allow read access
to the mailboxes.
Joseph Tam jtam.h...@gmail.com
will allow all the other processing like sieve to work.
However, I would look at the cause of the insufficient privileges:
it is a symptom of something that could lead to other problems.
Joseph Tam jtam.h...@gmail.com
? The diagnostics I referred to in my last post would have been
helpful here.
# postconf -n
If you're having problems authenticating to the IMAP service, then you
ought to concentrate on that problem: it's likely your LDA problem is
dependent on that solution.
Joseph Tam jtam.h...@gmail.com
for the include directive.
Maybe it came from the bang syntax for Unix scripts.
Joseph Tam jtam.h...@gmail.com
...@foo.com,
not jeff)? Otherwise, you'll need to add domains to your passdb,
or configure username_format=%n
Joseph Tam jtam.h...@gmail.com
also help.
Joseph Tam jtam.h...@gmail.com
know
hash, it's quite easy to generate a secret which will match the hash ...
Quite easy? Maybe if you could find a crypt rainbow tables for crypt().
Go ahead and invert LXE5F6d8FPOa..
Joseph Tam jtam.h...@gmail.com
(no auth attempts in 180 secs)
SSL/TLS + clear-text password is secure. If you do not use SSL/TLS,
you'll have to use CRAM-MD5 or some challenge-response authentication
to defeat password snooping. You could use both, but that's overkill.
Joseph Tam jtam.h...@gmail.com
/2013-August/092299.html
Joseph Tam jtam.h...@gmail.com
/PasswordSchemes
Joseph Tam jtam.h...@gmail.com
anyone done a dovecot authentication plugin to support these
password forms (and/or any other forms that django supports)?
You can always fall back on
http://wiki2.dovecot.org/AuthDatabase/CheckPassword
to implement any wild and woolly scheme you got going.
Joseph Tam jtam.h...@gmail.com
this, you should hedge this by only
allowing it from known trusted senders (e.g. local network).
Joseph Tam jtam.h...@gmail.com
) matches what you think the master password ought to be.
Joseph Tam jtam.h...@gmail.com
for more information.
And the server logs says ...? Maybe the '-' is not one of the allowed
characters (is there a missing 'e' at the end?)
Joseph Tam jtam.h...@gmail.com
it off too just to check.
mbox:~:INBOX=/var/mail/%u
Also, is your home directory well defined in your userdb? Check output
of
doveadm user rechnungseingang-animationsinstitut
Joseph Tam jtam.h...@gmail.com
to 2.2 was working OK.
Debugging of this sort usually requires submitting a core dump
traceback
http://dovecot.org/bugreport.html
This might be a known issue (check the Dovecot archives).
Joseph Tam jtam.h...@gmail.com
headers +/- message IDs and a few bytes
here and there, but as you say, SiS is the way to go for deduping
bulky message attachments.
Joseph Tam jtam.h...@gmail.com
message body anywhere
in a block, so you might have 512 different block configurations for
the same message.
I don't know whether message alignment would be a worthwhile optimization
for mdbox.
Joseph Tam jtam.h...@gmail.com
these by returning uid or gid fields. You can use either
numbers
# or names. doc/wiki/UserIds.txt
#mail_uid =
... if all your users share the the same GID, set it here.
Joseph Tam jtam.h...@gmail.com
being created (or
maybe even anticipate a new mailbox, create one with mode 0777 and
wait to intercept mail?).
Joseph Tam jtam.h...@gmail.com
(I use
the default that comes with dovecot -- squat?).
Sorry, can't help you out further.
Joseph Tam jtam.h...@gmail.com
:
doveadm fetch 'mailbox hdr' mailbox shared/\* \( SUBJECT a OR SUBJECT b
\)
Joseph Tam jtam.h...@gmail.com
hdr SUBJECT Silvester \
HEADER Return-Path someu...@example.com
Joseph Tam jtam.h...@gmail.com
not deterministic though.) Try
process traces -- I do when I'm stumped.
Joseph Tam jtam.h...@gmail.com
unfriendly. It's easy
to get an infamous Error code 89.
Is there any back story to the grammar or language this configuration is
in?
It appears to me to have grown organically, and maybe will need pruning
some day.
