Re: MySQL connection with SSL
On 2024-05-16, Christopher Wensink via dovecot wrote: > See here for the documentation for dovecot: > > https://doc.dovecot.org/admin_manual/ssl/ Wrong bit of the manual. See the sample dovecot-sql.conf.ext or https://doc.dovecot.org/configuration_manual/authentication/sql/#id10 ___ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-le...@dovecot.org
Re: [Sieve] Multiple email recipients, how?
On 2019-11-22, Ralph Seichter via dovecot wrote: > * Robert via dovecot: > >> We use a simple system for routing emails to different email users by >> postfixing the addresses with the actual user: xxxJohn@domain; >> yyyJohn@domain etc all will be delivered to user John. >> (This way John can invent a new email address on-the-fly and that will >> be delivered to his email box.) But now you can't have a username like "BigJohn@domain". To avoid this problem a separator character of some sort (that isn't used in a normal email address at your site) is really wanted. > This seems like a strange way achieve flexible email addresses. Are you > aware of sub-addressing? It has been around for ages, and is supported > by Dovecot (and Gmail, incidentally). > > Imagine an existing email account . If alice wants to > use a subadress, she signs up with , and Dovecot > can automatically place incoming mail for that address into INBOX/foo > (or just INBOX if INBOX/foo does not exist). Alice can use as many > sub-adresses as she needs without anybody making config changes. This method works well, but the separator character can be a problem. "+" is traditional, but is widely blocked by website validators - if you can use "-" or "." instead they're much more likely to be accepted.
Re: Dovecot for imap with LDAP
On 2019-08-09, Joseph Mays via dovecot wrote: > I am looking at replacing our creaky old courier-imap server, which takes > authentication and user info from an LDAP database, with dovecot imap. Any > comments on the wisdom of this choice of action, or anything I should know > about the setting up before starting to work on it? Plenty of people have this type of setup, if you already know what you're doing with LDAP from the existing installation you shouldn't have any problem configuring it with Dovecot.
Re: Replication issue 2.3.7
On 2019-07-16, Stuart Henderson via dovecot wrote: > On 2019/07/16 19:46, Aki Tuomi wrote: >> >> > On 16/07/2019 18:40 Stuart Henderson via dovecot >> > wrote: >> > >> > >> > On 2019-07-13, Reio Remma via dovecot wrote: >> > > Hello! >> > > >> > > I noticed these in the logs since upgrading from 2.3.6. to 2.3.7: >> > > >> > > Jul 13 11:52:10 turin dovecot: doveadm: Error: >> > > dsync-remote(r...@mrstuudio.ee): Error: >> > > Exporting mailbox INBOX failed: Mailbox attribute >> > > vendor/vendor.dovecot/pvt/server/sieve/files/MR lookup failed: Mailbox >> > > attributes not enabled >> > > Jul 13 11:52:11 turin dovecot: doveadm: Error: >> > > dsync-remote(r...@mrstuudio.ee): Error: >> > > Exporting mailbox INBOX failed: Mailbox attribute >> > > vendor/vendor.dovecot/pvt/server/sieve/files/MR lookup failed: Mailbox >> > > attributes not enabled >> > >> > Same here (in my case: on OpenBSD -current, mdbox, pigeonhole 0.5.7). >> > I have backed out to 2.3.6 + pigeonhole 0.5.6 and it's happy again. >> >> Instead of downgrading, you could've attempted >> >> mail_attribute_dict = file:%h/dovecot-attributes >> >> to enable mailbox attributes. This should fix sieve script replication too. >> >> Aki > > Perhaps, but when dealing with mailboxes out of sync between the two > replicated machines the first thought is to backout the change that > triggered the problem, rather than guess things that might help, > especially when they aren't mentioned in the release notes (actually > the only thing I find in either NEWS or ChangeLog relating to > attributes/metadata at all since the last release is adding methods > to access this via lua API?). > > So after adding "mail_attribute_dict = file:%h/dovecot-attributes" (alone, I have not configured to use the METADATA extension and the file is not being created) and going back to 2.3.7, syncs are now working and I see no more "lookup failed: Mailbox attributes not enabled". Prior to adding mail_attribute_dict, with a two server dsync setup, new mail was syncing from A->B ok but new mail arriving on B didn't sync to A. I'm happy that things are now functioning ok on this setup but given the limited information about what's happening and no information about config changes needed for 2.3.6->2.3.7 I'm a bit twitchy about 2.3.7 in OS packages (I reverted it to 2.3.6 in OpenBSD after running into the problem) so it would be nice to know a little more about what's going on here.
