Re: LDAP schema ?

2017-04-20 Thread Nikolai Lusan 
Hi,
On Tue, 2017-04-18 at 17:06 +1000, Dave Dodd wrote:
> I am trying to determine the correct LDAP schema I need to use to
> have either
> mailLocation or mailboxPath available ?

I have a custom schema for postfix and dovecot. I then have the various
configuration files set up to match against that schema and return the
needed values. I also use this setup for sasl auth for both postfix and
dovecot (postfix using dovecot for sasl auth). About the only thing I
need to do is adjust it for amavisd usage.

If you are interested I can share it with you, and the configs to make
it work.

FWIW there is not really a standard schema for usage with dovecot
and/or postfix - in fact the author of postfix told me personally to
just write my own schema.


-- 
Nikolai Lusan 

signature.asc
Description: This is a digitally signed message part

Re: LDAP schema ?

2017-04-20 Thread Mihai Badici 
On Tuesday 18 April 2017 17:06:30 Dave Dodd wrote:
> Hi,
> 
> I am trying to determine the correct LDAP schema I need to use to have
> either mailLocation or mailboxPath available ?
> 
> Should I be just adding this to one of my own custom objectClasses ?
> 
> -- Dave
Actually i don't see a reason to use a special attribute for that, because it 
can be expanded using the username. I have something like:
 mail_location = maildir:/home/dovecot/%u
You may need howewer other attributes for user management so you can use kolab 
schema or  ispenv2.ldif in order not to reinvent the wheel.

LDAP schema ?

2017-04-20 Thread Dave Dodd 
Hi,

I am trying to determine the correct LDAP schema I need to use to have either
mailLocation or mailboxPath available ?

Should I be just adding this to one of my own custom objectClasses ?

-- Dave

[BUG] config-parser.c: line 89 - crash on comma in namespace mailbox

2017-04-20 Thread Alek 
Hi!
On the latest versions (2.2.28, 2.2.29.x) we get crash on dovecot config parse.
Error in config parser when checking namespace mailbox name. 
Reason: comma in mailbox name.
Worked well in versions < 2.2.22. Do not know if it was working on 
2.2.23-2.2.27, skipped this versions.

Example:
namespace inbox {
  mailbox ",BEAEMAQyBDsENQQ9BD0ESwQ1-" {
special_use = \Sent
  }
}

Error:
# dovecot -n
# 2.2.29.1 (e0b76e3): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.18 (29cc74d)
doveconf: Panic: file config-parser.c: line 89 (config_add_type): assertion 
failed: (ret > 0)
doveconf: Error: Raw backtrace: /usr/lib64/dovecot/libdovecot.so.0(+0x9b89a) 
[0x7fa1f8cc789a] -> 
/usr/lib64/dovecot/libdovecot.so.0(default_fatal_handler+0x32) [0x7fa1f8cc81d2] 
-> /usr/lib64/dovecot/libdovecot.so.0(+0x2f81a) [0x7fa1f8c5b81a] -> 
/usr/bin/doveconf() [0x40b213] -> 
/usr/bin/doveconf(config_parser_apply_line+0x763) [0x40b983] -> 
/usr/bin/doveconf(config_parse_file+0x821) [0x40c351] -> 
/usr/bin/doveconf(main+0x255) [0x406845] -> 
/lib64/libc.so.6(__libc_start_main+0xfd) [0x7fa1f88b6d1d] -> 
/usr/bin/doveconf() [0x4051f9]
doveconf: Error: managesieve-login: dump-capability process killed with signal 6
doveconf: Panic: file config-parser.c: line 89 (config_add_type): assertion 
failed: (ret > 0)
doveconf: Error: Raw backtrace: /usr/lib64/dovecot/libdovecot.so.0(+0x9b89a) 
[0x7f6dfa20489a] -> 
/usr/lib64/dovecot/libdovecot.so.0(default_fatal_handler+0x32) [0x7f6dfa2051d2] 
-> /usr/lib64/dovecot/libdovecot.so.0(+0x2f81a) [0x7f6dfa19881a] -> 
/usr/bin/doveconf() [0x40b213] -> 
/usr/bin/doveconf(config_parser_apply_line+0x763) [0x40b983] -> 
/usr/bin/doveconf(config_parse_file+0x821) [0x40c351] -> 
/usr/bin/doveconf(main+0x255) [0x406845] -> 
/lib64/libc.so.6(__libc_start_main+0xfd) [0x7f6df9df3d1d] -> 
/usr/bin/doveconf() [0x4051f9]


Info:
,BEAEMAQyBDsENQQ9BD0ESwQ1- - is a valid mailbox name for russian 
Outlook folder "Отправленные".

Re: javamail imap listing

2017-04-20 Thread Timo Sirainen 
Nowadays the LIST reference parameter really shouldn't be anything except 
empty. It's always IMAP server specific how the parameter is handled.

> On 19 Apr 2017, at 19.38, Matthew Broadhead  
> wrote:
> 
> Hi Michael,
> 
> Geronimo JavaMail hard defaults to / separator.  If the separator is manually 
> set to undefined it automatically calculates the separator correctly.
> 
> However neither through JavaMail or by command line does
> LIST "." "*"
> or
> LIST . "*"
> produce any root listing of default folder on my Dovecot installation.
> 
> Only
> LIST "" "*"
> produces a listing.
> 
> Could there be something else wrong in the configuration to cause this?
> 
> Matthew
> 
> On 19/04/2017 15:29, Michael Slusarz wrote:
>> "A non-empty reference name argument is the name of a mailbox or a level of 
>> mailbox hierarchy, and indicates the context in which the mailbox name is 
>> interpreted."
>> 
>> If Dovecot is using "." as the separator in the base level of hierarchy, 
>> then it correctly is returning nothing for 'LIST / "*"' - since no mailboxes 
>> in Dovecot live under that base level of hierarchy.
>> 
>> Gmail returns data because it is using "/" as a separator.
>> 
>> If you want Dovecot to return LIST entries for 'LIST "/" "*"', then 
>> configure the base namespace to use "/" as a separator.  Of course then 
>> 'LIST "." "*"' would return nothing...
>> 
>> michael
>> 
>>> On April 18, 2017 at 2:38 AM Matthew Broadhead 
>>>  wrote:
>>> 
>>> 
>>> Thanks Michael.  I have forwarded that link to the Geronimo JavaMail
>>> team in case they think of anything their end.
>>> 
>>> But in the documentation you sent it seems that Dovecot should respond
>>> in the case of
>>> LIST / "*"
>>> if my understanding is correct
>>> 
>>> Is there any way to adjust this behaviour in the settings?  I am
>>> struggling to search for a solution to the problem given the limited
>>> information.
>>> 
>>> On 18/04/2017 05:46, Michael Slusarz wrote:
 You probably want to read the description of "reference name argument" to 
 understand what is happening here.
 
