Re: sieve duplicate with 2.3.16
Le 09/05/2024 à 12:07, Jean-Max Reymond a écrit : Hi, I was running dovecot 2.3.7.2 with ubuntu 20.04 Lastweek, I upgrade to Ubuntu 22.04 and dovecot 2.3.16 My configuration was migrated and all is fine expected the sieve duplicate. It does notwork and i don't understand why. sorry for the duplicate post trace dovecot for debug It seems that Pigeonhole has detected multiple messages with msgid=<00fb2844-f7b0-47af-8684-bcb090ec9...@ik.me> Is it possible that it is two separate processes running in parallel mode without interactions ? Thanks for your tips. ___ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-le...@dovecot.org
sieve duplicate with 2.3.16
Hi, I was running dovecot 2.3.7.2 with ubuntu 20.04 Lastweek, I upgrade to Ubuntu 22.04 and dovecot 2.3.16 My configuration was migrated and all is fine expected the sieve duplicate. It does notwork and i don't understand why. % doveconf -n # 2.3.16 (7e2e900c1a): /etc/dovecot/dovecot.conf # Pigeonhole version 0.5.16 (09c29328) managesieve(ubuntu): Debug: sieve: Pigeonhole version 0.5.16 (09c29328) initializing managesieve(ubuntu): Debug: sieve: include: sieve_global is not set; it is currently not possible to include `:global' scripts. # OS: Linux 5.15.0-105-generic x86_64 Ubuntu 22.04.4 LTS ext4 # Hostname: 2D17911.online-server.cloud auth_mechanisms = plain login first_valid_uid = 8 log_debug = category=sieve mail_fsync = never mail_location = maildir:/home/Mails/%u managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { sieve = ~/.dovecot.sieve sieve_before = /var/lib/dovecot/sieve/default.sieve sieve_dir = ~/sieve } postmaster_address = postmas...@ckr-solutions.com protocols = imap sieve service auth { unix_listener /var/spool/postfix/private/dovecot-auth { group = postfix mode = 0660 user = postfix } } service stats { unix_listener stats-writer { mode = 0666 } } ssl_cert = ssl_cipher_list = ALL:!LOW:!SSLv2:ALL:!aNULL:!ADH:!eNULL:!EXP:RC4+RSA:+HIGH:+MEDIUM ssl_key = # hidden, use -P to show it userdb { driver = passwd } userdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } protocol imap { imap_client_workarounds = delay-newmail mail_max_userip_connections = 10 } protocol lmtp { mail_fsync = optimized } protocol lda { deliver_log_format = msgid=%m: %$ mail_fsync = optimized mail_plugins = sieve postmaster_address = postmas...@ckr-solutions.com quota_full_tempfail = yes rejection_reason = Your message to <%t> was automatically rejected:%n%r } protocol pop3 { mail_max_userip_connections = 10 pop3_client_workarounds = outlook-no-nuls oe-ns-eoh } trace dovecot for debug ... May 9 12:04:50 2D17911 dovecot: lda(jmreym...@ckr-solutions.com)<2292077><8XgtAcKfPGZt+SIA4rRGvA>: sieve: msgid=<00fb2844-f7b0-47af-8684-bcb090ec9...@ik.me>: stored mail into mailbox 'INBOX' May 9 12:04:50 2D17911 dovecot: lda(jmreym...@ckr-solutions.com)<2292077><8XgtAcKfPGZt+SIA4rRGvA>: Debug: sieve: msgid=<00fb2844-f7b0-47af-8684-bcb090ec9...@ik.me>: Finish implicit keep action May 9 12:04:50 2D17911 dovecot: lda(jmreym...@ckr-solutions.com)<2292077><8XgtAcKfPGZt+SIA4rRGvA>: Debug: sieve: msgid=<00fb2844-f7b0-47af-8684-bcb090ec9...@ik.me>: Finishing actions May 9 12:04:50 2D17911 dovecot: lda(jmreym...@ckr-solutions.com)<2292077><8XgtAcKfPGZt+SIA4rRGvA>: Debug: sieve: msgid=<00fb2844-f7b0-47af-8684-bcb090ec9...@ik.me>: Finish duplicate_mark action May 9 12:04:50 2D17911 dovecot: lda(jmreym...@ckr-solutions.com)<2292077><8XgtAcKfPGZt+SIA4rRGvA>: Debug: sieve: msgid=<00fb2844-f7b0-47af-8684-bcb090ec9...@ik.me>: Finished executing result (final, status=ok, keep=yes) May 9 12:04:50 2D17911 dovecot: lda(jmreym...@ckr-solutions.com)<2292077><8XgtAcKfPGZt+SIA4rRGvA>: Debug: sieve: multi-script: Sequence finished (status=ok, keep=yes) May 9 12:04:50 2D17911 dovecot: lda(jmreym...@ckr-solutions.com)<2292077><8XgtAcKfPGZt+SIA4rRGvA>: Debug: sieve: multi-script: Destroy May 9 12:04:50 2D17911 postfix/pipe[2292075]: DE15D396023E: to=, orig_to=, relay=dovecot, delay=0.35, delays=0.09/0.01/0/0.25, dsn=2.0.0, status=sent (delivered via dovecot service) May 9 12:04:50 2D17911 postfix/qmgr[1855785]: DE15D396023E: removed ___ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-le...@dovecot.org
sieve duplicate with 2.3.16
Hi, I was running dovecot 2.3.7.2 with ubuntu 20.04 Lastweek, I upgrade to Ubuntu 22.04 and dovecot 2.3.16 My configuration was migrated and all is fine expected the sieve duplicate. It does notwork and i don't understand why. % doveconf -n # 2.3.16 (7e2e900c1a): /etc/dovecot/dovecot.conf # Pigeonhole version 0.5.16 (09c29328) managesieve(ubuntu): Debug: sieve: Pigeonhole version 0.5.16 (09c29328) initializing managesieve(ubuntu): Debug: sieve: include: sieve_global is not set; it is currently not possible to include `:global' scripts. # OS: Linux 5.15.0-105-generic x86_64 Ubuntu 22.04.4 LTS ext4 # Hostname: 2D17911.online-server.cloud auth_mechanisms = plain login first_valid_uid = 8 log_debug = category=sieve mail_fsync = never mail_location = maildir:/home/Mails/%u managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { sieve = ~/.dovecot.sieve sieve_before = /var/lib/dovecot/sieve/default.sieve sieve_dir = ~/sieve } postmaster_address = postmas...@ckr-solutions.com protocols = imap sieve service auth { unix_listener /var/spool/postfix/private/dovecot-auth { group = postfix mode = 0660 user = postfix } } service stats { unix_listener stats-writer { mode = 0666 } } ssl_cert = ssl_cipher_list = ALL:!LOW:!SSLv2:ALL:!aNULL:!ADH:!eNULL:!EXP:RC4+RSA:+HIGH:+MEDIUM ssl_key = # hidden, use -P to show it userdb { driver = passwd } userdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } protocol imap { imap_client_workarounds = delay-newmail mail_max_userip_connections = 10 } protocol lmtp { mail_fsync = optimized } protocol lda { deliver_log_format = msgid=%m: %$ mail_fsync = optimized mail_plugins = sieve postmaster_address = postmas...@ckr-solutions.com quota_full_tempfail = yes rejection_reason = Your message to <%t> was automatically rejected:%n%r } protocol pop3 { mail_max_userip_connections = 10 pop3_client_workarounds = outlook-no-nuls oe-ns-eoh } trace dovecot for debug May 9 12:04:49 2D17911 postfix/qmgr[1855785]: DE15D396023E: from=, size=2313, nrcpt=3 (queue active) May 9 12:04:50 2D17911 amavis[2290921]: (2290921-01) Passed CLEAN {RelayedOpenRelay}, [185.125.25.11]:58641 [185.125.25.11] -> ,, Queue-ID: 91D2E3960097, Message-ID: <00fb2844-f7b0-47af-8684-bcb090ec9...@ik.me>, mail_id: lukXw6VSEsMW, Hits: -2.821, size: 1854, queued_as: DE15D396023E, dkim_sd=20200325:ik.me, 5242 ms May 9 12:04:50 2D17911 postfix/smtp[2292055]: 91D2E3960097: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:10024, delay=5.4, delays=0.16/0.01/0.09/5.2, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as DE15D396023E) May 9 12:04:50 2D17911 postfix/smtp[2292055]: 91D2E3960097: to=, relay=127.0.0.1[127.0.0.1]:10024, delay=5.4, delays=0.16/0.01/0.09/5.2, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as DE15D396023E) May 9 12:04:50 2D17911 postfix/qmgr[1855785]: 91D2E3960097: removed May 9 12:04:50 2D17911 dovecot: lda(jmreym...@ckr-solutions.com)<2292074>: Debug: sieve: Pigeonhole version 0.5.16 (09c29328) initializing May 9 12:04:50 2D17911 dovecot: lda(jmreym...@ckr-solutions.com)<2292074>: Debug: sieve: include: sieve_global is not set; it is currently not possible to include `:global' scripts. May 9 12:04:50 2D17911 dovecot: lda(jmreym...@ckr-solutions.com)<2292074>: Debug: sieve: file storage: Using active Sieve script path: /home/Mails/jmreym...@ckr-solutions.com/.dovecot.sieve May 9 12:04:50 2D17911 dovecot: lda(jmreym...@ckr-solutions.com)<2292074>: Debug: sieve: file storage: Using script storage path: /home/Mails/jmreym...@ckr-solutions.com//sieve May 9 12:04:50 2D17911 dovecot: lda(jmreym...@ckr-solutions.com)<2292074>: Debug: sieve: file storage: Relative path to sieve storage in active link: sieve/ May 9 12:04:50 2D17911 dovecot: lda(jmreym...@ckr-solutions.com)<2292074>: Debug: sieve: file storage: Using Sieve script path: /home/Mails/jmreym...@ckr-solutions.com/.dovecot.sieve May 9 12:04:50 2D17911 dovecot: lda(jmreym...@ckr-solutions.com)<2292074>: Debug: sieve: file storage: Storage path `/home/Mails/jmreym...@ckr-solutions.com/.dovecot.sieve' not found May 9 12:04:50 2D17911 dovecot: lda(jmreym...@ckr-solutions.com)<2292074>: Debug: sieve: User has no active script in storage
Re: "Connection reset by peer" errors with Outlook
On 23/01/2024 09:23, Joseph Tam wrote: My guess is Outlook is doing some autodiscovery/autoconfiguration thing, and occasionally hits the right combo and successfully authenticates. I think, the intention is to make life of users easier: no need to remember authentication type, starttls or SSL on another port, etc. Doesn't it try service discovery before fallback to authentication attempts? However I am unsure if it expects DNS records or well-known path on the HTTP server. Serving configuration this way might help to avoid issues with fail2ban. ___ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-le...@dovecot.org
Re: Authentication failure due to address space limit
On 15/12/2023 18:56, Max Nikulin wrote: On 14/12/2023 18:01, Aki Tuomi via dovecot wrote: You can set service auth and service auth-worker vsz_limit to 2G, that is usually enough for PAM and Argon2. Thank you. In my first message I wrote that 1G was enough in my case. Actually 1G sometimes is not enough. Thunderbird with its multiple parallel connections created simultaneously may be quite successful in making authentication failures rather annoying. I have not seen failure with "vsz_limit = 2G" yet. It appears just like incorrect passwords in logs mixed with successful authentications. 12:33:23 dovecot[4299]: auth-worker(4449): Debug: conn unix:auth-worker (pid=4307,uid=114): auth-worker<1>: pam(test,127.0.0.1,): #1/1 style=1 msg=Password: 12:33:23 auth[4449]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=test rhost=127.0.0.1 user=test 12:33:24 dovecot[4299]: auth-worker(4449): conn unix:auth-worker (pid=4307,uid=114): auth-worker<1>: pam(test,127.0.0.1,): pam_authenticate() failed: Authentication failure (Password mismatch?) Earlier I believed that I know another (inconvenient) workaround: edit /etc/pam.d/dovecot to put content of common-auth and common-session literally and disabling pam_fscrypt.so specifically for dovecot. Unfortunately it does not work. Auth worker still loads pam_fscrypt.so from common-password through some other config file. Even if debug is enabled for pam_fscrypt.so, this library generates no output for both successful and failed authentication attempts. On the other hand I can get debug output from "auth optional pam_fscrypt.so debug". I have no idea what piece of code (Go runtime, Dovecot, https://github.com/google/fscrypt) causes silent errors leading to authentication failures. It is disappointing since Go+fscrypt should be no-op in this case. ___ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-le...@dovecot.org
Re: Authentication failure due to address space limit
On 14/12/2023 18:01, Aki Tuomi via dovecot wrote: You can set service auth and service auth-worker vsz_limit to 2G, that is usually enough for PAM and Argon2. Thank you. In my first message I wrote that 1G was enough in my case. It is rather disappointing that pam_fscrypt does nothing for a mail user. Amount of rally used memory is negligible. Configuration adjustment is necessary to avoid Go runtime initialization only. I am realizing that implementation of cgroup based resource limits require significant efforts. I asked if this pitfall should be documented in the manual. Nobody is interested however. It may be reasonable since the case is quite specific. At least those who might face a similar issue in future have more chances to notice this thread in search results. ___ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-le...@dovecot.org
Re: Authentication failure due to address space limit
On 06/12/2023 18:06, Max Nikulin wrote: dovecot[72165]: auth-worker: Error: fatal error: failed to reserve page summary memory dovecot[72165]: auth-worker: Error: dovecot[72165]: auth-worker: Error: runtime stack: dovecot[72165]: auth-worker: Error: runtime.throw({0x7f552c418194?, 0x7f552c1feb10?}) dovecot[72165]: auth-worker: Error: runtime/panic.go:1047 +0x5f fp=0x7f552c1feac0 sp=0x7f552c1fea90 pc=0x7f552c28a53f dovecot[72165]: auth-worker: Error: runtime.(*pageAlloc).sysInit(0x7f552c5f6fd0) For the case that somebody will get this thread in search engine results: I have found another thread describing similar errors due to a custom PAM module for 2 factor authentication: dovecot: lmtp: Error: fatal error: failed to reserve page summary memory https://dovecot.org/pipermail/dovecot/2020-September/119952.html Thu Sep 17 12:20:12 EEST 2020 https://dovecot.org/pipermail/dovecot/2020-October/120108.html Thu Oct 8 18:04:26 EEST 2020 Perhaps Go is not the best language to implement PAM modules if memory footprint is not expected to be large. On the other hand e.g. argon2 hashes may be really memory hungry, so vsz_limit must be set to appropriate value. ___ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-le...@dovecot.org
