Re: Configure Dovecot for GSSAPI [formerly: Looking for GSSAPI config]
On 04.07.2016 07:44, Mark Foley wrote: > After a over a year and a half struggling to get Dovecot to do either NTLM or > GSSAPI > authentication with Samba4 AD/DC, I believe I've finally got it! Thanks to > all those in this > list who helped: Jan Jurkus, Edgar Pettijohn, Gregory Sloop, Tom Talpey > especially Aki Tuomi; > and infinite thanks to Achim Gottinger on the SambaList for his patience in > working this > through with me. Although my purpose was for Dovecot to authenticate mail > clients, the > configuration settings needed were on the Samba side. I hope a variation of > these instructions > can eventually make it into: > > http://wiki2.dovecot.org/Authentication/Kerberos > > It has been now updated. I had a look at the NTLM mechanism, it *should* support SSP and NTLMv2. I have to set up some kind of test environment to find out why it bugs. Aki
Configure Dovecot for GSSAPI [formerly: Looking for GSSAPI config]
After a over a year and a half struggling to get Dovecot to do either NTLM or GSSAPI authentication with Samba4 AD/DC, I believe I've finally got it! Thanks to all those in this list who helped: Jan Jurkus, Edgar Pettijohn, Gregory Sloop, Tom Talpey especially Aki Tuomi; and infinite thanks to Achim Gottinger on the SambaList for his patience in working this through with me. Although my purpose was for Dovecot to authenticate mail clients, the configuration settings needed were on the Samba side. I hope a variation of these instructions can eventually make it into: http://wiki2.dovecot.org/Authentication/Kerberos What is essentially missing from the wiki is how to set up the proper Service Principal Names and the subsequent creation of a dovecot useable kerberos keytab file. The wiki comment on "k5principals passdb" was not helpful and largely unintelligble to me. Perhaps like many of you, I have switched from Microsoft SBS and Exchange to Samaba4 and Dovecot/IMAP. The transition was completely transparent to my users, except they needed a separate password for email authentication in the absence of NTLM or GSSAPI working with Dovecot. A mild inconvenience, but I have been on a "quest" to fill that gap. This solution finally takes care of that last piece. The following describes how to create the SPNs and krb5 keytab files using Samba4 which has its own built-in (Heimdal) kerberos. The procedures are probably similar for other facilities such as setspn for Windows, but I've not used those so I won't attempt to discuss those mechanism here. You do need kerberos as the Samba built-in kerberos does not have needed commands like `klist`. My distro (Slackware 14.1) does not come with kerberos (nor, I think, does Ubuntu), but is easily found at: https://slackbuilds.org/repository/14.1/network/krb5/ Ubuntu/Debian: apt-get install krb5-config libpam-krb5 krb5-user ssh-krb5 (perhaps more) After provisioning Samba4, copy the krb5.conf template to /etc/krb5.conf. (Note: the actual docs advise symlinking: ln -sf /usr/local/samba/private/krb5.conf /etc/krb5.conf but I prefer making a copy in case I need to modify things). I've set The /etc/krb5.conf file to world readable. It's default contents are (and these do not need to be changed): [libdefaults] default_realm = HPRS.LOCAL dns_lookup_realm = false dns_lookup_kdc = true where HPRS.LOCAL is my realm, of course use your own. Now, we need a samba user in order to create the necessary SPNs (Server Principal Names): $ samba-tool user create dovecot New Password: Retype Password: User 'dovecot' created successfully Next, add the SPN(s), and create the keytab: $ samba-tool spn add imap/mail.hprs.local dovecot $ samba-tool domain exportkeytab --principal imap/mail.hprs.local /etc/dovecot/dovecot.keytab Dovecot does not do my (outgoing) SMTP serving, only (incoming) IMAP, but if it did I'd have to create another SPN for smtp: $ samba-tool spn add smtp/mail.hprs.local dovecot $ samba-tool domain exportkeytab --principal smtp/mail.hprs.local /etc/dovecot/dovecot.keytab Dovecot needs to be able to read the keytab file: $ chgrp dovecot /etc/dovecot/dovecot.keytab $ chmod g+r /etc/dovecot/dovecot.keytab my new keytab: $ klist -Kek /etc/dovecot/dovecot.keytab Keytab name: FILE:/etc/dovecot/dovecot.keytab KVNO Principal -- 1 imap/mail.hprs.local@HPRS.LOCAL (des-cbc-crc) (0x232616c2a4fd08f7) 1 imap/mail.hprs.local@HPRS.LOCAL (des-cbc-md5) (0x232616c2a4fd08f7) 1 imap/mail.hprs.local@HPRS.LOCAL (arcfour-hmac) (0x9dae89a221dc374a39f560833352f60f) (and if I also created the spn for smtp I would also have these:) 1 smtp/mail.hprs.local@HPRS.LOCAL (des-cbc-crc) (0x232616c2a4fd08f7) 1 smtp/mail.hprs.local@HPRS.LOCAL (des-cbc-md5) (0x232616c2a4fd08f7) 1 smtp/mail.hprs.local@HPRS.LOCAL (arcfour-hmac) (0x9dae89a221dc374a39f560833352f60f) DOVECOT SETTINGS: My version: 2.2.15 Of crucial importance is to build dovecot with GSSAPI! That is NOT one of the default settings. In the dovecot build directory: ./configure --with-gssapi=yes Other than that serious build gotcha, settings are pretty simple. Add the following 3 settings to 10-auth.conf: auth_gssapi_hostname = "$ALL" auth_krb5_keytab = /etc/dovecot/dovecot.keytab auth_mechanisms = plain login gssapi The auth_gssapi_hostname is supposedly not required according to some of the above-listed commentors, but my 10-auth.conf template implies differently, so it can't hurt. gssapi does not require a passdb. Use whatever userdb you want. The dovecot wiki doc has some suggestions, not of which I've tried. I use the 'driver = passwd' for my userdb for unrelated reasons. I couldn't get any of this working until I rebooted the Samba AD/DC-Dovecot server, but that just may have been me not stopping/starting Samba and Dovecot in the right sequence (or,
Re: kqueue crash on FreeBSD with 2.2.25
On 16-07-03 03:30:36, Timo Sirainen wrote: > On 02 Jul 2016, at 03:30, Adam Weinbergerwrote: > > > >>> Jul 1 10:07:27 imap dovecot: master: Panic: kevent(EV_ADD, READ, 54) > >>> failed: Bad file descriptor > >>> > >>> It's not dumping core, and I get the message even with "protocols =" > >>> > >>> Downgrading back to 2.2.24 fixes it. What info would be helpful for me to > >>> provide here? > >> > >> gdb backtrace: http://dovecot.org/bugreport.html#coredumps > >> > > > > Fuller logs attached. Thanks for your help, Timo. > > > > #6 0x2815b23a in i_panic (format=0x281ccf7a "kevent(EV_ADD, READ, %d) > > failed: %m") at failures.c:275 > > #7 0x28185e10 in io_loop_handle_add (io=0x288843a0) at ioloop-kqueue.c:67 > > #8 0x281815a8 in io_add_file (fd=56, condition=IO_READ, > > source_linenum=244, callback=0x2818a7d0 , context=0x0) at > > ioloop.c:59 > > #9 0x281813a6 in io_add (fd=56, condition=IO_READ, source_linenum=244, > > callback=0x2818a7d0 , context=0x0) at ioloop.c:81 > > #10 0x2818a666 in lib_signals_set_handler (signo=1, flags=3, > > handler=0x804e6c0 , context=0x0) at