Joseph Tam jtam.h...@gmail.com
(+) character if a non-trivial
ACL is associated with the file ...
Try
ls -alv /mpool/mail
I don't use ACLs, so I can help you how to modify them.
Joseph Tam jtam.h...@gmail.com
turning up the verbosity on logging will help. If that
doesn't, try process tracing the dovecot auth process.
Joseph Tam jtam.h...@gmail.com
up user somebody and debug your way from there:
doveadm user somebody
Joseph Tam jtam.h...@gmail.com
reader is configured to connect to an IMAP/SSL service
(port 993).
Maybe it will start working if you configure Mutt
set spoolfile=imap://steve@vmail-s/
(Just guessing -- I don't use Mutt.)
Joseph Tam jtam.h...@gmail.com
in
plaintext, and SSL negotiations starts after a STARTTLS directive.
Looking at
http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy
methinks you want to replace starttls=y with ssl=yes.
Joseph Tam jtam.h...@gmail.com
from
dovecot -n:
mail_location = mbox:/RAID/home/%u/mail
Maybe try
mail_location = mbox:/RAID/home/%n/mail:INBOX=/RAID/home/%n/mail/inbox
(%n does not include the domain part, but it might be the same as %u).
Joseph Tam jtam.h...@gmail.com
your pop3 worker process if you need to verify the locking process.
Joseph Tam jtam.h...@gmail.com
mailboxes.
Joseph Tam jtam.h...@gmail.com
find that date.saved reflects the correct value.
Joseph Tam jtam.h...@gmail.com
group access, but
you'll have to investigate that yourself.
Joseph Tam t...@math.ubc.ca
, or take action if you spot a username/password combination that
merits instant blacklisting.
Joseph Tam jtam.h...@gmail.com
it into password synching script.
A bit of a hack, but it works without having to touch dovecot.
Joseph Tam jtam.h...@gmail.com
-d yourusername -m dummybox
# Dump mail into my INBOX using dovecot's LDA
:0 w
| dovecot-lda -d yourusername
Joseph Tam jtam.h...@gmail.com
the detection network. I get about a 60% hit on ssh BFD attacks.
I also found
http://openbl.org
but they distribute it as a downloadable file rather than as a DNSRBL.
Maybe I can introduce the latter to the former.
Joseph Tam jtam.h...@gmail.com
after the
snapshot.)
I'd take the suggestion of the previous poster: take snapshots, don't
worry, be happy. The small amount of inconsistencies is trivial compared
with quickly recovering a mail store after disaster.
Joseph Tam jtam.h...@gmail.com
for you, I suggest process tracing it.
Also, when does LMTP process messages? When sending mail via SMTP, or
when reading mail via IMAP? I would prefer to use LMTP rather than
LDA.
The former.
Joseph Tam jtam.h...@gmail.com
processes to do the real work.)
It doesn't stay as root; Dovecot's LMTP switches down to the user's uid
to perform delivery, including sieve scripts.
I stand corrected. This removes the other objection that the original
poster for running a peristent LMTP process.
Joseph Tam jtam.h...@gmail.com
your users. LMTP can theoretically be subverted, but at least won't
be as root. (I'm assuming LMTP stays as root, and not spawning off user
processes to do the real work.)
Joseph Tam jtam.h...@gmail.com
on your system (particularly the MTA)
requires access to your mail spool files by running as group=mail,
probably 2) is your best option.
Joseph Tam jtam.h...@gmail.com
SIS (single-instance storage or de-duping), it's more efficient
using LMTP since it knows all message bodies to multiple recipients will
be identical.
Joseph Tam jtam.h...@gmail.com
Looks like a mail client issue: you're not enabling STARTTLS on port 110.
Fiddle with the SSL configuration.
Joseph Tam jtam.h...@gmail.com
02:58:13
Jul 23 03:01:34 mailer postfix/anvil[9245]: statistics: max cache size 1
at Jul 23 02:58:13
Not a dovecot issue. In fact, neither was your previous problem, which
was a mail reader configuration problem.
Joseph Tam jtam.h...@gmail.com
, SMTP-AUTH, or all of them.
