[Dovecot] Dsync and compressed mailboxes
Hi, I will begin two migrations next week, and in both cases I plan to use compressed mailboxes with mdbox format. But in the last minute one doubt has appeared: is dsync aware of compressed mailboxes? I'm not sure if dsync -u $USER mirror mdbox:compressed_mdbox_path works, or if I have to use something else (I guess that with a running dovecot dsync backup should work). Thanks.
Re: [Dovecot] Using Dovecot-auth to return error code 450 (or other 4xx) to Postfix when user is on vacation
anyway if you use other vacation tecs, make sure allready flagged spam by i.e clamav, amavis, spamassassin etc in postfix stage is not handled by your vacation service , script etc. as far i remember i gave some patch to the postfixadmin vacation script doing exact this If you're using any antispam soft that gives every mail a spam score (like spamassassin does), you can use a strong rule for vacation replies (like only messages with a spam score under 5 are allowed, but only those under 3 may have a vacation reply).
Re: [Dovecot] Temporary forbid some users login ?
El 01/02/12 06:55, Frank Bonnet escribió: hello is there a way to forbid SOME ( not all ) users's login with dovecot 2 ? I need to move their IMAP folders to another place with more disk space but I don't want to stop dovecot IMAP service for the other users as the moving process will be a bit long ( 1 Tb to move ) thanks Take a look to conf.d/auth-deny.conf.ext You can setup a new passdb (a passwd-file can do it) with deny = yes, and add/remove users to that passwd-file as needed.
Re: [Dovecot] need simpler directions on user authentication
El 01/03/12 01:54, David Benfell escribió: Hi all, My situation is this: I have postfix running on a Linode under Arch Linux. A recent upgrade to dovecot broke the configuration. Now I get Couldn't drop privileges: User is missing UID (see mail_uid setting). I do not want virtual users. I do not particularly want SQL or LDAP. I do have multiple domains. I do use Maildir. I already have SSL certificates for the server which I did manage to get dovecot to quit complaining about. The documentation is driving me nuts. It keeps telling me about stuff I think I don't need. And I can't tell what I actually *do* need. All I want is for system users, including myself, to be able to get their mail. How do I do this? Thank you! David Benfell dbenf...@gmail.com If you give us some information maybe we could help you. At least, we need the output of doveadm config -n and the relevant log lines.
[Dovecot] Error compiling pigeonhole 0.3.0 with dovecot-2.1.5 in openbsd 5.0
Hi, I've just tried to compile dovecot pigeonhole in my openbsd box, and got this: gcc -DHAVE_CONFIG_H -I. -I../.. -I/home/seajob/build/dovecot-2.1.5 -I/home/seajob/build/dovecot-2.1.5/src/lib -I/home/seajob/build/dovecot-2.1.5/src/lib-dict -I/home/seajob/build/dovecot-2.1.5/src/lib-dns -I/home/seajob/build/dovecot-2.1.5/src/lib-mail -I/home/seajob/build/dovecot-2.1.5/src/lib-imap -I/home/seajob/build/dovecot-2.1.5/src/lib-fs -I/home/seajob/build/dovecot-2.1.5/src/lib-charset -I/home/seajob/build/dovecot-2.1.5/src/lib-index -I/home/seajob/build/dovecot-2.1.5/src/lib-storage -I/home/seajob/build/dovecot-2.1.5/src/lib-storage/index -I/home/seajob/build/dovecot-2.1.5/src/lib-storage/index/raw -I../.. -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -I/usr/include -MT managesieve-quote.o -MD -MP -MF .deps/managesieve-quote.Tpo -c -o managesieve-quote.o managesieve-quote.c mv -f .deps/managesieve-quote.Tpo .deps/managesieve-quote.Po gcc -DHAVE_CONFIG_H -I. -I../.. -I/home/seajob/build/dovecot-2.1.5 -I/home/seajob/build/dovecot-2.1.5/src/lib -I/home/seajob/build/dovecot-2.1.5/src/lib-dict -I/home/seajob/build/dovecot-2.1.5/src/lib-dns -I/home/seajob/build/dovecot-2.1.5/src/lib-mail -I/home/seajob/build/dovecot-2.1.5/src/lib-imap -I/home/seajob/build/dovecot-2.1.5/src/lib-fs -I/home/seajob/build/dovecot-2.1.5/src/lib-charset -I/home/seajob/build/dovecot-2.1.5/src/lib-index -I/home/seajob/build/dovecot-2.1.5/src/lib-storage -I/home/seajob/build/dovecot-2.1.5/src/lib-storage/index -I/home/seajob/build/dovecot-2.1.5/src/lib-storage/index/raw -I../.. -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -I/usr/include -MT managesieve-parser.o -MD -MP -MF .deps/managesieve-parser.Tpo -c -o managesieve-parser.o managesieve-parser.c managesieve-parser.c: In function 'quoted_string_istream_read': managesieve-parser.c:639: error: 'EPROTO' undeclared (first use in this function) managesieve-parser.c:639: error: (Each undeclared identifier is reported only once managesieve-parser.c:639: error: for each function it appears in.) *** Error code 1 Stop in /home/seajob/build/dovecot-2.1-pigeonhole-0.3.0/src/lib-managesieve (line 92 of /usr/share/mk/sys.mk). *** Error code 1 Stop in /home/seajob/build/dovecot-2.1-pigeonhole-0.3.0/src (line 289 of Makefile). *** Error code 1 Stop in /home/seajob/build/dovecot-2.1-pigeonhole-0.3.0 (line 474 of Makefile). *** Error code 1 Stop in /home/seajob/build/dovecot-2.1-pigeonhole-0.3.0 (line 353 of Makefile).
Re: [Dovecot] Error compiling pigeonhole 0.3.0 with dovecot-2.1.5 in openbsd 5.0
Looks like BSD doesn't know EPROTO (although it is POSIX). Dovecot uses EIO elsewhere for such stream errors, so I adopted that for ManageSieve as well. This should fix it: http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/ef5045159e6b Regards, Perfect, thank you
[Dovecot] Director problems
Hi,
I've just setup a testing enviroment for director, and it's not working
as expected. I have just 1 director (called director) and 2 dovecot
servers (dovecot1 and dovecot2); these are exact copies.
First problem: when both dovecot servers are up, every imap connection
is redirected to the same server as you can see here:
$ sudo doveadm director map
user mail server ip expire time
unknown 158.227.4.186 2012-06-06
13:34:12
unknown 158.227.4.186 2012-06-06
13:34:27
unknown 158.227.4.186 2012-06-06
13:34:34
(I don't know if that unknown is good or not)
I've tried with 3 different users and ips to no change, users are always
directed to the same host.
Second problem: if I try to add/remove/modify one of the dovecot
servers, the output of doveadm director map/status seems to be ok, but
any new user connection fails with this log:
Jun 6 14:51:59 director dovecot: director: Warning: Delaying new user
requests until ring is synced
Jun 6 14:52:27 director dovecot: director: Error: director: User test1
host lookup failed: Timeout - queued for 30 secs (Ring not synced for 73
secs)
Jun 6 14:52:31 director dovecot: imap-login: Aborted login (auth
failed, 1 attempts in 34 secs): user=, method=PLAIN,
rip=158.227.4.186, lip=158.227.4.185, TLS, session=Oyx9O83B/wCe4wS6
Any clue?
This is the dovecot config -n output:
# 2.1.7: /usr/local/etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-220.17.1.el6.x86_64 x86_64 Red Hat Enterprise Linux
Server release 6.2 (Santiago)
director_mail_servers = dovecot1.example dovecot2.example
director_servers = director.example
lmtp_proxy = yes
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date ihave
passdb {
args = proxy=y nopassword=y starttls=any-cert
driver = static
}
service auth {
unix_listener auth-userdb {
group = mail
mode = 0660
user = dovecot
}
}
service director {
fifo_listener login/proxy-notify {
mode = 0666
}
inet_listener {
port = 9090
}
unix_listener director-userdb {
mode = 0600
}
unix_listener login/director {
mode = 0666
}
}
service imap-login {
executable = imap-login director
service_count = 0
}
service lmtp {
client_limit = 1
inet_listener lmtp {
port = 24
}
unix_listener /var/lib/dovecot/lmtp-socket {
group = root
mode = 0600
user = root
}
}
service pop3-login {
executable = pop3-login director
service_count = 0
}
service pop3 {
process_limit = 5000
}
shutdown_clients = no
ssl_cert = /etc/ssl/private/dovecot.pem
ssl_key = /etc/ssl/private/dovecot.pem
userdb {
driver = passwd
}
verbose_proctitle = yes
version_ignore = yes
protocol lmtp {
auth_socket_path = director-userdb
}
protocol imap {
mail_max_userip_connections = 100
}
Re: [Dovecot] Email auto purging applied to all mail folders
El 06/06/12 18:19, Joe V Aldeguer escribió: Hello, Is it possible to have this done not only for spam and trash folder but lets say like the user inbox and any user created mail folders too? My ultimate goal is to have a way to automate the email deletion process of emails stored in the user inbox or mail folders when it reaches a specified date. My boss wants to force users to keep emails only a month old anything beyond that will be deleted. Has anyone done this using dovecot and are there any guides available? I am also open to suggestions for commercial solutions but so far searching online for solutions only comes up with email archiving. Something like doveadm expunge -A mailbox '*' savedbefore 1m should do that, depending on your userdb. But check with doveadm search before expunging anything! HTH
Re: [Dovecot] Director problems
El 09/06/12 23:17, Timo Sirainen escribió: On 6.6.2012, at 16.01, Joseba Torre wrote: I've just setup a testing enviroment for director, and it's not working as expected. I have just 1 director (called director) and 2 dovecot servers (dovecot1 and dovecot2); these are exact copies. First problem: when both dovecot servers are up, every imap connection is redirected to the same server as you can see here: $ sudo doveadm director map user mail server ip expire time unknown 158.227.4.186 2012-06-06 13:34:12 unknown 158.227.4.186 2012-06-06 13:34:27 unknown 158.227.4.186 2012-06-06 13:34:34 (I don't know if thatunknown is good or not) I've tried with 3 different users and ips to no change, users are always directed to the same host. Perhaps you just managed to use such usernames that map to the same director.. You can try with doveadm director statususer to see where they should go. I was thinking that users where sent to one server or another in a more or less random way. As always, your guess was right, test[1-4] are all sent to the same server, but for example jorge is sent to the other one. Second problem: if I try to add/remove/modify one of the dovecot servers, the output of doveadm director map/status seems to be ok, but any new user connection fails with this log: Jun 6 14:51:59 director dovecot: director: Warning: Delaying new user requests until ring is synced Looks like there's a bug when only one director is used. I'll try and fix it later.. Thanks a lot for your support
Re: [Dovecot] Director problems
Second problem: if I try to add/remove/modify one of the dovecot servers, the output of doveadm director map/status seems to be ok, but any new user connection fails with this log: Jun 6 14:51:59 director dovecot: director: Warning: Delaying new user requests until ring is synced Looks like there's a bug when only one director is used. I'll try and fix it later.. Thanks a lot for your support Fixed: http://hg.dovecot.org/dovecot-2.1/rev/46d01b728647 Works perfectly, thank you
Re: [Dovecot] dovecot 2.1.5 performance
El 20/06/12 11:46, Angel L. Mateo escribió: On 20/06/12 11:40, Angel L. Mateo wrote: Hello, I'm migrating from 1.1.16 running in 4 debian lenny servers virtualized with xenserver and 1 core and 5GB of RAM to 2.1.5 running in 4 ubuntu 12.04 servers with 6 cpu cores and 16GB of RAM virtualized with VMWare, but I'm having lots a performance problems. I don't think that virtualization platform could be the problem, because the new servers running in xenserver has the same problems than running in vmware. I have about 7 user accounts, most of them without real activity (they are students who doesn't read his email or have its account redirected to other provider). I have about 700-1000 concurrent imap connections. I have storage in nfs (nfsv3, the nfs server is a celerra), but indexes are in local filesystems (each server has its own index fs). Mailboxes are in maildir format. Old servers and actual director servers are load balanced with an radware appdirector load balancer (the new backend servers don't need to be balanced because I'm using a director farm) In the old platform I have scenario number 2 described at http://wiki2.dovecot.org/NFS, but in the new ones I have a director proxy directing all connections from each user to the same server (I don't specify any server for the user, director selects it according to the hash algorithm it has). Some doubts I have for the recommended in that url: * mmap_disable: both single and multi server configurations have mmap_disable=yes but in index file section says that you need it if you have your index files stored in nfs. I have it stored locally. Do I need mmap_disable=yes? What it's the best? * dotlock_use_excl: it is set to no in both configurations, but the comment says that it is needed only in nfsv2. Since I have nfs3, I have it set it to yes. * mail_nfs_storage: In single server is set to no, but in multi server it set to yes. Since I have a director in front of my backend server, what is the recommended? As I see it, director ensures that only 1 server is accesing any given file, so you don't need any special conf (so mmap_disable=no mail_nfs_storage=no)
[Dovecot] Director + managesieve: is it posible?
Hi, I've just tried to add managesieve to our director server, and when I try to connect they fail with Jun 26 12:28:13 director2 dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=sieve#011secured#011session=5LNQjl3DjQAKAAsR#011lip=10.0.100.75#011rip=10.0.11.17#011lport=4190#011rport=39309#011resp=hidden Jun 26 12:28:13 director2 dovecot: managesieve-login: Error: proxy: host not given: user=test1, method=PLAIN, rip=10.0.11.17, lip=10.0.100.75, TLS, session=5LNQjl3DjQAKAAsR Jun 26 12:28:13 director2 dovecot: managesieve-login: Disconnected (internal failure, 1 succesful auths): user=lgsfeacd, method=PLAIN, rip=10.0.11.17, lip=10.0.100.75, TLS, session=5LNQjl3DjQAKAAsR Is it posible to use director for this? Or only static proxy is allowed? Agur.