Authentication failure due to address space limit
Hi, I faced an error that appeared rather obscure at first, so I am trying to figure out if something can be improved. I have managed to solve the issue. I am running a Dovecot IMAP server to keep my personal mail archive. This server does not receive or send mail, just IMAP access. There was no reason to tune its performance, so its configuration is close to what Debian package has out of the box (actually doc/example-config). At certain moment I started to get authentication failures: dovecot[72165]: auth-worker: Error: fatal error: failed to reserve page summary memory dovecot[72165]: auth-worker: Error: dovecot[72165]: auth-worker: Error: runtime stack: dovecot[72165]: auth-worker: Error: runtime.throw({0x7f552c418194?, 0x7f552c1feb10?}) dovecot[72165]: auth-worker: Error: runtime/panic.go:1047 +0x5f fp=0x7f552c1feac0 sp=0x7f552c1fea90 pc=0x7f552c28a53f dovecot[72165]: auth-worker: Error: runtime.(*pageAlloc).sysInit(0x7f552c5f6fd0) dovecot[72165]: auth-worker: Error: runtime/mpagealloc_64bit.go:82 +0x195 fp=0x7f552c1feb48 sp=0x7f552c1feac0 pc=0x7f552c280ef5 dovecot[72165]: auth-worker: Error: runtime.(*pageAlloc).init(0x7f552c5f6fd0, 0x7f552c5f6fc0, 0x0?) dovecot[72165]: auth-worker: Error: runtime/mpagealloc.go:324 +0x70 fp=0x7f552c1feb70 sp=0x7f552c1feb48 pc=0x7f552c27eb50 dovecot[72165]: auth-worker: Error: runtime.(*mheap).init(0x7f552c5f6fc0) dovecot[72165]: auth-worker: Error: runtime/mheap.go:729 +0x13f fp=0x7f552c1feba8 sp=0x7f552c1feb70 pc=0x7f552c27bf5f dovecot[72165]: auth-worker: Error: runtime.mallocinit() dovecot[72165]: auth-worker: Error: runtime/malloc.go:407 +0xb2 fp=0x7f552c1febd0 sp=0x7f552c1feba8 pc=0x7f552c260e72 dovecot[72165]: auth-worker: Error: runtime.schedinit() dovecot[72165]: auth-worker: Error: runtime/proc.go:693 +0xab fp=0x7f552c1fec30 sp=0x7f552c1febd0 pc=0x7f552c28df0b dovecot[72165]: auth-worker: Error: runtime.rt0_go() dovecot[72165]: auth-worker: Error: runtime/asm_amd64.s:345 +0x120 fp=0x7f552c1fec38 sp=0x7f552c1fec30 pc=0x7f552c2b7c20 dovecot[72165]: auth: Error: auth-worker: Aborted PASSV request for mailuser: Worker process died unexpectedly dovecot[72165]: auth-worker: Fatal: master: service(auth-worker): child 72211 returned error 2 Such errors happen even for invalid users curl -v 'imap://bad:bad@localhost/' I have realized that it may be related to the pam_fscrypt plugin I had installed before. It is intended for another system user, so I did not expect any negative consequence on Dovecot. Disabling the module confirmed my guess. This PAM module is written in Go and language runtime requires almost 1G of address space (RLIMIT_AS) even when actual memory allocation is several times lower (the user has no configured login protector). https://github.com/golang/go/issues/38010 "runtime: high startup address space usage (RLIMIT_AS) on Linux AMD64" The code of the fscrypt PAM module has Go panic handlers, but this case error happens early during runtime initialization, so error handlers have not set yet and can not provide a more instructive error. I do not like that Go has no knobs like compile or link flags to prevent early allocation of rather large address space. At the same time I admit that doing garbage collection efficiently is tricky and unreasonable efforts may be required to allow modest address space at startup. Default Dovecot configuration has vsz_limit = $default_vsz_limit = 256M The following configuration snippet solves the issue: service auth-worker { # still crash, but later # vsz_limit = 800M vsz_limit = 1024M } I am realizing that my use case is rather specific. Mail and encrypted home directories are hardly compatible. However some other PAM modules may cause similar issues. Cgroup Linux kernel feature should allow to limit real memory usage and it should be better than per-process limits imposed on address space size. However assigning proper control groups for Dovecot processes may be not so trivial. I am unsure if auth-worker vsz_limit or default_vsz_limit should be raised in the example configuration. Do you think it is reasonable to add warnings concerning PAM plugins and vsz_limit to docs? I mean - https://doc.dovecot.org/configuration_manual/authentication/pam/ - https://doc.dovecot.org/configuration_manual/service_configuration/#auth-worker in a similar way as it is done for Argon2 in https://doc.dovecot.org/configuration_manual/authentication/password_schemes/ P.S. Debian 12 bookworm, Dovecot 1:2.3.19.1+dfsg1-2.1 ___ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-le...@dovecot.org
Re: remove duplicate emails
Le 05/04/2022 à 09:16, Aki Tuomi a écrit : On 04/04/2022 13:44 Jean-Max Reymond wrote: Hi, I have postfix running and sometimes and I have some duplicate emails with the same Message-ID. With dovecot sieve, I understand that duplicate option remove these emails but I don't understand the configuration to apply. Thanks for your tips, Hi! you can remove existing duplicates with `doveadm deduplicate` command. Aki Thanks for your answer but I want to delete from the incoming mail stream. I have improved my configuration and now, I have plugin { sieve = ~/.dovecot.sieve sieve_default = /var/lib/dovecot/sieve/default.sieve sieve_dir = ~/sieve sieve_trace_debug = yes sieve_trace_dir = /var/log/sieve.log } and # cat /var/lib/dovecot/sieve/default.sieve require ["duplicate", "fileinto", "mailbox"]; if duplicate { fileinto :create "Trash/Duplicate"; } but I have always duplicate emails. OpenPGP_0xDC699743CAE6E6EB.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
remove duplicate emails
Hi, I have postfix running and sometimes and I have some duplicate emails with the same Message-ID. With dovecot sieve, I understand that duplicate option remove these emails but I don't understand the configuration to apply. Thanks for your tips, # doveconf -n # 2.3.7.2 (3c910f64b): /etc/dovecot/dovecot.conf # Pigeonhole version 0.5.7.2 () # OS: Linux 5.4.0-104-generic x86_64 Ubuntu 20.04.4 LTS # Hostname: B7B3274.online-server.cloud auth_mechanisms = plain login first_valid_uid = 8 log_path = /var/log/dovecot.log mail_location = maildir:~ managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap service auth { unix_listener /var/spool/postfix/private/dovecot-auth { group = postfix mode = 0660 user = postfix } } ssl_cert = ssl_cipher_list = ALL:!LOW:!SSLv2:ALL:!aNULL:!ADH:!eNULL:!EXP:RC4+RSA:+HIGH:+MEDIUM ssl_client_ca_dir = /etc/ssl/certs ssl_key = # hidden, use -P to show it userdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } protocol imap { imap_client_workarounds = delay-newmail mail_max_userip_connections = 50 } protocol pop3 { mail_max_userip_connections = 10 pop3_client_workarounds = outlook-no-nuls oe-ns-eoh } protocol lda { deliver_log_format = msgid=%m: %$ mail_plugins = sieve postmaster_address = postmaster quota_full_tempfail = yes rejection_reason = Your message to <%t> was automatically rejected:%n%r } OpenPGP_0xDC699743CAE6E6EB.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
Re: cannot see my mails
Le 26/04/2021 à 13:45, Aki Tuomi a écrit : On 26/04/2021 14:38 Jean-Max Reymond wrote: Le 26/04/2021 à 13:31, Aki Tuomi a écrit : On 26/04/2021 14:28 Jean-Max Reymond wrote: Le 26/04/2021 à 13:24, Yassine Chaouche a écrit : Le 4/26/21 à 10:22 AM, Jean-Max Reymond a écrit : > After a change of server When you changed servers, did you copy the contents of (probably) /var/vmail/ from the old server to the new server ? this is usually where e-mails are stored. You can also use imap-sync from old to new server. This should automatically transfer your old mail there (if old server is still operationnal) yep, the 144 GB of mails are copied. The correct owner is mail:mail. Database posfixadmin is copied and authentification by sql works fine.dovecot does not report any issues, postfix works like a charm. I have deleted for only one mailbox, the dovecot files but no changes. -- Jean-Max Reymond CKR Solutions Open Source https://www.ckr-solutions.com Does output of `doveadm user your-user-name` match with where you copied all your mails to? Aki # doveadm user jmreym...@normaal.fr field value uid 8 gid 8 home/home/Mails/jmreym...@normaal.fr/ mailmaildir:~/Maildir maildir jmreym...@normaal.fr/ # ls -ld /home/Mails/jmreym...@normaal.fr/* drwx-- 2 mail mail 4096 Mar 26 07:12 /home/Mails/jmreym...@normaal.fr/cur drwx-- 3 mail mail 4096 Nov 8 2014 /home/Mails/jmreym...@normaal.fr/mail drwx-- 8 mail mail 4096 Apr 26 13:24 /home/Mails/jmreym...@normaal.fr/Maildir drwx-- 2 mail mail 4096 Apr 26 11:12 /home/Mails/jmreym...@normaal.fr/new -rw--- 1 mail mail 18 Jun 10 2019 /home/Mails/jmreym...@normaal.fr/subscriptions drwx-- 2 mail mail 4096 Apr 26 11:12 /home/Mails/jmreym...@normaal.fr/tmp -- Jean-Max Reymond CKR Solutions Open Source https://www.ckr-solutions.com home/home/Mails/jmreym...@normaal.fr/ mailmaildir:~/Maildir this is what matters, so dovecot expects to see your maildir structure under /home/Mails/jmreym...@normaal.fr/Maildir/ Aki YES, it works :-) thanks a lot, Aki and Yassine. -- Jean-Max Reymond CKR Solutions Open Source https://www.ckr-solutions.com
Re: cannot see my mails
Le 26/04/2021 à 13:31, Aki Tuomi a écrit : On 26/04/2021 14:28 Jean-Max Reymond wrote: Le 26/04/2021 à 13:24, Yassine Chaouche a écrit : Le 4/26/21 à 10:22 AM, Jean-Max Reymond a écrit : > After a change of server When you changed servers, did you copy the contents of (probably) /var/vmail/ from the old server to the new server ? this is usually where e-mails are stored. You can also use imap-sync from old to new server. This should automatically transfer your old mail there (if old server is still operationnal) yep, the 144 GB of mails are copied. The correct owner is mail:mail. Database posfixadmin is copied and authentification by sql works fine.dovecot does not report any issues, postfix works like a charm. I have deleted for only one mailbox, the dovecot files but no changes. -- Jean-Max Reymond CKR Solutions Open Source https://www.ckr-solutions.com Does output of `doveadm user your-user-name` match with where you copied all your mails to? Aki # doveadm user jmreym...@normaal.fr field value uid 8 gid 8 home/home/Mails/jmreym...@normaal.fr/ mailmaildir:~/Maildir maildir jmreym...@normaal.fr/ # ls -ld /home/Mails/jmreym...@normaal.fr/* drwx-- 2 mail mail 4096 Mar 26 07:12 /home/Mails/jmreym...@normaal.fr/cur drwx-- 3 mail mail 4096 Nov 8 2014 /home/Mails/jmreym...@normaal.fr/mail drwx-- 8 mail mail 4096 Apr 26 13:24 /home/Mails/jmreym...@normaal.fr/Maildir drwx-- 2 mail mail 4096 Apr 26 11:12 /home/Mails/jmreym...@normaal.fr/new -rw--- 1 mail mail 18 Jun 10 2019 /home/Mails/jmreym...@normaal.fr/subscriptions drwx-- 2 mail mail 4096 Apr 26 11:12 /home/Mails/jmreym...@normaal.fr/tmp -- Jean-Max Reymond CKR Solutions Open Source https://www.ckr-solutions.com
Re: cannot see my mails
Le 26/04/2021 à 13:24, Yassine Chaouche a écrit : Le 4/26/21 à 10:22 AM, Jean-Max Reymond a écrit : > After a change of server When you changed servers, did you copy the contents of (probably) /var/vmail/ from the old server to the new server ? this is usually where e-mails are stored. You can also use imap-sync from old to new server. This should automatically transfer your old mail there (if old server is still operationnal) yep, the 144 GB of mails are copied. The correct owner is mail:mail. Database posfixadmin is copied and authentification by sql works fine.dovecot does not report any issues, postfix works like a charm. I have deleted for only one mailbox, the dovecot files but no changes. -- Jean-Max Reymond CKR Solutions Open Source https://www.ckr-solutions.com
Re: cannot see my mails
Le 26/04/2021 à 13:13, Yassine Chaouche a écrit : Le 4/26/21 à 10:22 AM, Jean-Max Reymond a écrit : > Hi, > After a change of server, I cannot see my mails. postfix is OK and I > receive emails. If I send emails, with roundcube or thunderbird, I > can seethese new sent emails. Access rights seems OK. Dovecot with > debug trace does not complain. Any tips ? Hello Jean-Max You see sent mails but not received mails ? You see new mails but not old mails ? as if your inbox has just been created ? -- Yassine not exactly. I cannot see any received mails, old or new and I am sure I received new emails. I can see new mails I sent. If I move an email from Sent to Inbox with roundcube or thunderbird, I can see these emails in Inbox. -- Jean-Max Reymond CKR Solutions Open Source https://www.ckr-solutions.com
Re: cannot see my mails
