Re: First steps in Dovecot; IMAP not working
(Sorry I read this list in digest form so frequently I'm half a step behind.) For sake of ?security?, I chose to not allow plaintext communication (being new to this, I think being strict is a good choice). I?ve tried with the openssl option and it successfully logged in. Yes, you've included some more log entries, which makes the problem clearer, as it usually does. Oct 13 05:56:28 imap(webuser): Error: open(/var/mail/webuser) failed: Permission denied (euid=1001(webuser) egid=1000(ftpusers) missing +w perm: /var/mail, we're not in group 8(mail), dir owned by 0:8 mode=0775) ... I checked, using ls -l /var, and I get this: drwxrwsr-x 2 root mail 4096 Apr 27 11:27 mail so the group looks to be correctly set to 'mail', despite what the log says, right? No, it's quite explicit. User "webuser" has uid/gid = 1001(webuser)/1000(ftpusers). Your mail spool has permission uid/gid = root(0)/mail(8), neither of which allows webuser to write to this mail spool to creates its own mail folder. Aki Tuomireplies with several solutions: In your configuration, dovecot uses whatever user/group returned by PAM. Since the webuser has never logged in, it has no directory under /var/mail. If you want, you can a) override mail_uid and mail_gid in userdb/passdb b) pre-create /var/mail/webuser and chown it to webuser:ftpusers c) you can let ftpusers write to /var/mail. Or if you dynamically/frequently onboard mail accounts, and users cannot arbitrarily write into this directory, you can "chmod 1777 /var/mail/" and let dovecot auto-create it (might also want to set "lda_mailbox_autocreate = yes". Joseph Tam
Re: First steps in Dovecot; IMAP not working
Le 14 oct. 2016 à 15:54, Aki Tuomia écrit: > In your configuration, dovecot uses whatever user/group returned by PAM. Excuse my ignorance, but what is PAM? > Since the web user has never logged in, it has no directory under /var/mail. Hmm… So it can’t log in because it has no directory and it has no directory as long as he does not log in, correct? > If you want, you can > > a) override mail_uid and mail_gid in userdb/passdb > b) pre-create /var/mail/webuser and chown it to webuser:ftpusers > c) you can let ftpusers write to /var/mail. Step b and c are ok for me, I believe. I should override mail_uid and mail_gid to what?
Re: First steps in Dovecot; IMAP not working
Le 14 oct. 2016 à 16:06, mick cranea écrit: > On 2016-10-14 13:43, Moi wrote: >> Hello, >> First of all, I'm sorry if you received this mail twice; I haven't received >> it the first time so I think it was lost. Second attempt. >> I've made some more tests and I still can't receive mails. >> Outlook doesn't complain about anything, no error message; the mails that >> are supposed to be received just won't appear. >> In the mail logs, I find this line (other lines are irrelevant): >> dovecot: imap-login: Aborted login (no auth attempts in 2 secs): user=<> >> [...] >> Is this a problem that looks familiar? >> It's a bit clueless without an error message. >> Any idea welcome. > > http://wiki.dovecot.org/TestInstallation Thank you. I’m at the “Check that it finds INBOX” section and am getting: * 0 EXISTS * 0 RECENT (the remaining text being the same as the example). So it looks like the mailbox doesn’t exist…
Re: First steps in Dovecot; IMAP not working
Le 14 oct. 2016 à 21:22, Joseph Tama écrit: > Did you post doveconf -n (I didn't catch the head of this thread)? That > would be step 0. Yes (actually, twice). If you want to see it again, no problem, just ask. > I assume you allow plaintext communication, but if not, substitute telnet with > "openssl sclient -connect your-server:993": > > C: # telnet your-server 143 > S: * OK [CAPABILITY ... > C: x1 login testuser theirpassword > > If you get an OK response to this, it may be a client issue (check settings on > client). If you get an error or failure, look inward: check logs and config. For sake of “security”, I chose to not allow plaintext communication (being new to this, I think being strict is a good choice). I’ve tried with the openssl option and it successfully logged in. Thank you.