lib-signals.c:243 > > #11 0x0804e129 in main_init (set=0x2881d098) at main.c:518 > > #12 0x0804d562 in main (argc=3, argv=0xae08) at main.c:890 > > Weird. I haven't touched anything even close to that. Also kqueue works on my > OSX. The only thing that comes to my mind is > https://github.com/dovecot/core/commit/fde7b8a03bf91cfa5bb7ca3e84545386243fa0d2 > > Does it happen to work if you use the attached patch? > Still trying to learn git, but here is what happened when I tried applying this diff. Sun Jul 03 10:12:32 ~/dovecot/core $ git reset --hard 3fea4d5988de365503df44a9b067e3b181cac65c HEAD is now at 3fea4d5 master: Stopping didn't close dead-pipes early enough. Sun Jul 03 10:12:37 ~/dovecot/core $ git apply diff.patch error: patch failed: src/master/service-monitor.c:522 error: src/master/service-monitor.c: patch does not apply error: patch failed: src/master/service-monitor.c:452 error: src/master/service-monitor.c: patch does not apply error: patch failed: src/master/service-process.c:133 error: src/master/service-process.c: patch does not apply error: patch failed: src/master/service.c:283 error: src/master/service.c: patch does not apply error: patch failed: src/master/service.h:85 error: src/master/service.h: patch does not apply Same thing happened before the reset --hard. -- Edgar Pettijohn
Dovecot 2.2.25 fails on SSL
Dear Dovecot developers! This problem already existed some years ago, has been fixed, and now it's there again in Dovecot 2.2.25 (2.2.24 was fine). I'm running CentOS 6 with a custom OpenSSL installation in /usr/local/ssl Therefore, Dovecot is configured like this: env SSL_CFLAGS="-I/usr/local/ssl/include" SSL_LIBS="-L/usr/local/ssl/lib -Wl,-R/usr/local/ssl/lib -lcrypto -lssl" ./configure --prefix=/usr/local/Dovecot-2.2.25 --with-ssl=openssl --with-ssldir=/usr/local/Dovecot-2.2.25/etc/dovecot/certs With "pkg-config", the same options for SSL are provided. "make" and "make install" run just fine, and the daemon starts without any errors. However, if a user connects on port 993 (IMAPS), Dovecot logs this failure message to syslog: Jul 4 01:08:43 myhost dovecot: ssl-params: Fatal: Couldn't load required plugin /usr/local/Dovecot-2.2.25/lib/dovecot/libssl_iostream_openssl.so: dlopen() failed: libcrypto.so.1.0.0: cannot open shared object file: No such file or directory Jul 4 01:08:43 myhost dovecot: ssl-params: Error: child process failed with status 22784 ldd /usr/local/Dovecot-2.2.25/lib/dovecot/libssl_iostream_openssl.so linux-gate.so.1 => (0x00e8c000) libcrypto.so.1.0.0 => not found libssl.so.1.0.0 => not found librt.so.1 => /lib/librt.so.1 (0x00be4000) libc.so.6 => /lib/libc.so.6 (0x001a6000) libpthread.so.0 => /lib/libpthread.so.0 (0x003e4000) /lib/ld-linux.so.2 (0x007e7000) ldd /usr/local/Dovecot-2.2.25/lib/dovecot/libdcrypt_openssl.so linux-gate.so.1 => (0x00dca000) libcrypto.so.1.0.0 => not found libssl.so.1.0.0 => not found librt.so.1 => /lib/librt.so.1 (0x00a7a000) libc.so.6 => /lib/libc.so.6 (0x0016) libpthread.so.0 => /lib/libpthread.so.0 (0x0072f000) /lib/ld-linux.so.2 (0x0056) When comparing to Dovecot 2.2.24: ldd /usr/local/Dovecot-2.2.24/lib/dovecot/libssl_iostream_openssl.so linux-gate.so.1 => (0x0073d000) libcrypto.so.1.0.0 => /usr/local/ssl/lib/libcrypto.so.1.0.0 (0x00b04000) libssl.so.1.0.0 => /usr/local/ssl/lib/libssl.so.1.0.0 (0x0044a000) librt.so.1 => /lib/librt.so.1 (0x00a6) libc.so.6 => /lib/libc.so.6 (0x001e5000) libdl.so.2 => /lib/libdl.so.2 (0x003a9000) libpthread.so.0 => /lib/libpthread.so.0 (0x009d) /lib/ld-linux.so.2 (0x00d77000) There's no libdcrypt_openssl.so in Dovecot 2.2.24, so I guess with the newly introduced dcrypt stuff something with SSL went wrong. Would be great if that could be fixed so that SSL works again. Thanks a lot in advance ... Andreas
Re: Shared mailboxes not showing up in shared namespace
Here is the `doveconf -n` output: root@mail:~# doveconf -n # 2.2.13: /etc/dovecot/dovecot.conf # OS: Linux 3.14.32--grs-ipv6-64 x86_64 auth_debug = yes auth_default_realm = domain.com auth_mechanisms = plain login auth_verbose = yes imapc_host = imap-mail.outlook.com mail_gid = vmail mail_home = /home/vmail/%d/%n mail_location = maildir:~/Maildir mail_plugins = acl mail_shared_explicit_inbox = yes mail_uid = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace { list = yes location = maildir:/home/vmail/Public:INDEXPVT=~/Maildir/Public prefix = Public/ separator = / subscriptions = yes type = public } namespace { list = children location = maildir:/home/vmail/domain.com/%%u/Maildir:INDEXPVT=~/Maildir/shared/%%u prefix = Shared/%%u/ separator = / subscriptions = yes type = shared } namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / type = private } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { acl = vfile acl_shared_dict = file:/home/vmail/domain.com/shared-mailboxes2 sieve = ~/.dovecot.sieve sieve_before = /etc/dovecot/sieve/dovecot.sieve sieve_dir = ~/sieve } postmaster_address = postmas...@domain.com protocols = " imap lmtp sieve" service auth { unix_listener auth-client { group = Debian-exim mode = 0660 user = Debian-exim } } service imap-login { inet_listener imap { port = 0 } inet_listener imaps { port = 993 ssl = yes } } service lmtp { unix_listener lmtp { mode = 0666 } } ssl = required ssl_cert = On 3 Jul 2016, at 16:58, Marti Markovwrote: > > Tried it but now luck in either OX App Suite or Thunderbird. > > The thing is that it isn’t even listed as a subscribeable folder. For example > I have a Public namespace at that lists all the public mailboxes but Shared > doesn’t list anything. > > I installed an addon in Thunderbird for ACL and that lists correct > permissions on the INBOX folders. (Users having lookup & read permissions). > > I can post the doveconf output if you want? > > >> On 3 Jul 2016, at 16:52, aki.tu...@dovecot.fi wrote: >> >> >>> On July 3, 2016 at 6:46 PM Marti Markov wrote: >>> >>> >>> Aki, you were right. >>> It was at /usr/lib/dovecot >>> >>> Here is the output: >>> >>> * LIST (\Noselect \HasChildren) "/" Shared >>> * LIST (\Noselect \HasChildren) "/" Shared/d.marteva >>> * LIST (\HasNoChildren) "/" Shared/d.marteva/INBOX >> >> Can you try >> >> doveadm mailbox subscribe -u yourusername Shared/d.marteva/INBOX >> >> Aki >
Re: Postfix/dovecot: user unrecognized, file permissions being misread
