curious when certain patches might become part of a release
We ran in to this same problem others discussed in this thread: http://dovecot.org/list/dovecot/2014-November/098927.html and have also applied the patches (31262a892ba7 and 80ed82a93c1a) and it seems to have stopped the panics. We usually just use the FreeBSD ports tree to install software, so I'm looking forward to the time when we can go back to that. Will those patches be part of the next release? Benjamin
Missing amd64 on butobuild Server
Hello List, is there a Reason why the build server at http://xi.rename-it.nl/debian/ aren’t delivering amd64 since nearly an month? best regards dominik
It works for two SMTP servers and cyrus-imap, why not Dovecot?
Ok, the patch doesn't actually fix the bug. It appeared to do so in that after running the server with the patch applied client certificate validation succeeded, however, it appears this bug is actually intermittent as, even with the patched package, the server is now complaining that the client has not provided a valid SSL certificate. This is definitely not true as the certificates, and in general verification of the same client-side certificates work, even with the same Thunderbird client, with postfix, exim, and cyrus-imapd. In short dovecot has some bug that causes verification of certificates presented by the client to fail, however the bug is not easy to debug as sometimes config changes work, but later, running the same config, things fail again. There appears to be some sort of caching even across client and server restarts that is coming into play and confusing the issue. Anyone know of SSL caching issues with Window 8.1, particular Thunderbird on that platform? Also why is this bug only affecting dovecot? There is some strangeness going on here, and, from web searching for the same issue, it appears others have run into the same issue and had no success in resolving it, despite also doing everything according to documentation. With dovecot 2.2.9 from Ubuntu (i.e. not patched version): The relevant config bits from dovecot -n are: auth_mechanisms = login plain digest-md5 cram-md5 auth_ssl_require_client_cert = yes ssl = required ssl_ca = /path/to/ca.pem ssl_cert = /path/to/cert.pem ssl_key = /path/to/key.pem ssl_protocols = !SSLv2 !SSLv3 ssl_require_crl = no (yes or no makes no difference) ssl_verify_client_cert = yes Oddly this doesn't appear in dovecot -n, though set disable_plaintext_auth = yes Client fails whether configured for encrypted passwords or not Client fails whether using ssl = yes (imaps) on 993 or STARTTLS on 143 And yes I have followed the correct ordering of the CA followed by CRL (and tried without CRL as well). In addition I have tried CA + intermediate and CA + crl + intermediate + crl for startssl.com certificates as well as the above test with self-signed CA (root CA + crl or just root CA). I have also just confirmed (by connecting and sending mail on port 587 with STARTTLS and SSL required, with client certificate validation required by postfix) that using the same certificate, same client, same mail server, that SMTP AUTH + verification of client certificates succeeds. Since I've had the same client using the same certificates work with all three of postfix (SMTP), exim (SMTP), and cyrus-imapd (IMAP), there is not doubt that there is an issue with dovecot's handling of this scenario. I know I'm harping on this 'it works elsewhere' theme, but this bug has been ignored for ages because of the assumption that user is doing something wrong, and that is simply not the case, or if it is, dovecot is very, very bad at indicating what the actual problem is. Line-ending are *nix line endings. Anything else that you want to suggest along with how to make dovecot report what the actual problem is if there is some other magic formulae to invoke? If I've missed something it's by no means obvious or explained clearly anywhere. Regards, Daniel On 2015-02-11 2:33 AM, Daniel Dickinson wrote: Hi all, As I reported earlier (with a typo in the work [BUG]) client certification validation *does not* work even if you do everything exactly according to all documentation and attempts at helpful advice. I have seen this issue with both startssl.com and self-signed certificates, and based on what I've seen from searching the web, this is a problem that has gotten little attention because most people don't bother, but are more than willing to give out useless advice on how to make it work. Furthermore the issue does NOT occur with the cyrus-imap mail server, so it is definitely a server-side issue. The actual issue is that the code for calling OpenSSL that constructs the client certificate validation is in fact WRONG. I don't have a perfect patch as I was mostly interested in getting it working for my needs and didn't bother with constructing the list of CA names to send to the client, preferring to let OpenSSL handle all that sort of thing. What it comes down to is that the code, which probably worked at one point, was not correctly updated at some point and since then client side certificate validation has been BROKEN. I have patched against 2.2.9, however I have seen this problem in the versions in both Debian Wheezy and Debian Jessie as well. As you will see from the patch (which is an attachment as people tend to complain that patches get mangled when you inline them, and even if I have a good client I've gotten heck because the receiver didn't. Regards, Daniel signature.asc Description: OpenPGP digital signature
Re: How to Delete an user and Purge attachements with a common directory mail_attachment_dir with SIS for all users.
On 12.02.2015 12:00, TN wrote: Hello Alexander, Thank you for your answer, it is very helpfull for me. Just a little addon with your process to complet the deletion an user : # doveadm expunge -d -u johndoe mailbox '*' all # doveadm -v purge -u johndoe (this command force attachment deletion immediatly ) # rm -rf /var/mail/johndoe Thank you PS: Sorry to not reply to the dovecot list because i setup a digest for all answers. Hi, Many thanks for your reply. It's a *very important* addition actually. There is lack of documentation on SIS. So I have done some experimenting and found out that the command # doveadm purge -u johndoe *is mandatory*. Without this step attachements will stay in mail_attachment_dir forever. Man doveadm-purge(1) states doveadm-purge - Remove messages with refcount=0 from mdbox files, but actually it also removes attachments from mail_attachment_dir. -- Alexander
Enabling mod-sequences
Hi list! I have Dovecot 1.2.9 from Ubuntu repositories on my server. Now I installed Horde and it give me sometimes the error Mailbox does not support mod-sequences. Well, I must say, that I didn't know these mod-sequences, but I can' know all... Well, the question now is: how can I enable the support of the mod-sequences on the mailboxes of my Server? I searched in the Dovecot-Wiki, but I didn't found anything... Thanks a lot for your help Luca Bertoncello (lucab...@lucabert.de)
Re: Dovecot dsync not replicating .dovecot.sieve - .sieve/managesieve.sieve / setactive
Hello Claus,
I've installed dovecot-2.2.15-3.fc20.x86_64.rpm +
dovecot-pigeonhole-2.2.15-3.fc20.x86_64.rpm from Fedora guys and it
works like a charm.