 https://tools.ietf.org/html/rfc3501#section-6.3.8
 
 michael
 
> On April 17, 2017 at 8:33 AM Matthew Broadhead 
>  wrote:
> 
> Hi,
> 
> i am using dovecot-2.2.10-7.el7.x86_64 on
> centos-release-7-3.1611.el7.centos.x86_64.
> 
> if i follow this tutorial
> https://delog.wordpress.com/2011/05/10/access-imap-server-from-the-command-line-using-openssl/
> i can login to my server and successfully list the folders using
> tag LIST "" "*"
> 
> *   LIST (\HasNoChildren) "." INBOX
> tag OK List completed.
> 
> no folders are listed using
> tag LIST / "*"
> tag OK List completed.
> 
> when i request a folder listing using JavaMail it similarly sends the
> following command and no folders are listed
> a97 LIST / "*"
> a97 OK List completed.
> 
> if i follow the tutorial again and use my gmail account instead of my
> dovecot installation i can successfully list folders using both methods
> tag LIST / "*"
> 
> *   LIST (\HasNoChildren) "/" "youtube"
> tag OK List completed.
> 
> is there some way to make dovecot list folders when it receives the 
> command
> LIST / "*"
> 
> i note that in the listings my dovecot installation has "." in the
> middle and gmail has a "/"

Re: JavaMail setFlags on readonly folder

2017-04-20 Thread Timo Sirainen 
On 20 Apr 2017, at 15.13, Gabriele Bulfon  wrote:
> 
> Hi,
> I'm facing a strange issue using JavaMail, where Dovecot let me open 
> "READ_WRITE" a folder with readonly ACLs (same happens on other imap 
> servers), but then doesn't issue any error when if try to setFlags(...) on 
> that folder.
> The result is that the code thinks the folder marked the messages (deleted, 
> flagged, etc), while it actually did not.
> Just refreshing the folder from the java client, you get back your original 
> messages as they were before the operation.
> Is there any known issue about this?

Dovecot used to return NO in such case a long time ago, but it caused 
user-visible errors with some client when accessing a read-only folder. So it 
was a bit annoying. I'm not sure if it would still happen with commonly used 
clients.

Also if the client is using STORE without the .SILENT option, it could check 
whether the STORE really did something by looking at the FETCH (FLAGS) replies. 
What could be a useful change to Dovecot is that if .SILENT is used and it 
doesn't do the change as expected, Dovecot could send FETCH (FLAGS) replies 
using the unchanged flags.

Re: namespace assertion failed

2017-04-20 Thread Elisamuel Resto 
Here's a core dump from a login process:
---
#0  0x7f8ac70cba10 raise (libc.so.6)
#1  0x7f8ac70cd13a abort (libc.so.6)
#2  0x7f8ac74d839a n/a (libdovecot.so.0)
#3  0x7f8ac74d849d n/a (libdovecot.so.0)
#4  0x7f8ac746ae41 i_panic (libdovecot.so.0)
#5  0x7f8ac77a53a8 mail_namespace_find
(libdovecot-storage.so.0)
#6  0x7f8ac6879e56 n/a (lib11_trash_plugin.so)
#7  0x7f8ac77b1feb hook_mail_user_created
(libdovecot-storage.so.0)
#8  0x7f8ac77b6fb6 mail_user_init
(libdovecot-storage.so.0)
#9  0x7f8ac77b50c8 mail_storage_service_next
(libdovecot-storage.so.0)
#10 0x7f8ac77b568c mail_storage_service_lookup_next
(libdovecot-storage.so.0)
#11 0x004263d6 client_create_from_input (imap)
#12 0x004265df n/a (imap)
#13 0x7f8ac7472c6e n/a (libdovecot.so.0)
#14 0x7f8ac7472efd n/a (libdovecot.so.0)
#15 0x7f8ac74738bf n/a (libdovecot.so.0)
#16 0x7f8ac74ed152 io_loop_call_io (libdovecot.so.0)
#17 0x7f8ac74ee779 io_loop_handler_run_internal
(libdovecot.so.0)
#18 0x7f8ac74ed1ec io_loop_handler_run (libdovecot.so.0)
#19 0x7f8ac74ed398 io_loop_run (libdovecot.so.0)
#20 0x7f8ac7475223 master_service_run (libdovecot.so.0)
#21 0x0040c992 main (imap)

On Thu, Apr 20, 2017 at 11:29 AM, Elisamuel Resto  wrote:

> Hello,
>
> I'm trying to figure out if this is a configuration issue or an actual
> bug. Dovecot does start, but if anybody tries to log in or if you run
> sievec you get an assertion fail and a coredump.
>
> ---
> sievec(root): Panic: file mail-namespace.c: line 709
> (mail_namespace_find): assertion failed: (ns != NULL)
> sievec(root): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x9c3a2)
> [0x7ff70e2133a2] -> /usr/lib/dovecot/libdovecot.so.0(+0x9c429)
> [0x7ff70e213429] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0)
> [0x7ff70e1a5e41] -> /usr/lib/dovecot/libdovecot-
> storage.so.0(mail_namespace_find+0xc8) [0x7ff70e4e03a8] ->
> /usr/lib/dovecot/modules/lib11_trash_plugin.so(+0x1e56) [0x7ff70d5ace56]
> -> /usr/lib/dovecot/libdovecot-storage.so.0(hook_mail_user_created+0x1eb)
> [0x7ff70e4ecfeb] -> /usr/lib/dovecot/libdovecot-
> storage.so.0(mail_user_init+0x206) [0x7ff70e4f1fb6] ->
> /usr/lib/dovecot/libdovecot-storage.so.0(mail_storage_service_next+0x438)
> [0x7ff70e4f00c8] -> 
> /usr/lib/dovecot/libdovecot-storage.so.0(mail_storage_service_lookup_next+0x4c)
> [0x7ff70e4f068c] -> sievec(sieve_tool_init_finish+0xc1) [0x403371] ->
> sievec(main+0xd2) [0x402cb2] -> /usr/lib/libc.so.6(__libc_start_main+0xf1)
> [0x7ff70ddf3511] -> sievec(_start+0x2a) [0x402f3a]
> Aborted (core dumped)
> ---
>
> Coredump as follows:
> ---
> #0  0x7ff70de06a10 in raise () from /usr/lib/libc.so.6
> #1  0x7ff70de0813a in abort () from /usr/lib/libc.so.6
> #2  0x7ff70e21339a in ?? () from /usr/lib/dovecot/libdovecot.so.0
> #3  0x7ff70e213429 in default_fatal_handler () from
> /usr/lib/dovecot/libdovecot.so.0
> #4  0x7ff70e1a5e41 in i_panic () from /usr/lib/dovecot/libdovecot.so.0
> #5  0x7ff70e4e03a8 in mail_namespace_find () from
> /usr/lib/dovecot/libdovecot-storage.so.0
> #6  0x7ff70d5ace56 in ?? () from /usr/lib/dovecot/modules/
> lib11_trash_plugin.so
> #7  0x7ff70e4ecfeb in hook_mail_user_created () from
> /usr/lib/dovecot/libdovecot-storage.so.0
> #8  0x7ff70e4f1fb6 in mail_user_init () from
> /usr/lib/dovecot/libdovecot-storage.so.0
> #9  0x7ff70e4f00c8 in mail_storage_service_next () from
> /usr/lib/dovecot/libdovecot-storage.so.0
> #10 0x7ff70e4f068c in mail_storage_service_lookup_next () from
> /usr/lib/dovecot/libdovecot-storage.so.0
> #11 0x00403371 in sieve_tool_init_finish ()
> #12 0x00402cb2 in main ()
> ---
>
> Any help appreciated!
>
> -Sam
>

Re: Dovecot not listening when testing connection

2017-04-20 Thread Alvaro Lacerda 
Hi Bernardo -- Thank you so much! After I changed my input I also got an 
error when trying to test through telnet, but that was because I was 
missing the dovecot-mysql package as well. Thanks again, cheers.


Alvaro


On 04/20/2017 12:00 PM, B. Reino wrote:

On Thu, 20 Apr 2017, Alvaro Lacerda wrote:


 ssl = yes
ssl = required
ssl_cert = /etc/exim/ssl/wildcard_cantella_com.crt.chained
ssl_cipher_list = ALL:!LOW:!SSLv2:SSLv3:!EXP:!aNULL
ssl_key = /etc/exim/ssl/wildcard_cantella_com.key
verbose_ssl = yes


I guess you didn't read 
https://wiki2.dovecot.org/SSL/DovecotConfiguration


Change ssl_cert and ssl_key so it reads like:
ssl_cert = The rest (ssl, ssl_cipher_list) is OK (but check if in the end ssl is 
"yes" or "required" and pick one).


Good luck!
Bernardo.





On 04/20/2017 11:27 AM, B. Reino wrote:

On Thu, 20 Apr 2017, Alvaro Lacerda wrote:

These are my dovecot logs. It looks like this error pops up every 
time I run "telnet localhost 143"


Apr 20 11:11:39 imap-login: Fatal: Couldn't parse private ssl_key: 
error:0906D06C:PEM routines:PEM_read_bio:no start line: Expecting: 
ANY PRIVATE KEY
Apr 20 11:11:39 master: Error: service(imap-login): command startup 
failed, throttling for 60 secs


OK. Can you post the output of
# doveconf -n|grep ssl

Cheers,
Bernardo.





--
The information transmitted is intended only for the person or entity 
to which it is addressed and may contain confidential and/or 
privileged material. Any review, retransmission, dissemination or 
other use of this information by persons or entities other than the 
intended recipient is prohibited. If you receive this in error, 
please contact the sender and delete this material from any computer.


Cantella does not permit execution of trades requested by email.  
Please call to ensure prompt execution of orders, as we are not 
responsible for orders transmitted through email.


Investing involves risk and you may incur a profit or a loss. Please 
carefully consider investment objectives, risks, charges, and 
expenses before investing.  Cantella & Co., Inc. does not provide 
legal or tax advice. For legal or tax advice, please seek the 
services of a qualified professional. The performance data featured 
represents past performance, which is no guarantee of future 
results.  Mutual funds and UITs are sold by prospectus only. Please 
carefully consider the fund's investment objective, risks, charges 
and expenses applicable to a continued investment in the fund before 
investing. For this and other information, call or write for a free 
prospectus, or view one online. Read it carefully before you invest 
or send money. Fixed income is subject to availability and change in 
price.  Bonds are subject to market and interest rate risk if sold 
prior to maturity. Interest rate increases can cause the price of a 
debt security to decrease.  Interest income may be subject to 
federal, state, local, and/or alternative minimum tax.


In accordance with industry regulations, all messages are retained 
and are subject to monitoring. This message has been scanned for 
viruses and dangerous content and is believed to be clean. Securities 
offered through Cantella & Co., Inc., Member FINRA/SIPC. Home Office: 
28 State St 40th Floor, Boston, MA 02109

Telephone: (800)652-8358




--
Alvaro Lacerda
Cantella IT Department
Cantella & Co., Inc.
(617)224-1415



--
The information transmitted is intended only for the person or entity to which 
it is addressed and may contain confidential and/or privileged material. Any 
review, retransmission, dissemination or other use of this information by 
persons or entities other than the intended recipient is prohibited. If you 
receive this in error, please contact the sender and delete this material from 
any computer.

Cantella does not permit execution of trades requested by email.  Please call 
to ensure prompt execution of orders, as we are not responsible for orders 
transmitted through email.