Le 26/04/2021 à 11:22, Jean-Max Reymond a écrit : Hi, After a change of server, I cannot see my mails. postfix is OK and I receive emails. If I send emails, with roundcube or thunderbird, I can see these new sent emails. Access rights seems OK. Dovecot with debug trace does not complain. Any tips ? # dovecot -n # 2.2.33.2 (d6601f4ec): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.21 (92477967) # OS: Linux 4.15.0-142-generic x86_64 Ubuntu 18.04.5 LTS auth_mechanisms = plain login first_valid_uid = 8 log_path = /var/log/dovecot.log mail_location = maildir:~/Maildir managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap service auth { unix_listener /var/spool/postfix/private/dovecot-auth { group = postfix mode = 0660 user = postfix } } ssl_cert = ssl_cipher_list = ALL:!LOW:!SSLv2:ALL:!aNULL:!ADH:!eNULL:!EXP:RC4+RSA:+HIGH:+MEDIUM ssl_client_ca_dir = /etc/ssl/certs ssl_key = # hidden, use -P to show it userdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } protocol imap { imap_client_workarounds = delay-newmail mail_max_userip_connections = 10 } protocol pop3 { mail_max_userip_connections = 10 pop3_client_workarounds = outlook-no-nuls oe-ns-eoh } protocol lda { deliver_log_format = msgid=%m: %$ mail_plugins = sieve postmaster_address = postmaster quota_full_tempfail = yes rejection_reason = Your message to <%t> was automatically rejected:%n%r } -- Jean-Max Reymond CKR Solutions Open Source https://www.ckr-solutions.com
cannot see my mails
Hi, After a change of server, I cannot see my mails. postfix is OK and I receive emails. If I send emails, with roundcube or thunderbird, I can see these new sent emails. Access rights seems OK. Dovecot with debug trace does not complain. Any tips ? append_dot_mydomain = no biff = no broken_sasl_auth_clients = yes compatibility_level = 2 content_filter = smtp-amavis:[127.0.0.1]:10024 home_mailbox = Maildir/ local_recipient_maps = $virtual_mailbox_maps local_transport = virtual mailbox_command = /usr/lib/dovecot/deliver -c /etc/dovecot/dovecot.conf -m "${EXTENSION}" message_size_limit = 3072 milter_default_action = accept milter_protocol = 2 mydestination = localhost non_smtpd_milters = inet:localhost:12345 readme_directory = no slow_destination_concurrency_limit = 2 slow_destination_recipient_limit = 20 smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt smtp_use_tls = yes smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) smtpd_milters = inet:localhost:12345 smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_path = private/dovecot-auth smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_sender_restrictions = reject_unknown_sender_domain smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/dovecot/private/dovecot.pem smtpd_tls_key_file = /etc/dovecot/private/dovecot.key smtpd_tls_mandatory_ciphers = medium smtpd_tls_mandatory_protocols = SSLv3, TLSv1 smtpd_tls_received_header = yes smtpd_use_tls = yes tls_random_source = dev:/dev/urandom transport_maps = hash:/etc/postfix/transport vacation_destination_recipient_limit = 1 virtual_alias_maps = proxy:mysql:/etc/postfix/mysql/virtual_alias_maps.cf virtual_gid_maps = static:8 virtual_mailbox_base = /home/Mails virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql/virtual_domains_maps.cf virtual_mailbox_limit = 20480 virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql/virtual_mailbox_maps.cf virtual_minimum_uid = 8 virtual_transport = virtual virtual_uid_maps = static:8 yahoo_destination_concurrency_limit = 4 yahoo_destination_rate_delay = 1s yahoo_destination_recipient_limit = 2 yahoo_initial_destination_concurrency = 1 -- Jean-Max Reymond CKR Solutions Open Source https://www.ckr-solutions.com
Re: Dovecot/doveadm quota
I think these changes will confuse users because calculated quota wouldn't be equals with total messages sizes. Marsistynas Bendorius писал 2020-02-07 11:07: Is there any reason why dovecot relies on S= instead of real disk size email takes? 1) compressed mails take less than than the S= specified 2) we could avoid using "S=" for the lookups and count every file there, including indexes and mails without S=... if we'd read filesizes -- With best regards, Max Kostikov W: https://kostikov.co | DeltaChat: m...@eprove.net signature.asc Description: OpenPGP digital signature
Plugins/Mailcrypt: mail_crypt_private_password not assigned by password_query
I try to use Mailcrypt encrypted user keys with conjustion with dbsync replication(Dovecot 2.3.6 in FreeBSD 12.0 enviroment) but was unsuccessful. If I provide a password in mail_crypt_private_password variable directly in Dovecot config all things works as expected plugin { mail_crypt_curve = prime256v1 mail_crypt_save_version = 2 mail_crypt_require_encrypted_user_key = yes mail_crypt_private_password = 12345 } but when I remove this and trying to get the same user password in password_query it seems password doesn't assigned password_query = SELECT username AS user, password, \ '%w' AS userdb_mail_crypt_private_password \ FROM mailbox WHERE username = LCASE('%u') \ AND active = '1' with errors like this in log at server where message was accepted from remote system May 20 00:40:31 server1 dovecot[35417]: dsync-local(f...@example.com): Error: dsync(server1.example.com): read() failed: read(/var/mail/example.com/foo/new/1558305609.M674400P35456.server1.example.com,S=4493,W=4601:2,a) failed: Private key not available: Cannot decrypt key a4ceb2df0287c0c0ccb0d76e31d91824e1f13e9ffe63d1e04a9a233a073d8a64: Cannot decrypt key 5d19a9246ddce2759a21462974add562dd90f2cb2aa3ff6a5af1af1e3e9b58e6: Password not available (last sent=mail, last recv=mail_request (EOL)) and errors at replica server May 20 00:40:31 server2 dovecot[63985]: dsync-local(f...@example.com): Error: dsync(server2.example.com): read() failed: read() failed: dot-input stream ends without '.' line (last sent=mail_request (EOL), last recv=mail) The question is it possible to have password encrypted user keys with Dovecot dbsync replication or we found a new bug? -- With best regards, Max Kostikov W: https://kostikov.co | DeltaChat: m...@eprove.net
doveadm with 2-level user/domain quotas scheme
Hi! I believe now it a right time to return to previous discussion about Dovecot's in 2-level user/domain quotas scheme wich was finished here https://dovecot.org/pipermail/dovecot/2015-October/102346.html Here is configuration. 1. Dictionary storage placed in MySQL table "quota2" root@localhost [(none)]> SHOW COLUMNS FROM quota2 FROM exim; +--+--+--+-+-+---+ | Field| Type | Null | Key | Default | Extra | +--+--+--+-+-+---+ | username | varchar(100) | NO | PRI | NULL| | | bytes| bigint(20) | NO | | 0 | | | messages | int(11) | NO | | 0 | | +--+--+--+-+-+---+ 3 rows in set (0,00 sec) 2. Two types of quota - for domains with index "2" and for users without index. ... plugin { quota = dict:user_quota::proxy::sqluserquota quota_rule2 = Trash:storage=+10%% quota_rule3 = Junk:storage=+10%% quota_warning = storage=100%% quota-exceeded 100 %u quota_warning2 = storage=95%% quota-warning 95 %u quota_warning3 = storage=90%% quota-warning 90 %u quota_warning4 = storage=75%% quota-warning 75 %u quota2 = dict:domain_quota:%d:proxy::sqldomainquota } dict { sqluserquota = mysql:/usr/local/etc/dovecot/dovecot-dict-sql-user.conf sqldomainquota = mysql:/usr/local/etc/dovecot/dovecot-dict-sql-domain.conf } service dict { unix_listener dict { user = mailnull mode = 0660 } } ... 3. Both stored in the same table and files "dovecot-dict-sql-user.conf" and "dovecot-dict-sql-domain.conf" are identical. connect = host=localhost dbname=exim user=user password=password map { pattern = priv/quota/storage table = quota2 username_field = username value_field = bytes } map { pattern = priv/quota/messages table = quota2 username_field = username value_field = messages } All quotas for users and domains are calculates correctly until "doveadm quota recalc" use. root@beta:~ # doveadm quota recalc -u foo@my.domain root@beta:~ # doveadm quota get -u foo@my.domain Quota name Type Value Limit % user_quota STORAGE 7850978 - 0 user_quota MESSAGE 32474 - 0 domain_quota STORAGE 7850978 - 0 domain_quota MESSAGE 32474 -, 0 If we look at MySQL table directly foo@my.domain quota was counted right but last users data was copied into domains values. ... root@localhost [exim]> SELECT * FROM quota2 WHERE username LIKE '%my.domain'; +---+-+--+ | username | bytes | messages | +---+-+--+ | foo@my.domain | 8039401321 |32474 | | my.domain | 8039401321 |32474 | | john@my.domain| 3455382803 |11142 | | mary@my.domain| 544637146 | 1965 | +---+-+--+ 4 rows in set (0.00 sec) ... Also you may see that "doveadm quota get" above gave wrong values. For domain its produces empty output root@beta:~ # doveadm quota get -u my.domain doveadm(my.domain): Error: User doesn't exist Quota name Type Value Limit % Than if we are trying to calculate quota for domain or for all users (-A) it produces an error. root@beta:~ # doveadm quota recalc -u my.domain doveadm(my.domain): Error: User doesn't exist root@beta:~ # doveadm quota recalc -A Error: User listing returned failure doveadm: Error: Failed to iterate through some users So "doveadm quota" almost useless for such quotas scheme except single user. I wrote small shell-script "dovequota.sh" to resolve this issue but I believe that doveadm need to be fixed too. (script may be found here https://kostikov.co/problemy-uchyota-domennoj-kvoty-v-dovecot-2). -- With best regards, Max Kostikov BBM: 24CA5DF8 | W: https://kostikov.co signature.asc Description: OpenPGP digital signature
Re: dovecot-lda crash after upgrade to 2.2.28
Thank you. This patch is fully solves the problem. Aki Tuomi писал 2017-03-01 14:02: On 28.02.2017 20:40, Max Kostikov wrote: Thank you. Will be waiting for Dovecot update. Aki Tuomi писал 2017-02-28 20:34: On February 28, 2017 at 7:43 PM Max Kostikov <m...@kostikov.co> wrote: Got it. Here is full backtrace output. Would appear the bug is in 'Trash' plugin. We'll open an issue about this, thank you for reporting this. Aki Hi! We believe this issue is now fixed with https://github.com/dovecot/core/commit/326fb016a23480e4ff8dcc03dc80e76812859bd6.patch Aki Tuomi Dovecot oy -- With best regards, Max Kostikov BBM: 24CA5DF8 | W: https://kostikov.co
Re: dovecot-lda crash after upgrade to 2.2.28
Thank you. Will be waiting for Dovecot update. Aki Tuomi писал 2017-02-28 20:34: On February 28, 2017 at 7:43 PM Max Kostikov <m...@kostikov.co> wrote: Got it. Here is full backtrace output. Would appear the bug is in 'Trash' plugin. We'll open an issue about this, thank you for reporting this. Aki -- With best regards, Max Kostikov BBM: 24CA5DF8 | W: https://kostikov.co
Re: dovecot-lda crash after upgrade to 2.2.28
ge.so.0 #7 0x1402e7e2 in trash_plugin_deinit () from /usr/local/lib/dovecot/lib11_trash_plugin.so #8 0x10aaf20b in hook_mail_user_created () from /usr/local/lib/dovecot/libdovecot-storage.so.0 #9 0x10ab374f in mail_user_init () from /usr/local/lib/dovecot/libdovecot-storage.so.0 #10 0x10ab1c52 in mail_storage_service_next () from /usr/local/lib/dovecot/libdovecot-storage.so.0 #11 0x10ab2435 in mail_storage_service_lookup_next () from /usr/local/lib/dovecot/libdovecot-storage.so.0 #12 0x00425896 in client_create_from_input () #13 0x00425fb2 in main () (gdb) bt full #0 0x1117655a in thr_kill () from /lib/libc.so.7 No symbol table info available. #1 0x1117652b in raise () from /lib/libc.so.7 No symbol table info available. #2 0x11176499 in abort () from /lib/libc.so.7 No symbol table info available. #3 0x10e2af54 in default_error_handler () from /usr/local/lib/dovecot/libdovecot.so.0 No symbol table info available. #4 0x10e2bc5b in i_set_failure_ignore_errors () from /usr/local/lib/dovecot/libdovecot.so.0 No symbol table info available. #5 0x10e2b1f9 in i_fatal () from /usr/local/lib/dovecot/libdovecot.so.0 No symbol table info available. #6 0x10aa190a in mail_namespace_find () from /usr/local/lib/dovecot/libdovecot-storage.so.0 No symbol table info available. #7 0x1402e7e2 in trash_plugin_deinit () from /usr/local/lib/dovecot/lib11_trash_plugin.so No symbol table info available. #8 0x10aaf20b in hook_mail_user_created () from /usr/local/lib/dovecot/libdovecot-storage.so.0 No symbol table info available. #9 0x10ab374f in mail_user_init () from /usr/local/lib/dovecot/libdovecot-storage.so.0 No symbol table info available. #10 0x10ab1c52 in mail_storage_service_next () from /usr/local/lib/dovecot/libdovecot-storage.so.0 No symbol table info available. #11 0x10ab2435 in mail_storage_service_lookup_next () from /usr/local/lib/dovecot/libdovecot-storage.so.0 No symbol table info available. #12 0x00425896 in client_create_from_input () No symbol table info available. #13 0x00425fb2 in main () No symbol table info available. (gdb) quit Aki Tuomi писал 2017-02-28 18:34: Your backtrace would've been informative already if you had issued bt full. Just opening it with gdb is not sufficient. -- With best regards, Max Kostikov BBM: 24CA5DF8 | W: https://kostikov.co
Re: dovecot-lda crash after upgrade to 2.2.28
