Re: [Dovecot] IMAP IDLE goes to sleep
On Sun, 24 Jun 2007, Julian Cowley wrote: * OK Still here * OK Still here * OK Still here * OK Still here * OK Still here [The above message repeated another 30 times here. Finally, IDLE mode is terminated:] * OK Still here DONE * 7941 EXPUNGE A0017 OK Idle completed. I think I've found an additional data point on this problem. Every time I notice that there hasn't been update in some time, terminating IDLE mode always results in an EXPUNGE message. I don't know what is doing an expunge on a single message (and I'm not doing an expunge in any of my mail clients). I can only assume this might have something to do with Dovecot sieve addflag (this is just a guess), as all of the messages I've seen so far listed as being expunged instantly reappear with an explicit or implied EXISTS and have an IMAP flag on them. Hope this helps. [Please refer to my original message to see the entire protocol trace.] ps. I haven't tried a kernel that has inotify yet, but I'll try that next and/or turning off any addflag statements in .dovecot.sieve.
Re: [Dovecot] Server 1.0.1 migration: Maildir : UID inserted in the middle of mailbox [resolved]
Timo Sirainen a écrit : On Fri, 2007-06-22 at 00:28 +0200, damien chambe - EGS wrote: Our Dovecot server had to be changed due to a hardware problem I was forced to use SUSE SLES 10 for the new one, instead of SLES 9 on the old server. The kernel matters a lot with NFS. Some kernels are more broken than others. Attribute cache also matters. http://wiki.dovecot.org/NFS I store mails on NFS, and index on local disk. There's only one dovecot server, so no multiple access. So deliver is also run on the same server? If all of it is done on the same server, then pretty much the only thing you can change is the kernel or somehow try to work around its bugs. I can think of only this fix on Dovecot's side: http://dovecot.org/list/dovecot/2006-December/018145.html Hmm. Actually I just realized another reason that could cause these: Are the clocks on the NFS server and on your Dovecot machine synchronized? They must be less than 1 second apart at all times or you'll begin to see problems. I've tried to update kernel (SUSE SLES 10 is 2.6.16) but no change. But synchronizing NFS server and dovecot server with NTP did the trick. SUSE SLES9 NFS was more tolerant than SLES 10 with time sync... No more uid messages yesterday ! Thank you for your quick answer -- Cordialement, Damien Chambe EGS - Groupe Laurent 42 bld jules janin - BP 240 - 42006 Saint Etienne Cedex 1 Tel : 04 77 49 48 16 Fax : 04 77 49 48 45 Site institutionnel : http://www.groupe-laurent.com Site catalogue : http://ecat.groupe-laurent.com
[Dovecot] Dovecot and SUSE 10: inotify_init()
Hello all, Since my migration to SUSE SLES 10, I have a new error message : dovecot1 dovecot: IMAP([EMAIL PROTECTED]): inotify_init() failed: Too many open files It seems to occurs when thunderbird is idle, or when I click on sub folders I have a ulimit for open files a bit low, 1024 I have changed to 4096, but same error message. It has no visible consequences. I am on dovecot 1.0.1 I don't think it is related to dovecot config, any idea ? ulimit -a core file size (blocks, -c) 0 data seg size (kbytes, -d) unlimited file size (blocks, -f) unlimited pending signals (-i) 24573 max locked memory (kbytes, -l) 32 max memory size (kbytes, -m) unlimited open files (-n) 4096 pipe size(512 bytes, -p) 8 POSIX message queues (bytes, -q) 819200 stack size (kbytes, -s) 8192 cpu time (seconds, -t) unlimited max user processes (-u) 24573 virtual memory (kbytes, -v) unlimited file locks (-x) unlimited -- Cordialement, Damien Chambe EGS - Groupe Laurent 42 bld jules janin - BP 240 - 42006 Saint Etienne Cedex 1 Tel : 04 77 49 48 16 Fax : 04 77 49 48 45 Site institutionnel : http://www.groupe-laurent.com Site catalogue : http://ecat.groupe-laurent.com