Thank you!
Martin
Dňa 12.2.2015 18:20 Claus napísal(a):
Am 12.02.2015 um 15:47 schrieb Martin Štefany:
Hello,
I've ran into problem with Dovecot and dsync replication. Everything
works perfectly, including replication of sieve scripts, except fact
that if user activates the 'managesieve' ruleset (I'm using currently
Roundcubemail) on mail1 host, it wouldn't be activated on mail2
host, by creating symlink .dovecot.sieve -
.sieve/managesieve.sieve. I've also tried to use
'replication_full_sync_interval', but symlink is not created anyway.
I found 2 references already for this problem, but none came to any
conclusion:
http://dovecot.org/pipermail/dovecot/2014-June/096650.html
http://www.dovecot.org/list/dovecot/2014-September/097857.html
Here is the output from 'doveconf -n' from both hosts for reference ::
mail1 ::
# 2.2.10: /etc/dovecot/dovecot.conf
# OS: Linux 3.10.0-123.20.1.el7.x86_64 x86_64 CentOS Linux release
7.0.1406 (Core)
auth_cache_size = 5 M
auth_debug = yes
auth_default_realm = example.com
auth_gssapi_hostname = mail.example.com
auth_krb5_keytab = /etc/dovecot/dovecot.keytab
auth_mechanisms = plain gssapi
auth_realms = example.com
auth_verbose = yes
doveadm_password = secret
lmtp_save_to_detail_mailbox = yes
mail_debug = yes
mail_location = maildir:~/Maildir
mail_plugins = fts fts_lucene notify quota replication virtual zlib
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date ihave
namespace inbox {
inbox = yes
location =
mailbox All {
auto = create
special_use = \All
}
mailbox Archives {
auto = subscribe
special_use = \Archive
}
mailbox Drafts {
auto = subscribe
special_use = \Drafts
}
mailbox Junk {
auto = subscribe
special_use = \Junk
}
mailbox Sent {
auto = subscribe
special_use = \Sent
}
mailbox Templates {
auto = subscribe
}
mailbox Trash {
auto = subscribe
special_use = \Trash
}
prefix =
separator = /
type = private
}
passdb {
args = /etc/dovecot/dovecot-ldap-passdb.conf.ext
driver = ldap
}
plugin {
fts = lucene
fts_autoindex = yes
fts_lucene = whitespace_chars=@.
mail_replica = tcps:mail2.example.com:10993
quota = maildir:User quota
quota_rule = *:storage=4GB
quota_rule2 = Trash:storage=+50MB
sieve = ~/.dovecot.sieve
sieve_after = /srv/sieve/after.d/
sieve_before = /srv/sieve/before.d/
sieve_default = /srv/sieve/default.d/dovecot.sieve
sieve_dir = ~/.sieve
sieve_global_dir = /srv/sieve/
zlib_save = gz
zlib_save_level = 9
}
postmaster_address = postmas...@example.com
protocols = imap lmtp sieve
service aggregator {
fifo_listener replication-notify-fifo {
group = vmail
mode = 0660
user = vmail
}
unix_listener replication-notify {
group = vmail
mode = 0660
user = vmail
}
}
service auth {
unix_listener /var/spool/postfix/private/dovecot-auth {
group = postfix
mode = 0660
user = postfix
}
}
service doveadm {
inet_listener {
port = 10993
ssl = yes
}
}
service imap-login {
inet_listener imaps {
port = 0
}
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0660
user = postfix
}
}
service managesieve-login {
inet_listener sieve {
port = 4190
}
service_count = 1
}
service replicator {
process_min_avail = 1
unix_listener replicator-doveadm {
group = vmail
mode = 0660
user = vmail
}
}
ssl_ca = /etc/ipa/ca.crt
ssl_cert = /etc/pki/tls/certs/dovecot.pem
ssl_cipher_list =
EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA
ssl_client_ca_file = /etc/ipa/ca.crt
ssl_client_cert = /etc/pki/tls/certs/dovecot.pem
ssl_client_key = /etc/pki/tls/private/dovecot.key
ssl_key = /etc/pki/tls/private/dovecot.key
ssl_parameters_regenerate = 1 weeks
ssl_prefer_server_ciphers = yes
ssl_protocols = !SSLv2 !SSLv3
userdb {
args = /etc/dovecot/dovecot-ldap-userdb.conf.ext
driver = ldap
override_fields = gid=vmail home=/srv/vmail/example.com/%n
}
verbose_ssl = yes
protocol lmtp {
mail_plugins = fts fts_lucene notify quota replication virtual
zlib sieve
}
protocol imap {
mail_plugins = fts fts_lucene notify quota replication virtual
zlib imap_quota imap_zlib
}
mail2 ::
# 2.2.10: /etc/dovecot/dovecot.conf
# OS: Linux 3.10.0-123.20.1.el7.x86_64 x86_64 CentOS Linux release
7.0.1406 (Core)
auth_cache_size = 5 M
auth_debug = yes
auth_default_realm = example.com
Re: Processing Maildir contents on message-by-message basis
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 11 Feb 2015, Jeff Kletsky wrote: First off, if I wrangle and mangle the message files directly, do I have to worry about the indexes, or do the indexes magically repair themselves in cases where the messages are either altered (including headers) or removed? 1) Never ever modify a message on file system. 2) You can remove and add messages with no problem, the next time the mailbox is accessed, the indexes are repaired. 3) You can move messages to ../tmp (that would be a remove in the sense of the indexes), change the message there, modify the filename a bit, just to be sure, e.g. I add a counter after the hostname part: 1222364652.P11383Q0M620284.hostnamecounter,S=7215,W=7294:2, adjust S= and W=, and finally move the message back into '.../new' or '.../cur'. That way the message is seen as new one (add). If you do so and if you have more then 26 keywords in the mailbox, the 27th and up are lost, because they cannot be tagged on the filename itself. The indexes are repaired as well. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBVNxiDHz1H7kL/d9rAQI8UAf+MQgqCZlfEi6c1Fg/rqPtR+WUiszaHNjK kPZ7WDA2hbIgTncJNwRA+6Y4+qmKrSXj/bMhMLsMNlFPYeERw9plf8htYnIVVRgl sV09otLJ4fBZCeLJwB3DVtFHkh34KSQD2BaUZwV0wyAwrgk6sB9lGaEtTS1Ci3Pu RLSWl4yHuoN3uRuPTFwAoF5Iq3kG+EwxNY363HDdWqhqDHI7U+7Uj+LRWSi9jy/t D2S30jvZHEvO7SqjgYdVhKPhNy6lgh1HLuoTTEMK+H5pQk3NnLKTld+d1MdB36F3 O/NrrnJiymF1NZgKri+OCy1T6UPOczfSGt9NkZF04DwSQ3a22tzwKg== =etwA -END PGP SIGNATURE-
