Re: Share
On 2023-05-26 22:59, lie...@bfh.ch wrote: May 26 21:57:06 imap(mutt)<16>: Error: Mailbox Public/archive: open() failed with mbox: Read-only file system. /etc/dovecot/dovecot.conf: mail_uid=1000 mail_gid=1000 namespace { type = public prefix = Public/ location = mbox:/var/mail/:INDEX=/var/indexes/public subscriptions = no } Might be worth also setting the location of control files: location = mbox:/var/mail/:INDEX=/var/indexes/public:CONTROL=/var/control/%u Where /var/control is writable by uid 1000. https://doc.dovecot.org/configuration_manual/mail_location/mbox/ Has this to say about mbox control files: "Under mbox format, Dovecot maintains the subscribed mailboxes list in a file .subscriptions which by default is stored in the mail location root. So in the example configuration this would be at ~/mail/.subscriptions. If you want to put this somewhere else, you can change the directory in which the .subscriptions file is kept by using the CONTROL parameter." Also this: https://doc.dovecot.org/admin_manual/mailbox_formats/mbox Describes various file locking requirements for mbox format. https://doc.dovecot.org/configuration_manual/mail_location/mbox/mboxlocking Seems dovecot is going to check if it can create a .lock file (or otherwise lock the file using flock()) A couple of workarounds are described there. As the docs note, mbox isn't a great format to do this with. You might also like to investigate Dovecot access lists to make 'read only' folders etc: https://doc.dovecot.org/configuration_manual/acl Rob ___ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-le...@dovecot.org
Trivial Pigeonhole patch: allow X-Original-From header for address tests
Motivated by more DMARC silliness, naturally. -RobFrom 8554e5f6882a49f946ca6c6de5a483bdb02757cb Mon Sep 17 00:00:00 2001 From: Rob Foehl Date: Wed, 22 Jun 2022 23:27:46 -0400 Subject: [PATCH] lib-sieve: Allow X-Original-From header for the address test Some systems (e.g. Google Groups) replace the From header when resending mail from domains with DMARC records, copying the original to X-Original-From and otherwise obfuscating the author's address. --- src/lib-sieve/tst-address.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/lib-sieve/tst-address.c b/src/lib-sieve/tst-address.c index 086679df..c8dcb657 100644 --- a/src/lib-sieve/tst-address.c +++ b/src/lib-sieve/tst-address.c @@ -115,7 +115,7 @@ static const char * const _allowed_headers[] = { "abuse-reports-to", "x-complaints-to", "x-report-abuse-to", /* Undocumented */ - "x-beenthere", "x-original-to", + "x-beenthere", "x-original-from", "x-original-to", NULL }; -- 2.36.1
Moving old emails to Gmail
I have a backup of mail messages I have from back when i was in school using pine and I want to have them imported to my Gmail. So I set up dovecot and my Gmail can access it just fine but it can't find anything except my inbox (which I can't even find). I've moved my mail directory and I can view the emails using alpine but I cannot view my inbox using alpine. Also, although Gmail can get my new test messages, it can't find the messages in ~/mail where I am viewing them with alpine. How do I make it so Gmail can pull from ~/mail or ~/Maildir because I also converted the messages in ~/mail to ~/Maildir format but although I've tried mail_location = mbox:~/mail mail_location = mbox:~/Maildir mail_location = maildir:~/mail and mail_location = maildir:~/Maildir None of this worked but mail_location = maildir:~/Maildir is the only one that will at least allow me to get test messages in my inbox which Gmail can then pull. How do I resolve these issues? ~ In all things, Be Intentional.
Unable to find mail
I just installed dovecot and it seems to be working well except I can't find where my new mail is being stored. ~ In all things, Be Intentional.
Re: Ms Exchange vs dovecot
On 12-05-2020 15:45, Michael Hirmke wrote: Hi Robert, Hi, sorry for top post but short answer is ,there is no exchange without outlook, that is what makes exchange a good "groupware solution", on windows only. So compare it to dovecot makes only small sense. you can use Exchange with pure IMAP clients, too, but then you lose all groupware functionality, because it doesn't offer any DAV interface. But: You can use a few Linux clients, that support EWS (Exchange Web Services) and don't lose groupware functions. I tested Kontact and Evolution - and both worked fine. You can also run e.g. Nextcloud to get carddav, caldav, webdav, etc, etc. -- Rob
Re: [Dovecot-news] Headsup on feature removal
On 18-03-2020 22:55, Noel Butler wrote: On 19/03/2020 03:56, JAVIER MIGUEL RODRIGUEZ wrote: I fully agree with this: Please consider holding off on removing features for the next major release, 2.4.0 instead. It makes sense to retain, in as much as is possible, feature backwards compatibility across a major release. I'm astonished that features are being removed in a dot release as well, no other major project does this, hell, most don't like adding new features in dot releases let alone stripping them out. None of the listed changes affect me that I can see, but I've been around a long time and I'm flabbergasted that someone actually approved this on dot release. Now although there is no real need for them to further upgrade to ensure business continuity, if a serious exploit is released in the wild they highly likely will get bitten. Stripping everything else at once in a new major is perfectly acceptable, and, is the norm. I have to say that I also cannot understand why you're going to remove features from a dot release. You can give the heads-up here, but it is not common-practice and will very likely break a lot of setups. It's understandable that you want to remove features that are hardly used or maintained, but not in a dot release. Please reconsider this removal, and remove those features as of the next major release. -- Kind regards, Rob
lda: Unknown mail storage driver maildir
hi all, I have a successful (self-compiled from source code) Dovecot v2.2.16 setup active on my Solaris-10 server, with mails stored in user's $HOME/Maildir The mails are fetched from the ISP with "fetchmail", using a "cron" job fetchmail -f $HOME/etc/pop3.myisp where the file "$HOME/etc/pop3.myisp" contains set logfile fetchmail.log poll pop.myisp.be with proto POP3 user myIspmailLogin there with password myIspPwd is rob here nokeep mda "/programs-3.2/amd64/64/libexec/dovecot/deliver" Now I want to get it also running on a Debian server, with the same Dovecot version, and exactly the same config files, but here I get the following messages in "/var/log/mail.log" when launching a "fetchmail" attempt : Mar 17 14:36:20 apps_b dovecot: lda(rob): Debug: Effective uid=1000, gid=1000, home=/home/rob Mar 17 14:36:20 apps_b dovecot: lda(rob): Debug: Namespace inbox: type=private, prefix=, sep=, inbox=no, hidden=no, list=yes, subscriptions=yes location=maildir:~/Maildir Mar 17 14:36:20 apps_b dovecot: lda(rob): Error: User initialization failed: Namespace '': Unknown mail storage driver maildir Mar 17 14:36:20 apps_b dovecot: lda(rob): Fatal: Invalid user settings. Refer to server log for more information. So it seems to be complaining about "maildir" storage driver ?! My config is: # /programs/3.4/x86_64/64/sbin/dovecot -n -c /usr/local/dovecot/dovecot.conf # 2.2.16: /usr/local/dovecot/dovecot.conf # OS: Linux 3.16.0-4-amd64 x86_64 Debian 8.4 disable_plaintext_auth = no first_valid_gid = 1000 first_valid_uid = 1000 last_valid_gid = 1500 last_valid_uid = 2000 mail_debug = yes mail_location = maildir:~/Maildir namespace inbox { location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = * driver = pam } postmaster_address = r...@mydomain.be ssl_cert =
Re: Virtual mailbox shows mails that are too old
Another workaround that worked for me with this is using INDEX=MEMORY in your virtual folder setup. On Tue, 19 Feb 2019 10:19:56 +0200 (EET) Aki Tuomi via dovecot wrote: > Hi, this is a known issue unfortunately. You can try do doveadm index > -u victim 'Virtual/*' > > Aki > On 19 February 2019 09:46 Stefan Hagen via dovecot < > dovecot@dovecot.org> wrote: > > > > > > Hello, > > > > I'm using dovecot on my personal / private email server. > > I have set up virtual mailboxes in my inbox namespace like this: > > > > namespace inbox { > > inbox = yes > > prefix = "Virtual/" > > separator = / > > location = > > "virtual:~/.emails_virtual:LAYOUT=fs:INDEX=dovecot.virtual.index:LISTINDEX=dovecot.virtual.list.index" > > list = yes subscriptions = yes > > mailbox { > > auto = subscribe > > } > > } > > > > I had quite some trouble with it at first with UIDs changing all the > > time, but after adding INDEX and LISTINDEX it started to work just > > fine. > > > > I've created dovecot_virtual files like this one: > > $ cat ~/.emails_virtual/2-LastDay/dovecot-virtual > > * > > -Trash > > -Sent > > -Drafts > > -Spam > > -Virtual > > -Virtual/* > > all younger 86400 > > > > After stopping dovecot and deleting the index files and restarting > > dovecot, the virtual mailbox shows all mail from the last day - as > > expected. But after one day, it shows mail from two days. After > > three, it shows mails from three days. > > > > It looks like dovecot selects emails from the last day, but never > > cleans out emails that are older, once they have been selected. > > > > My full dovecot -n can be found here: > > https://codevoid.de/?q=/0/p/dovecot-n.txt > > > > Any ideas about what could be wrong? > > > > Best Regards, > > Stefan > > > > -- > > Stefan Hagen | (gopher|https)://codevoid.de(/gpg) > > CBD3 C468 64B4 6517 E8FB B90F B6BC 2EC5 52BE 43BA > > > --- > Aki Tuomi >
Re: Virtual Mailboxes redux
Hi there! I've had success using "doveadm mailbox list" to verify that my virtual mailboxes are showing up, and using "doveadm search mailbox $VIRTUAL_MAILBOX" to print out which mails are in a folder. -Rob On Tue, 6 Mar 2018 11:40:13 -0700 "@lbutlr" <krem...@kreme.com> wrote: > I’ve created virtual mailboxes in dovecot, and they show up in > various clients, but the folders contain no messages. (I will get an > ‘empty” folder icon named “@virtual” and an empty folder icon named > “month” inside it. Is there a way I can verify what dovecot THINKS > should be in the virtual folder via doveadm? > > <https://www.dropbox.com/s/hd4wnjrs3y5iswi/Screenshot%202018-03-06%2011.38.25.png?dl=0> > > # cat /usr/local/etc/dovecot/virtual/month/dovecot-vitual > # ~/Maildir/virtual/month/dovecot-virtual > * > all younger 2678400 > > # doveconf -n > # 2.2.33.2 (d6601f4ec): /usr/local/etc/dovecot/dovecot.conf > # Pigeonhole version 0.4.21 (92477967) > # OS: FreeBSD 11.1-RELEASE-p4 i386 > auth_failure_delay = 5 secs > auth_mechanisms = PLAIN LOGIN > default_client_limit = 4096 > default_process_limit = 1024 > default_vsz_limit = 768 M > disable_plaintext_auth = no > first_valid_uid = 89 > imap_id_log = * > lda_mailbox_autocreate = yes > lda_mailbox_autosubscribe = yes > login_log_format_elements = user=<%u> %r %m %c > mail_location = maildir:~/Maildir > mail_max_userip_connections = 90 > mail_plugins = " virtual" > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope > encoded-character vacation subaddress comparator-i;ascii-numeric > relational regex imap4flags copy include variables body enotify > environment mailbox date index ihave duplicate mime foreverypart > extracttext imapsieve vnd.dovecot.imapsieve namespace { location = > virtual:/usr/local/etc/dovecot/virtual:INDEX=~/Maildir/virtual:CONTROL=~/Maildir/virtual > prefix = @virtual. separator = . } namespace inbox { > inbox = yes > location = > mailbox Archive { > auto = subscribe > special_use = \Archive > } > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > auto = subscribe > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = > } > passdb { > driver = pam > username_filter = !*@* > } > passdb { > args = /usr/local/etc/dovecot/dovecot-sql.conf.ext > driver = sql > } > plugin { > imapsieve_mailbox1_before = > file:/usr/lib/dovecot/sieve/report-spam.sieve > imapsieve_mailbox1_causes = COPY imapsieve_mailbox1_name = Junk > imapsieve_mailbox2_before = > file:/usr/lib/dovecot/sieve/report-ham.sieve > imapsieve_mailbox2_causes = COPY imapsieve_mailbox2_from = Junk > imapsieve_mailbox2_name = * > sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.environment > sieve_pipe_bin_dir = /usr/lib/dovecot/sieve > sieve_plugins = sieve_imapsieve sieve_extprograms > } > protocols = imap pop3 > service auth { > unix_listener /var/spool/postfix/private/auth { > mode = 0666 > } > } > service imap-login { > inet_listener imaps { > port = 993 > ssl = yes > } > } > service pop3-login { > inet_listener pop3 { > port = 0 > } > inet_listener pop3s { > port = 995 > ssl = yes > } > } > ssl_cert = ssl_key = # hidden, use -P to show it > ssl_protocols = !SSLv2 !SSLv3 > userdb { > driver = passwd > } > userdb { > args = /usr/local/etc/dovecot/dovecot-sql.conf.ext > default_fields = uid=vpopmail gid=vchkpw > mail_location=/usr/local/virtual/%u > mail=maildir:/usr/local/virtual/%u driver = sql } > protocol imap { > mail_plugins = " virtual imap_sieve" > } > >
Re: Using virtual folders with younger and index files
Hi David, Sorry, I do not - I just have two virtual folders that hold the last two weeks of mail, plus one that holds flagged mails. -Rob On Tue, 27 Feb 2018 23:50:11 -0500 David Mehler <dave.meh...@gmail.com> wrote: > Hello Rob, > > Do you by chance have a virtual/All folder which holds all your > messages? If so, could I see that configuration? > > Thanks. > Dave. > > > On 2/27/18, Rob Hoelz <rob+dove...@hoelz.ro> wrote: > > Hi list, > > > > I just encountered a problem while using dovecot's Virtual plugin > > with 2.3.0. I managed to solve the issue, > > but I wanted to bring it to the attention of others on the list to > > see if there exists a better solution, if > > I found a bug, or if it's just a matter of updating documentation. > > > > I have a virtual folder to get the most recent two weeks of mails; > > it looks something like this: > > > >> INBOX > >> all younger 1209600 > > > > I made this folder back in October. Lately, I started to notice > > that the virtual folder had a surprising amount > > of mail in it - I don't get 1,000 e-mails per week! After some > > doveadm commands, I realized that e-mails from > > October were still present in my virtual folder! Updating the > > dovecot-virtual would clear away e-mails older than > > two weeks (I needed to actually introduce a change, even if it was > > just whitespace - just touching the file didn't > > update things), and removing the dovecot index file also cleared > > things away. In then end, I ended up just telling > > dovecot to disable on-disk indexes for that folder. > > > > I created this folder based on the examples on > > https://wiki.dovecot.org/Plugins/Virtual - I'm wondering if I found > > a bug or if that page should be changed to recommend disabling > > on-disk indexes when using certain search query filters such as > > "younger". If the latter, I can always make the change - just let > > me know! > > > > -Rob > >
Using virtual folders with younger and index files
Hi list, I just encountered a problem while using dovecot's Virtual plugin with 2.3.0. I managed to solve the issue, but I wanted to bring it to the attention of others on the list to see if there exists a better solution, if I found a bug, or if it's just a matter of updating documentation. I have a virtual folder to get the most recent two weeks of mails; it looks something like this: > INBOX > all younger 1209600 I made this folder back in October. Lately, I started to notice that the virtual folder had a surprising amount of mail in it - I don't get 1,000 e-mails per week! After some doveadm commands, I realized that e-mails from October were still present in my virtual folder! Updating the dovecot-virtual would clear away e-mails older than two weeks (I needed to actually introduce a change, even if it was just whitespace - just touching the file didn't update things), and removing the dovecot index file also cleared things away. In then end, I ended up just telling dovecot to disable on-disk indexes for that folder. I created this folder based on the examples on https://wiki.dovecot.org/Plugins/Virtual - I'm wondering if I found a bug or if that page should be changed to recommend disabling on-disk indexes when using certain search query filters such as "younger". If the latter, I can always make the change - just let me know! -Rob
Re: Dovecot 2.3 - using doveadm as non-root?
On Wed, 3 Jan 2018 13:37:07 -0500 Timo Sirainen <t...@iki.fi> wrote: > On 3 Jan 2018, at 11.38, Rob Hoelz <rob+dove...@hoelz.ro> wrote: > > > > Hi dovecot developers and users, > > > > I recently upgraded my server running Arch Linux to dovecot 2.3.0, > > and I noticed some of my cron jobs started issuing me error > > messages. These cron jobs run as a non-root user associated with > > my mail account, and they use doveadm to tidy things up (ex. > > purging the trash, moving old mail in certain folders into the > > trash). The error message is: > > > >> Error: net_connect_unix(/var/run/dovecot/stats-writer) failed: > >> Permission denied > > > > I assume this is doveadm trying to participate in the new 2.3 stats > > process, and after reading the code a bit, I can't see way to tell > > doveadm to not connect to the stats writer. The socket is owned by > > root with 600 permissions. > > > > What would be the right way to remedy this? AFAICT, I could > > potentially run doveadm as root (which I would prefer to avoid), or > > I could change the permissions on the stats writer socket, but I > > would hate to introduce any sort of security vulnerability by doing > > so. I currently have a scrappy Perl script that just runs doveadm > > and filters out the error message (it doesn't seem to affect the > > behavior of doveadm other than the message), but that feels dirty > > and I would prefer a cleaner solution. Any advice? > > I was wondering what to do about this while developing it. I think > you can disable this by clearing out the socket path: > > doveadm -o stats_writer_socket_path= > > But .. I think the changing the socket permissions is the better > solution. The new stats process should know about everything that is > going on in the system, and these doveadm calls are part of that. So > if they're excluded then the stats aren't exactly correct. The > stats-writer can't do all that much harm other than messing up the > statistics or probably crashing stats process by using up all of its > memory. > Thanks for the advice, Timo - I went ahead and applied the permission change to my dovecot config. On a side note, thanks for dovecot in general - it's a great piece of software! -Rob
Dovecot 2.3 - using doveadm as non-root?
