from:"Robert Schetterer"

Am 04.09.2018 um 18:27 schrieb Sami Ketola:
> 
> 
>> On 4 Sep 2018, at 18.38, Robert Schetterer  wrote:
>>
>> Sorry i migrated terrabytes of mail with imapsync and never had a
>> problem, it works as designed, also with maildir rsync did a good job,
>> what never worked as it should was dsync ,cause of bugs ,that may
>> changed now
>>
> 
> I would like to very much hear about the problems you had with dsync as we 
> have successfully migrated tens of petabytes of mails with it successfully 
> while preserving the UID numbers.
> Imapsync would have been totally out of question as it is absolutely crucial 
> in those migrations to keep the UID -> MAIL pairs matching legacy server. And 
> usually also POP3 UIDLs. If not keeping the data the servers would have 
> literally melted under load when switching over then of thousands of users 
> forcing them to redownload headers of even mail bodies for millions of mails.
> 
> Sami
> 
> 

I think you should know the dove buglist, i used dovecot since the beginning
and believe me dsync had a lot of problems, as i stated i hope this had
changed now. I didnt used/tested it again the last years cause i had no
big migration job to do, we ever tried to use it that days cause youre
right we would have prefer not broke pop3 stuff at migration. But it
never worked, so imapsync was the best way to go, also having courier,
cyrus migrations with format/namespace change etc.

Imapsync works as designed and migration might not be ideal at some
points but it has no real stoppers if migration is well prepared and
organized.

Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: Best way to move mail from one server to another

Am 04.09.2018 um 17:18 schrieb Sami Ketola:
> 
> 
>> On 4 Sep 2018, at 18.00, Robert Schetterer  wrote:
>>
>> Am 04.09.2018 um 16:52 schrieb Sami Ketola:
>>>
>>>
>>>> On 4 Sep 2018, at 17.47, Robert Schetterer  wrote:
>>>>
>>>> Am 04.09.2018 um 09:41 schrieb Sami Ketola:
>>>>> imapsync always loses data
>>>>
>>>> never saw this, be carefull by anounce such myths
>>>
>>>
>>> It is a fact. Imapsync works over IMAP only and IMAP protocol does not even 
>>> support transferring all data. At most at least UID numbering will be lost 
>>> and end users need to invalidate their local caches.
>>
>> but using "looses data" might others think it also may fail with imap,
>> so be more detailed next time
> 
> 
> UID number is also data that is saved on the IMAP backend. If that is lost 
> then it's "lost data".
> 
> Sami
> 

Sorry i migrated terrabytes of mail with imapsync and never had a
problem, it works as designed, also with maildir rsync did a good job,
what never worked as it should was dsync ,cause of bugs ,that may
changed now

so this is my answer to topic

 "Best way to move mail from one server to another"

after all there is no "best way", there are a few ways
choose the one which fits best to your needs goals and starting points (
kind of servers etc )

Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: Best way to move mail from one server to another

Am 04.09.2018 um 16:52 schrieb Sami Ketola:
> 
> 
>> On 4 Sep 2018, at 17.47, Robert Schetterer  wrote:
>>
>> Am 04.09.2018 um 09:41 schrieb Sami Ketola:
>>> imapsync always loses data
>>
>> never saw this, be carefull by anounce such myths
> 
> 
> It is a fact. Imapsync works over IMAP only and IMAP protocol does not even 
> support transferring all data. At most at least UID numbering will be lost 
> and end users need to invalidate their local caches.

but using "looses data" might others think it also may fail with imap,
so be more detailed next time
> 
> Sami
> 



Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: Best way to move mail from one server to another

Am 04.09.2018 um 09:41 schrieb Sami Ketola:
> imapsync always loses data

never saw this, be carefull by anounce such myths


Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: Auto configure email clients from Dovecot?

2018-06-30 Thread Robert Schetterer

Am 30.06.2018 um 19:37 schrieb Davide Marchi:
> Hi Friends,
> 
> I'm using on Debian Jessie, Dovecot 1:2.2.13-12~deb8u3.
> I would like to know if is it possible to auto-configure the email
> client, for example Thunderbird or K-9 mail.
> Essentially I would like to know if is it possible to let dovecot
> instruct the mail client about how to auto-configure the email client.
> 
> Actually my mail server parameters are not automatically taken from
> Thunderbird or K9-Mail.
> Is there a way to make this possible? Or am I on a wrong path?
> 
> Many many thanks!
> 
> Davide
> Italy

see

https://automx.org/en/

https://blog.sys4.de/outlook-2013-special-use-mit-dovecot-de.html

https://wiki.dovecot.org/MailboxSettings


Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: limit pop login per user and per minute

2018-03-22 Thread Robert Schetterer

Am 22.03.2018 um 12:42 schrieb Robert Schetterer:
> Am 22.03.2018 um 11:21 schrieb Markus Eckerl:
>> Hi,
>>
>> like I have written in the subject line I want to limit the pop login
>> per user and per minute.
>>
>> Currently I am having several customers which are fetching their email
>> with popcon (MS Exchange).
>>
>> This has never been a problem. But... They all have got the same
>> "technician" which take care of their systems.
>>
>> The problem is, that he misconfigured the servers of these customers. In
>> detail: their servers are trying to fetch email every 2 - 5 seconds. For
>> every email address.
>>
>> In the past I contacted the technician and told him about his mistake.
>> He was not very helpful and simply told me that he is doing the same
>> configuration since several years at all of his customer servers.
>> Without problems. It is up to me to fix my problem myself.
>>
>> Well, I googled a lot but all I found is to limit for a specific IP or
>> for a secific account. Both is not what I am looking for.
>>
>> Maybe someone can give me a hint?
>>
>> Thanks and kind regards
>>
>> Markus
>>
>>
>>
> 
> I had about 5000 popcon users in the past , dovecot can handle this
> if you turn right parameters on. As far i remember there were also 2
> different ways to configure popcon, users per time or all users in one
> session ( which was really bullshit ) , after all i wouldnt recommand
> trying limiting ,that might lead to further problems. Your customer has
> to understand his misconfiguration
> 
> some graph of that time is here
> 
> https://blog.sys4.de/xymon-dovecot-count-imap-pop3-logins-graph-central-rsyslog-server-ubuntu-lucid-en.html
> 
> 
> 
> 

beside iptables recent, or fail2ban
which may have unwanted side effects and only work by ip

here was a post with a dovecot solution

https://www.dovecot.org/list/dovecot/2017-July/108521.html

never tested this


Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: limit pop login per user and per minute

2018-03-22 Thread Robert Schetterer

Am 22.03.2018 um 11:21 schrieb Markus Eckerl:

Hi,

like I have written in the subject line I want to limit the pop login
per user and per minute.

Currently I am having several customers which are fetching their email
with popcon (MS Exchange).

This has never been a problem. But... They all have got the same
"technician" which take care of their systems.

The problem is, that he misconfigured the servers of these customers. In
detail: their servers are trying to fetch email every 2 - 5 seconds. For
every email address.

In the past I contacted the technician and told him about his mistake.
He was not very helpful and simply told me that he is doing the same
configuration since several years at all of his customer servers.
Without problems. It is up to me to fix my problem myself.

Well, I googled a lot but all I found is to limit for a specific IP or
for a secific account. Both is not what I am looking for.

Maybe someone can give me a hint?

Thanks and kind regards

Markus

I had about 5000 popcon users in the past , dovecot can handle this
if you turn right parameters on. As far i remember there were also 2
different ways to configure popcon, users per time or all users in one
session ( which was really bullshit ) , after all i wouldnt recommand
trying limiting ,that might lead to further problems. Your customer has
to understand his misconfiguration

some graph of that time is here

https://blog.sys4.de/xymon-dovecot-count-imap-pop3-logins-graph-central-rsyslog-server-ubuntu-lucid-en.html

--
[*] sys4 AG

https://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG,80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer, Wolfgang Stief
Aufsichtsratsvorsitzender: Florian Kirstein

Re: Outlook 2016 IMAP trouble

Am 05.03.2018 um 17:44 schrieb Robert Giles:
> On 2018-03-05 at 10:40, Robert Schetterer wrote:
>> Am 05.03.2018 um 09:45 schrieb G:
>>> Hello List,
>>>
>>> I'm facing an issue with dovecot (2.2.27) IMAP  and Outlook as a client.
>>>
>>> George
>>
>> i have no Outlook 2016 to test but if you setup is right
>> no trouble should come up, however simply look in the dovecot log files
>> what your user did, perhaps he was offline and only thinking that he
>> synced via imap
> 
> I've observed similar behavior for a user with Outlook 2013 and Panda
> IMAP;  when synchronization failed for whatever reason, Outlook wasn't
> very verbose about it, and the user continued operating for several
> months not realizing their local mailbox had entirely diverged from the
> "true" contents on the IMAP server.
> 
> Robert
> 

never had this with Outlook 2013
but ost files may brake any time , also with exchange
mostly with big mailboxes, and there is less you can do against buggy
users, give them webmail to show real imap status on the server



Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: getmail, dovecot, virtual users

Am 05.03.2018 um 15:46 schrieb David Mehler:
> Hello,
> 
> I've got a dovecot setup with virtual users coming from a MySQL
> database. The only system user I have is the vmail owner of the email
> store. What i'd like to do is use the program getmail to back up my
> gmail account and place that in my user's virtual mail store. I'm
> having issues making the configuration file and where to put it.
> Should it go in the virtual user's home directory or somewhere else
> and run by which user root or the vmail user?
> 
> If anyone has this working any suggestions appreciated.
> 
> Thanks.
> Dave.
> 

here is a example

https://blog.sys4.de/abholdienst-fur-mail-de.html

...
[destination]
type = MDA_external
path = /usr/lib/dovecot/deliver
arguments = ("-d", "u...@server.com")
user = vmail
group = vmail

may the magic youre looking for


Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: Outlook 2016 IMAP trouble

Am 05.03.2018 um 09:45 schrieb G:
> Hello List,
> 
> I'm facing an issue with dovecot (2.2.27) IMAP  and Outlook as a client.
> I have some users that use
> Outlook (2016) as  a client . One of them has a desktop PC in the office
> and a laptop machine
> which I've setup some days ago . The user did some work, during the
> weekend, in his laptop
> (filling messages into IMAP folders) and to his (and mine) surprise,
> today in the office he saw that none of his
> work is reflected on the server. Messages are not where they supposed to
> be .Tomorrow he will bring the laptop
> over to check, but I have seen this problem again in the past  again
> with outlook 2016 as a client
> (specifically I've had a user which during work he was deleting or
> renaming folders which appear fine
> on his copy of outlook (ost) but not on the server). Anyone has any
> experience with dovecot and outlook
> and related problems ?
> 
> 
> thanks in advance
> George

by the way ost file may broke any time

https://support.office.com/en-us/article/repair-outlook-data-files-pst-and-ost-25663bc3-11ec-4412-86c4-60458afc5253

Recreate an offline Outlook Data File (.ost)

Some account types, such as Microsoft Exchange Server, use an offline
Outlook Data File (.ost). This type of data file is a copy of
information saved on your mail server. If you encounter problems with an
offline Outlook Data File (.ost), the file can be deleted and recreated
by downloading a copy of your items again. We don't recommend repairing
an offline Outlook Data File, so if your offline data file isn't usable,
you should recreate it.


Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: Outlook 2016 IMAP trouble

Am 05.03.2018 um 09:45 schrieb G:
> Hello List,
> 
> I'm facing an issue with dovecot (2.2.27) IMAP  and Outlook as a client.
> I have some users that use
> Outlook (2016) as  a client . One of them has a desktop PC in the office
> and a laptop machine
> which I've setup some days ago . The user did some work, during the
> weekend, in his laptop
> (filling messages into IMAP folders) and to his (and mine) surprise,
> today in the office he saw that none of his
> work is reflected on the server. Messages are not where they supposed to
> be .Tomorrow he will bring the laptop
> over to check, but I have seen this problem again in the past  again
> with outlook 2016 as a client
> (specifically I've had a user which during work he was deleting or
> renaming folders which appear fine
> on his copy of outlook (ost) but not on the server). Anyone has any
> experience with dovecot and outlook
> and related problems ?
> 
> 
> thanks in advance
> George

i have no Outlook 2016 to test but if you setup is right
no trouble should come up, however simply look in the dovecot log files
what your user did, perhaps he was offline and only thinking that he
synced via imap


Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: use IMAP and POP3 simultaneously (single inbox)

2018-02-27 Thread Robert Schetterer

Am 28.02.2018 um 01:17 schrieb Stanislaw Findeisen:
> Hi
> 
> Is it safe to use IMAP and POP3 simultaneously to access the same inbox
> (using Maildir structure)?
> 
> Thanks!
> Stanisław
> 

It works as designed, you may use virtual plugin with it , too


Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: Client Identification

2018-01-12 Thread Robert Schetterer

Am 12.01.2018 um 21:17 schrieb spaceman:
> I have two seperate clients (using fetchmail) on two seperate machines that 
> use the same login and the same ip address as each other fetching their mail 
> over IMAP using IMAP idle. Naturally Dovecot assumes that they are the same 
> machine but they are not so messages only get downloaded to one of the 
> machines rather than both which is what I want. How do I get Dovecot to 
> recognize them as two individual clients so that mail downloads to both of 
> them?
> 
> Regards,
> spaceman
> 


fetchmail shouldn be your first choice , better use  or verify with getmail

http://pyropus.ca/software/getmail/
https://blog.sys4.de/abholdienst-fur-mail-de.html

however an idea maybe use one imap over 143 and tls
the other one via imaps 993 hopefully this is uniq enough for dovecot

Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: POP3 lock

2017-12-19 Thread Robert Schetterer

Am 19.12.2017 um 21:32 schrieb The Doctor:
> This might be trivial or not.
> 
> I have a customer access his e-mail via POP3 using multiple devs.
> 
> I recommend they switch to IMAP , however,
> 
> How can the POP3 locking be made into a non-issue?
> 
> --
> Member - Liberal International This is doctor@@nl2k.ab.ca Ici 
> doctor@@nl2k.ab.ca
> Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist 
> rising!
> https://www.empire.kred/ROOTNK?t=94a1f39b  Look at Psalms 14 and 53 on Atheism
> Happy Christmas 2017 and Merry New Year 2018
> 

once, i had a customer which did thousends of parallel pop3 downloads
you might need some tuning ( see wiki ) but dovecot on modern hardware
can easy handle it, pop3 feature "let mails stay on the server" is done
in/by the pop3 client , so you shouldnt run in major problems

Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: New Dovecot service: SMTP Submission (RFC6409)

2017-12-12 Thread Robert Schetterer

Am 12.12.2017 um 00:14 schrieb Stephan Bosch:
> Hi,
> 
> As some of you know, I started implementing the SMTP submission proxy a
> few years ago. It acts as a front-end for any MTA, adding the necessary
> functionality for an SMTP submission service, also known as a Mail
> Submission Agent (MSA) (https://tools.ietf.org/html/rfc6409). The main
> reason I created this, back then, was implementing the BURL capability
> (https://tools.ietf.org/html/rfc4468). The main application of that
> capability -- together with IMAP URLAUTH -- is avoiding a duplicate
> upload of submitted e-mail messages; normally the message is both sent
> through SMTP and uploaded to the "Sent" folder through IMAP. Using BURL,
> the client can first upload the message to IMAP and then use BURL to
> make the SMTP server fetch the message from IMAP for submission, thereby
> avoiding a second upload. Apart from BURL, the submission proxy service 
> also adds the required AUTH support, avoiding the need to configure the
> MTA for SASL authentication. More SMTP capabilities like CHUNKING and
> SIZE are supported, without requiring the backend MTA supporting these
> extensions. Other capabilities like DSN currently require support from
> the backend/relay MTA.
> 
> At this point, the submission proxy is still pretty basic. However, it
> will provide a basis for adding all kinds of functionality in the (not
> so distant) future. For the first time, it will be possible to act upon
> message submission, rather than only message retrieval; e.g. plugins can
> be devised that process outgoing messages somehow. Examples of the
> things we could do are adding Sieve filtering support for outgoing
> messages, or implicitly storing submitted messages to the Sent folder.
> Once a plugin API is devised, you can create your own plugins.
> 
> The reason I send this message now, is that this code is finally merged
> into the Dovecot master repository. This means that it is part of the
> upcoming 2.3 release. Now that it is merged, you can install and test it
> from Github if you like. Feedback is of course appreciated. The
> documentation is still pretty sparse, but there is currently not much to
> configure. Just add "submission" to the protocols and configure the
> relay MTA server. The configuration is currently only documented in the
> example configuration in doc/example-config/conf.d/20-submission.conf.
> The submission service is a login service, just like IMAP, POP3 and
> ManageSieve, so clients are required to authenticate. The same
> authentication configuration will also apply to submission, unless
> you're doing protocol-specific things, in which case you may need to
> amend your configuration for the new protocol. BURL support requires a
> working IMAP URLAUTH implementation.
> 
> I've updated the automated Xi Debian package builder to create an
> additional dovecot-submissiond package. So, if you're using the Xi
> packages, you only need to install that package and configure the relay MTA.
> 
> Regards,
> 
> Stephan.
> 
> 
> 
> 
> 

Hi Stephan, this is extreme cool !


Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: How to limit Apple Mail (desktop)?

2017-10-31 Thread Robert Schetterer

Am 31.10.2017 um 14:06 schrieb María Arrea:
> 
>    If you use Linux you can use netfilter (iptables) mark feature to
> track individual connections from a given IP, and above a threshold you
> can shape the bandwitdh based on those iptables mark. For example, if an
> IMAP connection from ip X exceed 100 megabytes of data, bandwitdh for
> that ip would be limited to 100 KB/sec (or whatever number). First 100
> megabytes, top speed, above that they get slower.

dont think this will work
tons of cons can come from a nat ip
so you would punish everyone behind that ip ,not only apple mail

i see no real solution for the problem, cause if the server works out
some slow down this would only lead to longer download times, but will
no solve the orig wanted task. It will all be workarounds for a "buggy"
client




> 
>     Regards
> 
>     María
> 
> 
> El 30/10/17 a las 10:38, Rupert Gallagher escribió:
>> By default, Apple Mail downloads all e-mails from  server's account.
>> Previous versions of this client allowed to opt-out. The latest two
>> versions? however, only allow to opt-out from downloading the
>> attachments.
>>
>> The stress on the server is unbearable. We cannot ask users to be
>> considerate: this is the default behaviour of Apple Mail.
>>
>> We need a server-side solution to the problem.
>>
>> Please share your ideas.



Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: How to limit Apple Mail (desktop)?

2017-10-30 Thread Robert Schetterer

Am 30.10.2017 um 17:50 schrieb Robert Schetterer:
> Am 30.10.2017 um 10:38 schrieb Rupert Gallagher:
>> By default, Apple Mail downloads all e-mails from  server's account. 
>> Previous versions of this client allowed to opt-out. The latest two 
>> versions? however, only allow to opt-out from downloading the attachments.
>>
>> The stress on the server is unbearable. We cannot ask users to be 
>> considerate: this is the default behaviour of Apple Mail.
>>
>> We need a server-side solution to the problem.
>>
>> Please share your ideas.
>>
> 
> first check if you can ident Apple Mail versions related, i recent have
> none in my  log , but i.e Android does
> 
> ---log
> ID sent: name=com.samsung.android.email.provider, os=android,
> os-version=7.0; NRD90M, vendor=samsung, x-android-device-model=SM-G930F
> -
> 
> then you need a procedure for limiti have no idea which one
> 
> Best Regards
> MfG Robert Schetterer
> 

I dont know Apple Mail very good, but as workaround you might use sieve
to presort mails on the server at incomming in (sub)folders which arent
synced at default i.e in a date named folder, for sure users ( you
should know your apple mail users ) then need configure an extra
subscribe on these folders. Perhaps a combi with virtual folders may
usefull , for now not better idea , iam nearly sure this is not what you
you expected and/or wanted

seems google has a feature to "hide" mails

see

https://www.guidingtech.com/44581/prevent-mail-app-space-mac/

however if feel very strange with this

Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: How to limit Apple Mail (desktop)?

2017-10-30 Thread Robert Schetterer

Am 30.10.2017 um 10:38 schrieb Rupert Gallagher:
> By default, Apple Mail downloads all e-mails from  server's account. Previous 
> versions of this client allowed to opt-out. The latest two versions? however, 
> only allow to opt-out from downloading the attachments.
> 
> The stress on the server is unbearable. We cannot ask users to be 
> considerate: this is the default behaviour of Apple Mail.
> 
> We need a server-side solution to the problem.
> 
> Please share your ideas.
> 

first check if you can ident Apple Mail versions related, i recent have
none in my  log , but i.e Android does

---log
ID sent: name=com.samsung.android.email.provider, os=android,
os-version=7.0; NRD90M, vendor=samsung, x-android-device-model=SM-G930F
-

then you need a procedure for limiti have no idea which one

Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: Migrating maildirs - Courier to Dovecot

2017-09-21 Thread Robert Schetterer

Am 21.09.2017 um 20:34 schrieb Stroller:
> I apologise, because I'm sure this subject has been done to death, but I want 
> to migrate from Courier to Dovecot.
> 
> I think my main question is whether there's any reason I shouldn't just rsync 
> the maildirs across from the old mail server to the new one? 

I think
it will work, but if maildir is the best solution for you ,study dovecot
wiki, be sure  configure dovecot right using maildir

> 
> There aren't many clients using this server, so I don't care if clients have 
> to redownload all their messages (in fact, I expect they'll probably end up 
> doing so anyway).
> 
> I'd like to preserve read/unread status of each message, but can't think of 
> anything else important.
> 
> It doesn't matter if there's a few hours of downtime, but I thought to use 
> rsync because I figured I copy the maildirs a day or two ahead of time, and 
> then a sync immediately before going live will be quicker.
> 
> Using imapsync [1] looks pretty good, and I'm happy to use that if it'll be 
> "cleaner" or help Dovecot to create its hierarchy more neatly.
> 
> It looks like Courier creates a courierimapuiddb, courierimapkeywords and 
> courierimapacl in each folder - can I not just delete these, and hand Dovecot 
> a bunch of maildir directories and files to reindex for itself?

dovecot will index and acl by itself

> 
> There are probably only a few hundred thousand messages on the server, a few 
> GB worth, although some of them are many years old.
> 
> Some of the messages on the old server have the wrong "received" date on 
> them, having the wrong file creation / modification date on the server's 
> filesystem, having been copied there previously (years ago) without using 
> cp's --archive flag. I've always thought I should one day write a script to 
> fix this, perhaps using mboxgrep.
> 
> Thanks in advance for any of your thoughts,
> 
> Stroller.
> 
> 

i did maildir rsync migration from dovecot to dovecot many times, no
problem, never tested from Courier, but its easy to test before
production ,so simply try out, if something dont work go imapsync way
which is easy too



> 
> 
> 
> [1] https://wiki2.dovecot.org/Migration#IMAP_.3C-.3E_IMAP_copying
> 



Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: lda

2017-09-05 Thread Robert Schetterer

Am 05.09.2017 um 20:00 schrieb Pol Hallen:
> Sep  5 19:59:21 domain postfix/qmgr[19936]: warning: connect to
> transport private/spamassassin: Connection refused
> 
> Pol

why not simply use spamass-milter with postfix and then lmtp from
dovecot, your desired way is really old fashioned...and has no benefit
in any way

> 
> On 2017-09-05 03:10, Bill Shirley wrote:
>> Try main.cf:
>> # dovecot 2.x
>> mailbox_command = /usr/bin/spamc -e /usr/libexec/dovecot/dovecot-lda
>> -a "$RECIPIENT" -f "$SENDER" -m "$EXTENSION"
>>
>> Bill
>>
>>
>> On 9/3/2017 12:33 PM, doveco...@fuckaround.org wrote:
>>> Hi all :)
>>>
>>> I will try to use /usr/lib/dovecot/deliver instead of postfix. I'd
>>> like automatically move email to junk folder. I use debian 9.
>>>
>>> cat /etc/postfix/master.cf
>>> [...]
>>> spamassassin unix - n   n   -   -   pipe
>>>   user=debian-spamd argv=/usr/bin/spamc -f -e
>>> /usr/lib/dovecot/deliver -f ${sender} -d ${recipient}
>>>
>>> with this line dovecot works perfectly but only with virtual users,
>>> my system has also system users /etc/passwd
>>>
>>> How to tell dovecot to deliver email also to real system users?
>>>
>>> Sep 03 17:05:08 auth: Debug: master in: USER    1 t...@mydomain.org  
>>>  service=lda
>>> Sep 03 17:05:08 auth-worker(24749): Debug: passwd(t...@mydomain.org):
>>> lookup
>>> Sep 03 17:05:08 auth: Debug: pam(t...@mydomain.org): passdb doesn't
>>> support credential lookups
>>> Sep 03 17:05:08 lda(t...@mydomain.org): Debug: auth USER input:
>>> Sep 03 17:05:08 auth: Debug: passwd-file(t...@mydomain.org): lookup:
>>> user=t...@fuckaround.org file=/etc/dovecot/users
>>> Sep 03 17:05:08 auth: Debug: userdb out: NOTFOUND    1
>>> Sep 03 17:05:08 auth: Debug: auth client connected (pid=24758)
>>> Sep 03 17:05:08 auth: Debug: client in: AUTH    1    PLAIN
>>> service=imap    secured    session=GIfuUUpY1BCXMEZw lip=192.168.0.2  
>>>  rip=x.x.x.x    lport=993    rport=4308 local_name=imap.mydomain.org
>>> Sep 03 17:05:08 auth: Debug: client passdb out: CONT    1
>>> Sep 03 17:05:08 auth: Debug: client in: CONT    1
>>> hfdskjfsdkjdshjkfd== (previous base64 data may contain sensitive data)
>>> Sep 03 17:05:08 auth-worker(24749): Debug:
>>> pam(user,151.48.70.112,): lookup service=dovecot
>>> Sep 03 17:05:08 auth-worker(24749): Debug:
>>> pam(user,151.48.70.112,): #1/1 style=1 msg=Password:
>>> Sep 03 17:05:09 auth: Debug: client passdb out: OK    1 user=user
>>> Sep 03 17:05:09 auth: Debug: master in: REQUEST    2331639809 24758  
>>>  1    754574397549379543789547    session_pid=24760 request_auth_token
>>>
>>> thanks for help!
>>>
>>> Pol
> 



Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: Dovecot - Postfix Calender Synchronisation

2017-08-25 Thread Robert Schetterer

Am 23.08.2017 um 10:09 schrieb Maurizio Caloro:
> Hello Together
> 
>  
> 
> Please witch add-on possibilities exist to synchronize the Calednar with
> Dovecot and Postfix.
> 
> Can give me here any a possible direction ?
> 
>  
> 
> thanks regards
> 
> Mauri
> 
>  
> 

This has mostly ( there is some rare use with ics files stored on imap
servers ,but its not wide spreaded ) nothing to do with postfix and/or
dovecot
modern calendar sync ist mostly done via active sync and/or caldav (
which is kinda http(s) )

see/go i.e horde webmail has such servers included, the only relate
to smtp and/or imap is that most mail clients have add ons to deal with
calendar servers under the same gui i.e thunderbird lightning



Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: under another kind of attack

2017-07-30 Thread Robert Schetterer

Am 29.07.2017 um 20:29 schrieb mj:
> Hi Doug,
> 
> On 07/29/2017 07:44 PM, Doug Barton wrote:
>> Instead, take a look at the fail2ban scenarios in this thread, which
>> solve the actual problem with a precision tool, instead of a hammer.
> 
> I have implemented (most of) those as well, and additionally choose to
> also block certain countries. It helps tremendously.
> 
> MJ

You can only use strict geoip blocking as long as your users do not travel
so this is not a solution in most cases.

But you can use
geoip in an "anomal filter" which compares  more informations
i.e a user is recent logged in germany so normally he dont want to be
logged in from china at the same time, additional count bad logins
using some magic formula and he will blocked auto etc, this will prevent
hacking and abuse accounts too.

Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: under another kind of attack

2017-07-25 Thread Robert Schetterer

Am 25.07.2017 um 16:54 schrieb mj:
> Hi Olaf,
> 
> Since we implemented country blocking, everything seems nicely under
> control, with only 'normal levels' of knocking.
> 
> We first have impemented:
> http://blog.jeshurun.ca/technology/block-countries-ubuntu-iptables-xtables-geoip
> 
> 
> Then we did:
> https://github.com/firehol/blocklist-ipsets

simply geoip blocking may work at your site
but it does not work for many other cases

> 
> And finale iptables rules like these:
> 
>> iptables -A INPUT -p tcp --dport 143 -m geoip --src-cc
>> CN,AG,MX,NI,MF,VE,CO,AR,RU,UA -j DROP
>> iptables -A INPUT -p tcp --dport 143 -m geoip --src-cc
>> MD,SD,SS,GA,CN,AZ,IN,ID,KZ,LA -j DROP
>> iptables -A INPUT -p tcp --dport 143 -m geoip --src-cc
>> MY,MN,SG,VN,TH,TW,HK,KR,KP,HT -j DROP
>> iptables -A INPUT -p tcp --dport 143 -m geoip --src-cc CR,MZ -j DROP
>>
>> iptables -A INPUT -p tcp --dport 993 -m geoip --src-cc
>> CN,AG,MX,NI,MF,VE,CO,AR,RU,UA -j DROP
>> iptables -A INPUT -p tcp --dport 993 -m geoip --src-cc
>> MD,SD,SS,GA,CN,AZ,IN,ID,KZ,LA -j DROP
>> iptables -A INPUT -p tcp --dport 993 -m geoip --src-cc
>> MY,MN,SG,VN,TH,TW,HK,KR,KP,HT -j DROP
>> iptables -A INPUT -p tcp --dport 993 -m geoip --src-cc CR,MZ -j DROP
>>
>> iptables -A INPUT -p tcp --dport 465 -m geoip --src-cc
>> CN,AG,MX,NI,MF,VE,CO,AR,RU,UA -j DROP
>> iptables -A INPUT -p tcp --dport 465 -m geoip --src-cc
>> MD,SD,SS,GA,CN,AZ,IN,ID,KZ,LA -j DROP
>> iptables -A INPUT -p tcp --dport 465 -m geoip --src-cc
>> MY,MN,SG,VN,TH,TW,HK,KR,KP,HT -j DROP
>> iptables -A INPUT -p tcp --dport 465 -m geoip --src-cc CR,MZ -j DROP
> 
> I tried to combine the various dports in one single rule, but that
> didn't seem to work. Perhaps someone here knows how to combine --match
> "geoip" and "multiport" in one single rule?
> 
> Anyway: for us these combined measures did the tric.
> 
> Users in one of the imap-blocked countries will have to use ActiveSync
> (works over https), the webmail-interface, or launch the VPN first.
> 
> This works for us.
> 
> Only one thing on my wishlist: application specific passwords. I would
> very much appreciate a respond on that thread... (posted yesterday
> evening, with a pseudo-dovecot-config file...)
> 
> Hope the above helps you a bit, Olaf.
> 
> MJ
> 
> On 07/25/2017 04:37 PM, Olaf Hopp wrote:
>> Hi folks,
>>
>> "somehow" similar to the thread "under some kind oof attack" started
>> by "MJ":
>>
>> I have dovecot shielded by fail2ban which works fine.
>> But since a few days I see many many IPs per day knocking on
>> my doors with wron password and/or users. But the rate at which they
>> are knocking
>> is very very low. So fail2ban will never catch them.
>>
>> For example one IP:
>>
>> Jul 25 14:03:17 irams1 dovecot: auth-worker(2212):
>> pam(eurodisc,101.231.247.210,): unknown user
>> Jul 25 15:16:36 irams1 dovecot: auth-worker(11047):
>> pam(gergei,101.231.247.210,): pam_authenticate()
>> failed: Authentication failure (password mismatch?)
>> Jul 25 16:08:51 irams1 dovecot: auth-worker(3379):
>> pam(icpe,101.231.247.210,): unknown user
>> Jul 25 16:10:47 irams1 dovecot: auth-worker(4250):
>> pam(endsulei,101.231.247.210,): unknown user
>>
>> Note the timestamps.
>> If I look the other way round (tries to one account) I'll get
>>
>> Jul 25 01:30:48 irams1 dovecot: auth-worker(11276):
>> pam(endsulei,60.166.12.117,): unknown user
>> Jul 25 01:31:26 irams1 dovecot: auth-worker(11276):
>> pam(endsulei,222.243.211.200,<s0+6nBhVabHe89PI>): unknown user
>> Jul 25 13:29:22 irams1 dovecot: auth-worker(4745):
>> pam(endsulei,60.2.50.114,<4elhpCJVtcw8AjJy>): unknown user
>> Jul 25 13:30:27 irams1 dovecot: auth-worker(4747):
>> pam(endsulei,222.84.118.83,): unknown user
>> Jul 25 16:10:47 irams1 dovecot: auth-worker(4250):
>> pam(endsulei,101.231.247.210,): unknown user
>> Jul 25 16:11:45 irams1 dovecot: auth-worker(5933):
>> pam(endsulei,206.214.0.120,): unknown user
>>
>> Also note the timestamps!
>>
>> And I see many many distinct IPs per day (a few hundred) trying many
>> many existing and non-existings accounts.
>> As you see in the timestamps in my examples, this can not be handled
>> by fail2ban without affecting
>> regular users with typos.
>> Is anybody observing something similar ?
>> Anybody an idea against this ?
>> Many of these observed IPs are chinese mobile IPs, if this matters.
>> But we have also chinese students and
>> researchers all abroad.
>>
>>
>> Regards,
>> Olaf
>>



Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: under another kind of attack

2017-07-25 Thread Robert Schetterer

Am 25.07.2017 um 16:37 schrieb Olaf Hopp:
> Hi folks,
> 
> "somehow" similar to the thread "under some kind oof attack" started by
> "MJ":
> 
> I have dovecot shielded by fail2ban which works fine.
> But since a few days I see many many IPs per day knocking on
> my doors with wron password and/or users. But the rate at which they are
> knocking
> is very very low. So fail2ban will never catch them.
> 
> For example one IP:
> 
> Jul 25 14:03:17 irams1 dovecot: auth-worker(2212):
> pam(eurodisc,101.231.247.210,): unknown user
> Jul 25 15:16:36 irams1 dovecot: auth-worker(11047):
> pam(gergei,101.231.247.210,): pam_authenticate()
> failed: Authentication failure (password mismatch?)
> Jul 25 16:08:51 irams1 dovecot: auth-worker(3379):
> pam(icpe,101.231.247.210,): unknown user
> Jul 25 16:10:47 irams1 dovecot: auth-worker(4250):
> pam(endsulei,101.231.247.210,): unknown user
> 
> Note the timestamps.
> If I look the other way round (tries to one account) I'll get
> 
> Jul 25 01:30:48 irams1 dovecot: auth-worker(11276):
> pam(endsulei,60.166.12.117,): unknown user
> Jul 25 01:31:26 irams1 dovecot: auth-worker(11276):
> pam(endsulei,222.243.211.200,<s0+6nBhVabHe89PI>): unknown user
> Jul 25 13:29:22 irams1 dovecot: auth-worker(4745):
> pam(endsulei,60.2.50.114,<4elhpCJVtcw8AjJy>): unknown user
> Jul 25 13:30:27 irams1 dovecot: auth-worker(4747):
> pam(endsulei,222.84.118.83,): unknown user
> Jul 25 16:10:47 irams1 dovecot: auth-worker(4250):
> pam(endsulei,101.231.247.210,): unknown user
> Jul 25 16:11:45 irams1 dovecot: auth-worker(5933):
> pam(endsulei,206.214.0.120,): unknown user
> 
> Also note the timestamps!
> 
> And I see many many distinct IPs per day (a few hundred) trying many
> many existing and non-existings accounts.
> As you see in the timestamps in my examples, this can not be handled by
> fail2ban without affecting
> regular users with typos.
> Is anybody observing something similar ?


all the time ,since years, in my case its
always schema user xyz.abc
in my case all username without @ could be dropped at once
a regex deny should be fine, but i havent implemented/thinked of  it cause
it comming in small waves and mostly fail2ban stops it soon



> Anybody an idea against this ?
> Many of these observed IPs are chinese mobile IPs, if this matters. But
> we have also chinese students and
> researchers all abroad.
> 
> 
> Regards,
> Olaf
> 



Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: Corrupt index files

2017-07-22 Thread Robert Schetterer

Am 21.07.2017 um 23:58 schrieb Bruce Guenter:
> On Fri, Jul 21, 2017 at 03:25:39PM -0600, Bruce Guenter wrote:
>> We had been using a loadbalancer with persistence to reduce the
>> problems, and today I switched to everything running on a single box to
>> avoid any cross-node contention. Unfortunately, the problem still
>> happens, even when they were all running imap on a single box.
> 
> I just confirmed this. One of the mailboxes was deleted and recreated
> from scratch, and since recreation it has only been accessed on a single
> box. It *still* is having corrupt index problems.
> 
> This is not just caused by accessing the mailboxes on different servers.
> 

there may exist additional problems, but do you moved away from cluster
filesystem too, switching back related parameters ? On a single box with
local storage you shouldnt have a problem unless there are hardware
failures or other broken config settings, again rethink your whole setup,
if you in production and afraid brake something in total, you should
call paid guru support


Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: Corrupt index files

2017-07-21 Thread Robert Schetterer

Am 21.07.2017 um 19:47 schrieb Bruce Guenter:
> 
> I am running Dovecot IMAP on Linux, on a LizardFS storage cluster with
> Maildir storage. This has worked well for most of the accounts for
> several months.
> 
> However in the last couple of weeks we are seeing increasing errors
> regarding corrupted index files.

you should avoid this
one solution is to use loadbalancers with persistance
and/or with i.e

https://wiki2.dovecot.org/Director

i dont know LizardFS
but problems are somekind equal with all storage clusters
and there are different solutions to handle
this so i dont know what may the best at your place

i would read and ask here for settings with storage clusters, a good
start could be

https://wiki2.dovecot.org/NFS
https://wiki2.dovecot.org/SharedMailboxes/ClusterSetup
https://wiki2.dovecot.org/MailLocation/SharedDisk



 Some of the accounts affected are
> unable to retrieve messages due to timeouts.

index settings and mailbox format has impact about this
maildir mostly is self healing but that may fail sometimes on cluster

> 
> It appeared the problems were due to the accounts being accessed from
> multiple servers simultaneously, so I forced them all to access one
> server, but the errors remained. It looks like it has something to do
> with file locking, but LizardFS supports advisory file locking and I do
> have it enabled.
> 
> Deleting the corrupted indexes fixes the problem for a while, but it
> eventually returns, particularly for some accounts.

yeah that is perhaps per design

> 
> Here are some errors I'm seeing (just a random grab). Actual home
> directories are munged for confidentiality.
> 
> imap[25157]: (clientes.standby) Error: Failed to fix view for 
> HOME/clientes:standby/dovecot.index: Missing middle file seq=1 (between 1..1, 
> we have seqs 8): File is already open
> imap[5565]: (stadiumchair) Error: Transaction log file 
> HOME/stadiumchair/.Drafts/dovecot.index.log: marked corrupted
> imap[5005]: (stadiumchair) Error: Corrupted transaction log file 
> HOME/stadiumchair/.Drafts/dovecot.index.log seq 2: indexid changed 1418941056 
> -> 1500658549 (sync_offset=0)
> imap[20243]: (martha) Error: Transaction log HOME/martha/dovecot.index.log: 
> duplicate transaction log sequence (539)
> imap[4665]: (emsspam) Error: Index file HOME/emsspam/dovecot.index: indexid 
> changed: 1500658479 -> 1297175382
> imap[4665]: (emsspam) Error: Corrupted transaction log file 
> HOME/emsspam/dovecot.index.log seq 3: indexid changed: 1500658479 -> 
> 1297175382 (sync_offset=316)
> imap[22985]: (emsspam) Error: Corrupted transaction log file 
> HOME/emsspam/dovecot.index.log seq 10742: Invalid transaction log size (9296 
> vs 9296): HOME/emsspam/dovecot.index.log (sync_offset=9296)
> imap[3267]: (emsspam) Error: Failed to map view for 
> HOME/emsspam/dovecot.index: Failed to map file seq=10742 
> offset=9052..18446744073709551615 (ret=0): corrupted, indexid=0
> imap[3267]: (emsspam) Error: HOME/emsspam/dovecot.index view is inconsistent: 
> uid=3062271 inserted in the middle of mailbox
> 
> The output of dovecot -n is pasted in below. Note that some of the boxes
> are running 4.9, some running 4.4, all have the same problems. Also note
> that I am using a custom authentication front end for our virtual
> mailboxes, but it just sets up the minimal environment variables and
> runs imap.
> 
> Is there anything I can change to eliminate these problems? Are there
> any other diagnostics I can provide to shed light on this?
> 
> # 2.2.31 (65cde28): /etc/dovecot/dovecot.conf
> # OS: Linux 4.4.66 x86_64 Gentoo Base System release 2.3 
> log_path = /dev/stderr
> mail_debug = yes
> mail_fsync = always
> mail_location = maildir:~/.maildir
> mail_log_prefix = "%s[%p]: (%u) "
> mmap_disable = yes
> namespace inbox {
>   inbox = yes
>   location = 
>   mailbox Drafts {
> special_use = \Drafts
>   }
>   mailbox Junk {
> special_use = \Junk
>   }
>   mailbox Sent {
> special_use = \Sent
>   }
>   mailbox "Sent Messages" {
> special_use = \Sent
>   }
>   mailbox Trash {
> special_use = \Trash
>   }
>   prefix = INBOX
>   separator = 
>   type = private
> }
> passdb {
>   args = *
>   driver = pam
> }
> passdb {
>   args = /etc/dovecot/dovecot-sql.conf.ext
>   driver = sql
> }
> plugin {
>   mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename
> }
> ssl_cert =  ssl_key =  # hidden, use -P to show it
> userdb {
>   driver = passwd
> }
> userdb {
>   args = /etc/dovecot/dovecot-sql.conf.ext
>   driver = sql
> }
> 

i think you could rare the corrupt
with optimize settings
to i.e

mail_fsync = always
mail_nfs_storage = yes
mai

Re: under some kind of attack

2017-07-20 Thread Robert Schetterer

Am 20.07.2017 um 20:03 schrieb mj:
> Hi Robert,
> 
>> i dont understand why you focused on that ldap strings
>> fail2ban should trigger on some "Authentication failure" regex in the
>> related syslog
>>
>> perhaps this will help to make it more clear
>>
>> http://www.stefan-seelmann.de/wiki/fail2ban#postfix-and-dovecot
> 
> Yes, but I have that as well. :-)
> 
> I wanted two kinds of blockings:
> 
> #1: Everybody trying the well-known passwords (password, 123321, 1q2w3e,
> etc, etc) to become blocked *immediately* and for *always*.
> 
> #2: I wanted all others have to have the 'regular' settings, with three
> shots at typing a password, etc.
> 
> #2 being the 'regular fail2ban' settings, but during this attack, I
> wanted special settings, #1, for anyone trying one of the malicious
> passwords.
> 
> I did NOT want to have them the usual three opportunities to try.
> 
> In fact: this is a bit similar to your iptables solution, but that only
> works for non-ssl/non-tls connections.
> 
> Your iptables solution makes sure that thy cannot authenticate *at all*,
> while the above solution makes sure they can only authnticate *once*.
> 
> MJ

Ok I understand, not a bad idea, report how it works for you


Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: under some kind of attack

2017-07-20 Thread Robert Schetterer

Am 20.07.2017 um 12:28 schrieb mj:
> I have concoted something that seems to work. And for the archives, this
> is it:
> 
>> failregex = auth: Info: ldap\(.+,,.+\): invalid credentials
>> \(given password: .+ssword\)
>> auth: Info: ldap\(.+,,.+\): invalid credentials
>> \(given password: 1qaz2wsx\)
>> auth: Info: ldap\(.+,,.+\): invalid credentials
>> \(given password: 123321\)
>> auth: Info: ldap\(.+,,.+\): invalid credentials
>> \(given password: 1234567890\)
>> auth: Info: ldap\(.+,,.+\): invalid credentials
>> \(given password: 1q2w3e4r.+\)
> 
> It's still reactive, and not pro-active.
> 
> All the other suggestions are very much appreciated, including
> weakforced, however implementing that is a much larger project.

i dont understand why you focused on that ldap strings
fail2ban should trigger on some "Authentication failure" regex in the
related syslog

perhaps this will help to make it more clear

http://www.stefan-seelmann.de/wiki/fail2ban#postfix-and-dovecot



> 
> Next I have to find out how to feed my fail2ban logs back to
> blocklist.de, to improve their mail.txt hit rate.
> 
> Thanks again for all kind assistance.
> 
> MJ
> 
> On 07/20/2017 11:16 AM, mj wrote:
>> Hi all,
>>
>> If I may, one more question on this subject:
>>
>> I would like to  create a fail2ban filer, that scans for these lines:
>>
>>> Jul 20 11:10:09 auth: Info:
>>> ldap(user1,60.166.35.162,): invalid credentials
>>> (given password: password)
>>> Jul 20 11:10:19 auth: Info:
>>> ldap(user2,61.53.66.4,<V+nyHbxU+wA9NUIE>): invalid credentials (given
>>> password: password)
>>
>> (as you can see, I have enabled auth_verbose_passwords to do this,
>> making me very uncomfortable...)
>>
>> Anyway: since there are only a few password variations, I would like
>> to block anyone using those passwords.
>>
>> (since the connections are over TLS/SSL, I cannot use iptables, as
>> suggested earlier)
>>
>> So I need a specific fail2ban rule that extracts the  from that
>> line, and matches on "(given password: password)"
>>
>> Can anyone here help out with a failregex line that would match..?



Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: under some kind of attack

2017-07-18 Thread Robert Schetterer

Am 18.07.2017 um 22:53 schrieb mj:
> Hi Robert,
> 
> On 07/18/2017 10:15 PM, mj wrote:
>> Robert, your iptables suggestions are _very_ interesting! However,
>> will they also work on imaps/993, because of the ssl?
> 
> I have adjusted and put into place your iptables suggestion like this:
>> iptables -I INPUT -p tcp --dport 143 -m string --algo bm --string
>> '1q2w3e4r' -j DROP
>> iptables -I INPUT -p tcp --dport 993 -m string --algo bm --string
>> '1q2w3e4r' -j DROP

dont speculate verify if your bots are using ssl , and what flows over
the wire if plain is used, you dont need to use 1q2w3e4r, i think you
can use any dovecot answer that "means rejected", sorry no time to test
myself

> 
> However, I don't think it's working, as the login attempts just keep
> coming. Probably the reason is: smtp is plain text, and imap TLS/SSL is
> not, so the rules never get triggered.
> 
> MJ



Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: under some kind of attack

2017-07-18 Thread Robert Schetterer

Am 18.07.2017 um 22:15 schrieb mj:
> Hi,
> 
> Thanks for the quick follow-ups! Much appreciated. After posting this, I
> immediately started working on fail2ban. And between my initial posting
> and now, fail2ban already blocked 114 IPs.
> 
> I have fail2ban with maxretry=1 and bantime=1800
> 
> However, it seems almost all IPs are different, and I don't think I can
> keep the above settings permanently.
> 
> Robert, your iptables suggestions are _very_ interesting! However, will
> they also work on imaps/993, because of the ssl?

i guess not, but typical bots arent using ssl, check it

however fail2ban sometimes is to slow
but as an alternative you may create a filter out of syslog to directly
feed in iptables recent, here is an example with smtp

https://sys4.de/de/blog/2012/12/28/botnets-mit-rsyslog-und-iptables-recent-modul-abwehren/



> 
> Thanks for the quick replies!
> 
> MJ
> 
> On 07/18/2017 09:52 PM, Robert Schetterer wrote:
>> Am 18.07.2017 um 21:44 schrieb mj:
>>> Hi all,
>>>
>>> It seems we are under some kind of password guessing attack:
>>>
>>>> Jul 18 21:33:33 auth: Info:
>>>> ldap(username1,103.6.223.61,): invalid credentials
>>>> (given password: 1q2w3e4r5t)
>>>> Jul 18 21:34:16 auth: Info:
>>>> ldap(username1,221.4.61.180,<89WnmZxUrADdBD20>): invalid credentials
>>>> (given password: 1q2w3e4r5t)
>>>> Jul 18 21:36:13 auth: Info:
>>>> ldap(username2,117.243.180.225,): invalid
>>>> credentials (given password: 1q2w3e4r)
>>>> Jul 18 21:36:50 auth: Info:
>>>> ldap(username2,58.59.103.230,): invalid credentials
>>>> (given password: 1q2w3e4r)
>>>> Jul 18 21:36:56 auth: Info:
>>>> ldap(username4,58.215.13.154,): invalid credentials
>>>> (given password: 1q2w3e4r5t)
>>>> Jul 18 21:37:18 auth: Info:
>>>> ldap(username3,220.175.154.205,): invalid
>>>> credentials (given password: 1q2w3e4r)
>>>> Jul 18 21:37:25 auth: Info:
>>>> ldap(username5,14.142.29.142,<40zopJxUSgAOjh2O>): invalid credentials
>>>> (given password: 1q2w3e4r)
>>>> Jul 18 21:37:27 auth: Info:
>>>> ldap(username4,119.1.98.121,): invalid credentials
>>>> (given password: 1q2w3e4r5t)
>>>> Jul 18 21:37:54 auth: Info:
>>>> ldap(username3,218.76.156.11,): invalid credentials
>>>> (given password: 1q2w3e4r)
>>>
>>> Different IPs, different usernames, but all (almost) the same password.
>>>
>>> Any idea what we can do about this??
>>>
>>> Any advice you could give us would be very much appreciated.
>>>
>>> MJ
>>
>> perhaps this
>>
>> https://wiki.dovecot.org/HowTo/Fail2Ban
>>
>>
>> or you may adapt this
>>
>> https://sys4.de/de/blog/2015/11/07/abwehr-des-botnets-pushdo-cutwail-ehlo-ylmf-pc-mit-iptables-string-recent-smtp/
>>
>>
>> https://sys4.de/de/blog/2014/03/27/fighting-smtp-auth-brute-force-attacks/
>>
>>
>> to pop3(s)/imap(s) and your needs
>>
>>
>>
>>
>> Best Regards
>> MfG Robert Schetterer
>>



Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: under some kind of attack

2017-07-18 Thread Robert Schetterer

Am 18.07.2017 um 21:44 schrieb mj:
> Hi all,
> 
> It seems we are under some kind of password guessing attack:
> 
>> Jul 18 21:33:33 auth: Info:
>> ldap(username1,103.6.223.61,): invalid credentials
>> (given password: 1q2w3e4r5t)
>> Jul 18 21:34:16 auth: Info:
>> ldap(username1,221.4.61.180,<89WnmZxUrADdBD20>): invalid credentials
>> (given password: 1q2w3e4r5t)
>> Jul 18 21:36:13 auth: Info:
>> ldap(username2,117.243.180.225,): invalid
>> credentials (given password: 1q2w3e4r)
>> Jul 18 21:36:50 auth: Info:
>> ldap(username2,58.59.103.230,): invalid credentials
>> (given password: 1q2w3e4r)
>> Jul 18 21:36:56 auth: Info:
>> ldap(username4,58.215.13.154,): invalid credentials
>> (given password: 1q2w3e4r5t)
>> Jul 18 21:37:18 auth: Info:
>> ldap(username3,220.175.154.205,): invalid
>> credentials (given password: 1q2w3e4r)
>> Jul 18 21:37:25 auth: Info:
>> ldap(username5,14.142.29.142,<40zopJxUSgAOjh2O>): invalid credentials
>> (given password: 1q2w3e4r)
>> Jul 18 21:37:27 auth: Info:
>> ldap(username4,119.1.98.121,): invalid credentials
>> (given password: 1q2w3e4r5t)
>> Jul 18 21:37:54 auth: Info:
>> ldap(username3,218.76.156.11,): invalid credentials
>> (given password: 1q2w3e4r)
> 
> Different IPs, different usernames, but all (almost) the same password.
> 
> Any idea what we can do about this??
> 
> Any advice you could give us would be very much appreciated.
> 
> MJ

perhaps this

https://wiki.dovecot.org/HowTo/Fail2Ban


or you may adapt this

https://sys4.de/de/blog/2015/11/07/abwehr-des-botnets-pushdo-cutwail-ehlo-ylmf-pc-mit-iptables-string-recent-smtp/

https://sys4.de/de/blog/2014/03/27/fighting-smtp-auth-brute-force-attacks/

to pop3(s)/imap(s) and your needs




Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: How to query for headers by regexp?

2017-04-23 Thread Robert Schetterer

Am 23.04.2017 um 18:59 schrieb Ralf Hildebrandt:
> I need to find all mails with a certain numerical range in my quarantine:
> 
> X-Spam-Status: No, score=4.5 tagged_above=2 required=4.6 ...
> 
> Assume I'd be looking for 4.5-6.0; so I tried searching for
> 
> doveadm import -u restore mdbox:/home/quarantine/mdbox "" \
>mailbox INBOX header X-Spam-Status  "No, score=4.5"
> 
> doveadm import -u restore mdbox:/home/quarantine/mdbox "" \
>mailbox INBOX header X-Spam-Status  "No, score=4.6"
> 
> etc.
> 
> Which would only return 2 Mails, with score score=4.5
> What am I doing wrong here? Can I search using regular expressions?
> 
Hi Ralf,

i remember doing something equal with dates years ago by combine with

https://wiki.dovecot.org/Tools/Doveadm/Search

did you do a look at this ?

Sorry i cant remember the exact syntax

Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: welcome plugin

2017-03-14 Thread Robert Schetterer

Am 14.03.2017 um 17:46 schrieb David Mehler:
> Hello,
> 
> If anyone is using the welcome plugin in dovecot 2.2.x to sent a
> one-time new welcome email to new users can I get a look at your
> configuration? I'm stuck, I create a user and the welcome action does
> not execute. If you've got a script to send the mail can I get a look
> at that as well?
> 
> Thanks.
> Dave.
> 

postfixadmin has an option for welcome mails, but that has "nearly" null
relation to dovecot


Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: Sharing between domains?

2017-01-28 Thread Robert Schetterer

Am 28.01.2017 um 22:22 schrieb dovecot@avv.solutions:
> Hello Community,
> 
> I am facing the following question: how is it possible to share malboxes
> between domains?
> 
> Example:
> - 2 domains present on the same dovecot: domA and domB
> - userA@domA
> - userB@domB
> 
> userA@domA wants to share his mailbox to userB@domB (again same server)?
> 
> Thank you for your help.
> 
> Greetz

https://wiki2.dovecot.org/ACL
this works also cross domain

you may use
https://addons.mozilla.org/de/thunderbird/addon/imap-acl-extension/

or horde webmail, roundcube webmail


Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: Migrate from dovecot 1.1 to 2.2 Maildir to 2.2 mdbox

2016-12-08 Thread Robert Schetterer

Am 08.12.2016 um 11:23 schrieb Daniel Betz:
> Hello list,
> 
> im am trying to migrate customer mails via dsync from an old dovecot 1.1 
> setup to an new installed dovecot 2.2.25 setup with mdbox.
> Upgrading the old dovecot 1.1 to 2.2 with Maildir isnt an problem and the 
> replication to the new setup works well too.
> 
> The only problem now is, that the POP3 UIDL are completely wrong on the 
> target setup.
> Im using for Maildir pop3_uidl_format = %f
> With mdbox i cant use it anymore.
> 
> But what do i need for mdbox ?
> Or is there an way to migrate the POP3 uidl list to the mdbox ?
> 
> I could live with it, when i were able to mark the mails older 14 days as 
> read. Is there an way to do this on many mailboxes ?
> 
> I have read in Release News from 2.2.26 that there are some fixes with POP3 
> UIDL .. what is it in detail and could it help me ?
> 
> Hop you can point me to the right direction.
> 
> 
> Regards,
> Daniel

For such an extrem version migration with format change you should
better use imapsync, this will also give the chance for dry runs and
testing before live migration and going production

like

https://sys4.de/de/blog/2013/04/26/mail-migration-mit-imapsync/

i "guess" you will fail migrate with POP3 uidl in that scenario in any case

> 
> 
> 
> 
> 
> 
> Freundliche Grüße,
> 
> Daniel Betz
> System Design Engineer / Senior Systemadministration
> ___
> 
> domainfactory GmbH
> Oskar-Messter-Str. 33
> 85737 Ismaning
> Germany
> 
> Telefon:  +49 (0)89 / 55266-364
> Telefax:  +49 (0)89 / 55266-222
> 
> E-Mail:   db...@df.eu<mailto:db...@df.eu>
> Internet: www.df.eu<http://www.df.eu/>
> 
> Registergericht: Amtsgericht München
> HRB-Nummer 150294, Geschäftsführer:
> Tobias Mohr, Stephan Wolfram
> 



Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: Sieve filtering SPAM and redirect

2016-09-12 Thread Robert Schetterer

Am 12.09.2016 um 19:25 schrieb Andre Luiz Paiz:
>  Quoting Robert Schetterer <r...@sys4.de>:
> 
>> Am 12.09.2016 um 15:59 schrieb Andre Luiz Paiz:
>>> In my case I need that SPAM mails also be redirected with the forward
>>> filter
>>
>> sorry i dont understand why this should be needed ever, please explain
>>
>> Best Regards
>> MfG Robert Schetterer
>>
>> -- 
>> [*] sys4 AG
>>
>> http://sys4.de, +49 (89) 30 90 46 64
>> Schleißheimer Straße 26/MG, 80333 München
>>
>> Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
>> Vorstand: Patrick Ben Koetter, Marc Schiffbauer
>> Aufsichtsratsvorsitzender: Florian Kirstein
>>
>> Scanned and tagged with DSPAM 3.10.2 by Instituto de Quimica
>> !DSPAM:9735,57d6d82010011542927698!
> 
> In case of false-positive. Some users prefer to redirect their e-mail to
> their external providers instead of using our corporate network webmail.
> And they want all e-mail to be forwarded.

then solve it via i.e postfix transport  etc, thats not a native  sieve job
if you need a user gui for that ,postfixadmin , modoboa etc should work

but however forwarding spam external is a very, very bad idea, external
networks
will punish your server for doing so

>  Atenciosamente
>  
> André Luiz Paiz
> Administração de Redes
> Instituto de Química – Unicamp
> andre.p...@iqm.unicamp.br
> Telefone: (19)3521-0197



Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: Sieve filtering SPAM and redirect

2016-09-12 Thread Robert Schetterer

Am 12.09.2016 um 15:59 schrieb Andre Luiz Paiz:
> In my case I need that SPAM mails also be redirected with the forward filter

sorry i dont understand why this should be needed ever, please explain


Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: Sieve filtering SPAM and redirect

2016-09-12 Thread Robert Schetterer

 inet_listener pop3 {
> port = 110
>   }
>   inet_listener pop3s {
> port = 995
> ssl = yes
>   }
>   process_limit = 6000
>   process_min_avail = 10
>   service_count = 1
> }
> service pop3 {
>   process_limit = 3000
> }
> service quota-warning {
>   executable = script /usr/local/bin/quota-warning.sh
>   unix_listener quota-warning {
> mode = 0666
> user = dovecot
>   }
>   user = root
> }
> ssl = required
> ssl_cert = **
> ssl_key = **
> userdb {
>   driver = passwd
> }
> userdb {
>   args = /etc/dovecot/dovecot-ldap.conf.ext
>   driver = ldap
> }
> protocol lmtp {
>   mail_plugins = " mail_log notify quota sieve quota"
> }
> protocol imap {
>   mail_plugins = " mail_log notify quota imap_quota"
> }
>  Atenciosamente
>  
> André Luiz Paiz
> Administração de Redes
> Instituto de Química – Unicamp
> andre.p...@iqm.unicamp.br
> Telefone: (19)3521-0197

i have a nearly the same setup incl Horde , solved like this

spam tag added via spamass-milter and postfix, dove lmtp

/etc/dovecot/sieve/global.sieve
...
if header :contains "X-Spam-Flag" "YES" {fileinto "Junk";stop;}
...

http://wiki2.dovecot.org/Pigeonhole/Sieve/Examples

90-sieve.conf
...
sieve = file:~/sieve;active=~/.dovecot.sieve
...
#sieve_default = /var/lib/dovecot/sieve/default.sieve
...
sieve_global = /etc/dovecot/sieve/
...

i use no sieve includes

that forces the spam filter act ever, only mail that went inbox can be
redirected by user scripts later

but check if this may fit to your dove setup


Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: stat .../.dovecot.sieve/tmp failed: Not a directory

2016-06-02 Thread Robert Schetterer

Am 02.06.2016 um 07:56 schrieb Steffen Kaiser:
> On Wed, 1 Jun 2016, Robert Schetterer wrote:
> 
>> Am 1. Juni 2016 09:33:11 MESZ, schrieb Steffen Kaiser
>> <skdove...@smail.inf.fh-brs.de>:
>>> -BEGIN PGP SIGNED MESSAGE-
>>> Hash: SHA1
>>>
>>> On Wed, 1 Jun 2016, Robert Schetterer wrote:
>>>
>>>> Hi, i have
>>>>
>>>> stat .../.dovecot.sieve/tmp failed: Not a directory
>>>>
>>>> using
>>>>
>>>> sieve = file:~/sieve;active=~/.dovecot.sieve
>>>>
>>>> dovecot_2.2.24-1-auto-38
>>>>
>>>> cause i can subscribe to dovecot sieve
>>>>
>>>> cant remember to see this in previous versions
>>>
>>> you are sure that home dir != mail location, arn't you? :-)
> 
>> Stephan allready posted a solution found in archive set
>> Maildir_stat_dirs yes fixed it, but should be avoided if possible
> 
> that's the workaround, if you have homedir == mail location, for the
> penalty of performance decrease

for now i am happy with this, hopefully i remember
when redesign the servers

> 
> -- Steffen Kaiser

Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: forwarding emails using sieve