Re: [Dovecot] IMAP IDLE goes to sleep
On Sun, 2007-06-24 at 23:16 -1000, Julian Cowley wrote: * 7941 EXISTS [At some point after this, something happens (or doesn't happen) and dovecot no longer notifies of new messages. The other client is still reading messages in the same mailbox and new mail is still arriving.] * OK Still here * OK Still here * OK Still here * OK Still here * OK Still here [The above message repeated another 30 times here. Finally, IDLE mode is terminated:] * OK Still here DONE * 7941 EXPUNGE A0017 OK Idle completed. This is most likely because of outlook-idle workaround (enabled by default). When you have been IDLEing for 29 minutes, Dovecot sends a fake EXISTS reply and when DONE command is given, it sends EXPUNGE for that fake EXISTS. I don't understand why you have so many OK Still here notifications there though. They're sent 2 minutes apart from each others, but between EXISTS/EXPUNGE there should be max. 1 minute. Wonder if there's a bug in timeout handling code.. signature.asc Description: This is a digitally signed message part
Re: [Dovecot] Can't see public folder contents after renaming folder
Robert Fraser, on 6/27/2007 12:34 AM, said the following: Hi We are using Thunderbird 2.0.0.x (Linux and Windows) with IMAP accounts against Dovecot 1.0.beta3 on Ubuntu 6.06 Dapper with Maildir. It is all working well except when we rename a folder in the public namespace, the person who renames it can no longer see the contents of the folder. If we rename it back to the original name , the person can see the contents again. If we delete the files in the index directory for that folder on the file system, the user can see the folder contents again. Can anyone tell me how to fix this? Upgrade? Beta3 is *very* old. So much has changed, it just doesn't make sense *not* to upgrade. Be sure to read the upgrade docs. -- Best regards, Charles
Re: [Dovecot] Server 1.0.1 migration: Maildir : UID inserted in the middle of mailbox [resolved]
On 6/27/07, damien chambe - EGS [EMAIL PROTECTED] wrote: Timo Sirainen a écrit : On Fri, 2007-06-22 at 00:28 +0200, damien chambe - EGS wrote: Our Dovecot server had to be changed due to a hardware problem I was forced to use SUSE SLES 10 for the new one, instead of SLES 9 on the old server. The kernel matters a lot with NFS. Some kernels are more broken than others. Attribute cache also matters. http://wiki.dovecot.org/NFS I store mails on NFS, and index on local disk. There's only one dovecot server, so no multiple access. So deliver is also run on the same server? If all of it is done on the same server, then pretty much the only thing you can change is the kernel or somehow try to work around its bugs. I can think of only this fix on Dovecot's side: http://dovecot.org/list/dovecot/2006-December/018145.html Hmm. Actually I just realized another reason that could cause these: Are the clocks on the NFS server and on your Dovecot machine synchronized? They must be less than 1 second apart at all times or you'll begin to see problems. I've tried to update kernel (SUSE SLES 10 is 2.6.16) but no change. But synchronizing NFS server and dovecot server with NTP did the trick. SUSE SLES9 NFS was more tolerant than SLES 10 with time sync... No more uid messages yesterday ! did you use the following on the NFS server : option no_subtree_check in /etc/exports I know that it solved some bugs when accessing files through mmap() on a NFS filesystem. -- DINH Viêt Hoà
Re: [Dovecot] Fatal: Login process must not run as root
Hello santhosh, santhosh, 11.06.2007 (d.m.y): How to create users in the dovecott ? Dovecot cannot administer a user list of its own. Instead, you can connect it to whatever user administration tool your system is using, e.g. LDAP, MySQL or plain passwd-like files. Gruss/Regards, Christian Schmidt -- You should emulate your heros, but don't carry it too far. Especially if they are dead.
