turned out thunderbird does not use it, so I haven't been able to test it yet. I'm presenting it for discussion only, unless someone else can try it :) thunderbird does all combinations of GSS auth w/ w/o SSPI I've ever tried; it's just a pain to find the correct combination of network.negotiate-auth.* and network.auth.use-sspi settings for any given case :) (plus enabling secure auth for the TB account at test) -- Angel Marin http://anmar.eu.org/
Re: [Dovecot] [PATCH] Support GSS-SPNEGO natively
Jason Gunthorpe wrote: On Tue, Aug 12, 2008 at 10:27:40AM +0200, Angel Marin wrote: Jason Gunthorpe wrote: I cooked this up while trying to figure out why thunderbird on Windows w/ SSPI was not working, but it turned out thunderbird does not use it, so I haven't been able to test it yet. I'm presenting it for discussion only, unless someone else can try it :) thunderbird does all combinations of GSS auth w/ w/o SSPI I've ever tried; it's just a pain to find the correct combination of network.negotiate-auth.* and network.auth.use-sspi settings for any given case :) (plus enabling secure auth for the TB account at test) Really? I was looking through the source to TB and I can't find where it would use AUTH=GSS-SPNEGO.. ok now rereading it again, I didn't make it clear what part of your message I was referring to :) I was just addressing the 'why thunderbird on Windows w/ SSPI was not working' part pointing out that thunderbird can do SSPI and that it should work tweaking the appropriate options. -- Angel Marin http://anmar.eu.org/
Re: [Dovecot] v1.1.rc9 released
Juan C. Blanco wrote: I've seen that ATRPMS packages where updated to 1.1.rc8 and 1.0.14 but not the sieve ones (1.1.5 and 1.0.3). I don't know if the maintainer is in this list but it would be nice to have them also updated. Those are the latest dovecot-sieve releases, nothing to update there. -- Angel Marin http://anmar.eu.org/
Re: [Dovecot] v1.1.rc9 released
Juan C. Blanco wrote: Angel Marin wrote: Juan C. Blanco wrote: I've seen that ATRPMS packages where updated to 1.1.rc8 and 1.0.14 but not the sieve ones (1.1.5 and 1.0.3). I don't know if the maintainer is in this list but it would be nice to have them also updated. Those are the latest dovecot-sieve releases, nothing to update there. Well I see that the ATRPMS packages where 1.1.4 and 1.0.2 but in the dovecot site there are 1.1.5 and 1.0.3 does not it? You're right, I assumed too fast this was one of those 'dovecot version is higher that dovecot-sieve, where's the updated sieve package' kind of mail. Sorry ;) -- Angel Marin http://anmar.eu.org/
Re: [Dovecot] Where to find 1.1 RPM for CentOS 4?
Axel Thimm wrote: On Wed, Apr 30, 2008 at 06:30:22AM -0400, Charles Marcus wrote: On 4/30/2008 4:23 AM, Axel Thimm wrote: There are no 1.1 rpms yet at ATrpms. Oops, my bad... If there is interest, we can put some up, but I'd rather wait until Timo starts releasing betas instead of using a CVS snapshot. Betas? The current one is rc4... well past beta... Yes, sorry, I mixed up 2.x with 1.1, you're correct, nothing stops us from offering 1.1rc rpms I guess. Anyone interested in helping with the packaging please ping in PM or on atrpms-devel (latter is preferred). http://dl.anmar.eu.org/tmp/dovecot-1.1.rc4-0_69.src.rpm http://dl.anmar.eu.org/tmp/dovecot-sieve-1.1.4-7.src.rpm They build on c4 i386 and c5 x86_64, but haven't tested any further. -- Angel Marin http://anmar.eu.org/
Re: [Dovecot] more than one ldap database.