Re: First steps in Dovecot; IMAP not working
Moiwrote: I've made some more tests and I still can't receive mails; sending them still works. I don't receive any error message, just the mails that are supposed to be received won't come. In the mail logs, I find only this relevant line: dovecot: imap-login: Aborted login (no auth attempts in 2 secs): user=<> Did you post doveconf -n (I didn't catch the head of this thread)? That would be step 0. A good first step is to test whether you have basic authentication working (to separate out if you have a server or client issue). I assume you allow plaintext communication, but if not, substitute telnet with "openssl sclient -connect your-server:993": C: # telnet your-server 143 S: * OK [CAPABILITY ... C: x1 login testuser theirpassword If you get an OK response to this, it may be a client issue (check settings on client). If you get an error or failure, look inward: check logs and config. Joseph Tam
Re: Maildir Expunged GUID mismatch for UID
> On September 30, 2016 at 4:39 PM Steven Xuwrote: > > > > > Dovecot version:2.2.25 > > Since we used to keep our email files on widows server, I made the following > changes in maildir-storage.h > > #define MAILDIR_EXTRA_SEP ',' > > #define MAILDIR_INFO_SEP_S ":" to "+". > > > > Everything seems working except EXPUNG, The dovecot log is flooded by > messages like following: > > imap(x): Error: Mailbox INBOX: Expunged GUID mismatch for UID 7039 > > > > > > Then I read the source code, and found the following lines in > maildir-sync-index.c > > > > T_BEGIN { > >guid = maildir_uidlist_lookup_ext(ctx->mbox->uidlist, uid, > > MAILDIR_UIDLIST_REC_EXT_GUID); > >if (guid == NULL) > > guid = t_strcut(filename, ':'); > >mail_generate_guid_128_hash(guid, guid_128); > > } T_END; > > > > I have to change the code to guid = t_strcut(filename, '+'); > > > > > > So, should MAILDIR_EXTRA_SEP be used here instead of ':'? > > > > Thanks, > > > > Steven > > Hi! Can you try out the attached patch? Akidiff --git a/src/lib-storage/index/maildir/maildir-sync-index.c b/src/lib-storage/index/maildir/maildir-sync-index.c index 6ad8bac..e821f24 100644 --- a/src/lib-storage/index/maildir/maildir-sync-index.c +++ b/src/lib-storage/index/maildir/maildir-sync-index.c @@ -64,7 +64,7 @@ maildir_expunge_is_valid_guid(struct maildir_index_sync_context *ctx, guid = maildir_uidlist_lookup_ext(ctx->mbox->uidlist, uid, MAILDIR_UIDLIST_REC_EXT_GUID); if (guid == NULL) - guid = t_strcut(filename, ':'); + guid = t_strcut(filename, *MAILDIR_INFO_SEP_S); mail_generate_guid_128_hash(guid, guid_128); } T_END; diff --git a/src/lib-storage/index/maildir/maildir-uidlist.c b/src/lib-storage/index/maildir/maildir-uidlist.c index 99db5c7..df13222 100644 --- a/src/lib-storage/index/maildir/maildir-uidlist.c +++ b/src/lib-storage/index/maildir/maildir-uidlist.c @@ -1301,7 +1301,7 @@ static int maildir_uidlist_write_fd(struct maildir_uidlist *uidlist, int fd, } } str_append(str, " :"); - strp = strchr(rec->filename, ':'); + strp = strchr(rec->filename, *MAILDIR_INFO_SEP_S); if (strp == NULL) str_append(str, rec->filename); else
Re: First steps in Dovecot; IMAP not working
On 2016-10-14 13:43, Moi wrote: Hello, First of all, I'm sorry if you received this mail twice; I haven't received it the first time so I think it was lost. Second attempt. I've made some more tests and I still can't receive mails. Outlook doesn't complain about anything, no error message; the mails that are supposed to be received just won't appear. In the mail logs, I find this line (other lines are irrelevant): dovecot: imap-login: Aborted login (no auth attempts in 2 secs): user=<> [...] Is this a problem that looks familiar? It's a bit clueless without an error message. Any idea welcome. http://wiki.dovecot.org/TestInstallation -- key ID: 0x4BFEBB31
RE: First steps in Dovecot; IMAP not working
> On October 14, 2016 at 4:16 PM Moiwrote: > In your configuration, dovecot uses whatever user/group returned by PAM. Since the webuser has never logged in, it has no directory under /var/mail. If you want, you can a) override mail_uid and mail_gid in userdb/passdb b) pre-create /var/mail/webuser and chown it to webuser:ftpusers c) you can let ftpusers write to /var/mail. Aki