On 16-07-03 18:17:48, C. Andrews Lavarre wrote: > On Sun, 2016-07-03 at 15:56 -0500, Edgar Pettijohn wrote: > > doveconf -n would be helpful > Thank you: > lavarre:/var/mail/vhosts/privustech.com # doveconf -n > # 2.2.18: /etc/dovecot/dovecot.conf > > # Pigeonhole version 0.4.8 (0c4ae064f307+) > > # OS: Linux 4.1.26-21-default x86_64 openSUSE 42.1 (x86_64) ext4 > > auth_mechanisms = plain login > > auth_verbose = yes > > listen = * > > log_path = /var/log/dovecot.log > > mail_debug = yes > > mail_location = maildir:/var/mail/vhosts/%d/%n > > maildir_very_dirty_syncs = yes > > managesieve_notify_capability = mailto > > managesieve_sieve_capability = fileinto reject envelope encoded > -character vacation subaddress comparator-i;ascii-numeric r > elational regex imap4flags copy include variables body enotify > environment mailbox date index ihave duplicate > > namespace inbox { > > inbox = yes > > location = > mailbox Drafts { > > special_use = \Drafts > > } > > mailbox Junk { > > special_use = \Junk > > } > > mailbox Sent { > > special_use = \Sent > > } > > mailbox "Sent Messages" { > > special_use = \Sent > > } > > mailbox Trash { > > special_use = \Trash > > } > > prefix = > } > > passdb { > > driver = pam > > } > > passdb { > > args = scheme=PLAIN username_format=%u /etc/dovecot/dovecot-users > > driver = passwd-file > > } Double check me, but I think you only want (1) passdb {} block. > > plugin { > > sieve = ~/.dovecot.sieve > > sieve_after = /var/mail/vmail/sieve-after > > sieve_before = /var/mail/vmail/sieve-before > > sieve_dir = ~/sieve > > } > > protocols = imap pop3 sieve > > service auth { > > unix_listener /var/spool/postfix/private/auth { > > group = postfix > > mode = 0666 > > user = postfix > > } > > } > > service imap-login { > > inet_listener imaps { > > port = 993 > > ssl = yes > > } > > } > > service lmtp { > > unix_listener /var/spool/postfix/private/lmtp { > > group = postfix > > mode = 0600 > > user = postfix > > } > > } > > service pop3-login { > > inet_listener pop3s { > > port = 995 > > ssl = yes > > } > > } > > ssl = required > > ssl_ca = > ssl_cert = > ssl_dh_parameters_length = 2048 > > ssl_key = > ssl_options = no_compression > > ssl_prefer_server_ciphers = yes > > userdb { > > driver = passwd > > } > > userdb { > > args = uid=vmail gid=vmail home=/var/mail/vhosts/%d/%n > > driver = static > > } Same here and make sure driver = "passdb driver". > > verbose_ssl = yes > > protocol lda { > > deliver_log_format = msgid=%m: %$ > > mail_plugins = sieve > > postmaster_address = postmas...@privustech.com > > quota_full_tempfail = yes > > rejection_reason = Your message to <%t> was automatically > rejected:%n%r > > } > > protocol imap { > > imap_client_workarounds = delay-newmail tb-extra-mailbox-sep > > mail_max_userip_connections = 10 > > } I also noticed your certificate chain is broken. http://wiki2.dovecot.org/TestInstallation -- Edgar Pettijohn
Re: Postfix/dovecot: user unrecognized, file permissions being misread
Edgar hello. Thanks again. Not sure of the protocol. Perhaps better to keep the entire thread complete, so here again is doveconf -n with the precendents: lavarre:/var/mail/vhosts/privustech.com # doveconf -n # 2.2.18: /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.8 (0c4ae064f307+) # OS: Linux 4.1.26-21-default x86_64 openSUSE 42.1 (x86_64) ext4 auth_mechanisms = plain login auth_verbose = yes listen = * log_path = /var/log/dovecot.log mail_debug = yes mail_location = maildir:/var/mail/vhosts/%d/%n maildir_very_dirty_syncs = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded -character vacation subaddress comparator-i;ascii-numeric r elational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = pam } passdb { args = scheme=PLAIN username_format=%u /etc/dovecot/dovecot-users driver = passwd-file } plugin { sieve = ~/.dovecot.sieve sieve_after = /var/mail/vmail/sieve-after sieve_before = /var/mail/vmail/sieve-before sieve_dir = ~/sieve } protocols = imap pop3 sieve service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } } service imap-login { inet_listener imaps { port = 993 ssl = yes } } service lmtp { unix_listener /var/spool/postfix/private/lmtp { group = postfix mode = 0600 user = postfix } } service pop3-login { inet_listener pop3s { port = 995 ssl = yes } } ssl = required ssl_ca = was automatically rejected:%n%r } protocol imap { imap_client_workarounds = delay-newmail tb-extra-mailbox-sep mail_max_userip_connections = 10 } On Sun, 2016-07-03 at 15:56 -0500, Edgar Pettijohn wrote: > On 16-07-03 16:44:42, C. Andrews Lavarre wrote: > > Hello all. Have spent several days following the excellent > > tutorial: > > > > http://www.binarytides.com/install-postfix-dovecot-debian/ > > > > but still fail to have the user recognized and am getting log > > entries > > that the mail directories are 0755 when I can clearly see that they > > are > > 0774. > > > > Very puzzling, any help would be deeply appreciated. > > > > Best regards, Andy > > === Details === > > ??? I can add directories under IMAP, so my IMAP login and > > permissions > > must be correct. > > > > ??? I can create an outgoing message under IMAP, but clicking SEND > > just > > hangs. Logs do not indicate problem. > > > > ??? I clearly can send it a message with smtp. The message is > > delivered > > to postfix, but then dovecot fails to deliver it to a mailbox. > > > > Log Entries -- > > --- > > --- > > > > # tail /var/log/mail > > > > > > postfix/qmgr[16390]: 9D6E8C1A77: from=< > > alava...@gmail.com>, > > size=2794, nrcpt=1 (queue active) > > > > > > > > Message has been received > > > > > > > > postfix/lmtp[16770]: C218DC197D: to=< > > alava...@privustech.com>, > > relay=mail.privustech.com[private/lmtp], delay=2560, > > delays=2260/0.01/300/0, dsn=4.4.2, status=deferred (conversation > > with > > mail.privustech.com[private/lmtp] timed out while receiving the > > initial > > server greeting) > > > > > > lmtp is not working > > > > > > > > > > > >> > # tail /var/log/dovecot.log > > > > > > > > auth-worker(16612): Info: > > pam(alava...@privustech.com,98.179.190.111): unknown user > > This could be a problem. > > > > > > > > > imap-login: Info: Login: user=> > , > > method=PLAIN, rip=98.179.190.111, lip=70.186.159.22, mpid=16615, > > TLS, > > session= > > > > > > > > imap(alava...@privustech.com): Error: > > mkdir(/var/mail/vhosts/privustech.com/alavarre/cur) failed: > > Permission > > denied (euid=5000(vmail) egid=5000(vmail) missing +w perm: > > /var/mail/vhosts/privustech.com/alavarre, dir owned by 0:0 > > mode=0755) > > However, the mail directory > > /var/mail/vhosts/privustech.com/alavarre is > > > > -rwxrwxr-- vmail:vmail and I have restarted both postfix and > > dovecot. > > > > I'm guessing vmail can't +w somewhere along the path of > /var/mail/vhosts/etc... > > > = > > System is openSUSE Leap 42.1 (64). postfix and dovecot with SASL > > authentication, connecting through a Unix socket: > > > > /etc/postfix/main.cf: > > > > > > virtual_transport = lmtp:unix:private/lmtp > > > > > > > >
Re: Postfix/dovecot: user unrecognized, file permissions being misread