[Dovecot] doveadm director status username != doveadm director status username@mailserver
Hi,
I've almost finished my new director based setup, but in the first test
I discovered that imap and lmtp connections were not always being
proxied to the same server. After some research now I think that the
main problem is that in imap connections users connect as 'username'
while lmtp connections are as 'username@mailserver'.
In my current setup I receive mail via SMTP in my director servers
(which are loadbalanced by a CISCO machine), and then they send them to
dovecot running on localhost. I've tried to get rid of the @mailserver
in postfix in a generic way with no success.
Is there any way to redirect connections based only in the local part of
the address? Or there is a way to get rid of the @mailserver in the
postfix - lmtp connection?
Both doveadm config -n and postconf -n are attached.
Thanks.
$ doveadm config -n
# 2.1.8: /usr/local/etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-220.17.1.el6.x86_64 x86_64 Red Hat Enterprise Linux
Server release 6.2 (Santiago)
auth_debug = yes
auth_master_user_separator = *
auth_verbose = yes
director_mail_servers = buzones2.ehu.es buzones3.ehu.es
director_servers = director1.ehu.es director2.ehu.es
doveadm_proxy_port =
lmtp_proxy = yes
mail_debug = yes
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date ihave
passdb {
args = proxy=y nopassword=y starttls=any-cert
driver = static
}
protocols = imap pop3 lmtp sieve
service auth {
unix_listener auth-userdb {
user = dovecot
}
}
service director {
fifo_listener login/proxy-notify {
mode = 0666
}
inet_listener {
port =
}
unix_listener director-userdb {
mode = 0600
}
unix_listener login/director {
mode = 0666
}
}
service doveadm {
inet_listener {
port =
}
}
service imap-login {
executable = imap-login director
}
service lmtp {
inet_listener ltmp {
address = director2.ehu.es 127.0.0.1
port = 24
}
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0660
user = postfix
}
}
service managesieve-login {
executable = managesieve-login director
vsz_limit = 128 M
}
service pop3-login {
executable = pop3-login director
}
ssl_cert = /etc/ssl/private/dovecot.pem
ssl_key = /etc/ssl/private/dovecot.pem
syslog_facility = local1
userdb {
args = allow_allusers=yes
driver = static
}
protocol lmtp {
auth_socket_path = director-userdb
mail_plugins = sieve
syslog_facility = local2
}
protocol doveadm {
auth_socket_path = director-userdb
}
$ postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
canonical_maps = hash:/etc/postfix/canonical
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
html_directory = no
inet_interfaces = all
inet_protocols = all
local_destination_concurrency_limit = 10
local_recipient_maps = ldap:/etc/postfix/ldap-local-recipients.cf
proxy:unix:passwd.byname $alias_maps
mail_owner = postfix
mailbox_transport = lmtp:inet:localhost:24
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
message_size_limit = 1500
mydestination = ehu.es, mailsever.ehu.es, othermailserver.ehu.es
mydomain = ehu.es
myhostname = director1.ehu.es
mynetworks_style = host
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES
relayhost = [smtp.ehu.es]
sample_directory = /usr/share/doc/postfix-2.6.6/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
unknown_local_recipient_reject_code = 550
Re: [Dovecot] doveadm director status username != doveadm director status username@mailserver
El 17/07/12 13:34, Lee Standen escribió: One thing that stands out to me is the lack of passdb. One of the recommendations I got from the passdb documentation was to override the user field, so the user is always logged in consistently. Without this, BOB, bob and b...@mydomain.com mailto:b...@mydomain.com might all accept auth, but be handled differently! If you configure your passdb, then you'll get some consistency, which will probably fix your director problem. We don't use passdb in the directors because incoming mails have already been checked by postfix, and the final mail server need to check our ldap server for other values, so we check there. Actually, I still feel that I can override some ldap connections if I think about it carefully. Thank you. At the very least, you probably want to lowercase all your usernames.
Re: [Dovecot] doveadm director status username != doveadm director status username@mailserver
El 17/07/12 12:51, Charles Marcus escribió: First, my imap connections/logins show the full username (u...@example.com) in the logs. I'm not using LMTP (yet), but don't think that affects imap logins... Second, since, in a virtual setup, it is very likely that you will have a collision of the local part, shouldn't you be figuring out how to make imap logins use the full u...@example.com instead? We are only serving one domain here, so we have no need for the @domain part in the login, so we are not using it. In the short future we will allow people to connect using their full address, but not for now. Timo's solution was exactly was I was looking for. Thank you.
Re: [Dovecot] Version numbering
IMHO unstable versions should never go into packages/ports trees. And if they
do, they should be clearly marked as unstable (in debian sid there're some of
these: the package names are foobar-unstable).
Anyway, keeping development releases separated from stable ones is compatible
with the linux kernel style numbering.
Aagur.
El Miércoles, 28 de Marzo de 2007 15:23, Jim Trigg escribió:
On Wed, March 28, 2007 3:50 am, Joseba Torre wrote:
Hi,
El Miércoles, 28 de Marzo de 2007 04:55, Eric Rostetter escribió:
Why not just put actual (stable) releases in the releases/ directory,
and
put the unstable releases in another directory (unstable, testing, or
some such).
I think this is the easier way. If it's clear that unstable is unstable
(i.e.:
not to be used in production), version numbering is not a problem.
And what about people using OS packaging/port systems? My preference is
for a) (or as another poster suggested, 1.1{a,b,rc}n).
Jim Trigg
--
Joseba Torre. CIDIR Bizkaia.
Re: [Dovecot] POP3 log in failure after switch to dovecot from Cyrus
0.99 is a really old and unmantained version. You should consider switching to 1.0. Anyway, if you really need staying with that version, this is a working config: protocols = imap imaps pop3 pop3s imap_listen = [::] pop3_listen = [::] ssl_cert_file = /usr/share/ssl/certs/imapd.pem ssl_key_file = /usr/share/ssl/certs/imapd.pem disable_plaintext_auth = no login_dir = /var/run/dovecot-login login = imap login_process_per_connection = yes login = pop3 first_valid_uid = 100 default_mail_env = maildir: %h/Maildir:INDEX=/var/dovecot/%u:CONTROL=/var/dovecot/%u mbox_locks = fcntl auth = default auth_mechanisms = plain auth_userdb = passwd auth_passdb = pam auth_user = root Try fitting it to your client needs, but, again, remember that this is an old an unsupported version. Aaagur. El Viernes, 20 de Abril de 2007 02:13, Stowe Spivey escribió: I can set up and access a dovecot pop3 account using outlook express fine. I can telnet into it fine. However, GFI FaxMaker is failing to log in. I assisted a client in switching his web site, including email from one server (FreeBSD) which was using Cyrus to a Redhat 4.0 server using dovecot version 0.99.11 Here's the listing of dovecot -n: dovecot -n Usage: dovecot [-F] [-c config file] Fatal: Unknown argument: -n The GFI Faxmaker polls the pop3 account every minute so we're getting a lot lf these messages in the log file: Apr 19 19:51:28 server name pop3-login: Aborted login [:::ip address here] Again, I can telnet in to the account from that server. I verified all the log in credentials are correct but it still is failing to log in. Any ideas? -- Joseba Torre. CIDIR Bizkaia. pgpj6C1gukk4f.pgp Description: PGP signature
Re: [Dovecot] INBOX inaccessible
Hi, delete the indexes (.imap.index*) and try again. Anyway, a better idea is upgrading to 1.0; dovecot 0.99 is really old and no longer supported. Aagur. El Jueves, 3 de Mayo de 2007 11:27, Sophie Nicoud escribió: Hi, One of my users can't read message of his Inbox, he can view subject of message with Thunderbird or Squirrelmail and IMAP but when he click on a message in order to read it he has thess messages with Thunderbird : The current command did not succeed. Invalidmessageset: 1181461470:-1181461446. ou 1181461444:* ou 1181461444:-1181461445 with Squirrelmail : SquirrelMail: ERREUR ERREUR: Le serveur IMAP n'a pas trouvé le message requis. La cause probable est que votre liste de messages n'est pas à jour et le message a été déplacé ou supprimé (éventuellement par un autre programme qui utilise la même boîte aux lettres). traduction : IMAP server doesn't find the message Your message list isnt up to day or has been delated or moved With the mail -f command I can read messages and with POP3 protocol and Thunderbird also. Install : dovecot-0.99.11-4.EL4 :-( What can I do ? Thanks Sophie -- Joseba Torre. CIDIR Bizkaia. pgpVpBDlwtGej.pgp Description: PGP signature
Re: [Dovecot] INBOX inaccessible
El Jueves, 3 de Mayo de 2007 14:37, escribió: Joseba Torre a écrit : Hi, delete the indexes (.imap.index*) and try again. I try but it's same :-( Anyway, a better idea is upgrading to 1.0; dovecot 0.99 is really old and no longer supported. :-\ I use the version including in my SL 4.4 distribution I hope there's some RPM somewhere for the 1.0 Sure. Try http://atrpms.net/dist/el4/dovecot/ There's a way to get them using up2date, but ask it in the mailing list, I don't use them. HTH Aaagur. -- Joseba Torre. CIDIR Bizkaia. pgpHDO1u2ye5r.pgp Description: PGP signature
Re: [Dovecot] troubleshooting new dovecot installation
Hi, El Martes, 8 de Mayo de 2007 05:13, Ray escribió: however, when I try to use the login method (that is what the command 1 login username password part is, isn't it?) That seems like an imap command, and I suppose that you're using a pop3 port... Aaagur. -- Joseba Torre. CIDIR Bizkaia. pgpGCge8LdMCl.pgp Description: PGP signature
[Dovecot] Managesieve: first steps
Hi,
I'm trying to get managesieve to work but, as usual, I have some issues...
- First of all, the compilation process after applying the patch is a bit
strange. I've used this way (i'm using centOS 4 for this pre-tests):
$ tar zxvf dovecot-1.0.0.tar.gz
$ cd dovecot-1.0.0
$ gzip -cd ../dovecot-1.0.rc28-MANAGESIEVE-v4.diff.gz | patch -p1
$ autoreconf
(This ends with an error about missing ./ylwrap)
$ automake --add-missing
(This copies ylwrap to ., but fails if executed before autoreconf)
$ autoreconf
$ ./configure make sudo make install
but I'm quite sure that should exist a better way...
- After this, adding
protocols = imap imaps pop3 pop3s managesieve
and
protocol managesieve {
listen = *:2000
login_executable = /usr/local/libexec/dovecot/managesieve-login
mail_executable = /usr/local/libexec/dovecot/managesieve
}
to dovecot.conf, everything seems to work fine (pop3 and imap work as usual,
and I can connect to the managesieve port), but dovecot -n gives no output.
(If I put out managesieve from the protocols, dovecot -n gives the normal
output again). (This output is appended at the end)
- Finally, I'm using Plain as the authentication mechanism, and I've been
unable to connect using kmail or the sieve extension for thunderbird. As I'm
not sure if any of these really work, I'll setup horde for further testing.
Is there anything that I should be aware of?
dovecot -n output:
# /usr/local/etc/dovecot.conf
syslog_facility: local1
protocols: imap imaps pop3 pop3s
listen(default): *:143
listen(imap): *:143
listen(pop3): *:110
ssl_listen(default): *:993
ssl_listen(imap): *:993
ssl_listen(pop3): *:995
ssl_cert_file: /usr/share/ssl/certs/dovecot-beta.pem
ssl_key_file: /usr/share/ssl/certs/dovecot-beta.pem
login_dir: /usr/local/var/run/dovecot/login
login_executable(default): /usr/local/libexec/dovecot/imap-login
login_executable(imap): /usr/local/libexec/dovecot/imap-login
login_executable(pop3): /usr/local/libexec/dovecot/pop3-login
mail_location: maildir:~/Maildir:INDEX=/var/dovecot/%u:CONTROL=/var/dovecot/%u
mmap_disable: yes
mail_executable(default): /usr/local/libexec/dovecot/imap
mail_executable(imap): /usr/local/libexec/dovecot/imap
mail_executable(pop3): /usr/local/libexec/dovecot/pop3
mail_plugins(default): quota imap_quota
mail_plugins(imap): quota imap_quota
mail_plugins(pop3): quota
mail_plugin_dir(default): /usr/local/lib/dovecot/imap
mail_plugin_dir(imap): /usr/local/lib/dovecot/imap
mail_plugin_dir(pop3): /usr/local/lib/dovecot/pop3
pop3_uidl_format(default):
pop3_uidl_format(imap):
pop3_uidl_format(pop3): %v.%u
auth default:
master_user_separator: *
passdb:
driver: passwd-file
args: /usr/local/etc/dovecot-master.conf
master: yes
passdb:
driver: pam
args: blocking=yes
userdb:
driver: passwd
args: blocking=yes
socket:
type: listen
client:
master:
path: /var/run/dovecot/auth-master
plugin:
quota: fs
Thanks.