Probably I need to compile 2.2.28 from sources with debug flags. Can you tell me wich flags I need to set for more informative backtrace in gdb? Aki Tuomi писал 2017-02-28 17:42: Can you please issue bt full in gdb and post the output here? -- With best regards, Max Kostikov BBM: 24CA5DF8 | W: https://kostikov.co -- With best regards, Max Kostikov BBM: 24CA5DF8 | W: https://kostikov.co
Re: dovecot-lda crash after upgrade to 2.2.28
I just recreated configuration of Dovecot 2.2.28 and got the same error but in imap service (it was there in logs too as for dovecot-lda but I don't saw it at time). Feb 27 20:09:41 beta dovecot: imap(postmas...@peek.ru): Panic: file mail-namespace.c: line 709 (mail_namespace_find): assertion failed: (ns != NULL) Feb 27 20:09:47 beta dovecot: lda(m...@domain.ru): Panic: file mail-namespace.c: line 709 (mail_namespace_find): assertion failed: (ns != NULL) So I show you only imap backtrace below. # gdb /usr/local/libexec/dovecot/imap 1 GNU gdb 6.1.1 [FreeBSD] Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "amd64-marcel-freebsd"...(no debugging symbols found)... Attaching to program: /usr/local/libexec/dovecot/imap, process 1 ptrace: Invalid argument. Core was generated by `imap'. Program terminated with signal 6, Aborted. Reading symbols from /usr/local/lib/dovecot/libdovecot-lda.so.0...(no debugging symbols found)...done. Loaded symbols for /usr/local/lib/dovecot/libdovecot-lda.so.0 Reading symbols from /usr/local/lib/dovecot/libdovecot-storage.so.0...(no debugging symbols found)...done. Loaded symbols for /usr/local/lib/dovecot/libdovecot-storage.so.0 Reading symbols from /usr/local/lib/dovecot/libdovecot.so.0...(no debugging symbols found)...done. Loaded symbols for /usr/local/lib/dovecot/libdovecot.so.0 Reading symbols from /lib/libc.so.7...(no debugging symbols found)...done. Loaded symbols for /lib/libc.so.7 Reading symbols from /usr/lib/libkrb5.so.11...(no debugging symbols found)...done. Loaded symbols for /usr/lib/libkrb5.so.11 Reading symbols from /usr/lib/libgssapi.so.10...(no debugging symbols found)...done. Loaded symbols for /usr/lib/libgssapi.so.10 Reading symbols from /usr/lib/libgssapi_krb5.so.10...(no debugging symbols found)...done. Loaded symbols for /usr/lib/libgssapi_krb5.so.10 Reading symbols from /usr/lib/libasn1.so.11...(no debugging symbols found)...done. Loaded symbols for /usr/lib/libasn1.so.11 Reading symbols from /usr/lib/libcom_err.so.5...(no debugging symbols found)...done. Loaded symbols for /usr/lib/libcom_err.so.5 Reading symbols from /lib/libcrypt.so.5...(no debugging symbols found)...done. Loaded symbols for /lib/libcrypt.so.5 Reading symbols from /lib/libcrypto.so.8...(no debugging symbols found)...done. Loaded symbols for /lib/libcrypto.so.8 Reading symbols from /usr/lib/libhx509.so.11...(no debugging symbols found)...done. Loaded symbols for /usr/lib/libhx509.so.11 Reading symbols from /usr/lib/libroken.so.11...(no debugging symbols found)...done. Loaded symbols for /usr/lib/libroken.so.11 Reading symbols from /usr/lib/libwind.so.11...(no debugging symbols found)...done. Loaded symbols for /usr/lib/libwind.so.11 Reading symbols from /usr/lib/libheimbase.so.11...(no debugging symbols found)...done. Loaded symbols for /usr/lib/libheimbase.so.11 Reading symbols from /usr/lib/libprivateheimipcc.so.11...(no debugging symbols found)...done. Loaded symbols for /usr/lib/libprivateheimipcc.so.11 Reading symbols from /lib/libthr.so.3...(no debugging symbols found)...done. Loaded symbols for /lib/libthr.so.3 Reading symbols from /usr/local/lib/dovecot/lib01_acl_plugin.so...(no debugging symbols found)...done. Loaded symbols for /usr/local/lib/dovecot/lib01_acl_plugin.so Reading symbols from /usr/local/lib/dovecot/lib02_imap_acl_plugin.so...(no debugging symbols found)...done. Loaded symbols for /usr/local/lib/dovecot/lib02_imap_acl_plugin.so Reading symbols from /usr/local/lib/dovecot/lib10_quota_plugin.so...(no debugging symbols found)...done. Loaded symbols for /usr/local/lib/dovecot/lib10_quota_plugin.so Reading symbols from /usr/local/lib/dovecot/lib11_imap_quota_plugin.so...(no debugging symbols found)...done. Loaded symbols for /usr/local/lib/dovecot/lib11_imap_quota_plugin.so Reading symbols from /usr/local/lib/dovecot/lib11_trash_plugin.so...(no debugging symbols found)...done. Loaded symbols for /usr/local/lib/dovecot/lib11_trash_plugin.so Reading symbols from /usr/local/lib/dovecot/lib90_antispam_plugin.so...(no debugging symbols found)...done. Loaded symbols for /usr/local/lib/dovecot/lib90_antispam_plugin.so Reading symbols from /usr/local/lib/compat/pkg/nss_winbind.so.1...(no debugging symbols found)...done. Loaded symbols for /usr/local/lib/compat/pkg/nss_winbind.so.1 Reading symbols from /libexec/ld-elf.so.1...(no debugging symbols found)...done. Loaded symbols for /libexec/ld-elf.so.1 #0 0x1117655a in thr_kill () from /lib/libc.so.7 [New Thread 13616000 (LWP 100455/)] (gdb) quit Aki Tuomi писал 2017-02-28 13:20: On 28.02.2017 13:16, Max Kostikov wrote: Hi!
dovecot-lda crash after upgrade to 2.2.28
Hi! I posted this problem few days ago in FreeBSD bugtracker https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=217364 So, the problem is in crash of dovecot-lda client while local mailbox delivery with this message in log dovecot: lda(my@email): Panic: file mail-namespace.c: line 709 (mail_namespace_find): assertion failed: (ns != NULL) My Dovecot config stills the same from previous 2.2.27 installation to I believe that problem in new Dovecot code related namespace. System: # uname -v FreeBSD 11.0-RELEASE-p8 #0: Wed Feb 22 06:12:04 UTC 2017 r...@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC Options: root@beta:/usr/ports/mail/dovecot2 # make showconfig | grep =on DOCS=on: Build and/or install documentation EXAMPLES=on: Build and/or install examples KQUEUE=on: kqueue(2) support LIBWRAP=on: TCP wrapper support LZ4=on: LZ4 compression support MYSQL=on: MySQL database support GSSAPI_BASE=on: Use GSSAPI from base Config: # doveconf -n # 2.2.27 (c0f36b0): /usr/local/etc/dovecot/dovecot.conf # Pigeonhole version 0.4.16 (fed8554) # OS: FreeBSD 11.0-RELEASE-p8 amd64 ufs auth_mechanisms = plain login default_login_user = dovecot dict { sqluserquota = mysql:/usr/local/etc/dovecot/dovecot-dict-sql-user.conf } disable_plaintext_auth = no first_valid_gid = 0 first_valid_uid = 25 lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes login_access_sockets = tcpwrap login_greeting = Dovecot ready! login_log_format_elements = user=<%u> method=%m rip=%r lip=%l %c mail_access_groups = mail mail_gid = 6 mail_location = maildir:/var/mail/%d/%n mail_plugins = acl quota trash mail_privileged_group = mail mail_uid = 26 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext namespace { location = maildir:/var/mail/%d/.public:INDEXPVT=/var/mail/%d/%n/public prefix = public. separator = . subscriptions = no type = public } namespace inbox { inbox = yes location = mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Junk { auto = subscribe special_use = \Junk } mailbox Sent { auto = subscribe special_use = \Sent } mailbox Trash { auto = subscribe special_use = \Trash } prefix = separator = . type = private } passdb { args = /usr/local/etc/dovecot/dovecot-sql.conf driver = sql } plugin { acl = vfile::cache_secs=300 antispam_backend = mailtrain antispam_mail_notspam = %u-revoke antispam_mail_sendmail = /usr/local/etc/dovecot/move-cmd.sh antispam_mail_sendmail_args = antispam_mail_spam = %u-report antispam_spam = Junk antispam_trash = Trash quota = dict:user_quota::proxy::sqluserquota quota_grace = 10%% quota_rule2 = Trash:storage=+10%% quota_rule3 = Junk:storage=+10%% quota_warning = storage=100%% quota-exceeded 100 %u quota_warning2 = storage=95%% quota-warning 95 %u quota_warning3 = storage=90%% quota-warning 90 %u quota_warning4 = storage=75%% quota-warning 75 %u sieve = ~/dovecot.sieve sieve_before = /usr/local/etc/dovecot/default.sieve sieve_dir = ~/sieve sieve_global_path = /usr/local/etc/dovecot/default.sieve trash = /usr/local/etc/dovecot/dovecot-trash.conf } protocols = imap pop3 lmtp sieve service auth { unix_listener auth-client { mode = 0660 user = mailnull } unix_listener auth-master { mode = 0660 user = mailnull } user = root } service dict { unix_listener dict { mode = 0660 user = mailnull } } service imap-login { chroot = login client_limit = 64 executable = /usr/local/libexec/dovecot/imap-login inet_listener imap { port = 143 } inet_listener imaps { port = 993 } process_limit = 32 process_min_avail = 8 service_count = 1 user = $default_login_user vsz_limit = 64 M } service imap { executable = /usr/local/libexec/dovecot/imap } service managesieve-login { inet_listener sieve { port = 4190 } process_min_avail = 1 service_count = 1 user = $default_login_user vsz_limit = 64 M } service managesieve { process_limit = 10 } service pop3-login { chroot = login client_limit = 64 executable = /usr/local/libexec/dovecot/pop3-login inet_listener pop3 { port = 110 } inet_listener pop3s { port = 995 } process_limit = 32 process_min_avail = 8 service_count = 1 user = $default_login_user vsz_limit = 64 M } service pop3 { executable = /usr/local/libexec/dovecot/pop3 } service quota-warning { executable = script /usr/local/etc/dovecot/quota_warning.sh unix_listener quota-warning { mode = 0660 user = mailnull } } service tcpwrap { unix_listener login/tcpwrap { mode = 0600 user = $default_login_user } } ssl_ca = ssl_cipher_list =
Best way to only replicate specific users
Hi, I was wondering about the best way to achieve this. Currently, the users I don't want replicated do not exist on the target system. The source tries to sync them but runs into an error. Technically, that works for me, but it doesn't seem like the right way to do it and clutters the log. Kind Regards, Max
doveadm sync ignores -u option
Hi, Since I upgraded from 2.2.21 to 2.2.23, the user option -u seems to be ignored by doveadm sync, or at least it doesn't handle it correctly. If I run the following in the shell as user 'max': % doveadm sync -u f...@example.com -d doveadm(max): Error: User doesn't exist I get it to work if I set the USER environment variable to f...@example.com: % USER=f...@example.com doveadm sync -u f...@example.com -d # sync runs as expected. Kind Regards, Max
Missing metadata on Dovecot 2.2.14, on Kolab 3.3, Centos 6.6
Hello everyone, We were trying to provision a system with Dovecot instead of another working cyrus kolab system. I am stuck with a problem with the metadata, especially when it comes to the Special Folders in Kolab 3.3, like Calenders, Tasks, etc, as well as any user created Folders. Emails work perfectly, and all the types are correct. But for example, If I try to change the type of Calenders, or create a new folder from inside roundcube and set it to type Calenders, it stays at the default which is mail. Therefore it causes problems, when sharing events, since they are displayed as mail type and not event type. We've tracked the problem down to the metadata not existing for special folders. A simple search only shows the default mail metadata, but nothing for shared folders, or special folders, etc. Here is the doveconf -n - [root@m3 ~]# doveconf -n # 2.2.14: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-504.el6.x86_64 x86_64 CentOS release 6.6 (Final) imap_metadata = yes mail_attribute_dict = file:Maildir/dovecot-metadata mail_gid = 5000 mail_location = maildir:~/Maildir mail_plugins = acl mail_uid = 5000 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mbox_write_locks = fcntl namespace { list = children location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u prefix = shared/%%u/ separator = / type = shared } namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox Sent Messages { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / } passdb { args = /etc/dovecot/master-users driver = passwd-file master = yes pass = yes } passdb { driver = shadow } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { acl = vfile acl_shared_dict = file:/var/lib/dovecot/db/shared-mailboxes.db sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap pop3 lmtp sieve service auth { unix_listener /var/spool/postfix/private/auth { mode = 0666 } unix_listener auth-userdb { group = vmail user = vmail } } service dict { unix_listener dict { group = vmail mode = 0666 user = vmail } } service lmtp { executable = lmtp unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0660 user = postfix } } service managesieve-login { inet_listener sieve { address = 127.0.0.1 ::1 port = 4190 } } service managesieve { process_limit = 1024 } ssl = required ssl_cert = /etc/ssl/m3.company.includingchain.crt ssl_key = /etc/ssl/m3.company.de.key userdb { driver = passwd } userdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } protocol lmtp { mail_plugins = acl sieve } protocol lda { mail_plugins = acl sieve } protocol imap { mail_plugins = acl imap_acl } Would appreciate any help or ideas as to what I can do to fix this. Thanks Max
Mailing list removal.