Re:Invalid password in passdb: Not a valid MD5-CRYPT or PLAIN-MD5 password
When using CRYPT to encrypt the password, you must put the following in dovecot-sql.conf.ext default_pass_scheme = CRYPT I hope this can help more people, in addition to leave you as I did my query: password_query = \ SELECT password \ FROM users WHERE login = '%u -- editor de sueños
Re: examples of shared shared-mailboxes.db
Hi,
that looks correct. I am not sure if this was necessary, but I touched
the file before starting Dovecot...
You also need to have the correct permissions set.
André
Am 13.02.2015 um 04:59 schrieb Kevin Laurie:
Hello,
I need help. i am trying to configure shared in boxes.
I need to create a dictionary for shared inbox.
how does 1 write shared-mailboxes.db dictionary?
any example for the syntax/config?
thanks
kevin
Below is part of the config i am trying to achieve:-
plugin {
acl_shared_dict = file:/var/lib/dovecot/db/shared-mailboxes.db
}
smime.p7s
Description: S/MIME Cryptographic Signature
examples of shared shared-mailboxes.db
Hello,
I need help. i am trying to configure shared in boxes.
I need to create a dictionary for shared inbox.
how does 1 write shared-mailboxes.db dictionary?
any example for the syntax/config?
thanks
kevin
Below is part of the config i am trying to achieve:-
plugin {
acl_shared_dict = file:/var/lib/dovecot/db/shared-mailboxes.db
}
Re: imap-login: Fatal: pipe() failed: Too many open files
It turns out, that this errors too many open files ... occurred because a) missing index ATTRIBUTE eq for username and password in slapd.conf as well as b) password attribute was not read properly by dovecot from LDAP - I had to remove it from my schema and instead use userPassword from objectclass: simpleSecurityObject This two changes made the too many open files ... errors disapear. BUT, I still have the problem of receiving all those dovecot: auth: Error: lines in my maillog. I know I could turn them off by reducing debug parameters - but why is it declared as error in the first place - even though user authentication is working fine? Thanks Best Regards, Leander Am 26.01.15 um 12:16 schrieb Leander Schäfer: I also keep on getting funny errors of dovecot EVEN THOUGH I authenticated successfully through SMTP (Dovecto SASL) ?!?! Just for debugging this entire issue I set those parameters: debug_level = -1 auth_verbose = yes auth_verbose_passwords = yes auth_debug = yes auth_debug_passwords = yes mail_debug = yes verbose_ssl = yes cat /var/loca/maillog Jan 26 12:08:22 WM-01 postfix/postfix-script[97931]: starting the Postfix mail system Jan 26 12:08:22 WM-01 postfix/master[97933]: daemon started -- version 1.0, configuration /usr/local/etc/postfix Jan 26 12:08:22 WM-01 dovecot: master: Dovecot v2.2.15 starting up for imap, pop3, lmtp Jan 26 12:08:59 WM-01 postfix/smtpd[99014]: connect from localhost[127.0.0.1] Jan 26 12:08:59 WM-01 dovecot: auth: Error: ldap_extended_operation_s Jan 26 12:08:59 WM-01 dovecot: auth: Error: ldap_extended_operation Jan 26 12:08:59 WM-01 dovecot: auth: Error: ldap_send_initial_request Jan 26 12:08:59 WM-01 dovecot: auth: Error: ldap_new_connection 1 1 0 Jan 26 12:08:59 WM-01 dovecot: auth: Error: ldap_int_open_connection Jan 26 12:08:59 WM-01 dovecot: auth: Error: ldap_connect_to_host: TCP 127.0.0.1:389 Jan 26 12:08:59 WM-01 dovecot: auth: Error: ldap_new_socket: 32 Jan 26 12:08:59 WM-01 dovecot: auth: Error: ldap_prepare_socket: 32 Jan 26 12:08:59 WM-01 dovecot: auth: Error: ldap_connect_to_host: Trying 127.0.0.1:389 Jan 26 12:08:59 WM-01 dovecot: auth: Error: ldap_pvt_connect: fd: 32 tm: -1 async: 0 Jan 26 12:08:59 WM-01 dovecot: auth: Error: attempting to connect: Jan 26 12:08:59 WM-01 dovecot: auth: Error: connect success Jan 26 12:08:59 WM-01 dovecot: auth: Error: ldap_open_defconn: successful Jan 26 12:08:59 WM-01 dovecot: auth: Error: ldap_send_server_request Jan 26 12:08:59 WM-01 dovecot: auth: Error: ldap_result ld 0x1245e100 msgid 1 Jan 26 12:08:59 WM-01 dovecot: auth: Error: wait4msg ld 0x1245e100 msgid 1 (infinite timeout) Jan 26 12:08:59 WM-01 dovecot: auth: Error: wait4msg continue ld 0x1245e100 msgid 1 all 1 Jan 26 12:08:59 WM-01 dovecot: auth: Error: ** ld 0x1245e100 Connections: Jan 26 12:08:59 WM-01 dovecot: auth: Error: * host: 127.0.0.1 