Hi dovecot developers and users, I recently upgraded my server running Arch Linux to dovecot 2.3.0, and I noticed some of my cron jobs started issuing me error messages. These cron jobs run as a non-root user associated with my mail account, and they use doveadm to tidy things up (ex. purging the trash, moving old mail in certain folders into the trash). The error message is: > Error: net_connect_unix(/var/run/dovecot/stats-writer) failed: > Permission denied I assume this is doveadm trying to participate in the new 2.3 stats process, and after reading the code a bit, I can't see way to tell doveadm to not connect to the stats writer. The socket is owned by root with 600 permissions. What would be the right way to remedy this? AFAICT, I could potentially run doveadm as root (which I would prefer to avoid), or I could change the permissions on the stats writer socket, but I would hate to introduce any sort of security vulnerability by doing so. I currently have a scrappy Perl script that just runs doveadm and filters out the error message (it doesn't seem to affect the behavior of doveadm other than the message), but that feels dirty and I would prefer a cleaner solution. Any advice? Thanks, Rob
Re: One way dsync replication with dsync -R
So, even with a particular user only connecting to one node in the pair, you still see the issue? I'm not seeing that in my setup. I only see it when concurrently connecting the same user to two different nodes in the pair. Blessings, Rob Archibald CTO, EndFirst LLC r...@robarchibald.com > On Mar 24, 2017, at 12:50 AM, Wolfgang Hennerbichler <wo...@wogri.com> wrote: > > Rob, > > Unfortunately I don’t think the director will solve this problem. I have a > director in front of my setup and it is configured to point every client to > one server. It didn’t change anything in its behavior. > I also have a setup without a director where the clients are only allowed to > talk to one host (DNS entries control this) - same thing. > > Wolfgang > >> On Mar 22, 2017, at 23:58, Rob Archibald <r...@robarchibald.com> wrote: >> >> Ugh, sorry for the formatting. Not sure what happened when it sent through >> the list. Trying again >> >> Blessings, >> Rob Archibald >> CTO, EndFirst LLC >> r...@robarchibald.com >> >> >> -Original Message- >> From: dovecot [mailto:dovecot-boun...@dovecot.org] On Behalf Of Rob Archibald >> Sent: Wednesday, March 22, 2017 3:55 PM >> To: 'Wolfgang Hennerbichler'; dovecot@dovecot.org >> Subject: RE: One way dsync replication with dsync -R >> >> I'm using dsync successfully to keep two nodes synchronized, but I have the >> same problems as you. When I first set it up, I purposely had my phone >> connected to one node and my desktop connected to the other node. This >> allowed me to watch for the very issues you're referring to. I ran into them >> enough that I quit using it that way. But, what I also found was that it was >> just a timing issue. If they weren't synchronized, I could wait a bit and >> they would get synched up. Obviously that doesn't work too great if you're >> sending clients to both nodes through a load balancer though. But, since it >> was just a timing issue, it also made me feel plenty comfortable using 2-way >> sync. I've been able to verify that whichever node is the "master" that the >> other node will be in sync soon thereafter. It just doesn't work great if >> you're logged into both at the same time. >> >> How does that help you may ask? Well, my plan is to setup Dovecot Director >> on each of my node pairs to enable load balancing that way instead of >> through some other load balancer. Director should ensure that all clients of >> a single user will be directed to the same node. Since I haven't set that up >> yet, I can't guarantee it'll work, but based on my testing and reading, I >> think it should be fine. >> >> The benefits I'm expecting are: >> 1. Redundant and reliable storage with data always in 2 places at once >> >> 2. All devices of a single user always go to the same server so that there >> is no risk of synchronization delays between devices >> >> 3. Local storage connections for Dovecot so hopefully a lot fewer index >> corruption issues compared to NFS >> >> 4. Redundant compute nodes so if one server goes down, clients can still >> connect >> >> >> At a high level, my complete setup that I'm building is to 1. Shard users >> into separate server pairs using Dovecot Proxy, 2. Load-balance them within >> the server pair using Dovecot Director. Hopefully my attempt to explain will >> come out well in ASCII: >> >> Server sharding (however many pairs needed to support users. 4 users each >> obviously only for illustration purposes) = >> >> Server pair 1 (servers A & B) Users 1-4 >> >> Server pair 2 (servers C & D) Users 5-8 >> >> User connections >> = >> User 1 device 1 ---> Load balancer ---> Dovecot proxy A ---> Send to Server >> A running Director ---> Connect on Server A >> >> User 2 device 1 ---> Load balancer ---> Dovecot proxy B ---> Send to Server >> A running Director ---> Connect on Server B >> >> User 5 device 1 ---> Load balancer ---> Dovecot proxy C ---> Send to Server >> C running Director ---> Connect on Server C >> >> User 1 device 2 ---> Load balancer ---> Dovecot proxy D ---> Send to Server >> A running Director ---> Connect on Server A >> >> User 7 device 1 ---> Load balancer ---> Dovecot proxy A ---> Send to Server >> C running Director ---> Connect on Server D >> >> User 6 device 1 ---> Load balancer ---> Dove
Re: The challenge of customizing Dovecot
-- Rob McAninch robmcaninch.com (Sent from my iPhone) > On Mar 22, 2017, at 23:53, Robert Moskowitz <r...@htt-consult.com> wrote: > > > > On 03/22/2017 09:16 PM, Rob McAninch wrote: >>> On Mar 22, 2017, at 18:25, Robert Moskowitz <r...@htt-consult.com> wrote: >>> >>> >>> >>>> On 03/22/2017 11:36 AM, chaouche yacine wrote: >>>> Robert, >>>> >>>> What would be the benefit of using sed against making customized files and >>>> just copying them ? I'd probably just want to copy a working version of >>>> /etc/dovecot/ conf files instead of modifying my existing files with sed >>>> scripts (or create new ones with cat). >>> new options are left unaltered. I learned this with postfix, to use >>> postconf instead of trying to replace main.cf. >>> >>> I thought about mv old confs then cat new confs, but again, there are other >>> things set up, and I worked at changing what needed customization, rather >>> than wholesale replacement. >> Did you consider putting your customization in a local.conf which should be >> tried at the end? Could put whatever explanation in there you want. On a >> system like Debian this would more easily allow the default files to be >> upgraded without intervention. >> > I have not seen any reference to a local.conf. Can you point this out to me? > I will have to see that it is maintained in Centos. But some of the mods > are additions (like plugins) to existing lines. I would have to find out how > those are processed. It is mentioned here http://wiki.dovecot.org/ConfigFile Debian Jessie has the last line of dovecot.conf as: !include_try local.conf -- Rob
Re: The challenge of customizing Dovecot
> On Mar 22, 2017, at 18:25, Robert Moskowitz <r...@htt-consult.com> wrote: > > > >> On 03/22/2017 11:36 AM, chaouche yacine wrote: >> Robert, >> >> What would be the benefit of using sed against making customized files and >> just copying them ? I'd probably just want to copy a working version of >> /etc/dovecot/ conf files instead of modifying my existing files with sed >> scripts (or create new ones with cat). > > new options are left unaltered. I learned this with postfix, to use postconf > instead of trying to replace main.cf. > > I thought about mv old confs then cat new confs, but again, there are other > things set up, and I worked at changing what needed customization, rather > than wholesale replacement. Did you consider putting your customization in a local.conf which should be tried at the end? Could put whatever explanation in there you want. On a system like Debian this would more easily allow the default files to be upgraded without intervention. -- Rob
RE: One way dsync replication with dsync -R
Ugh, sorry for the formatting. Not sure what happened when it sent through the list. Trying again Blessings, Rob Archibald CTO, EndFirst LLC r...@robarchibald.com -Original Message- From: dovecot [mailto:dovecot-boun...@dovecot.org] On Behalf Of Rob Archibald Sent: Wednesday, March 22, 2017 3:55 PM To: 'Wolfgang Hennerbichler'; dovecot@dovecot.org Subject: RE: One way dsync replication with dsync -R I'm using dsync successfully to keep two nodes synchronized, but I have the same problems as you. When I first set it up, I purposely had my phone connected to one node and my desktop connected to the other node. This allowed me to watch for the very issues you're referring to. I ran into them enough that I quit using it that way. But, what I also found was that it was just a timing issue. If they weren't synchronized, I could wait a bit and they would get synched up. Obviously that doesn't work too great if you're sending clients to both nodes through a load balancer though. But, since it was just a timing issue, it also made me feel plenty comfortable using 2-way sync. I've been able to verify that whichever node is the "master" that the other node will be in sync soon thereafter. It just doesn't work great if you're logged into both at the same time. How does that help you may ask? Well, my plan is to setup Dovecot Director on each of my node pairs to enable load balancing that way instead of through some other load balancer. Director should ensure that all clients of a single user will be directed to the same node. Since I haven't set that up yet, I can't guarantee it'll work, but based on my testing and reading, I think it should be fine. The benefits I'm expecting are: 1. Redundant and reliable storage with data always in 2 places at once 2. All devices of a single user always go to the same server so that there is no risk of synchronization delays between devices 3. Local storage connections for Dovecot so hopefully a lot fewer index corruption issues compared to NFS 4. Redundant compute nodes so if one server goes down, clients can still connect At a high level, my complete setup that I'm building is to 1. Shard users into separate server pairs using Dovecot Proxy, 2. Load-balance them within the server pair using Dovecot Director. Hopefully my attempt to explain will come out well in ASCII: Server sharding (however many pairs needed to support users. 4 users each obviously only for illustration purposes) = Server pair 1 (servers A & B) Users 1-4 Server pair 2 (servers C & D) Users 5-8 User connections = User 1 device 1 ---> Load balancer ---> Dovecot proxy A ---> Send to Server A running Director ---> Connect on Server A User 2 device 1 ---> Load balancer ---> Dovecot proxy B ---> Send to Server A running Director ---> Connect on Server B User 5 device 1 ---> Load balancer ---> Dovecot proxy C ---> Send to Server C running Director ---> Connect on Server C User 1 device 2 ---> Load balancer ---> Dovecot proxy D ---> Send to Server A running Director ---> Connect on Server A User 7 device 1 ---> Load balancer ---> Dovecot proxy A ---> Send to Server C running Director ---> Connect on Server D User 6 device 1 ---> Load balancer ---> Dovecot proxy B ---> Send to Server C running Director ---> Connect on Server C User 3 device 1 ---> Load balancer ---> Dovecot proxy C ---> Send to Server A running Director ---> Connect on Server B User 8 device 1 ---> Load balancer ---> Dovecot proxy D ---> Send to Server C running Director ---> Connect on Server D User 3 device 2 ---> Load balancer ---> Dovecot proxy A ---> Send to Server A running Director ---> Connect on Server B User 5 device 3 ---> Load balancer ---> Dovecot proxy B ---> Send to Server C running Director ---> Connect on Server C User 5 device 2 ---> Load balancer ---> Dovecot proxy C ---> Send to Server C running Director ---> Connect on Server C User 4 device 1 ---> Load balancer ---> Dovecot proxy D ---> Send to Server A running Director ---> Connect on Server A User 5 device 4 ---> Load balancer ---> Dovecot proxy A ---> Send to Server C running Director ---> Connect on Server C User 1 device 3 ---> Load balancer ---> Dovecot proxy B ---> Send to Server A running Director ---> Connect on Server A User 1 device 4 ---> Load balancer ---> Dovecot proxy C ---> Send to Server A running Director ---> Connect on Server A User 6 device 2 ---> Load balancer ---> Dovecot proxy D ---> Send to Server C running Director ---> Connect on Server C User 2 device 2 ---> Load balancer ---> Dovecot proxy A ---> Send to Server A running Director ---> Connect on Server B Results ===
RE: One way dsync replication with dsync -R
I'm using dsync successfully to keep two nodes synchronized, but I have the same problems as you. When I first set it up, I purposely had my phone connected to one node and my desktop connected to the other node. This allowed me to watch for the very issues you're referring to. I ran into them enough that I quit using it that way. But, what I also found was that it was just a timing issue. If they weren't synchronized, I could wait a bit and they would get synched up. Obviously that doesn't work too great if you're sending clients to both nodes through a load balancer though. But, since it was just a timing issue, it also made me feel plenty comfortable using 2-way sync. I've been able to verify that whichever node is the "master" that the other node will be in sync soon thereafter. It just doesn't work great if you're logged into both at the same time. How does that help you may ask? Well, my plan is to setup Dovecot Director on each of my node pairs to enable load balancing that way instead of through some other load balancer. Director should ensure that all clients of a single user will be directed to the same node. Since I haven't set that up yet, I can't guarantee it'll work, but based on my testing and reading, I think it should be fine. The benefits I'm expecting are: 1. Redundant and reliable storage with data always in 2 places at once 2. All devices of a single user always go to the same server so that there is no risk of synchronization delays between devices 3. Local storage connections for Dovecot so hopefully a lot fewer index corruption issues compared to NFS 4. Redundant compute nodes so if one server goes down, clients can still connect At a high level, my complete setup that I'm building is to 1. Shard users into separate server pairs using Dovecot Proxy, 2. Load-balance them within the server pair using Dovecot Director. Hopefully my attempt to explain will come out well in ASCII: Server sharding (however many pairs needed to support users. 4 users each obviously only for illustration purposes) = Server pair 1 (servers A & B) Users 1-4 Server pair 2 (servers C & D) Users 5-8 User connections = User 1 device 1 ---> Load balancer ---> Dovecot proxy A ---> Send to Server A running Director ---> Connect on Server A User 2 device 1 ---> Load balancer ---> Dovecot proxy B ---> Send to Server A running Director ---> Connect on Server B User 5 device 1 ---> Load balancer ---> Dovecot proxy C ---> Send to Server C running Director ---> Connect on Server C User 1 device 2 ---> Load balancer ---> Dovecot proxy D ---> Send to Server A running Director ---> Connect on Server A User 7 device 1 ---> Load balancer ---> Dovecot proxy A ---> Send to Server C running Director ---> Connect on Server D User 6 device 1 ---> Load balancer ---> Dovecot proxy B ---> Send to Server C running Director ---> Connect on Server C User 3 device 1 ---> Load balancer ---> Dovecot proxy C ---> Send to Server A running Director ---> Connect on Server B User 8 device 1 ---> Load balancer ---> Dovecot proxy D ---> Send to Server C running Director ---> Connect on Server D User 3 device 2 ---> Load balancer ---> Dovecot proxy A ---> Send to Server A running Director ---> Connect on Server B User 5 device 3 ---> Load balancer ---> Dovecot proxy B ---> Send to Server C running Director ---> Connect on Server C User 5 device 2 ---> Load balancer ---> Dovecot proxy C ---> Send to Server C running Director ---> Connect on Server C User 4 device 1 ---> Load balancer ---> Dovecot proxy D ---> Send to Server A running Director ---> Connect on Server A User 5 device 4 ---> Load balancer ---> Dovecot proxy A ---> Send to Server C running Director ---> Connect on Server C User 1 device 3 ---> Load balancer ---> Dovecot proxy B ---> Send to Server A running Director ---> Connect on Server A User 1 device 4 ---> Load balancer ---> Dovecot proxy C ---> Send to Server A running Director ---> Connect on Server A User 6 device 2 ---> Load balancer ---> Dovecot proxy D ---> Send to Server C running Director ---> Connect on Server C User 2 device 2 ---> Load balancer ---> Dovecot proxy A ---> Send to Server A running Director ---> Connect on Server B Results === User 1, 4 - Server A User 2, 3 - Server B User 5, 6 - Server C User 7, 8 - Server D I would love to hear if others have gotten something like this working. Blessings, Rob Archibald CTO, EndFirst LLC r...@robarchibald.com -Original Message- From: dovecot [mailto:dovecot-boun...@dovecot.org] On Behalf Of Wolfgang Hennerbichler Sent: Wednesday, March 22, 2017 2:11 PM To: dovecot@dovecot.org Subject: One way dsync replication with ds
Re: Checking sieve
> On Dec 19, 2016, at 15:33, Gerben Wierdawrote: > > A simple question: I’ve installed roundcube on macOS Sierra with Server 5.2 > and created a set of sieve rules in my dovecot setup. How can I check their > functioning (other than send test mails) e.g. is there some logging I can set > / look at? > I think you will see some sieve activity in the system logs. If that's not enough: https://wiki2.dovecot.org/Logging mail_debug=yes
Re: [Dovecot] Dovecot MTA
On 11/10/2013 08:04 PM, Timo Sirainen wrote: On 10.11.2013, at 20.00, Daniele Nicolodi dani...@grinta.net wrote: Additionally I feel that Dovecot documentation can see some love as well. Having the wiki as main source of documentation does not look very polished, compared, for example to the extremely good written and maintained Postfix documentation. I don’t know how to improve the current documentation. (Other than implementing the few missing man pages.) There is going to be a Dovecot book soon though, maybe that’ll help. How Dovecot documentation can be improved? Well, what I find extremely helpful from the Postfix documentation but cannot find the equivalent for Dovecot is: http://www.postfix.org/postconf.5.html Wiki's are helpful, but a full list of all configuration parameters, how they work and, when applicable, how they are related to other parameters will likely help a lot of users. -- Rob
[Dovecot] sieve gone mad ---help
managesieve has gone mad. One person went on holiday when he came back his out of office would not switch off, then it replicated it's self into two other users (the vacation noticE) and started to be sent out for them and those users had never set up an out of office or looted into round cube. even deleting the vacation notice did not stop it, but if we put another vacation notice in then the new one is sent out, if we disable the new one then the old one is sent out…. mad…. how can I refresh the whole thing and start again… ? I am running this on 10.8.4 mountain lion server and I can't stop sieve… I have looked in the /Library/Server/Mail/Data/rules/USERFOLDER and removed all sieve files I have looked in each users mailbox but no seve files there… I have restarted and still sieve will not stop sending out emails…. yesterday it went crazy sending a mail a second from one mailbox back to it's self…. help….. osx 10.8 server using latest roundcube with managesieve plugin bash-3.2# ps -aef|grep dovecot 0 27481 1 0 12:07am ?? 0:00.36 /Applications/Server.app/Contents/ServerRoot/usr/sbin/dovecotd -F 214 27490 27481 0 12:07am ?? 0:00.58 dovecot/anvil [4 connections] 0 28237 27481 0 12:07am ?? 0:01.69 dovecot/log 0 28239 27481 0 12:07am ?? 0:00.20 dovecot/config 227 28309 27481 0 12:08am ?? 0:42.33 dovecot/imap-login [28 connections (28 TLS)] 214 28311 27481 0 12:08am ?? 0:08.65 dovecot/auth [0 wait, 0 passdb, 0 userdb] 214 40746 27481 0 6:54am ?? 0:06.33 dovecot/imap [3 connections] 214 40747 27481 0 6:54am ?? 0:01.89 dovecot/imap [reply 192.168.5.134 IDLE] 214 45378 27481 0 8:36am ?? 0:01.73 dovecot/imap [3 connections] 214 46125 27481 0 9:03am ?? 0:00.75 dovecot/imap [2 connections] 214 46127 27481 0 9:03am ?? 0:01.84 dovecot/imap [3 connections] 214 47385 27481 0 9:35am ?? 0:01.29 dovecot/imap [3 connections] 214 56274 27481 0 1:15pm ?? 0:00.25 dovecot/imap [3 connections] 214 56275 27481 0 1:15pm ?? 0:00.36 dovecot/imap [5 connections] 214 56276 27481 0 1:15pm ?? 0:00.45 dovecot/imap [4 connections] 214 56367 27481 0 1:18pm ?? 0:00.10 dovecot/imap [liam 192.168.5.130 IDLE] 0 62854 9637 0 4:37pm ttys0000:00.00 grep dovecot bash-3.2# /Applications/Server.app/Contents/ServerRoot/usr/sbin/dovecotd -n # 2.0.19apple1: /Library/Server/Mail/Config/dovecot/dovecot.conf # OS: Darwin 12.4.0 x86_64 hfs aps_topic = com.apple.mail.XServer.68f48c72-274a-48f9-beed-71096afe3fa6 auth_mechanisms = cram-md5 x-plain-submit plain login apop gssapi digest-md5 auth_socket_path = /var/run/dovecot/auth-userdb auth_username_format = %n default_internal_user = _dovecot default_login_user = _dovenull disable_plaintext_auth = no first_valid_gid = 6 first_valid_uid = 6 mail_access_groups = mail mail_location = maildir:/Library/Server/Mail/Data/mail/%u mail_log_prefix = %s(pid %p user %u): mail_plugins = quota zlib fts fts_sk managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mdbox_rotate_size = 200 M passdb { args = /Library/Server/Mail/Config/dovecot/submit.passdb driver = passwd-file pass = yes submit = yes } passdb { driver = od } plugin { fts = sk quota = maildir:User quota quota_warning = storage=100%% quota-exceeded %u sieve = /Library/Server/Mail/Data/rules/%u/roundcube.sieve sieve_dir = /Library/Server/Mail/Data/rules/%u } postmaster_address = postmas...@server.risk.gg protocols = imap pop3 lmtp sieve quota_full_tempfail = yes service auth { extra_groups = _keytabusers idle_kill = 15 mins unix_listener auth-userdb { user = _dovecot } } service dns_client { unix_listener dns-client { mode = 0600 } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } service_count = 0 } service imap { client_limit = 5 process_limit = 200 service_count = 0 } service lmtp { unix_listener lmtp { mode = 0600 } } service managesieve-login { inet_listener sieve { port = 4190 } } service pop3-login { inet_listener pop3 { port = 110 } inet_listener pop3s { port = 995 ssl = yes } } service pop3 { client_limit = 5 process_limit = 200 service_count = 0 } service quota-exceeded { executable = script /Applications/Server.app/Contents/ServerRoot/usr/libexec/dovecot/quota-exceeded.sh unix_listener quota-exceeded { group = mail mode = 0660 user = _dovecot } user = _dovecot } service quota-warning { executable = script /Applications/Server.app/Contents/ServerRoot/usr/libexec/dovecot/quota-warning.sh unix_listener quota-warning { group = mail mode = 0660 user = _dovecot } user = _dovecot } ssl =
Re: [Dovecot] Maildirmake equiv?