On Sun, 2016-07-03 at 15:56 -0500, Edgar Pettijohn wrote: > doveconf -n would be helpful Thank you: lavarre:/var/mail/vhosts/privustech.com # doveconf -n # 2.2.18: /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.8 (0c4ae064f307+) # OS: Linux 4.1.26-21-default x86_64 openSUSE 42.1 (x86_64) ext4 auth_mechanisms = plain login auth_verbose = yes listen = * log_path = /var/log/dovecot.log mail_debug = yes mail_location = maildir:/var/mail/vhosts/%d/%n maildir_very_dirty_syncs = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded -character vacation subaddress comparator-i;ascii-numeric r elational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = pam } passdb { args = scheme=PLAIN username_format=%u /etc/dovecot/dovecot-users driver = passwd-file } plugin { sieve = ~/.dovecot.sieve sieve_after = /var/mail/vmail/sieve-after sieve_before = /var/mail/vmail/sieve-before sieve_dir = ~/sieve } protocols = imap pop3 sieve service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } } service imap-login { inet_listener imaps { port = 993 ssl = yes } } service lmtp { unix_listener /var/spool/postfix/private/lmtp { group = postfix mode = 0600 user = postfix } } service pop3-login { inet_listener pop3s { port = 995 ssl = yes } } ssl = required ssl_ca = was automatically rejected:%n%r } protocol imap { imap_client_workarounds = delay-newmail tb-extra-mailbox-sep mail_max_userip_connections = 10 }
Re: Postfix/dovecot: user unrecognized, file permissions being misread
On 16-07-03 16:44:42, C. Andrews Lavarre wrote: > Hello all. Have spent several days following the excellent tutorial: > > http://www.binarytides.com/install-postfix-dovecot-debian/ > > but still fail to have the user recognized and am getting log entries > that the mail directories are 0755 when I can clearly see that they are > 0774. > > Very puzzling, any help would be deeply appreciated. > > Best regards, Andy > === Details === > ??? I can add directories under IMAP, so my IMAP login and permissions > must be correct. > > ??? I can create an outgoing message under IMAP, but clicking SEND just > hangs. Logs do not indicate problem. > > ??? I clearly can send it a message with smtp. The message is delivered > to postfix, but then dovecot fails to deliver it to a mailbox. > Log Entries - > --- > # tail /var/log/mail > postfix/qmgr[16390]: 9D6E8C1A77: from=, > size=2794, nrcpt=1 (queue active) > Message has been received > > postfix/lmtp[16770]: C218DC197D: to= , > relay=mail.privustech.com[private/lmtp], delay=2560, > delays=2260/0.01/300/0, dsn=4.4.2, status=deferred (conversation with > mail.privustech.com[private/lmtp] timed out while receiving the initial > server greeting) > lmtp is not working > > > # tail /var/log/dovecot.log > > auth-worker(16612): Info: > pam(alava...@privustech.com,98.179.190.111): unknown user This could be a problem. > > imap-login: Info: Login: user= , > method=PLAIN, rip=98.179.190.111, lip=70.186.159.22, mpid=16615, TLS, > session= > > imap(alava...@privustech.com): Error: > mkdir(/var/mail/vhosts/privustech.com/alavarre/cur) failed: Permission > denied (euid=5000(vmail) egid=5000(vmail) missing +w perm: > /var/mail/vhosts/privustech.com/alavarre, dir owned by 0:0 mode=0755) > However, the mail directory /var/mail/vhosts/privustech.com/alavarre is >-rwxrwxr-- vmail:vmail and I have restarted both postfix and dovecot. > I'm guessing vmail can't +w somewhere along the path of /var/mail/vhosts/etc... > = > System is openSUSE Leap 42.1 (64). postfix and dovecot with SASL > authentication, connecting through a Unix socket: > /etc/postfix/main.cf: > virtual_transport = lmtp:unix:private/lmtp > > /etc/dovecot/conf.d/10-master.cf: service lmtp { > unix_listener /var/spool/postfix/private/lmtp { > mode = 0600 > user = postfix > group = postfix > > } > The lmtp socket is owned by postfix, while the mail system is owned by vmail, > per the tutorial. > > -- > > I am using virtual users (not system users) defined in > /etc/dovecot/dovecot-users: > alava...@privustech.com:{plain}ksaj;flkasjd;ds;f > > Thanks in advance, Andy doveconf -n would be helpful -- Edgar Pettijohn
Re: kqueue crash on FreeBSD with 2.2.25
On 16-07-03 03:30:36, Timo Sirainen wrote: > On 02 Jul 2016, at 03:30, Adam Weinbergerwrote: > > > >>> Jul 1 10:07:27 imap dovecot: master: Panic: kevent(EV_ADD, READ, 54) > >>> failed: Bad file descriptor > >>> > >>> It's not dumping core, and I get the message even with "protocols =" > >>> > >>> Downgrading back to 2.2.24 fixes it. What info would be helpful for me to > >>> provide here? > >> > >> gdb backtrace: http://dovecot.org/bugreport.html#coredumps > >> > > > > Fuller logs attached. Thanks for your help, Timo. > > > > #6 0x2815b23a in i_panic (format=0x281ccf7a "kevent(EV_ADD, READ, %d) > > failed: %m") at failures.c:275 > > #7 0x28185e10 in io_loop_handle_add (io=0x288843a0) at ioloop-kqueue.c:67 > > #8 0x281815a8 in io_add_file (fd=56, condition=IO_READ, > > source_linenum=244, callback=0x2818a7d0 , context=0x0) at > > ioloop.c:59 > > #9 0x281813a6 in io_add (fd=56, condition=IO_READ, source_linenum=244, > > callback=0x2818a7d0 , context=0x0) at ioloop.c:81 > > #10 0x2818a666 in lib_signals_set_handler (signo=1, flags=3, > > handler=0x804e6c0 , context=0x0) at lib-signals.c:243 > > #11 0x0804e129 in main_init (set=0x2881d098) at main.c:518 > > #12 0x0804d562 in main (argc=3, argv=0xae08) at main.c:890 > > Weird. I haven't touched anything even close to that. Also kqueue works on my > OSX. The only thing that comes to my mind is > https://github.com/dovecot/core/commit/fde7b8a03bf91cfa5bb7ca3e84545386243fa0d2 > > Does it happen to work if you use the attached patch? > The patch doesn't apply cleanly for me on OpenBSD -current. Hmm... Looks like a unified diff to me... The text leading up to this was: -- |commit 3fea4d5988de365503df44a9b067e3b181cac65c |Author: Timo Sirainen |Date: Thu Jun 30 14:08:24 2016 +0300 | |master: Stopping didn't close dead-pipes early enough. | |This caused stopping to be too slow. Broken by 0153cf542. | |diff --git a/src/master/service-monitor.c b/src/master/service-monitor.c |index 19655c2..44cdb26 100644 |--- a/src/master/service-monitor.c |+++ b/src/master/service-monitor.c -- Patching file service-monitor.c using Plan A... Hunk #1 succeeded at 513 (offset 8 lines). Hunk #2 failed at 538. Hunk #3 succeeded at 595 with fuzz 2 (offset 8 lines). 1 out of 3 hunks failed--saving rejects to service-monitor.c.rej Hmm... The next patch looks like a unified diff to me... The text leading up to this was: -- |commit fde7b8a03bf91cfa5bb7ca3e84545386243fa0d2 |Author: Timo Sirainen |Date: Tue Jun 28 23:38:11 2016 +0300 | |master: Added support for stopping specific services. | |We need to have a per-service fd for detecting a dead master. | |diff --git a/src/master/service-monitor.c b/src/master/service-monitor.c |index bf4e931..fb4f64f 100644 |--- a/src/master/service-monitor.c |+++ b/src/master/service-monitor.c -- Patching file service-monitor.c using Plan A... Reversed (or previously applied) patch detected! Assume -R? [y] If I select [y] and continue to build I get lots of build errors. -- Edgar Pettijohn
Postfix/dovecot: user unrecognized, file permissions being misread