port: 389 (default) Jan 26 12:08:59 WM-01 dovecot: auth: Error: refcnt: 2 status: Connected Jan 26 12:08:59 WM-01 dovecot: auth: Error: last used: Mon Jan 26 12:08:59 2015 Jan 26 12:08:59 WM-01 dovecot: auth: Error: Jan 26 12:08:59 WM-01 dovecot: auth: Error: Jan 26 12:08:59 WM-01 dovecot: auth: Error: ** ld 0x1245e100 Outstanding Requests: Jan 26 12:08:59 WM-01 dovecot: auth: Error: * msgid 1, origid 1, status InProgress Jan 26 12:08:59 WM-01 dovecot: auth: Error:outstanding referrals 0, parent count 0 Jan 26 12:08:59 WM-01 dovecot: auth: Error: ld 0x1245e100 request count 1 (abandoned 0) Jan 26 12:08:59 WM-01 dovecot: auth: Error: ** ld 0x1245e100 Response Queue: Jan 26 12:08:59 WM-01 dovecot: auth: Error:Empty Jan 26 12:08:59 WM-01 dovecot: auth: Error: ld 0x1245e100 response count 0 Jan 26 12:08:59 WM-01 dovecot: auth: Error: ldap_chkResponseList ld 0x1245e100 msgid 1 all 1 Jan 26 12:08:59 WM-01 dovecot: auth: Error: ldap_chkResponseList returns ld 0x1245e100 NULL Jan 26 12:08:59 WM-01 dovecot: auth: Error: ldap_int_select Jan 26 12:08:59 WM-01 dovecot: auth: Error: read1msg: ld 0x1245e100 msgid 1 all 1 Jan 26 12:08:59 WM-01 dovecot: auth: Error: read1msg: ld 0x1245e100 msgid 1 message type extended-result Jan 26 12:08:59 WM-01 dovecot: auth: Error: read1msg: ld 0x1245e100 0 new referrals Jan 26 12:08:59 WM-01 dovecot: auth: Error: read1msg: mark request completed, ld 0x1245e100 msgid 1 Jan 26 12:08:59 WM-01 dovecot: auth: Error: request done: ld 0x1245e100 msgid 1 Jan 26 12:08:59 WM-01 dovecot: auth: Error: res_errno: 0, res_error: , res_matched: Jan 26 12:08:59 WM-01 dovecot: auth: Error: ldap_free_request (origid 1, msgid 1) Jan 26 12:08:59 WM-01 dovecot: auth: Error: ldap_parse_extended_result Jan 26 12:08:59 WM-01 dovecot: auth: Error: ldap_parse_result Jan 26 12:08:59 WM-01 dovecot: auth: Error: ldap_msgfree Jan 26 12:08:59 WM-01 dovecot: auth: Error: TLS trace: SSL_connect:before/connect initialization Jan 26 12:08:59 WM-01 dovecot: auth: Error: TLS trace: SSL_connect:SSLv2/v3 write client hello A Jan 26 12:08:59 WM-01 dovecot:
Howto NTML
Has anyone gotten NTLM working with Dovecot and Outlook? I have a Samba4 domain controller / active directory running just fine on Linux Slackware64 14.1. PLAIN authenticiation works just fine if I create /etc/passwd accounts for the domain users. I've tried for over two weeks to get NTLM working from Outlook 2007 on a domain workstation without success. I end up with various permission errors and ultimately procmail won't deliver if I adjust mailbox folder permissions too liberally. Also it seems I have to log in each time in Outlook. If someone has made this work, I'd be very interesting in seeing the doveconf -n output, the permissions on the mailbox directories, the nsswitch.conf, and anything else you had to tweak to get this working. I'd really love to have AD authentication working on this setup! --Mark
Re: Enabling mod-sequences
Quoting Luca Bertoncello lucab...@lucabert.de: I have Dovecot 1.2.9 from Ubuntu repositories on my server. Now I installed Horde and it give me sometimes the error Mailbox does not support mod-sequences. This would happen if trying to do obtain MODSEQ on a mailbox that has mod-sequences disabled. That error should be caught and not be user-visible (I recall fixing something like that a while back, but in any case that's a topic for the Horde/IMP lists, not here). Well, I must say, that I didn't know these mod-sequences, but I can' know all... Well, the question now is: how can I enable the support of the mod-sequences on the mailboxes of my Server? You probably do have mod-sequences available in general. But for whatever reason a particular mailbox doesn't support it. This can be do to a variety of reasons (e.g read-only access to underlying data storage). michael
Re: curious when certain patches might become part of a release
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 12 Feb 2015, Benjamin Connelly wrote: We ran in to this same problem others discussed in this thread: http://dovecot.org/list/dovecot/2014-November/098927.html and have also applied the patches (31262a892ba7 and 80ed82a93c1a) and it seems to have stopped the panics. We usually just use the FreeBSD ports tree to install software, so I'm looking forward to the time when we can go back to that. Will those patches be part of the next release? you have to ask this question the FreeBSD maintainer of the Dovecot package. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBVN2mPnz1H7kL/d9rAQINMgf/Wq77+rLBCt9MbLwpItAga1aJH20hmaW+ 15+82sQ4/wGAR81RARiFR1hftz29Rdc/p4ZtOvNg2uE9VWpKUnRg/5DJA/ey3n26 Ns1mt7Qfn4V+ed1S7YYkJp4+MMqEDt+lMdCpau7koabU55S+thqUdsGBXBEGQgYe ElWnnb4p9TJEM5c2zRrI0D3M0yAXxCaG8qfPPYVc3vKXQq7siss42w/MBstmbBgY N48N18vqYNuSRdwjXlKzV1wSzodTEtnTsUTmMbngxl//kmyyyNhv5+xVh/EGj5IE jsFbrw0vZhg/vdAPZQUeeBRrdnid5BgVp4Pfdxs5SyhMbCZUkQzsKA== =2qFL -END PGP SIGNATURE-
Re: examples of shared shared-mailboxes.db
Dear Andre,
Thanks for yr reply.