--
Joseba Torre. CIDIR Bizkaia.
pgpkz85E4vrPW.pgp
Description: PGP signature
Re: [Dovecot] Getting rid of the common newbie problems
Hi, there's no easy way to get rid of newbie problems: right now dovecot is quite a complex software, so configuration is complex. Even more, all the userdb/passdb thing is really powerfull, but also a bit diferent of anything I was used to, so it's normal that people is a bit confused in the begining. Anyway, I'm quite sure that in apache's, postfix's or sendmail's mailing lists there are far more newbie questions than here, and that isn't necesary bad. For me, the easier solution would be an entry in the wiki with well documented common configs: - system users (using pam/passwd) - ldap (with a common conf) - mysql - postgresql There is something similar in http://wiki.dovecot.org/DovecotServerInstallations but there the main goal seems to be the hardware. I have to document my current config in spanish for my job, and it wouldn't be a hard job to translate it to english a upload it somewhere. Aagur. El Martes, 15 de Mayo de 2007 18:40, Timo Sirainen escribió: I think the most common Dovecot newbie problems are: - Not looking at the (correct) logs for errors - Authentication problems - Mail location problems - Mail permission problems Below are some of my ideas how I could stop people from asking these questions with future Dovecot (v1.1+) releases. Suggestions welcome. Distribution people especially should say if they're against some change. -- Joseba Torre. CIDIR Bizkaia. pgphbpigagsJB.pgp Description: PGP signature
Re: [Dovecot] Latest MANAGESIEVE patch -- how to start daemon?
Hi, El Miércoles, 6 de Junio de 2007 10:10, Rene Luria escribió: Hey Joseba, Joseba Torre wrote: first of all: there's a newer version of the patch http://sinas.rename-it.nl/~sirius/dovecot-1.0.rc28-MANAGESIEVE-v4.diff.gz I don't see anything about the proxy stuff in the README or NEWS files... Do you plan to implement it ? I plan nothing at all, I'm not the developer of the patch :) I just try to use it. Agur. -- Joseba Torre. CIDIR Bizkaia. pgpyhwXAniYWg.pgp Description: PGP signature
Re: [Dovecot] Connection dropped by IMAP server _ Internal loginfailure: root
Hi, El Lunes, 11 de Junio de 2007 10:23, Saeed Abbassi escribió: Dear reader, Please help me find a way through this problem, I have CentOS 4.2, dovecot-0.99.11-4.EL4, squirrelmail-1.4.8, While I try to log in as Root (username: root; password: password) I get the error that says, 1st of all: 0.99 is really old and unsopported. Try getting a new version (for example at atrpms.net) 2nd: IMO, reading mail as root is a really bad idea. You should redirect it to another non-system user. 3rd: Surely you haven't changed #first_valid_uid = 500 Try changing it. Aaaagur. -- Joseba Torre. CIDIR Bizkaia. pgpJlo1KdwhAU.pgp Description: PGP signature
[Dovecot] NFS and Filesystem quota
Hi, I've recently moved my mailboxes to a NFS share (on an emc Celerra), and, as expected, the quota extensions no longer works. However, I've read that adding http://dovecot.org/patches/quota-rquotad.c to $DOVECOT/src/plugins/quota, adding a line to $DOVECOT/src/plugins/quota/Makefile.am and rebuilding, it should work again. Unfortunately, it doesn't compile in my RHEL 4.0: /usr/bin/gcc4 -DHAVE_CONFIG_H -I. -I. -I../../.. -I../../../src/lib -I../../../src/lib-dict -I../../../src/lib-index -I../../../src/lib-mail -I../../../src/lib-storage -I../../../src/lib-storage/index -I../../../src/lib-storage/index/maildir -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -I/usr/kerberos/include -MT quota-rquotad.lo -MD -MP -MF .deps/quota-rquotad.Tpo -c quota-rquotad.c -fPIC -DPIC -o .libs/quota-rquotad.o quota-rquotad.c: In function 'debugmsg': quota-rquotad.c:50: warning: implicit declaration of function 'i_vinfo' quota-rquotad.c: In function 'rquotad_quota_add_storage': quota-rquotad.c:90: error: storage size of 'statbuf' isn't known quota-rquotad.c:97: warning: implicit declaration of function 'statfs' quota-rquotad.c:99: error: 'MNT_LOCAL' undeclared (first use in this function) quota-rquotad.c:99: error: (Each undeclared identifier is reported only once quota-rquotad.c:99: error: for each function it appears in.) quota-rquotad.c:104: error: 'MNAMELEN' undeclared (first use in this function) quota-rquotad.c:90: warning: unused variable 'statbuf' quota-rquotad.c: At top level: quota-rquotad.c:225: warning: initialization from incompatible pointer type quota-rquotad.c: In function 'rquota_get': quota-rquotad.c:256: warning: dereferencing type-punned pointer will break strict-aliasing rules quota-rquotad.c:267: warning: passing argument 3 of 'clnt-cl_ops-cl_call' from incompatible pointer type quota-rquotad.c:267: warning: passing argument 4 of 'clnt-cl_ops-cl_call' from incompatible pointer type quota-rquotad.c:267: warning: passing argument 5 of 'clnt-cl_ops-cl_call' from incompatible pointer type quota-rquotad.c:267: warning: passing argument 6 of 'clnt-cl_ops-cl_call' from incompatible pointer type quota-rquotad.c: In function 'rquotad_quota_root_update': quota-rquotad.c:275: error: storage size of 'statfsbuf' isn't known quota-rquotad.c:291: error: 'MNT_LOCAL' undeclared (first use in this function) quota-rquotad.c:275: warning: unused variable 'statfsbuf' make[4]: *** [quota-rquotad.lo] Error 1 make[4]: Leaving directory `/home/lgstosej/dovecot/dovecot-1.0.1/src/plugins/quota' make[3]: *** [all-recursive] Error 1 make[3]: Leaving directory `/home/lgstosej/dovecot/dovecot-1.0.1/src/plugins' make[2]: *** [all-recursive] Error 1 make[2]: Leaving directory `/home/lgstosej/dovecot/dovecot-1.0.1/src' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/home/lgstosej/dovecot/dovecot-1.0.1' make: *** [all] Error 2 Any help? Is there any plan to have official support for this? Aagur. -- Joseba Torre. CIDIR Bizkaia. pgpSB6p0Dn5PG.pgp Description: PGP signature
Re: [Dovecot] RFE: please include quota waning patch
El Lunes, 30 de Julio de 2007 10:57, Mike Brudenell escribió: (I've made a patch which I'm using for this on v1.0.2 at present, but am hoping it'll be officially supported in v1.1) Could you share it please? As previously reported, the official patch is not working right now. Aaagur. -- Joseba Torre. CIDIR Bizkaia. pgp6kLx0P9nUr.pgp Description: PGP signature
Re: [Dovecot] Some of my IMAP Folders vanished in some MUAs
Hi, it may be a susbscription problem, with the old clients showing all the folders and the new ones showing only the subscribed ones. See if you can subscribe to the missing folders, or change the default setting to show all folders. Aagur. El Viernes, 3 de Agosto de 2007 09:44, Dominik Schulz escribió: Hi, I'm using dovecot for some time now. Previously I was using Courier and I've migrated this setup to dovecot which went pretty fine. Now I'm experiencing some strange behaviour when using some newer mail clients. Some of my Folders, like spam, are vanished. The strange point is that it only happens in some clients, like Thunderbird 2.x+ or KMail 3.5.x. In others, like Thunderbird 2, Mutt or my Webmailer (Horde) they still show up. These folders are still there, i.e. in the filesystem, and the permissions seem to match those of the other folders which can be seem in all MUAs. I don't know if this is even related to dovecot but I think this is where I should start looking for an solution. I'm using dovecot 1.0.rc15 from Debian (stable/etch). It'd be great if anyone was able to help me. Thanks in advance. Best Regrads Dominik Schulz -- Joseba Torre. CIDIR Bizkaia. pgpJnQS4Y9K9e.pgp Description: PGP signature
Re: [Dovecot] dovecot IMAPS + kmail
Hi, maybe there's something else in your setup. I surely can use imap sub-folders with kmail 1.9.7 and dovecot 1.0 HTH El Wednesday 26 September 2007 15:20:10 Timothy Murphy escribió: On Wed 26 Sep 2007, Timothy Murphy wrote: I notice that kmail does not allow an IMAP sub-folder to be created (from an IMAPS client). Sorry, while that was true I find I can create IMAP sub-folders when I run KMail on the desktop holding the IMAP emails. -- Joseba Torre. CIDIR Bizkaia. signature.asc Description: This is a digitally signed message part.
Re: [Dovecot] dovecot IMAPS + kmail
Hi, I'm running kmail as an imaps client, and sure, I can create subfolders -in any of the imap servers i run-. I can also create subfolders with thunderbird -also, as an imap client- and use them with kmail, and viceversa. HTH El Wednesday 26 September 2007 20:19:34 Timothy Murphy escribió: On Wed 26 Sep 2007, Joseba Torre wrote: maybe there's something else in your setup. I surely can use imap sub-folders with kmail 1.9.7 and dovecot 1.0 The question was not if I could use them, but if I could _create_ them (sub-folders). As I mentioned, I can create them if I run kmail on my desktop. There is then no problem accessing these folders on my laptop client. Can you create sub-folders on an IMAP client? I notice that kmail does not allow an IMAP sub-folder to be created (from an IMAPS client). Sorry, while that was true I find I can create IMAP sub-folders when I run KMail on the desktop holding the IMAP emails. -- Joseba Torre. CIDIR Bizkaia. signature.asc Description: This is a digitally signed message part.
Re: [Dovecot] In-site migration from /etc/passwd to LDAP
Maybe you need to setuid deliver? Aagur. El Wednesday 03 October 2007 06:18:47 Maykel Moya escribió: I'm doing in-site migration of accounts from /etc/passwd to an LDAP directory. The migration should be progressive (not all users at the same time). I'm already able to check mail for accounts in /etc/passwd and accounts in LDAP. The problem is with mail delivery. I'm using Postfix + Dovecot-LDA. This is the error I get with every delivery -- dovecot: Oct 03 00:16:09 Info: auth(default): master in: USER 1 moyaservice=deliver dovecot: Oct 03 00:16:09 Info: auth(default): ldap(moya): user search: base=ou=users,dc=sld,dc=cu scope=subtree filter=((objectClass=posixAccount)(uid=moya)) fields=sldMailbox,uidNumber dovecot: Oct 03 00:16:09 Info: auth(default): master out: USER 1 moyahome=/srv/vmail/m/moya/ uid=29174 gid=101 deliver(moya): Oct 03 00:16:09 Fatal: setuid(29174) failed: Operation not permitted -- 29174 is the uid for moya, is the same in /etc/passwd or in LDAP via posixAccount class. Any advise please? Regards, maykel -- Joseba Torre. CIDIR Bizkaia. signature.asc Description: This is a digitally signed message part.
Re: [Dovecot] Operations error with AD connections
El Friday 19 October 2007 13:35:06 Maarten Vanraes escribió: thanks for the info, but that's what the rhel5 uses at this time... so it can't be that old. Well, with RedHat it can actually be that old. RHEL4 -which is still supported- still uses 0.99, that is something like 4 or 5 years old. Not only that, it can also use a surprisingly confusing version number. Right now, package's name is dovecot-1.0-1.2.rc15. What's this? 1.0-rc15? In order to know the exact version you're running, run dovecot --version. Aagur. i may have typed an error, and it might be 1.0.3-beta3 thanks Op vrijdag 19 oktober 2007 13:15, schreef Charles Marcus: On 10/18/2007, Maarten Vanraes ([EMAIL PROTECTED]) wrote: dovecot version: 1.0.beta3 This is almost two YEARS old... Personally, I wouldn't waste my time trying to debug it. Update to a recent release version, but be sure to read the release notes... -- Joseba Torre. CIDIR Bizkaia. signature.asc Description: This is a digitally signed message part.
Re: [Dovecot] RHEL 5.1 Can't compile with --with-linux-quota
I don't use this right now, but I used to configure with ./configure --with-linux-quota=2 Have you tried this? Aagur. El Friday 16 November 2007 11:48:36 Laurent PELLISSIER escribió: Hi, On a freshly installed RedHat RHEL 5.1 x86 with quota-3.13-1.2.3.2.el5.rpm I can't compile neither dovecot 1.0.7 nor 1.1beta8 : $ ./configure --with-linux-quota make [...] gcc -DHAVE_CONFIG_H -I. -I. -I../../.. -I../../../src/lib -I../../../src/lib-dict -I../../../src/lib-index -I../../../src/lib-mail -I../../../src/lib-storage -I../../../src/lib-storage/index -I../../../src/lib-storage/index/maildir -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -Wstrict-aliasing=2 -I/usr/kerberos/include -MT quota-fs.lo -MD -MP -MF .deps/quota-fs.Tpo -c quota-fs.c -fPIC -DPIC -o .libs/quota-fs.o quota-fs.c: In function 'fs_quota_get_linux': quota-fs.c:442: error: 'yes' undeclared (first use in this function) quota-fs.c:442: error: (Each undeclared identifier is reported only once quota-fs.c:442: error: for each function it appears in.) make[4]: *** [quota-fs.lo] Error 1 make[4]: leaving directory « /home/kermit/dovecot-1.1.beta8/src/plugins/quota » $ make distclean ./configure --without-linux-quota make - same error $ make distclean ./configure --disable-linux-quota make - compile fine Best regards, -- Joseba Torre. CIDIR Bizkaia. signature.asc Description: This is a digitally signed message part.
Re: [Dovecot] Imap and quota problem
Hi, you should put indexes in a filesystem without quotas. Something like: mail_location = maildir:~/Maildir:INDEX=/var/dovecot/%u:CONTROL=/var/dovecot/%u where /var/dovecot/ doesn't use quotas. Agur. El Wednesday 05 December 2007 10:56:03 Najib Abi Fadel escribió: Hi everyone, i am using dovecot 1.0 as IMAP and i am facing the following problem: when a user is overquota he is unable to access his account and thus he can't delete emails ! Is there any workaround for this problem ? thanks for any help. ___ _ Never miss a thing. Make Yahoo your home page. http://www.yahoo.com/r/hs -- Joseba Torre. CIDIR Bizkaia. signature.asc Description: This is a digitally signed message part.