Investing involves risk and you may incur a profit or a loss. Please carefully consider investment objectives, risks, charges, and expenses before investing.  Cantella & Co., Inc. does not provide legal or tax advice. For legal or tax advice, please seek the services of a qualified professional.  The performance data featured represents past performance, which is no guarantee of future results.  Mutual funds and UITs are sold by prospectus only. Please carefully consider the fund's investment objective, risks, charges and expenses applicable to a continued investment in the fund before investing. For this and other information, call or write for a free prospectus, or view one online. Read it carefully before you invest or send money. 


Fixed income is subject to availability and change in price.  Bonds are subject 
to market and interest rate risk if sold prior to maturity.  Interest rate 
increases can cause the price of a debt security to decrease.  Interest income 
may be subject to federal, state,

namespace assertion failed

2017-04-20 Thread Elisamuel Resto 
Hello,

I'm trying to figure out if this is a configuration issue or an actual bug.
Dovecot does start, but if anybody tries to log in or if you run sievec you
get an assertion fail and a coredump.

---
sievec(root): Panic: file mail-namespace.c: line 709 (mail_namespace_find):
assertion failed: (ns != NULL)
sievec(root): Error: Raw backtrace:
/usr/lib/dovecot/libdovecot.so.0(+0x9c3a2) [0x7ff70e2133a2] ->
/usr/lib/dovecot/libdovecot.so.0(+0x9c429) [0x7ff70e213429] ->
/usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7ff70e1a5e41] ->
/usr/lib/dovecot/libdovecot-storage.so.0(mail_namespace_find+0xc8)
[0x7ff70e4e03a8] -> /usr/lib/dovecot/modules/lib11_trash_plugin.so(+0x1e56)
[0x7ff70d5ace56] ->
/usr/lib/dovecot/libdovecot-storage.so.0(hook_mail_user_created+0x1eb)
[0x7ff70e4ecfeb] ->
/usr/lib/dovecot/libdovecot-storage.so.0(mail_user_init+0x206)
[0x7ff70e4f1fb6] ->
/usr/lib/dovecot/libdovecot-storage.so.0(mail_storage_service_next+0x438)
[0x7ff70e4f00c8] ->
/usr/lib/dovecot/libdovecot-storage.so.0(mail_storage_service_lookup_next+0x4c)
[0x7ff70e4f068c] -> sievec(sieve_tool_init_finish+0xc1) [0x403371] ->
sievec(main+0xd2) [0x402cb2] -> /usr/lib/libc.so.6(__libc_start_main+0xf1)
[0x7ff70ddf3511] -> sievec(_start+0x2a) [0x402f3a]
Aborted (core dumped)
---

Coredump as follows:
---
#0  0x7ff70de06a10 in raise () from /usr/lib/libc.so.6
#1  0x7ff70de0813a in abort () from /usr/lib/libc.so.6
#2  0x7ff70e21339a in ?? () from /usr/lib/dovecot/libdovecot.so.0
#3  0x7ff70e213429 in default_fatal_handler () from
/usr/lib/dovecot/libdovecot.so.0
#4  0x7ff70e1a5e41 in i_panic () from /usr/lib/dovecot/libdovecot.so.0
#5  0x7ff70e4e03a8 in mail_namespace_find () from
/usr/lib/dovecot/libdovecot-storage.so.0
#6  0x7ff70d5ace56 in ?? () from
/usr/lib/dovecot/modules/lib11_trash_plugin.so
#7  0x7ff70e4ecfeb in hook_mail_user_created () from
/usr/lib/dovecot/libdovecot-storage.so.0
#8  0x7ff70e4f1fb6 in mail_user_init () from
/usr/lib/dovecot/libdovecot-storage.so.0
#9  0x7ff70e4f00c8 in mail_storage_service_next () from
/usr/lib/dovecot/libdovecot-storage.so.0
#10 0x7ff70e4f068c in mail_storage_service_lookup_next () from
/usr/lib/dovecot/libdovecot-storage.so.0
#11 0x00403371 in sieve_tool_init_finish ()
#12 0x00402cb2 in main ()
---

Any help appreciated!

-Sam

Re: Dovecot not listening when testing connection

2017-04-20 Thread B. Reino 

On Thu, 20 Apr 2017, Alvaro Lacerda wrote:


 ssl = yes
ssl = required
ssl_cert = /etc/exim/ssl/wildcard_cantella_com.crt.chained
ssl_cipher_list = ALL:!LOW:!SSLv2:SSLv3:!EXP:!aNULL
ssl_key = /etc/exim/ssl/wildcard_cantella_com.key
verbose_ssl = yes


I guess you didn't read https://wiki2.dovecot.org/SSL/DovecotConfiguration

Change ssl_cert and ssl_key so it reads like:
ssl_cert = The rest (ssl, ssl_cipher_list) is OK (but check if in the end ssl is 
"yes" or "required" and pick one).


Good luck!
Bernardo.





On 04/20/2017 11:27 AM, B. Reino wrote:

On Thu, 20 Apr 2017, Alvaro Lacerda wrote:

These are my dovecot logs. It looks like this error pops up every time I 
run "telnet localhost 143"


Apr 20 11:11:39 imap-login: Fatal: Couldn't parse private ssl_key: 
error:0906D06C:PEM routines:PEM_read_bio:no start line: Expecting: ANY 
PRIVATE KEY
Apr 20 11:11:39 master: Error: service(imap-login): command startup 
failed, throttling for 60 secs


OK. Can you post the output of
# doveconf -n|grep ssl

Cheers,
Bernardo.





--
The information transmitted is intended only for the person or entity to 
which it is addressed and may contain confidential and/or privileged 
material. Any review, retransmission, dissemination or other use of this 
information by persons or entities other than the intended recipient is 
prohibited. If you receive this in error, please contact the sender and 
delete this material from any computer.


Cantella does not permit execution of trades requested by email.  Please call 
to ensure prompt execution of orders, as we are not responsible for orders 
transmitted through email.


Investing involves risk and you may incur a profit or a loss. Please 
carefully consider investment objectives, risks, charges, and expenses before 
investing.  Cantella & Co., Inc. does not provide legal or tax advice. For 
legal or tax advice, please seek the services of a qualified professional. 
The performance data featured represents past performance, which is no 
guarantee of future results.  Mutual funds and UITs are sold by prospectus 
only. Please carefully consider the fund's investment objective, risks, 
charges and expenses applicable to a continued investment in the fund before 
investing. For this and other information, call or write for a free 
prospectus, or view one online. Read it carefully before you invest or send 
money. 
Fixed income is subject to availability and change in price.  Bonds are 
subject to market and interest rate risk if sold prior to maturity.  Interest 
rate increases can cause the price of a debt security to decrease.  Interest 
income may be subject to federal, state, local, and/or alternative minimum 
tax.