What do i include in the file shared-mailboxes.db ?
As in the input. Is it really plain text ?
So for example i write into the file shared-mailbox.db :-
sha...@domain.net
shar...@domain.net etc...
Is it like that or what kind of syntax needs to be used?
On Fri, Feb 13, 2015 at 12:45 PM, André Peters andre.pet...@debinux.de
wrote:
Hi,
that looks correct. I am not sure if this was necessary, but I touched
the file before starting Dovecot...
You also need to have the correct permissions set.
André
Am 13.02.2015 um 04:59 schrieb Kevin Laurie:
Hello,
I need help. i am trying to configure shared in boxes.
I need to create a dictionary for shared inbox.
how does 1 write shared-mailboxes.db dictionary?
any example for the syntax/config?
thanks
kevin
Below is part of the config i am trying to achieve:-
plugin {
acl_shared_dict = file:/var/lib/dovecot/db/shared-mailboxes.db
}
Re: Indexing Mail faster
Hi Micheal, Here is how it should look:- ~# telnet localhost imap Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. . login u...@domain.net password . OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS SPECIAL-USE BINARY MOVE SEARCH=FUZZY QUOTA] Logged in . select inbox * FLAGS (\Answered \Flagged \Deleted \Seen \Draft $Forwarded) * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft $Forwarded \*)] Flags permitted. * 49319 EXISTS * 12 RECENT * OK [UNSEEN 46791] First unseen. * OK [UIDVALIDITY 1414214135] UIDs valid * OK [UIDNEXT 106554] Predicted next UID * OK [NOMODSEQ] No permanent modsequences . OK [READ-WRITE] Select completed (0.128 secs). . search text hello * OK Searched 6% of the mailbox, ETA 2:34 Finally at the end you logout by . logout On Thu, Jan 29, 2015 at 4:39 PM, Kevin Laurie superinterstel...@gmail.com wrote: Dear Michael, You will need to telnet locally to imap. So run the following commands in your server 1. telnet localhost imap 2. . login em...@domain.com password 3. . select inbox 4. . search text passport (This command here will search your inbox and give you the time needed) 5. . logout Notice the period(.) You need to use it . Hope this is clear. Regards Kevin On Thu, Jan 29, 2015 at 4:32 PM, M. Koehler michael.koeh...@makomi.de wrote: Hi Kevin, I want to test it with my dovecot but I don´t know how to measure it. Could you please provide my the configuration/terminal commands to get an reliable output? I just have mailboxes up to 4GB in VM on a proxmox server (Debian Wheezy at the moment). regards, Michael Am 29.01.2015 um 06:29 schrieb Kevin Laurie superinterstel...@gmail.com: Dear Peter, Noted. Thanks for your input. Appreciate it. At this point my urgent most priority is to get FTS. Waiting 3 mins for a body search email is bad(but of course my email box is large) I need to have this sorted out by today as I have been putting this off for too long mostly because of lack of troubleshooting documentation online(if i do figure this out will create some for guidance) Regards Kevin On Thu, Jan 29, 2015 at 1:18 PM, Peter Hodur peteho...@gmail.com wrote: On Thursday, January 29, 2015, Kevin Laurie superinterstel...@gmail.com wrote: Dear Peter, Oh. Sorry(didnt know you were addressing someone else) my apologies. But as you can see , I am desperately trying to address this issue. No problem ;))) i wrote because my search result is good but not so good as someone wrote here couple of days ago. I have 1 disk with 200GB running on a VPS. The file system is ext4. Im not dovecot expert, but i think this is your problem. You need more iops. If you need performance, VPS may be (if connected to fast SAN) but basicly is not a good choice. I think I will need to implement FTS to fix this as I will need body searches. FTS could be a solution. You are right. Have you tried FTS before? Im sorry, never :( But may be someone more skilled than me could answer the main question, how much dovecot index helps in case imap search agains body. Im not sure, but my opinion is that it helps little (may be not at all) Ps: may be you use it, but do not forget to setup delivering from mail server via LDA or LMTP instead of direct to maildirs. This is better because dovecot updates your indexes at the time of message arrival. Later accesses should be faster. Peter Regards Kevin On Thu, Jan 29, 2015 at 12:55 PM, Peter Hodur peteho...@gmail.com wrote: Kevin, My message was not addressed to you ;) because my results are NOT so good as someone wrote it here. I can fulltext cca 8k messages in 7-8 seconds. Someone wrote that he has results cca 22k messages in 4 seconds :( Im not sure, but the answer is may be in the index and disk subsystem. If and only if dovecot index does not have saved in the index keywords from BODY of messages the problem is your/my disk subsystem. Generally, messages from mailing list like this are pretty small. The problem is that dovecot must read all messages. If you have maildir its mean open and read many files. But my test search was agains archive of my personal inbox - so not onoy small messages like this but also messages with big attachments etc. If dovecot index only headers, than it in case of full text search read whole messages - mime parts allows that plain text body can be after attachment etc. And here is it all about iops and throughput. How many disks you have? And what setup? Generally, the only good setup is many smaller disks
Dovecot dsync not replicating .dovecot.sieve - .sieve/managesieve.sieve / setactive
Hello,
I've ran into problem with Dovecot and dsync replication. Everything
works perfectly, including replication of sieve scripts, except fact
that if user activates the 'managesieve' ruleset (I'm using currently
Roundcubemail) on mail1 host, it wouldn't be activated on mail2
host, by creating symlink .dovecot.sieve - .sieve/managesieve.sieve.