Re: [Dovecot] Imap and quota problem
Hi, El Wednesday 05 December 2007 12:06:16 Najib Abi Fadel escribió: Are indexes temporary files ? Should i migrate anything in my existing setup ! If you are using an Imap only setup, I think that you have no need to migrate anything; all the needed files will be recreated when needed in the new location. But this may cause a little overhead on the system, so if your system is big, migrating the files may help. If you are using also POP3, and if some users use the leave messages on server thing, you need to migrate the dovecot-uidlist files, or they will download all their messages again. Nad finally should i create a directory for every user in /var/dovecot/ ? Yes, and they should be owned by the users. Here you have an example from my setup: $ find /var/dovecot/lgstosej/ /var/dovecot/lgstosej/ /var/dovecot/lgstosej/.INBOX /var/dovecot/lgstosej/.INBOX/.imap.index /var/dovecot/lgstosej/.INBOX/.imap.index.data /var/dovecot/lgstosej/.INBOX/.customflags /var/dovecot/lgstosej/.INBOX/dovecot.index.log.2 /var/dovecot/lgstosej/.INBOX/dovecot.index.log /var/dovecot/lgstosej/.INBOX/dovecot-uidlist /var/dovecot/lgstosej/.INBOX/.imap.index.tree /var/dovecot/lgstosej/.INBOX/dovecot.index /var/dovecot/lgstosej/.INBOX/dovecot.index.cache /var/dovecot/lgstosej/.INBOX/dovecot-keywords /var/dovecot/lgstosej/.INBOX/.imap.index.log /var/dovecot/lgstosej/.sent-mail /var/dovecot/lgstosej/.sent-mail/dovecot.index.log /var/dovecot/lgstosej/.sent-mail/dovecot.index /var/dovecot/lgstosej/.sent-mail/dovecot.index.cache /var/dovecot/lgstosej/.sent-mail/dovecot-uidlist /var/dovecot/lgstosej/dovecot-uidlist /var/dovecot/lgstosej/.customflags /var/dovecot/lgstosej/subscriptions /var/dovecot/lgstosej/.Trash /var/dovecot/lgstosej/.Trash/dovecot.index.log /var/dovecot/lgstosej/.Trash/.imap.index /var/dovecot/lgstosej/.Trash/dovecot.index /var/dovecot/lgstosej/.Trash/dovecot.index.cache /var/dovecot/lgstosej/.Trash/dovecot-uidlist /var/dovecot/lgstosej/.Trash/dovecot-keywords /var/dovecot/lgstosej/.Trash/.imap.index.data /var/dovecot/lgstosej/.Trash/.customflags /var/dovecot/lgstosej/.Trash/.imap.index.tree /var/dovecot/lgstosej/.Trash/.imap.index.log HTH -- Joseba Torre. CIDIR Bizkaia. signature.asc Description: This is a digitally signed message part.
Re: [Dovecot] Automatic Index Generation
El Thursday 06 December 2007 13:35:26 Maciej Poszywak escribió: My other option is to write a script which will log as each user and create indexes, however this seems a bit of painful way to do it. That's almost the way I did; using a master user is quite simple, and even if it's no optimal, I did going into production, so time was not an issue. I used the attached perl script, where $pop3_password is the password for the master user /home/lgstosej/tmp/passwd is a copy of /etc/passwd HTH -- Joseba Torre. CIDIR Bizkaia. crea_indices.pl Description: Perl program signature.asc Description: This is a digitally signed message part.
Re: [Dovecot] Question about lda auth_socket_path
El Wednesday 12 January 2011, Jahnke-Zumbusch, Dirk dirk.jahnke-
zumbu...@desy.de dijo:
userdb {
driver = static
args = uid=104 gid=104 home=/some/path/%u
}
If static is the only userdb, dovecot has no way to know if a user exists or
not when doing delivery (no auth/passdb involved). So delivery will fail
unless you explicitly tell him to accept every user with allow_all_users=yes.
What's wrong with that?
--
Joseba Torre. Vicegerencia de TICs, área de Explotación
[Dovecot] Small error in the wiki
Hi, in http://wiki2.dovecot.org/Quota/Configuration, the example script that sends an email to the user uses the -o option to dovecot-lda that doesn't exists. HTH -- Joseba Torre. Vicegerencia de TICs, área de Explotación
Re: [Dovecot] Small error in the wiki
El Thursday 13 January 2011, Timo Sirainen t...@iki.fi dijo: On 13.1.2011, at 18.12, Joseba Torre wrote: in http://wiki2.dovecot.org/Quota/Configuration, the example script that sends an email to the user uses the -o option to dovecot-lda that doesn't exists. Yes it does.. Why do you think it doesn't? Because it doesn't appear in the man page, and I misread the output of dovecot-lda -o. I've also noted that if it's removed from the example it stops working. Sorry for the noise. -- Joseba Torre. Vicegerencia de TICs, área de Explotación
Re: [Dovecot] Can't get it working
El Tuesday 25 January 2011, llwy...@suddenlink.net dijo: But it shows nothing in the log files except it's running. Here's the log and other info: Maybe you're looking at the wrong file. With doveadm log find you'll get the actual log files. HTH -- Joseba Torre. Vicegerencia de TICs, área de Explotación
Re: [Dovecot] dovecot: imap-login: Error: net_connect_unix(imap) failed: Resource temporarily unavailable
El Tuesday 01 February 2011, Kurt Hockenbury khock...@stevens.edu dijo: That's what is shipping with RHEL 6. We've been trying to keep the system as close to stock RH as possible, to make support easier. We are in a similar situation (using RH and not moving too much from that), but using an up to date version of dovecot. After all, when you are having problems with dovecot you're not calling redhat for support. If you're coming to this list, it makes more sense to use the version this list recommends. HTH -- Joseba Torre. Vicegerencia de TICs, área de Explotación
[Dovecot] Improving lmtp performance
Hi, yesterday I migrated and old version with sendmail + courier to a virtual machine (vmware) with postfix and dovecot 2.0.9. Everything worked fine, but with a more or less default setup for both dovecot and postfix, lmtp performance was pretty bad: a message was written to an inbox every 2 or 3 seconds. With that rate and a 5000+ and growing mail queue mail delivery was really slow. After searching both the wiki and this list I didn't find anything related to this. I tried a couple of things, and finally added process_min_avail = 10 to service lmtp entry in 10-master.conf and local_destination_concurrency_limit = 10 in postfix's main.cf Now mail delivery is really fast, and my mail queue was delivered in a very sort time. Is this the right solution, or there's a better setup to improve mail delivery performance? Also, if this is a common problem, may be something should appear in http://wiki2.dovecot.org/LMTP Thanks. -- Joseba Torre. Vicegerencia de TICs, área de Explotación
Re: [Dovecot] Splitting up mail_location setting?
El Tuesday 01 February 2011, Timo Sirainen t...@iki.fi dijo: Below are the setting names I thought about using: a) mail_location = maildir:~/Maildir:INBOX=~/Maildir/.INBOX:INDEX=~/indexes:CONTROL=~/control :LAYOUT=fs:SUBSCRIPTIONS=courier-subscriptions mail_format = maildir mail_root_path = ~/Maildir mail_inbox_path = ~/Maildir/.INBOX mail_index_path = ~/indexes mail_control_path = ~/control mail_directory_layout = fs mail_subscriptions_fname = courier-subscriptions b) mail_location = mdbox:~/mdbox:ALT=/alt/%u:LAYOUT=fs:DIRNAME=dbox-Mails:MAILBOXDIR=mailboxe s mail_format = mdbox mail_root_path = ~/mdbox mail_alt_path = /alt/%u mail_dir_name = dbox-Mails mail_mailboxes_dir_name = mailboxes Thoughts? Personally, I like the current setting. For me, if the current setting is misunderstood sometimes, the proposed one with two overlapping settings for the same attribute, with values sometimes read from external BBDD sounds pretty error prone. Maybe call mail_location advanced setup and the other ones basic setup, and make them mutually exclusive (I mean something like: if mail_format is used only mail_* attributes are used, and if it's not only mail_location). Otherwise very strange problems may appear. Bye. -- Joseba Torre. Vicegerencia de TICs, área de Explotación
Re: [Dovecot] Improving lmtp performance
El Thursday 03 February 2011, Stan Hoeppner s...@hardwarefreak.com dijo:
You've posted no log data. It's pretty difficult to diagnose problems
without log entries. Do you just want us to guess?
Yes, I now may mail was pretty vague, but so was the issue. I posted no logs
because I saw nothing really useful in them; the only sympton was the slow
delivery rate.
Postfix's was full of messages going to the active queue
Feb 1 12:43:20 server1 postfix/qmgr[8916]: ED7236CDC1:
from=nore...@mydomain.com, size=8314, nrcpt=1 (queue active)
Feb 1 12:43:21 server1 postfix/smtpd[9427]: 289306CDC3:
client=lgux66.lgp.mydomain.com[10.0.100.71]
Feb 1 12:43:21 server1 postfix/cleanup[12768]: 289306CDC3: message-
id=moodlepost24...@moodle2.mydomain.com
Feb 1 12:43:21 server1 postfix/qmgr[8916]: 289306CDC3:
from=nore...@mydomain.com, size=8313, nrcpt=1 (queue active)
and some occasional delivery
Feb 1 12:43:23 server1 postfix/lmtp[9549]: 0C5866CF37:
to=cdmorales...@server1.mydomain.com,
relay=server1.mydomain.com[/var/spool/postfix/private/dovecot-lmtp],
delay=854, delays=37/668/140/9.8, dsn=2.0.0, status=sent (250 2.0.0
cdmorales...@server1.mydomain.com upb1FNftR03cIgAAl0Wliw Saved)
or delivery error
Feb 1 12:43:21 server1 postfix/lmtp[9554]: 1C2946CF92:
to=aanton...@server1.mydomain.com,
relay=server1.mydomain.com[/var/spool/postfix/private/dovecot-lmtp],
delay=815, delays=1.6/664/141/8
.9, dsn=4.2.2, status=SOFTBOUNCE (host
server1.mydomain.com[/var/spool/postfix/private/dovecot-lmtp] said: 552 5.2.2
aanton...@server1.mydomain.com Quota exceeded (mailbox for user is full) (
in reply to end of DATA command))
(softbounce was activated to prevent bounces because of misconfigurations)
Dovecot's was as usual, with some
Feb 1 13:18:09 server1 dovecot: lmtp(8924, llasa...@server1.mydomain.com):
ArX1FNftR03cIgAAl0Wliw: msgid=CDPMA-WI015feT9L0Yd00060a97@CDPMA-
WI01.infoempleo.com: saved mail to INBOX
Feb 1 13:18:22 server1 dovecot: lmtp(8924, aarruti...@server1.mydomain.com):
FbX1FNftR03cIgAAl0Wliw: msgid=moodlepost24...@moodle2.mydomain.com: saved
mail to INBOX
Feb 1 13:18:23 server1 dovecot: lmtp(8924, jlopez...@server1.mydomain.com):
E7X1FNftR03cIgAAl0Wliw: msgid=moodlepost24...@moodle2.mydomain.com: saved
mail to INBOX
(this was the actual delivery rate: in this case, 3 messages in 14 secs)
My question was if this is the expected behavior, or if lmtp was expected to
behave a lot better with just 1 process (that was what I expected, at least),
and if my solution was usual or at least correct. It was not a practical
question -my system is working fine now-, but a more teorical one. I was
expecting answers like
I'm using a very simple conf for lmtp in a busy server, something similar to
protocol lmtp {
mail_plugins = quota sieve
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0660
user = postfix
}
}
and it's working fine for me, so look in other place.
Also, if this is a common problem, may be something should appear in
http://wiki2.dovecot.org/LMTP
That's a bit premature. The problem could just as likely be a Postfix
configuration error. Get us some logs from both Postfix and Dovecot for
the previous configuration with the slow performance.
I agree. That's why a say if this is a common problem.
Are both Postfix and Dovecot running in the same VM guest OS instance or
two separate VM guests? Are you running elaborate Sieve scripts? Are you
running AV/AS in Dovecot? Anything relatively CPU heavy in Dovecot on a
per message basis?
Yes, everything was in the same VM guest, no elaborated sieve scripts that I
know (I've just recreated them with horde's ingo, and I'm sure they are quite
basic), no AV/AS, and system's load was normal, with some i/o wait, but in my
experience this is usual in VM guests.
Thanks.
--
Joseba Torre. Vicegerencia de TICs, área de Explotación
Re: [Dovecot] disabling outgoing mail ?
