Re: NFSv4 and Maildir

[Joseph Tam]

Noel Butler writes:


I found the same thing, and turning off write delegation seemed
to have solved the problem.  I still don't know why, though.


write delegation is disabled by default on NetApp with v4, or have they
changed this now?


I think this is still the case: when I exported NFSv4, I also turned on
both r/w delegation as well.  The exported filesystem exhibited weird
locking or slow write operations on NFS clients (e.g. "touch newfile"
would take a second to complete).  This went away when I turned off
write delegation.

Joseph Tam 

Re: doveadm backup fails (compromised single attachment storage)

[Webert de Souza Lima]

Since no one seems to know if mailboxes can be "fixed", is possible to run
dsync backup ignoring errors? There is no such documentation.
When the describe errors occur, sync is interrupted.

On Fri, Sep 30, 2016 at 10:18 AM Webert de Souza Lima 
wrote:

> by SAS I meant SIAS (Single Instance Attachment Storage).
>
> On Thu, Sep 29, 2016 at 9:33 AM Webert de Souza Lima <
> webert.b...@gmail.com> wrote:
>
>> Hi,
>>
>> A couple of months ago I had a problem with Single Attachment Storage
>> after infrastructure migration;
>>
>> All mailboxes were rsynced to another filesystem, and that may have
>> broken Single Attachment Storage. Many, many (if not all) mailboxes show
>> the below logs on dovecot:
>>
>> imap(f...@bar.com): Error:
>> read(attachments-connector(zlib(/dovecotdir/mail/
>> bar.com/foo/mailboxes/INBOX/dbox-Mails/u.26426))) failed:
>> read(/dovecotdir/attach/
>> bar.com/de/86/de8673894d6fb3f4460e3c26436eefa9a73517fa0f000452f553822367220761502e1d0ce220eee5aa9acf232df0adebf40cce90b57d2e60e1eb9c9ef21671fa-b0d3411772c1495753619331bd36-43cea6154b3275573b089331bd36-26426[base64:19
>> 
>> b/l]) failed: open(/dovecotdir/attach/
>> bar.com/de/86/de8673894d6fb3f4460e3c26436eefa9a73517fa0f000452f553822367220761502e1d0ce220eee5aa9acf232df0adebf40cce90b57d2e60e1eb9c9ef21671fa-b0d3411772c1495753619331bd36-43cea6154b3275573b089331bd36-26426)
>> failed: No such file or directory
>>
>>
>> When that happens, the MUA keeps syncing forever.
>>
>> Now, I need to migrate all mailboxes (again) to another dovecot instance
>> (with no SAS), which works perfectly for new users but when I try to
>> migrate users from my current dovecot server for this new server, I get
>> such errors again, and I can't migrate:
>>
>> 2016-09-29T12:20:50.995934059Z Sep 29 12:20:50 dsync-server(f...@bar.com):
>> Error: dsync(cf7d091311eb):
>> read(attachments-connector(zlib(/dovecotdir/mdbox/
>> bar.com/foo/storage/m.1))) failed: read(/dovecotdir/attach/
>> bar.com/0c/df/0cdf86b1920938fe3a043f87e2ee9e63dda276bd5b9fba687e4a0c63d181c3b6ebdb96a9517f048c963db71404ad5d14e896e2e67b7abb0c9e107aed5c15ecf1-430ea904dff46757ba179331bd36[base64:18
>> 
>> b/l]) failed: open(/dovecotdir/attach/
>> bar.com/0c/df/0cdf86b1920938fe3a043f87e2ee9e63dda276bd5b9fba687e4a0c63d181c3b6ebdb96a9517f048c963db71404ad5d14e896e2e67b7abb0c9e107aed5c15ecf1-430ea904dff46757ba179331bd36)
>> failed: No such file or directory (last sent=mail, last recv=mail_request
>> (EOL))
>>
>> Is there a way to fix the attachments problem? (I know I can't recover
>> such files, that's Ok)
>> Is there a way to migrate (dsync backup) ignoring such problems?
>>
>> Thanks in advance.
>>
>

Requiring client certificate on only one interface

[Braden Thomas]

Hi,

I'm trying to require client certificates on only one interface. I'm
running dovecot 2.1.7. There have been a couple of recent threads about
this kind of configuration:

http://dovecot.org/list/dovecot/2016-August/105244.html  (Aug 2016)

http://www.dovecot.org/list/dovecot/2016-February/103067.html (Feb 2016)


However, these threads recommend an approach that no longer works. 
Specifically, the "-l" or "-P" arguments to imap-login no longer work.
Is there currently a recommended way to configure dovecot like this?

Braden

shared folders

[Scherff]

Well,

these is the complete output for dovecot -n :

mail:~ # dovecot -n
# 2.2.18: /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.8 (0c4ae064f307+)
# OS: Linux 4.1.31-30-default x86_64 openSUSE 42.1 (x86_64)
auth_mechanisms = plain login
mail_gid = vmail
mail_home = /var/vmail/mailboxes/%d/%n
mail_location = maildir:~/mail:LAYOUT=fs
mail_plugins = " acl"
mail_privileged_group = vmail
mail_uid = vmail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope 
encoded-character vacation subaddress comparator-i;ascii-numeric 
relational regex imap4flags copy include variables body enotify 
environment mailbox date index ihave duplicate

namespace {
  hidden = no
  ignore_on_failure = no
  list = children
  location = 
maildir:%%h/mail:INDEX=%h/mail/shared/%%u:CONTROL=%h/mail/shared/%%u