I've also tried to use 'replication_full_sync_interval', but symlink is
not created anyway.
I found 2 references already for this problem, but none came to any
conclusion:
http://dovecot.org/pipermail/dovecot/2014-June/096650.html
http://www.dovecot.org/list/dovecot/2014-September/097857.html
Here is the output from 'doveconf -n' from both hosts for reference ::
mail1 ::
# 2.2.10: /etc/dovecot/dovecot.conf
# OS: Linux 3.10.0-123.20.1.el7.x86_64 x86_64 CentOS Linux release
7.0.1406 (Core)
auth_cache_size = 5 M
auth_debug = yes
auth_default_realm = example.com
auth_gssapi_hostname = mail.example.com
auth_krb5_keytab = /etc/dovecot/dovecot.keytab
auth_mechanisms = plain gssapi
auth_realms = example.com
auth_verbose = yes
doveadm_password = secret
lmtp_save_to_detail_mailbox = yes
mail_debug = yes
mail_location = maildir:~/Maildir
mail_plugins = fts fts_lucene notify quota replication virtual zlib
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date ihave
namespace inbox {
inbox = yes
location =
mailbox All {
auto = create
special_use = \All
}
mailbox Archives {
auto = subscribe
special_use = \Archive
}
mailbox Drafts {
auto = subscribe
special_use = \Drafts
}
mailbox Junk {
auto = subscribe
special_use = \Junk
}
mailbox Sent {
auto = subscribe
special_use = \Sent
}
mailbox Templates {
auto = subscribe
}
mailbox Trash {
auto = subscribe
special_use = \Trash
}
prefix =
separator = /
type = private
}
passdb {
args = /etc/dovecot/dovecot-ldap-passdb.conf.ext
driver = ldap
}
plugin {
fts = lucene
fts_autoindex = yes
fts_lucene = whitespace_chars=@.
mail_replica = tcps:mail2.example.com:10993
quota = maildir:User quota
quota_rule = *:storage=4GB
quota_rule2 = Trash:storage=+50MB
sieve = ~/.dovecot.sieve
sieve_after = /srv/sieve/after.d/
sieve_before = /srv/sieve/before.d/
sieve_default = /srv/sieve/default.d/dovecot.sieve
sieve_dir = ~/.sieve
sieve_global_dir = /srv/sieve/
zlib_save = gz
zlib_save_level = 9
}
postmaster_address = postmas...@example.com
protocols = imap lmtp sieve
service aggregator {
fifo_listener replication-notify-fifo {
group = vmail
mode = 0660
user = vmail
}
unix_listener replication-notify {
group = vmail
mode = 0660
user = vmail
}
}
service auth {
unix_listener /var/spool/postfix/private/dovecot-auth {
group = postfix
mode = 0660
user = postfix
}
}
service doveadm {
inet_listener {
port = 10993
ssl = yes
}
}
service imap-login {
inet_listener imaps {
port = 0
}
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0660
user = postfix
}
}
service managesieve-login {
inet_listener sieve {
port = 4190
}
service_count = 1
}
service replicator {
process_min_avail = 1
unix_listener replicator-doveadm {
group = vmail
mode = 0660
user = vmail
}
}
ssl_ca = /etc/ipa/ca.crt
ssl_cert = /etc/pki/tls/certs/dovecot.pem
ssl_cipher_list =
EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA
ssl_client_ca_file = /etc/ipa/ca.crt
ssl_client_cert = /etc/pki/tls/certs/dovecot.pem
ssl_client_key = /etc/pki/tls/private/dovecot.key
ssl_key = /etc/pki/tls/private/dovecot.key
ssl_parameters_regenerate = 1 weeks
ssl_prefer_server_ciphers = yes
ssl_protocols = !SSLv2 !SSLv3
userdb {
args = /etc/dovecot/dovecot-ldap-userdb.conf.ext
driver = ldap
override_fields = gid=vmail home=/srv/vmail/example.com/%n
}
verbose_ssl = yes
protocol lmtp {
mail_plugins = fts fts_lucene notify quota replication virtual zlib
sieve
}
protocol imap {
mail_plugins = fts fts_lucene notify quota replication virtual zlib
imap_quota imap_zlib
}
mail2 ::
# 2.2.10: /etc/dovecot/dovecot.conf
# OS: Linux 3.10.0-123.20.1.el7.x86_64 x86_64 CentOS Linux release
7.0.1406 (Core)
auth_cache_size = 5 M
auth_debug = yes
auth_default_realm = example.com
auth_gssapi_hostname = mail.example.com
auth_krb5_keytab = /etc/dovecot/dovecot.keytab
auth_mechanisms = plain gssapi
auth_realms = example.com
auth_verbose = yes
doveadm_password = secret
lmtp_save_to_detail_mailbox = yes
mail_debug = yes
mail_location =
Re: Controlling inactivity timeout for IMAP
I was following this in hope someone would answer.