El Thursday 03 February 2011, Per Jessen p...@computer.org dijo: We're using roundcube as a method of access to a read-only email archive served via imap/dovecot. I was thinking of disabling outgoing mails by fiddling with the roundcube code, but thought it might be possible to disable the outgoing functionality from dovecot? Dovecot has no outgoing functionality, that's done with a mta (sendmail, postfix, exim, ...). I don't know roundcube, but I guess it will have a configuration file, and there there will be an smtp server line o something like that; surely, if you left it blank or with an incorrect value mail delivery will not work. Bye, -- Joseba Torre. Vicegerencia de TICs, área de Explotación
Re: [Dovecot] Ldap and secondary PosixGroups
El Thursday 03 February 2011, Matthieu Ambrosy matthieu.ambr...@gmail.com dijo: I'm using Pam Ldap for my users (Debian Lenny). getent passwd : *m.ambrosy:x:2000:100:m.ambrosy:/home/m.ambrosy:/bin/bash* getent group : *l_admin:*:2000:m.ambrosy l_personnel:*:2001:m.ambrosy l_mail:*:2003:m.ambrosy* As you can see, in LDAP, user m.ambrosy (PosixAccount) is defined with gidNumber = 100 (local group users) and uidNumber = 2000. Furthermore this user belongs to 3 secondary Ldap PosixGroup (l_admin 2000, l_personnel 2001, l_mail 2003). If /var/mail belongs to the primary group (100), no problem. If /var/mail belongs to l_mail (2003) : *mkdir(/var/mail/m.ambrosy) failed: Permission denied (euid=2000(m.ambrosy) egid=100(users) missing +w perm: /var/mail, euid is not dir owner* In fact, Dovecot seems to not see secondary groups for my user. It just checks the primary group (gidNumber). If I modify my Ldap user like this, getent passwd : *m.ambrosy:x:2000:2003:m.ambrosy:/home/m.ambrosy:/bin/bash *It works fine but my l_mail group must be secondary (like an option for some users), not the primary gidNumber. Can I do it in the conf file?* One more flexible solution can be using direct ldap for dovecot instead of pam. It may be easier if you posted your actual setup, but I guess that if you check if the user is member of the l_mail group in the pass_filter, and then force 2003 as the gid in the userdb everything should work, Bye, -- Joseba Torre. Vicegerencia de TICs, área de Explotación
Re: [Dovecot] dsync problem
El Wednesday 09 February 2011, Frank Bonnet f.bon...@esiee.fr dijo: hello I try to convert from mbox to mdbox using dsync i get the followin error using the following command dsync mirror -u toto mbox:/user/toto:INBOX=/var/mail/toto I get this error message : mail3# dsync mirror -u toto mbox:/user/toto:INBOX=/var/mail/toto dsync(root): Fatal: execvp(-u) failed: No such file or directory dsync-local(root): Error: read() from worker server failed: EOF Have you tried dsync -u toto mirror mbox:/user/toto:INBOX=/var/mail/toto -- Joseba Torre. Vicegerencia de TICs, área de Explotación
Re: [Dovecot] Quotas from LDAP
On Wednesday 23 February 2011 00:55:05 Sven Hartge wrote: Given the following object: dn: uid=foo,ou=bar quotaBytes: 1 quotaBytes: 1000 As I see it, this is a desigh error; quotaBytes should be a single valued attribute (like uid), not a multivalued on (like mail). So, if someone tries to load a second value he'll get an error at that moment. HTH -- Joseba Torre. Vicegerencia de TICs, área de Explotación
Re: [Dovecot] Dovecot 2.X, built from source, no extensions?
On Thursday 10 March 2011 17:14:05 Enright, Mike wrote: # telnet localhost imap Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN] Dovecot ready. 1 capability * CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN 1 OK Capability completed. If you log in you'll see the actual capability list: $ telnet localhost 143 Trying ::1... Connected to localhost. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN] Dovecot ready. 1 login test test_passwd 1 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS QUOTA] Logged in -- Joseba Torre. Vicegerencia de TICs, área de Explotación
Re: [Dovecot] Dovecot-2.0.11 searches in all LDAP directory
On Saturday 26 March 2011 20:36:21 Басов Евгений wrote: Dovecot authenticate with password1 for uid from ou=Mail and for some uid from ou=Users. It should not be. Maybe the password in the ou=Users matches the pam password? Maybe pam is checking ldap? This could also explain why sometimes the home is not set correctly. If not needed, remove the pam passdb and the passwd userdb and check again. HTH -- Joseba Torre. Vicegerencia de TICs, área de Explotación
Re: [Dovecot] Sieve: unknown tagged argument ':create' for the fileinto command
error: unknown tagged argument ':create' for the fileinto command (reported only once at first occurence). My sieve script: require [date, variables, fileinto]; You need to add mailbox http://tools.ietf.org/html/rfc5490#section-3.2 HTH -- Joseba Torre. Vicegerencia de TICs, área de Explotación
Re: [Dovecot] Quota has none effect
On Sunday 03 April 2011 18:23:37 Jim Knuth wrote:
protocol imap {
imap_client_workarounds =
mail_fsync = never
mail_plugins = autocreate quota imap_quota trash
}
plugin {
trash = /etc/dovecot/dovecot-trash.conf.ext
}
protocol pop3 {
mail_fsync = never
mail_plugins = quota trash
pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
pop3_lock_session = yes
pop3_uidl_format = %v-%u
}
protocol lda {
mail_fsync = optimized
mail_plugins = $mail_plugins sieve
postmaster_address = postmas...@art-domains.de
}
If I read this correctly, you're only using the quota plugin for imap and
pop3, and not for anything else, lda included. Try adding a line like
mail_plugins = quota
in 10-mail.conf
--
Joseba Torre. Vicegerencia de TICs, área de Explotación
Re: [Dovecot] Quota has none effect
On Monday 04 April 2011 11:01:40 Jim Knuth wrote: sorry, but that`s IMHO not right. Take a look at $mail_plugins. There is also defined quota In your dovecot -n output mail_plugins are only defined inside the protocol parts. So, when inside protocol lda you write mail_plugins = $mail_plugins sieve $mail_plugins is empty. Again, try setting it in 10-mail.conf and check if it solves your issue. -- Joseba Torre. Vicegerencia de TICs, área de Explotación
Re: [Dovecot] .dovecot.sieve as Mailbox
On Tuesday 12 April 2011 14:08:20 Francisco Wagner C. Freire wrote: I current using maildir and mail location is: *mail_location = maildir:%h:INDEX=%h/cache* Any tip to hide this to users? You should use a separated home and mailbox. Something like mail_location = maildir:%h/Maildir:INDEX=%h/cache Otherwise this kind of things will happen. HTH -- Joseba Torre. Vicegerencia de TICs, área de Explotación
Re: [Dovecot] Forwarding loop
On Martes 03 Mayo 2011 23:43:30 Jason Schulz escribió: Just a shot in the dark, but perhaps something changed in your gmail filtering rules? This has happened to some of my users before. For some unknown reason, the Resend a copy of the incoming e-mail [1] gets activated every now and then, and this is the mail reason for my Mail forwarding loop issues. HTH [1] Or something like that, I use gmail in spanish -- Joseba Torre. Vicegerencia de TICs, área de Explotación
Re: [Dovecot] Dovecot Solutions company
On Viernes 13 Mayo 2011 14:09:10 Timo Sirainen escribió: I recently created Dovecot Solutions Oy (Ltd) company with two other guys. We sell Dovecot support, development, etc. I was planning on announcing this only after we get an actual web site, but since I already told about it in Linuxtag today, I might as well tell everyone. The upcoming web site should have some more details, but if you already know you want to buy something, let me know. :) Congratulations. Hope you earn tons of money :) -- Joseba Torre. Vicegerencia de TICs, área de Explotación
[Dovecot] Fwd: Re: Dovecot Solutions company
I supposse this was directed to the list -- Joseba Torre. Vicegerencia de TICs, área de Explotación ---BeginMessage--- On Fri, May 13, 2011 11:27 pm, Joseba Torre wrote: On Viernes 13 Mayo 2011 14:09:10 Timo Sirainen escribió: I recently created Dovecot Solutions Oy (Ltd) company with two other guys. We sell Dovecot support, development, etc. I was planning on announcing this only after we get an actual web site, but since I already told about it in Linuxtag today, I might as well tell everyone. The upcoming web site should have some more details, but if you already know you want to buy something, let me know. :) Congratulations. Hope you earn tons of money :) ditto All the best in your venture! -- Voytek ---End Message---
Re: [Dovecot] Admin access to shared mailboxes
On Martes 31 Mayo 2011 01:16:25 Daniel Miller escribió: Having enabled shared mailboxes - is there a way to provide access to all users' mailboxes by a given user? Instead of having to manually provide ACL rights to every mailbox of every user? http://wiki2.dovecot.org/Authentication/MasterUsers -- Joseba Torre. Vicegerencia de TICs, área de Explotación
Re: [Dovecot] diacritic marks in password
On Miércoles 15 Junio 2011 21:11:13 Charles Marcus escribió: On 2011-06-15 3:05 PM, pch0317 wrote: I have dovecot 2.0.beta6 snip What can I do? Upgrade (2.0b6 is WAY too old to even think about trying to debug), then if you're still having problems come back again and provide your config details and maybe some logs of a failed auth attempt... It's not even the current version in RH; now it's 2.0.9. -- Joseba Torre. Vicegerencia de TICs, área de Explotación
Re: [Dovecot] debug user's message retrieval
On Viernes 09 Septiembre 2011 04:36:13 Костырев Александр Алексеевич escribió: I forgot to mention that when I go to user's directory there's no letters at all. On Fri, 2011-09-09 at 13:30 +1100, Костырев Александр Алексеевич wrote: Hi there! Is there any method to log user's activity with pop3 service? I'll try to explain situation: In maillog I saw that my dovecot lmtp saved four letters in user's mailbox. After a while I got a call from that user saying that he received nothing. Is there any method to log that that user RETR every single letter, maybe with full names of letter's id or something like that? The default pop3 log is enough for me: Sep 9 05:46:37 server1 dovecot: POP3(user1): Disconnected: Logged out top=0/0, retr=1/41706, del=1/1, size=41685 This means that user1 received 1 message, deleted 1 message, and total downloaded size was 41685. Don't you have a similar line for your user? -- Joseba Torre. Vicegerencia de TICs, área de Explotación
Re: [Dovecot] Multiple LDAP authentication servers
On Lunes 03 Octubre 2011 16:29:39 Romer Ventura escribió:
Is there any way to get dovecot to try a second LDAP server if the first
one fails to authenticate..?
Sure; just add a second passdb (maybe you also need a second userdb) pointing
to the other server. Something like
passdb ldap {
args = /usr/local/etc/AD.conf
}
passdb ldap {
args = /usr/local/etc/second.conf
}
HTH
--
Joseba Torre. Vicegerencia de TICs, área de Explotación
Re: [Dovecot] Multiple LDAP authentication servers
On Lunes 03 Octubre 2011 17:34:47 Romer Ventura escribió: So you are saying I can define multiple passdb and userdb, each pointing to a different ldap config file? That's it. You may define as many as you need, and each one is independent. If the 1st one fails dovecot will try the 2nd one, then the 3rd one and so on. -- Joseba Torre. Vicegerencia de TICs, área de Explotación
[Dovecot] mail_location in LDAP and variables
Hi, Is it posible to use variables in mail_location when taken from ldap? How? I've tried mdbox:/buzones2/'%n'/mdbox mdbox:/buzones2/%n/mdbox mdbox:/buzones2/%n/mdbox but %n is never replaced by its value. Thanks! -- Joseba Torre. Vicegerencia de TICs, área de Explotación
Re: [Dovecot] lmtp performance
On Lunes 17 Octubre 2011 16:31:01 Juan Carlos Sanchez escribió: A particular reply (not to the list) has told me to try: Add to service lmtp: process_min_avail = 20 And yes, it works (unless for me), so I want to share it with everybody. Have not exactly measured performance but this morning have seen over 1400 messages/minute with lmtp under heavy load. What the process_min_avail = 20 in service lmtp (or anywhere else) exactly imply? cannot find a reference in wiki2 . I suppose it means than 20 lmtp processes are always open waiting for new connections and so reducing startup latency, isn't it? I had a similar problem, and found the same solution. In my setup, only 1 lmtp process was available and a 2nd one never was created, so the process was really busy. With this parameter (I setup it to 10) I have diferent process and all of them are used. -- Joseba Torre. Vicegerencia de TICs, área de Explotación
Re: [Dovecot] mail_location in LDAP and variables
On Martes 18 Octubre 2011 16:46:28 Timo Sirainen escribió: On Mon, 2011-10-17 at 12:12 +0200, Joseba Torre wrote: Hi, Is it posible to use variables in mail_location when taken from ldap? How? I've tried mdbox:/buzones2/'%n'/mdbox mdbox:/buzones2/%n/mdbox mdbox:/buzones2/%n/mdbox but %n is never replaced by its value. Where exactly are you trying to use this? It should get expanded. As usual, it was me trying to be a lot more complicated than needed :) I was thinking about storing the mail_location in an standard way in ldap, so that everybody in LDAP has something like irisMailbox= mdbox:/buzones/%256Hn/%n/mdbox This doesn't work, but doesn't make much sense either. (It does if used in the generic mail_location, but not in a per user value) Now when I create a new account I calculate the mail_location and store that value in LDAP. So far so good. -- Joseba Torre. Vicegerencia de TICs, área de Explotación
Re: [Dovecot] dovecot creating literal %d/%n/ folders
On Sábado 29 Octubre 2011 04:03:41 sean darcy escribió:
I have a virtual user test1.
cat /etc/dovecot/users
test1@mydomain:{PLAIN}test1pass:504:504::/home/vmail/%d/%n
catchall@mydomain:{PLAIN}password:504:504::/home/vmail/%d/%n
@mydomain:{PLAIN}password:504:504::/home/vmail/mydomain/catchall
te...@example.com:{PLAIN}test1pass:504:504::/home/vmail/%d/%n
ls /home/vmail/%d/%n/mail
cur dovecot.index.cache dovecot.index.log dovecot-uidlist
dovecot-uidvalidity dovecot-uidvalidity.4eab20a7 new tmp
and mail to test1@mydomain goes into this %d/%n folder. In fact
dovecot created the folder - at least I didn't.
from dovecot-info.log
Oct 28 17:43:11 auth: Debug: master in: USER4 test1@mydomain
service=lmtp
Oct 28 17:43:11 auth: Debug: passwd(test1@mydomain): lookup
Oct 28 17:43:11 auth: Info: passwd(test1@mydomain): unknown user
Oct 28 17:43:11 auth: Debug: passwd-file(test1@mydomain): lookup:
user=test1@mydomain file=/etc/dovecot/users
Oct 28 17:43:11 auth: Debug: master out: USER 4 test1@mydomain
uid=504 gid=504 home=/home/vmail/%d/%n
Oct 28 17:43:11 lmtp(4533, test1@mydomain): Info:
l6DnLacgq061EQAABoXEcA: msgid=4eab21ec.9070...@gmail.com: saved mail
to INBOX
I would have expected dovecot to expand this to
/home/vmail/mydomain/test1.