Hello all. Have spent several days following the excellent tutorial: http://www.binarytides.com/install-postfix-dovecot-debian/ but still fail to have the user recognized and am getting log entries that the mail directories are 0755 when I can clearly see that they are 0774. Very puzzling, any help would be deeply appreciated. Best regards, Andy === Details === • I can add directories under IMAP, so my IMAP login and permissions must be correct. • I can create an outgoing message under IMAP, but clicking SEND just hangs. Logs do not indicate problem. • I clearly can send it a message with smtp. The message is delivered to postfix, but then dovecot fails to deliver it to a mailbox. Log Entries - --- # tail /var/log/mail postfix/qmgr[16390]: 9D6E8C1A77: from=, size=2794, nrcpt=1 (queue active) Message has been received postfix/lmtp[16770]: C218DC197D: to= , relay=mail.privustech.com[private/lmtp], delay=2560, delays=2260/0.01/300/0, dsn=4.4.2, status=deferred (conversation with mail.privustech.com[private/lmtp] timed out while receiving the initial server greeting) lmtp is not working # tail /var/log/dovecot.log auth-worker(16612): Info: pam(alava...@privustech.com,98.179.190.111): unknown user imap-login: Info: Login: user= , method=PLAIN, rip=98.179.190.111, lip=70.186.159.22, mpid=16615, TLS, session= imap(alava...@privustech.com): Error: mkdir(/var/mail/vhosts/privustech.com/alavarre/cur) failed: Permission denied (euid=5000(vmail) egid=5000(vmail) missing +w perm: /var/mail/vhosts/privustech.com/alavarre, dir owned by 0:0 mode=0755) However, the mail directory /var/mail/vhosts/privustech.com/alavarre is -rwxrwxr-- vmail:vmail and I have restarted both postfix and dovecot. = System is openSUSE Leap 42.1 (64). postfix and dovecot with SASL authentication, connecting through a Unix socket: /etc/postfix/main.cf: virtual_transport = lmtp:unix:private/lmtp /etc/dovecot/conf.d/10-master.cf: service lmtp { unix_listener /var/spool/postfix/private/lmtp { mode = 0600 user = postfix group = postfix } The lmtp socket is owned by postfix, while the mail system is owned by vmail, per the tutorial. -- I am using virtual users (not system users) defined in /etc/dovecot/dovecot-users: alava...@privustech.com:{plain}ksaj;flkasjd;ds;f Thanks in advance, Andy
RE: quota-status service
> > The way I understand it is, this Quota service was built specifically > for postfix. (I only have postfix, have not used any other MTA) > The "quota-status" executable is in you libexec directory. ( I compiled > my dovecot instance, hence is is not in "regular" directory) Thanks. I also responded to Aki, but to close the loop: evidently quota-status is newer than the version of dovecot on my Ubuntu 12.04 machine. So I'll need to upgrade. > The "quota_status_*" are responses to postifx. AFAIK, these are the only > 3 possible options. > > Please see ( > https://sys4.de/en/blog/2013/04/08/postfix-dovecot-mailbox-quota/ ) for > a detailed info on this > > When Postfix MTA is "inline" with the sender, and if you have correctly > configured the quota service, it will check if the recipient's mailbox > can accept mails. If the recipient is able to accept mail dovecot > responds with "DUNNO" (as configured in "quota_status_success" ) to let > postifx continue with its sender checks. if the recipient's mail box is > unable to accept mails, the dovecot responds with "552 5.2.2 Mailbox is > full" (as configured in "quota_status_overquota"), this will prevent > postfix from accepting mail and will respond with 552 status . All this > is documented in that blog. > Thanks. I saw the link to Hildebrandt's blog on the wiki. (BTW, his Postfix book is still great!) And I understood the example. But it didn't cover the answers to my questions. Aki covered most of them. Thanks again, Michael
RE: FW: quota-status service
> No. But someone knew what to answer to them, you keep spamming the mailing > list with repeated '???' instead of waiting, which *is* impolite. Someone > WILL answer you when they have time to study your question and prepare an > answer. As I said, if you think you should be entitled to timely > responses, please consider purchasing a support agreement, so you can have > an SLA. Support provided over mailing list is pro bono publico and no one > gets paid doing it for you. Understood. And I don't think I'm "entitled" to anything. The list is free. But it may be helpful to understand this: I figured that most people would want to use the quota-status service. Therefore, most people must know something about it. But there was no response at all, not even "I can help but it will take a couple of days", even though there was lots of other activity on the list. So I did what is commonplace on some other lists by bumping it up to the top again. No disrespect intended. Every list has its own "personality". I'll learn. > 1. Quota status comes with dovecot-core, on my server (debian) it is in > > ~$ ls -lah /usr/lib/dovecot/quota-status > -rwxr-xr-x 1 root root 84K May 27 12:35 /usr/lib/dovecot/quota-status > > Did you look there? Yes. I actually looked everywhere with find / ... This machine is running Ubuntu 12.04, dovecot --version = 2.0.19 So, I just tried installing on another machine running Ubuntu 14.04, dovecot --version = 2.2.9. It **is** there on that machine. So, evidently, quota-status is not part of the older version. I guess I'll need to upgrade since I prefer not to compile from source. > You also are going to need ... > [answers clipped] Thank you. All EXCELLENT information. quota_status_toolarge wasn't mentioned on the wiki. I presume that refers to the individual message size being too large, correct? Thanks again, this is what I needed. Michael
Re: quota-status service
Michael, See my responses inline On 07/02/2016 06:25 AM, Michael Fox wrote: ??? From: Michael Fox [mailto:n...@mefox.org] Sent: Thursday, June 30, 2016 1:59 PM To: Dovecot Mailing List (dovecot@dovecot.org)Subject: quota-status service I'm trying to understand the quota-status service, but I can't find complete documentation. The quota-status service is mentioned here: http://wiki.dovecot.org/Quota And an example configuration is shown: service quota-status { executable = quota-status -p postfix inet_listener { port = 12340 # You can choose any port you want } client_limit = 1 } This is how I have configured it. But I can't find any information on quota-status. "man quota-status" returns nothing. I am unable to find a "quota-status" file on my machine. Where is the executable located? What does the "-p postfix" option do? Are there any other command line options? The above wiki page shows three quota_status_* options in use: quota_status_success = DUNNO quota_status_nouser = DUNNO quota_status_overquota = "552 5.2.2 Mailbox is full" The way I understand it is, this Quota service was built specifically for postfix. (I only have postfix, have not used any other MTA) The "quota-status" executable is in you libexec directory. ( I compiled my dovecot instance, hence is is not in "regular" directory) The "quota_status_*" are responses to postifx. AFAIK, these are the only 3 possible options. Please see ( https://sys4.de/en/blog/2013/04/08/postfix-dovecot-mailbox-quota/ ) for a detailed info on this When Postfix MTA is "inline" with the sender, and if you have correctly configured the quota service, it will check if the recipient's mailbox can accept mails. If the recipient is able to accept mail dovecot responds with "DUNNO" (as configured in "quota_status_success" ) to let postifx continue with its sender checks. if the recipient's mail box is unable to accept mails, the dovecot responds with "552 5.2.2 Mailbox is full" (as configured in "quota_status_overquota"), this will prevent postfix from accepting mail and will respond with 552 status . All this is documented in that blog. Please also see: http://www.postfix.org/SMTPD_ACCESS_README.html Where are their meanings documented? What are the allowed values? Are there other quota_status_* options? Thanks in advance. Thanks, Michael Hope this was helpful -Thanks Vijay