Re: [Dovecot] IMAP IDLE goes to sleep
On Wed, 2007-06-27 at 14:46 +0300, Timo Sirainen wrote: I don't understand why you have so many OK Still here notifications there though. They're sent 2 minutes apart from each others, but between EXISTS/EXPUNGE there should be max. 1 minute. Wonder if there's a bug in timeout handling code.. Looks like the connection should have been disconnected. Fixed: http://hg.dovecot.org/dovecot-1.0/rev/111275296af5 signature.asc Description: This is a digitally signed message part
[Dovecot] LogicMail for Blackberry and Dovecot
FYI - I just had a great interaction with the developer of this software. LogicMail for Blackberry is a true IMAP/POP client for Blackberry, which wasn't working correctly with Dovecot's IMAP. I merely posted in the sourceforge forums and got a VERY fast response with a working fix. http://logicmail.sourceforge.net/ Unfortunately I'm not a Blackberry user, but I know IMAP clients are hard to find. So I can't comment on it's usability or features, but I thought I'd give it a little press for his quick response :) Rick
Re: [Dovecot] APOP and CRAM-MD5 in checkpassword module
On 6/25/07, John Peacock [EMAIL PROTECTED] wrote: Ben Schumacher wrote: I would like to see this, too. After digging through the code some, it seems that the major sticking point is that dovecot would prefer to do the CRAM-MD5 internally and therefore expects to have access to the password in plaintext and doesn't pass the timestamp on to checkpassword... There is no way to use CRAM-MD5 without having the password stored in plaintext locally; it is a design feature since the hash is calculated using a different server key every time. The problem is not that the passwords aren't stored locally in plaintext, it's that the mechanism for providing that information to dovecot is not there with checkpassword authentication. checkpassword expects to receive the 3 pieces of information it needs to perform this style of authentication -- username, hash and timestamp (or a challenge string -- which is generally a timestamp). This somewhat conflicts with dovecot's authentication system, which expects to have all the necessary authentication information internally and is not design (not willing?) to trust a checkpassword-style authentication mechanism to peform CRAM-MD5 authentication and therefore only offers PLAIN as an option to clients. Likely this change would require some tweaks to configuration as it would mean that dovecot would need to be configured to know which authentication mechanism the checkpassword system offered, but I still think it'd be a better situation than to simply not be able to use CRAM-MD5 if checkpassword is enabled. Cheers, Ben
Re: [Dovecot] LogicMail for Blackberry and Dovecot
Rick Romero wrote: Unfortunately I'm not a Blackberry user, but I know IMAP clients are hard to find. So I can't comment on it's usability or features, but I thought I'd give it a little press for his quick response :) I'm a LogicMail user and it's great, I second your interactions with Derek (ps: thanks for the Dovecot bug report :) ). Currently it's lacking a few abilities but it's got the basic reading/writing/replying down. Hopefully we'll bring it up to the level of ChatterMail and it's ilk and fill a huge gap in the BlackBerry world. -te PS: for the curious, Rick's thread: http://sourceforge.net/forum/forum.php?thread_id=1755262forum_id=589235 -- Troy Engel | Systems Engineer Fluid, Inc | http://www.fluid.com
Re: [Dovecot] Can't see public folder contents after renaming folder
Robert Fraser wrote: Hi We are using Thunderbird 2.0.0.x (Linux and Windows) with IMAP accounts against Dovecot 1.0.beta3 on Ubuntu 6.06 Dapper with Maildir. It is all working well except when we rename a folder in the public namespace, the person who renames it can no longer see the contents of the folder. If we rename it back to the original name , the person can see the contents again. If we delete the files in the index directory for that folder on the file system, the user can see the folder contents again. Can anyone tell me how to fix this? The public folder system didn't really start working properly until about beta9. You need to upgrade to get true public folders support. Mark