RE: First steps in Dovecot; IMAP not working
doveconf -n: # 2.2.13: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-042stab116.1 x86_64 Debian 8.6 mail_location = mbox:~/mail:INBOX=/var/mail/%u namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = pam } protocols = " imap" service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } } service imap-login { inet_listener imaps { port = 993 ssl = yes } } ssl = required ssl_cert = mailto:dovecot-boun...@dovecot.org] De la part de Aki Tuomi Envoyé : 14 October 2016 14:58 À : dovecot@dovecot.org Objet : Re: First steps in Dovecot; IMAP not working Please post doveconf -n doveadm log errors Aki Tuomi
Re: First steps in Dovecot; IMAP not working
On 14.10.2016 15:43, Moi wrote: Hello, First of all, I'm sorry if you received this mail twice; I haven't received it the first time so I think it was lost. Second attempt. I've made some more tests and I still can't receive mails. Outlook doesn't complain about anything, no error message; the mails that are supposed to be received just won't appear. In the mail logs, I find this line (other lines are irrelevant): dovecot: imap-login: Aborted login (no auth attempts in 2 secs): user=<> [...] Is this a problem that looks familiar? It's a bit clueless without an error message. Any idea welcome. Please post doveconf -n doveadm log errors Aki Tuomi
RE: First steps in Dovecot; IMAP not working
Hello, First of all, I'm sorry if you received this mail twice; I haven't received it the first time so I think it was lost. Second attempt. I've made some more tests and I still can't receive mails. Outlook doesn't complain about anything, no error message; the mails that are supposed to be received just won't appear. In the mail logs, I find this line (other lines are irrelevant): dovecot: imap-login: Aborted login (no auth attempts in 2 secs): user=<> [...] Is this a problem that looks familiar? It's a bit clueless without an error message. Any idea welcome.
Re: Dovecot does not close connections
The state of the processes according to ps is "S" which means "interruptible sleep" as far as I know? What is also interesting is, that the processes, that seem to have this problem are not shown with the owner name but with the user ID. Normal imap process in ps aux: username10841 0.1 0.1 9148 3472 ?S13:18 0:04 dovecot/imap Imap Processes that seem to be quite old already: 1405 11099 0.0 0.1 8072 2644 ?S13:23 0:00 dovecot/imap But I am not sure if this is really linked to the problem. Benedikt. Am 14.10.2016 um 14:08 schrieb Steffen Kaiser: > On Fri, 14 Oct 2016, Benedikt Carda wrote: > > > I am running into this error: > > /Maximum number of connections from user+IP exceeded > > (mail_max_userip_connections=10)/ > > > The suggested solution in hundreds of support requests on this mailing > > list and throughout the internet is to increase the number of maximum > > userip connections. But this is not curing the problem, it is just > > postponing it to the moment when the new limit is reached. > > > When i type: > > /doveadm who// > > / > > > I can see that some accounts have several pids running: > > /someaccount 10 imap (25396 25391 25386 25381 25374 7822 7817 > > 5559 5543 5531) (xxx.xxx.xxx.xxx)/ > > > Now when I check these pids with > > /ps aux/ > > > I find out that the oldest pid (5531) has a lifetime of already over 12 > > hours. Anyway I know that the clients that initiated the connections are > > not connected anymore, so there is no way that there is a valid reason > > why this connection should still be open. > > What's the state of the connection ? > > > -- Steffen Kaiser signature.asc Description: OpenPGP digital signature
Re: Dovecot does not close connections