RE: FW: quota-status service
> On July 3, 2016 at 6:41 PM Michael Foxwrote: > > > Aki: Over the last three days, I've watched many other questions being asked > and answered. Were they also impolite to ask? > No. But someone knew what to answer to them, you keep spamming the mailing list with repeated '???' instead of waiting, which *is* impolite. Someone WILL answer you when they have time to study your question and prepare an answer. As I said, if you think you should be entitled to timely responses, please consider purchasing a support agreement, so you can have an SLA. Support provided over mailing list is pro bono publico and no one gets paid doing it for you. Anyways, here are *some* answers to your questions: 1. Quota status comes with dovecot-core, on my server (debian) it is in ~$ ls -lah /usr/lib/dovecot/quota-status -rwxr-xr-x 1 root root 84K May 27 12:35 /usr/lib/dovecot/quota-status Did you look there? You also are going to need to use 'mail_plugins = $mail_plugins quota'. See quota configuration in dovecot wiki. (http://wiki2.dovecot.org/Quota) 2. It has no man page because it is not intended to be ran at command line, but -p means protocol. It should match your MTA/MX. Such as postfix, which at the moment is the only supported one. 3. Port you can choose freely, it is used by postfix to check the delivery possiblity before actually doing it. This is the statement in smtpd_recipient_restrictions, check_policy_service inet:mailstore.example.com:12340 replace mailstore.example.com with localhost or your dovecot hostname. And port with what you choose. 4. The various responses are what your MTA/MX expects. Looking at postfix manual (http://www.postfix.org/SMTPD_POLICY_README.html#protocol) you can see that "The "DUNNO" action causes Postfix to ignore the result." You can look at the postfix manual for various acceptable answers, but the one indicated in the configuration example probably works best. 5. quota_status_* quota_status_success, default response is OK quota_status_toolarge quota_status_overquota toolarge and overquota default to "554 5.2.2 ". quota_status_nouser, default response is "REJECT Unknown user" These are sent verbatim to your MTA/MX; refer to it's documentation for allowed responses. --- Aki Tuomi Dovecot oy
Re: Shared mailboxes not showing up in shared namespace
Tried it but now luck in either OX App Suite or Thunderbird. The thing is that it isn’t even listed as a subscribeable folder. For example I have a Public namespace at that lists all the public mailboxes but Shared doesn’t list anything. I installed an addon in Thunderbird for ACL and that lists correct permissions on the INBOX folders. (Users having lookup & read permissions). I can post the doveconf output if you want? > On 3 Jul 2016, at 16:52, aki.tu...@dovecot.fi wrote: > > >> On July 3, 2016 at 6:46 PM Marti Markovwrote: >> >> >> Aki, you were right. >> It was at /usr/lib/dovecot >> >> Here is the output: >> >> * LIST (\Noselect \HasChildren) "/" Shared >> * LIST (\Noselect \HasChildren) "/" Shared/d.marteva >> * LIST (\HasNoChildren) "/" Shared/d.marteva/INBOX > > Can you try > > doveadm mailbox subscribe -u yourusername Shared/d.marteva/INBOX > > Aki
Re: Shared mailboxes not showing up in shared namespace
> On July 3, 2016 at 6:46 PM Marti Markovwrote: > > > Aki, you were right. > It was at /usr/lib/dovecot > > Here is the output: > > * LIST (\Noselect \HasChildren) "/" Shared > * LIST (\Noselect \HasChildren) "/" Shared/d.marteva > * LIST (\HasNoChildren) "/" Shared/d.marteva/INBOX Can you try doveadm mailbox subscribe -u yourusername Shared/d.marteva/INBOX Aki
Re: Shared mailboxes not showing up in shared namespace
Aki, you were right. It was at /usr/lib/dovecot Here is the output: root@mail:~# /usr/lib/dovecot/imap -u m.markov * PREAUTH [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS SPECIAL-USE BINARY MOVE ACL RIGHTS=texk] Logged in as m.mar...@domain.com 1 LIST "" "*" * LIST (\HasNoChildren) "/" confirmed-spam * LIST (\HasNoChildren \Trash) "/" Trash * LIST (\HasNoChildren) "/" SpamLikely * LIST (\HasNoChildren) "/" Spam * LIST (\HasNoChildren) "/" "Sent Items" * LIST (\HasNoChildren) "/" Archive * LIST (\HasNoChildren \Drafts) "/" Drafts * LIST (\HasNoChildren) "/" Notes * LIST (\HasNoChildren) "/" TeamViewer * LIST (\HasNoChildren \Sent) "/" "Sent Messages" * LIST (\HasNoChildren) "/" confirmed-ham * LIST (\Noselect \HasChildren) "/" Public * LIST (\HasNoChildren) "/" Public/office3 * LIST (\HasNoChildren) "/" Public/office4 * LIST (\HasNoChildren) "/" Public/support * LIST (\HasNoChildren) "/" Public/root * LIST (\HasNoChildren) "/" Public/updates * LIST (\HasNoChildren) "/" Public/postmaster * LIST (\Noselect \HasChildren) "/" Shared * LIST (\Noselect \HasChildren) "/" Shared/d.marteva * LIST (\HasNoChildren) "/" Shared/d.marteva/INBOX * LIST (\HasNoChildren) "/" INBOX 1 OK List completed. 2 LOGOUT It does list the shared mailbox but it never shows up in either OX App Suite or Thunderbird. > On 3 Jul 2016, at 15:04, aki.tu...