[Dovecot] User mapping via pam
Hi, I'm trying to change the PAM_USER within a pam module, and observed that dovecot 0.99 does not support this. I then looked at 1.x and found: src/auth/passdb-pam.c:232: /* FIXME: this doesn't actually work since we're in the child process.. */ status = pam_get_item(pamh, PAM_USER, (linux_const void **)item); if (status != PAM_SUCCESS) { *error = t_strdup_printf(pam_get_item() failed: %s, pam_strerror(pamh, status)); return status; } auth_request_set_field(request, user, item, NULL); however it appeared to me that the auth process was passing this username to the parent in its response. Is this issue resolved? I compiled and tested mapping the username sso to the user andrew: Jun 27 13:38:45 itsrv dovecot: auth-worker(default): pam(sso,10.x.x.x): lookup service=imap Jun 27 13:38:45 itsrv dovecot: auth(default): auth(sso,10.x.x.x): username changed sso - andrew Jun 27 13:38:45 itsrv dovecot: auth(default): client out: OK1 user=andrew Jun 27 13:50:57 itsrv dovecot: auth(default): master in: REQUEST 1 19761 1 Jun 27 13:50:57 itsrv dovecot: auth(default): passwd(andrew,10.x.x.x): lookup Jun 27 13:50:57 itsrv dovecot: auth(default): master out: USER 1 andrew system_user=andrew uid=1001gid=1001 home=/home/Andrew Also, is this behavior dependant on me setting blocking=yes for passdb pam in dovecot.conf? (for this test It was set) Thanks, Andrew Flannery
Re: [Dovecot] Dovecot and SUSE 10: inotify_init()
On Wed, 2007-06-27 at 12:46 +0200, damien chambe - EGS wrote: Hello all, Since my migration to SUSE SLES 10, I have a new error message : dovecot1 dovecot: IMAP([EMAIL PROTECTED]): inotify_init() failed: Too many open files % cat /proc/sys/fs/inotify/max_user_instances 128 Do you have more than 128 IMAP processes idling or is this limit lower in your system? Changing it anyway should help. signature.asc Description: This is a digitally signed message part
Re: [Dovecot] ?? Error: child 1064 (imap) killed with signal 4
On Tue, 2007-06-19 at 10:05 -0700, Benton Haynes wrote: So it's not dying at least at startup. Maybe an easier way would be to make the process dump core and gdb the core file. See http://dovecot.org/bugreport.html#coredumps I'm still not clear how one gets gdb to exec 'imap' WITH the config file. If imap process dies at startup, it's a bit difficult to gdb because you can't attach to it and as far as I know it's not possible to make gdb follow execs. I'll see if I can figure out from the wiki what the acl problem is. But, even if my acl usage is configured wrong, some sort of error other than the 'SIGILL' would be helpful. Well, you should be able to do: ACL=vfile:/etc/dovecot/acl_files MAIL_PLUGINS=acl MAIL=~/Maildir gdb /usr/local/libexec/dovecot/imap run bt signature.asc Description: This is a digitally signed message part
Re: [Dovecot] Leaky dovecot-auth ?
On Thu, 2007-06-21 at 16:49 +0900, Christian Balzer wrote: You could try http://dovecot.org/patches/debug/mempool-accounting.diff and send USR1 signal to dovecot-auth after a while. It logs how much memory is used by all existing memory pools. Each auth request has its own pool, so if it's really leaking them it's probably logging a lot of lines. If not, then the leak is elsewhere. I grabbed the Debian package source on a test machine (not gonna chance anything on the production servers), applied the patch, did add --enable-debug to the debian/rules file (and got the #define DEBUG in config.h), created the binary packages, installed, configured, started them, tested a few logins and... nothing gets logged in mail.