On 08/16/2013 06:53 AM, LuKreme wrote: Since I am using dovecot I do not have courier installed, but Courier had a very handy tool for making maildir folders called `maildirmake` which I used in some automated backup scripts. How do I duplicate maildirmake in dovecot? Dovecot can autocreate mailboxes. Is that something you can use? http://wiki2.dovecot.org/MailboxSettings http://dovecot.2317879.n4.nabble.com/dovecot-2-2-Warning-autocreate-plugin-is-deprecated-use-mailbox-auto-setting-instead-td41673.html -- Rob
Re: [Dovecot] dovecot is working, sort of
On 08/15/2013 10:50 AM, LuKreme wrote: Error: user lists@*munged*: Couldn't drop privileges: User is missing UID (see mail_uid setting) These are all virtual users with a hid of 89. How do I tell dovecot that? $ cat /etc/dovecot/dovecot-sql.conf.ext driver = mysql connect = host=localhost dbname=postfix user=dovecot password=dovecot default_pass_scheme = MD5-CRYPT password_query = select password from mailbox where username ='%u' user_query = select concat('/usr/local/virtual/', maildir) from mailbox where username = '%u' In my SQL configuration I have something like this: user_query = \ SELECT _home AS home, _uid AS uid, _gid AS gid \ FROM virtual_mailboxes \ WHERE _recipient='%u' AND _active=1 Using this I can give certain users a different UID/GID, should I want to. But if I'm not mistaken you can also statically configure the uid and gid. On page http://wiki2.dovecot.org/VirtualUsers, the last example says: userdb { driver = static args = uid=vmail gid=vmail home=/var/mail/virtual/%d/%n } I guess you should be able to adapt this to your SQL config. -- Rob
Re: [Dovecot] Dovecot 2.2.4 does not create home directory?
On 17-07-13 16:11, Dmitry . wrote: Isn't the log actually saying what's wrong here? (I didn't see a file listing that shows what owner/permissions are set.) Initialization failed: Namespace '': mkdir(Maildir) in directory /var/run/dovecot failed: Permission denied (euid=1202(dovecot) egid=202(dovecot) missing +w perm: /var/run/dovecot, dir owned by 0:0 mode=0755) Jul 17 12:49:41 imap(t...@example.com): Error: Invalid user settings. Refer to server log for more information. The log says: - mkdir(Maildir) in directory /var/run/dovecot failed: Permission denied Dovecot couldn't create a directory in /var/run/dovecot. Personally, I would not want to create mail directories there, but if you're okay with it then I'm okay too. - (euid=1202(dovecot) egid=202(dovecot) Dovecot is running as dovecot:dovecot (1202:202). - missing +w perm: /var/run/dovecot, dir owned by 0:0 mode=0755) The base directory is owned by root:root with 755 permissions, so dovecot has no permission to write anything. I'd choose another place where your mail directories are created and have the correct owner/permissions set. -- Rob
Re: [Dovecot] Broken physical size caching in Dovecot 2.1.10
On 16/02/13 14:50, Timo Sirainen wrote: On Wed, 2013-02-13 at 11:49 +, Rob Redpath wrote: Dovecot's zlib plugin requires that the maildir filenames have ,S=uncompressed size. Otherwise you get those errors. http://dovecot.org/tools/maildir-size-check.sh can be used to fix the filenames. Thanks for this. The problem I'm encountering is that Dovecot renames files, and does so to their size on disk rather than their uncompressed size, undoing any corrective action that's been taken. Yeah. It's a bit difficult to change the automated fixing code to work properly with compressed files without some very ugly kludges. BTW. http://dovecot.org/tools/maildir-size-fix.pl has been updated to work with compressed files also, making maildir-size-check.sh obsolete. I had a quick look myself - it looks like it would be! Obviously I can't leave my production system in a state where mail can't be accessed by some of its users - so what would your advice be to work around this? I think my options are:- - Modify and recompile dovecot so that the affected sub is a no-op and guarantee that filenames will always reflect the uncompressed size of the message through other means OR - Ensure that the sub never gets called. What condition is it that Dovecot encounters that triggers it to rename a file? Thanks for you help with this!
Re: [Dovecot] Broken physical size caching in Dovecot 2.1.10
On 19/02/13 09:42, Timo Sirainen wrote: On 19.2.2013, at 11.39, Rob Redpath rob.redp...@heartinternet.co.uk wrote: BTW. http://dovecot.org/tools/maildir-size-fix.pl has been updated to work with compressed files also, making maildir-size-check.sh obsolete. I had a quick look myself - it looks like it would be! Obviously I can't leave my production system in a state where mail can't be accessed by some of its users - so what would your advice be to work around this? I think my options are:- - Modify and recompile dovecot so that the affected sub is a no-op and guarantee that filenames will always reflect the uncompressed size of the message through other means OR - Ensure that the sub never gets called. What condition is it that Dovecot encounters that triggers it to rename a file? Just run the maildir-size-fix.pl to your existing maildirs and you should have no problems in future? Sadly, that doesn't seem to work. In a normal case where I see this issue, running maildir-size-fix.pl (with -a -c -f -r -v options) identifies and renames lots of files, but then accessing the mailbox causes dovecot to rename them back to the incorrect values. One thing I've noticed during testing this is that, in my doveadm fetch output for an affected mailbox, the same UID appears to be processed over and over before Dovecot moves on. In the example I happen to have on screen, this line appears 13 times in the output, each with with a larger value to the right of the doveadm(u...@example.com): Error: Maildir filename has wrong S value, renamed the file from /var/spool/virtual_mail/user_example.com_d/.INBOX.folder/cur/1308038406.M274176P16579.mail.example.net,S=11919:2,S to /var/spool/virtual_mail/user_example.com_d/.INBOX.folder/cur/1308038406.M274176P16579.mail.example.net,S=11919:2,S doveadm(u...@example.com): Error: Corrupted index cache file /var/spool/virtual_mail/user_example.com_d/.INBOX.eBay/dovecot.index.cache: Broken physical size for mail UID 99
Re: [Dovecot] Broken physical size caching in Dovecot 2.1.10
On 19/02/13 15:41, Timo Sirainen wrote: On 19.2.2013, at 16.48, Rob Redpath rob.redp...@heartinternet.co.uk wrote: Just run the maildir-size-fix.pl to your existing maildirs and you should have no problems in future? Sadly, that doesn't seem to work. In a normal case where I see this issue, running maildir-size-fix.pl (with -a -c -f -r -v options) identifies and renames lots of files, but then accessing the mailbox causes dovecot to rename them back to the incorrect values. Then something is wrong. One thing I've noticed during testing this is that, in my doveadm fetch output for an affected mailbox, the same UID appears to be processed over and over before Dovecot moves on. In the example I happen to have on screen, this line appears 13 times in the output, each with with a larger value to the right of the doveadm(u...@example.com): Error: Maildir filename has wrong S value, renamed the file from /var/spool/virtual_mail/user_example.com_d/.INBOX.folder/cur/1308038406.M274176P16579.mail.example.net,S=11919:2,S to /var/spool/virtual_mail/user_example.com_d/.INBOX.folder/cur/1308038406.M274176P16579.mail.example.net,S=11919:2,S doveadm(u...@example.com): Error: Corrupted index cache file /var/spool/virtual_mail/user_example.com_d/.INBOX.eBay/dovecot.index.cache: Broken physical size for mail UID 99 Have you enabled zlib plugin globally, not just for e.g. IMAP protocol? Show your doveconf -n output. I believe that the plugin is enabled globally - # 2.1.10: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-279.el6.x86_64 x86_64 Red Hat Enterprise Linux Server release 6.3 (Santiago) auth_mechanisms = plain login cram-md5 digest-md5 apop auth_socket_path = /var/run/dovecot/auth-userdb auth_username_chars = auth_worker_max_count = 8192 default_client_limit = 32771 default_internal_user = mail default_process_limit = 32771 disable_plaintext_auth = no first_valid_uid = 8 last_valid_uid = 8 lda_mailbox_autocreate = yes mail_location = maildir:%h mail_plugins = quota zlib namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox Sent Messages { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /var/mail-auth/passwd.dovecot driver = passwd-file } passdb { args = /var/mail-auth/legacy.%l driver = passwd-file } plugin { quota = maildir quota_rule = ?:storage=400M quota_rule2 = Trash:storage=+10% quota_warning = storage=90%% quota-warning 90 %u } service anvil { client_limit = 65545 } service auth { client_limit = 118793 unix_listener auth-userdb { group = mail mode = 0600 user = mail } } service imap-login { process_min_avail = 16 vsz_limit = 64 M } service imap-postlogin { executable = script-login /usr/local/bin/count_imap_login group = mail user = mail } service imap { executable = imap imap-postlogin process_limit = 16384 } service pop3-postlogin { executable = script-login /usr/local/bin/count_pop_login group = mail user = mail } service pop3 { executable = pop3 pop3-postlogin process_limit = 4096 } service quota-warning { executable = script /usr/local/bin/send-mailbox-near-quota-warning unix_listener quota-warning { user = mail } user = mail } ssl_cert = /etc/ssl/certs/redacted.pem ssl_key = /etc/ssl/certs/redacted.pem userdb { args = /var/mail-auth/passwd.dovecot driver = passwd-file } userdb { args = /var/mail-auth/legacy.%l driver = passwd-file } verbose_proctitle = yes protocol imap { imap_capability = +QUOTA SORT SORT=DISPLAY mail_max_userip_connections = 50 mail_plugins = quota zlib imap_quota } protocol pop3 { mail_max_userip_connections = 40 pop3_reuse_xuidl = yes }
Re: [Dovecot] Broken physical size caching in Dovecot 2.1.10
On 05/02/13 02:06, Timo Sirainen wrote: On Tue, 2013-01-29 at 19:58 +, Rob Redpath wrote: I'm encountering two, probably related, errors in my Dovecot 2.1.10 install. The issue relates to compressed email stored in Maildir format directories. In some cases, a mailbox will become inaccessible, and the following will be logged from a doveadm fetch:- doveadm(i...@example.com): Error: Corrupted index cache file /var/spool/virtual_mail/info_example.com_d/dovecot.index.cache: Broken physical size for mail UID 2777 doveadm(i...@example.com): Error: Cached message size smaller than expected (18996 64624) doveadm(i...@example.com): Error: Maildir filename has wrong S value, renamed the file from /var/spool/virtual_mail/info_example.com_d/cur/1277451630.H877760P14612.mailserver.example.com,S=18996:2,Z to /var/spool/virtual_mail/info_example.com_d/cur/1277451630.H877760P14612.mailserver.example.com,S=18996:2,Z Interestingly, the file mentioned in the error ( /var/spool/virtual_mail/info_example.com_d/dovecot.index.cache ) doesn't exist. The uncompressed size of the file is 64624 bytes, the compressed size is 18996. Dovecot's zlib plugin requires that the maildir filenames have ,S=uncompressed size. Otherwise you get those errors. http://dovecot.org/tools/maildir-size-check.sh can be used to fix the filenames. Thanks for this. The problem I'm encountering is that Dovecot renames files, and does so to their size on disk rather than their uncompressed size, undoing any corrective action that's been taken. For example:- [root@mailserver ~]# ls /var/spool/virtual_mail/info_example.com_d/cur/1287153356.H12P6490.mailserver.example.net,S=4580:2,SZ /var/spool/virtual_mail/info_example.com_d/cur/1287153356.H12P6490.mailserver.example.net,S=4580:2,SZ [root@mailserver ~]# zcat /var/spool/virtual_mail/info_example.com_d/cur/1287153356.H12P6490.mailserver.example.net,S=4580:2,SZ | wc 3451530 24587 [root@mailserver ~]# mv /var/spool/virtual_mail/info_example.com_d/cur/1287153356.H12P6490.mailserver.example.net,S=4580:2,SZ /var/spool/virtual_mail/info_example.com_d/cur/1287153356.H12P6490.mailserver.example.net,S=24587:2,SZ [root@mailserver ~]# doveadm fetch -u i...@example.com text all /dev/null snip doveadm(i...@example.com): Error: Maildir filename has wrong S value, renamed the file from /var/spool/virtual_mail/info_example.com_d/cur/1287153356.H12P6490.mailserver.example.net,S=24587:2,SZ to /var/spool/virtual_mail/info_example.com_d/cur/1287153356.H12P6490.mailserver.example.net,S=4580:2,SZ /snip
Re: [Dovecot] Broken physical size caching in Dovecot 2.1.10
On 05/02/13 02:06, Timo Sirainen wrote: On Tue, 2013-01-29 at 19:58 +, Rob Redpath wrote: I'm encountering two, probably related, errors in my Dovecot 2.1.10 install. The issue relates to compressed email stored in Maildir format directories. In some cases, a mailbox will become inaccessible, and the following will be logged from a doveadm fetch:- doveadm(i...@example.com): Error: Corrupted index cache file /var/spool/virtual_mail/info_example.com_d/dovecot.index.cache: Broken physical size for mail UID 2777 doveadm(i...@example.com): Error: Cached message size smaller than expected (18996 64624) doveadm(i...@example.com): Error: Maildir filename has wrong S value, renamed the file from /var/spool/virtual_mail/info_example.com_d/cur/1277451630.H877760P14612.mailserver.example.com,S=18996:2,Z to /var/spool/virtual_mail/info_example.com_d/cur/1277451630.H877760P14612.mailserver.example.com,S=18996:2,Z Interestingly, the file mentioned in the error ( /var/spool/virtual_mail/info_example.com_d/dovecot.index.cache ) doesn't exist. The uncompressed size of the file is 64624 bytes, the compressed size is 18996. Dovecot's zlib plugin requires that the maildir filenames have ,S=uncompressed size. Otherwise you get those errors. http://dovecot.org/tools/maildir-size-check.sh can be used to fix the filenames. Thanks for this. The problem I'm encountering is that Dovecot renames files, and does so to their size on disk rather than their uncompressed size, undoing any corrective action that's been taken. For example:- [root@mailserver ~]# ls /var/spool/virtual_mail/info_example.com_d/cur/1287153356.H12P6490.mailserver.example.net,S=4580:2,SZ /var/spool/virtual_mail/info_example.com_d/cur/1287153356.H12P6490.mailserver.example.net,S=4580:2,SZ [root@mailserver ~]# zcat /var/spool/virtual_mail/info_example.com_d/cur/1287153356.H12P6490.mailserver.example.net,S=4580:2,SZ | wc 3451530 24587 [root@mailserver ~]# mv /var/spool/virtual_mail/info_example.com_d/cur/1287153356.H12P6490.mailserver.example.net,S=4580:2,SZ /var/spool/virtual_mail/info_example.com_d/cur/1287153356.H12P6490.mailserver.example.net,S=24587:2,SZ [root@mailserver ~]# doveadm fetch -u i...@example.com text all /dev/null snip doveadm(i...@example.com): Error: Maildir filename has wrong S value, renamed the file from /var/spool/virtual_mail/info_example.com_d/cur/1287153356.H12P6490.mailserver.example.net,S=24587:2,SZ to /var/spool/virtual_mail/info_example.com_d/cur/1287153356.H12P6490.mailserver.example.net,S=4580:2,SZ /snip
Re: [Dovecot] Broken physical size caching in Dovecot 2.1.10
On 05/02/13 02:06, Timo Sirainen wrote: On Tue, 2013-01-29 at 19:58 +, Rob Redpath wrote: I'm encountering two, probably related, errors in my Dovecot 2.1.10 install. The issue relates to compressed email stored in Maildir format directories. In some cases, a mailbox will become inaccessible, and the following will be logged from a doveadm fetch:- doveadm(i...@example.com): Error: Corrupted index cache file /var/spool/virtual_mail/info_example.com_d/dovecot.index.cache: Broken physical size for mail UID 2777 doveadm(i...@example.com): Error: Cached message size smaller than expected (18996 64624) doveadm(i...@example.com): Error: Maildir filename has wrong S value, renamed the file from /var/spool/virtual_mail/info_example.com_d/cur/1277451630.H877760P14612.mailserver.example.com,S=18996:2,Z to /var/spool/virtual_mail/info_example.com_d/cur/1277451630.H877760P14612.mailserver.example.com,S=18996:2,Z Interestingly, the file mentioned in the error ( /var/spool/virtual_mail/info_example.com_d/dovecot.index.cache ) doesn't exist. The uncompressed size of the file is 64624 bytes, the compressed size is 18996. Dovecot's zlib plugin requires that the maildir filenames have ,S=uncompressed size. Otherwise you get those errors. http://dovecot.org/tools/maildir-size-check.sh can be used to fix the filenames. Thanks for this. The problem I'm encountering is that Dovecot renames files, and does so to their size on disk rather than their uncompressed size, undoing any corrective action that's been taken. For example:- [root@mailserver ~]# ls /var/spool/virtual_mail/info_example.com_d/cur/1287153356.H12P6490.mailserver.example.net,S=4580:2,SZ /var/spool/virtual_mail/info_example.com_d/cur/1287153356.H12P6490.mailserver.example.net,S=4580:2,SZ [root@mailserver ~]# zcat /var/spool/virtual_mail/info_example.com_d/cur/1287153356.H12P6490.mailserver.example.net,S=4580:2,SZ | wc 3451530 24587 [root@mailserver ~]# mv /var/spool/virtual_mail/info_example.com_d/cur/1287153356.H12P6490.mailserver.example.net,S=4580:2,SZ /var/spool/virtual_mail/info_example.com_d/cur/1287153356.H12P6490.mailserver.example.net,S=24587:2,SZ [root@mailserver ~]# doveadm fetch -u i...@example.com text all /dev/null snip doveadm(i...@example.com): Error: Maildir filename has wrong S value, renamed the file from /var/spool/virtual_mail/info_example.com_d/cur/1287153356.H12P6490.mailserver.example.net,S=24587:2,SZ to /var/spool/virtual_mail/info_example.com_d/cur/1287153356.H12P6490.mailserver.example.net,S=4580:2,SZ /snip
[Dovecot] Broken physical size caching in Dovecot 2.1.10
Hi, I'm encountering two, probably related, errors in my Dovecot 2.1.10 install. The issue relates to compressed email stored in Maildir format directories. In some cases, a mailbox will become inaccessible, and the following will be logged from a doveadm fetch:- doveadm(i...@example.com): Error: Corrupted index cache file /var/spool/virtual_mail/info_example.com_d/dovecot.index.cache: Broken physical size for mail UID 2777 doveadm(i...@example.com): Error: Cached message size smaller than expected (18996 64624) doveadm(i...@example.com): Error: Maildir filename has wrong S value, renamed the file from /var/spool/virtual_mail/info_example.com_d/cur/1277451630.H877760P14612.mailserver.example.com,S=18996:2,Z to /var/spool/virtual_mail/info_example.com_d/cur/1277451630.H877760P14612.mailserver.example.com,S=18996:2,Z Interestingly, the file mentioned in the error ( /var/spool/virtual_mail/info_example.com_d/dovecot.index.cache ) doesn't exist. The uncompressed size of the file is 64624 bytes, the compressed size is 18996. My attempts to debug the issue myself didn't get very far - the function that appears to return the wrong value is in /src/lib-storage/index/maildir/maildir-mail.c in the 2.1.13 source; it's do_fix_size() and appears to not consider whether a file is compressed or not when reporting it's size for S= value purposes. Can anyone help? I'm happy to provide parts of dovecot -n output if required, but I'd rather not post configuration in a public forum if it's not required. -- Rob Redpath Systems Administrator Heart Internet Ltd E: rob.redp...@heartinternet.co.uk DDI: 0115 845 6643 www.heartinternet.co.ukhttp://www.heartinternet.co.uk ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you are not the intended recipient you are not authorised to and must not disclose, copy, distribute, or retain this message or any part of it. Heart Internet Ltd accepts no responsibility for information, errors or omissions in this email. **
Re: [Dovecot] [OT] MS Exchange Alternative?