Mauro Sanna wrote: Il giorno gio, 17/04/2008 alle 07.58 -0500, Jack McKinney ha scritto: While I am still having trouble getting LDAP to work with dovecot, I have successfully solved this particular problem. My users login with their emails. The correct search base for [EMAIL PROTECTED] is ou=users, dc=lorentz, dc=com. I accomplish this with: base = ou=users, dc=%Dd Yes this is the solution :-) Where can I find all the variables I can use in dovecot parameters? http://wiki.dovecot.org/Variables -- Angel Marin http://anmar.eu.org/
Re: [Dovecot] keep users from deleting email
Adam Williams wrote: Charles Marcus wrote: Then you are using the wrong tool. For legal purposes, your message archives should be completely separate from your normal mail store. Set up a parallel delivery system for your archiver. Do you mean like, Postfix's always_bcc = [EMAIL PROTECTED] option? But, then I'm doubling my data. One copy is the user's email, and one copy for always_bcc. Then I have twice the data to back up, more CPU cycles to compress it to tape, etc... If you still want to do it this way, upon source inspection it looks like you can accomplish it by making imap_expunge function (src/imap/imap-expunge.c) a noop, that is, returning always true. If it works for read-only mailboxes it should do for this, but haven't tested myself :) BTW I'm sure it can also be done as a plugin, but I'm not familiar with the plugin api at all. Bright side is that if expunge is a noop, users stop seeing the message as it gets marked as deleted but it's left there. Anyway as others have pointed out, I'd look at doing this outside the imap server. It's too easy to get something like this disabled by mistake (deploy an unpatched binary) and do unnoticed. Regards, -- Angel Marin http://anmar.eu.org/
Re: [Dovecot] xexec and dovecot 1.1
Charles Marcus escribió: On 3/25/2008, Marc Perkel ([EMAIL PROTECTED]) wrote: What I'm really looking for someone to do is write some kind of SMTP over IMAP plugin so that IMAP can be an authenticated transport that would carry outbound email to Dovecot which would hand it off to an SMTP server or be a conduit to SMTP server. That way email users need not configure outgoing SMTP. It would just send outgoing email over the same connections. I have been a big detractor for any usefulness for this kind of thing, but there is one use that would be a big plus... For the 'Copy to Sent' function... if you sent a message somehow using the IMAP connection, maybe you could save the Client having to upload the same message AGAIN just to copy it to the Sent folder (think 10MB email sent over a 512Kb connection)... No need for a new extension, it's easier to make your MTA deliver a copy of outgoing mail to the 'Sent' folder for those users that want it. -- Angel Marin http://anmar.eu.org/
Re: [Dovecot] New server error
Anne Wilson escribió: On Thursday 24 January 2008 19:55:33 Scott Silva wrote: You can either leave the repo disabled and only enable it for certain packages yum --enablerepo=atrpms-testing update dovecot Or just download the rpm from the website and rpm -Uvh Yes, either is possible. I'm too tired to make a sensible decision, so I'll decide in the morning :-) You can also: 1) Install and configure yum-priorities plugin[1] 2) Add includepkgs=dovecot dovecot-devel dovecot-sieve to [atrpms] and [atrpms-testing] definitions if you want to use it only for dovecot packages. [1] http://wiki.centos.org/PackageManagement/Yum/Priorities -- Angel Marin http://anmar.eu.org/
Re: [Dovecot] Roadmap to future
Timo Sirainen wrote: On Sat, 2007-12-08 at 10:56 +, Ed W wrote: Can I also add to your TODO list: - Lemonade Profile! Yes, and other extensions.. I haven't thought about these much yet, but I think most of them won't be too difficult to implement. That'd be a really great-to-have feature :) And as now there's a robust client library that implements all this[1], we'll hopefully see new client proliferation supporting 'push-like' email [2] for tablets and phones. So having support for all this on IMAP servers will become a must in the not so distant future in order to stay in the map :) [1] http://www.tinymail.org/ [2] http://modest.garage.maemo.org/ -- Angel Marin http://anmar.eu.org/
Re: [Dovecot] Dovecot push imap/imap notify support?