Guys, Can you please remove my email address from the mailing list. Thanks, M
Re: Mailing list test
On Fri, 21 Nov 2014, Timo Sirainen wrote: Apparently this list has somehow broken.. Not really sure what the problem is, lets see what happens to this mail. Any chance of putting [dovecot] back in the subject line? Thanks. Max Pyziur p...@brama.com
Dovecot fails to start - Unknown setting: socket
I’m receiving the following error(s) messages when trying reloading dovecot (Debian wheezy). doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf line 73: Unknown setting: socket doveconf: Error: managesieve-login: dump-capability process returned 89 Configuration file /etc/dovecot/dovecot.conf : # If you only want to use dovecot-auth, you can set this to none. protocols = imap sieve log_timestamp = %Y-%m-%d %H:%M:%S mail_location = maildir:/var/mail/%d/%n:INDEX=/var/mail/indexes/%d/%n mail_privileged_group = vmail mail_debug = no first_valid_uid = 5000 last_valid_uid = 5000 maildir_copy_with_hardlinks = yes mail_chroot = yes default_login_user = dovecot ssl_cert = /etc/ssl/certs/star_palibrary_org_combined.crt ssl_key = /etc/ssl/private/star_palibrary_org.key protocol imap { # imap_client_workarounds = outlook-idle delay-newmail } protocol pop3 { pop3_uidl_format = %08Xu%08Xv } ## ## MANAGESIEVE specific settings ## protocol sieve { } plugin { sieve_storage = ~/sieve sieve_global_path = /var/vmail/globalsieverc sieve = ~/dovecot.sieve } protocol lda { #log_path = /var/vmail/dovecot-deliver.log auth_socket_path = /var/run/dovecot/auth-master postmaster_address = shor...@mvs.org mail_plugins = sieve } ### ## ## LDA specific settings ## auth_default_realm = mvs.org auth_debug = no auth_debug_passwords = no auth_mechanisms = auth_plain auth_login auth_digest-md5 auth_cram-md5 # dovecot-auth only needs to be able to connect to SQL # default_login_user = mail passdb { driver = sql args = /etc/dovecot/dovecot-sql.conf.ext } userdb { driver= sql args = /etc/dovecot/dovecot-sql.conf.ext } socket listen { master { path = /var/run/dovecot/auth-master mode = 0600 user = vmail group = vmail } client { # The client socket is generally safe to export to everyone. Typical use # is to export it to your SMTP server so it can do SMTP AUTH lookups # using it. path = /var/spool/postfix/private/auth mode = 0660 user = postfix group = postfix } } } Packages: ii dovecot-common 1:2.1.7-7+deb7u1 ii dovecot-core1:2.1.7-7+deb7u1 ii dovecot-gssapi 1:2.1.7-7+deb7u1 ii dovecot-imapd 1:2.1.7-7+deb7u1 ii dovecot-ldap 1:2.1.7-7+deb7u1 ii dovecot-lmtpd 1:2.1.7-7+deb7u1 ii dovecot-managesieved 1:2.1.7-7+deb7u1 ii dovecot-mysql 1:2.1.7-7+deb7u1 ii dovecot-pgsql1:2.1.7-7+deb7u1 ii dovecot-pop3d 1:2.1.7-7+deb7u1 Any ideas?
Re: Dovecot fails to start - Unknown setting: socket
Here are the lines in question: socket listen { ### line 73 ### master { path = /var/run/dovecot/auth-master mode = 0600 user = vmail group = vmail } client { # The client socket is generally safe to export to everyone. Typical use # is to export it to your SMTP server so it can do SMTP AUTH lookups # using it. path = /var/spool/postfix/private/auth mode = 0660 user = postfix group = postfix } } } On Wed, Oct 1, 2014 at 2:54 PM, Reindl Harald h.rei...@thelounge.net wrote: Am 01.10.2014 um 20:47 schrieb Max Shortte: I’m receiving the following error(s) messages when trying reloading dovecot (Debian wheezy). doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf line 73: Unknown setting: socket doveconf: Error: managesieve-login: dump-capability process returned 89 Configuration file /etc/dovecot/dovecot.conf honestly it would make more sense if you post line 73 as mentioned in the message followed by the surrounding context
Re: Dovecot fails to start - Unknown setting: socket
Thanks for responding Alan. I have taken a look at the configuration file and all seems well. Max On Wed, Oct 1, 2014 at 4:50 PM, Alan McGinlay al...@sics.se wrote: you almost certainly have a missing closing bracket or double quote somewhere.
Re: [Dovecot] Configuring dovecot to use tcp wrappers
On 5.4.2013, at 18.19, Max Pyziur p...@brama.com wrote: So my question relates to the second part of the configuration examples in the links above: service tcpwrap { unix_listener login/tcpwrap { group = $default_login_user mode = 0600 user = $default_login_user } } Where does this code get placed (in dovecot.conf or in one of the files in /etc/dovecot/conf.d)? Doesn't really matter. I'd put it into conf.d/10-master.conf which has other services. And regarding $default_login_user, it appears in a comment line in /etc/dovecot/conf.d/10-master.conf Should that line be uncommented? Just leave it uncommented and it'll use the default value (which it has been using so far already). After some delay, I'm returning to this project. I've made the changes per above. I've put in a test ip address in /etc/hosts.deny like so: dovecot: 166.84.1.2 And then I execute the following from 166.84.1.2 to port 110: bash-3.2$ telnet SiteWhereImConfiguringDovecot 110 Trying SiteWhereImConfiguringDovecot... Connected to SiteWhereImConfiguringDovecot. Escape character is '^]'. +OK Dovecot ready. quit +OK Logging out Connection closed by foreign host. If dovecot is configured with tcp wrappers (which it is; built on a CentOS 6 system, installed and configured per instructions), and the firewall has ports 110 and 143 open, but I'm blocking a particular host through /etc/hosts.deny then I should not be able to telnet to either port 110 or 143; both requests should be blocked from the originating IP, no? Much thanks for your help, Max Pyziur p...@brama.com
Re: [Dovecot] Configuring dovecot to use tcp wrappers
On Thu, 11 Apr 2013, lists-dovecot wrote: [... snip ...] I've put in a test ip address in /etc/hosts.deny like so: dovecot: 166.84.1.2 And then I execute the following from 166.84.1.2 to port 110: bash-3.2$ telnet SiteWhereImConfiguringDovecot 110 Trying SiteWhereImConfiguringDovecot... Connected to SiteWhereImConfiguringDovecot. Escape character is '^]'. +OK Dovecot ready. quit +OK Logging out Connection closed by foreign host. If dovecot is configured with tcp wrappers (which it is; built on a CentOS 6 system, installed and configured per instructions), and the firewall has ports 110 and 143 open, but I'm blocking a particular host through /etc/hosts.deny then I should not be able to telnet to either port 110 or 143; both requests should be blocked from the originating IP, no? Much thanks for your help, Max Pyziur p...@brama.com What are you using as the service name in hosts.deny? I think it should be imap-login:, (that's what I have as an historical/left-over entry) but don't have dovecot configured with wrappers on my current centos system so can't test this to be certain. Also make certain that you don't have anything in your hosts.allow file that would override the hosts.deny entry. I was using dovecot, until you convinced me to do otherwise. Putting pop3 in /etc/hosts.deny with the associated ip seems to work, like so: pop3: 166.84.1.2 or imap imap: 166.84.1.2 (are there any challenges to this?) Given that services such sendmail and sshd respond to sshd: xxx.xxx.xxx.xxx sendmail: xxx.xxx.xxx.xxx I thought that it should be dovecot: xxx.xxx.xxx.xxx As a suggestion, can dovecot binaries for distributions such as CentOS and Fedora be compiled with tcp wrappers by default? - Richard Much thanks. MP p...@brama.com
Re: [Dovecot] Configuring dovecot to use tcp wrappers
On 5.4.2013, at 18.19, Max Pyziur p...@brama.com wrote: So my question relates to the second part of the configuration examples in the links above: service tcpwrap { unix_listener login/tcpwrap { group = $default_login_user mode = 0600 user = $default_login_user } } Where does this code get placed (in dovecot.conf or in one of the files in /etc/dovecot/conf.d)? Doesn't really matter. I'd put it into conf.d/10-master.conf which has other services. And regarding $default_login_user, it appears in a comment line in /etc/dovecot/conf.d/10-master.conf Should that line be uncommented? Just leave it uncommented and it'll use the default value (which it has been using so far already). Much thanks for your reply. However, once I make the changes to the configuration files, I get the following error when restarting dovecot: root@brama /etc/dovecot/conf.d service dovecot restart Stopping Dovecot Imap: [ OK ] Starting Dovecot Imap: doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: service(tcpwrap): executable is empty [FAILED] Any advice on how to proceed? Thank you again, Max Pyziur p...@brama.com
Re: [Dovecot] Configuring dovecot to use tcp wrappers
On Mon, 8 Apr 2013, Timo Sirainen wrote: On 8.4.2013, at 1.31, Max Pyziur p...@brama.com wrote: However, once I make the changes to the configuration files, I get the following error when restarting dovecot: root@brama /etc/dovecot/conf.d service dovecot restart Stopping Dovecot Imap: [ OK ] Starting Dovecot Imap: doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: service(tcpwrap): executable is empty [FAILED] You most likely didn't compile Dovecot with tcpwrap support. See if you have /usr/lib*/dovecot/tcpwrap binary? Any idea, then, as to where those CentOS dovecot src.rpms are kept? Max Pyziur p...@brama.com
Re: [Dovecot] Configuring dovecot to use tcp wrappers
On Sun, 7 Apr 2013, Max Pyziur wrote: On Mon, 8 Apr 2013, Timo Sirainen wrote: On 8.4.2013, at 1.31, Max Pyziur p...@brama.com wrote: However, once I make the changes to the configuration files, I get the following error when restarting dovecot: root@brama /etc/dovecot/conf.d service dovecot restart Stopping Dovecot Imap: [ OK ] Starting Dovecot Imap: doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: service(tcpwrap): executable is empty [FAILED] You most likely didn't compile Dovecot with tcpwrap support. See if you have /usr/lib*/dovecot/tcpwrap binary? Any idea, then, as to where those CentOS dovecot src.rpms are kept? Yanking my own chain: http://vault.centos.org/6.4/updates/Source/SPackages/ Max Pyziur p...@brama.com [...recycle ...]