On 12/04/2012 05:22 PM, Timo Sirainen wrote: On 4.12.2012, at 16.20, Jakob Curdes wrote: Am 04.12.2012 15:15, schrieb Marc Perkel: Just wondering if there's an open source Linux alternative to MS Exchange so that all the features of outlook work? Did you have a look at zarafa? Most part of it is open source; the outlook connector ist closed source however and requires a license fee for more than three clients. It uses MAPI to connect to Outlook, unlike many other solutions that do calendar syncs etc. via the ActiveSync protocol. Zarafa is a completely different thing than dovecot, however; it stores all mails in a MySQL database. Future versions of Zarafa will hopefully serve IMAP protocol via Dovecot. :) If they'd do that, it would be great because that's *the* reason I'm not running Zarafa. Last time I tried the Zarafa IMAP server, which is some years ago, I was converting email locally via IMAP, just to see how Zarafa worked and behaved. The conversion would hang at random times, and it's IMAP server was so slow compared to Dovecot that I didn't want to use it.
Re: [Dovecot] HA Mailbox Design
On 08/11/2012 01:18 PM, Stan Hoeppner wrote: On 8/11/2012 11:52 AM, Daniel Parthey wrote: Nikolaos Milas wrote: On 10/8/2012 4:47 πμ, Stan Hoeppner wrote: That begs the question, what is your definition of a Highly Available Mail Server? What is it that you actually want to accomplish? In some detail please. 1. Under normal conditions, mail2.example.com is a full mirror of mail1.example.com; when any mail message is added/viewed/moved/removed etc. to any user's folder or any folder is added/viewed/moved/removed etc. at mail1.example.com, we want it to be automatically and directly (in real time) added/viewed/moved/removed etc. to mail2.example.com too. In other words, we need continuous, real-time sync. Can I do this and how? You might have a look at DRBD (distributed replicated block device) which provides a high available block device with fully synchronous mirroring: http://www.drbd.org/home/mirroring Dovecot can then simply work with the filesystem residing on the highly avilable DRBD volume. But to be clear, for a true HA setup with full active/active nodes, this must be a cluster filesystem (GFS2/OCFS2). A good solution for kvm + drbd is this: http://pve.proxmox.com/wiki/Two-Node_High_Availability_Cluster
Re: [Dovecot] looking for information on Vacation auto-reply
On 08/10/2012 02:26 AM, Robert Schetterer wrote: Am 09.08.2012 21:32, schrieb rob: On Thursday, August 9, 2012 15:19 EDT, Stephan Boschstep...@rename-it.nl wrote: On 8/9/2012 7:08 PM, rob wrote: Hello We are looking for information on how to use Vacation auto-reply . I've read http://wiki2.dovecot.org/Pigeonhole/Sieve/Usage and a few other pages, but have not found how to set it up. We use sogo and thunderbird . Is there a how to or document for this somewhere? What exactly do you want to know? Regards, Stephan. I'd like to know : - If we have Dovecot configured OK for vacation sieve. - It looks like we should try to manage the vacation sieve filters using sogo or thunderbird . Is that the normal way to do so? sieve in dovecot acts like a server where you can feed sieve rules i.e vacation, some software mostly webmailsers have guis for this, like sogo, roundcube, horde ,squirrelmail also thunderbird has a sieve plugin if you setup dovecot sieve server rightly , you might see in the dovecot logs , and/or send dovecot config to the list, look for manuals on the dovecot site and in www for setup instructions What I need to know is if we have enabled siege and managesieve correctly in dovecot. The following is out config. : root@mail ~ # dovecot -n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-2-amd64 x86_64 Debian wheezy/sid auth_mechanisms = plain login auth_username_format = %Ln lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes mail_location = maildir:%h/Maildir mail_plugins = quota maildir_very_dirty_syncs = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace { inbox = yes location = prefix = INBOX. separator = . type = private } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { mail_plugins = quota sieve quota = fs:user quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u quota_warning3 = storage=60%% quota-warning 60 %u quota_warning4 = storage=40%% quota-warning 40 %u sieve = ~/.dovecot.sieve sieve_before = /etc/dovecot/sieve/spam.sieve sieve_dir = ~/sieve sieve_global_dir = /etc/dovecot/sieve/ } postmaster_address = fbcad...@fantinibakery.com protocols = imap lmtp sieve quota_full_tempfail = yes service auth-worker { user = $default_internal_user } service auth { unix_listener /var/spool/postfix/private/auth { mode = 0666 } unix_listener auth-userdb { group = postfix mode = 0600 user = postfix } } service imap-login { service_count = 0 vsz_limit = 128 M } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0660 user = postfix } } service managesieve-login { inet_listener sieve { port = 4190 } process_min_avail = 1 service_count = 0 vsz_limit = 256 M } service quota-warning { executable = script /fbc/bin/mail/quota-warning.sh user = dovecot } ssl = required ssl_ca = /etc/postfix/ssl/gd_bundle.crt ssl_cert = /etc/postfix/ssl/mail.fantinibakery.com.crt ssl_key = /etc/postfix/ssl/mail.fantinibakery.com.key userdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } protocol lmtp { mail_plugins = quota sieve } protocol imap { mail_max_userip_connections = 30 mail_plugins = quota imap_quota plugin { antispam_backend = spool2dir antispam_signature = X-DSPAM-Signature antispam_spam = Junk antispam_spool2dir_notspam = /var/spamtrain/not-spam/%%020lu-%u-%%05 antispam_spool2dir_spam = /var/spamtrain/spam/%%020lu-%u-%%05 antispam_trash = Trash antispam_verbose_debug = 1 } } protocol sieve { mail_debug = yes managesieve_implementation_string = Dovecot Pigeonhole } Best regards and thank you for the help! Rob
Re: [Dovecot] looking for information on Vacation auto-reply
On 08/10/2012 01:32 PM, rob wrote: On 08/10/2012 02:26 AM, Robert Schetterer wrote: Am 09.08.2012 21:32, schrieb rob: On Thursday, August 9, 2012 15:19 EDT, Stephan Boschstep...@rename-it.nl wrote: On 8/9/2012 7:08 PM, rob wrote: Hello We are looking for information on how to use Vacation auto-reply . I've read http://wiki2.dovecot.org/Pigeonhole/Sieve/Usage and a few other pages, but have not found how to set it up. We use sogo and thunderbird . Is there a how to or document for this somewhere? What exactly do you want to know? Regards, Stephan. I'd like to know : - If we have Dovecot configured OK for vacation sieve. - It looks like we should try to manage the vacation sieve filters using sogo or thunderbird . Is that the normal way to do so? sieve in dovecot acts like a server where you can feed sieve rules i.e vacation, some software mostly webmailsers have guis for this, like sogo, roundcube, horde ,squirrelmail also thunderbird has a sieve plugin if you setup dovecot sieve server rightly , you might see in the dovecot logs , and/or send dovecot config to the list, look for manuals on the dovecot site and in www for setup instructions What I need to know is if we have enabled siege and managesieve correctly in dovecot. The following is out config. : root@mail ~ # dovecot -n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-2-amd64 x86_64 Debian wheezy/sid auth_mechanisms = plain login auth_username_format = %Ln lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes mail_location = maildir:%h/Maildir mail_plugins = quota maildir_very_dirty_syncs = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace { inbox = yes location = prefix = INBOX. separator = . type = private } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { mail_plugins = quota sieve quota = fs:user quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u quota_warning3 = storage=60%% quota-warning 60 %u quota_warning4 = storage=40%% quota-warning 40 %u sieve = ~/.dovecot.sieve sieve_before = /etc/dovecot/sieve/spam.sieve sieve_dir = ~/sieve sieve_global_dir = /etc/dovecot/sieve/ } postmaster_address = fbcad...@fantinibakery.com protocols = imap lmtp sieve quota_full_tempfail = yes service auth-worker { user = $default_internal_user } service auth { unix_listener /var/spool/postfix/private/auth { mode = 0666 } unix_listener auth-userdb { group = postfix mode = 0600 user = postfix } } service imap-login { service_count = 0 vsz_limit = 128 M } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0660 user = postfix } } service managesieve-login { inet_listener sieve { port = 4190 } process_min_avail = 1 service_count = 0 vsz_limit = 256 M } service quota-warning { executable = script /fbc/bin/mail/quota-warning.sh user = dovecot } ssl = required ssl_ca = /etc/postfix/ssl/gd_bundle.crt ssl_cert = /etc/postfix/ssl/mail.fantinibakery.com.crt ssl_key = /etc/postfix/ssl/mail.fantinibakery.com.key userdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } protocol lmtp { mail_plugins = quota sieve } protocol imap { mail_max_userip_connections = 30 mail_plugins = quota imap_quota plugin { antispam_backend = spool2dir antispam_signature = X-DSPAM-Signature antispam_spam = Junk antispam_spool2dir_notspam = /var/spamtrain/not-spam/%%020lu-%u-%%05 antispam_spool2dir_spam = /var/spamtrain/spam/%%020lu-%u-%%05 antispam_trash = Trash antispam_verbose_debug = 1 } } protocol sieve { mail_debug = yes managesieve_implementation_string = Dovecot Pigeonhole } Best regards and thank you for the help! Rob OK It looks like our dovecot setup is ok: gnutls-cli --starttls -p 4190 127.0.0.1 Processed 152 CA certificate(s). Resolving '127.0.0.1'... Connecting to '127.0.0.1:4190'... |1| Note that the security level of the Diffie-Hellman key exchange has been lowered to 512 bits and this may allow decryption of the session data - Simple Client Mode: IMPLEMENTATION Dovecot Pigeonhole SIEVE fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave NOTIFY mailto SASL PLAIN LOGIN STARTTLS VERSION 1.0 OK Dovecot ready.
[Dovecot] looking for information on Vacation auto-reply
Hello We are looking for information on how to use Vacation auto-reply . I've read http://wiki2.dovecot.org/Pigeonhole/Sieve/Usage and a few other pages, but have not found how to set it up. We use sogo and thunderbird . Is there a how to or document for this somewhere? This is our configuration information: dovecot -n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-2-amd64 x86_64 Debian wheezy/sid auth_mechanisms = plain login auth_username_format = %Ln lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes mail_location = maildir:%h/Maildir mail_plugins = quota maildir_very_dirty_syncs = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace { inbox = yes location = prefix = INBOX. separator = . type = private } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { mail_plugins = quota sieve quota = fs:user quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u quota_warning3 = storage=60%% quota-warning 60 %u quota_warning4 = storage=40%% quota-warning 40 %u sieve = ~/.dovecot.sieve sieve_before = /etc/dovecot/sieve/spam.sieve sieve_dir = ~/sieve sieve_global_dir = /etc/dovecot/sieve/ } postmaster_address = fbcad...@fantinibakery.com protocols = imap lmtp sieve quota_full_tempfail = yes service auth-worker { user = $default_internal_user } service auth { unix_listener /var/spool/postfix/private/auth { mode = 0666 } unix_listener auth-userdb { group = postfix mode = 0600 user = postfix } } service imap-login { service_count = 0 vsz_limit = 128 M } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0660 user = postfix } } service managesieve-login { inet_listener sieve { port = 4190 } process_min_avail = 1 service_count = 0 vsz_limit = 256 M } service quota-warning { executable = script /fbc/bin/mail/quota-warning.sh user = dovecot } ssl = required ssl_ca = /etc/postfix/ssl/gd_bundle.crt ssl_cert = /etc/postfix/ssl/mail.fantinibakery.com.crt ssl_key = /etc/postfix/ssl/mail.fantinibakery.com.key userdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } protocol lmtp { mail_plugins = quota sieve } protocol imap { mail_max_userip_connections = 30 mail_plugins = quota imap_quota plugin { antispam_backend = spool2dir antispam_signature = X-DSPAM-Signature antispam_spam = Junk antispam_spool2dir_notspam = /var/spamtrain/not-spam/%%020lu-%u-%%05 antispam_spool2dir_spam = /var/spamtrain/spam/%%020lu-%u-%%05 antispam_trash = Trash antispam_verbose_debug = 1 } } protocol sieve { mail_debug = yes managesieve_implementation_string = Dovecot Pigeonhole }
Re: [Dovecot] looking for information on Vacation auto-reply
On Thursday, August 9, 2012 15:19 EDT, Stephan Bosch step...@rename-it.nl wrote: On 8/9/2012 7:08 PM, rob wrote: Hello We are looking for information on how to use Vacation auto-reply . I've read http://wiki2.dovecot.org/Pigeonhole/Sieve/Usage and a few other pages, but have not found how to set it up. We use sogo and thunderbird . Is there a how to or document for this somewhere? What exactly do you want to know? Regards, Stephan. I'd like to know : - If we have Dovecot configured OK for vacation sieve. - It looks like we should try to manage the vacation sieve filters using sogo or thunderbird . Is that the normal way to do so?
[Dovecot] unsubscribe
Please consider the environment before printing this email. Game Stores Group Limited, registered number 1937170, registered in England
Re: [Dovecot] Cooperating with dovecot in its Maildir
Timo Sirainen t...@iki.fi writes: On Sat, 2011-01-29 at 12:04 -0600, Rob Browning wrote: OK, so it sounds like if we wanted to be completely safe, we probably need to know that we're in a dovecot Maildir, and then we need to know where to create the appropriate dovecot-uidlist.lock file whenever renaming files. There's no good way to find out where the uidlist files are, if they're not in the maildir itself. They typically are. Right, I was assuming we might just have to require the user to tell us whenever they're not in the normal place. Do you happen to know if the liblockfile (lockfile_create(3), etc.) .lock strategy is compatible with dovecot's approach? Should be. It's possible though that in a future version there is no .lock file but rather the uidlist is locked directly with fcntl. OK, though as you're probably aware, there may be some issues cross-platform, and/or with shared FSs. Avery wrote an interesting summary recently: http://apenwarr.ca/log/?m=201012#13 Thanks again -- Rob Browning rlb @defaultvalue.org and @debian.org GPG as of 2002-11-03 14DD 432F AE39 534D B592 F9A0 25C8 D377 8C7E 73A4
[Dovecot] Cooperating with dovecot in its Maildir
Is it possible to cooperate with dovecot within its Maildir, and if so, what's required? In this particular case, we're thinking of trying to allow notmuch to operate directly on the dovecot Maildir, and at the moment, the only modifications notmuch makes are to change maildir flags. Would locking dovecot-uidlist.lock be sufficient, perhaps via liblockfile? Also, is there some reliable way to detect a dovecot Maildir? For example, are any of the dovecot-* files guaranteed to exist all the time? Thanks -- Rob Browning rlb @defaultvalue.org and @debian.org GPG as of 2002-11-03 14DD 432F AE39 534D B592 F9A0 25C8 D377 8C7E 73A4
Re: [Dovecot] Cooperating with dovecot in its Maildir
Timo Sirainen t...@iki.fi writes: On 29.1.2011, at 19.05, Rob Browning wrote: I saw that, but I wasn't sure if the fact that a message might receive a new UID could be a problem. It's a theoretical problem mostly, especially in your case. It's mainly visible when doing stress testing with large maildirs. I doubt in regular use it matters. Courier doesn't try to prevent it in any way and it seems to have worked mostly ok. Or is the UID supposed to change when the flags change? No. OK, so it sounds like if we wanted to be completely safe, we probably need to know that we're in a dovecot Maildir, and then we need to know where to create the appropriate dovecot-uidlist.lock file whenever renaming files. Do you happen to know if the liblockfile (lockfile_create(3), etc.) .lock strategy is compatible with dovecot's approach? Thanks -- Rob Browning rlb @defaultvalue.org and @debian.org GPG as of 2002-11-03 14DD 432F AE39 534D B592 F9A0 25C8 D377 8C7E 73A4
Re: [Dovecot] Ubuntu upgrade to 10.04 -- dovecot no longer working
The old dovecot.conf file isn't compatible with the new dovecot. I found it easier to just read through the dovecot.conf and edit it appropriately. I had the same problem, but it appears to be working for me now. Rob On 06/14/2010 07:48 AM, Pascal Volk wrote: On 06/14/2010 03:41 PM HenkR wrote: Hi, Last year I installed dovecot on my Ubuntu V9 system 64 bit system. I use it to store emails from several clients in the LAN using IMAP. Last week I upgraded to Ubuntu 10.04. Now Dovecot is no longer working. It started with messages about sieve, so I disabled sieve in the configuration file (did not use it in the past, don't know what it is). Dovecot can now be started without errors or warnings, but I cannot connect in the client. I get a message saying could not connect to server: connection refused. Can anybody help? Yes, the fine documentation. file:///usr/share/doc/dovecot-common/README.Debian http://wiki.dovecot.org/Upgrading/1.2 If you are unable to solve your problems, please include `dovecot -n` output in your reply. Regards, Pascal -- Rob Frohne, Ph.D., P.E. E.F. Cross School of Engineering Walla Walla University 100 SW 4th Street College Place, WA 99324 (509) 527-2075 http://people.wallawalla.edu/~rob.frohne attachment: frohro.vcf
Re: [Dovecot] How do I make dovecot not use sslv2 for pop?