2016-06-01 Thread Robert Schetterer

Am 01.06.2016 um 16:58 schrieb Stephan Bosch:
> 
> 
> Op 1-6-2016 om 3:39 schreef Thorsten von Eicken:
>> I know this is a tad tangential to dovecot, but maybe someone has some
>> pointers for me. I'm trying to forward emails using the sieve
>> filtering and redirect doesn't do it because it doesn't wrap the
>> message in a new email, instead, it seems to just change the envelope
>> From (and To). This causes the outbound relay to reject the message
>> for security/spam reasons (forged From).
> 
> Forwarding like that is currently not possible with the Sieve language.
> The "enclose" extension seems to come close, but it explicitly has no
> effect on redirected messages, which I find rather strange.
> 
>> It looks like the dovecot sieve implementation doesn't let me change
>> the From header in the sieve script. Is there a way to accomplish what
>> I'm looking for?
> 
> Changing the "From" header field can be done using the "editheader"
> extension (https://tools.ietf.org/html/rfc5293).
> 
> require "editheader";
> 
> deleteheader "From";
> addheader "From" "User <u...@example.com>";
> 
> Note that this extension is not enabled by default and thus requires
> explicit configuration.
> 
> Regards,
> 
> Stephan.

you may read this ( german )

https://sys4.de/de/blog/2016/01/24/e-mail-weiterleitungen-mit-dovecot-sieve-ohne-spf-dmarc-und-dkim-konflikte-2/

highly experimental !

remember Stephan s post before give it a try


Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: stat .../.dovecot.sieve/tmp failed: Not a directory

2016-06-01 Thread Robert Schetterer

Am 1. Juni 2016 09:33:11 MESZ, schrieb Steffen Kaiser 
<skdove...@smail.inf.fh-brs.de>:
>-BEGIN PGP SIGNED MESSAGE-
>Hash: SHA1
>
>On Wed, 1 Jun 2016, Robert Schetterer wrote:
>
>> Hi, i have
>>
>> stat .../.dovecot.sieve/tmp failed: Not a directory
>>
>> using
>>
>> sieve = file:~/sieve;active=~/.dovecot.sieve
>>
>> dovecot_2.2.24-1-auto-38
>>
>> cause i can subscribe to dovecot sieve
>>
>> cant remember to see this in previous versions
>
>you are sure that home dir != mail location, arn't you? :-)
>
>- -- 
>Steffen Kaiser
>-BEGIN PGP SIGNATURE-
>Version: GnuPG v1
>
>iQEVAwUBV06Pt3z1H7kL/d9rAQJPgAgAqinz9UpDofcUsjG5KYbqStZHWeQAgD15
>r4ntBPC9Ru66cbfdpROUgIHNBx0xZy4g5SXT20u8k/Eob5i/24ikhltkt9NJQVJd
>+1jU2hzHbaKqobOehZQskpWWmN7xN82VtO+oXVBkztiDkQHmwlJ1Yn7lCcgcQh4T
>naWTAcLUerXiEJpKJU967/GHFrnllWncLhd83s5C0b9f5tDsqMqnYc+uk2Ya5B43
>gglbIMSjxF+6w+S5C752f2js4WaSmomYj1O0BwwgEtzba9dpK5XhTmFBFxSoV8Sc
>sopxt27e/ZkGKqLzeq2F8PWHlDGQi+RLLp20fZEJqDZiZjQcxO8vLg==
>=DV+s
>-END PGP SIGNATURE-

Stephan allready posted a solution found in archive set
Maildir_stat_dirs yes fixed it, but should be avoided if possible
-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

stat .../.dovecot.sieve/tmp failed: Not a directory

2016-05-31 Thread Robert Schetterer

Hi, i have

stat .../.dovecot.sieve/tmp failed: Not a directory

using

sieve = file:~/sieve;active=~/.dovecot.sieve

dovecot_2.2.24-1-auto-38

cause i can subscribe to dovecot sieve

cant remember to see this in previous versions


any idea ?


Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: sieve vacation: write to the .lda-dupes database without generating a vacation response.

2016-04-19 Thread Robert Schetterer

Am 19.04.2016 um 20:55 schrieb Tom Hendrikx:
> On 19-04-16 20:01, Bradley M. Kuhn wrote:
>> I'm using Dovecot's sieve extensions quite happily, they are very good!
>> Thanks for all who worked on them.  I have a question that maybe is
>> appropriate for a sieve-specific discussion list, so if there is one I
>> should post to instead, please let me know:
>>
>>
>> I've poked through the sieve vacation RFC and all the documentation I
>> can find and I cannot figure out how to do this.  It's more-or-less not
>> the intent of sieve's vacation, so perhaps it's more of a "you can't get
>> there from here" situation, but maybe folks here have an idea:
>>
>> I am (ab)?using sieve vacation to send an automated response at all
>> times to all senders who put me in the To line, every 90 days, which
>> explains my lack of responsiveness and to explain who else might be
>> better contact. (I have hundreds of emails sent to me to which I will
>> never have time to respond, and probably should have been routed to
>> someone else at my organization anyway.)
>>
>> However, I *don't* want my regular correspondents to receive this
>> autoreply.  I'd thus like to seed the database with known individuals
>> I'm corresponding with to pretend they've already received the
>> autoresponder.
>>
> 
> You shouldn't try to force feed the dupes files, that's a hack: the
> dupes files has no public api so you probably shouldnt be messing with
> it directly.
> A proper solution would be to include a list of excluded addresses in
> the sieve script, and exempt those from the autoresponder, maybe
> something like this:
> 
> require "envelope";
> require "variables";
> 
> set :lower "whitelist" "first@example,com sec...@example.com";
> 
> if envelope :matches "from" "*" {
>   set :lower "sender" "${0}";
>   if string :matches "${sender}" "${whitelist}" {
> # do nothing, sender is on whitelist
>   } else{
> # do regular autoresponder stuff
>   }
> }
> 
> The whitelist variable could be auto generated and updated from your
> address book or archive box parser.
> 
> I have no idea if this actually scales. You could also implement the
> whitelist variable using extdata
> (http://wiki2.dovecot.org/Pigeonhole/Sieve/Plugins/Extdata), or
> outsource the complete whitelist check to an external program (a trivial
> script in a real programming language) using extprograms's "execute"
> (http://wiki2.dovecot.org/Pigeonhole/Sieve/Plugins/Extprograms).
> 
> Good luck!
> 
> Kind regards,
>   Tom
> 

at sometime in the future

https://tools.ietf.org/html/draft-ietf-sieve-external-lists-10

may solve such cases


Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: sieve - editheader - edit in place

2016-03-21 Thread Robert Schetterer

Am 21.03.2016 um 10:24 schrieb Hajo Locke:
> Hello,
> 
> i do some tests with sieve editheader extensions. deleteheader and
> addheader are working, but i noticed that new headerlines are always
> prepended to current header. So new lines can be found always on top. I
> am looking for a possibility to edit a headerline in place, without
> moving the new line to top of stack(replaceheader?). It is not looking
> good if a Subject-Line suddenly moves to top of header.
> Is there a possibility for me?
> 
> Thanks,
> Hajo

i tested this

https://sys4.de/de/blog/2016/01/24/e-mail-weiterleitungen-mit-dovecot-sieve-ohne-spf-dmarc-und-dkim-konflikte-2/

perhaps the example helps


Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: v2.2.22 release candidate released

2016-03-05 Thread Robert Schetterer

Am 06.03.2016 um 03:00 schrieb The Doctor:
> Error: Couldn't load plugin /usr/dovecot2221/lib/doveco
> t/settings/libmanagesieve_settings.so: Module is for different ABI version 
> 2.2.
> ABIv13(2.2.13) (we have 2.2.ABIv22(2.2.22.rc1))

that looks like you didnt really upgraded


Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: Ubuntu packages

2016-03-05 Thread Robert Schetterer

Am 05.03.2016 um 18:40 schrieb Andrew McGlashan:
> 
> On 5/03/2016 5:15 AM, Peter Chiochetti wrote:
>> Since dovecot put up packages on their own repo, bigmichi stopped
>> providing his'. I guess this is not Stephan; Would the kind person
>> update ppa.launchpad.net/bigmichi1 ?
> 
> Trusting ppas  not for me.
> 
> Running somebody elses' ppa on your system can be a serious security
> risk; you really have to trust those giving you the ppa access.
> 
> Cheers
> A.
> 

for paranoid people, create you own repo
and for info dovecot had nice compiled from scratch to me in the past too


Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: Ubuntu packages

2016-03-04 Thread Robert Schetterer

Am 04.03.2016 um 19:15 schrieb Peter Chiochetti:
> Since dovecot put up packages on their own repo, bigmichi stopped
> providing his'. I guess this is not Stephan; Would the kind person
> update ppa.launchpad.net/bigmichi1 ?
> 
> Thank You
> 

what wrong with

http://wiki.dovecot.org/PrebuiltBinaries#Automatically_Built_Packages

builds fine on ubuntu 14.04


Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: edit ACL files

2016-02-18 Thread Robert Schetterer

Am 18.02.2016 um 17:54 schrieb Chris:
> Robert Schetterer wrote:
>> Am 17.02.2016 um 20:09 schrieb Chris:
>>> is it possible to edit ACL files regularly with an editor or is there
>>> any
>>> reason to use doveadm?
>>>
>>
>> webmailers have acl imap guis , such as Horde/imp
>> doveadm is a multi admin tool for dovecot which covers many complex tasks
> 
> Sorry, my question was unclear.
> 
> I'd like to use a script to set ACLs. Is it better to call doveadm or can
> I write / modify the acl-files directly?
> 
> - Chris
> 

hm

read

http://wiki2.dovecot.org/Tools/Doveadm/ACL

and

http://wiki.dovecot.org/ACL

decide what fits better in your usecase

long time ago i modified acl files via cron directly
but i think more clean way is to use doveadm cause
it may give additional warnings and fits better to all kind of mailbox
type setups

Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: edit ACL files

2016-02-17 Thread Robert Schetterer

Am 17.02.2016 um 20:09 schrieb Chris:
> Dear All,
> 
> is it possible to edit ACL files regularly with an editor or is there any
> reason to use doveadm?
> 
> - Chris
> 

webmailers have acl imap guis , such as Horde/imp

you can also use Thunderbird

https://addons.mozilla.org/de/thunderbird/addon/imap-acl-extension/

doveadm is a multi admin tool for dovecot which covers many complex tasks


Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: Redundant and Geobalancing setup

2016-02-13 Thread Robert Schetterer

Am 13.02.2016 um 04:00 schrieb Cedric Malitte:
> Hi,
> 
> I use dovecot for a long time now, but only as a single isolated server
> each time.
> 
> I joined a company a few years back. We had trouble with compagnies hosting
> our mail, supposedly full redundant and so on.
> 
> The company is small, but we have many dealers around the world, and it's
> growing.
> 
> Mail became the fist choice for clients to contact the dealers.
> No mail, and we loose sales.
> 
> For now we have a single server ( with a backup ) on east coast.
> And sometimes peoples from EU complain about speed ah users :)
> 
> What I'd like to implement is a redundant system with 2 servers, one in NA,
> one in EU.
> And I'd also like to be able to add another server if needed on the west
> coast.
> 
> Idea is, that if a server goes down, the users will be able to still
> receive and send mails, and never loose mails.
> 
> For geobalacing and failover, I read that I can do it with DNS ( I'm with
> easydns ).
> 
> I'm at the first stage where I collect informations that I try to
> understand and foresee a solution.
> 
> First idea is to set up servers with a mysql master, slaves and a glusterfs
> in replica mode on the servers.
> I tried glusterfs on FreeBSD and OMG, it's slow as hell ! ( well maybe it's
> a trouble on the VMs nics )
> On centos it's way better.
> But I read there might be trouble/index corruption for the mail storage on
> "shared" space using maildir.
> 
> I also had a look at dsync, but I wonder if it can be used on more than 2
> servers.
> 
> I found many pages on dovecot clusters using shared storage NFS mounted,
> but I feel it's not really what I need as the servers will be in different
> datacenters.
> 
> So any guide, clue hint would be really appreciated for me to do my
> homework !
> 
> Regards.
> 
> Cedric
> 

complicated and expensive for a small company
why not have one imap server in US and the other in EU
so US Users should have their Mailboxes on the US Server
EU users should have their Mailboxes on the EU Server

Smtp you might manage via smtp routing, perhaps with subdomains us eu
and aliasing

Or you might take some paid service which has geo stuff allready up and
and running, dont try or think of doing it yourself, unlees youre a guru

Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: Redundant and Geobalancing setup

2016-02-13 Thread Robert Schetterer

Am 14.02.2016 um 07:15 schrieb Cedric Malitte:
> Thanks Robert,
> 
> Having 2 separate servers would mean domain splitting in a way.
> So I'll have to dispatch incoming mail, and maintain 2 or more users
> databases.
> Well I could only maintain one, and let the DB replicate itself to other
> servers and only grab the users they are allowed to.
> 
> We have many domain aliases for many countries and a dozen users traveling
> around the globe.
> So geo balacing would not be the best for them.