Re: [Dovecot] script to detect dictionary attacks
On Sat, 6 Apr 2013, Reindl Harald wrote: Hi has someone a script which can filter out dictionary attacks from /var/log/maillog and notify about the source-IPs? i know about fail2ban and so on, but i would like to have a mail with the IP address for two reasons and avoid fail2ban at all because it does not match in the way we maintain firewalls * add the IP to a distributed iptables-block.sh and distribute it to any server with a comment and timestamp * write a abuse-mail to the ISP Thinking tangentially to this proposal, are there blacklists (BLs) maintained regarding known IPs perpetrating attempts at pop/imap intrusions, much in the same way CBL does for spam, and OpenBL (http://www.openbl.org/lists.html) does for ssh (primarily)? That way, you leave your iptables configuration status quo, and create a mechanism to use the resource (the BLs) to populate your /etc/hosts.deny file, using tcp_wrappers to prevent intrusion/brute force attacks on service that have open ports in the firewall. Thanks, Max Pyziur p...@brama.com
Re: [Dovecot] script to detect dictionary attacks
On Sat, 6 Apr 2013, Reindl Harald wrote: Am 06.04.2013 22:55, schrieb Max Pyziur: On Sat, 6 Apr 2013, Reindl Harald wrote: has someone a script which can filter out dictionary attacks from /var/log/maillog and notify about the source-IPs? i know about fail2ban and so on, but i would like to have a mail with the IP address for two reasons and avoid fail2ban at all because it does not match in the way we maintain firewalls * add the IP to a distributed iptables-block.sh and distribute it to any server with a comment and timestamp * write a abuse-mail to the ISP Thinking tangentially to this proposal, are there blacklists (BLs) maintained regarding known IPs perpetrating attempts at pop/imap intrusions, much in the same way CBL does for spam, and OpenBL (http://www.openbl.org/lists.html) does for ssh (primarily)? That way, you leave your iptables configuration status quo, and create a mechanism to use the resource (the BLs) to populate your /etc/hosts.deny file, using tcp_wrappers to prevent intrusion/brute force attacks on service that have open ports in the firewall i don't know but in fact i want not rely on automatisms and blacklists CBL is fairly reliable; you can screen it based on originating countries (I use ip2cc available from perl-IP-Country-2.27-1.el6.noarch to find the originating country for particular ips). I'm tentatively using OpenBL to block dictionary attacks by way of ssh. By way of logwatch, I see enough dictionary attacks on dovecot; I take those ips and hope to use them soon to block dovecot attacks. The problem is the aging: there needs to be a mechanism that determines whether or not an ip continues to be a threat. The BLs are good for that - once an ip or, say, the first three octets, diminish in frequency of attacks, then based on some threshold that you set, you can remove that ip (or set of ips) as a hostile threat to a particular service that you are running on your server/servers. sometimes i recognize a dictionary attack because tail -f on the mailserver is running in background and after come back from a cigarette break i look a minute in the output and if i see attacks i add the IP after a whois to iptables-block.sh so i do not want to rely on automagic and if some IP is added to whatever blacklist hours or days later, i want simply a one-time mail notify to look NOW in maillog and take action or ignore it depending on the count and source if it is some ISP from a country far away - block it if it is the fivth attempt from this ISP - block the whole subnet if it is a major ISP of the country i live (asutria) - only absue mail to the ISP I understand the logic; I set a low threshold to label something being a threat for anything originating in China; the threshold is higher for things closer to home, since most of the traffic to the one server I control is from there. MP p...@brama.com
[Dovecot] Configuring dovecot to use tcp wrappers
Greetings, I am looking to implement tcp wrappers with dovecot; I am using the following two links as guides to configuration: http://blog.acsystem.sk/linux/brute-force-attack-dovecot-imap-server-blocking-ip-with-tcp-wrappers http://wiki2.dovecot.org/LoginProcess (you need to go to the very bottom) I'm concerned in making the configuration correctly. If you set login_access_sockets = tcpwrap in /etc/dovecot/dovecot.conf Then everything accessing ports controlled by dovecot (and open by iptables) is blocked. So my question relates to the second part of the configuration examples in the links above: service tcpwrap { unix_listener login/tcpwrap { group = $default_login_user mode = 0600 user = $default_login_user } } Where does this code get placed (in dovecot.conf or in one of the files in /etc/dovecot/conf.d)? And regarding $default_login_user, it appears in a comment line in /etc/dovecot/conf.d/10-master.conf Should that line be uncommented? Much thanks. Max Pyziur p...@brama.com Report of dovecot -n: pyz@pangea ~ dovecot -n # 2.1.1: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-358.2.1.el6.x86_64 x86_64 CentOS release 6.4 (Final) disable_plaintext_auth = no mail_location = mbox:~/mail:INBOX=/var/spool/mail/%u mbox_write_locks = fcntl namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox Sent Messages { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = pam } ssl = no ssl_cert = /etc/pki/dovecot/certs/dovecot.pem ssl_key = /etc/pki/dovecot/private/dovecot.pem userdb { driver = passwd }
[Dovecot] openbsd and dovecot
I'm setting up dovecot in OpenBSD OS. The problem is that I can't set up dovecot to use kerberos authentication via bsdauth which is similar to pam I try to test dovecot via telnet: telnet localhost pop3 user test +OK pass password -ERR [IN-USE] Temporary authentication failure and some strings from logs Feb 3 15:02:37 srv-mx-00 dovecot: auth: Error: bsdauth(rodin.m,127.0.0.1): getpwnam() failed: Operation not permitted Feb 3 15:02:46 srv-mx-00 dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=rodin.m, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured Feb 3 15:29:13 srv-mx-00 dovecot: auth: Error: bsdauth(test,127.0.0.1): getpwnam() failed: Operation not permitted What am I doing wrong? Here is the output of dovecot -n auth_krb5_keytab = /etc/kerberosV/krb5.keytab auth_mechanisms = plain login default_internal_user = _dovecot default_login_user = _dovenull disable_plaintext_auth = no first_valid_gid = 2000 first_valid_uid = 2000 last_valid_gid = 2000 last_valid_uid = 2000 mail_gid = vmail mail_location = maildir:/var/vmail/%u%Ud/Maildir mail_uid = vmail mbox_write_locks = fcntl mmap_disable = yes passdb { driver = bsdauth } service auth { unix_listener /var/spool/postfix/private/auth { group = _postfix mode = 0666 user = _postfix } } ssl_cert = /etc/ssl/dovecotcert.pem ssl_key = /etc/ssl/private/dovecot.pem userdb { driver = passwd } userdb { args = uid=2000 gid=2000 home=/var/mail/%Lu driver = static } protocol imap { imap_client_workarounds = delay-newmail tb-extra-mailbox-sep tb-lsub-flags } protocol pop3 { pop3_client_workarounds = outlook-no-nuls oe-ns-eoh pop3_uidl_format = %08Xu%08Xv }
[Dovecot] maildirsize not always present
hi, I have a dovecot 1.2.9 and all is runnig fine except for quotas. Some accounts have a maildirsize file in the mail directory. If I delete the file, it is automatically rebuild: OK But other accounts does not have the maildirsize file even after access from dovecot server. All is OK for theses accounts except quota service. what's wrong ? -- Jean-Max Reymond Éruption de l'Etna: http://jmreymond.free.fr/Etna2002
Re: [Dovecot] maildirsize not always present
Le 16/08/2011 11:29, Jean-Max Reymond a écrit : hi, I have a dovecot 1.2.9 and all is runnig fine except for quotas. Some accounts have a maildirsize file in the mail directory. If I delete the file, it is automatically rebuild: OK But other accounts does not have the maildirsize file even after access from dovecot server. All is OK for theses accounts except quota service. what's wrong ? as complement, there is 75 users OK and 330 users KO for these 330 users, thunderbird does not recognize mail quota. I have created by a touch command a maildirsize file but it does not help -- Jean-Max Reymond Éruption de l'Etna: http://jmreymond.free.fr/Etna2002
Re: [Dovecot] maildirsize not always present
thanks for your answer but my mta is postfix. If I delete the maidirsize file, it is automatically created for my 75 users OK but for the 330 users, no way to create this file. I am using a postfix database and I have checked the SQL request, the contents of the tables but nothing :-( Le 16/08/2011 16:05, Juan Bernhard a écrit : Hi, are you using exim as mta? I been told in exim list that maildirsize might be removed under certain conditions (exim-*/src/transports/tf_maildir.c) El 16/08/2011 07:01 a.m., Jean-Max Reymond escribió: Le 16/08/2011 11:29, Jean-Max Reymond a écrit : hi, I have a dovecot 1.2.9 and all is runnig fine except for quotas. Some accounts have a maildirsize file in the mail directory. If I delete the file, it is automatically rebuild: OK But other accounts does not have the maildirsize file even after access from dovecot server. All is OK for theses accounts except quota service. what's wrong ? as complement, there is 75 users OK and 330 users KO for these 330 users, thunderbird does not recognize mail quota. I have created by a touch command a maildirsize file but it does not help -- Jean-Max Reymond Éruption de l'Etna: http://jmreymond.free.fr/Etna2002
Re: [Dovecot] maildirsize not always present
all seems OK for me and all the users have quota set. $ cat /etc/dovecot/dovecot-sql.conf password_query = SELECT username AS user,password FROM mailbox WHERE username = '%u' AND active='1' # Query to retrieve user information. user_query = SELECT concat('/home/mail/',maildir) as home, 8 AS uid, 8 AS gid, concat('maildir:storage=', quota/1024) AS quota FROM mailbox WHERE username = '%u' AND active='1' Whhen I request the database, quota is working for the first user and not for the second user but it is very similar mysql SELECT concat('/home/mail/',maildir) as home, 8 AS uid, 8 AS gid, concat('maildir:storage=', quota/1024) AS quota FROM mailbox WHERE username like 'francois.char%' OR username like 'cyril%'; +---+-+-+---+ | home | uid | gid | quota | +---+-+-+---+ | /home/mail/dracenie.com/cyril.lafont/Maildir/ | 8 | 8 | maildir:storage=1000. | | /home/mail/dracenie.com/francois.charnier/| 8 | 8 | maildir:storage=1464000. | +---+-+-+---+ 2 rows in set (0.00 sec) So, tomorrow, I will set auth_debug=yes to trace users activity # dovecot -n # 1.2.9: /etc/dovecot/dovecot.conf Warning: fd limit 1024 is lower than what Dovecot can use under full load (more than 2560). Either grow the limit or change login_max_processes_count and max_mail_processes settings # OS: Linux 2.6.32-33-server x86_64 Ubuntu 10.04.3 LTS log_path: /var/log/dovecot.log log_timestamp: %Y-%m-%d %H:%M:%S protocols: imap imaps managesieve ssl_key_file: /etc/ssl/private/dovecot.key login_dir: /var/run/dovecot/login login_executable(default): /usr/lib/dovecot/imap-login login_executable(imap): /usr/lib/dovecot/imap-login login_executable(managesieve): /usr/lib/dovecot/managesieve-login login_max_processes_count: 1024 mail_max_userip_connections(default): 500 mail_max_userip_connections(imap): 500 mail_max_userip_connections(managesieve): 10 first_valid_uid: 8 mail_privileged_group: mail mail_location: maildir:%h mmap_disable: yes mail_nfs_storage: yes mail_nfs_index: yes mbox_write_locks: fcntl dotlock mail_executable(default): /usr/lib/dovecot/imap mail_executable(imap): /usr/lib/dovecot/imap mail_executable(managesieve): /usr/lib/dovecot/managesieve mail_plugins(default): quota imap_quota mail_plugins(imap): quota imap_quota mail_plugins(managesieve): mail_plugin_dir(default): /usr/lib/dovecot/modules/imap mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap mail_plugin_dir(managesieve): /usr/lib/dovecot/modules/managesieve lda: postmaster_address: postmas...@dracenie.com mail_plugins: sieve quota_full_tempfail: yes deliver_log_format: msgid=%m: %$ rejection_reason: Your message to %t was automatically rejected:%n%r auth default: mechanisms: plain login passdb: driver: sql args: /etc/dovecot/dovecot-sql.conf userdb: driver: sql args: /etc/dovecot/dovecot-sql.conf plugin: quota: maildir Le 16/08/2011 23:40, Timo Sirainen a écrit : I guess these users have unlimited quota? If not, show dovecot -n output and the dovecot-sql.conf file and what gets logged to these users with auth_debug=yes. On 16.8.2011, at 18.05, Jean-Max Reymond wrote: thanks for your answer but my mta is postfix. If I delete the maidirsize file, it is automatically created for my 75 users OK but for the 330 users, no way to create this file. I am using a postfix database and I have checked the SQL request, the contents of the tables but nothing :-( Le 16/08/2011 16:05, Juan Bernhard a écrit : Hi, are you using exim as mta? I been told in exim list that maildirsize might be removed under certain conditions (exim-*/src/transports/tf_maildir.c) El 16/08/2011 07:01 a.m., Jean-Max Reymond escribió: Le 16/08/2011 11:29, Jean-Max Reymond a écrit : hi, I have a dovecot 1.2.9 and all is runnig fine except for quotas. Some accounts have a maildirsize file in the mail directory. If I delete the file, it is automatically rebuild: OK But other accounts does not have the maildirsize file even after access from dovecot server. All is OK for theses accounts except quota service. what's wrong ? as complement, there is 75 users OK and 330 users KO for these 330 users, thunderbird does not recognize mail quota. I have created by a touch command a maildirsize file but it does not help -- Jean-Max Reymond Éruption de l'Etna: http://jmreymond.free.fr/Etna2002 -- Jean-Max Reymond Éruption de l'Etna: http://jmreymond.free.fr/Etna2002
Re: [Dovecot] maildirsize not always present
Le 16/08/2011 23:51, Timo Sirainen a écrit : On 17.8.2011, at 0.48, Jean-Max Reymond wrote: user_query = SELECT concat('/home/mail/',maildir) as home, 8 AS uid, 8 AS gid, concat('maildir:storage=', quota/1024) AS quota FROM mailbox WHERE username = '%u' AND active='1' .. # 1.2.9: /etc/dovecot/dovecot.conf You're using v1.0's quota configuration with v1.2. All of your users have unlimited quota currently. You'll need quota_rules, see wiki. thanks a lot. I check my 1.2 configuration -- Jean-Max Reymond Éruption de l'Etna: http://jmreymond.free.fr/Etna2002
Re: [Dovecot] missing +r perm:
The error message was caused by the missing hardlinks when migrating mail over scp. I made a tar of the mail and then scped it. Worked fine. On Thu, 2011-07-07 at 14:21 -0500, Max Dunlap wrote: Oh, well. I'll take what I can get at this point. On Thu, 2011-07-07 at 15:17 -0400, Charles Marcus wrote: On 2011-07-07 3:03 PM, Max Dunlap wrote: sudo dovecot -n: http://pastie.org/2179100 The error message in mail.log: http://pastie.org/2179032 You're much better off just pasting the output of these into the email body - lost of people won't go to the trouble of clicking links like these...