This happens to me too. On my case, connections are ESTABILISHED. On Fri, Oct 14, 2016 at 9:09 AM Steffen Kaiser < skdove...@smail.inf.fh-brs.de> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On Fri, 14 Oct 2016, Benedikt Carda wrote: > > > I am running into this error: > > /Maximum number of connections from user+IP exceeded > > (mail_max_userip_connections=10)/ > > > > The suggested solution in hundreds of support requests on this mailing > > list and throughout the internet is to increase the number of maximum > > userip connections. But this is not curing the problem, it is just > > postponing it to the moment when the new limit is reached. > > > > When i type: > > /doveadm who// > > / > > > > I can see that some accounts have several pids running: > > /someaccount 10 imap (25396 25391 25386 25381 25374 7822 7817 > > 5559 5543 5531) (xxx.xxx.xxx.xxx)/ > > > > Now when I check these pids with > > /ps aux/ > > > > I find out that the oldest pid (5531) has a lifetime of already over 12 > > hours. Anyway I know that the clients that initiated the connections are > > not connected anymore, so there is no way that there is a valid reason > > why this connection should still be open. > > What's the state of the connection ? > > > - -- > Steffen Kaiser > -BEGIN PGP SIGNATURE- > Version: GnuPG v1 > > iQEVAwUBWADK13z1H7kL/d9rAQKw6gf/SbLMdf988i3u5arben3YseszjkOfMLqr > bRzuBa3wopFC7h456qORiSUqs14YWK7IvLkC5Ke81pdz3beDPFaYrjxvIjldn0KJ > YZzsAp7Nc04OzdcC1JZlZ96zjL85AfiokGVvjhCuqVNV0S1R9dy5wJLyouvdnNym > gLO2twykuEajJugcnqSfMj0QWhMFO+quYAOEUNeRpf4fDvPPNo11Y89aDtwCrZUp > OMEbDIMa92CnNRARkiqRINJmqt3v9ou3DEETnoyj8qGglO/zU+uAOE9BeoihPF4l > GIKMJ4agva1p1Un53RBsnpsXxVCljMcvt++M5g/vs+svYqulRpZeXQ== > =O6DY > -END PGP SIGNATURE- >
Re: Dovecot does not close connections
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 14 Oct 2016, Benedikt Carda wrote: I am running into this error: /Maximum number of connections from user+IP exceeded (mail_max_userip_connections=10)/ The suggested solution in hundreds of support requests on this mailing list and throughout the internet is to increase the number of maximum userip connections. But this is not curing the problem, it is just postponing it to the moment when the new limit is reached. When i type: /doveadm who// / I can see that some accounts have several pids running: /someaccount 10 imap (25396 25391 25386 25381 25374 7822 7817 5559 5543 5531) (xxx.xxx.xxx.xxx)/ Now when I check these pids with /ps aux/ I find out that the oldest pid (5531) has a lifetime of already over 12 hours. Anyway I know that the clients that initiated the connections are not connected anymore, so there is no way that there is a valid reason why this connection should still be open. What's the state of the connection ? - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWADK13z1H7kL/d9rAQKw6gf/SbLMdf988i3u5arben3YseszjkOfMLqr bRzuBa3wopFC7h456qORiSUqs14YWK7IvLkC5Ke81pdz3beDPFaYrjxvIjldn0KJ YZzsAp7Nc04OzdcC1JZlZ96zjL85AfiokGVvjhCuqVNV0S1R9dy5wJLyouvdnNym gLO2twykuEajJugcnqSfMj0QWhMFO+quYAOEUNeRpf4fDvPPNo11Y89aDtwCrZUp OMEbDIMa92CnNRARkiqRINJmqt3v9ou3DEETnoyj8qGglO/zU+uAOE9BeoihPF4l GIKMJ4agva1p1Un53RBsnpsXxVCljMcvt++M5g/vs+svYqulRpZeXQ== =O6DY -END PGP SIGNATURE-
Dovecot does not close connections
Hello, I am running into this error: /Maximum number of connections from user+IP exceeded (mail_max_userip_connections=10)/ The suggested solution in hundreds of support requests on this mailing list and throughout the internet is to increase the number of maximum userip connections. But this is not curing the problem, it is just postponing it to the moment when the new limit is reached. When i type: /doveadm who// / I can see that some accounts have several pids running: /someaccount 10 imap (25396 25391 25386 25381 25374 7822 7817 5559 5543 5531) (xxx.xxx.xxx.xxx)/ Now when I check these pids with /ps aux/ I find out that the oldest pid (5531) has a lifetime of already over 12 hours. Anyway I know that the clients that initiated the connections are not connected anymore, so there is no way that there is a valid reason why this connection should still be open. Also I never had this problem before, it appeared some months ago. Does anybody know how to solve this? Thanks in advance, Benedikt. signature.asc Description: OpenPGP digital signature
update dovecot-acl in all subfolders in a public folder