In accordance with industry regulations, all messages are retained and are 
subject to monitoring. 
This message has been scanned for viruses and dangerous content and is 
believed to be clean. 
Securities offered through Cantella & Co., Inc., Member FINRA/SIPC. Home 
Office: 28 State St 40th Floor, Boston, MA 02109

Telephone: (800)652-8358

Re: Dovecot not listening when testing connection

2017-04-20 Thread Alvaro Lacerda 

Hi, here's my result for

# doveconf -n|grep ssl


  ssl = yes
ssl = required
ssl_cert = /etc/exim/ssl/wildcard_cantella_com.crt.chained
ssl_cipher_list = ALL:!LOW:!SSLv2:SSLv3:!EXP:!aNULL
ssl_key = /etc/exim/ssl/wildcard_cantella_com.key
verbose_ssl = yes



On 04/20/2017 11:27 AM, B. Reino wrote:

On Thu, 20 Apr 2017, Alvaro Lacerda wrote:

These are my dovecot logs. It looks like this error pops up every 
time I run "telnet localhost 143"


Apr 20 11:11:39 imap-login: Fatal: Couldn't parse private ssl_key: 
error:0906D06C:PEM routines:PEM_read_bio:no start line: Expecting: 
ANY PRIVATE KEY
Apr 20 11:11:39 master: Error: service(imap-login): command startup 
failed, throttling for 60 secs


OK. Can you post the output of
# doveconf -n|grep ssl

Cheers,
Bernardo.





--
The information transmitted is intended only for the person or entity to which 
it is addressed and may contain confidential and/or privileged material. Any 
review, retransmission, dissemination or other use of this information by 
persons or entities other than the intended recipient is prohibited. If you 
receive this in error, please contact the sender and delete this material from 
any computer.

Cantella does not permit execution of trades requested by email.  Please call 
to ensure prompt execution of orders, as we are not responsible for orders 
transmitted through email.

Investing involves risk and you may incur a profit or a loss. Please carefully consider investment objectives, risks, charges, and expenses before investing.  Cantella & Co., Inc. does not provide legal or tax advice. For legal or tax advice, please seek the services of a qualified professional.  The performance data featured represents past performance, which is no guarantee of future results.  Mutual funds and UITs are sold by prospectus only. Please carefully consider the fund's investment objective, risks, charges and expenses applicable to a continued investment in the fund before investing. For this and other information, call or write for a free prospectus, or view one online. Read it carefully before you invest or send money. 


Fixed income is subject to availability and change in price.  Bonds are subject 
to market and interest rate risk if sold prior to maturity.  Interest rate 
increases can cause the price of a debt security to decrease.  Interest income 
may be subject to federal, state, local, and/or alternative minimum tax.

In accordance with industry regulations, all messages are retained and are subject to monitoring. 

This message has been scanned for viruses and dangerous content and is believed to be clean. 

Securities offered through Cantella & Co., Inc., Member FINRA/SIPC. 
Home Office: 28 State St 40th Floor, Boston, MA 02109

Telephone: (800)652-8358

Re: Dovecot not listening when testing connection

2017-04-20 Thread B. Reino 

On Thu, 20 Apr 2017, Alvaro Lacerda wrote:

These are my dovecot logs. It looks like this error pops up every time I run 
"telnet localhost 143"


Apr 20 11:11:39 imap-login: Fatal: Couldn't parse private ssl_key: 
error:0906D06C:PEM routines:PEM_read_bio:no start line: Expecting: ANY 
PRIVATE KEY
Apr 20 11:11:39 master: Error: service(imap-login): command startup failed, 
throttling for 60 secs


OK. Can you post the output of
# doveconf -n|grep ssl

Cheers,
Bernardo.

Re: Dovecot not listening when testing connection

2017-04-20 Thread Alvaro Lacerda 

Hi B. Reino,

These are my dovecot logs. It looks like this error pops up every time I 
run "telnet localhost 143"



Apr 20 11:11:39 imap-login: Fatal: Couldn't parse private ssl_key: 
error:0906D06C:PEM routines:PEM_read_bio:no start line: Expecting: ANY 
PRIVATE KEY
Apr 20 11:11:39 master: Error: service(imap-login): command startup 
failed, throttling for 60 secs




On 04/20/2017 10:52 AM, B. Reino wrote:

On Thu, 20 Apr 2017, Alvaro Lacerda wrote:

When I try "telnet localhost 143" I get the same result. It does 
connect but then the connection is dropped.


# telnet localhost 143
Trying ::1...
Connected to localhost.
Escape character is '^]'.
Connection closed by foreign host.

I never get the "* OK [CAPA]"


What does the syslog show?

--
B. Reino





--
The information transmitted is intended only for the person or entity to which 
it is addressed and may contain confidential and/or privileged material. Any 
review, retransmission, dissemination or other use of this information by 
persons or entities other than the intended recipient is prohibited. If you 
receive this in error, please contact the sender and delete this material from 
any computer.

Cantella does not permit execution of trades requested by email.  Please call 
to ensure prompt execution of orders, as we are not responsible for orders 
transmitted through email.

Investing involves risk and you may incur a profit or a loss. Please carefully consider investment objectives, risks, charges, and expenses before investing.  Cantella & Co., Inc. does not provide legal or tax advice. For legal or tax advice, please seek the services of a qualified professional.  The performance data featured represents past performance, which is no guarantee of future results.  Mutual funds and UITs are sold by prospectus only. Please carefully consider the fund's investment objective, risks, charges and expenses applicable to a continued investment in the fund before investing. For this and other information, call or write for a free prospectus, or view one online. Read it carefully before you invest or send money. 


Fixed income is subject to availability and change in price.  Bonds are subject 
to market and interest rate risk if sold prior to maturity.  Interest rate 
increases can cause the price of a debt security to decrease.  Interest income 
may be subject to federal, state, local, and/or alternative minimum tax.

In accordance with industry regulations, all messages are retained and are subject to monitoring. 