hm...
you could do some dns setup which gives differ results
for your mail servers depending to the clients source ip

> 
> But the redundancy is missing if one server goes down, I loose a bunch
> of users and that's not what I am looking for.

yes storage and balancing is the problem, there are differ ways to solve it

> 
> I looked for providers offering that, but I guess my bosses would not let
> me spend over 3000$ per month on that.
> Else I would already have the mails hosted by microsoft and have a cocktail
> on the beach :)

a selfdone setup will not be cheap too

> 
> I'm not any kind of guru, I do not have any disciples.
> I did kernel mod development on embedded systems with freebsd 4 and 5, I
> still develop some linux kernel drivers for proprietary systems from time
> to time.
> My main degree is electronic engineering and I also graduated in computing
> related to management in other words I learned a bit of everything to be
> able to manage teams developers and understand what they do.

what i mean is experts in mail setups not your degree

> 
> Looks like it's doable, so I'll continue to dig and experiment.

of course it can be done ,but i think you will have a hard time unless
you get help from people with experience in that


> 
> Best regards
> 
> Cedric
> 
> 
> 2016-02-13 16:05 GMT-05:00 Robert Schetterer <r...@sys4.de>:
> 
>> Am 13.02.2016 um 04:00 schrieb Cedric Malitte:
>>> Hi,
>>>
>>> I use dovecot for a long time now, but only as a single isolated server
>>> each time.
>>>
>>> I joined a company a few years back. We had trouble with compagnies
>> hosting
>>> our mail, supposedly full redundant and so on.
>>>
>>> The company is small, but we have many dealers around the world, and it's
>>> growing.
>>>
>>> Mail became the fist choice for clients to contact the dealers.
>>> No mail, and we loose sales.
>>>
>>> For now we have a single server ( with a backup ) on east coast.
>>> And sometimes peoples from EU complain about speed ah users :)
>>>
>>> What I'd like to implement is a redundant system with 2 servers, one in
>> NA,
>>> one in EU.
>>> And I'd also like to be able to add another server if needed on the west
>>> coast.
>>>
>>> Idea is, that if a server goes down, the users will be able to still
>>> receive and send mails, and never loose mails.
>>>
>>> For geobalacing and failover, I read that I can do it with DNS ( I'm with
>>> easydns ).
>>>
>>> I'm at the first stage where I collect informations that I try to
>>> understand and foresee a solution.
>>>
>>> First idea is to set up servers with a mysql master, slaves and a
>> glusterfs
>>> in replica mode on the servers.
>>> I tried glusterfs on FreeBSD and OMG, it's slow as hell ! ( well maybe
>> it's
>>> a trouble on the VMs nics )
>>> On centos it's way better.
>>> But I read there might be trouble/index corruption for the mail storage
>> on
>>> "shared" space using maildir.
>>>
>>> I also had a look at dsync, but I wonder if it can be used on more than 2
>>> servers.
>>>
>>> I found many pages on dovecot clusters using shared storage NFS mounted,
>>> but I feel it's not really what I need as the servers will be in
>> different
>>> datacenters.
>>>
>>> So any guide, clue hint would be really appreciated for me to do my
>>> homework !
>>>
>>> Regards.
>>>
>>> Cedric
>>>
>>
>> complicated and expensive for a small company
>> why not have one imap server in US and the other in EU
>> so US Users should have their Mailboxes on the US Server
>> EU users should have their Mailboxes on the EU Server
>>
>> Smtp you might manage via smtp routing, perhaps with subdomains us eu
>> and aliasing
>>
>> Or you might take some paid service which has geo stuff allready up and
>> and running, dont try or think of doing it yourself, unlees youre a guru
>>
>> Best Regards
>> MfG Robert Schetterer
>>
>> --
>> [*] sys4 AG
>>
>> http://sys4.de, +49 (89) 30 90 46 64
>> Franziskanerstraße 15, 81669 München
>>
>> Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
>> Vorstand: Patrick Ben Koetter, Marc Schiffbauer
>> Aufsichtsratsvorsitzender: Florian Kirstein
>>



Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: Released Pigeonhole v0.4.12 for Dovecot v2.2.21

2016-02-08 Thread Robert Schetterer

Am 08.02.2016 um 18:49 schrieb Stephan Bosch:
> Op 2/7/2016 om 8:11 AM schreef Robert Schetterer:
>> Am 06.02.2016 um 11:32 schrieb Stephan Bosch:
>>> Hello Dovecot users,
>>>
>>> Here is the final v0.4.12 release of Pigeonhole for Dovecot v2.2.21.
>>> Nothing changed since the RC.
>>>
>>> Changelog v0.4.12:
>>>
>>> + Implemented the Sieve extracttext extension (RFC 5703; Section 7). It
>>>   is now possible to extract body text from a message into a variable.
>>> * Increased ABI version due to changes in the Sieve interpreter's object
>>>   definitions.
>>> - multiscript: Fixed bug in handling of (implicit) keep; final keep
>>>   action was always executed as though there was a failure. This caused
>>>   the keep action to revert back to the initial message, causing
>>>   editheader actions to be ignored.
>>> - managesieve-login: Fixed proxy to allow SASL mechanisms other than
>>>   PLAIN. Before, the proxy would fail if the server did not support the
>>>   PLAIN mechanism.
>>> - ldap storage: Prevent segfault occurring when assigning certain
>>>   (global) configuration options.
>>>
>>> The release is available as follows:
>>>
>>> http://pigeonhole.dovecot.org/releases/2.2/dovecot-2.2-pigeonhole-0.4.12.tar.gz
>>> http://pigeonhole.dovecot.org/releases/2.2/dovecot-2.2-pigeonhole-0.4.12.tar.gz.sig
>>>
>>> Refer to http://pigeonhole.dovecot.org and the Dovecot v2.x wiki for
>>> more information. Have fun testing this release and don't hesitate to
>>> notify me when there are any problems.
>>>
>>> Regards,
>>>
>> Hi Stephan, looks like
>> the last update at http://xi.rename-it.nl/
>> was on 04-Feb-2016 perhaps an additional build is need
>> with Pigeonhole v0.4.12 ?
>  
> As I mentioned earlier, Xi currently does not track release branches; it
> only follows master which has placeholder version 2.2.devel (Pigionhole
> has 0.4.devel).  So, unless I intervene manually, base versions are
> stuck at where they were last: Dovecot v2.2.21 and Pigeonhole v0.4.11.
> Of course, all changes are in there, but the versions are not updated
> with recent releases. This will be implemented once Dovecot v2.2.22 is
> released, so that I can test this properly.
> 
> Currently, as a workaround, you can use the git hash in the version
> output from `dovecot -n` to find which master commits are part of your
> package and thereby get an idea of what approximate version you are
> actually running.
> 
> Regards,
> 
> Stephan.
> 

thx Stephan , i am thinking i am fine now

with

dovecot_2.2.21-1~auto+115

looks like all sieve patches i want to test are included
reading git changelog


Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: Released Pigeonhole v0.4.12 for Dovecot v2.2.21

2016-02-06 Thread Robert Schetterer

Am 06.02.2016 um 11:32 schrieb Stephan Bosch:
> Hello Dovecot users,
> 
> Here is the final v0.4.12 release of Pigeonhole for Dovecot v2.2.21.
> Nothing changed since the RC.
> 
> Changelog v0.4.12:
> 
> + Implemented the Sieve extracttext extension (RFC 5703; Section 7). It
>   is now possible to extract body text from a message into a variable.
> * Increased ABI version due to changes in the Sieve interpreter's object
>   definitions.
> - multiscript: Fixed bug in handling of (implicit) keep; final keep
>   action was always executed as though there was a failure. This caused
>   the keep action to revert back to the initial message, causing
>   editheader actions to be ignored.
> - managesieve-login: Fixed proxy to allow SASL mechanisms other than
>   PLAIN. Before, the proxy would fail if the server did not support the
>   PLAIN mechanism.
> - ldap storage: Prevent segfault occurring when assigning certain
>   (global) configuration options.
> 
> The release is available as follows:
> 
> http://pigeonhole.dovecot.org/releases/2.2/dovecot-2.2-pigeonhole-0.4.12.tar.gz
> http://pigeonhole.dovecot.org/releases/2.2/dovecot-2.2-pigeonhole-0.4.12.tar.gz.sig
> 
> Refer to http://pigeonhole.dovecot.org and the Dovecot v2.x wiki for
> more information. Have fun testing this release and don't hesitate to
> notify me when there are any problems.
> 
> Regards,
> 

Hi Stephan, looks like
the last update at http://xi.rename-it.nl/
was on 04-Feb-2016 perhaps an additional build is need
with Pigeonhole v0.4.12 ?


Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: Setting Recent Flag on New Messages?

2016-01-28 Thread Robert Schetterer

Am 28.01.2016 um 16:51 schrieb Haravikk:
> I’ve tried sieve, but it can’t set this flag.

imapflags muss be added in 90-sieve.conf like

sieve_extensions = +notify +imapflags +editheader

from short sight on


https://tools.ietf.org/html/rfc5232

i found no reason why it shouldnt work, but Stephan Bosch should be the
best man to answer it


Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: dsync: INBOX Can't be deleted

2016-01-26 Thread Robert Schetterer

Am 26.01.2016 um 16:29 schrieb Marc Schiffbauer:
> * Timo Sirainen schrieb am 26.01.16 um 16:00 Uhr:
>>
>>> On 26 Jan 2016, at 15:56, Marc Schiffbauer <m...@sys4.de> wrote:
>>>
>>> * Sami Ketola schrieb am 23.01.16 um 23:27 Uhr:
>>>>
>>>>
>>>> On 23/01/16 15:33, Robert Schetterer wrote:
>>>>> for multiple advanced imap settings at migration you might use 
>>>>> imapsync not dsync Best Regards MfG Robert Schetterer 
>>>> Sure but imapsync does not preserve message UID's which means that users 
>>>> end up redownloading all their messages or message/UID mismatches will 
>>>> happen.
>>>
>>> IIRC that is not true. Some years ago I migrated a server to dovecot and 
>>> managed to do it with proper UID migration. No clients were required to 
>>> re-download Mail. Nor over IMAP neither POP3.
>>
>> IMAP protocol doesn't have a way for clients to specify UIDs.
>> Especially UIDVALIDITY can't be preserved in any way. IMAP clients
>> don't necessarily make it clearly visible that they're redownloading
>> mails though. With POP3 clients if they use the keep-mails-on-server
>> it pretty much has to redownload mails as duplicates. Unless the UIDL
>> was based on some email headers or such, the POP3 UIDL can't be
>> preserved either.
> 
> IDNRC ;-)
> 
> Then I am pretty sure that I used dsync. Because I AM sure that I had no 
> issues with re-dpwnloadeing and that I had an eye on especially on that.
> 

Hi Marc, you used dsync before on your project with success, then we
tried it too on the "our" project, that failed ,so we used imapsync
we ignored the problem with users pop3 letting their mails on the server
or better ,we pre informed them what will happen.


> -Marc
> 
> 



Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: dsync: INBOX Can't be deleted

2016-01-24 Thread Robert Schetterer

Am 23.01.2016 um 23:27 schrieb Sami Ketola:
> 
> 
> On 23/01/16 15:33, Robert Schetterer wrote:
>> for multiple advanced imap settings at migration you might use
>> imapsync not dsync Best Regards MfG Robert Schetterer 
> Sure but imapsync does not preserve message UID's which means that users
> end up redownloading all their messages or message/UID mismatches will
> happen.
> 
> Sami

One Year ago i tested Migration with dsync and it never worked
as awaited with non dovecot source server, hopefully somebody
other may help you and dsync code is now good enough to fix your
problem.


Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: dsync: INBOX Can't be deleted

2016-01-24 Thread Robert Schetterer

Am 24.01.2016 um 12:21 schrieb Sami Ketola:
> 
> 
> On 24/01/16 11:38, Robert Schetterer wrote:
>> Am 23.01.2016 um 23:27 schrieb Sami Ketola:
>>>
>>> On 23/01/16 15:33, Robert Schetterer wrote:
>>>> for multiple advanced imap settings at migration you might use
>>>> imapsync not dsync Best Regards MfG Robert Schetterer
>>> Sure but imapsync does not preserve message UID's which means that users
>>> end up redownloading all their messages or message/UID mismatches will
>>> happen.
>>>
>>> Sami
>> One Year ago i tested Migration with dsync and it never worked
>> as awaited with non dovecot source server, hopefully somebody
>> other may help you and dsync code is now good enough to fix your
>> problem.
>>
> One year ago we made successfull migrations with dsync. What kind of
> problems you had with it? Since dsync is the way we basicly do all our
> migrations.
> 
> Sami

I didnt remember exactly , i think it was no preserve message UID's from
courier source and additional namespace change on dovecot target
however it was not a big problem with imapsync and advice the users to
configure their clients to new server in total



Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: Sieve "foreverypart" and "mime" extensions (RFC 5703) now implemented

2016-01-24 Thread Robert Schetterer

Am 29.11.2015 um 20:48 schrieb Robert Schetterer:
> Am 29.11.2015 um 20:20 schrieb Stephan Bosch:
>> Hi,
>>
>> I have finally managed to implement the Sieve "foreverypart" and "mime"
>> extensions (RFC 5703). These are now included in the main Mercurial
>> repository and will be included in the next release.
>>
>> I will be fixing a few minor details in the coming week; e.g.,
>> interaction with "include" and "editheader" extensions needs more work.
>> Still,  in the mean time, those of you who are interested can already
>> test this feature a bit. It is not a small feature, so knowing bugs
>> early is helpful. You can install it from the Mercurial repository or
>> get the latest Debian packages from Xi.
>>
>> When I finish the last details (probably next week), I will release a
>> first RC version of Pigeonhole v0.4.10 right away.
>>
>> Regards,
>>
>> Stephan.
>>
> 
> Hi Stephan, thats good news, thx for coding
> so i can go on with tests about
> 
> forward mail without SPF DMARC conflicts via sieve
> 
> i ve written a german blog about that a year ago
> 
> https://sys4.de/de/blog/2014/10/29/email-forward-mit-sieve-ohne-spf-dmarc-und-dkim-konflikte/
> 
> 
> Best Regards
> MfG Robert Schetterer
> 


now tests with new extensions

https://sys4.de/de/blog/2016/01/24/e-mail-weiterleitungen-mit-dovecot-sieve-ohne-spf-dmarc-und-dkim-konflikte-2/


Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: dsync: INBOX Can't be deleted

2016-01-23 Thread Robert Schetterer

Am 23.01.2016 um 10:30 schrieb Christoph Adomeit:
> Hi,
> 
> I am Migrating an old cyrus mailserver to dovecot.
> 
> in the old cyrus Mailserver all User Mailboxes are
> sub-mailboxes of their INBOX.
> 
> I have to preserve that structure.
> 
> During Migration with dsync I get these Errors:
> 
> Error: Mailbox INBOX sync: mailbox_delete failed: INBOX can't be deleted
> 
> Is there a way to work around these Errors ?
> 
> Thanks
>   Christoph
> 

for multiple advanced imap settings at migration you might use imapsync
not dsync


Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: segfaults with Dovecot 2.2.21

2016-01-22 Thread Robert Schetterer

Am 22.01.2016 um 10:06 schrieb Peer Heinlein:
> Am 21.01.2016 um 23:20 schrieb Robert Schetterer:
> 
> 
>> just recompiled the same on ubuntu 14.04
>> running tests no bugs yet
> 
> Yes, we also have this version running on other systems without segfaults.
> 
>> dovecot-core:amd64 2:2.2.21-1~auto+66
> 
> (and we also had segfaults with older builds)
> 
> 
> Peer
> 
> 
> 
> 

Ok thx for info


Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: segfaults with Dovecot 2.2.21

2016-01-21 Thread Robert Schetterer

-> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run_internal+0xd7)
> [0x7fcbf55b1ee7] ->
> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0x25)
> [0x7fcbf55b0bb5] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x38)
> [0x7fcbf55b0d58] ->
> /usr/lib/dovecot/libdovecot.so.0(master_service_run+0x13)
> [0x7fcbf554c4b3] -> dovecot/imap [p142324p3 80.153.228.104 NOOP
> NOOP](main+0x2d8) [0x7fcbf5d77eb8] ->
> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xfd) [0x7fcbf51adead]
> -> dovecot/imap [p142324p3 80.153.228.104 NOOP NOOP](+0xf03d)
> [0x7fcbf5d7803d]
> 
> 
> 
> 

just recompiled the same on ubuntu 14.04
running tests no bugs yet

dovecot-core:amd64 2:2.2.21-1~auto+66

any idea what action provided  your segfault

Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: sieve - content checks with special chars

2016-01-11 Thread Robert Schetterer

Am 11.01.2016 um 11:24 schrieb Hajo Locke:
> Hello,
> 
> currently i try subject tests with special chars and german umlauts öäü
> etc.
> 
> if header :contains "subject" [" äää"] {
>   fileinto "umlauts";
> }
> 
> iam surprised, this is working out of the box. great! in procmail i had
> to add a second step by manual coding the needle with perl.
> is sieve reliable at this kind of tests or are there some special cases?
> iam worried about this, because it was to easy.  confusing... ;)
> 
> Thanks,
> Hajo

I mail fail, but i think working with special chars was fixed some time
ago and is now default on


i found some info here

http://wiki2.dovecot.org/Pigeonhole/Sieve/Troubleshooting#Mailbox_Names_with_non-ASCII_Characters_Cause_Problems



Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: Sieve "foreverypart" and "mime" extensions (RFC 5703) now implemented

2015-11-29 Thread Robert Schetterer

Am 29.11.2015 um 20:20 schrieb Stephan Bosch:
> Hi,
> 
> I have finally managed to implement the Sieve "foreverypart" and "mime"
> extensions (RFC 5703). These are now included in the main Mercurial
> repository and will be included in the next release.
> 
> I will be fixing a few minor details in the coming week; e.g.,
> interaction with "include" and "editheader" extensions needs more work.
> Still,  in the mean time, those of you who are interested can already
> test this feature a bit. It is not a small feature, so knowing bugs
> early is helpful. You can install it from the Mercurial repository or
> get the latest Debian packages from Xi.
> 
> When I finish the last details (probably next week), I will release a
> first RC version of Pigeonhole v0.4.10 right away.
> 
> Regards,
> 
> Stephan.
> 

Hi Stephan, thats good news, thx for coding
so i can go on with tests about

forward mail without SPF DMARC conflicts via sieve

i ve written a german blog about that a year ago

https://sys4.de/de/blog/2014/10/29/email-forward-mit-sieve-ohne-spf-dmarc-und-dkim-konflikte/


Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: sieve is working/forwarding mail - but not for all users

2015-11-25 Thread Robert Schetterer

Am 25.11.2015 um 15:05 schrieb Götz Reinicke - IT Koordinator:
> Hi,
> 
> we have dovecot-ee-2.2.18.2 and pigeonhole/managesieve 0.4.8 running for
> some time.
> 
> Today some users informed us that they did not get mails from one
> project account forwarded to there personal accounts any more.
> 
> This worked till one week ago and I cant think of any changes we made...
> 
> The project account keeps a copy of received mails.
> 
> I tried two different accounts to configure forwarding to internal and
> external mail addresses which is working.
> 
> Question: Any hint or idea? How may I debug sieve forwarding?
> 
>   Thanks and regards . Götz
> 

look at the related rules and logs ( search for sieve )

i.e

http://wiki.dovecot.org/LDA/Sieve/Dovecot

...
Compile and Runtime Logging


Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: master user in dovecot 1.2

1.2.9 is very outdated, install a recent version

2009-12-16  1.2.9   changeset | changelog | files

vs

12 days ago Timo Sirainen   Released v2.2.19. 2.2.19


Am 15.10.2015 um 13:12 schrieb Michal Žila:
> Hello list,
> 
> i would like to use master user functionality in dovecot v1.2, but i just 
> cant get it to work:
> 
> Here’s my configuration:
> 
> # dovecot -n
> # 1.2.9: /etc/dovecot.conf
> # OS: Linux 2.6.18-164.10.1.el5PAE i686 Red Hat Enterprise Linux Server 
> release 5.4 (Tikanga)
> login_dir: /var/run/dovecot/login
> login_executable(default): /usr/libexec/dovecot/imap-login
> login_executable(imap): /usr/libexec/dovecot/imap-login
> login_executable(pop3): /usr/libexec/dovecot/pop3-login
> first_valid_uid: 200
> mail_privileged_group: mail
> mail_location: mbox:~/mail:INBOX=/var/mail/%u
> mail_executable(default): /root/dovecot-master-postlogin
> mail_executable(imap): /root/dovecot-master-postlogin
> mail_executable(pop3): /usr/libexec/dovecot/pop3
> mail_plugin_dir(default): /usr/lib/dovecot/imap
> mail_plugin_dir(imap): /usr/lib/dovecot/imap
> mail_plugin_dir(pop3): /usr/lib/dovecot/pop3
> lda:
>   postmaster_address: postmas...@example.com
> auth default:
>   master_user_separator: *
>   debug: yes
>   passdb:
> driver: passwd-file
> args: /etc/dovecot.passwd.masterusers
> pass: yes
> master: yes
>   passdb:
> driver: pam
>   userdb:
> driver: passwd
> 
> 
> # cat /root/dovecot-master-postlogin
> #!/bin/bash
> MASTER_USER=$USER
> export MASTER_USER
> exec /usr/libexec/dovecot/imap "$@“
> 
> 
> # cat /etc/dovecot.passwd.masterusers
> masteruser:{PLAIN}Heslo42
> 
> 
> Trying login as normal user:
> 
> # telnet localhost imap
> Trying 127.0.0.1...
> Connected to localhost.localdomain (127.0.0.1).
> Escape character is '^]'.
> * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE 
> STARTTLS AUTH=PLAIN] Dovecot ready.
> a1 login jozefkova jozefkova026
> a1 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE SORT 
> SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT IDLE CHILDREN 
> NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT 
> SEARCHRES WITHIN CONTEXT=SEARCH] Logged in
> 
> 
> Trying login as master user:
> 
> # telnet localhost imap
> Trying 127.0.0.1...
> Connected to localhost.localdomain (127.0.0.1).
> Escape character is '^]'.
> * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE 
> STARTTLS AUTH=PLAIN] Dovecot ready.
> a1 login jozefkova*masteruser Heslo42
> a1 NO [AUTHORIZATIONFAILED] Authorization failed
> 
> 
> log sequence of failed auth:
> 
> Oct 15 13:04:47 linux dovecot: auth(default): client in: AUTH 1   PLAIN   
> service=imapsecured lip=127.0.0.1   rip=127.0.0.1   lport=143   
> rport=34618 resp=
> Oct 15 13:04:47 linux dovecot: auth(default): 
> passwd-file(masteruser,127.0.0.1,master): lookup: user=masteruser 
> file=/etc/dovecot.passwd.masterusers
> Oct 15 13:04:47 linux dovecot: auth(default): 
> passdb(masteruser,127.0.0.1,master): Master user logging in as jozefkova
> Oct 15 13:04:47 linux dovecot: auth-worker(default): 
> pam(jozefkova,127.0.0.1): lookup service=dovecot
> Oct 15 13:04:47 linux dovecot: auth-worker(default): 
> pam(jozefkova,127.0.0.1): #1/1 style=1 msg=Password:
> Oct 15 13:04:49 linux dovecot: auth-worker(default): 
> pam(jozefkova,127.0.0.1): pam_authenticate() failed: Authentication failure 
> (password mismatch?)
> Oct 15 13:04:51 linux dovecot: auth(default): client out: FAIL1   
> user=jozefkova  authz
> 
> 
> 
> So i can see it’s trying to loggin in using pam mech. Is there something i 
> can configure in dovecot userdb or is it something else? I use pam to 
> authenticate my real users…
> 
> 
> Thank you in advance…
> 
> 
> 
> —
> Michal Zila
> 



Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: master user in dovecot 1.2

Am 15.10.2015 um 17:40 schrieb Benny Pedersen:
> Robert Schetterer skrev den 2015-10-15 17:31:
>> 1.2.9 is very outdated, install a recent version
>>
>> 2009-12-16 1.2.9 changeset | changelog | files
> 
> 1.2.17 is latest, if its not any problem with that version i just
> consider its stable
> 
> but fair its outdated, but not unstable

but dont expect wide list support and recent bugfixes included




Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: master user in dovecot 1.2

Am 15.10.2015 um 17:58 schrieb Benny Pedersen:
> Robert Schetterer skrev den 2015-10-15 17:48:
> 
>> but dont expect wide list support and recent bugfixes included
> 
> i have no problem with stable software even if its outdated, for me it
> changes if its unstable

stable vs unstable is a very personal idea from software

over the time related to dovecot there may existed versions called stable
but there was never a bugfree one, depend to all features included, so
its more like a rolling release in general. So using latest is always
the best option




Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: master user in dovecot 1.2