As a workaround I recommend to set up a POP3 connection with a low
polling interval (besides using a TCP Proxy...).
André
Am 07.02.2015 um 07:15 schrieb Joseph Tam:
I have a problem with a user who uses a wireless carrier that keeps
changing his IP as he travels throughout the city. From the perspective
of our dovecot IMAP server, the user keeps logging in from another IP,
and after a short while, hits up against the mail_max_userip_connections
limit. It takes 30 minutes before those orphaned connections times out.
Is there any way to decrease the IMAP idle timeout other than to
recompile dovecot with a new value?
imap-common.h:#define CLIENT_IDLE_TIMEOUT_MSECS (60*30*1000)
For example, will this work?
service imap {
idle_kill = 600
}
Joseph Tam jtam.h...@gmail.com
smime.p7s
Description: S/MIME Cryptographic Signature
Re: Missing amd64 on butobuild Server
Dominik Breu schreef op 12-2-2015 om 12:57: Hello List, is there a Reason why the build server at http://xi.rename-it.nl/debian/ aren’t delivering amd64 since nearly an month? Xi is broken at the moment. I hope to fix it today. Regards, Stephan.
[Patch] Allow for more than one recipient_delimiter (a la postfix 2.11)
Hey everyone,
as my previous emails apparently got stuck in a spam filter I'll try this again.
The patches attached here allow for more than one recipient delimiter in the
address.
Which is allowed in postfix since version 2.11.
E.g. lhw+post...@ring0.de would be equal to lhw-post...@ring0.de if configured
that way.
Same as postfix only the first discovered delimiter is taken into account and
the priority
is first to last in the list.
Lennart
diff -r d7defdcfe039 src/lmtp/commands.c
--- a/src/lmtp/commands.c Thu Feb 05 19:40:25 2015 +0200
+++ b/src/lmtp/commands.c Fri Feb 06 01:23:51 2015 +0100
@@ -281,11 +281,11 @@
}
static const char *
-address_add_detail(struct client *client, const char *username,
+address_add_detail(const char *username, const char delim_c,
const char *detail)
{
- const char *delim = client-unexpanded_lda_set-recipient_delimiter;
const char *domain;
+ const char delim[] = {delim_c, '\0'};
domain = strchr(username, '@');
if (domain == NULL)
@@ -297,7 +297,7 @@
}
static bool client_proxy_rcpt(struct client *client, const char *address,
- const char *username, const char *detail,
+ const char *username, const char delim, const char *detail,
const struct lmtp_recipient_params *params)
{
struct auth_master_connection *auth_conn;
@@ -352,7 +352,7 @@
if (*detail == '\0')
address = username;
else
- address = address_add_detail(client, username, detail);
+ address = address_add_detail(username, delim, detail);
} else if (client_proxy_is_ourself(client, set)) {
i_error(Proxying to %s loops to itself, username);
client_send_line(client, 554 5.4.6 %s
@@ -440,9 +440,11 @@
}
static void rcpt_address_parse(struct client *client, const char *address,
- const char **username_r, const char **detail_r)
+ const char **username_r, char *delim_r,
+ const char **detail_r)
{
const char *p, *domain;
+ size_t idx;
*username_r = address;
*detail_r = ;
@@ -451,8 +453,12 @@
return;
domain = strchr(address, '@');
- p = strstr(address, client-unexpanded_lda_set-recipient_delimiter);
+ /* first character that matches the recipient_delimiter */
+ idx = strcspn(address, client-unexpanded_lda_set-recipient_delimiter);
+ p = address[idx] != '\0' ? address + idx : NULL;
+
if (p != NULL (domain == NULL || p domain)) {
+ *delim_r = *p;
/* user+detail@domain */
*username_r = t_strdup_until(*username_r, p);
if (domain == NULL)
@@ -570,6 +576,7 @@
const char *params, *address, *username, *detail, *prefix;
const char *const *argv;
const char *error = NULL;
+ char delim = '\0';
int ret = 0;
if (client-state.mail_from == NULL) {
@@ -595,13 +602,13 @@
return 0;
}
}
- rcpt_address_parse(client, address, username, detail);
+ rcpt_address_parse(client, address, username, delim, detail);
client_state_set(client, RCPT TO, address);
if (client-lmtp_set-lmtp_proxy) {
- if (client_proxy_rcpt(client, address, username, detail,
- rcpt.params))
+ if (client_proxy_rcpt(client, address, username, delim,
+ detail, rcpt.params))
return 0;
}
diff -r cd8194a2469e src/lib-sieve/plugins/subaddress/ext-subaddress.c
--- a/src/lib-sieve/plugins/subaddress/ext-subaddress.c Fri Jan 16 18:25:51 2015 +0100
+++ b/src/lib-sieve/plugins/subaddress/ext-subaddress.c Fri Jan 30 12:37:34 2015 +0100
@@ -142,8 +142,10 @@
struct ext_subaddress_config *config =
(struct ext_subaddress_config *) addrp-object.ext-context;
const char *delim;
+ size_t idx;
- delim = strstr(address-local_part, config-delimiter);
+ idx = strcspn(address-local_part, config-delimiter);
+ delim = address-local_part[idx] != '\0' ? address-local_part + idx : NULL;
if ( delim == NULL ) return address-local_part;
Re: Dovecot dsync not replicating .dovecot.sieve - .sieve/managesieve.sieve / setactive
Am 12.02.2015 um 15:47 schrieb Martin Štefany:
Hello,
I've ran into problem with Dovecot and dsync replication. Everything
works perfectly, including replication of sieve scripts, except fact
that if user activates the 'managesieve' ruleset (I'm using currently
Roundcubemail) on mail1 host, it wouldn't be activated on mail2
host, by creating symlink .dovecot.sieve -
.sieve/managesieve.sieve. I've also tried to use
'replication_full_sync_interval', but symlink is not created anyway.