Or are the %u %d variables only expanded in certain files?
I had this same misunderstanding few days ago (in my case using ldap, but it
doesn't matter). The usage of variables makes sense when used in generic
values (e.g. mail_location), but not when used in a per-user db, and so
they're not expanded in that cases.
So: when adding a new entry in your passdb file, you should write actual
values instead of variables. Usually it's really easy.
HTH
--
Joseba Torre. Vicegerencia de TICs, área de Explotación
Re: [Dovecot] dsync should sync sieve-dirs to!
On Domingo 30 Octubre 2011 13:16:59 Peer Heinlein escribió: It should be possible to make a complete backup/mirror of a user's mailbox with dsync. And a backup/mirror without sieve is incomplete. And procmail rules? And maildrop rules? And someones post-login script based rules? To me, mailboxes are mailboxes, and dsync works fine. And yes: having a tool to migrate rules (sieve or whatever) would be nice. -- Joseba Torre. Vicegerencia de TICs, área de Explotación
Re: [Dovecot] How to create home directories for virtual users?
El 24/11/11 15:42, Simon Brereton escribió: On Nov 24, 2011 4:22 AM, Olli Räisänenolli.raisa...@telemail.fi wrote: Hello, I,m using Dovecot 1.2.9, now finishing a migration from Courier IMAP. Documentation (http://wiki.dovecot.org/VirtualUsers/Home) says that home directory should not be the same as mail directory. When I create new user accounts with PostfixAdmin the mail directory is not a problem but is there some smart way to create the home directory as well (locating it for instance in '/srv/vmail/%d/%n/home')? Why do you need a home directory for virtual users? For storing files wich are not mails. Sieve rules, subscription files and so on. Aaaagur.
Re: [Dovecot] v2.1.rc1 released
El 24/11/11 21:35, Miguel Tormo escribió: El Jueves, 24 de Noviembre de 2011 20:25:47 Timo Sirainen escribió: I'm not sure if changing /etc/security/limits.conf helps. It's probably only used by PAM when user logs in, so if Dovecot is started in system bootup it's unlikely to have been even read yet. Also I think some OSes override the limits in /etc/init.d/ scripts. Of course, I could be completely wrong in all of the above, I haven't really tested any of it Well actually this is tricky, I'm not sure if it would work after a system boot, but I'm sure it works after a reboot of the service. It is also true what you say that some OSes override the limits in the /etc/init.d/ scripts, for example issuing an 'ulimit -n 4096' (if using bash) before dropping privileges (that should be inherited, but if privileges are dropped using su or something that uses PAM, then the /etc/security/limits.conf file comes into play again). I tested this intensively some time ago, and Timo is right -as usual :) -: modifications in limits.conf are only relevant after a login. This means that they are not enforced at system boot, but they are if you reboot the service by hand (because you have already logged in). The permanent solution is, as Noel Butler has pointed, modifying the startup script and using ulimit before actually starting dovecot. HTH
Re: [Dovecot] Questions about single intance storage
El 04/12/11 21:16, Terry Carmen escribió: So I was thinking that there probably could be some tool that during a user's backup it would write the attachments among the user's other files, so it would be easy to find all of the files needed for a restore. This would of course mean that backups can take a lot more space, because there's no SIS. Perhaps there could be some other I see. Instead of writing the links directly to the filesystem, why not keep a links list (not a linked list 8-)) file in each directory that contains the information for the links that should be there (source, dest, attributes), then add an inotify hook in Dovecot to create/update/delete the hard links in the directory so they match the links list? The links list would only need to be opened when there's a change and could remain closed (and backup-able) at all other times, and restoring a links list would immediately trigger the inotify hook and regenerate all the required links. Terry Sorry for joining late this thread, but this is a very important issue for us. Terry's solution feels great: just a little modification of the mdbox, adding a ¿text? file with the list of attachment files, that is modified every time an attachment is added/deleted. With that, it seems quite easy to modify our mailbox recovery script to something like: - recover the mailbox as now - recover every attachment file that file points to. Other option: a new doveadm option that could generate this list, and then recover the mailbox, generate the list, recover the attachments. Also: no change needed to the backup process itself, and that's good news.
Re: [Dovecot] Providing shared folders with multiple backend servers
El 09/01/12 14:50, Phil Turmel escribió: I've been following this thread with great interest, but no advice to offer. The content is entirely appropriate, and appreciated. Don't be embarrassed by your enthusiasm, Stan. +1
Re: [Dovecot] DoveCot IMAP and inconsistent state messages
Hi, El Martes, 1 de Abril de 2008 a las 04:14, Bill Cole escribió: That's a question about the competence of the people maintaining that repository. Presumably these would be the people who blessed a pre-release version of Dovecot almost 18 months ago, in a period when such versions were being released every few days *due to bugs*, and who have not updated their build at any time since. It seems to me that these are not people who should be tasked or trusted with being the gatekeepers of software deployment, as that seems to be demonstrably beyond their competence. RedHat (and CentOS) has his own policy about releases, and more or less it is: no update will break a working instalation. So they try to port any security patches to their running versions -and this is a lot of work, they have their own forked version of almost any package!-, but almost never add any new funcionality. This policy has one great point: it's easy to understand, and it gives few surprises. And this is great most of the times. Pre-1.0 Dovecot is the kind of software that doesn't fit well in that policy: a lot of changes, and no standard stable version. So they chose one version -1.0rc15 in this case-, because their other option was not including dovecot. That's exactly why I'm compiling dovecot from source, but I usually like the default policy. Aagur. -- Joseba Torre. CIDIR Bizkaia. signature.asc Description: This is a digitally signed message part.
Re: [Dovecot] imapsync
El Lunes, 12 de Mayo de 2008 a las 14:01, Lars Stavholm escribió: Hi All, I'm trying out the imapsync migration tool, migrating user mails from cyrus IMAP to Dovecot IMAP. In order to avoid knowing about each of the users password, I use the cyrus admin user in the cyrus end. Is there such a thing as the dovecot admin user, or is that simply the root user? You can use a master user http://wiki.dovecot.org/Authentication/MasterUsers HTH -- Joseba Torre. CIDIR Bizkaia. signature.asc Description: This is a digitally signed message part.
Re: [Dovecot] strange quota error
El Miércoles, 4 de Junio de 2008 a las 19:02, JOHN ROMAN escribió:
[EMAIL PROTECTED] ~]# dovecot --version
1.0.10
1.0 doesn't support fs quota for nfs mounted filesystems. You can get it
patching the sources. I do this this way (quick dirt translation of my
spanish docs) -tested with 1.0.13-:
1. Get dovecot's sources
2. Get the following patches:
http://hg.dovecot.org/dovecot-1.1/raw-rev/078d9dde99c8
http://hg.dovecot.org/dovecot-1.1/raw-rev/abec53314897
http://hg.dovecot.org/dovecot-1.1/raw-rev/0dda1f746d63
(I save them as rquota{1,2,3}.diff)
In the last one, some changes are needed:
In particular the final patch for src/plugins/quota/Makefile.am needs
to be changed from
if HAVE_RQUOTA
+quota-fs.c: rquota_xdr.c
+
rquota_xdr.c: Makefile
to
if HAVE_RQUOTA
+$(srcdir)/quota-fs.c: rquota_xdr.c
+
rquota_xdr.c: Makefile
and then:
$ tar zxvf dovecot-1.0.13.tar.gz
$ ln -s dovecot-1.0.13 a
$ patch -p0 rquota1.diff
$ patch -p0 rquota2.diff
$ patch -p0 rquota3.diff
$ cd dovecot-1.0.13
$ export SED=/bin/sed
$ autoconf
$ autoheader
$ aclocal
$ automake
$ ./configure --with-ldap
$ make
HTH
Aaagur.
--
Joseba Torre. CIDIR Bizkaia.
signature.asc
Description: This is a digitally signed message part.
Re: [Dovecot] Errors running imaptest with dovecot-1.1.1
El Martes, 1 de Julio de 2008 a las 19:42, Timo Sirainen escribió: These are actually all normal. I just haven't bothered to fix imaptest to treat different users' mailboxes as actual separate mailboxes. Since it assumes all the mailboxes are the one and same, it sees a lot of problems because they aren't. The multiuser support was written long before I added these checks and I haven't needed the multiuser testing myself for a long time, so this is broken for now. Feel free to fix it. :) Ok, thanks for the explanation. Unfortunately, my coding skills are far from optimal :) Also have you seen http://imapwiki.org/Benchmarking? imaptest tests best the webmail kind of a performance but not that much of Outlook/Thunderbird performance. Yes, i've read it. Our server load raised quite a lot since we switched our webmail from caching postman (http://www.uv.es/postman/postman.html) to non-caching imp, so non-caching tests are more important for us. Thanks. -- Joseba Torre. CIDIR Bizkaia. signature.asc Description: This is a digitally signed message part.
Re: [Dovecot] Errors running imaptest with dovecot-1.1.1
Just if someone is interested, here are initial results. Common settings: RHEL4, dual Intel(R) Xeon(TM) CPU 2.40GHz, 2GB RAM. NFS mounted homes (using EMC celerra), local index files, NFS mounted control files. Authentication uses PAM and local files. FS quota enabled. (dovecot -n output added at the bottom) - dovecot v1.0.13 compiled with --with-ldap, RHEL4. Command run $ imaptest user=imaptest%03d pass=paquitoelchocolatero mbox=dovecot.mbox clients=50 seed=321 sort=100 secs=100 2 /dev/null Totals: Logi List Stat Sele Fetc Fet2 Sort Stor Dele Expu Appe Logo 100% 50% 50% 100% 100% 100% 100% 50% 100% 100% 100% 100% 30% 5% 2412 1183 1239 2408 2393 3382 2392 362 1888 2392 2396 4878 - dovecot 1.1.1 compiled with --with-ldap, RHEL4. Same conf file with mail_nfs_storage = yes added. Command run: Totals: Logi List Stat Sele Fetc Fet2 Sort Stor Dele Expu Appe Logo 100% 50% 50% 100% 100% 100% 100% 50% 100% 100% 100% 100% 30% 5% 2684 1387 1331 2663 2636 3764 2636 397 2079 2636 2655 5386 So it's something like a 10-15% improvement. Tomorrow i'll repeat this tests and record cpu load. Is there anything else I should try? # /usr/local/sbin/dovecot -n # 1.1.1: /usr/local/etc/dovecot.conf syslog_facility: local1 protocols: imap imaps pop3 pop3s listen(default): *:143 listen(imap): *:143 listen(pop3): *:110 ssl_listen(default): *:993 ssl_listen(imap): *:993 ssl_listen(pop3): *:995 ssl_cert_file: /usr/share/ssl/certs/dovecot-beta.pem ssl_key_file: /usr/share/ssl/certs/dovecot-beta.pem disable_plaintext_auth: no login_dir: /usr/local/var/run/dovecot/login login_executable(default): /usr/local/libexec/dovecot/imap-login login_executable(imap): /usr/local/libexec/dovecot/imap-login login_executable(pop3): /usr/local/libexec/dovecot/pop3-login mail_location: maildir:~/Maildir:INDEX=/var/dovecot/%u:CONTROL=/var/dovecot-nas/%u/control mmap_disable: yes mail_nfs_storage: yes mail_executable(default): /usr/local/libexec/dovecot/imap mail_executable(imap): /usr/local/libexec/dovecot/imap mail_executable(pop3): /usr/local/libexec/dovecot/pop3 mail_plugins(default): quota imap_quota mail_plugins(imap): quota imap_quota mail_plugins(pop3): quota mail_plugin_dir(default): /usr/local/lib/dovecot/imap mail_plugin_dir(imap): /usr/local/lib/dovecot/imap mail_plugin_dir(pop3): /usr/local/lib/dovecot/pop3 pop3_uidl_format(default): %08Xu%08Xv pop3_uidl_format(imap): %08Xu%08Xv pop3_uidl_format(pop3): %v.%u auth default: master_user_separator: * passdb: driver: pam passdb: driver: passwd-file args: /usr/local/etc/dovecot-master.conf master: yes userdb: driver: passwd socket: type: listen master: path: /var/run/dovecot/auth-master mode: 384 plugin: quota: fs -- Joseba Torre. CIDIR Bizkaia. signature.asc Description: This is a digitally signed message part.