Charles Marcus wrote: Hmm, seems yes. Osx Leopard built in Mail application have now the IDLE check box. Does it mean, that now need to use the classic check for new mail after xx minute at all? Btw, seems in Thunderbird this imap push works well. Isn't one downside to IDLE that only the current selected folder works? Ie, if you are in a folder other than Inbox, you wouldn't get IDLE notifications of anything in the Inbox until you selected that folder? That's why imap push is usually tied to NOTFY[1], QRESYNC[2], and CONDSTORE[3] support in addition to IDLE. Sadly 2 of them are just in draft status so there's not much client or server support yet. [1]http://tools.ietf.org/html/draft-gulbrandsen-imap-notify-07 [2]http://tools.ietf.org/html/draft-ietf-lemonade-reconnect-client-06 [3]http://www.tools.ietf.org/html/rfc4551 -- Angel Marin http://anmar.eu.org/
Re: [Dovecot] Delete mails in dovecot POP3 has a bug/feature
Nuilte Infotech escribió: When a mailbox has abt 40 mails with 4-5 mb attachments , it is quite common for the pop3 connection to get timed out or disconnected esp. if user has dialup modem. In this case , dovecot seems to REALLY HIT the user hard. Because it simply DOES NOT delete mails , even if user requested so. It only deletes the mails if users succesfully logs out. No other pop3 server has this problem so i would request this bugs is fixed ASAP. Well that's how rfc 1939 mandates it. Quoting section 6: If a session terminates for some reason other than a client-issued QUIT command, the POP3 session does NOT enter the UPDATE state and MUST not remove any messages from the maildrop. Effect of this bug - user has to retry multiple times and download multiple copies of mail before it finally deleted. Server Using ubuntu 7.04 Feisty Fawn + standard apt-get dovecot. Client end tested using getmail+BrokenUIDLPOP3Retriever To be Fixed - dovecot should delete mail even if the client connection gets broken or disconnects ungracefully. e.g. user hits CTRL+C with getmail. Then don't use pop3 then, getmail supports imap too. Every *sane* pop3 server out there behaves this way; emphasis in sane :) Regards, -- Angel Marin http://anmar.eu.org/
Re: [Dovecot] dovecot dspam plugin using libdspam
Marcin Michal Jessa escribió: Andreas Schneider wrote: Andraž 'ruskie' Levstik wrote: Would it be possible to specify multiple spam folders? i.e. spam, Spam, SPAM, junk, Junk, etc... ? That would be very usefull... Yes, this would be possible, but first the current code should be tested ;) Thanks for the suggestion. Just out of curiosity, how would having multiple spam folders be useful? Or do you mean a kind of mirroring of the spam folder with different language variations? Like Junk is not used by Thunderbird with localization support, it creates a different name for the Junk folder depending on the language it is set up for. nope. thunderbird uses always Junk as it's spam folder, then the UI shows it as localized to the user (same applies to the other 'special' folders Sent, Trash, ...) -- Angel Marin http://anmar.eu.org/
Re: [Dovecot] Dovecot should raise the limit of file descriptors at startup...
Timo Sirainen escribió: On Tue, 2007-08-21 at 15:08 +0200, Peter Eriksson wrote: Perhaps the Dovecot master process should raise it's own limit to the allowed maximum when it starts? (getrlimit()+setrlimit()), or be user configurable? I guess this could be a good idea. Added to v1.1: I'm sorry, but having arbitrary programs change limits set by a system policy because they feel like it, doesn't look like a good idea to me. When I configure a policy I expect it to stay that way, and if it backfires it's my mess to fix :) You could warn about the limit being too low in the log at startup though. Regards, -- Angel Marin http://anmar.eu.org/
Re: [Dovecot] Moving a mail between folders and post-processing ?