On 29/01/2010 6:56 PM, Timo Sirainen wrote: On 29.1.2010, at 9.23, Andreas Schulze wrote: From: Timo Sirainent...@iki.fi Subject: Re: [Dovecot] How do I make dovecot not use sslv2 for pop? Message-ID:1264724551.22202.139.ca...@hurina Anyway.. I guess I should do something about this. Not really sure what, though. Timo, you can simply stop supporting SSLv2. Nobody really needs security known to be insecure. Yeah. I'm actually more wondering about SSLv3+TLSv1 vs. TLSv1. Apparently disabling SSLv3 isn't a good idea yet? But still, maybe there should be a configuration option for that.. Or maybe not. The only SSLv3 connections my server is receiving are from a Blackberry server (hosted, not enterprise). I would be quite happy to disable that and insist folk get iPhones instead ... but the bosses may be unhappy. I don't have anything ancient like Outlook Express connecting to me - older versions of that probably have a similar problem to Internet Explorer 6. However should at least cope with SSLv3. Blackberry server is connecting as: SSLv3 with cipher AES128-SHA (128/128 bits) (%k in dovecot login_log_format_elements) Rob.
Re: [Dovecot] How do I make dovecot not use sslv2 for pop?
On 29/01/2010 11:22 AM, Timo Sirainen wrote: On Thu, 2010-01-28 at 15:23 -0800, Patrick Horgan wrote: Just a bump, still have the problem, why would dovecot support sslv2 for pop, but not for imap, when it's configured to not support sslv2 at all? I don't know why your nmap run would have shown only one of them supporting SSLv2, it should have shown both. And that's because I initialize OpenSSL with: ctx-ctx = ssl_ctx = SSL_CTX_new(SSLv23_server_method()); So I guess what happens is that OpenSSL advertises that it supports SSLv2. But then the ssl_cipher_list's !SSLv2 doesn't let the SSLv2 handshake actually go through. So it's not really possible to use SSLv2. You can verify this with: openssl s_client -ssl2 -connect localhost:995 Anyway.. I guess I should do something about this. Not really sure what, though. Apache mod_ssl has both a SSLCipherSuite and SSLProtocol option. SSLCipherSuite takes the same syntax as Dovecot's ssl_cipher_list. Dovecot doesn't have an equivalent of SSLProtocol. in Apache: SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:!SSLv2:RC4+RSA:-MD5:+HIGH:+MEDIUM:@STRENGTH |SSLProtocol all -SSLv2| I'm not that fussed, but it would be good to be able to disable for completeness. (I'm more fussed by MSIE6 preventing me from defaulting to stronger ciphers for web servers - and defaulting to SSLv2 enabled, but TLS disabled). Rob Middleton.
Re: [Dovecot] Time just moved backwards in Dovecot in a Xen DomU
On 6/10/2009 12:54 PM, PGNet Dev wrote: snip - from dom0 looking at my ntp logs around the same time(s). ... 5 Oct 16:41:17 ntpd[5696]: synchronized to 64.125.78.85, stratum 1 5 Oct 16:51:38 ntpd[5696]: time reset -2.140133 s 5 Oct 16:56:40 ntpd[5696]: synchronized to 66.220.9.122, stratum 1 5 Oct 17:01:28 ntpd[5696]: synchronized to 64.125.78.85, stratum 1 5 Oct 17:07:20 ntpd[5696]: time reset -2.137760 s 5 Oct 17:11:49 ntpd[5696]: synchronized to 204.152.184.72, stratum 1 This indicates that ntpd is actually stepping the time 2 seconds into the past approx every 900 seconds. So dovecot is correct that time has moved backwards. You need to stop time moving backwards :-). [so not dovecot's fault, and likely not xen's fault either] I'm no ntp expert, but I wonder if searching for 900s in the ntpd man page might help (caught my eye due to the step every 15 minutes - network congestion and excessive jitter causing stepping)? Otherwise perhaps a problem with a bad hardware driver stalling in the middle of an interrupt occasionally. Sorry - can't provide any further pointers. It is highly dependent on your hardware, kernel drivers. If you have any other physical servers and they are also having 'time reset' error messages, then the problem is some odd network configuration - partial drop-outs and/or high jitter. Unfortunately -x will not be a solution here as slew cannot possibly correct for a drift as big as 2 in every 900 seconds. You may want to try just a single upstream ntp server as a debugging step (identify it by IP, not by a pool DNS record) and/or use the prefer keyword against your favourite. Cheers, Rob Middleton.
Re: [Dovecot] OT: IMAP folder aliases
On 25/09/2009 11:14 PM, Patrick Ben Koetter wrote: It seems that there is no standard for folder names that deal with typical message classes such as drafts, outbox, sent, spam etc. At least there's no common sense on a naming convention that tells how client should handle this. XLIST may deal with this in the future. It has been initially implemented as an IMAP extension by GMail and Apple iPhone's email client. It allows localized naming of drafts, sent, etc while allowing the server to tell the client the mapping between well-known folder types and their actual name. http://groups.google.com/group/Gmail-Help-POP-and-IMAP-en/browse_thread/thread/a154105c54f020fb?pli=1 https://bugzilla.mozilla.org/show_bug.cgi?id=476260 It oddly seems to have been barely documented or pushed ... though it is sufficiently simple and useful that I hope it gets wide support. Cheers, Rob Middleton.
Re: [Dovecot] OT: IMAP folder aliases
On 26/09/2009 6:40 PM, Axel Thimm wrote: On Fri, Sep 25, 2009 at 07:55:41PM +0300, Timo Sirainen wrote: On Sep 25, 2009, at 7:49 PM, Eric Shubert wrote: Timo Sirainen wrote: On Sep 25, 2009, at 4:14 PM, Patrick Ben Koetter wrote: Has anyone seen an approach or a solution that solves the problem from a users point of view? A server side alias list that maps to a server standard? Symlinks maybe? Or something similar done internally. The main problem would anyway be LIST command, should it show all of them or somehow try to figure out which one to show? Do the clients identify which program they are? No. And one of the first commands they typically do is LIST. So there are no good ways to solve this. Although I haven't really seen much problems myself. Linux clients allow changing what mailboxes they use, so I just configure them to use the same as Apple Mail.. Given than you seem to bless Apple Mail folder structures it makes it a good candidate to try to push as a standard for others to copy. Maybe there could be example setups/configs shipped with dovecot that maps other naming conventions to Apple's? In that way dovecot would start to inforce the use of a standard which in the long term could become a real standard. If Apple's structure are not the best to go with, then we could use some other naming convention, I just trust that Timo's choice is not a bad one. ;) I personally dislike Apple Mail's special folder naming from a 'supporting users' viewpoint. By default it uses an underlying IMAP mailbox of Sent Items while displaying the name Sent in the GUI. It confuses folk that use both Apple Mail (Sent=Sent Items) and Thunderbird (Sent=Sent) to access their email account; because it makes little sense to the user it needs intervention by IT support to explain/fix (or they just suffer with two sent folders). That said, if Apple Mail in 10.6 already supports XLIST this oddity could potentially be fixed from the IMAP server side (ref my email 80 minutes ago). Thunderbird will have XLIST from v3 when released soon. (Doesn't Apple use dovecot on Mac OS X 10.6 server now? I'm surprised we haven't seen an XLIST plugin or patch to make the Mac-mail-client to Mac-mail-server universe all work together well. However it is early days for that extension.) Cheers, Rob Middleton.
Re: [Dovecot] critical X-UID reordering problem after upgrade from 1.1 to 1.2
Timo Sirainen wrote: One easy solution would be to change UIDVALIDITY (the large number in X-IMAP: or X-IMAPbase: header) of each mailbox. Then the client will redownload all mails. This is what I ended up doing (just inc'ing the current UIDVALIDITY by 1) and that seems to have worked for our IMAP users. However, this is more problematic for the pop users since it looks like that causes every message in the inbox to appear to be new (the new %v yields all new UIDLs so all the messages look like ones the client hasn't seen). I suppose it serves them right for using pop... ;-) I can't really think of why UIDs would have changed though. I think v1.1's and v1.2's mbox handling code is pretty much the same. I think I may have identified the problem. I have a test inbox that is very repeatably munged by dovecot 1.2.4 the first time it is accessed. The thing I noticed about it is that it has: X-IMAPbase: 1076423160 059291 Junk $Label1 $Label3 $Label5 NonJunk $Forwarded $MDNSent $Label2 $Label4 However, the last message (with the largest X-UID) is: X-UID: 59665 So, this UID 59665 is larger than last used UID on the X-IMAPbase line! I have to assume this is a bad thing, right? As a test, I changed the X-IMAPbase: line and set the last used UID properly and that was all it took to prevent dovecot from doing the reordering. But, how did this happen? I know it was like this on several inboxes (maybe even most of them) and we had been running dovecot 1.1.3 previously for quite a while. So, was this a bug in 1.1.3? And, perhaps more importantly for others who may hit this same problem, is there some way that 1.2.x can recognize this condition and compensate for it without doing the really nasty reordering? Thanks! --Rob
Re: [Dovecot] critical X-UID reordering problem after upgrade from 1.1 to 1.2
Timo Sirainen wrote: One easy solution would be to change UIDVALIDITY (the large number in X-IMAP: or X-IMAPbase: header) of each mailbox. Then the client will redownload all mails. I just tried that on one of the inboxes and it seemed to do the trick! I just inc'ed the number that was there by 1 but does it really matter how I change it as long as it changes? I'm just thinking about how to script this for all the inboxes so can I just change them all to the same number for the sake of expediency or do they need to be unique, or higher than the number there now, or ??? I can't really think of why UIDs would have changed though. I think v1.1's and v1.2's mbox handling code is pretty much the same. I haven't had much time to study exactly how all the inboxes were changed but I did diff a couple from right before and right after the upgrade and there were *lots* of diffs in just the X-UID values. At a quick look, it sure seemed like a reordering had been done to remove the holes in the numbering in some kind of compaction-like operation. Thanks!!! --Rob
[Dovecot] 1.2.3 - fchown failed messages
Hello, I installed 1.2.3 and we are seeing a few messages in the log files such as: --- Aug 4 16:40:24 xyz dovecot: IMAP(john): fchown() failed with file /home/john/.imap/INBOX/dovecot.index.log.newlock: Operation not permitted Aug 4 16:40:24 xyz dovecot: IMAP(john): fchown() failed with file /home/john/.imap/INBOX/dovecot.index.tmp: Operation not permitted --- dovecot -n: # 1.2.3: /usr/local/etc/dovecot.conf # OS: Linux 2.6.20.1 i686 CentOS release 4.7 (Final) protocols: imap imaps pop3 pop3s ssl_ca_file: /usr/local/apache/conf/ssl.crt/gd_intermediate_bundle.crt ssl_cert_file: /usr/local/apache/conf/ssl.crt/xyz.com.cert ssl_key_file: /usr/local/apache/conf/ssl.key/xyz.com.key ssl_cipher_list: HIGH:MEDIUM:+TLSv1:!SSLv2:+SSLv3:!ADH:!LOW disable_plaintext_auth: no login_dir: /usr/local/var/run/dovecot/login login_executable(default): /usr/local/libexec/dovecot/imap-login login_executable(imap): /usr/local/libexec/dovecot/imap-login login_executable(pop3): /usr/local/libexec/dovecot/pop3-login mail_max_userip_connections(default): 25 mail_max_userip_connections(imap): 25 mail_max_userip_connections(pop3): 10 mail_privileged_group: mail mail_location: mbox:~/:INBOX=/var/spool/mail/%u mail_full_filesystem_access: yes mmap_disable: yes fsync_disable: yes mbox_read_locks: fcntl flock mbox_write_locks: fcntl flock mbox_very_dirty_syncs: yes mail_executable(default): /usr/local/libexec/dovecot/imap mail_executable(imap): /usr/local/libexec/dovecot/imap mail_executable(pop3): /usr/local/libexec/dovecot/pop3 mail_process_size: 512 mail_plugin_dir(default): /usr/local/lib/dovecot/imap mail_plugin_dir(imap): /usr/local/lib/dovecot/imap mail_plugin_dir(pop3): /usr/local/lib/dovecot/pop3 pop3_uidl_format(default): %08Xu%08Xv pop3_uidl_format(imap): %08Xu%08Xv pop3_uidl_format(pop3): %08Xv%08Xu pop3_client_workarounds(default): pop3_client_workarounds(imap): pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh lda: postmaster_address: postmas...@example.com auth default: mechanisms: plain login username_format: %Lu verbose: yes passdb: driver: shadow userdb: driver: passwd --- Permissions look fine in the home directory john, including all sub-directories. Thanks for letting me know of anything to check/change. Rob
Re: [Dovecot] 1.2.3 - fchown failed messages
On Tue, 4 Aug 2009, Timo Sirainen wrote: On Tue, 2009-08-04 at 16:46 -0400, Rob Mangiafico wrote: Hello, I installed 1.2.3 and we are seeing a few messages in the log files such as: --- Aug 4 16:40:24 xyz dovecot: IMAP(john): fchown() failed with file /home/john/.imap/INBOX/dovecot.index.log.newlock: Operation not permitted Aug 4 16:40:24 xyz dovecot: IMAP(john): fchown() failed with file /home/john/.imap/INBOX/dovecot.index.tmp: Operation not permitted This patch should give you a bit better error message that would explain the reason: http://hg.dovecot.org/dovecot-1.2/rev/8ea90a23ed74 Thanks. We've applied the patch and will email back if it continues to happen or we have any questions. Rob
Re: [Dovecot] 1.2.3 - fchown failed messages
On Tue, 4 Aug 2009, Timo Sirainen wrote: On Tue, 2009-08-04 at 16:46 -0400, Rob Mangiafico wrote: Hello, I installed 1.2.3 and we are seeing a few messages in the log files such as: --- Aug 4 16:40:24 xyz dovecot: IMAP(john): fchown() failed with file /home/john/.imap/INBOX/dovecot.index.log.newlock: Operation not permitted Aug 4 16:40:24 xyz dovecot: IMAP(john): fchown() failed with file /home/john/.imap/INBOX/dovecot.index.tmp: Operation not permitted This patch should give you a bit better error message that would explain the reason: http://hg.dovecot.org/dovecot-1.2/rev/8ea90a23ed74 The log file now shows: --- Aug 4 19:10:10 rezclick dovecot: IMAP(john): fchown(/home/john/.imap/INBOX/dovecot.index.tmp, -1, 12(mail)) failed: Operation not permitted (egid=509(johngrp), group based on /var/spool/mail/john) --- /var/spool/mail/john has a group of mail, whereas the home directory has their own group. In 1.1.x we did not get these errors. Is this a fix in 1.2? I assume we have to make the group match from their home dir and /var/spool/mail to get rid of the error? Any downside to allowing this error to continue? Thanks. Rob
Re: [Dovecot] 1.2.3 - fchown failed messages
On Tue, 4 Aug 2009, Timo Sirainen wrote: On Tue, 2009-08-04 at 19:31 -0400, Rob Mangiafico wrote: Aug 4 19:10:10 rezclick dovecot: IMAP(john): fchown(/home/john/.imap/INBOX/dovecot.index.tmp, -1, 12(mail)) failed: Operation not permitted (egid=509(johngrp), group based on /var/spool/mail/john) --- /var/spool/mail/john has a group of mail, whereas the home directory has their own group. In 1.1.x we did not get these errors. Is this a fix in 1.2? I assume we have to make the group match from their home dir and /var/spool/mail to get rid of the error? Any downside to allowing this error to continue? Thanks. What permissions does /var/spool/mail/john have? I guess mail group has read permissions? Just removing that should fix the error. -rw-rw 1 john mail 5676767 Aug 4 19:50 /var/spool/mail/john Those are the default permissions that sendmail uses I believe. Not sure if removing mail group r/w would have any other impact for sendmail/procmail? Thanks for taking the time to help. Rob
Re: [Dovecot] 1.2.3 - fchown failed messages
On Tue, 4 Aug 2009, Timo Sirainen wrote: On Tue, 2009-08-04 at 19:53 -0400, Rob Mangiafico wrote: What permissions does /var/spool/mail/john have? I guess mail group has read permissions? Just removing that should fix the error. -rw-rw 1 john mail 5676767 Aug 4 19:50 /var/spool/mail/john Those are the default permissions that sendmail uses I believe. Not sure if removing mail group r/w would have any other impact for sendmail/procmail? Thanks for taking the time to help. It depends on your setup, but usually mail group shouldn't need read or write access to users' mails. Seems like a security risk to me in any case. I agree. I removed the rw for the mail group for individual mbox mailboxes and no adverse effects from what I can tell. Thanks. Rob
Re: [Dovecot] NTLM configuration
Have you confirmed winbind is configured and working correctly ? user not authenticated: NT_STATUS_NO_LOGON_SERVERS suggests to me that you havent got a working winbind setup. Rob On Mon, 2009-05-11 at 10:01 +0200, Cédric Laruelle wrote: Hi again everybody ! I’m still stuck with the dovecot ntlm authentication… I configured dovecot to use winbind, and I would like winbind to authenticate against samba (samba, winbind and dovecot are running on the same box). Here is the log I have (192.168.0.1 is the server box, 192.168.0.254 the client box) dovecot: May 06 14:52:37 Info: auth(default): new auth connection: pid=25828 dovecot: May 06 14:52:38 Info: auth(default): client in: AUTH 1 NTLM service=imapsecured lip=192.168.0.1 rip=192.168.0.254 lport=143 rport=1084 dovecot: May 06 14:52:38 Info: auth(default): client out: CONT 1 dovecot: May 06 14:52:38 Info: auth(default): client in: CONT 1 TlRMTVNTUAABB4IIogAFASgKDw== dovecot: May 06 14:52:38 Info: auth(default): client out: CONT 1 TlRMTVNTUAACDgAOADAFgomizPYc4ALWKQgAAIAAgAA+QQBMAFYA TlRMTVNTUAACDgAOADAFgomizPYc4ALWKQgAAIAAgAA+QQBS AFUATQACAA4AQQBMAFYAQQBSAFUATQABABAASQBOAFQARQBSAE4AQQBMAAQAHgBhAGkAZABlAHIA ZABvAG4AbgBlAHIALgBjAG8AbQADADAAaQBuAHQAZQByAG4AYQBsAC4AYQBpAGQAZQByAGQAbwBu AG4AZQByAC4AYwBvAG0AAA== dovecot: May 06 14:52:38 Info: auth(default): client in: CONT 1 TlRMTVNTUAADGAAYAF4YABgAdgBIBgAGAEgQABAATgCO BYKIogUBKAoPZgBmAHMAQQBMAFYAQQBSAFUATQAzABXRN5WNNwAg ALm1ePVxjdOF1UPe8A/e1D6H0+jlJYQPUA== dovecot: May 06 14:52:38 Info: auth(default): winbind(?,192.168.0.254): user not authenticated: NT_STATUS_NO_LOGON_SERVERS dovecot: May 06 14:52:40 Info: auth(default): client out: FAIL 1 Please help, I really need to set this up and it begins to drive me really crazy … Cédric Laruelle Please consider the environment before printing this email. GAME Group plc, winners of: 2009 Retail Week Awards - Speciality Retailer of the Year 2009 National Sales Awards - Sales Training Programme/Initiative of the Year 2008 Econsultancy Innovation Awards - Innovation in Online Acquisition 2008 MCV Awards - Specialist Retailer of the Year 2007 Golden Joystick Awards - Retailer of the Year 2007 MCV Awards - Specialist Retailer of the Year 2006 Golden Joystick Awards - Retailer of the Year This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this e-mail in error please notify the system manager at: mailto:postmas...@game.co.uk The recipient acknowledges that the transmissions made via the Internet can be corrupted and therefore THE GAME GROUP PLC and any of its subsidiaries do not give any warranty as to the quality or accuracy of any information contained in the message or assume any liability for it or for its transmission, reception or storage. This footnote also confirms that this e-mail message has been swept by anti-virus software for the presence of computer viruses. http://www.game.co.uk http://www.gamegroup.plc.uk Registered Number: 1937170 Registered Office: Unity House, Telford Road, Basingstoke, Hampshire. RG21 6YJ Registered in England and Wales.