Re: [Dovecot] OT - Legal disclaimers - WAS: Re: Poor pop3 over nfs performance
El Miércoles, 2 de Julio de 2008 a las 13:50, Charles Marcus escribió: On 7/2/2008, Mark Zealey ([EMAIL PROTECTED]) wrote: This mail is subject to http://www.gxn.net/disclaimer Wow... good idea for disclaimers (I hate them)... IANAL, but: It's not only that we all hate them; also they are questionable in a legal point of view. They are based on: - It is intended for the addressee(s) only. If you have received this communication in error please notify the sender Yeah; I got the message, so I'm the addresee. No point here. And my telephatic powers are down now, so I can't know if it's been an error or not. - delete this message from your system without copying or disseminating it or placing any reliance upon its contents Well, you sent it to me, so it's mine now. Sending a message to me doesn't give you the power to tell me what should I do; otherwise, I could say something like send me all the files in your hard disk so I can verify you save no copy of this messages or even send me 1000$. - Confidentially Under spanish law, I have to SIGN a contract BEFORE I access to the confidential content. No contract, no confidentially. They can not show me some content and, later, tell me it was confidential. Some interesting articles about this: - in spanish: http://www.iabogado.com/esp/blogcfm/1/2007/12/Los-avisos-de-confidencialidad-en-los-correos-esos-engendros-jurdicos.cfm - in english: http://www.goldmark.org/jeff/stupid-disclaimers/ And yes, I'm really tired of this messages... Aagur. -- Joseba Torre. CIDIR Bizkaia. signature.asc Description: This is a digitally signed message part.
Re: [Dovecot] Bug? Expunging Symlinked Maildir w/ Laz y_expunge Enabled
El Sábado, 22 de Septiembre de 2007 a las 16:40, Timo Sirainen escribió: Right. The symlink isn't the problem, the problem is that it's on a different filesystem so rename() fails. There are two ways to handle this: 1) Copy the message to the other filesystem. This is slow. 2) Just unlink() the message. So, if I'm right, lazy_expunge is not usable with quota=fs. Is this correct? -- Joseba Torre. CIDIR Bizkaia. signature.asc Description: This is a digitally signed message part.
Re: [Dovecot] displaying IMAP folders that are in ~/mail/ at same level as inbox
El Miércoles, 22 de Octubre de 2008 a las 04:04, David London escribió: Thanks Laurent (and Charles re the age of the dovecot software), It looks like we've got what you say is needed (see configuration file below). In addition the test accounts are brand new ones on the test system, not ones that have been moved over so .mailboxlist is not there - just .subscriptions Maybe what I'm trying to do is just not possible ... You can get it in the client. For example, in thunderbird, in Server settings-advanced should be something like IMAP server directory (I'm using an spanish version of thunderbird, so don't know the exact english name for the option). Similar options exists for other clients. HTH. -- Joseba Torre. CIDIR Bizkaia. signature.asc Description: This is a digitally signed message part.
Re: [Dovecot] Dovecot and quota enforcement - only reporting?
How are you delivering your mails to mailboxes? If you don't use dovecot's deliver quota won't get updated (unless you use filesystem quota) HTH El Lunes, 27 de Octubre de 2008 a las 17:53, [EMAIL PROTECTED] escribió: At 10:48 PM 10/21/2008, Rick Steeves wrote: When I delete mail and expunge it, the quota updates. However, inbound email doesn't appear to update the quota. Two questions, probably related: What causes the quota (which I presume is the maildirsize file) to update? Is there any actual quota enforcement, or just reporting? Because if I send mail to an account, even if it currently reporting (via maildirsize or . getquotaroot) that the user is over quota, they still can send and receive email. Just checking to see if there are any insights here. Rick -- Joseba Torre. CIDIR Bizkaia. signature.asc Description: This is a digitally signed message part.
Re: [Dovecot] dovecot -n - provide sys info too? - WAS: Re: Dovecot read only for users
El Jueves, 30 de Octubre de 2008 a las 20:15, Timo Sirainen escribió: On Oct 30, 2008, at 9:02 PM, John Lightsey wrote: A little late, but I don't see any mention of /etc/lsb-release in the LSB specification. You probably want the output of /usr/bin/ lsb_release -d I don't think dovecot should execute external binaries. Sounds scary. You're right (as always :). But maybe using the same output for dovecot is a good idea. And lsb_release is a script (shell in RHEL4, python in Debian), so it seems easy. -- Joseba Torre. CIDIR Bizkaia. signature.asc Description: This is a digitally signed message part.
Re: [Dovecot] (1.0.13) fsync failed: Disk quota exceeded for some accounts
Hi, El Jueves, 6 de Noviembre de 2008 a las 11:30, Eric Marin escribió: - should I use the quota:fs plugin in this case (it seems to work out well without it for most users) ? quota:fs is only about reporting quota status using IMAP. So, it should do no diference in this case. - would it work in v1.0.13 on NFS ? No, you have to apply a patch to get 1.0 quota over NFS - if it worked, and I enabled it, what would change for me ? You can offer that information to your imap users. I think it's good offering this info to my users, but this is another issue. Maybe the problem is with your NAS quotas. Have you tried deleting one of these users' quota, and reapplying it? HTH -- Joseba Torre. CIDIR Bizkaia. signature.asc Description: This is a digitally signed message part.
Re: [Dovecot] Problems with Outlook clients after a migration
Also: I've moved from 32 to 64 bits. Maybe some problem related to this? -- Joseba Torre. Vicegerencia de TICs, área de Explotación
Re: [Dovecot] Problems with Outlook clients after a migration
On Miércoles 26 Mayo 2010 12:39:05 Timo Sirainen escribió: What does Dovecot log as the disconnect reason when this happens? It does seem like it's related to the 30 min timeout. I use the outlook-idle workaround, but it doesn't seem to make any difference. Since v1.1 outlook-idle workaround hasn't done anything. Dovecot now never disconnects IDLEing client. I get some May 26 12:18:05 s85 dovecot: IMAP(lgsavbaf): Disconnected: Logged out bytes=142/1525 (is this outlook quitting?) but also some May 26 12:19:22 s85 dovecot: IMAP(lgsavbaf): Disconnected in IDLE bytes=161/2018 -- Joseba Torre. Vicegerencia de TICs, área de Explotación
Re: [Dovecot] Problems with Outlook clients after a migration
but also some May 26 12:19:22 s85 dovecot: IMAP(lgsavbaf): Disconnected in IDLE bytes=161/2018 Something disconnected the client. Maybe you've a firewall/load-balancer/etc in the middle that doesn't like long idling connections? Although that wouldn't explain why it worked with v1.1. The network setup is different for this server:NIC bonding, a different VLAN, ... I'll do some network checks. You could also try it yourself: telnet imap.server.com 143 a login user pass b idle and see if it gets disconnected. It should also send * OK Still here every 2 minutes, so I'd guess nothing should disconnect it.. I'm checking it now. Thanks! -- Joseba Torre. Vicegerencia de TICs, área de Explotación
Re: [Dovecot] Over quota
On Jueves 27 Mayo 2010 18:30:41 James Devine escribió: Is there any way to still be able to login/delete email via dovecot-imap when the user's filesystem quota is exceeded? We just moved from courier where this was still possible but now a user over quota can login but cannot get a list of messages and the logs show this: Move the indexes to a filesystem without quotas. Something like mail_location = maildir:~/Maildir:INDEX=/var/dovecot/%u will do the trick. HTH -- Joseba Torre. Vicegerencia de TICs, área de Explotación
Re: [Dovecot] Problems with Outlook clients after a migration
Some new data: If I remember correctly, I've changed: - commented out the outlook-idle workaround. - the server's iptables now doesn't use state in 993 port and the situation is much better. I've got some Disconnected in IDLE messages, but must of them where related to changes in the client (twice thunderbird dying, and once a system being suspended). There're still some from one of the most problematic clients (windows 7 + outlook 2007) with no apparent reason, but the user didn't sensed anything. I'll keep my test for some days before the final migration, but now it seems ok. -- Joseba Torre. Vicegerencia de TICs, área de Explotación
[Dovecot] And again... too many open files
Hi! Two days ago I upgraded to 1.2.15, and again I the warning Warning: fd limit 1024 is lower than what Dovecot can use under full load reappeared. It's a bit weird, because my actual limits are higher. From /etc/security/limits.conf * softnofile 4096 * hardnofile 8192 rootsoftnofile 4096 roothardnofile 8192 dovecot softnofile 4096 dovecot hardnofile 8192 I added the * lines to avoid problems if a new user was involved, and finally supposed it was a bug in the detection process. Today, as expected, dovecot was not responding with the famous Too many open files error. Has something changed? Is there some way to know which is the maximum number of files that can be open? Is there some parameter I can change to avoid this? Here's my dovecot -n # 1.2.15: /usr/local/etc/dovecot.conf # OS: Linux 2.6.18-164.11.1.el5 x86_64 Red Hat Enterprise Linux Server release 5.4 (Tikanga) syslog_facility: local1 protocols: imap imaps pop3 pop3s listen(default): *:143 listen(imap): *:143 listen(pop3): *:110 ssl_listen(default): *:993 ssl_listen(imap): *:993 ssl_listen(pop3): *:995 ssl_cert_file: /usr/share/ssl/certs/imapd.pem ssl_key_file: /usr/share/ssl/certs/imapd.pem disable_plaintext_auth: no login_dir: /usr/local/var/run/dovecot/login login_executable(default): /usr/local/libexec/dovecot/imap-login login_executable(imap): /usr/local/libexec/dovecot/imap-login login_executable(pop3): /usr/local/libexec/dovecot/pop3-login login_process_per_connection: no login_process_size: 256 login_processes_count: 16 login_max_processes_count: 256 login_max_connections: 512 max_mail_processes: 2048 first_valid_uid: 100 mail_location: maildir:~/Maildir:INDEX=/var/dovecot/%u:CONTROL=/var/dovecot nas/%u/control mail_nfs_storage: yes lock_method: dotlock mail_executable(default): /usr/local/libexec/dovecot/imap mail_executable(imap): /usr/local/libexec/dovecot/imap mail_executable(pop3): /usr/local/libexec/dovecot/pop3 mail_plugins(default): quota imap_quota mail_plugins(imap): quota imap_quota mail_plugins(pop3): quota mail_plugin_dir(default): /usr/local/lib/dovecot/imap mail_plugin_dir(imap): /usr/local/lib/dovecot/imap mail_plugin_dir(pop3): /usr/local/lib/dovecot/pop3 pop3_uidl_format(default): %08Xu%08Xv pop3_uidl_format(imap): %08Xu%08Xv pop3_uidl_format(pop3): %v.%u auth default: cache_size: 1000 cache_ttl: 6000 master_user_separator: * debug: yes passdb: driver: passwd-file args: /usr/local/etc/bloqueados deny: yes passdb: driver: ldap args: /usr/local/etc/dovecot-ldap.conf passdb: driver: passwd-file args: /usr/local/etc/shadow passdb: driver: pam passdb: driver: passwd-file args: /usr/local/etc/dovecot-master.conf master: yes userdb: driver: prefetch userdb: driver: passwd-file args: /usr/local/etc/passwd userdb: driver: ldap args: /usr/local/etc/dovecot-ldap.conf socket: type: listen master: path: /var/run/dovecot/auth-master mode: 384 plugin: quota: fs -- Joseba Torre. Vicegerencia de TICs, área de Explotación
Re: [Dovecot] And again... too many open files
On Miércoles 06 Octubre 2010 16:11:27 Timo Sirainen escribió: These limits don't affect Dovecot at all, because they're for users that are actually logging in (via PAM). System services get their limits elsewhere. Ops! I thought limits.conf was a semi-official answer for this issue. But you're right, I've been playing with it and looking at /proc/$PID/limits and it has no influence. It works for initial dovecot process (run by root), but not for the imap-login or pop3-login ones. One way at least that might work (I'm not sure) would be to put ulimit -n 4096 to /etc/sysconfig/dovecot Unfortunately, this doesn't work with my home made startup script. Anyway, on a testing machine I've seen that the actual limit depends on the configuration file (¿?). The initial limit was 533, and after adding the following lines to dovecot.conf login_processes_count = 16 login_max_connections = 512 login_process_size = 256 now it's 1045. Any ideas? -- Joseba Torre. Vicegerencia de TICs, área de Explotación
Re: [Dovecot] And again... too many open files
On Miércoles 06 Octubre 2010 17:11:49 Timo Sirainen escribió: Ops! I thought limits.conf was a semi-official answer for this issue. But you're right, I've been playing with it and looking at /proc/$PID/limits and it has no influence. It works for initial dovecot process (run by root), Really? It does change it then. Maybe the * line? I'm pretty sure the dovecot lines don't.. Sorry, I was confused. When started at boot, it doesn't affect, but when I do # service dovecot restart as root, the root lines apply. but not for the imap-login or pop3-login ones. That's because these processes calculate the max. number of needed fds and drops the limit automatically. Are you actually seeing error messages about actually running of fds? I got a lot of dovecot: pipe() failed: Too many open files until I restarted dovecot. I thought the problem was: Warning: fd limit 1024 is lower than what Dovecot can use under full load This is checked only at startup when running the master process. And if dovecot process's fd limit is higher than 1024, then I'd think this error message goes away?.. Finally, if changed my startup script adding ulimit -n 4096 before daemon /usr/local/sbin/dovecot and the problem has disappeared. Thanks! -- Joseba Torre. Vicegerencia de TICs, área de Explotación
Re: [Dovecot] And again... too many open files
On Jueves 07 Octubre 2010 17:09:18 Jerrale G escribió: To help out this thread, my redhat (centos 5.5) says: [r...@mail ~]# ulimit unlimited [r...@mail ~]# This has never been changed by me and, so, I don't know why your redhat is coming default with a limit. You seem to not have changed it as you are baffled at why the limit is there. I'll try and figure out a permanent way for you to change it. You should try with # ulimit -a This will tell you the actual limits. ulimit alone tells the shell to go unlimited. -- Joseba Torre. Vicegerencia de TICs, área de Explotación
Re: [Dovecot] dsync, separator, but really - Default Namespace
On Jueves 28 Octubre 2010 16:35:48 Daniel L. Miller escribió:
Ok - I 've never configured namespaces before...time to learn. So my
first attempt - is the following config the same as having no explicit
namespace declaration?:
# My Default Namespace
namespace {
type = private
separator = '.'
prefix =.
location = /var/mail/%d/%n/Maildir
inbox = yes
hidden = no
list = yes
subscriptions = yes
}
I've just run into the same situation 1 hour ago! My namespace declaration is
namespace {
type = private
separator = '/'
inbox = yes
}
(the default value for location is mail_location)
and dsync is working fine (it's slow, but it's working).