I found 2 references already for this problem, but none came to any
conclusion:
http://dovecot.org/pipermail/dovecot/2014-June/096650.html
http://www.dovecot.org/list/dovecot/2014-September/097857.html
Here is the output from 'doveconf -n' from both hosts for reference ::
mail1 ::
# 2.2.10: /etc/dovecot/dovecot.conf
# OS: Linux 3.10.0-123.20.1.el7.x86_64 x86_64 CentOS Linux release
7.0.1406 (Core)
auth_cache_size = 5 M
auth_debug = yes
auth_default_realm = example.com
auth_gssapi_hostname = mail.example.com
auth_krb5_keytab = /etc/dovecot/dovecot.keytab
auth_mechanisms = plain gssapi
auth_realms = example.com
auth_verbose = yes
doveadm_password = secret
lmtp_save_to_detail_mailbox = yes
mail_debug = yes
mail_location = maildir:~/Maildir
mail_plugins = fts fts_lucene notify quota replication virtual zlib
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date ihave
namespace inbox {
inbox = yes
location =
mailbox All {
auto = create
special_use = \All
}
mailbox Archives {
auto = subscribe
special_use = \Archive
}
mailbox Drafts {
auto = subscribe
special_use = \Drafts
}
mailbox Junk {
auto = subscribe
special_use = \Junk
}
mailbox Sent {
auto = subscribe
special_use = \Sent
}
mailbox Templates {
auto = subscribe
}
mailbox Trash {
auto = subscribe
special_use = \Trash
}
prefix =
separator = /
type = private
}
passdb {
args = /etc/dovecot/dovecot-ldap-passdb.conf.ext
driver = ldap
}
plugin {
fts = lucene
fts_autoindex = yes
fts_lucene = whitespace_chars=@.
mail_replica = tcps:mail2.example.com:10993
quota = maildir:User quota
quota_rule = *:storage=4GB
quota_rule2 = Trash:storage=+50MB
sieve = ~/.dovecot.sieve
sieve_after = /srv/sieve/after.d/
sieve_before = /srv/sieve/before.d/
sieve_default = /srv/sieve/default.d/dovecot.sieve
sieve_dir = ~/.sieve
sieve_global_dir = /srv/sieve/
zlib_save = gz
zlib_save_level = 9
}
postmaster_address = postmas...@example.com
protocols = imap lmtp sieve
service aggregator {
fifo_listener replication-notify-fifo {
group = vmail
mode = 0660
user = vmail
}
unix_listener replication-notify {
group = vmail
mode = 0660
user = vmail
}
}
service auth {
unix_listener /var/spool/postfix/private/dovecot-auth {
group = postfix
mode = 0660
user = postfix
}
}
service doveadm {
inet_listener {
port = 10993
ssl = yes
}
}
service imap-login {
inet_listener imaps {
port = 0
}
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0660
user = postfix
}
}
service managesieve-login {
inet_listener sieve {
port = 4190
}
service_count = 1
}
service replicator {
process_min_avail = 1
unix_listener replicator-doveadm {
group = vmail
mode = 0660
user = vmail
}
}
ssl_ca = /etc/ipa/ca.crt
ssl_cert = /etc/pki/tls/certs/dovecot.pem
ssl_cipher_list =
EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA
ssl_client_ca_file = /etc/ipa/ca.crt
ssl_client_cert = /etc/pki/tls/certs/dovecot.pem
ssl_client_key = /etc/pki/tls/private/dovecot.key
ssl_key = /etc/pki/tls/private/dovecot.key
ssl_parameters_regenerate = 1 weeks
ssl_prefer_server_ciphers = yes
ssl_protocols = !SSLv2 !SSLv3
userdb {
args = /etc/dovecot/dovecot-ldap-userdb.conf.ext
driver = ldap
override_fields = gid=vmail home=/srv/vmail/example.com/%n
}
verbose_ssl = yes
protocol lmtp {
mail_plugins = fts fts_lucene notify quota replication virtual
zlib sieve
}
protocol imap {
mail_plugins = fts fts_lucene notify quota replication virtual
zlib imap_quota imap_zlib
}
mail2 ::
# 2.2.10: /etc/dovecot/dovecot.conf
# OS: Linux 3.10.0-123.20.1.el7.x86_64 x86_64 CentOS Linux release
7.0.1406 (Core)
auth_cache_size = 5 M
auth_debug = yes
auth_default_realm = example.com
auth_gssapi_hostname = mail.example.com
auth_krb5_keytab = /etc/dovecot/dovecot.keytab
auth_mechanisms = plain gssapi
auth_realms = example.com
auth_verbose = yes
doveadm_password = secret
lmtp_save_to_detail_mailbox =