* if I send a USR1 to dovecot-auth. Anything I'm missing? Bug, fixed: http://hg.dovecot.org/dovecot-1.0/rev/a098e94cd318 But no matter, it is clearly leaking just as bad as 0.99 and I venture that his is the largest installation with LDAP as authentication backend. I wonder if this leak would be avoided by having LDAP lookups performed by worker processes as with SQL. Then you'd only have multiple leaking worker processes. The same as 0.99. You could also kill -HUP dovecot when dovecot-auth is nearing the limit. That makes it a bit nicer, although not perfectly safe either (should fix this some day..). If that leak can't be found I would very much appreciate a solution that at least avoids failed and/or delayed logins. That would require that login processes don't fail logins if connection to dovecot-auth drops, but instead wait until they can connect back to it and try again. And maybe another alternative would be to just disconnect the client instead of giving login failure. signature.asc Description: This is a digitally signed message part
Re: [Dovecot] deliver errors
On Wed, 2007-06-27 at 23:25 +0300, Timo Sirainen wrote: On Thu, 2007-06-28 at 00:03 +0500, [EMAIL PROTECTED] wrote: Hi, I am using ver 1.0.1 and getting the following errors in mail.log and auth.log respectively. However I can login to imap Oh, didn't notice this. Jun 27 23:27:30 webmail dovecot-auth: (pam_unix) authentication failure; logname= uid=0 euid=0 tty=dovecot ruser= rhost=127.0.0.1 user=azher Then it means you're using two passdbs. PAM and something else. Remove PAM. You can easily check what passdbs you have with dovecot -n. signature.asc Description: This is a digitally signed message part
Re: [Dovecot] lda and mail_location
On Wed, 2007-06-20 at 00:18 -0700, Mark Edwards wrote: I have the following set in the main level of my dovecot.conf file: mail_location = maildir:/var/mail/virtual/%u I decided to enable the lda protocol for local delivery from postfix, so I could use sieve plugins. The lda protocol seems to ignore settings in the rest of the dovecot.conf file, however, such as the above. Unless lda has a pre-existing maildir mailbox, it can't create one. How do I give lda defaults to follow, if the above statement doesn't do it? Sounds like it's using a wrong config file. Try running explicitly with deliver -c /etc/dovecot/dovecot.conf Or set mail_debug=yes and check what it writes to logs. signature.asc Description: This is a digitally signed message part
Re: [Dovecot] LSUB/SUBSCRIBE under namespaces
On Mon, 2007-06-18 at 10:59 -0500, [EMAIL PROTECTED] wrote: Here's our situation: Migrating from UW-IMAP. Have lots (as in, tens of thousands) of clients set up using '~/mail' as the IMAP root, and using subscriptions. See if the attached patch fixes everything. I'll add it to v1.1. diff -r 7bb0916b17ec src/imap/cmd-list.c --- a/src/imap/cmd-list.c Wed Jun 27 23:23:06 2007 +0300 +++ b/src/imap/cmd-list.c Wed Jun 27 23:52:52 2007 +0300 @@ -252,6 +252,12 @@ list_namespace_init(struct client_comman cur_ref = ctx-ref; cur_mask = ctx-mask; + if (ctx-ns-hidden + (ctx-list_flags MAILBOX_LIST_SUBSCRIBED) != 0) { + /* ignore hidden namespaces */ + return; + } + if (*cur_ref != '\0' *cur_ns_prefix != '\0') { /* reference argument given. skip namespace prefix using it. diff -r 7bb0916b17ec src/imap/cmd-subscribe.c --- a/src/imap/cmd-subscribe.c Wed Jun 27 23:23:06 2007 +0300 +++ b/src/imap/cmd-subscribe.c Wed Jun 27 23:48:23 2007 +0300 @@ -2,9 +2,11 @@ #include common.h #include commands.h +#include namespace.h bool _cmd_subscribe_full(struct client_command_context *cmd, bool subscribe) { + struct namespace *ns; struct mail_storage *storage; const char *mailbox, *verify_name; @@ -13,20 +15,19 @@ bool _cmd_subscribe_full(struct client_c return FALSE; verify_name = mailbox; + ns = namespace_find_visible(cmd-client-namespaces, mailbox); + if (ns == NULL) { + client_send_tagline(cmd, NO Unknown namespace.); + return TRUE; + } + storage = ns-storage; + verify_name += strlen(ns-prefix); + if ((client_workarounds WORKAROUND_TB_EXTRA_MAILBOX_SEP) != 0 - *mailbox != '\0') { + *mailbox != '\0' mailbox[strlen(mailbox)-1] == + mail_storage_get_hierarchy_sep(storage)) { /* verify the validity without the trailing '/' */ - storage = client_find_storage(cmd, mailbox); - if (storage == NULL) - return TRUE; - - if (mailbox[strlen(mailbox)-1] == - mail_storage_get_hierarchy_sep(storage)) - verify_name = t_strndup(mailbox, strlen(mailbox)-1); - } else { - storage = client_find_storage(cmd, mailbox); - if (storage == NULL) - return TRUE; + verify_name = t_strndup(mailbox, strlen(mailbox)-1); } if (!client_verify_mailbox_name(cmd, verify_name, subscribe, FALSE)) signature.asc Description: This is a digitally signed message part