This message has been scanned for viruses and dangerous content and is believed to be clean. 

Securities offered through Cantella & Co., Inc., Member FINRA/SIPC. 
Home Office: 28 State St 40th Floor, Boston, MA 02109

Telephone: (800)652-8358

Re: Dovecot not listening when testing connection

2017-04-20 Thread B. Reino 

On Thu, 20 Apr 2017, Alvaro Lacerda wrote:

When I try "telnet localhost 143" I get the same result. It does connect but 
then the connection is dropped.


# telnet localhost 143
Trying ::1...
Connected to localhost.
Escape character is '^]'.
Connection closed by foreign host.

I never get the "* OK [CAPA]"


What does the syslog show?

--
B. Reino

Re: Dovecot not listening when testing connection

2017-04-20 Thread Alvaro Lacerda 

Hi Webert -- Thanks for the quick reply and observation.

When I try "telnet localhost 143" I get the same result. It does connect 
but then the connection is dropped.


# telnet localhost 143
Trying ::1...
Connected to localhost.
Escape character is '^]'.
Connection closed by foreign host.

I never get the "* OK [CAPA]"

Thanks,



On 04/20/2017 10:41 AM, Webert de Souza Lima wrote:
You won't have that "* OK [CAPA]" message by doing telnet on port 
993, as this is a secure port and the connection is encrypted.
Either you need to use something as openssl or gnutls to test it that 
way, or telnet to imap port 143 (not encrypted).


On Thu, Apr 20, 2017 at 11:33 AM, Alvaro Lacerda 
> wrote:


Hi,

This is my environment:

SMTP: Exim 4.89 with Mailscanner 5.0.3

IMAP: Dovecot 2.2.10

At the moment I'm just trying to test out my Dovecot to check if
it's listening on port 993.

*netstat -tuln:* Shows that my machine is listening on ports 143
and 993.

*telnet localhost 993: *This is my issue, I get the following message:

# telnet localhost 993
Trying ::1...
Connected to localhost.
Escape character is '^]'.
Connection closed by foreign host.

According to the wiki.dovecot test installation page I should be
getting this instead:

https://wiki.dovecot.org/TestInstallation



Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID
ENABLE STARTTLS AUTH=PLAIN] Dovecot ready.


When I run doveconf this is what I get:

# doveconf protocols listen
protocols = imap pop3 lmtp
listen = *, ::

Does anyone have an idea of what I'm missing here? Thanks.





--
The information transmitted is intended only for the person or
entity to which it is addressed and may contain confidential
and/or privileged material. Any review, retransmission,
dissemination or other use of this information by persons or
entities other than the intended recipient is prohibited. If you
receive this in error, please contact the sender and delete this
material from any computer.

Cantella does not permit execution of trades requested by email. 
Please call to ensure prompt execution of orders, as we are not

responsible for orders transmitted through email.

Investing involves risk and you may incur a profit or a loss.
Please carefully consider investment objectives, risks, charges,
and expenses before investing.  Cantella & Co., Inc. does not
provide legal or tax advice. For legal or tax advice, please seek
the services of a qualified professional.  The performance data
featured represents past performance, which is no guarantee of
future results. Mutual funds and UITs are sold by prospectus only.
Please carefully consider the fund's investment objective, risks,
charges and expenses applicable to a continued investment in the
fund before investing. For this and other information, call or
write for a free prospectus, or view one online. Read it carefully
before you invest or send money.
Fixed income is subject to availability and change in price. 
Bonds are subject to market and interest rate risk if sold prior

to maturity.  Interest rate increases can cause the price of a
debt security to decrease.  Interest income may be subject to
federal, state, local, and/or alternative minimum tax.

In accordance with industry regulations, all messages are retained
and are subject to monitoring.
This message has been scanned for viruses and dangerous content
and is believed to be clean.
Securities offered through Cantella & Co., Inc., Member
FINRA/SIPC. Home Office: 28 State St 40th Floor, Boston, MA 02109
Telephone: (800)652-8358 




--
Alvaro Lacerda
Cantella IT Department
Cantella & Co., Inc.
(617)224-1415



--
The information transmitted is intended only for the person or entity to which 
it is addressed and may contain confidential and/or privileged material. Any 
review, retransmission, dissemination or other use of this information by 
persons or entities other than the intended recipient is prohibited. If you 
receive this in error, please contact the sender and delete this material from 
any computer.

Cantella does not permit execution of trades requested by email.  Please call 
to ensure prompt execution of orders, as we are not responsible for orders 
transmitted through email.

Investing involves risk and you may incur a profit or a loss. Please carefully consider investment objectives, risks, charges, and expenses before investing.  Cantella & Co., Inc. does not provide legal or tax advice. For legal or tax advice, please seek the services of a qualified professional.  The performance data

Re: Dovecot not listening when testing connection

2017-04-20 Thread Webert de Souza Lima 
You won't have that "* OK [CAPA]" message by doing telnet on port 993,
as this is a secure port and the connection is encrypted.
Either you need to use something as openssl or gnutls to test it that way,
or telnet to imap port 143 (not encrypted).

On Thu, Apr 20, 2017 at 11:33 AM, Alvaro Lacerda 
wrote:

> Hi,
>
> This is my environment:
>
> SMTP: Exim 4.89 with Mailscanner 5.0.3
>
> IMAP: Dovecot 2.2.10
>
> At the moment I'm just trying to test out my Dovecot to check if it's
> listening on port 993.
>
> *netstat -tuln:* Shows that my machine is listening on ports 143 and 993.
>
> *telnet localhost 993: *This is my issue, I get the following message:
>
> # telnet localhost 993
> Trying ::1...
> Connected to localhost.
> Escape character is '^]'.
> Connection closed by foreign host.
>
> According to the wiki.dovecot test installation page I should be getting
> this instead:
>
> https://wiki.dovecot.org/TestInstallation
>
>
> Trying 127.0.0.1...
> Connected to localhost.
> Escape character is '^]'.
> * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
> STARTTLS AUTH=PLAIN] Dovecot ready.
>
>
> When I run doveconf this is what I get:
>
> # doveconf protocols listen
> protocols = imap pop3 lmtp
> listen = *, ::
>
> Does anyone have an idea of what I'm missing here? Thanks.
>
>
>
>
>
> --
> The information transmitted is intended only for the person or entity to
> which it is addressed and may contain confidential and/or privileged
> material. Any review, retransmission, dissemination or other use of this
> information by persons or entities other than the intended recipient is
> prohibited. If you receive this in error, please contact the sender and
> delete this material from any computer.
>
> Cantella does not permit execution of trades requested by email.  Please
> call to ensure prompt execution of orders, as we are not responsible for
> orders transmitted through email.
>
> Investing involves risk and you may incur a profit or a loss. Please
> carefully consider investment objectives, risks, charges, and expenses
> before investing.  Cantella & Co., Inc. does not provide legal or tax
> advice. For legal or tax advice, please seek the services of a qualified
> professional.  The performance data featured represents past performance,
> which is no guarantee of future results.  Mutual funds and UITs are sold by
> prospectus only. Please carefully consider the fund's investment objective,
> risks, charges and expenses applicable to a continued investment in the
> fund before investing. For this and other information, call or write for a
> free prospectus, or view one online. Read it carefully before you invest or
> send money.
> Fixed income is subject to availability and change in price.  Bonds are
> subject to market and interest rate risk if sold prior to maturity.
> Interest rate increases can cause the price of a debt security to
> decrease.  Interest income may be subject to federal, state, local, and/or
> alternative minimum tax.
>
> In accordance with industry regulations, all messages are retained and are
> subject to monitoring.
> This message has been scanned for viruses and dangerous content and is
> believed to be clean.
> Securities offered through Cantella & Co., Inc., Member FINRA/SIPC. Home
> Office: 28 State St 40th Floor, Boston, MA 02109
> Telephone: (800)652-8358
>

Re: Using filter in an imapsieve script?

2017-04-20 Thread Tobi 
Hi Stephan

Found a "way" to solve the issue in Thunderbird. If I go into
"Properties" of the Sent folder and chose "repair" then TB loads
everything from the server again and tada only the encrypted message is
shown.
But as I have about 4000 msg in my sent that's not a real solution :-)

Cheers

tobi

p.s. as you really helped me a lot already is there something I can do
for you in revenge? Do you have for example an Amazon Wishlist or
something like that?

Am 09.04.2017 um 10:07 schrieb Tobi:
> Am 08.04.2017 um 10:00 schrieb Stephan Bosch:
>> However, I now remember I tested this in the past and there was one
>> snag. The effect of this is that the message is stored twice in the Sent
>> mailbox:
>>
>> - The first is the original message. Since it was discarded, it has the
>> \Deleted flag set and it will disappear at the next EXPUNGE
>> - The encrypted message stored with "fileinto".
>>
> I changed my sieve script as you described and get the following:
>
> - if save encrypted to same mailbox as original message only the
> original message can be seen in TB. Even restart TB does not change
> anything. But the enc message is in Sent on server, just TB does
> **never** show it
>
> - if I save the encrypted message to another mailbox then I can see the
> ecrypted msg in TB and the original msg in Sent
>
> Do you think that the problem could be solved by using another client
> instead of TB?
> Is there a way around this issue on serverside? Like for example use
> pipe? Or does pipe store the original message as well on server?
>
> Cheers
>
> tobi

Feature Request - Director Balance

2017-04-20 Thread Webert de Souza Lima 
Hi,

often I run into the situation where a dovecot server goes down for
maintenance, and all users get concentrated in the remaining dovecot server
(considering I have 2 dovecot servers only).

When that dovecot server comes back online, director server will send new
users to it, but the dovecot server that was up all the time will still
have tons of clients mapped to it.

I suggest the director servers to always try to balance load between
servers, in the way:

 - if a server has several more connections than other, mark it to
re-balance
 - when a user connected to this loaded server disconnects, map it to
another server (that is per definition not the same server) immediately.

that way it would gracefully re-balance, not killing existing connections,
just waiting for them to finish.


Thank you for your time.

Webert Lima
MAV Tecnologia
Belo Horizonte, Brasil.

Dovecot not listening when testing connection

2017-04-20 Thread Alvaro Lacerda 

Hi,

This is my environment:

SMTP: Exim 4.89 with Mailscanner 5.0.3

IMAP: Dovecot 2.2.10

At the moment I'm just trying to test out my Dovecot to check if it's 
listening on port 993.


*netstat -tuln:* Shows that my machine is listening on ports 143 and 993.

*telnet localhost 993: *This is my issue, I get the following message:

# telnet localhost 993
Trying ::1...
Connected to localhost.
Escape character is '^]'.
Connection closed by foreign host.

According to the wiki.dovecot test installation page I should be getting 
this instead:


https://wiki.dovecot.org/TestInstallation


Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE STARTTLS 
AUTH=PLAIN] Dovecot ready.


When I run doveconf this is what I get:

# doveconf protocols listen
protocols = imap pop3 lmtp
listen = *, ::

Does anyone have an idea of what I'm missing here? Thanks.





--
The information transmitted is intended only for the person or entity to which 
it is addressed and may contain confidential and/or privileged material. Any 
review, retransmission, dissemination or other use of this information by 
persons or entities other than the intended recipient is prohibited. If you 
receive this in error, please contact the sender and delete this material from 
any computer.

Cantella does not permit execution of trades requested by email.  Please call 
to ensure prompt execution of orders, as we are not responsible for orders 
transmitted through email.

Investing involves risk and you may incur a profit or a loss. Please carefully consider investment objectives, risks, charges, and expenses before investing.  Cantella & Co., Inc. does not provide legal or tax advice. For legal or tax advice, please seek the services of a qualified professional.  The performance data featured represents past performance, which is no guarantee of future results.  Mutual funds and UITs are sold by prospectus only. Please carefully consider the fund's investment objective, risks, charges and expenses applicable to a continued investment in the fund before investing. For this and other information, call or write for a free prospectus, or view one online. Read it carefully before you invest or send money. 


Fixed income is subject to availability and change in price.  Bonds are subject 
to market and interest rate risk if sold prior to maturity.  Interest rate 
increases can cause the price of a debt security to decrease.  Interest income 
may be subject to federal, state, local, and/or alternative minimum tax.

In accordance with industry regulations, all messages are retained and are subject to monitoring. 