You can also integrate this with fail2ban so that not only can you use
it to block, but can also contribute to the global detection of brute
forcers.
Joseph Tam jtam.h...@gmail.com
/PostLoginScripting
Joseph Tam jtam.h...@gmail.com
? I think dovecot-lda
gets some information from them. Also, it's possible the PATH or some
other critical environment variables is different, causing the
difference in outcome.
Joseph Tam jtam.h...@gmail.com
of dovecot -n), and log entries
of the problem.
Joseph Tam jtam.h...@gmail.com
by denying a connection to a test host.
Joseph Tam jtam.h...@gmail.com
if
dovecot --build-options|grep storage
returns imapc.
Right you are.
Joseph Tam jtam.h...@gmail.com
failed:
Namespace '': Unknown mail storage driver imapc
dsync(localuser): Fatal: User init failed
Is exporting mail to a remote (non-dovecot) IMAP account even doable with
dsync, or
am I completely off-track?
Joseph Tam jtam.h...@gmail.com
output even though i am logged in to the server.
doveadm who ought to work. What does it return?
Joseph Tam jtam.h...@gmail.com
stdio.h
This worked for me.
Joseph Tam jtam.h...@gmail.com
input password if the were encrypting, rathher
than hashing. But the length of the hash is consant + encoded(salt) +
encoded (hash(password)), all of which ought to be fixed lengths.
Joseph Tam jtam.h...@gmail.com
Max Pyziur p...@brama.com wrote:
I've put in a test ip address in /etc/hosts.deny like so:
dovecot: 166.84.1.2
Maybe
imap: 166.84.1.2
imaps: 166.84.1.2
pop3: 166.84.1.2
pop3s: 166.84.1.2
Joseph Tam jtam.h...@gmail.com
://wiki2.dovecot.org/PostLoginScripting
Joseph Tam jtam.h...@gmail.com
manipulation by process tracing dovecot's
auth process read() syscalls and parsing out the user/password from the
second buffer argument. Quite a hack but it worked.
Joseph Tam jtam.h...@gmail.com
: this was to
prevent users from trying to peruse the entire file space e.g. /etc.
A poor man's chroot. I didn't test this thoroughly to see if it actually
did what it was supposed to.
Joseph Tam jtam.h...@gmail.com
On Mon, 11 Feb 2013, Joseph Tam wrote:
Timo Sirainen t...@iki.fi writes:
Any guess at what would cause this?
Feb 7 21:20:53 server dovecot: imap(user): Panic: file
mailbox-list-fs-iter.c: line 447 (fs_list_get_roots): assertion
failed: (full_fs_access)
LIST command that had
.
Joseph Tam jtam.h...@gmail.com
core, so that's
no help.
Joseph Tam jtam.h...@gmail.com
minutes).
Perfect. I added a link to this page to the parent Plugins page
Joseph Tam jtam.h...@gmail.com
, or is there a better way to do this?
Namescape configuration? Virtual plugin?
Joseph Tam jtam.h...@gmail.com
differinf uids. Any other hints?
If the UIDs are just headers, why don't you simply checksum without them:
sed -e '/^Whatever-header:/d' $file | md5sum
grep -Ev '^Whatever-header:' $file | md5sum
Joseph Tam jtam.h...@gmail.com
if you don't use, is a nice fallback for
exceptions or niche caches, no dbs, one mandatory text search method.
Joseph Tam jtam.h...@gmail.com
, flags_override_remove = 0,
no_userdb_lookup = 0}
storage = (struct mail_storage *) 0x39330
user_source = 0x13f30
destaddr_source = 0x13f30
process_euid = 0
stderr_rejection = false
ret = 1
c = -1
error = MAIL_ERROR_NONE
Joseph Tam t
.
Joseph Tam jtam.h...@gmail.com
for the other 5 sets of indices.
A 2-hour turnaround, of which an hour was spent packing up the index
files. Amazing. Thanks.
Joseph Tam jtam.h...@gmail.com
the outstanding bug
I reported!)
Joseph Tam jtam.h...@gmail.com
off the least recently used connection and their mail reader
reconnects if it needs to open that mailbox again.