Re: Replication issue 2.3.7
On 2019/07/16 19:46, Aki Tuomi wrote: > > > On 16/07/2019 18:40 Stuart Henderson via dovecot > > wrote: > > > > > > On 2019-07-13, Reio Remma via dovecot wrote: > > > Hello! > > > > > > I noticed these in the logs since upgrading from 2.3.6. to 2.3.7: > > > > > > Jul 13 11:52:10 turin dovecot: doveadm: Error: > > > dsync-remote(r...@mrstuudio.ee): Error: > > > Exporting mailbox INBOX failed: Mailbox attribute > > > vendor/vendor.dovecot/pvt/server/sieve/files/MR lookup failed: Mailbox > > > attributes not enabled > > > Jul 13 11:52:11 turin dovecot: doveadm: Error: > > > dsync-remote(r...@mrstuudio.ee): Error: > > > Exporting mailbox INBOX failed: Mailbox attribute > > > vendor/vendor.dovecot/pvt/server/sieve/files/MR lookup failed: Mailbox > > > attributes not enabled > > > > Same here (in my case: on OpenBSD -current, mdbox, pigeonhole 0.5.7). > > I have backed out to 2.3.6 + pigeonhole 0.5.6 and it's happy again. > > Instead of downgrading, you could've attempted > > mail_attribute_dict = file:%h/dovecot-attributes > > to enable mailbox attributes. This should fix sieve script replication too. > > Aki Perhaps, but when dealing with mailboxes out of sync between the two replicated machines the first thought is to backout the change that triggered the problem, rather than guess things that might help, especially when they aren't mentioned in the release notes (actually the only thing I find in either NEWS or ChangeLog relating to attributes/metadata at all since the last release is adding methods to access this via lua API?).
Re: Replication issue 2.3.7
On 2019-07-13, Reio Remma via dovecot wrote: > Hello! > > I noticed these in the logs since upgrading from 2.3.6. to 2.3.7: > > Jul 13 11:52:10 turin dovecot: doveadm: Error: > dsync-remote(r...@mrstuudio.ee): Error: > Exporting mailbox INBOX failed: Mailbox attribute > vendor/vendor.dovecot/pvt/server/sieve/files/MR lookup failed: Mailbox > attributes not enabled > Jul 13 11:52:11 turin dovecot: doveadm: Error: > dsync-remote(r...@mrstuudio.ee): Error: > Exporting mailbox INBOX failed: Mailbox attribute > vendor/vendor.dovecot/pvt/server/sieve/files/MR lookup failed: Mailbox > attributes not enabled Same here (in my case: on OpenBSD -current, mdbox, pigeonhole 0.5.7). I have backed out to 2.3.6 + pigeonhole 0.5.6 and it's happy again.
Re: Virus scan + removal on a mdbox mail storage
On 2019-02-22, David Pottage via dovecot wrote: > On 2019-02-21 22:14, Christoph Haas via dovecot wrote: > NO! My mail storage is mdbox. And at the moment I have no intention to convert it to Maildir! >>> Could I ask why? maildir is a better storage format is almost every >>> respect. >> >> well, I have a mailbox with about 50k emails ..., so one reason seems >> to me better backup performance with mdbox, since there are much less >> files to save. > > Assuming that you backup regularly then maildir is much better, because > new emails show up as new files, while old ones are left unchanged. This > means that an incremental backup only has to process new emails. With > mailbox, the file for the entire folder changes every time a new email > is delivered or the user edits any of them, so the whole mailbox needs > to be backed up again, resulting in far more I/O and time. It sounds like perhaps you're confusing mdbox with mbox. mdbox uses multiple files but not a single file per message. It is fairly sane for backup handling - depending on how you set things up, you can have it rotate after a fixed size, fixed time, or combination. https://wiki2.dovecot.org/MailboxFormat/dbox
Re: Need to authenticate Outlook and NTLM
On 2019-02-13, Mark Foley via dovecot wrote:
> Is it possible that no one on this list is authenticating Outlook with
> Dovecot and NTLM?
Yes, it's possible, the outdated instructions you found on the wiki
suggests it's an uncommon configiration.
No actual answers from me, but it might give you some clues:
> More on this ...
>
> I short-sheeted ntlm_auth to see what was being passed to it. It is getting
> as arg1:
>
> --helper-protocol=squid-2.5-ntlmssp
>
> I tried running ntlm_auth at the command line as:
>
> ntlm_auth --username=user --password=password
> --helper-protocol=squid-2.5-ntlmssp
>
> It did nothing, just hung there. The ntlm_auth man page says:
>
> --helper-protocol=PROTO
> Operate as a stdio-based helper. Valid helper protocols are:
The squid auth helpers are stdio-based, they run in a loop, reading from
stdin, checking authentication, and return results on stdout. This avoids both
passing sensitive data on the command line (visible to ps, at least briefly)
and the need to keep forking and initialising a new process.
So it's normal that it would just sit waiting for input.
Dovecot is just reusing the same protocol that squid uses.
> After more searching I came across this post,
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774263
> which, in summary, said that ntlm_auth had to run as root. So, I added the
> following to my
> dovecot config per that post's suggestion:
>
> service auth {
> user = root
> }
>
> After restarting and trying again to connect from Outlook I got the message:
>
> auth: Info: ntlm(?,192.168.0.58,): user not authenticated:
> NT_STATUS_NO_MEMORY
I don't know the full details of how samba/ntlm works, but this seems like
an error coming from the server you're attempting to authenticate against.
I think you should start debugging on the samba side - make sure tools
like wbinfo are working, if not then debug those with samba, then move
on to Dovecot after you have that working.