@dovecot.fi wrote: > > You should have it. Otherwise imap wouldn't work. It's probably under > /usr/lib/dovecot or /usr/lib/x86_64/dovecot > > Aki > >> On July 2, 2016 at 11:11 PM Marti Markovwrote: >> >> >> I don’t seem to have that install on my Debian machine. >> >> But I have done this: >> >> 1 LIST "" % >> * LIST (\HasNoChildren) "/" confirmed-spam >> * LIST (\HasChildren) "/" Archive >> * LIST (\HasNoChildren \Sent) "/" Sent >> * LIST (\HasChildren \Trash) "/" Trash >> * LIST (\HasNoChildren) "/" Spam >> * LIST (\HasChildren) "/" Archives >> * LIST (\HasNoChildren \Drafts) "/" Drafts >> * LIST (\HasNoChildren \Junk) "/" Junk >> * LIST (\HasNoChildren) "/" Unwanted >> * LIST (\HasNoChildren) "/" confirmed-ham >> * LIST (\Noselect \HasChildren) "/" Public >> * LIST (\Noselect \HasNoChildren) "/" Shared >> * LIST (\HasNoChildren) "/" INBOX >> 1 OK List completed. >> 7 LIST * * >> * LIST (\HasNoChildren) "/" confirmed-spam >> * LIST (\HasChildren) "/" Archive >> * LIST (\HasNoChildren) "/" Archive/2015 >> * LIST (\HasNoChildren \Sent) "/" Sent >> * LIST (\HasChildren \Trash) "/" Trash >> * LIST (\HasNoChildren) "/" Trash/Junk >> * LIST (\HasNoChildren) "/" Spam >> * LIST (\HasChildren) "/" Archives >> * LIST (\HasNoChildren) "/" Archives/2015 >> * LIST (\HasNoChildren) "/" Archives/2011 >> * LIST (\HasNoChildren \Drafts) "/" Drafts >> * LIST (\HasNoChildren \Junk) "/" Junk >> * LIST (\HasNoChildren) "/" Unwanted >> * LIST (\HasNoChildren) "/" confirmed-ham >> * LIST (\Noselect \HasChildren) "/" Public >> * LIST (\HasNoChildren) "/" Public/office3 >> * LIST (\HasNoChildren) "/" Public/office4 >> * LIST (\Noselect \HasNoChildren) "/" Shared >> * LIST (\HasNoChildren) "/" INBOX >> 7 OK List completed. >> >> By connecting using `openssl` from a remote machine. >> >>> On 1 Jul 2016, at 09:02, Steffen Kaiser >>> wrote: >>> >>> -BEGIN PGP SIGNED MESSAGE- >>> Hash: SHA1 >>> >>> On Thu, 30 Jun 2016, Marti Markov wrote: >>> I think I have configured everything correctly but for some reason I can’t get a list of the shared mailboxes to show up. When I run: doveadm acl debug -u m.markov Shared/d.marteva/INBOX doveadm(m.markov): Info: User d.marteva found from ACL shared dict doveadm(m.markov): Info: Mailbox Shared/d.marteva/INBOX is visible in LIST >>> >>> did you've tried: >>> >>> http://wiki2.dovecot.org/PreAuth >>> >>> /usr/local/libexec/dovecot/imap -u m.markov >>> 1 LIST "" "*" >>> 2 LOGOUT >>> >>> ? >>> >>> Maybe the client does not list them. >>> >>> - -- Steffen Kaiser >>> -BEGIN PGP SIGNATURE- >>> Version: GnuPG v1 >>> >>> iQEVAwUBV3Yjqnz1H7kL/d9rAQIoSQgAvKFsSKxMdt82a/1p52bikwkje4YoqGjK >>> duStP9qG2AtkkRPbbNc8JWki20xixyW7XagIP39dGwd+yNVlkMZAVna0KGIFNUwk >>> 9eVC1lMPax9lc0kq7Fw+EqwpPtFwuGe41eAsyP3JE51VlEbnA74oPGadJJe/6cM8 >>> /3sMCxXC9PlxgoKhwFoqggnEeH0Dx6wkHqXsLT3lCnSwtQHX8ZaKlRkEaVBvTVvO >>> ogu/9V/RZH6mhiVdlcYEDXDNoAZ7dh7ZgLqI2nCJm1AoTjpAyjnskhFT+1l5sOC0 >>> +tEb7Rfl7zAp+eJy6X9RaX9nuDzIGSTRfHBeTV9rMVXrz005FYHZpg== >>> =uU9/ >>> -END PGP SIGNATURE-
RE: FW: quota-status service
Aki: Over the last three days, I've watched many other questions being asked and answered. Were they also impolite to ask? Peter: What exactly was impolite about identifying missing information and listing the specific details that I'm looking for? Aki & Peter: Do either of you know the answers to at least some of my questions? Michael > -Original Message- > From: dovecot [mailto:dovecot-boun...@dovecot.org] On Behalf Of Peter > Chiochetti > Sent: Sunday, July 3, 2016 2:07 AM > To: dovecot@dovecot.org > Subject: Re: FW: quota-status service > > Am 2016-07-03 um 10:43 schrieb Aki Tuomi: > > If you need fast and timely support you can contact OX sales for an > support agreement . It is somewhat impolite to except such from a public > mailing list over weekend. > > Nah, expecting such can be unreasonable, > Impolite though the manner of expression >
Re: kqueue crash on FreeBSD with 2.2.25 and OpenBSD
On 16-07-03 03:30:36, Timo Sirainen wrote: > On 02 Jul 2016, at 03:30, Adam Weinbergerwrote: > > > >>> Jul 1 10:07:27 imap dovecot: master: Panic: kevent(EV_ADD, READ, 54) > >>> failed: Bad file descriptor > >>> > >>> It's not dumping core, and I get the message even with "protocols =" > >>> > >>> Downgrading back to 2.2.24 fixes it. What info would be helpful for me to > >>> provide here? > >> > >> gdb backtrace: http://dovecot.org/bugreport.html#coredumps > >> > > > > Fuller logs attached. Thanks for your help, Timo. > > > > #6 0x2815b23a in i_panic (format=0x281ccf7a "kevent(EV_ADD, READ, %d) > > failed: %m") at failures.c:275 > > #7 0x28185e10 in io_loop_handle_add (io=0x288843a0) at ioloop-kqueue.c:67 > > #8 0x281815a8 in io_add_file (fd=56, condition=IO_READ, > > source_linenum=244, callback=0x2818a7d0 , context=0x0) at > > ioloop.c:59 > > #9 0x281813a6 in io_add (fd=56, condition=IO_READ, source_linenum=244, > > callback=0x2818a7d0 , context=0x0) at ioloop.c:81 > > #10 0x2818a666 in lib_signals_set_handler (signo=1, flags=3, > > handler=0x804e6c0 , context=0x0) at lib-signals.c:243 > > #11 0x0804e129 in main_init (set=0x2881d098) at main.c:518 > > #12 0x0804d562 in main (argc=3, argv=0xae08) at main.c:890 > > Weird. I haven't touched anything even close to that. Also kqueue works on my > OSX. The only thing that comes to my mind is > https://github.com/dovecot/core/commit/fde7b8a03bf91cfa5bb7ca3e84545386243fa0d2 > > Does it happen to work if you use the attached patch? > Looks like its an issue on OpenBSD -current as well. This GDB was configured as "i386-unknown-openbsd6.0"... Core was generated by `dovecot'. Program terminated with signal 6, Aborted. Loaded symbols for /home/edgar/sbin/dovecot Reading symbols from /home/edgar/lib/dovecot/libdovecot.so.0.0...done. Loaded symbols for /home/edgar/lib/dovecot/libdovecot.so.0.0 Reading symbols from /usr/lib/libc.so.88.0...done. Loaded symbols for /usr/lib/libc.so.88.0 Reading symbols from /usr/libexec/ld.so...done. Loaded symbols for /usr/libexec/ld.so #0 0x0d8ca24f in thrkill () at :2 2 : No such file or directory. in (gdb) bt #0 0x0d8ca24f in thrkill () at :2 #1 0x0d8cd691 in *_libc_raise (s=6) at /usr/src/lib/libc/gen/raise.c:37 #2 0x0d8cb8fc in *_libc_abort () at /usr/src/lib/libc/stdlib/abort.c:52 #3 0x092d5a2f in default_fatal_finish (type=Variable "type" is not available. ) at failures.c:201 #4 0x092d5ae4 in i_syslog_fatal_handler (ctx=0xcf7dcdcc, format=0x2925f1d4 "kevent(EV_ADD, READ, %d) failed: %m", args=0xcf7dcdf4 "<") at failures.c:418 #5 0x17bd6f68 in master_fatal_callback (ctx=0xcf7dcdcc, format=0x2925f1d4 "kevent(EV_ADD, READ, %d) failed: %m", args=0xcf7dcdf4 "<") at main.c:167 #6 0x092d4ea6 in i_panic (format=Could not find the frame base for "i_panic". ) at failures.c:275 #7 0x092de2b9 in io_loop_handle_add (io=Variable "io" is not available. ) at ioloop-kqueue.c:67 #8 0x092df3e2 in io_add_file (fd=60, condition=IO_READ, source_linenum=244, callback=0x92efe80 , context=0x0) at ioloop.c:59 #9 0x092df491 in io_add (fd=60, condition=IO_READ, source_linenum=244, callback=0x92efe80 , context=0x0) at ioloop.c:81 #10 0x092f0283 in lib_signals_set_handler (signo=1, flags=3, handler=0x17bd5d30 , context=0x0) at lib-signals.c:243 #11 0x17bd58fb in main_init (set=0x86b34098) at main.c:518 #12 0x17bd6878 in main (argc=Cannot access memory at address 0x0 ) at main.c:890 Current language: auto; currently asm (gdb) bt full #0 0x0d8ca24f in thrkill () at :2 No locals. #1 0x0d8cd691 in *_libc_raise (s=6) at /usr/src/lib/libc/gen/raise.c:37 No locals. #2 0x0d8cb8fc in *_libc_abort () at /usr/src/lib/libc/stdlib/abort.c:52 mask = 4294967263 sa = {__sigaction_u = {__sa_handler = 0xcf7dcd38, __sa_sigaction = 0xcf7dcd38}, sa_mask = 690456752, sa_flags = 1} #3 0x092d5a2f in default_fatal_finish (type=Variable "type" is not available. ) at failures.c:201 backtrace = Variable "backtrace" is not available. (gdb) I'm happy to test patches, etc. -- Edgar Pettijohn