Joseph Tam jtam.h...@gmail.com
MAIL_STORAGE_SERVICE_FLAG_ENABLE_CORE_DUMPS? How?).
Joseph Tam jtam.h...@gmail.com
--- ./src/lib-storage/mail-storage-service.c~ Sat May 19 08:42:12 2012
+++ ./src/lib-storage/mail-storage-service.cMon Jun 25 22:00:57 2012
@@ -615,21 +615,21 @@
- if ((user-flags MAIL_STORAGE_SERVICE_FLAG_TEMP_PRIV_DROP) != 0
(deduping). I don't
know if Dovecot takes advantage of this in any way though.
Joseph Tam jtam.h...@gmail.com
far off.
Joseph Tam jtam.h...@gmail.com
of code for a working skeleton. Or Google php change password htpasswd.
Joseph Tam jtam.h...@gmail.com
.
It's non-RFC compliant as one poster points out, so unless you got a
good reason to do this like lots of zombie pop3 processes, leave it alone.
Joseph Tam jtam.h...@gmail.com
using the dovecot's SASL feature to authenticate outgoing Email (i.e. via
Postfix?). Maybe you verify this hypothesis by checking the Postfix logs.
Joseph Tam jtam.h...@gmail.com
to
those mailboxes (as you will find out).
Joseph Tam jtam.h...@gmail.com
s_server -accept 993 ...
Joseph Tam jtam.h...@gmail.com
don't worry, be happy applies here. I find that
too many mistake mitigation features is counterproductive as users
habitually relying on them, rather than being careful. Extending your
grace period to a week will lessen the probability of this race condition.
Joseph Tam jtam.h...@gmail.com
was mapped to its IP.
You'll either have to add the @domain, or perhaps multi-home your host,
remap one of your domains to the new IP, and add another running instance
of dovecot to listen on that interface.
Joseph Tam jtam.h...@gmail.com
pass = yes
}
passdb {
driver = passwd-file
args = /anywhere/you/want/passwd
}
userdb {
driver = passwd-file
args = /anywhere/you/want/passwd
}
Joseph Tam jtam.h...@gmail.com
messages could also be helpful here.
Joseph Tam jtam.h...@gmail.com
http://dovecot.org/list/dovecot/2012-July/067423.html
may be of interest to the OP.
Joseph Tam jtam.h...@gmail.com
.
Joseph Tam jtam.h...@gmail.com
dovecot setup, using your old
configuration as a reference.
Joseph Tam jtam.h...@gmail.com
Hmm, are you sure these are dovecot locks? They look sort of like what
alpine would produce. Do your clients have direct filesystem access to
the INBOX spool?
Joseph Tam jtam.h...@gmail.com
=43
24 =13
Joseph Tam jtam.h...@gmail.com
a message?
Joseph Tam jtam.h...@gmail.com
)
at pop3-commands.c:889
Fixed: http://hg.dovecot.org/dovecot-2.1/rev/ea18b2ddb67b
Date: Sat, 7 Jul 2012 05:52:03 +0300
2 hours after I reported it; do you ever sleep?! Thanks.
Joseph Tam jtam.h...@gmail.com
pop3_uidl_duplicates changes in 2.1.7). I guess
this bug has crept in there.
Joseph Tam jtam.h...@gmail.com
. A password mismatch forces
a resync to your authentication system which will restore
the auth cache.
Joseph Tam jtam.h...@gmail.com
from {remote-hostname}[{remote-ip}]
Joseph Tam jtam.h...@gmail.com
Dovecot's SASL
authentication framework.
Joseph Tam jtam.h...@gmail.com
your privacy, turn off HTML rendering on your Email reader.
Joseph Tam jtam.h...@gmail.com
that's what I
did.
Joseph Tam jtam.h...@gmail.com
=dovecot, dsn=4.0.0, stat=Deferred: dovecot mailer
(/usr/local/libexec/dovecot/dovecot-lda) exited with EX_TEMPFAIL
Any logs for dovecot? Same sendmail configs as before or did you try the extra
flag I suggested?
Joseph Tam jtam.h...@gmail.com
think it's safe
to ignore them.
Joseph Tam jtam.h...@gmail.com
401 - 500 of 549 matches
Mail list logo