Re: [Dovecot] pop3_lock_session question
On Wed, 4 Feb 2009, Timo Sirainen wrote: Implemented for v1.2, probably apply to v1.1 also: http://hg.dovecot.org/dovecot-1.2/rev/6f29380ba3a0 http://hg.dovecot.org/dovecot-1.2/rev/ea9a186d64f9 I mean it will probably work. I'm trying to get v1.1 to a deep feature freeze. Do you think this pop3 lock issue could be applied to 1.1? This is the only remaining problem that we have with 1.1 and the mbox format. Everything else is working flawlessly. Thanks for considering it. Rob
Re: [Dovecot] pop3_lock_session question
On Thu, 12 Feb 2009, Charles Marcus wrote: On 2/12/2009, Rob Mangiafico (rm...@lexiconn.com) wrote: I mean it will probably work. I'm trying to get v1.1 to a deep feature freeze. Do you think this pop3 lock issue could be applied to 1.1? I think above he said 'not officially, but that you could apply the patch yourself'. Best bet would be to upgrade to 1.2 if you want official support for it... ok, thanks. Has anyone tried patching against 1.1.11? Any patch file for it? We just spent a few months transitioning from uw imap to dovecot 1.1, so we would rather not jump into 1.2 at the moment. Thanks. Rob
Re: [Dovecot] pop3_lock_session question
On Wed, 4 Feb 2009, Timo Sirainen wrote: On Wed, 2009-02-04 at 11:17 -0700, Mark Costlow wrote: Hello, I'm preparing to convert from qpopper + UW-IMAP to dovecot. So far testing has gone very well. One problem we haven't figured out is that long-running POP sessions keep the mailbox locked, so that the MDA times out while trying to deliver. We're using maildrop as our MDA if that matters. .. We though this setting would address the issue: # Keep the mailbox locked for the entire POP3 session. pop3_lock_session = no But it doesn't seem to. Any ideas? Switch to Maildir and the problem goes away. The issue is that the mbox file is read-locked when the first message is read. And since the POP3 client most likely just keeps reading messages for the entire session, the mbox file kept read-locked all the time. Can't really be fixed without some larger redesign (which is really not worth it). We see this as well with mbox and pop3 accesses where some pop3 clients do not logout (iphone's are the worst offenders) for 30-90 minutes it seems. Timeout settings in dovecot.conf do not seem to help. procmail backs up waiting to get access to the inbox to deliver mail. Is there a global timeout we can set that will close any pop3 connection after say 15 minutes? Maildir is not an option currently for many of our servers that use openwebmail, which does not support maildir currently. Not sure if these pop3 sessions are in a loop, just keeping the conenction open for a reason, etc... but they do not seem to do anything after the initial check besides not logging out... Rob
Re: [Dovecot] v1.1.6 released
We're running 1.1.4 in production on one machine, and have tried 1.1.5. and 1.1.6 in our test environment... all three still sometimes have the next message unexpectedly lost error logged. This happens only for Outlook users, and corresponds to the user seeing a message with no subject or body in Outlook's list. I've finally managed to reproduce this with my own mails a few days ago. Now I'd just need to figure out what exactly is causing it and fix it. Glad you were able to identify the issue. We see it every few days as well using mbox and POP3 checking where sometimes an in the middle deletion of a message (via a POP3 checker POPTray) will cause the empty message to appear to any POP3 check with a pop checker, pegasus mail, outlook, etc... It does not appear to be isolated to Outlook. Deleting the index files resets things. As a followup, we just had this happen again on an mbox POP3 check. Using pine, the message appears normally. I used telnet to access the POP box through dovecot, issued a RETR command on the new message, and it was blank. then I issued a RETR command on the email before it, and again a RETR command on the blank email and it appeared normally from that point forward using dovecot. Hope this helps in figuring out this issue. Rob
Re: [Dovecot] Panic in version 1.1.6
We have seen a few of these panics in 1.1.6. It seems to happen when pine is being used and a POP3 check occurs at the same time (but not always), but I'm not positive this is always the case: --- Nov 22 11:10:32 lexiconn2 dovecot: Panic: POP3(techjm): file istream.c: line 76 (i_stream_read): assertion failed: (_stream- skip != _stream-pos) Nov 22 11:10:32 lexiconn2 dovecot: POP3(techjm): Raw backtrace: pop3 [0x80c38f0] - pop3 [0x80c394a] - pop3 [0x80c324c] - p op3(i_stream_read+0xda) [0x80c7dda] - pop3 [0x80c9c6b] - pop3(i_stream_read+0x2d) [0x80c7d2d] - pop3 [0x80b9abe] - pop3(i _stream_read+0x2d) [0x80c7d2d] - pop3(i_stream_read_data+0x1d) [0x80c7e3d] - pop3(message_get_body_size+0x5c) [0x80be85c] - pop3(index_mail_init_stream+0x151) [0x8089571] - pop3 [0x80717a2] - pop3(index_mail_get_virtual_size+0x76) [0x80882b6] - pop3(client_create+0x282) [0x8059c72] - pop3(main+0x403) [0x805ba83] - /lib/libc.so.6(__libc_start_main+0xdc) [0x492dec] - pop3 [0x8059351] We're seeing something similar in 1.1.7: Dec 1 12:49:33 xxx dovecot: pop3-login: Login: user=jstuart, method=LOGIN, rip=1.2.3.4, lip=5.6.7.8, TLS Dec 1 12:49:33 xxx dovecot: POP3(jstuart): Effective uid=778, gid=510 Dec 1 12:49:33 xxx dovecot: POP3(jstuart): mbox: data=~/:INBOX=/var/spool/mail/jstuart Dec 1 12:49:33 xxx dovecot: POP3(jstuart): fs: root=/home/jstuart, index=, control=, inbox=/var/spool/mail/jstuart Dec 1 12:49:33 xxx dovecot: POP3(jstuart): Next message unexpectedly lost from 17090 Dec 1 12:49:33 xxx dovecot: POP3(jstuart): Next message unexpectedly lost from 17090 Dec 1 12:49:33 xxx dovecot: Panic: POP3(jstuart): file istream.c: line 81 (i_stream_read): assertion failed: (_stream-skip != _stream-pos) Dec 1 12:49:33 xxx dovecot: POP3(jstuart): Raw backtrace: pop3 [0x80c3a30] - pop3 [0x80c3a8a] - pop3 [0x80c338c] - pop3(i_stream_read+0xda) [0x80c7f4a] - pop3 [0x80c9e3b] - pop3(i_stream_read+0x2d) [0x80c7e9d] - pop3 [0x80b9bfe] - pop3(i_stream_read+0x2d) [0x80c7e9d] - pop3(i_stream_read_data+0x1d) [0x80c7fad] - pop3(message_get_body_size+0x5c) [0x80be99c] - pop3(index_mail_init_stream+0x151) [0x80896b1] - pop3 [0x80718a2] - pop3(index_mail_get_virtual_size+0x76) [0x80883f6] - pop3(client_create+0x282) [0x8059ca2] - pop3(main+0x403) [0x805bab3] - /lib/libc.so.6(__libc_start_main+0xdc) [0x125dec] - pop3 [0x8059381] Dec 1 12:49:33 xxx dovecot: child 17331 (pop3) killed with signal 6 dovecot -n # 1.1.7: /usr/local/etc/dovecot.conf # OS: Linux 2.6.18-53.1.14.el5PAE i686 CentOS release 5.2 (Final) protocols: imap imaps pop3 pop3s ssl_cert_file: /usr/local/apache/conf/ssl.crt/ssl.cert ssl_key_file: /usr/local/apache/conf/ssl.key/ssl.key ssl_cipher_list: HIGH:MEDIUM:+TLSv1:!SSLv2:+SSLv3 disable_plaintext_auth: no login_dir: /usr/local/var/run/dovecot/login login_executable(default): /usr/local/libexec/dovecot/imap-login login_executable(imap): /usr/local/libexec/dovecot/imap-login login_executable(pop3): /usr/local/libexec/dovecot/pop3-login mail_privileged_group: mail mail_location: mbox:~/:INBOX=/var/spool/mail/%u mail_debug: yes mail_full_filesystem_access: yes mmap_disable: yes fsync_disable: yes mbox_read_locks: fcntl flock mbox_write_locks: fcntl flock mbox_very_dirty_syncs: yes mail_drop_priv_before_exec: yes mail_executable(default): /usr/local/libexec/dovecot/imap mail_executable(imap): /usr/local/libexec/dovecot/imap mail_executable(pop3): /usr/local/libexec/dovecot/pop3 mail_process_size: 512 mail_plugin_dir(default): /usr/local/lib/dovecot/imap mail_plugin_dir(imap): /usr/local/lib/dovecot/imap mail_plugin_dir(pop3): /usr/local/lib/dovecot/pop3 pop3_uidl_format(default): %08Xu%08Xv pop3_uidl_format(imap): %08Xu%08Xv pop3_uidl_format(pop3): %08Xv%08Xu pop3_client_workarounds(default): pop3_client_workarounds(imap): pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh auth default: mechanisms: plain login username_format: %Lu verbose: yes passdb: driver: shadow userdb: driver: passwd We're seeing a handful of these errors each day, and many times there is no other process (i.e. pine, webmail, etc...) accessing the mbox file at the same time. Core files are not cooperating but if we can get one, we'll provide those details as well. Thanks. Rob
[Dovecot] Panic in version 1.1.6
Hello, We have seen a few of these panics in 1.1.6. It seems to happen when pine is being used and a POP3 check occurs at the same time (but not always), but I'm not positive this is always the case: --- Nov 22 11:10:32 lexiconn2 dovecot: Panic: POP3(techjm): file istream.c: line 76 (i_stream_read): assertion failed: (_stream- skip != _stream-pos) Nov 22 11:10:32 lexiconn2 dovecot: POP3(techjm): Raw backtrace: pop3 [0x80c38f0] - pop3 [0x80c394a] - pop3 [0x80c324c] - p op3(i_stream_read+0xda) [0x80c7dda] - pop3 [0x80c9c6b] - pop3(i_stream_read+0x2d) [0x80c7d2d] - pop3 [0x80b9abe] - pop3(i _stream_read+0x2d) [0x80c7d2d] - pop3(i_stream_read_data+0x1d) [0x80c7e3d] - pop3(message_get_body_size+0x5c) [0x80be85c] - pop3(index_mail_init_stream+0x151) [0x8089571] - pop3 [0x80717a2] - pop3(index_mail_get_virtual_size+0x76) [0x80882b6] - pop3(client_create+0x282) [0x8059c72] - pop3(main+0x403) [0x805ba83] - /lib/libc.so.6(__libc_start_main+0xdc) [0x492dec] - pop3 [0x8059351] dovecot -n # 1.1.6: /usr/local/etc/dovecot.conf # OS: Linux 2.6.18-53.1.14.el5 i686 CentOS release 5.2 (Final) protocols: imap imaps pop3 pop3s ssl_cert_file: /usr/local/apache/conf/ssl.crt/lexiconn.com.cert ssl_key_file: /usr/local/apache/conf/ssl.key/lexiconn.com.key ssl_cipher_list: HIGH:MEDIUM:+TLSv1:!SSLv2:+SSLv3 disable_plaintext_auth: no login_dir: /usr/local/var/run/dovecot/login login_executable(default): /usr/local/libexec/dovecot/imap-login login_executable(imap): /usr/local/libexec/dovecot/imap-login login_executable(pop3): /usr/local/libexec/dovecot/pop3-login mail_privileged_group: mail mail_location: mbox:~/:INBOX=/var/spool/mail/%u mail_full_filesystem_access: yes mmap_disable: yes fsync_disable: yes mbox_write_locks: fcntl mbox_very_dirty_syncs: yes mail_executable(default): /usr/local/libexec/dovecot/imap mail_executable(imap): /usr/local/libexec/dovecot/imap mail_executable(pop3): /usr/local/libexec/dovecot/pop3 mail_process_size: 512 mail_plugin_dir(default): /usr/local/lib/dovecot/imap mail_plugin_dir(imap): /usr/local/lib/dovecot/imap mail_plugin_dir(pop3): /usr/local/lib/dovecot/pop3 pop3_uidl_format(default): %08Xu%08Xv pop3_uidl_format(imap): %08Xu%08Xv pop3_uidl_format(pop3): %08Xv%08Xu pop3_client_workarounds(default): pop3_client_workarounds(imap): pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh auth default: mechanisms: plain login username_format: %Lu verbose: yes passdb: driver: shadow userdb: driver: passwd --- We've enabled core dumps to try and get a gdb backtrace the next time this happens. Rob
Re: [Dovecot] mail_privileged_group not working for dotlock files (1.1.6)
Running dovecot 1.1.6 on centOS 5 and RHEL 5. With the settings: pop3_lock_session = yes mail_privileged_group = mail mail_location = mbox:~/:INBOX=/var/spool/mail/%u mbox_read_locks = fcntl mbox_write_locks = dotlock fcntl and /var/spool/mail permissions: drwxrwx--x 2 root mail4096 Nov 19 10:16 mail/ Trying to connect via POP3 results in this error: --- Nov 19 09:31:01 lexiconn2 dovecot: child 32127 (pop3) killed with signal 11 Nov 19 09:31:01 lexiconn2 dovecot: POP3(cerberus): file_lock_dotlock() failed with mbox file /var/spool/mail/xxx: Permission denied Nov 19 09:31:01 lexiconn2 dovecot: pop3-login: Login: user=xxx, method=PLAIN, rip=1.2.3.4, lip=5.6.7.8, secured --- The docs seem to indicate the above config / settings should work. Is this a bug? The reason we have dotlock as the primary format is due to procmail LDA from sendmail: --- procmail -v 21|grep Locking Locking strategies: dotlocking, fcntl() --- I assume we have to make the mbox_write_locks match the procmail locking... We can use the workaround: mail_access_groups = mail But we'd prefer to use the safer method of mail_privileged_group to get dotlocking and POP3 mbox working with our current permissions. Just want to make sure we have things setup correctly. Thanks. Rob
Re: [Dovecot] mail_privileged_group not working for dotlock files (1.1.6)
On Fri, 2008-11-21 at 15:45 -0500, Rob Mangiafico wrote: Running dovecot 1.1.6 on centOS 5 and RHEL 5. With the settings: pop3_lock_session = yes mail_privileged_group = mail mail_location = mbox:~/:INBOX=/var/spool/mail/%u What does ~/ expand to? What does mail_debug=yes show? The privileged locking isn't used if INBOX appears under the mail root directory. So if ~/ expands to /, /var, /var/spool or /var/spool/mail, the privileged locking isn't done. From the log file: --- Nov 21 20:29:43 ssy dovecot: auth(default): new auth connection: pid=23472 Nov 21 20:29:46 ssy dovecot: auth(default): client in: AUTH 1 PLAIN service=pop3secured lip=127.0.0.1 rip=127.0.0.1 lport=110 rport=44480 resp=hidden Nov 21 20:29:46 ssy dovecot: auth(default): shadow(rlm,127.0.0.1): lookup Nov 21 20:29:46 ssy dovecot: auth(default): client out: OK 1 user=rlm Nov 21 20:29:46 ssy dovecot: auth(default): master in: REQUEST 2 23349 1 Nov 21 20:29:46 ssy dovecot: auth(default): passwd(rlm,127.0.0.1): lookup Nov 21 20:29:46 ssy dovecot: auth(default): master out: USER2 rlm system_user=rlm uid=500 gid=500 home=/home/rlm Nov 21 20:29:46 ssy dovecot: child 23475 (pop3) killed with signal 11 Nov 21 20:29:46 ssy dovecot: POP3(rlm): Effective uid=500, gid=500 Nov 21 20:29:46 ssy dovecot: POP3(rlm): mbox: data=~/mail:INBOX=/var/spool/mail/rlm Nov 21 20:29:46 ssy dovecot: POP3(rlm): fs: root=/home/rlm/mail, index=, control=, inbox=/var/spool/mail/rlm Nov 21 20:29:46 ssy dovecot: POP3(rlm): file_lock_dotlock() failed with mbox file /var/spool/mail/rlm: Permission denied Nov 21 20:29:46 ssy dovecot: pop3-login: Login: user=rlm, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured ls -al /var/spool/mail/ drwxrwx--x 2 root mail 4096 Nov 21 19:58 ./ dovecot -n # 1.1.6: /usr/local/etc/dovecot.conf # OS: Linux 2.6.20.1 i686 CentOS release 4.7 (Final) protocols: imap imaps pop3 pop3s ssl_cert_file: /usr/share/ssl/certs/sendmail.pem ssl_key_file: /usr/share/ssl/certs/sendmail.pem ssl_cipher_list: HIGH:MEDIUM:+TLSv1:!SSLv2:+SSLv3 disable_plaintext_auth: no login_dir: /usr/local/var/run/dovecot/login login_executable(default): /usr/local/libexec/dovecot/imap-login login_executable(imap): /usr/local/libexec/dovecot/imap-login login_executable(pop3): /usr/local/libexec/dovecot/pop3-login mail_privileged_group: mail mail_location: mbox:~/mail:INBOX=/var/spool/mail/%u mail_debug: yes mail_full_filesystem_access: yes mmap_disable: yes fsync_disable: yes mail_drop_priv_before_exec: yes mail_executable(default): /usr/local/libexec/dovecot/imap mail_executable(imap): /usr/local/libexec/dovecot/imap mail_executable(pop3): /usr/local/libexec/dovecot/pop3 mail_plugin_dir(default): /usr/local/lib/dovecot/imap mail_plugin_dir(imap): /usr/local/lib/dovecot/imap mail_plugin_dir(pop3): /usr/local/lib/dovecot/pop3 pop3_lock_session(default): no pop3_lock_session(imap): no pop3_lock_session(pop3): yes pop3_uidl_format(default): %08Xu%08Xv pop3_uidl_format(imap): %08Xu%08Xv pop3_uidl_format(pop3): %08Xv%08Xu auth default: mechanisms: plain login verbose: yes debug: yes passdb: driver: shadow userdb: driver: passwd Could you get gdb backtrace of this crash? See http://dovecot.org/bugreport.html I do not think it is crashing, as no matter what I do, I cannot get core dumps (in /tmp, home dir, etc...): ulimit -c unlimited cat /proc/sys/kernel/core_pattern /tmp/%p The reason we have dotlock as the primary format is due to procmail LDA from sendmail: --- procmail -v 21|grep Locking Locking strategies: dotlocking, fcntl() --- I assume we have to make the mbox_write_locks match the procmail locking... Actually it's not necessary. You'll need to have at least one common locking mechanism. Using only fcntl Dovecot would be enough if procmail also uses fcntl. Ah, ok. I thought the docs implied they had to match exactly. Since we use procmail as an LDA, and occasionally pine (from uw-imap) which I believe supports fcntl, and openwebmail (not sure if fcntl is supported), I think we'll be safe with fcntl locking. Correct? If you need me to test anything else, please let me know. Thanks! Rob