Re: [Dovecot] missing +r perm:L
Alright, I think I understand. By fixing the other side do you mean I could add mail_uid=0 and mail_gid=0 in dovecot.conf? to match the current mails permissions. We are migrating a server over and we ran into this snag when transferring Maildirs over On Fri, 2011-07-08 at 10:12 +0200, Thomas Leuxner wrote: On Thu, Jul 07, 2011 at 02:52:55PM -0500, Max Dunlap wrote: The permissions are: -rw--- 1 root root 7609 2011-07-05 16:06 /home/dlambert/Maildir/cur/msg.COmK:2,ST What's so difficult about this? [ Log excerpt ] Jul 7 13:44:18 mail-breakaway dovecot: IMAP(dlambert): open(/home/dlambert/Maildir/cur/msg.COmK:2,ST) failed: Permission denied (euid=1002(dlambert) egid=1002(dlambert) missing +r perm: /home/dlambert/Maildir/cur/msg.COmK:2,ST) [ Conf excerpt ] auth default: passdb: driver: pam userdb: driver: passwd You are accessing the maildir structure using UID 1002 but the directory is owned by UID 1. Needs to be fixed on either side... Please visit these links and have a look at the quote below: http://wiki.dovecot.org/PasswordDatabase/PAM http://wiki.dovecot.org/AuthDatabase/Passwd [...] This uses the UID and GID fields from passwd, but home directory is overridden. Also the default mail_location setting is overridden. Thomas
Re: [Dovecot] missing +r perm:L
ls -lan: -rw--- 1 1002 1002 1148 2011-07-05 16:11 msg.zSMF:2,S This file is owned by 1002 not 1 or 0 On Fri, 2011-07-08 at 10:12 +0200, Thomas Leuxner wrote: On Thu, Jul 07, 2011 at 02:52:55PM -0500, Max Dunlap wrote: The permissions are: -rw--- 1 root root 7609 2011-07-05 16:06 /home/dlambert/Maildir/cur/msg.COmK:2,ST What's so difficult about this? [ Log excerpt ] Jul 7 13:44:18 mail-breakaway dovecot: IMAP(dlambert): open(/home/dlambert/Maildir/cur/msg.COmK:2,ST) failed: Permission denied (euid=1002(dlambert) egid=1002(dlambert) missing +r perm: /home/dlambert/Maildir/cur/msg.COmK:2,ST) [ Conf excerpt ] auth default: passdb: driver: pam userdb: driver: passwd You are accessing the maildir structure using UID 1002 but the directory is owned by UID 1. Needs to be fixed on either side... Please visit these links and have a look at the quote below: http://wiki.dovecot.org/PasswordDatabase/PAM http://wiki.dovecot.org/AuthDatabase/Passwd [...] This uses the UID and GID fields from passwd, but home directory is overridden. Also the default mail_location setting is overridden. Thomas
Re: [Dovecot] missing +r perm:L
Ubuntu 10.04 On Fri, 2011-07-08 at 23:37 +0300, Timo Sirainen wrote: SELinux? On 8.7.2011, at 23.32, Max Dunlap wrote: ls -lan: -rw--- 1 1002 1002 1148 2011-07-05 16:11 msg.zSMF:2,S This file is owned by 1002 not 1 or 0 On Fri, 2011-07-08 at 10:12 +0200, Thomas Leuxner wrote: On Thu, Jul 07, 2011 at 02:52:55PM -0500, Max Dunlap wrote: The permissions are: -rw--- 1 root root 7609 2011-07-05 16:06 /home/dlambert/Maildir/cur/msg.COmK:2,ST What's so difficult about this? [ Log excerpt ] Jul 7 13:44:18 mail-breakaway dovecot: IMAP(dlambert): open(/home/dlambert/Maildir/cur/msg.COmK:2,ST) failed: Permission denied (euid=1002(dlambert) egid=1002(dlambert) missing +r perm: /home/dlambert/Maildir/cur/msg.COmK:2,ST) [ Conf excerpt ] auth default: passdb: driver: pam userdb: driver: passwd You are accessing the maildir structure using UID 1002 but the directory is owned by UID 1. Needs to be fixed on either side... Please visit these links and have a look at the quote below: http://wiki.dovecot.org/PasswordDatabase/PAM http://wiki.dovecot.org/AuthDatabase/Passwd [...] This uses the UID and GID fields from passwd, but home directory is overridden. Also the default mail_location setting is overridden. Thomas
Re: [Dovecot] missing +r perm:L
I turned on more debugging: Jul 8 15:45:18 mail-breakaway dovecot: imap-login: Login: user=ilambert, method=PLAIN, rip=173.11.172.145, lip=173.11.172.148, TLS Jul 8 15:45:18 mail-breakaway dovecot: IMAP(ilambert): Effective uid=1001, gid=1001, home=/home/ilambert Jul 8 15:45:18 mail-breakaway dovecot: IMAP(ilambert): cydir: mailbox location not given Jul 8 15:45:18 mail-breakaway dovecot: IMAP(ilambert): cydir: Couldn't create mail storage : Root mail directory not given Jul 8 15:45:18 mail-breakaway dovecot: IMAP(ilambert): dbox: mailbox location not given Jul 8 15:45:18 mail-breakaway dovecot: IMAP(ilambert): dbox: Couldn't create mail storage : Root mail directory not given Jul 8 15:45:18 mail-breakaway dovecot: IMAP(ilambert): maildir: root exists (/home/ilambert/Maildir) Jul 8 15:45:18 mail-breakaway dovecot: IMAP(ilambert): maildir++: root=/home/ilambert/Maildir, index=, control=, inbox=/home/ilambert/Maildir Jul 8 15:46:07 mail-breakaway dovecot: IMAP(ilambert): Namespace : Using permissions from /home/ilambert/Maildir: mode=0700 gid=-1 Jul 8 15:46:08 mail-breakaway dovecot: IMAP(ilambert): open(/home/ilambert/Maildir/cur/msg.0umK:2,S) failed: Permission denied (euid=1001(ilambert) egid=1001(ilambert) missing +r perm: /home/ilambert/Maildir/cur/msg.0umK:2,S) Jul 8 15:46:08 mail-breakaway dovecot: IMAP(ilambert): open(/home/ilambert/Maildir/cur/msg.0umK:2,S) failed: Permission denied (euid=1001(ilambert) egid=1001(ilambert) missing +r perm: /home/ilambert/Maildir/cur/msg.0umK:2,S) Jul 8 15:46:08 mail-breakaway dovecot: IMAP(ilambert): Disconnected: Internal error occurred. Refer to server log for more information. [2011-07-08 15:46:08] bytes=236/181183 On Fri, 2011-07-08 at 15:40 -0500, Max Dunlap wrote: Ubuntu 10.04 On Fri, 2011-07-08 at 23:37 +0300, Timo Sirainen wrote: SELinux? On 8.7.2011, at 23.32, Max Dunlap wrote: ls -lan: -rw--- 1 1002 1002 1148 2011-07-05 16:11 msg.zSMF:2,S This file is owned by 1002 not 1 or 0 On Fri, 2011-07-08 at 10:12 +0200, Thomas Leuxner wrote: On Thu, Jul 07, 2011 at 02:52:55PM -0500, Max Dunlap wrote: The permissions are: -rw--- 1 root root 7609 2011-07-05 16:06 /home/dlambert/Maildir/cur/msg.COmK:2,ST What's so difficult about this? [ Log excerpt ] Jul 7 13:44:18 mail-breakaway dovecot: IMAP(dlambert): open(/home/dlambert/Maildir/cur/msg.COmK:2,ST) failed: Permission denied (euid=1002(dlambert) egid=1002(dlambert) missing +r perm: /home/dlambert/Maildir/cur/msg.COmK:2,ST) [ Conf excerpt ] auth default: passdb: driver: pam userdb: driver: passwd You are accessing the maildir structure using UID 1002 but the directory is owned by UID 1. Needs to be fixed on either side... Please visit these links and have a look at the quote below: http://wiki.dovecot.org/PasswordDatabase/PAM http://wiki.dovecot.org/AuthDatabase/Passwd [...] This uses the UID and GID fields from passwd, but home directory is overridden. Also the default mail_location setting is overridden. Thomas
Re: [Dovecot] missing +r perm:L
Unknown user. I don't believe ubuntu operates like that and requires a word username. On Fri, 2011-07-08 at 16:27 -0500, Matt Rude wrote: On 7/8/2011 3:47 PM, Max Dunlap wrote: Jul 8 15:46:08 mail-breakaway dovecot: IMAP(ilambert): open(/home/ilambert/Maildir/cur/msg.0umK:2,S) failed: Permission denied (euid=1001(ilambert) egid=1001(ilambert) missing +r perm: /home/ilambert/Maildir/cur/msg.0umK:2,S) when ran as root, what dose the below command show? sudo -u 1001 ls -l /home/ilambert/Maildir/cur/msg.0umK:2,S -Matt
[Dovecot] missing +r perm:
This is probably a really simple issue but I am not sure how to tackle it. sudo dovecot -n: http://pastie.org/2179100 The error message in mail.log: http://pastie.org/2179032 Dovecot.conf says: mail_privileged_group: mail I thought of added the user dovecot to the group mail in hopes of solving the permissions problem, but it didn't seem to make a difference. Any ideas?
Re: [Dovecot] missing +r perm:
Oh, well. I'll take what I can get at this point. On Thu, 2011-07-07 at 15:17 -0400, Charles Marcus wrote: On 2011-07-07 3:03 PM, Max Dunlap wrote: sudo dovecot -n: http://pastie.org/2179100 The error message in mail.log: http://pastie.org/2179032 You're much better off just pasting the output of these into the email body - lost of people won't go to the trouble of clicking links like these...
Re: [Dovecot] missing +r perm:
The permissions are: -rw--- 1 root root 7609 2011-07-05 16:06 /home/dlambert/Maildir/cur/msg.COmK:2,ST The same as another mail machine we have up (making a transition) I'm not sure who to find out who dovecot is running as: -rwxr-xr-x 1 root root 217240 2011-06-07 00:03 /usr/sbin/dovecot root maybe? Thanks so far On Thu, 2011-07-07 at 14:43 -0500, Matt Rude wrote: On 7/7/2011 2:03 PM, Max Dunlap wrote: Jul 7 13:44:18 mail-breakaway dovecot: IMAP(dlambert): open(/home/dlambert/Maildir/cur/msg.COmK:2,ST) failed: Permission denied (euid=1002(dlambert) egid=1002(dlambert) missing +r perm: /home/dlambert/Maildir/cur/msg.COmK:2,ST) The error message is telling you that the dovecot program can't open /home/dlambert/Maildir/cur/msg.COmK:2,ST. What are the permissions of that file? Who is dovecot running as? Can the user dovecot is running as read that file? -Matt
[Dovecot] Sieve segfault on sieve-before scripts
I use dovecot 1.2.4 release with sieve 0.1.12 If I setup sieve-before script and latest script contains keep at the very end and no personal scripts found then segfault take place. here is part of exim log: 2009-09-01 18:43:06 1MiUZA-0005V9-IB ** ivanov_ma...@domain.my ad...@domain.my R=localuser T=local_delivery: Child process of local_delivery transport (running command /usr/libexec/dovecot/deliver -d $local_part) was terminated by signal 11 (Segmentation fault) Once I remove keep from end of latest sieve-before script, everything goes fine. Here is latest global sieve script: # cat /etc/dovecot1.2/sieve-before.d/020-SENT-STORE.sieve require [imap4flags]; if header :contains X-Set-Seen [Yes, YES, 1] { setflag \\Seen; } #keep;
[Dovecot] dovecot 1.2.3: TB fails to unsubscribe folder after deletion
Hi, I'm running dovecot 1.2.3 with imap_client_workarounds = tb-extra-mailbox-sep and noticed that after deleting a folder (moving to Trash and emptying it on exit) that folder in Trash still keeps subscribed. I think the reason for that behavior is that the call for mailbox_list_set_subscribed() in imap/cmd-subscribe.c (line 84) is fed with the original mailbox name and not the stripped version in verify_name. Assigning verify_name to mailbox in the workaround-conditional fixes this issue for me. I'm not very familiar with C programming but while tracing cmd_subscribe_full() I stumbled upon another thing. In mail_namespace_find_mask() (lib-storage/mail-namespace.c at line 413) mailbox is reassigned with a local string (not t_strduped). I think this might be a problem when mailbox is dereferenced after returning from that function?! .max
Re: [Dovecot] dovecot 1.2.3: TB fails to unsubscribe folder after deletion
Max Dittrich wrote: I'm not very familiar with C programming but while tracing qed cmd_subscribe_full() I stumbled upon another thing. In mail_namespace_find_mask() (lib-storage/mail-namespace.c at line 413) mailbox is reassigned with a local string (not t_strduped). I think this might be a problem when mailbox is dereferenced after returning from that function?! Looks like the string INBOX isn't allocated from the stack. ;) .max
[Dovecot] How to rebuild index?
I've deleted some mails using my handmade tool, it deletes some files in cur subdir, but deleted messages are still appear in thunderbird. I believe that's because of stale index file. Is it safe to delete dovect.index? Or what else should I delete/modify to make TB view in sync with real state of filesystem?
Re: [Dovecot] Corrupted index cache file issues (Corrupted physical size)
Dovecot never modifies the S= field, even when it notices that it's wrong. So it's your LDA that writes them wrong. Is it ok to rename all files deleting S= and W= fields if no keywords was used?
Re: [Dovecot] Capability problems dovecot 2.0
The alternative that I'm thinking right now is that in the pre-login process Dovecot would only advertise those capabilities that are actually useful before login. Then after login it would send an updated capability reply to the client. The important question here is: Are there any clients that don't update their capabilities? RFC says: A server MAY send capabilities automatically, by using the CAPABILITY response code in the initial PREAUTH or OK responses, and by sending an updated CAPABILITY response code in the tagged OK response as part of a successful authentication. It is unnecessary for a client to send a separate CAPABILITY command if it recognizes these automatic capabilities. So that's valid approach and any client should support it.
Re: [Dovecot] v3.0 architecture
The big problem is what the protocol should be. Use some existing RPC protocol? It should be something extensible so that a plugin in imap process can talk to a plugin in storage process, without the base processes knowing anything about the details (e.g. imap-quota plugin asking quota usage from storage's quota plugin). Googles Protocol Buffers offer both flexibility and speed.
Re: [Dovecot] v3.0 architecture
Protocol buffers are Google's ... blah-blah-blah ... using a variety of languages - Java, C++, or Python. I can't find good old plain C in this variety of languages :( Protocol buffers is flexible message format specification, there are plenty implementations of it , including C based: http://code.google.com/p/protobuf-c/
[Dovecot] What does a flag in Maildir format mean?
Here is sample filename from Maildir: 1243423383.M745917P32169.termserv1,W=1295:2,Sa 1) why there is no S=size field? It definetely differs from 1295.I've not quota plugin, could it be the reason of this? 2) what does a flag mean? I not found any description of this neither in Maildir spec nor on the Dovecot wiki.
Re: [Dovecot] pop3 gives a permission denied error on chdir
If strace says chdir() failed with EACCES, the only way it could be something else is if kernel is buggy or there is some kernel security module preventing the access. Or dovecot doesn't change uid to user one and still acts as dovecot user, but its unlikely to be true
Re: [Dovecot] [bug] dovecot 1.1.15: segfault after message move
Once more, I changed the behavior so that I actually understand how it works now :) http://hg.dovecot.org/dovecot-1.1/rev/c3612800cb90 Does it affects 1.2 version?