Hello everyone, right now I have problem and can't find a proper solution. But first: dovecot-version: 2.2.13 Now to my problem: A client of mine uses a public folder called "groups". In this Folder are several subfolders like "Archive", "projects", "sales" und so on. Unfortunately this client (and his employees) created thousands of subfolders within these folders. The folder "groups" is stored in /data/vmail/domain.com/. So, if i type "tree -a -L 1 /data/vmail/domain.com/groups" I get the following outpout: /data/vmail/domain.com/groups/ ??? .Archive ??? .Archive.subfolder1 ??? .Archive.subfolder2 ??? .Archive.subfolder2.subfolder3 ??? .Archive.subfolder2.subfolder4 () ??? .projects ??? .projects.subfolder1 ??? .projects.subfolder2 ??? .projects.subfolder2.subfolder3 ??? .projects.subfolder2.subfolder4 (...) In this groups-folder are at the moment more than 3400 folders! Now to the permissions: When the folders "Archive", "projects" and so on had been created every folder got a dovecot-acl for the permission for each user, e.g.: user=user1 kxeilprwts user=user2 kxeilprwts This worked finde, as the dovecot-acl got copied from the parent folder when the employees created new subfolders. Now to my problem I'm facing right now: This client got 2 new employees. So how can I edit all these dovecot-acl files in all subfolders where these 2 new employess schould get access to? Thank you in advance! Yours sincerely, Lukas Henrich Furthermore here is the output of dovecot -n: # 2.2.13: /etc/dovecot/dovecot.conf # OS: Linux 4.4.6-1-pve x86_64 Debian 8.4 auth_username_format = %Ln disable_plaintext_auth = no lda_mailbox_autocreate = yes mail_home = /data/vmail/domain.com/%Ln mail_location = maildir:~ mail_plugins = " acl" managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace { hidden = no ignore_on_failure = no inbox = no list = children location = maildir:/data/vmail/domain.com/%%n:INDEXPVT=/data/vmail/domain.com/%n/shared/%%n prefix = shared/%%n/ separator = / subscriptions = yes type = shared } namespace { hidden = no ignore_on_failure = no inbox = no list = yes location = maildir:/data/vmail/domain.com/groups:INDEXPVT=/data/vmail/domain.com/%n/groups prefix = groups/ separator = / subscriptions = yes type = public } namespace inbox { inbox = yes location = mailbox Archiv { special_use = \Archive } mailbox Archive { auto = subscribe special_use = \Archive } mailbox Archives { special_use = \Archive } mailbox "Deleted Messages" { special_use = \Trash } mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Entwürfe { special_use = \Drafts } mailbox "Gelöschte Elemente" { special_use = \Trash } mailbox "Gelöschte Objekte" { special_use = \Trash } mailbox Gesendet { special_use = \Sent } mailbox "Gesendete Elemente" { special_use = \Sent } mailbox "Gesendete Objekte" { special_use = \Sent } mailbox Junk { auto = subscribe special_use = \Junk } mailbox Papierkorb { special_use = \Trash } mailbox Sent { auto = subscribe special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Spam { special_use = \Junk } mailbox Trash { auto = subscribe special_use = \Trash } prefix = INBOX/ separator = / subscriptions = yes } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } passdb { args = scheme=CRYPT username_format=%Ln /etc/dovecot/users driver = passwd-file } plugin { acl = vfile acl_shared_dict = file:/var/lib/dovecot/db/shared-mailboxes.db sieve = ~/dovecot.sieve sieve_dir = ~/sieve } postmaster_address = ad...@domain.com protocols = " imap lmtp sieve sieve" service auth { unix_listener /var/spool/postfix/private/auth { mode = 0666 } unix_listener auth-userdb { group = vmail user = vmail } } service imap-login { inet_listener imap { port = 143 } } service lmtp { inet_listener lmtp { address = 127.0.0.1 port = 24 } unix_listener /var/spool/postfix/private/lmtp-dovecot { group = postfix user = postfix } } service managesieve-login { inet_listener sieve { port = 4190 } } ssl_cert =
RE: First steps in Dovecot; IMAP not working
Hello, I've made some more tests and I still can't receive mails; sending them still works. I don't receive any error message, just the mails that are supposed to be received won't come. In the mail logs, I find only this relevant line: dovecot: imap-login: Aborted login (no auth attempts in 2 secs): user=<> This line (which I shortened to remove IP addresses) seems to indicate there's no user referenced, although I've set the field in Outlook. Is this a problem that looks familiar? I'm sort of clueless without having an error message.