Jerry Nicholls escribió: Hi, Within Dovecot is there a way of spotting a change to a folder and running a post-processing script on the email that was moved ? I'm specifically after a way of seeing either an email entering or leaving a folder - preferably running a different post-process script depending on the direction. Essentially if an email enters or is moved out of a 'spam' folder I'd like to mark it as 'spam'/'ham' in the Bayesian filters respectively. Is there any such mechanism, or should I start looking at how to write a plugin to achieve this ? If it's the plugin route is there any good documentation on the plugin APIs etc ? Have a look at the pipe[1] and dspam[2] plugins. [1] http://article.gmane.org/gmane.mail.imap.dovecot/23815 [2] http://johannes.sipsolutions.net/Projects/dovecot-dspam-integration -- Angel Marin http://anmar.eu.org/
Re: [Dovecot] Patch: building dovecot-sieve against installed dovecot (Re: sieve discard)
Timo Sirainen escribió: On Thu, 2007-08-09 at 10:33 +0200, Geert Hendrickx wrote: Timo, is this ok with you? It allows building dovecot-sieve against an installed dovecot package (if --enable-header-install additionally installs liblib.a) including sievec and sieved (needed for pysieved). I don't really like that idea. The next thing another package wants some other Dovecot libraries and soon we'll have all the .a libs installed somewhere. To solve this once and for all (and make packagers' life easier), it'd be better getting dovecot-sieve build without the --with-dovecot option, and using the usual --includedir, --libdir and maybe a --with-dovecot-config one. That way you can package all the .a (which are already installed to --prefix) and includes in a -devel package where you can point dovecot-sieve or any other plugin without playing scripting games while building packages. Regards, -- Angel Marin http://anmar.eu.org/
Re: [Dovecot] Disable IMAP for certain users, but not Webmailer
FORMER 03 | Baltasar Cevc escribió:
Hi Timo!
On Sun, 05 Aug 2007 20:02:28 +0300
Timo Sirainen [EMAIL PROTECTED] wrote:
On Sun, 2007-08-05 at 12:41 +0200, FORMER 03 | Baltasar Cevc wrote:
Is there any possibility to achieve what I need without having two
completely separated instances of Dovecot running?
It depends on what passdb you want to use. SQL would be simple.
CheckPassword script would be possible. Others might, or might not.
I authenticate against a MySQL database. What I've figured out is how
to disable IMAP - I do it using the following line in dovecot-sql.conf
(I use prefetch, so that's the only query done):
password_query = SELECT username AS user, password_enc AS password FROM
mail_users WHERE username = '%u' AND ( (IF('%a'='143', `imap`,'0'))='Y'
OR (IF('%a '='110', `pop3`, '0') = 'Y') OR 1 )
But I'd need some possibility to have two different IMAP listeners
(e.g. one on port 144 for webmail) or something similar, as I currently
disallow webmail (which connects to localhost via IMAP), too.
Test for %s instead of %a and use %r to allow your web server (or %l as
it connects to localhost). It just SQL-foo :)
For a full list of available variables:
http://wiki.dovecot.org/Variables
--
Angel Marin
http://anmar.eu.org/
Re: [Dovecot] Fixing lda user_query error introduces new fault in mail delivery
Frank Church escribió:
It turns out that using prefetch with dovecot lda required a
user_query in dovecot/sql.conf
I fixed it by adding this query to dovecot/sql.conf
user_query = SELECT concat('/var/vmail/', maildir) as home, 601 as
uid, 12 as gid FROM mailbox WHERE username = '%u' AND active = '1'
This resulted in a new mailbox /var/vmail/domain.com/[EMAIL PROTECTED]
being created when although /var/vmail/domain.com/user already exists
and is what the query returns
Your user_query is not returning a mail column so it falls back to
mail_location setting.
It seems that prior to that when the query was failing the mail was
properly delivered somehow by dovecot, but fixing it created a new
problem.
It appears that the mail_location = maildir:/var/vmail/%d/%u in
dovecot.conf could be related as %u is [EMAIL PROTECTED]
As in your setup home and mail are the same, you could also use:
mail_location = maildir:%h
Regards,
--
Angel Marin
http://anmar.eu.org/