[Dovecot] mail_privileged_group not working for dotlock files (1.1.6)
Hello, Running dovecot 1.1.6 on centOS 5 and RHEL 5. With the settings: pop3_lock_session = yes mail_privileged_group = mail mail_location = mbox:~/:INBOX=/var/spool/mail/%u mbox_read_locks = fcntl mbox_write_locks = dotlock fcntl and /var/spool/mail permissions: drwxrwx--x 2 root mail4096 Nov 19 10:16 mail/ Trying to connect via POP3 results in this error: --- Nov 19 09:31:01 lexiconn2 dovecot: child 32127 (pop3) killed with signal 11 Nov 19 09:31:01 lexiconn2 dovecot: POP3(cerberus): file_lock_dotlock() failed with mbox file /var/spool/mail/xxx: Permission denied Nov 19 09:31:01 lexiconn2 dovecot: pop3-login: Login: user=xxx, method=PLAIN, rip=1.2.3.4, lip=5.6.7.8, secured --- The docs seem to indicate the above config / settings should work. Is this a bug? The reason we have dotlock as the primary format is due to procmail LDA from sendmail: --- procmail -v 21|grep Locking Locking strategies: dotlocking, fcntl() --- I assume we have to make the mbox_write_locks match the procmail locking... Thanks. Rob
Re: [Dovecot] Another dovecot-antispam plugin can't call dspam
Johannes Berg wrote: On Wed, 2008-11-05 at 10:03 -0500, Rob Klingsten wrote: Hi folks - I am configuring a new system and the antispam plugin is the last piece I need, everything else is working. Thanks to Johannes for this plugin, it's exactly what I want and an elegant solution for filter training. But I've been trying everything I can think of for the last 3 days to get this to work, no success. I've got: Postfix 2.5.3, dspam 3.8.0, Dovecot 1.1.6, Maildrop 2.0.4 and dovecot-antispam 1.0 tarball. I've built dspam from source with --disable-trusted-user-security to try and isolate the source of the plugin problem, which is the message at the IMAP client Failed to call dspam. Here's what I've got configured for the plugin: hmm. I wonder if there's a bug in debugv(), can you comment that call out in dspam-exec.c? johannes Aha, that's getting closer ... I still got the 'Failed to call dspam' message, but dspam now seems to be called: . . Nov 5 10:11:01 venus imap: antispam: Spam is spam folder Nov 5 10:11:01 venus imap: antispam: no unsure folders Nov 5 10:11:01 venus imap: antispam: dspam binary set to /usr/local/bin/dspam Nov 5 10:11:01 venus imap: antispam: dspam extra arg --user [EMAIL PROTECTED] Nov 5 10:11:01 venus dovecot: IMAP([EMAIL PROTECTED]): maildir: data=/var/mail/janeandrob.org/rob Nov 5 10:11:01 venus dovecot: IMAP([EMAIL PROTECTED]): maildir++: root=/var/mail/.org/rob, index=, control=, inbox=/var/mail/.org/rob Nov 5 10:11:01 venus imap: antispam: signature header line is X-DSPAM-Signature Nov 5 10:11:05 venus imap: antispam: mailbox_is_unsure(Spam): 0 Nov 5 10:11:05 venus imap: antispam: mailbox_is_trash(INBOX): 0 Nov 5 10:11:05 venus imap: antispam: mailbox_is_trash(Spam): 0 Nov 5 10:11:05 venus imap: antispam: mail copy: from trash: 0, to trash: 0 Nov 5 10:11:05 venus imap: antispam: mailbox_is_spam(INBOX): 0 Nov 5 10:11:05 venus imap: antispam: mailbox_is_spam(Spam): 1 Nov 5 10:11:05 venus imap: antispam: mailbox_is_unsure(INBOX): 0 Nov 5 10:11:05 venus imap: antispam: mail copy: src spam: 0, dst spam: 1, src unsure: 0 Nov 5 10:11:05 venus dspam[834]: Unable to determine the destination user Nov 5 10:11:05 venus dspam[834]: DSPAM agent misconfigured: aborting So now what happened to the arguments to dspam? Thanks very much for the help! Rob Klingsten smime.p7s Description: S/MIME Cryptographic Signature
Re: [Dovecot] Another dovecot-antispam plugin can't call dspam
Johannes Berg wrote: On Wed, 2008-11-05 at 10:03 -0500, Rob Klingsten wrote: Hi folks - I am configuring a new system and the antispam plugin is the last piece I need, everything else is working. Thanks to Johannes for this plugin, it's exactly what I want and an elegant solution for filter training. But I've been trying everything I can think of for the last 3 days to get this to work, no success. I've got: Postfix 2.5.3, dspam 3.8.0, Dovecot 1.1.6, Maildrop 2.0.4 and dovecot-antispam 1.0 tarball. I've built dspam from source with --disable-trusted-user-security to try and isolate the source of the plugin problem, which is the message at the IMAP client Failed to call dspam. Here's what I've got configured for the plugin: hmm. I wonder if there's a bug in debugv(), can you comment that call out in dspam-exec.c? johannes Aha, that's getting closer ... I still got the 'Failed to call dspam' message, but dspam now seems to be called: . . Nov 5 10:11:01 venus imap: antispam: Spam is spam folder Nov 5 10:11:01 venus imap: antispam: no unsure folders Nov 5 10:11:01 venus imap: antispam: dspam binary set to /usr/local/bin/dspam Nov 5 10:11:01 venus imap: antispam: dspam extra arg --user [EMAIL PROTECTED] Nov 5 10:11:01 venus dovecot: IMAP([EMAIL PROTECTED]): maildir: data=/var/mail/janeandrob.org/rob Nov 5 10:11:01 venus dovecot: IMAP([EMAIL PROTECTED]): maildir++: root=/var/mail/.org/rob, index=, control=, inbox=/var/mail/.org/rob Nov 5 10:11:01 venus imap: antispam: signature header line is X-DSPAM-Signature Nov 5 10:11:05 venus imap: antispam: mailbox_is_unsure(Spam): 0 Nov 5 10:11:05 venus imap: antispam: mailbox_is_trash(INBOX): 0 Nov 5 10:11:05 venus imap: antispam: mailbox_is_trash(Spam): 0 Nov 5 10:11:05 venus imap: antispam: mail copy: from trash: 0, to trash: 0 Nov 5 10:11:05 venus imap: antispam: mailbox_is_spam(INBOX): 0 Nov 5 10:11:05 venus imap: antispam: mailbox_is_spam(Spam): 1 Nov 5 10:11:05 venus imap: antispam: mailbox_is_unsure(INBOX): 0 Nov 5 10:11:05 venus imap: antispam: mail copy: src spam: 0, dst spam: 1, src unsure: 0 Nov 5 10:11:05 venus dspam[834]: Unable to determine the destination user Nov 5 10:11:05 venus dspam[834]: DSPAM agent misconfigured: aborting So now what happened to the arguments to dspam? Thanks very much for the help! Ok, I got it, it works! The primary solution was to comment out debugv() in dspam-exec.c ... Then, as suggested I put back in the semicolon in my extra arguments to dspam and bingo! Thanks very much to Johannes and Thorsten V. for the suggestions and speedy solution! Rob Klingsten smime.p7s Description: S/MIME Cryptographic Signature
Re: [Dovecot] Another dovecot-antispam plugin can't call dspam
On Wed, 2008-11-05 at 10:25 -0500, Rob Klingsten wrote: hmm. I wonder if there's a bug in debugv(), can you comment that call out in dspam-exec.c? johannes Aha, that's getting closer ... I still got the 'Failed to call dspam' message, but dspam now seems to be called: Nov 5 10:11:05 venus dspam[834]: DSPAM agent misconfigured: aborting So now what happened to the arguments to dspam? Thanks very much for the help! Ok, I got it, it works! The primary solution was to comment out debugv() in dspam-exec.c ... Then, as suggested I put back in the semicolon in my extra arguments to dspam and bingo! :) I just committed a fix to debugv(), can you try that? If you downloaded the tarball, get this one: http://git.sipsolutions.net/?p=dovecot-antispam.git;a=snapshot;h=HEAD;sf=tgz If you can confirm that works I'll make a new release. johannes The fixed version works perfectly, thank you very much! Rob K smime.p7s Description: S/MIME Cryptographic Signature
Re: [Dovecot] Another dovecot-antispam plugin can't call dspam
I just committed a fix to debugv(), can you try that? If you downloaded the tarball, get this one: http://git.sipsolutions.net/?p=dovecot-antispam.git;a=snapshot;h=HEAD;sf=tgz If you can confirm that works I'll make a new release. johannes The fixed version works perfectly, thank you very much! And it prints the full command line to the syslog, I assume? Thanks for testing! johannes Yes, it's great! Nov 5 10:50:10 venus imap: antispam: dspam binary set to /usr/local/bin/dspam Nov 5 10:50:10 venus imap: antispam: dspam extra arg --user Nov 5 10:50:10 venus imap: antispam: dspam extra arg [EMAIL PROTECTED] Nov 5 10:50:10 venus imap: antispam: signature header line is X-DSPAM-Signature Nov 5 10:50:13 venus imap: antispam: mailbox_is_unsure(INBOX): 0 Nov 5 10:50:13 venus imap: antispam: mailbox_is_trash(Spam): 0 Nov 5 10:50:13 venus imap: antispam: mailbox_is_trash(INBOX): 0 Nov 5 10:50:13 venus imap: antispam: mail copy: from trash: 0, to trash: 0 Nov 5 10:50:13 venus imap: antispam: mailbox_is_spam(Spam): 1 Nov 5 10:50:13 venus imap: antispam: mailbox_is_spam(INBOX): 0 Nov 5 10:50:13 venus imap: antispam: mailbox_is_unsure(Spam): 0 Nov 5 10:50:13 venus imap: antispam: mail copy: src spam: 1, dst spam: 0, src unsure: 0 Nov 5 10:50:13 venus imap: antispam: /usr/local/bin/dspam --source=error --class=innocent --signature=4911bedc107624643064458 --user [EMAIL PROTECTED] Thanks! Rob K smime.p7s Description: S/MIME Cryptographic Signature
[Dovecot] make archive emails undeletable?
I've been using dovecot for a year or two now, and really like it. I have a fairly simple setup, but I think it's time to get a little more advanced. I keep an archive of all my email, both sent and received. Every once in a while I get confused, and accidentally delete something from my archive. I also worry that I'll misconfigure a mail client some day and accidentally wipe out my trash folder. I would like some way to prevent deletion in several mailboxes. Is that possible? It looks like ACL could do this, but I can't quite figure out where to start. Any pointers would be greatly appreciated. Thanks, Rob
Re: [Dovecot] Why my Evolution cannot delete emails in dovecot IMAP folder?
Have you set Edit-Preferences-Mail Preferences Delete Mail empty trash on exit everytime? Rob From: [EMAIL PROTECTED] [EMAIL PROTECTED] On Behalf Of Igor Chudov [EMAIL PROTECTED] Sent: Wednesday, October 01, 2008 8:39 PM To: dovecot@dovecot.org Subject: [Dovecot] Why my Evolution cannot delete emails in dovecot IMAP folder? I use Ubuntu Hardy, get mails locally and run dovecot listening on localhost. I run Evolution and have it connect to dovecot, so that I can access my mail in IMAP and be able to use mutt from remote. So far so good. It works. However, my problem is that Evolution cannot delete any messages. That is, when I click DELETE in Evolution, Evolution no longer sees the message , but the message is still there. That's not what I want, when deleting messages I want them to go away from Inbox. How can I do it? thanks i
Re: [Dovecot] Auto creating client folders on the IMAP server after installing client.
On Mon, 2008-06-09 at 20:29 -0700, Radio Tron wrote: It's a buggy, moth infested, Linux client - you guys are using the windows TBird client. I use the Linux version of thunderbird (v2.0.0.14 20080515) on a RHEL5.1 desktop against a 1.0-1.2.0.el5 build of Dovecot and have never experienced any of the problems you described. :) Rob Please consider the environment before printing this email. GAME Stores Group Ltd has been awarded Retailer of the Year at the 2006 and 2007 Golden Joystick Awards and 'Thames Valley Business Award' for Outstanding Employer of Choice 2006. This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this e-mail in error please notify the system manager at: mailto:[EMAIL PROTECTED] The recipient acknowledges that the transmissions made via the Internet can be corrupted and therefore THE GAME GROUP PLC and any of its subsidiaries do not give any warranty as to the quality or accuracy of any information contained in the message or assume any liability for it or for its transmission, reception or storage. This footnote also confirms that this e-mail message has been swept by anti-virus software for the presence of computer viruses. http://www.game.co.uk http://www.gamegroup.plc.uk Registered Number: 1937170 Registered Office: Unity House, Telford Road, Basingstoke, Hampshire. RG21 6YJ Registered in England and Wales.
[Dovecot] How do I increase the fd limit on OS X?
Hi All, I just upgraded to the new 1.1rc5 from 1.0 that I had been using and it advised me to increase the file descriptor limit. I'm not sure how to do this. There is a command built into tcsh that allows me to do this called limit, but sudo limit 4224 doesn't work, and usually dovecot is started from the rc.local file if I recall right, and I'm not sure how to set this up from there. Any advice. Thanks, Rob -- Rob Frohne [EMAIL PROTECTED] Walla Walla University
Re: [Dovecot] more than one ldap database.
You can define multiple userdb/passworddb sections, each using ldap but using a different conf file. If you search the archives for one if my earlier posts this week, you will see my configuration where we actually have 3 different ldap configs defined to handle searching specific sub-trees within our ActiveDirectory. Rob On Thu, 2008-04-17 at 13:10 +0200, Mauro Sanna wrote: If I have two databases in my ldap, ex: dc=dominio1,dc=it is the first database and dc=dominio2,dc=it is the second one. Can I put these two search bases in dovecot-ldap.conf? Please consider the environment before printing this email. GAME Stores Group Ltd has been awarded Retailer of the Year at the 2006 and 2007 Golden Joystick Awards and 'Thames Valley Business Award' for Outstanding Employer of Choice 2006. This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this e-mail in error please notify the system manager at: mailto:[EMAIL PROTECTED] The recipient acknowledges that the transmissions made via the Internet can be corrupted and therefore THE GAME GROUP PLC and any of its subsidiaries do not give any warranty as to the quality or accuracy of any information contained in the message or assume any liability for it or for its transmission, reception or storage. This footnote also confirms that this e-mail message has been swept by anti-virus software for the presence of computer viruses. http://www.game.co.uk http://www.gamegroup.plc.uk Registered Number: 1937170 Registered Office: Unity House, Telford Road, Basingstoke, Hampshire. RG21 6YJ Registered in England and Wales.
Re: [Dovecot] Please help: LDAP configuration _almost_ works.