Re: [Dovecot] status=bounced (Command died with signal 11: /usr/lib/dovecot/deliver
I suppose there's no core file in the user's home directory? Why? Doesnt them should be autocreated if ulimit -c is defined and kernel.core_pattern != /dev/null ?
[Dovecot] National symbols imap search
How does imap server should handle search requests with non latin symbols? Rightnow thunderbird 2.0.0.21 and dovecot1.2rc3 are unable to find any message if I try to search for cyrillic symbols. fts, and squat plugins are enabled
[Dovecot] How to manage Seen flags via sieve?
I use public namespace for group mailboxes. If someone sends email from this mailbox , MTA detects it and delivers copy of that message to mailbox/Sent folder, to keep history of all messages available for every group member. I'd like to set Seen flag on all messages that dovecots deliver puts into Sent folder. Is it posible somehow?
[Dovecot] Multiple dovecot versions side-by-side
I'm current maintainer of dovecot packages in ALTLinux distro and I plan to make possible to install multiple dovecot versions side-by-side (1.0, 1.1, 1.2) to make upgrade process easier and more robust. Is there any consequences of doing that? I worry about locking maildirs and mboxes, does dovecot handle it correctly if another dovecot process tries to work on same mail location?
[Dovecot] Unable to delete folder in public namespace
I use public namespace for group mailboxes. Users are able to create subfolders , but its impossible to delete them. thunderbird 2.0.0.21 complains: Cant' rename mailbox to another storage type, both namespaces (private and public) use same storage type, so I believe that it's a namespace problem. Is there any way to move folders between namespaces? Or maybe sieve script or plugin which intercept move command and do the move to some unsibscribible folder in public namespace.
[Dovecot] Unable to subscribe to newly created subfolders under public mailboxes with acl plugin enabled
I've group namespace and b2b mailbox under it. I'm unable to subscribe to it and deliver emails there. Here is my problem: if I create subfolder (lets name it subf) under b2b mailbox I'm unable to subscribe to it until acl plugin is enabled. Even if I put dovecot-acl file in .b2b.subf folder with anyone full rights dovecot-acl-list doesn't get populated with new subfoler. If I put it there manually I'm able to see subf folder in subscribe dialog in TB, but dovecot-acl-list is regulary updated, isn't it? Updated file is missing subf entry again. If I disable acl plugin everything works fine, but I'd like to keep it enabled. Is it a bug or misconfiguration? My dovecot version is 1.2 rc3 here is dovecot -n authput protocols: imap managesieve ssl: yes ssl_ca_file: /usr/share/ca-certificates/floristCA-cacert.pem ssl_cert_file: /var/lib/ssl/certs/imap.florist.my-cert.pem ssl_key_file: /var/lib/ssl/private/imap.florist.my-key.pem ssl_cipher_list: ALL:!LOW:!SSLv2 disable_plaintext_auth: yes verbose_ssl: yes login_dir: /var/run/dovecot/login login_executable(default): /usr/libexec/dovecot/imap-login login_executable(imap): /usr/libexec/dovecot/imap-login login_executable(managesieve): /usr/libexec/dovecot/managesieve-login login_processes_count: 5 verbose_proctitle: yes first_valid_uid: 1000 mail_privileged_group: mail mail_location: maildir:/var/spool/mail/dovecot/%n:INBOX=/var/spool/mail/dovecot/%n/INBOX mail_debug: yes mail_executable(default): /usr/libexec/dovecot/imap mail_executable(imap): /usr/libexec/dovecot/imap mail_executable(managesieve): /usr/libexec/dovecot/managesieve mail_plugins(default): acl fts fts_squat mail_plugins(imap): acl fts fts_squat mail_plugins(managesieve): mail_plugin_dir(default): /usr/lib/dovecot/modules/imap mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap mail_plugin_dir(managesieve): /usr/lib/dovecot/modules/managesieve namespace: type: private separator: / inbox: yes list: yes subscriptions: yes namespace: type: public separator: / prefix: group/ location: maildir:/var/spool/mail/groupmail list: yes subscriptions: yes auth default: verbose: yes passdb: driver: pam args: session=yes userdb: driver: passwd args: blocking=yes socket: type: listen client: path: /var/run/dovecot/auth-client mode: 432 master: path: /var/run/dovecot/auth-master mode: 438 plugin: acl: vfile lazy_expunge: .EXPUNGED/ .DELETED/ .DELETED/.EXPUNGED/ sieve: ~/.dovecot.sieve sieve_storage: ~/sieve fts: squat fts_squat: partial=4 full=4
Re: [Dovecot] assertion failure when appending
On Tue, 2007-10-15 at 15:01 +0200, Johannes Berg wrote: I get this assertion failure: file maildir-save.c: line 456 (maildir_save_finish): assertion failed: (ctx-seq != 0) My mistake. The quota plugin doesn't have this bug because it overrides box-v.save_init and sets 'want_mail' to TRUE in all cases. This is what I've just implemented in my plugin as well. With this, the last remaining bug that I know of is fixed. Have fun :) johannes You are right. I just rebuilt the latest snapshot and the error disappeared. Thank you for fixing this so quickly. Best regards, Max
Re: [Dovecot] assertion failure when appending
On Tue, 2007-10-02 at 10:45 +0200, Johannes Berg wrote: I get this assertion failure: file maildir-save.c: line 456 (maildir_save_finish): assertion failed: (ctx-seq != 0) once a while when I APPEND messages to a folder. My plugin doesn't touch the ctx, especially not the internal maildir one, but I have no idea where to start looking. Any hints? First, thank you Johannes for your terrific work. I just love the antispam plugin and it's really worth the effort to get it installed. But now to the point, unfortunately I ran into the same issue you mentioned in your mail: Oct 9 11:54:35 server dovecot: IMAP([EMAIL PROTECTED]): file maildir- save.c: line 456 (maildir_save_finish): assertion failed: (ctx-seq != 0) Oct 9 11:54:35 server dovecot: IMAP([EMAIL PROTECTED]): Raw backtrace: imap [0x80a8a4b] - imap(i_info+0) [0x80a899a] - imap(maildir_save_cancel+0) [0x806ca6d] - /usr/lib/dovecot/imap/lib90_antispam_plugin.so [0xb7ef04c6] - imap [0x8056097] - imap [0x805688b] - imap(io_loop_handler_run+0x105) [0x80ae3bf] - imap(io_loop_run+0x1c) [0x80ad6e4] - imap(main+0x4d0) [0x8062b0d] - /lib/libc.so.6(__libc_start_main+0xdc) [0xb7dda824] - imap [0x8055e51] Oct 9 11:54:35 server dovecot: child 27849 (imap) killed with signal 6 This is how I reproduce the problem: 1) Start Outlook 2003 2) Connect to Dovecot 3) Create a new IMAP folder named Sent Items 4) Open my old Outlook.pst data file 5) Copy one message from the old Sent Items folder to the new IMAP folder (Outlook: OK) 6) Copy another message from the old folder to the new folder (Outlook: Failure) 7) Assertion fails and imap child gets killed The problem disappears when I disable the antispam plugin. This is my environment: - Gentoo (stable) - Dovecot 1.0.3 - Antispam plugin from git repository as of October 5 14:33 GMT - Backend is crm114-exec (20060704a-BlameRobert) - Client is Outlook 2003 on Windows XP (SP2) Currently my best guess is that the problem might be related to the fact that the mails Outlook stores in the Sent Items folder are lacking headers. Thanks again for sharing your wonderful work. Best regards, Max
Re: [Dovecot] APOP and CRAM-MD5 in checkpassword module
Ben Schumacher wrote: I would like to see this, too. After digging through the code some, it seems that the major sticking point is that dovecot would prefer to do the CRAM-MD5 internally and therefore expects to have access to the password in plaintext and doesn't pass the timestamp on to checkpassword... There is no way to use CRAM-MD5 without having the password stored in plaintext locally; it is a design feature since the hash is calculated using a different server key every time. vpopmail can store the password in plain-text.
Re: [Dovecot] v1.0.0 released
Congratulations, thanks for great job! :) http://dovecot.org/releases/dovecot-1.0.0.tar.gz http://dovecot.org/releases/dovecot-1.0.0.tar.gz.sig It took almost 5 years, but it's finally ready. I'm not expecting to release v1.0.1 anytime soon, unless someone's been sitting on a major bug just waiting for v1.0 to be released. :) People wanting new features should start testing the upcoming v1.1. http://dovecot.org/nightly/ contains now snapshots from CVS HEAD. It already has tons of new features. I've been using it myself for half a year, so it should be mostly stable too. I'll write a separate mail about this later.
[Dovecot] APOP and CRAM-MD5 in checkpassword module
Still a bit more fixes. My coding TODO list is again empty. Whether it is possible to add APOP and CRAM-MD5 in the checkpassword-module? Original qmail-popup is able APOP, and smtp-auth patch (http://www.fehcom.de/qmail/smtpauth.html) can use CRAM-MD5, accordingly, vckpw from vpopmail understands both these of a method. Very much would be desirable, that these two methods were in dovecot (in chackpassword-module). --- М. Alhimenko.
[Dovecot] [PATCH 3/5] make bsearch return the new index
On 2007/03/15 12:30, Timo Sirainen [EMAIL PROTECTED] wrote: That's ok, but I'm not sure about bsearch_insert_pos(). It's the way it is mostly because I wanted to keep bsearch() API. If it can't return void * then maybe it could be easier to just change the whole API to something like: /* If key is found, returns TRUE and sets pos_r to the position where the key was found. If key isn't found, returns FALSE and sets pos_r to the position where the key should be inserted. */ bool bsearch_insert_pos(const void *key, const void *base, unsigned int nmemb, size_t size, int (*cmp)(const void *, const void *), unsigned int *pos_r); Because that's how it's usually used anyway, so it probably makes the code simpler also. Hmm. And maybe s/pos/idx/ :) --- src/lib-index/mailbox-list-index-sync.c| 25 ++--- src/lib-storage/index/dbox/dbox-keywords.c | 13 - src/lib-storage/index/dbox/dbox-uidlist.c | 20 ++-- src/lib-storage/index/index-sort.c | 22 -- src/lib/bsearch-insert-pos.c | 23 +++ src/lib/bsearch-insert-pos.h |5 +++-- src/plugins/fts-squat/squat-trie.c | 25 - 7 files changed, 70 insertions(+), 63 deletions(-) diff --git a/src/lib-index/mailbox-list-index-sync.c b/src/lib-index/mailbox-list-index-sync.c index af089c6..aec85d8 100644 --- a/src/lib-index/mailbox-list-index-sync.c +++ b/src/lib-index/mailbox-list-index-sync.c @@ -66,7 +66,6 @@ struct mailbox_list_index_sync_ctx { struct mailbox_list_sync_lookup_key { uint32_t name_hash; const char *name; - bool *match; }; static bool mailbox_list_index_need_compress(struct mailbox_list_index *index); @@ -134,17 +133,13 @@ static int mailbox_list_sync_record_cmp(const void *_key, const void *_rec) { const struct mailbox_list_sync_lookup_key *key = _key; const struct mailbox_list_sync_record *rec = _rec; - int ret; if (key-name_hash rec-name_hash) return -1; if (key-name_hash rec-name_hash) return 1; - ret = strcmp(key-name, rec-name); - if (ret == 0) - *key-match = TRUE; - return ret; + return strcmp(key-name, rec-name); } static struct mailbox_list_sync_record * @@ -152,24 +147,24 @@ mailbox_list_sync_dir_lookup(struct mailbox_list_sync_dir *dir, const char *name, unsigned int *idx_r) { struct mailbox_list_sync_lookup_key key; - const struct mailbox_list_sync_record *recs; - struct mailbox_list_sync_record *rec; + struct mailbox_list_sync_record *recs; unsigned int count; bool match; /* binary search the current hierarchy level name. the values are sorted primarily by their hash value and secondarily by the actual name */ - match = FALSE; key.name = name; key.name_hash = crc32_str(name); - key.match = match; - recs = array_get(dir-records, count); - rec = bsearch_insert_pos(key, recs, count, sizeof(*rec), -mailbox_list_sync_record_cmp); - *idx_r = rec - recs; - return match ? rec : NULL; + recs = array_get_modifiable(dir-records, count); + match = bsearch_insert_pos(key, recs, count, sizeof(*recs), + mailbox_list_sync_record_cmp, + idx_r); + if (!match) + return NULL; + + return recs[*idx_r]; } static struct mailbox_list_sync_record * diff --git a/src/lib-storage/index/dbox/dbox-keywords.c b/src/lib-storage/index/dbox/dbox-keywords.c index db44890..4e84958 100644 --- a/src/lib-storage/index/dbox/dbox-keywords.c +++ b/src/lib-storage/index/dbox/dbox-keywords.c @@ -23,9 +23,9 @@ static int dbox_keyword_map_compare(const void *p1, const void *p2) int dbox_file_read_keywords(struct dbox_mailbox *mbox, struct dbox_file *file) { - struct keyword_map *map, *pos, kw; + struct keyword_map *map, kw; const char *line; - unsigned int idx, count; + unsigned int idx, count, insert_idx; uoff_t last_offset; if (array_is_created(file-idx_file_keywords)) { @@ -58,10 +58,13 @@ int dbox_file_read_keywords(struct dbox_mailbox *mbox, struct dbox_file *file) /* look up the position where to insert it */ map = array_get_modifiable(file-idx_file_keywords, count); - pos = idx == 0 ? map : + if (idx == 0) + insert_idx = 0; + else bsearch_insert_pos(kw, map, count, sizeof(*map), - dbox_keyword_map_compare); - array_insert(file-idx_file_keywords, pos - map, kw, 1); +