Re: [Dovecot] Can't see public folder contents after renaming folder
Thanks for the help on this. We are on Ubuntu Dapper server - and beta3 is what we get :-) We'll do a manual install of a later version. Cheers Rob
Re: [Dovecot] Can't see public folder contents after renaming folder
On Jun 27, 2007, at 2:46 PM, Robert Fraser wrote: Thanks for the help on this. We are on Ubuntu Dapper server - and beta3 is what we get :-) We'll do a manual install of a later version. Cheers Rob FYI, you can use prevu to manually backport a newer version, that's the easiest way. I'd suggest the one from gutsy. I'm using it on feisty and it works well. You'll have to install prevu manually, its not in the repository until feisty. Here's a link: https://wiki.ubuntu.com/Prevu Using prevu is better than manually installing, because your config should without modification when you upgrade, and its far easier than building from source. -- Mark Edwards
Re: [Dovecot] IMAP IDLE goes to sleep
On Wed, 27 Jun 2007, Timo Sirainen wrote: On Wed, 2007-06-27 at 14:46 +0300, Timo Sirainen wrote: I don't understand why you have so many OK Still here notifications there though. They're sent 2 minutes apart from each others, but between EXISTS/EXPUNGE there should be max. 1 minute. Wonder if there's a bug in timeout handling code.. Looks like the connection should have been disconnected. Fixed: http://hg.dovecot.org/dovecot-1.0/rev/111275296af5 Looks like this has fixed the problem. I've been connected using IDLE mode for most of the day here, and I haven't seen it get into a situation where it stops sending notifications. In addition, it does indeed disconnect after about 30 minutes -- something that I vaguely noticed it wasn't doing before. Now that I think about it, the original problem started happening after about 30 minutes into the session. Guess this makes sense as it is all related. Thanks very much for the fix!
Re: [Dovecot] deliver errors
Hi Timo, Thnx one of the error is gone due to duplicate passdbs, thnx. However following error is persistant. I restarted my sendmail, dovecot etc. changed the group permission as you mentioned. Jun 28 10:19:47 webmail sm-mta[19653]: l5S5Jl1Z019649: Warning: program /usr/local/libexec/dovecot/deliver unsafe: Group writable directory Jun 28 10:19:47 webmail sm-mta[19651]: l5S5Jl1Z019649: to=[EMAIL PROTECTED], ctladdr=[EMAIL PROTECTED] (2848/1258), delay=00:00:00, xdelay=00:00:00, mailer=local, pri=102492, dsn=2.0.0, stat=Sent Jun 28 10:20:18 webmail sm-mta[19710]: l5S5KHRa019710: from=[EMAIL PROTECTED], size=2521, class=0, nrcpts=1, msgid=[EMAIL PROTECTED], proto=ESMTP, daemon=MTA-v4, [EMAIL PROTECTED] [127.0.0.1] Jun 28 10:20:19 webmail sm-mta[19718]: l5S5KJhX019718: from=[EMAIL PROTECTED], size=882, class=0, nrcpts=1, msgid=[EMAIL PROTECTED], proto=SMTP, daemon=MTA-v4, relay=rwp44.pie.net.pk [202.125.157.194] (may be forged) Jun 28 10:20:19 webmail sm-mta[19720]: l5S5KJhX019718: Warning: program /usr/local/libexec/dovecot/deliver unsafe: Group writable directory Jun 28 10:20:19 webmail sm-mta[19719]: l5S5KJhX019718: to=azher, ctladdr=[EMAIL PROTECTED] (0/0), delay=00:00:00, xdelay=00:00:00, mailer=local, pri=31120, dsn=2.0.0, stat=Sent Plz suggest. Regards -Azher Timo Sirainen wrote: On Wed, 2007-06-27 at 23:25 +0300, Timo Sirainen wrote: On Thu, 2007-06-28 at 00:03 +0500, [EMAIL PROTECTED] wrote: Hi, I am using ver 1.0.1 and getting the following errors in mail.log and auth.log respectively. However I can login to imap Oh, didn't notice this. Jun 27 23:27:30 webmail dovecot-auth: (pam_unix) authentication failure; logname= uid=0 euid=0 tty=dovecot ruser= rhost=127.0.0.1 user=azher Then it means you're using two passdbs. PAM and something else. Remove PAM. You can easily check what passdbs you have with dovecot -n.