Re: Shared mailboxes not showing up in shared namespace
You should have it. Otherwise imap wouldn't work. It's probably under /usr/lib/dovecot or /usr/lib/x86_64/dovecot Aki > On July 2, 2016 at 11:11 PM Marti Markovwrote: > > > I don’t seem to have that install on my Debian machine. > > But I have done this: > > 1 LIST "" % > * LIST (\HasNoChildren) "/" confirmed-spam > * LIST (\HasChildren) "/" Archive > * LIST (\HasNoChildren \Sent) "/" Sent > * LIST (\HasChildren \Trash) "/" Trash > * LIST (\HasNoChildren) "/" Spam > * LIST (\HasChildren) "/" Archives > * LIST (\HasNoChildren \Drafts) "/" Drafts > * LIST (\HasNoChildren \Junk) "/" Junk > * LIST (\HasNoChildren) "/" Unwanted > * LIST (\HasNoChildren) "/" confirmed-ham > * LIST (\Noselect \HasChildren) "/" Public > * LIST (\Noselect \HasNoChildren) "/" Shared > * LIST (\HasNoChildren) "/" INBOX > 1 OK List completed. > 7 LIST * * > * LIST (\HasNoChildren) "/" confirmed-spam > * LIST (\HasChildren) "/" Archive > * LIST (\HasNoChildren) "/" Archive/2015 > * LIST (\HasNoChildren \Sent) "/" Sent > * LIST (\HasChildren \Trash) "/" Trash > * LIST (\HasNoChildren) "/" Trash/Junk > * LIST (\HasNoChildren) "/" Spam > * LIST (\HasChildren) "/" Archives > * LIST (\HasNoChildren) "/" Archives/2015 > * LIST (\HasNoChildren) "/" Archives/2011 > * LIST (\HasNoChildren \Drafts) "/" Drafts > * LIST (\HasNoChildren \Junk) "/" Junk > * LIST (\HasNoChildren) "/" Unwanted > * LIST (\HasNoChildren) "/" confirmed-ham > * LIST (\Noselect \HasChildren) "/" Public > * LIST (\HasNoChildren) "/" Public/office3 > * LIST (\HasNoChildren) "/" Public/office4 > * LIST (\Noselect \HasNoChildren) "/" Shared > * LIST (\HasNoChildren) "/" INBOX > 7 OK List completed. > > By connecting using `openssl` from a remote machine. > > > On 1 Jul 2016, at 09:02, Steffen Kaiser > > wrote: > > > > -BEGIN PGP SIGNED MESSAGE- > > Hash: SHA1 > > > > On Thu, 30 Jun 2016, Marti Markov wrote: > > > >> I think I have configured everything correctly but for some reason I can’t > >> get a list of the shared mailboxes to show up. > >> > >> When I run: > >> > >> doveadm acl debug -u m.markov Shared/d.marteva/INBOX > >> > >> > >> doveadm(m.markov): Info: User d.marteva found from ACL shared dict > >> doveadm(m.markov): Info: Mailbox Shared/d.marteva/INBOX is visible in LIST > > > > did you've tried: > > > > http://wiki2.dovecot.org/PreAuth > > > > /usr/local/libexec/dovecot/imap -u m.markov > > 1 LIST "" "*" > > 2 LOGOUT > > > > ? > > > > Maybe the client does not list them. > > > > - -- Steffen Kaiser > > -BEGIN PGP SIGNATURE- > > Version: GnuPG v1 > > > > iQEVAwUBV3Yjqnz1H7kL/d9rAQIoSQgAvKFsSKxMdt82a/1p52bikwkje4YoqGjK > > duStP9qG2AtkkRPbbNc8JWki20xixyW7XagIP39dGwd+yNVlkMZAVna0KGIFNUwk > > 9eVC1lMPax9lc0kq7Fw+EqwpPtFwuGe41eAsyP3JE51VlEbnA74oPGadJJe/6cM8 > > /3sMCxXC9PlxgoKhwFoqggnEeH0Dx6wkHqXsLT3lCnSwtQHX8ZaKlRkEaVBvTVvO > > ogu/9V/RZH6mhiVdlcYEDXDNoAZ7dh7ZgLqI2nCJm1AoTjpAyjnskhFT+1l5sOC0 > > +tEb7Rfl7zAp+eJy6X9RaX9nuDzIGSTRfHBeTV9rMVXrz005FYHZpg== > > =uU9/ > > -END PGP SIGNATURE-
Re: FW: quota-status service
Am 2016-07-03 um 10:43 schrieb Aki Tuomi: If you need fast and timely support you can contact OX sales for an support agreement . It is somewhat impolite to except such from a public mailing list over weekend. Nah, expecting such can be unreasonable, Impolite though the manner of expression ---Aki TuomiDovecot oy Original message From: Michael FoxDate: 03/07/2016 09:00 (GMT+02:00) To: Dovecot Mailing List Subject: FW: quota-status service ??? 3rd request -Original Message- From: dovecot [mailto:dovecot-boun...@dovecot.org] On Behalf Of Michael Fox Sent: Friday, July 1, 2016 5:56 PM To: Dovecot Mailing List Subject: RE: quota-status service ??? From: Michael Fox [mailto:n...@mefox.org] Sent: Thursday, June 30, 2016 1:59 PM To: Dovecot Mailing List (dovecot@dovecot.org) Subject: quota-status service -- peter
Re: FW: quota-status service
If you need fast and timely support you can contact OX sales for an support agreement . It is somewhat impolite to except such from a public mailing list over weekend. ---Aki TuomiDovecot oy Original message From: Michael FoxDate: 03/07/2016 09:00 (GMT+02:00) To: Dovecot Mailing List Subject: FW: quota-status service ??? 3rd request -Original Message- From: dovecot [mailto:dovecot-boun...@dovecot.org] On Behalf Of Michael Fox Sent: Friday, July 1, 2016 5:56 PM To: Dovecot Mailing List Subject: RE: quota-status service ??? From: Michael Fox [mailto:n...@mefox.org] Sent: Thursday, June 30, 2016 1:59 PM To: Dovecot Mailing List (dovecot@dovecot.org) Subject: quota-status service I'm trying to understand the quota-status service, but I can't find complete documentation. The quota-status service is mentioned here: http://wiki.dovecot.org/Quota And an example configuration is shown: service quota-status { executable = quota-status -p postfix inet_listener { port = 12340 # You can choose any port you want } client_limit = 1 } But I can't find any information on quota-status. "man quota-status" returns nothing. I am unable to find a "quota-status" file on my machine. Where is the executable located? What does the "-p postfix" option do? Are there any other command line options? The above wiki page shows three quota_status_* options in use: quota_status_success = DUNNO quota_status_nouser = DUNNO quota_status_overquota = "552 5.2.2 Mailbox is full" Where are their meanings documented? What are the allowed values? Are there other quota_status_* options? Thanks in advance. Thanks, Michael
FW: quota-status service
??? 3rd request -Original Message- From: dovecot [mailto:dovecot-boun...@dovecot.org] On Behalf Of Michael Fox Sent: Friday, July 1, 2016 5:56 PM To: Dovecot Mailing ListSubject: RE: quota-status service ??? From: Michael Fox [mailto:n...@mefox.org] Sent: Thursday, June 30, 2016 1:59 PM To: Dovecot Mailing List (dovecot@dovecot.org) Subject: quota-status service I'm trying to understand the quota-status service, but I can't find complete documentation. The quota-status service is mentioned here: http://wiki.dovecot.org/Quota And an example configuration is shown: service quota-status { executable = quota-status -p postfix inet_listener { port = 12340 # You can choose any port you want } client_limit = 1 } But I can't find any information on quota-status. "man quota-status" returns nothing. I am unable to find a "quota-status" file on my machine. Where is the executable located? What does the "-p postfix" option do? Are there any other command line options? The above wiki page shows three quota_status_* options in use: quota_status_success = DUNNO quota_status_nouser = DUNNO quota_status_overquota = "552 5.2.2 Mailbox is full" Where are their meanings documented? What are the allowed values? Are there other quota_status_* options? Thanks in advance. Thanks, Michael