I cant help you with what is going wrong for you, but we use dovecot very successfully with ldap lookups against Active Directory, using auth_bind=yes, and it does not require anonymous connections. The initial connection is by an un-privileged user that searches for the user, then a 2nd connection is used, authenticating against AD as the looked up user using the password supplied to dovecot. Our setup looks like this: # rpm -q dovecot dovecot-1.0-1.2.0.el5 # dovecot -n # /etc/dovecot.conf protocols: imap pop3 login_dir: /var/run/dovecot/login login_executable(default): /usr/libexec/dovecot/imap-login login_executable(imap): /usr/libexec/dovecot/imap-login login_executable(pop3): /usr/libexec/dovecot/pop3-login login_user: dovecotlogin login_process_size: 64 login_processes_count: 10 login_max_processes_count: 64 first_valid_uid: 97 default_mail_env: maildir:/data/shared/mailstore/%d/%n mail_location: maildir:/data/shared/mailstore/%d/%n mail_executable(default): /usr/libexec/dovecot/imap mail_executable(imap): /usr/libexec/dovecot/imap mail_executable(pop3): /usr/libexec/dovecot/pop3 mail_plugin_dir(default): /usr/lib64/dovecot/imap mail_plugin_dir(imap): /usr/lib64/dovecot/imap mail_plugin_dir(pop3): /usr/lib64/dovecot/pop3 auth default: passdb: driver: ldap args: /etc/dovecot-ldap.conf passdb: driver: ldap args: /etc/dovecot-ldap-fr.conf passdb: driver: ldap args: /etc/dovecot-ldap-se.conf userdb: driver: ldap args: /etc/dovecot-ldap.conf userdb: driver: ldap args: /etc/dovecot-ldap-fr.conf userdb: driver: ldap args: /etc/dovecot-ldap-se.conf # cat /etc/dovecot-ldap.conf hosts = ad.our.net dn=CN=Lookup,CN=Users,DC=our,DC=net dnpass= auth_bind = yes ldap_version = 3 base = OU=Stores,OU=UK,DC=our,DC=net deref = never scope = subtree user_attrs = mail=user user_filter = ((objectClass=user)(mail=%u)) pass_attrs = mail=user,userPassword=password,mail=userdb_user pass_filter = ((objectClass=user)(mail=%u)) user_global_uid = dovecot user_global_gid = dovecot We use multiple userdb / passdb definitions and ldap configs in order to limit the searches of our AD schema to specific sub-trees, both for performance and as there are other users elsewhere in our schema that we dont want dovecot to allow to connect. Hope this helps you. Rob On Wed, 2008-04-16 at 00:19 +0100, Wojtek Bogusz wrote: /etc/ldap/sldap.conf: access to attr=uid,homeDirectory,uidNumber by anonymous read I do not have this in my configuration, and dovecot does indeed use the credential I provide to successfully query LDAP for the user based on the (mail=%u) criteria. However, it does not see the reply. The fact that it does perform the query successfully implies to me that it does not use an anonymous connection. Very puzzling. i have no idea what dovecot is doing :-) from the log file it looks like there are 2 queries to ldap: 1. to check provided password for provided user name, 2. to find a user related information (and from what Steffen wrote this one is done with anonymous user - correct?). [on the margin: why isn't it done in one query: get me the user related information, i am binding with provided user and with provided password. this way it would be one query for two things.] in my case, i cannot list user related information from ldap in anonymous connection even from command line, using: ldapsearch -x -b 'ou=Users,dc=frontline' '((objectClass=posixAccount)(uid=wojtek))' homeDirectory so i guess that i have to workout ldap settings for anonymous query. my /etc/ldap/slapd.conf related to access permissions is: access to dn.children=ou=Users,dc=frontline attrs=uid,homeDirectory,uidNumber by anonymous read access to attrs=userPassword,sambaNTPassword,sambaLMPassword by dn=cn=admin,dc=frontline write by anonymous auth by self write by * none access to dn.children=ou=Users,dc=frontline by dn=cn=root,ou=Users,dc=frontline read by anonymous auth by self write access to dn.base= by * read access to * by dn=cn=admin,dc=frontline write by * read maybe the problem is here... any hints please? regards, Wojtek Please consider the environment before printing this email. GAME Stores Group Ltd has been awarded Retailer of the Year at the 2006 and 2007 Golden Joystick Awards and 'Thames Valley Business Award' for Outstanding Employer of Choice 2006. This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this e-mail in error please notify the system manager at: mailto:[EMAIL PROTECTED] The recipient acknowledges that the transmissions made via the Internet can be corrupted and therefore THE GAME GROUP PLC and any of its subsidiaries do not give any
Re: [Dovecot] Please help: LDAP configuration _almost_ works.
On Wed, 2008-04-16 at 10:39 +0100, Wojtek Bogusz wrote: dear Rob, thank you for support! there are small differences in mine and yours config, like: - you do not have auth_bind_userdn defined. if i comment my out i cannot authenticate at all - log file: auth(default): ldap(wojtek,192.168.0.200): unknown user dovecot: auth(default): client out: FAIL^I1^Iuser=wojtek Our initial connection is made using the dn and dnpass settings. This looks up the user's dn based on the ((objectClass=user)(mail=% u)) search criteria. My understanding of the auth_bind_userdn setting is that it is only useful if all your users are in a specific tree in the ldap, so that you can specify (from http://wiki.dovecot.org/HowTo/DovecotOpenLdap?highlight=% 28auth_bind_userdn%29 ) auth_bind_userdn = uid=% u,ou=People,dc=_WIZZY_HOSTNAME_,ou=wizzy This I believe saves the first lookup to find the dn of the user trying to login. Our users are spread throughout our tree, hence using the initial lookup as the 'dn'/'dnpass' user to find our user's dn. If you remove auth_bind_userdn, do you have 'dn' 'dnpass' setup with a suitable unprivileged user to allow the initial lookup of the logging-in user's dn ? - you have user_attrs = mail=user, me: user_attrs = homeDirectory=home,uidNumber=uid. but i do not think it make any difference. Our users login with their email address as the userid - hence mail=user telling dovecot that the userid is stored in the 'mail' attribute in the ldap results. We dont bother with 'home' or 'uid' as they are all virtual users, using a fixed uid set by user_global_uid = dovecot and mail_location: maildir:/data/shared/mailstore/%d/%n - i did not have deref = never. do you know what does it do? i do not understand man ldapsearch explanation :( something to do with following links to other ldap servers I think. Dont think its strictly necessary in a single server setup. Rob, could you send me your ldap config (/etc/ldap/slapd.conf) please? maybe i am making some simple mistake with my ldap config... As I said, we use Active Directory (running on Win2k3 servers I believe), not slapd. Regards, Rob Rob Coward wrote: I cant help you with what is going wrong for you, but we use dovecot very successfully with ldap lookups against Active Directory, using auth_bind=yes, and it does not require anonymous connections. The initial connection is by an un-privileged user that searches for the user, then a 2nd connection is used, authenticating against AD as the looked up user using the password supplied to dovecot. Our setup looks like this: # rpm -q dovecot dovecot-1.0-1.2.0.el5 # dovecot -n # /etc/dovecot.conf protocols: imap pop3 login_dir: /var/run/dovecot/login login_executable(default): /usr/libexec/dovecot/imap-login login_executable(imap): /usr/libexec/dovecot/imap-login login_executable(pop3): /usr/libexec/dovecot/pop3-login login_user: dovecotlogin login_process_size: 64 login_processes_count: 10 login_max_processes_count: 64 first_valid_uid: 97 default_mail_env: maildir:/data/shared/mailstore/%d/%n mail_location: maildir:/data/shared/mailstore/%d/%n mail_executable(default): /usr/libexec/dovecot/imap mail_executable(imap): /usr/libexec/dovecot/imap mail_executable(pop3): /usr/libexec/dovecot/pop3 mail_plugin_dir(default): /usr/lib64/dovecot/imap mail_plugin_dir(imap): /usr/lib64/dovecot/imap mail_plugin_dir(pop3): /usr/lib64/dovecot/pop3 auth default: passdb: driver: ldap args: /etc/dovecot-ldap.conf passdb: driver: ldap args: /etc/dovecot-ldap-fr.conf passdb: driver: ldap args: /etc/dovecot-ldap-se.conf userdb: driver: ldap args: /etc/dovecot-ldap.conf userdb: driver: ldap args: /etc/dovecot-ldap-fr.conf userdb: driver: ldap args: /etc/dovecot-ldap-se.conf # cat /etc/dovecot-ldap.conf hosts = ad.our.net dn=CN=Lookup,CN=Users,DC=our,DC=net dnpass= auth_bind = yes ldap_version = 3 base = OU=Stores,OU=UK,DC=our,DC=net deref = never scope = subtree user_attrs = mail=user user_filter = ((objectClass=user)(mail=%u)) pass_attrs = mail=user,userPassword=password,mail=userdb_user pass_filter = ((objectClass=user)(mail=%u)) user_global_uid = dovecot user_global_gid = dovecot We use multiple userdb / passdb definitions and ldap configs in order to limit the searches of our AD schema to specific sub-trees, both for performance and as there are other users elsewhere in our schema that we dont want dovecot to allow to connect. Hope this helps you. Rob On Wed, 2008-04-16 at 00:19 +0100, Wojtek Bogusz wrote: /etc/ldap/sldap.conf: access to attr=uid,homeDirectory,uidNumber by anonymous read I do not have this in my configuration, and dovecot does indeed use the credential I provide to successfully query LDAP for the user based on the (mail=%u
Re: [Dovecot] Please help: LDAP configuration _almost_ works.
On Wed, 2008-04-16 at 08:28 -0500, Jack McKinney wrote: Looking at your config, it seems that your passdb for LDAP depends on your userdb, as you have mail= twice in your pass_attrs, once for userdb_user. For that matter, why do you have userPassword=password? dovecot should never need to see the contents of this field. Indeed, this is the whole point of using auth_bind: instead of dovecot retrieving the password from LDAP and checking it against the user-supplied one, dovecot should _send_ the password to LDAP in the form of a bind and have LDAP accept or reject it. I never said that it was right, only that it works for us ;) It may be that some of our config settings are unnecessary, redundant or sub-optimal, but it works, its running happily in an active-passive RHEL5 cluster configuration using ext3 on DRBD for storing the mailboxes, and until we look at upgrading to the latest dovecot stable release, we aren't likely to play with any config settings Please consider the environment before printing this email. GAME Stores Group Ltd has been awarded Retailer of the Year at the 2006 and 2007 Golden Joystick Awards and 'Thames Valley Business Award' for Outstanding Employer of Choice 2006. This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this e-mail in error please notify the system manager at: mailto:[EMAIL PROTECTED] The recipient acknowledges that the transmissions made via the Internet can be corrupted and therefore THE GAME GROUP PLC and any of its subsidiaries do not give any warranty as to the quality or accuracy of any information contained in the message or assume any liability for it or for its transmission, reception or storage. This footnote also confirms that this e-mail message has been swept by anti-virus software for the presence of computer viruses. http://www.game.co.uk http://www.gamegroup.plc.uk Registered Number: 1937170 Registered Office: Unity House, Telford Road, Basingstoke, Hampshire. RG21 6YJ Registered in England and Wales.
Re: [Dovecot] maildir directory structure
Have a read of http://wiki.dovecot.org/Variables On Wed, 2008-02-27 at 09:46 +0100, Chantal Rosmuller wrote: Hi list, I would like my mail directory structure to be like this: /var/vmail/firstletterdomain/domain/username what would be the syntax in dovecot.conf? Thanks, chantal Please consider the environment before printing this email. GAME Stores Group Ltd has been awarded Retailer of the Year at the 2006 Golden Joystick Awards and 'Thames Valley Business Award' for Outstanding Employer of Choice 2006. This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this e-mail in error please notify the system manager at: mailto:[EMAIL PROTECTED] The recipient acknowledges that the transmissions made via the Internet can be corrupted and therefore THE GAME GROUP PLC and any of its subsidiaries do not give any warranty as to the quality or accuracy of any information contained in the message or assume any liability for it or for its transmission, reception or storage. This footnote also confirms that this e-mail message has been swept by anti-virus software for the presence of computer viruses. http://www.game.co.uk http://www.gamegroup.plc.uk Registered Number: 1937170 Registered Office: Unity House, Telford Road, Basingstoke, Hampshire. RG21 6YJ Registered in England and Wales.
Re: [Dovecot] Static list of users with passdb pam
If you are using pam already, why not add to /etc/pam.d/dovecot something like: authrequiredpam_listfile.so onerr=fail item=user sense=allow file=/etc/dovecot/allowed_users The syntax may not be quite correct as this is off the top of my head and I havent tested it, but we do something very similar with other pam authentications, such as from vsftpd, to restrict user access. Regards, Rob On Fri, 2008-01-18 at 10:04 +0100, Koen Vermeer wrote: Hi, On my system, I want to provide imap access for some of the users listed in /etc/passwd. The list of users should be provided by me, and should just be a list in a text file. All the userdb options are static (uid, gid, home directory). Unfortunately, I cannot think of a way to configure Dovecot to do this. The closest I get is with: passdb pam {} userdb passwd-file { args = /path/to/passwd-file } However, the passwd-file is now more complex than it really needs to be, as it includes fields for password, uid, gid and home directory as well. Is there some way to handle this? Or am I trying to do something stupid? Thanks! Koen Please consider the environment before printing this email. GAME Stores Group Ltd has been awarded Retailer of the Year at the 2006 Golden Joystick Awards and 'Thames Valley Business Award' for Outstanding Employer of Choice 2006. This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this e-mail in error please notify the system manager at: mailto:[EMAIL PROTECTED] The recipient acknowledges that the transmissions made via the Internet can be corrupted and therefore THE GAME GROUP PLC and any of its subsidiaries do not give any warranty as to the quality or accuracy of any information contained in the message or assume any liability for it or for its transmission, reception or storage. This footnote also confirms that this e-mail message has been swept by anti-virus software for the presence of computer viruses. http://www.game.co.uk http://www.gamegroup.plc.uk Registered Number: 1937170 Registered Office: Unity House, Telford Road, Basingstoke, Hampshire. RG21 6YJ Registered in England and Wales.
Re: [Dovecot] Audit log?
I use pam authentication in dovecot and the following fail2ban filter seems to work fine for me: failregex = auth\(default\): pam\(.*,HOST\): pam_authenticate\(\) failed: Rob On Fri, 2007-12-21 at 12:04 +0100, Bjørn T Johansen wrote: On Thu, 20 Dec 2007 18:42:01 +0200 Timo Sirainen [EMAIL PROTECTED] wrote: On Thu, 2007-12-20 at 13:18 +0100, Bjørn T Johansen wrote: Yes, I know about those but I was kind of hoping to see failed authentications in some logs without enabling debug logging, like if I use PAM authentication auth_verbose=yes enables logging failed logins. That did the trick... thx... :) If I only had learned regexp like I have been meaning too for many years now, this would have been a piece of cake but... Does anyone use Dovecot together with fail2ban? If so, could any one share the failregex they are using? (A) (or perhaps someone could create a regexp that recognize a line like this: dovecot: Dec 21 11:58:07 Info: auth(default): sql([EMAIL PROTECTED],85.19.143.23): Password mismatch ) BTJ Please consider the environment before printing this email. GAME Stores Group Ltd has been awarded �Retailer of the Year� at the 2006 Golden Joystick Awards and 'Thames Valley Business Award' for Outstanding Employer of Choice 2006. This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this e-mail in error please notify the system manager at: mailto:[EMAIL PROTECTED] The recipient acknowledges that the transmissions made via the Internet can be corrupted and therefore THE GAME GROUP PLC and any of its subsidiaries do not give any warranty as to the quality or accuracy of any information contained in the message or assume any liability for it or for its transmission, reception or storage. This footnote also confirms that this e-mail message has been swept by anti-virus software for the presence of computer viruses. http://www.game.co.uk http://www.gamegroup.plc.uk Registered Number: 1937170 Registered Office: Unity House, Telford Road, Basingstoke, Hampshire. RG21 6YJ Registered in England and Wales.
Re: [Dovecot] Audit log?
Yes, but surely its not a big leap for you to rewrite my regex to: auth\(default\): sql\(.*,HOST\): Password mismatch Rob On Fri, 2007-12-21 at 16:30 +0100, Bjørn T Johansen wrote: Yes, but that doesn't work for sql auth; as you see, the line logged is different... BTJ On Fri, 21 Dec 2007 14:32:01 + Rob Coward [EMAIL PROTECTED] wrote: I use pam authentication in dovecot and the following fail2ban filter seems to work fine for me: failregex = auth\(default\): pam\(.*,HOST\): pam_authenticate\(\) failed: Rob On Fri, 2007-12-21 at 12:04 +0100, Bj__rn T Johansen wrote: On Thu, 20 Dec 2007 18:42:01 +0200 Timo Sirainen [EMAIL PROTECTED] wrote: On Thu, 2007-12-20 at 13:18 +0100, Bj__rn T Johansen wrote: Yes, I know about those but I was kind of hoping to see failed authentications in some logs without enabling debug logging, like if I use PAM authentication auth_verbose=yes enables logging failed logins. That did the trick... thx... :) If I only had learned regexp like I have been meaning too for many years now, this would have been a piece of cake but... Does anyone use Dovecot together with fail2ban? If so, could any one share the failregex they are using? (A) (or perhaps someone could create a regexp that recognize a line like this: dovecot: Dec 21 11:58:07 Info: auth(default): sql([EMAIL PROTECTED],85.19.143.23): Password mismatch ) BTJ Please consider the environment before printing this email. GAME Stores Group Ltd has been awarded _Retailer of the Year_ at the 2006 Golden Joystick Awards and 'Thames Valley Business Award' for Outstanding Employer of Choice 2006. This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this e-mail in error please notify the system manager at: mailto:[EMAIL PROTECTED] The recipient acknowledges that the transmissions made via the Internet can be corrupted and therefore THE GAME GROUP PLC and any of its subsidiaries do not give any warranty as to the quality or accuracy of any information contained in the message or assume any liability for it or for its transmission, reception or storage. This footnote also confirms that this e-mail message has been swept by anti-virus software for the presence of computer viruses. http://www.game.co.uk http://www.gamegroup.plc.uk Registered Number: 1937170 Registered Office: Unity House, Telford Road, Basingstoke, Hampshire. RG21 6YJ Registered in England and Wales. Please consider the environment before printing this email. GAME Stores Group Ltd has been awarded �Retailer of the Year� at the 2006 Golden Joystick Awards and 'Thames Valley Business Award' for Outstanding Employer of Choice 2006. This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this e-mail in error please notify the system manager at: mailto:[EMAIL PROTECTED] The recipient acknowledges that the transmissions made via the Internet can be corrupted and therefore THE GAME GROUP PLC and any of its subsidiaries do not give any warranty as to the quality or accuracy of any information contained in the message or assume any liability for it or for its transmission, reception or storage. This footnote also confirms that this e-mail message has been swept by anti-virus software for the presence of computer viruses. http://www.game.co.uk http://www.gamegroup.plc.uk Registered Number: 1937170 Registered Office: Unity House, Telford Road, Basingstoke, Hampshire. RG21 6YJ Registered in England and Wales.