HTH
--
Joseba Torre. Vicegerencia de TICs, área de Explotación
[Dovecot] Managesieve with multiple uid's
Hi,
I'm trying to setup a system with dovecot to remove the old courier one, and
everything (pop3, imap, lmtp, quotas) but managesieve is working fine. It
seems like it's a problem with each user having a separate uid, because I have
a working similar setup with a single uid working without problems.
In this system when I try to connect to the managesieve port using telnet I
get no response:
$ telnet localhost 4190
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
^]
telnet quit
In the logs I see:
Dec 21 14:16:30 v000148 dovecot: managesieve-login: Disconnected: Inactivity
(no auth attempts): rip=10.0.4.25, lip=10.0.82.8
Dec 21 14:16:30 v000148 dovecot: managesieve-login: Error: auth:
connect(login) in directory / failed: Permission denied (euid=102(unknown)
egid=103(unknown) missing +x perm: /, euid is not dir owner)
Dec 21 14:16:30 v000148 dovecot: managesieve-login: Error: auth:
connect(login) in directory / failed: Permission denied (euid=102(unknown)
egid=103(unknown) missing +x perm: /, euid is not dir owner)
Dec 21 14:19:30 v000148 dovecot: managesieve-login: Disconnected: Inactivity
(no auth attempts): rip=10.0.4.25, lip=10.0.82.
(102 is the uid of the dovecot user, and 103 is the gid of the dovenull
group)
My current setup is (I changed the mode of the service auth to 666 thinking
the problem was there, but I got no change):
# 2.0.8: /usr/local/etc/dovecot/dovecot.conf
# OS: Linux 2.6.18-194.26.1.el5 x86_64 Red Hat Enterprise Linux Server release
5.5 (Tikanga) nfs
auth_cache_size = 10 M
auth_verbose = yes
lock_method = dotlock
mail_location = maildir:/docencia/cuentas/%1n/%n/Maildir/
mail_plugins = quota
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags
copy include variables body enotify environment mailbox date
passdb {
args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
plugin {
quota = dict:User quota::file:%h/dovecot-quota
quota_rule = *:storage=100M
quota_warning = storage=85%% quota-warning 85 %u
quota_warning2 = storage=82%% quota-warning 82 %u
sieve = ~/.dovecot.sieve
sieve_dir = ~/sieve
}
protocols = imap pop3 sieve lmtp
service auth-worker {
user = dovecot
}
service auth {
unix_listener auth-userdb {
mode = 0666
}
}
service imap-login {
chroot = login
service_count = 1
user = dovecot
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0660
user = postfix
}
}
service pop3-login {
chroot = login
service_count = 1
user = dovecot
}
service quota-warning {
executable = script /usr/local/bin/quota-warning.sh
unix_listener quota-warning {
user = vmail
}
user = dovecot
}
ssl_cert = /usr/share/ssl/certs/imapd.pem
ssl_key = /usr/share/ssl/certs/imapd.pem
syslog_facility = local1
userdb {
driver = prefetch
}
userdb {
args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
protocol imap {
mail_plugins = quota imap_quota
}
protocol lmtp {
mail_plugins = quota sieve
syslog_facility = local2
}
--
Joseba Torre. Vicegerencia de TICs, área de Explotación
Re: [Dovecot] behavior of dovecot with Openldap
El Martes, 20 de Enero de 2009 a las 08:47, geoffroy desvernay escribió: Here we use uris parameter instead of hosts, and we seems to have expected behaviour: dovecot is always using the first listed uri except if it doesn't respond (switch to the second) Same experience here (RHEL4 and several dovecot versions). Dovecot only uses the 1st ldap server in the uris variable, and only tries the other ones when this doesn't respond: we've had some problems with the primary server taking like 1 minute for each answer and dovecot didn't switch to the next one. -- Joseba Torre. CIDIR Bizkaia. signature.asc Description: This is a digitally signed message part.
[Dovecot] High Availability strategies
Hi, we have a medium setup (8000 pop and imap users using almost every available client, 800GB of stored mails using maildir on a Celerra NFS server, with index files on local disks, and procmail for local delivery), being served by a Dell PowerEdge 2850 (2GB RAM and dual P4 Xeon 3,2GHz). Our current not-so-high availability setup is based on a similar server with the same setup and a easy but manual process to switch from one server to another. We are thinking about setting up some kind of serious high availability, but for every strategy we think about some problems appear, and I'd like to hear your opinions about them: - The recommended setup, with each user being sent always to the same server, is not possible because our load balancers (Cisco Catalyst 6000) can't do that. - We could put both servers behind the load balancer, and keep local index files on each server. Usually the same ip we'll be redirected to the same server, so few problems will arise. When a user is sent to a new server, index will be rebuilt so performance will be bad but we should not expect other problems, right? - We could also put the index files on a nfs share. No problems, but pretty bad performance. - We could also get more ram for the servers and keep indices in memory. How can we compare these solutions? Apart from performance, are other problems expected? Using deliver instead of procmail could improve performance? - We've also thought about some more or less weird setups, like setting up a GFS filesystem for the index files, or setting up a proxy on every server which redirect users to their fixed server, but they seem too complex for few advantages. Any recommendations? How are you doing this? -- Joseba Torre. Vicegerencia de TICs, área de Explotación
Re: [Dovecot] High Availability strategies
Thanks a lot for all the answers. We already have high availability on the storage, so we'll go with Timo's proposal, mainly because it's the closer one to our current situation. Thanks! El Sábado 25 Julio 2009 a las 01:58, Timo Sirainen escribió: On Jul 24, 2009, at 5:00 AM, Joseba Torre wrote: we have a medium setup (8000 pop and imap users using almost every available client, 800GB of stored mails using maildir on a Celerra NFS server, with index files on local disks, and procmail for local delivery), being served by a Dell PowerEdge 2850 (2GB RAM and dual P4 Xeon 3,2GHz). Our current not-so-high availability setup is based on a similar server with the same setup and a easy but manual process to switch from one server to another. So you currenly have a single server serving all imap/pop3 users? - The recommended setup, with each user being sent always to the same server, is not possible because our load balancers (Cisco Catalyst 6000) can't do that. - We could put both servers behind the load balancer, and keep local index files on each server. Usually the same ip we'll be redirected to the same server, so few problems will arise. When a user is sent to a new server, index will be rebuilt so performance will be bad but we should not expect other problems, right? If a single server can handle all users fine, I wouldn't try anything special here. Just have them work as a master/slave and install some kind of a heartbeat to switch between them. - We could also put the index files on a nfs share. No problems, but pretty bad performance. If there's only a single server accessing the mails, you can use mail_nfs_*=no and the performance shouldn't be that bad. - We could also get more ram for the servers and keep indices in memory. I'd say local disk is much better. Using deliver instead of procmail could improve performance? http://wiki.dovecot.org/LDA/Indexing - We've also thought about some more or less weird setups, like setting up a GFS filesystem for the index files, or setting up a proxy on every server which redirect users to their fixed server, but they seem too complex for few advantages. Assuming still a master/slave setup, you could use DRBD to replicate indexes between local disks. -- Joseba Torre. Vicegerencia de TICs, área de Explotación
Re: [Dovecot] Dovecot unable to access the shadow file
El 24/01/13 19:07, kenwood escribió: I am installing Dovecot-2.1.13 on Slackware 13.37.0 for the first time to replace ipop3d and I have overcome all of the roadblocks as they have developed except this last one and I finally have to say “uncle”. The error messages that are showing up in the dovecot.log are as follows. Jan 24 12:27:27 tux2 dovecot: auth: Error: passwd-file /etc/shadow: open(/etc/shadow) failed: Permission denied (euid=202(dovecot) egid=202(dovecot) missing +r perm: /etc/shadow, we're not in group 43(shadow), dir owned by 0:0 mode=0755) Jan 24 12:27:27 tux2 dovecot: auth: passwd-file(user,192.168.10.2,pw3xHwzUSQDAqAoC): no passwd file: /etc/shadow Jan 24 12:27:29 tux2 dovecot: pop3-login: Warning: SSL alert: where=0x4008, ret=256: warning close notify [192.168.10.2] Jan 24 12:27:29 tux2 dovecot: pop3-login: Disconnected (auth failed, 1 attempts in 2 secs): user=user, method=PLAIN, rip=192.168.10.2, lip=192.168.10.100, TLS: Disconnected, session=pw3xHwzUSQDAqAoC Based on what I have read the only user that should access the shadow file is root. With that in mind I looked at all the configuration and .ext files and the only file I could find that would indicate that root should be checking the shadow file is 10-master.conf. In that file it said the default service auth-worker was root but since it was apparently not working I removed the hash mark and made it explicit. It still didn’t work. As a last resort even though it was not good practice I tried adding user dovecot to the group shadow but that did not work either. It still says dovecot is not in the group shadow even though it is. Any suggestions? If your system is using pam, use it instead of accesing /etc/shadow directly http://wiki2.dovecot.org/PasswordDatabase/PAM
Re: [Dovecot] Authentication with many Windows AD
El 12/02/13 11:36, Antonio Alberola escribió: Dear All, I'm a new user of Dovecot and I need support with the authentication process. I use Dovecot 2.0.9 and Postfix 2.6.6 on host x86_64-redhat-linux-gnu 2.6.32-279.14.1.el6.x86_64 CentOS release 6.3 (Final) I need to select the validation method depending on the user. I have users that have to be authenticate with UNIX account, and I have others thats have to be authenticate with Windows AD. For example, some sysadmins and special accounts needs validate with Unix accounts. Other normal users have to authenticate with Windows AD, I have many Windows controllers. Some users authenticate to a specific Windows AD and other users are validated in another one. How I can do this? You can set as many databases as you want. Check this: http://wiki2.dovecot.org/PasswordDatabase http://wiki2.dovecot.org/Authentication/MultipleDatabases HTH
Re: [Dovecot] Authentication with many Windows AD
El 14/02/13 11:45, Antonio Alberola escribió: Hi, You can set as many databases as you want. Check this: http://wiki2.dovecot.org/PasswordDatabase http://wiki2.dovecot.org/Authentication/MultipleDatabases This solution is valid if I have only one domain. In case you have more than one domain, you need authenticate in the appropriate LDAP server. Is That correct? If you don't give us more details, no, that's not correct. Whenever a user tries to authenticate dovecot will try the 1st passdb, if it fails the 2nd and so on. I can't see how the domain is relevant here. I'm going to explain my particular case. I have five Windows domains with some users who belong to those domains. I also have other users who are authenticated with local UNIX accounts. The only thing that I can do (I think) is using a Radius server. But, I'd rather not use it.
Re: [Dovecot] lmtp problem with wrong index path
El 26/02/13 14:45, Dimos Alevizos escribió: I've noticed that our directors point to different backends if the user logins as user vs user@domain and as a result there are users ending up in more than one server (several of them use just their username in one client and the full user@domain in another and vice versa). Up till now we didn't think much about it because it's not that common. Sorry for being late; we had a similar problem and solved it with director_username_hash = %n HTH
Re: [Dovecot] Dovecot documentation WAS: Re: Question regarding Postfix and Dovecot
El 19/03/13 05:15, Stan Hoeppner escribió: On 3/18/2013 11:37 AM, Timo Sirainen wrote: So basically you're saying that the major documentation improvement = an index listing/describing all settings. Sure, would be useful, but I don't see having time to write that anytime soon. The time issue is perfectly understandable Timo. My suggestion may not be the gold or platinum improvement to the docs, but I think it would help a lot of people, especially since most using Dovecot are also using Postfix, and since man is the standard UNIX documentation format/interface. I think some similarity/consistency would help quite a bit as many people are so used to this format. Do you have a way to simply dump all the current conf file parameter names from 2.x into a single column text file? I'll sort it and start adding the legal parameter values and writing the parameter definitions from information currently available in source and wiki pages. When I hit the point I can't find reference material for the rest of the parameters, we can dump it to a wiki page or similar so others with the knowledge can jump in and help finish it. Once it's done, myself, or someone else if they already have the experience, can create the man page from this to be included in the source. And you can create an update mechanism/batch process so that updating the 'master' document automatically updates the source man page and other published versions, making documentation updates simple when you add/change parameters. We could do the wiki bazaar style editing from the beginning, but I'd rather not. I'd like to get it started with a framework/layout and style of prose typical of UNIX documentation, for other editors to follow. The definition text prose needs to be consistent all the way through, or readers may be confused by the different writing styles of ~50 different people who may speak different 'dialects' of English or have different writing styles. This consistency is one of the hallmarks of good technical writing. Like I said previously, the one thing I'm able to contribute more than anything at this point is time. And my writing skills aren't completely horrible--I have been published, FWIW, but not recently. But my knowledge of the parameters, and a lot of Dovecot features in general is lacking. So if others are willing to contribute where I fall short, I'd be glad to give this a go and get it started, and hopefully put a decent sized dent in it so there's not so much left for others to do. Obviously you have final review/edit authority, and if you have a particular preference on writing style, etc, I'll certainly honor that. If this is acceptable to you Timo, let me know. If so send me the aforementioned file, any preferences/thoughts you have, and I'll get started on the first draft. Definitely, something like man 5 postconf would be really useful. I would like to collaborate with that, but I think that my English writing skill are not good enough.