This message has been scanned for viruses and dangerous content and is believed to be clean. 

Securities offered through Cantella & Co., Inc., Member FINRA/SIPC. 
Home Office: 28 State St 40th Floor, Boston, MA 02109

Telephone: (800)652-8358

Re: RSA key not found

2017-04-20 Thread Ed Nitido 
Isn't this a Postfix issue?

Have a look at Ansgar Wiechers' answer here, specifically the permissions
part.
https://serverfault.com/questions/433003/postfix-warning-cannot-get-rsa-private-key-from-file

On Wed, Apr 19, 2017 at 10:48 PM, Michael Segel 
wrote:

> I’ve got a couple of issues with a new mail server set up…
>
> I’m getting the following error:
>  warning: cannot get RSA certificate from file 
> /etc/pki/dovecot/certs/.pem:
> disabling TLS support
>
> The problem is that .pem isn’t an RSA ticket, but a X509
> certificate. The RSA ticket is in /etc/pki/dovecot/private directory.  I
> checked both files and they are good certificates.
>
> I’m using webmin to manage my server.
>
> In webmin, the TLS certificate file is the X509 and the private key is the
> RSA file.
>
> So why does Postfix check the certificate link for the RSA file and not
> the X509?
>
> Thx
>
> -Mike
>
>

JavaMail setFlags on readonly folder

2017-04-20 Thread Gabriele Bulfon 
Hi,
I'm facing a strange issue using JavaMail, where Dovecot let me open 
"READ_WRITE" a folder with readonly ACLs (same happens on other imap servers), 
but then doesn't issue any error when if try to setFlags(...) on that folder.
The result is that the code thinks the folder marked the messages (deleted, 
flagged, etc), while it actually did not.
Just refreshing the folder from the java client, you get back your original 
messages as they were before the operation.
Is there any known issue about this?
Gabriele

Sonicle S.r.l.
:
http://www.sonicle.com
Music:
http://www.gabrielebulfon.com
Quantum Mechanics :
http://www.cdbaby.com/cd/gabrielebulfon

Re: Adding secure POP3?

2017-04-20 Thread @lbutlr 
On 2017-04-13 (06:40 MDT), Teemu Huovila  wrote:
> 
> On 13.04.2017 15:33, @lbutlr wrote:
>> On 2017-04-13 (05:27 MDT), Aki Tuomi  wrote:
>>> 
>>> 4) you can use autoexpunge here, i guess.
>> 
>> Are messages marked in anyway once they’ve been fetched with pop3 (like 
>> marked read?). If so, I could auto-archive them.
> Yes, they are marked read. See "Flag changes" on 
> https://wiki2.dovecot.org/POP3Server

If they are simply marked read then there is no way to see if a message has 
been downloaded via POP3 as opposed to simply being a read message in IMAP, yes?

-- 
Apple broke AppleScripting signatures in Mail.app, so no random signatures.

Re: help

2017-04-20 Thread Ralf Hildebrandt 
* Pallissard, Matthew :
> > What can i do to resolve this issue in dovecot v2.1.17 in Production 
> > environment? Kindly help
> 
> Why don't you upgrade production and modify the settings as you did in test?

I was wondering about this as well.
-- 
Ralf Hildebrandt
  Geschäftsbereich IT | Abteilung Netzwerk
  Charité - Universitätsmedizin Berlin
  Campus Benjamin Franklin
  Hindenburgdamm 30 | D-12203 Berlin
  Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
  ralf.hildebra...@charite.de | https://www.charite.de

Re: my domain in both my destination and virtual_mailbox_domains?

2017-04-20 Thread Jerry 
On Thu, 20 Apr 2017 03:02:26 +, Michael Segel stated:

>I’m doing a new dovecot mail server for my domain.  Here’s yet another
>thing I mucked up.
>
>I wanted to set up virtual mailboxes.  One reason was that I wanted to
>set up virtual users for the domain so I don’t need to create user
>accounts just mail accounts. I followed one of the many examples /
>tutorials out there and I end up with the following warning message.
>
>postfix/trivial-rewrite[8818]: warning: do not list domain
>..com in BOTH mydestination and
>virtual_mailbox_domains
>
>I checked my configuration, I don’t see where I’ve set up anything for
>mydestination in postfix.
>
>I’m trying to work thru the log file issues that I can find… this is
>just one more.
>
>To add to the confusion, I’m using webmin as my server admin UI to
>make life easier…  yet it seems to much things up a bit

This is a Dovecot list, not a Postfix list. At the very least, you need
to post the complete output of "postconf -nf" assuming a version of
Postfix >= 2.9, or else just omit the "n" parameter.

While you are at it, include the output of "dovecot -n"

-- 
Jerry

Re: my domain in both my destination and virtual_mailbox_domains?

2017-04-20 Thread Thilo Engelbracht 
Am 20.04.2017 um 03:02 schrieb Michael Segel :

> 
> I’m doing a new dovecot mail server for my domain.  Here’s yet another thing 
> I mucked up.
> 
> I wanted to set up virtual mailboxes.  One reason was that I wanted to set up 
> virtual users for the domain so I don’t need to create user accounts just 
> mail accounts.
> I followed one of the many examples / tutorials out there and I end up with 
> the following warning message.
> 
> postfix/trivial-rewrite[8818]: warning: do not list domain 
> ..com in BOTH mydestination and virtual_mailbox_domains
> 
> I checked my configuration, I don’t see where I’ve set up anything for 
> mydestination in postfix.

First of all, this is a problem regarding postfix. And this is a
mailinglist about dovecot...

In such cases, we need more information about your configuration. The
best thing you can do is to use the command "postconf -n".

In MY postfix config, I use:
mydestination = $myhostname, localhost, localhost.$mydomain

For virtual domains you can use a parameter called "relay_domains". In
MY config:
relay_domains = hash:${config_directory}/relay_domains

I recommend to post your question to a postfix-mailinglist, including
"postconf -n".

Or use google and search for: workaround.org postfix dovecot

> I’m trying to work thru the log file issues that I can find… this is just one 
> more.
> 
> To add to the confusion, I’m using webmin as my server admin UI to make life 
> easier…  yet it seems to much things up a bit
> 
> Any suggestions?
> 
> Thx
> 
> -Mike
> 

Kind regards

Thilo