  prefix = shared/%%u/
  separator = /
  subscriptions = yes
  type = shared
}
namespace inbox {
  inbox = yes
  location =
  mailbox Archives {
auto = subscribe
special_use = \Archive
  }
  mailbox Drafts {
auto = subscribe
special_use = \Drafts
  }
  mailbox Notes {
auto = subscribe
  }
  mailbox Sent {
auto = subscribe
special_use = \Sent
  }
  mailbox Spam {
auto = subscribe
special_use = \Junk
  }
  mailbox Trash {
auto = subscribe
special_use = \Trash
  }
  prefix =
}
passdb {
  args = /etc/dovecot/dovecot-sql.conf
  driver = sql
}
plugin {
  acl = vfile:/var/vmail/dovecot-acl
  acl_shared_dict = file:/var/vmail/db/shared-mailboxes.db
  quota = maildir:User quota
  quota_exceeded_message = Benutzer %u hat das Speichervolumen 
überschritten. / User %u has exhausted allowed storage space.

  sieve = /var/vmail/sieve/%d/%n/active-script.sieve
  sieve_before = /var/vmail/sieve/global/spam-global.sieve
  sieve_dir = /var/vmail/sieve/%d/%n/scripts
  zlib_save = gz
  zlib_save_level = 6
}
protocols = imap lmtp sieve
service auth {
  unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
  }
  unix_listener auth-userdb {
group = vmail
mode = 0660
user = vmail
  }
}
service imap-login {
  inet_listener imap {
port = 143
  }
}
service lmtp {
  unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0660
user = postfix
  }
  user = vmail
}
service managesieve-login {
  inet_listener sieve {
port = 4190
  }
}
ssl = required
ssl_cert = ssl_cipher_list = 
EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA256:EECDH:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!IDEA:!ECDSA:kEDH:CAMELLIA128-SHA:AES128-SHA

ssl_dh_parameters_length = 2048
ssl_key = 

Re: shared folders

[Jerry]

On Mon, 3 Oct 2016 12:23:30 +0200, Scherff stated:

>Hi,
>i am stuck. Try to install shared folders - dovecot is running fine.
>ACL is working. But i can't get running the shared folders. Maybe
>someone can help.
>
>This are the relevant conf. I think i have some mistake there -
>perhaps in location - changed try and error - stuck:

What you are posting is not necessarily what Dovecot is seeing. Please
post the complete output of "dovecot -n"

-- 
Jerry

shared folders

[Scherff]

Hi,
i am stuck. Try to install shared folders - dovecot is running fine. ACL 
is working. But i can't get running the shared folders. Maybe someone 
can help.


This are the relevant conf. I think i have some mistake there - perhaps 
in location - changed try and error - stuck:


mail_home = /var/vmail/mailboxes/%d/%n
mail_location = maildir:~/mail:LAYOUT=fs

namespace {
  hidden = no
  ignore_on_failure = no
  list = children
  location = 
maildir:%%h/mail:INDEX=%h/mail/shared/%%u:CONTROL=%h/mail/shared/%%u

  prefix = shared/%%u/
  separator = /
  subscriptions = yes
  type = shared
}
namespace inbox {
  inbox = yes
  location =
  mailbox Archives {
auto = subscribe
special_use = \Archive
  }
  mailbox Drafts {
auto = subscribe
special_use = \Drafts
  }
  mailbox Notes {
auto = subscribe
  }
  mailbox Sent {
auto = subscribe
special_use = \Sent
  }
  mailbox Spam {
auto = subscribe
special_use = \Junk
  }
  mailbox Trash {
auto = subscribe
special_use = \Trash
  }
  prefix =
}

plugin {
# global acl - prevent expunche for some folder
 acl = vfile:/var/vmail/dovecot-acl
  acl_shared_dict = file:/var/vmail/db/shared-mailboxes.db
}

protocol imap {
  imap_idle_notify_interval = 15 mins
  mail_max_userip_connections = 30
  mail_plugins = " acl imap_acl"
}

protocol lmtp {
  mail_plugins = " acl"
}


Need some hint.

Thanks
Alfred

Re: Shared folder in a sharded cluster setup

[Aki Tuomi]

On 30.09.2016 17:10, Peer Heinlein wrote:
>
> Hi!
>
> With Dovecot Director and Proxy or the new (great!) TAG-feature from
> Dovecot it's easy to set up a shared IMAP-Cluster with individual local
> filesystems.
>
> But I'm unsure if it's possible to build a setup where shared mailboxes
> still can work.
>
> If user A is on Cluster (1) and user B is on (2),
> and Cluster (1) does not have access to the mail-home from B on (2),
>
> then user A can not reach the shared folders provided from User B on (2).
>
> I hope that there is a kind of backend-proxy-mechanism, so that the imap
> process of A on (1) can imap-proxy the requests for the shared folder to
> a node from cluster shard (2).
>
> And: To be exact, the imap process on (1) should forward the request to
> cluster (2) by the director system to make sure, that the connection
> will terminate on the right active backend of User B.
>
>
> This sounds like a special problem if local filesystems with mdbox are
> used and I now the great features of using Dovecot on Object Store,
> where every node can check out all mail-locations from all users.
>
> But especially on obox-systems it is very important that requests for a
> user are always terminated on the same backend. So how can shared
> folders work there?! Node (1) can not checkout the shared folders from
> User B if his obox storage is already active on another host (2)!
>
> Peer
>
>
>

Just wanted to point out that asking about obox questions here is bit
futile since it's pro-only feature. Shared folders should not be a
problem if your backends can access same storage.

Aki