acl shared maildir with virtual users

2017-06-23 Thread Rich Simcox 
Can anyone point out where i'm going wrong with my dovecot sharedinbox setup 
with ACL i'm contemplating giving up with dovecot alltogether i've spent 3 days 
trying different paths to the virtual users mailboxes

I seem to have two issues

my acls are getting written to my sql db fine

in roundcube i can see the shared folder but cant subscribe to it

in thunderbird if i go to namespaces it sees the shared. namespace but its not 
listing anything in it even though my acls are written to the db

please someone tell me what i'm missing i'm betting its something silly but 
i've been over and over the wiki 

here is my conf and below it an extract of my debug log

# 2.2.28 (bed8434): /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-642.3.1.el6.x86_64 x86_64 CentOS release 6.9 (Final) 
auth_cache_size = 1 M
auth_debug = yes
auth_debug_passwords = yes
auth_mechanisms = plain login
auth_policy_hash_mech = sha512
auth_policy_hash_nonce = 78204771
auth_policy_hash_truncate = 64
auth_policy_request_attributes = auth_database=mail database=mail 
service=dovecot username=%{orig_user} authtoken_hash=$0$0$%{hashed_password} 
local_host=%{real_lip} local_port=%{real_lport} remote_host=%{real_rip} 
remote_port=%{real_rport}
auth_policy_server_api_header = X-API-Key:dovecot:
auth_policy_server_timeout_msecs = 3000
auth_policy_server_url = http://127.0.0.1:579/dovecot-auth-policy
auth_username_chars = 
"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!#$-=?^_{}~./@+%"
auth_verbose = yes
dict {
  acl = sqlite:/usr/local/cpanel/etc/dovecot/dovecot-dict-shares.conf.ext
  expire = sqlite:/usr/local/cpanel/etc/dovecot/dovecot-dict-expire.conf.ext
}
disable_plaintext_auth = no
first_valid_uid = 201
lda_mailbox_autocreate = yes
lmtp_save_to_detail_mailbox = yes
login_greeting = Welcome to Motorsport Tools
mail_access_groups = dovecot
mail_debug = yes
mail_plugins = acl quota quota_clone fts fts_solr
mail_prefetch_count = 20
mailbox_list_index = yes
namespace inbox {
  inbox = yes
  location = 
  mailbox Archive {
auto = create
special_use = \Archive
  }
  mailbox Archives {
auto = no
special_use = \Archive
  }
  mailbox Drafts {
auto = subscribe
special_use = \Drafts
  }
  mailbox Junk {
auto = create
special_use = \Junk
  }
  mailbox Sent {
auto = subscribe
special_use = \Sent
  }
  mailbox "Sent Messages" {
auto = no
special_use = \Sent
  }
  mailbox Trash {
auto = subscribe
special_use = \Trash
  }
  mailbox spam {
auto = create
special_use = \Junk
  }
  prefix = INBOX.
  separator = .
  type = private
}
passdb {
  args = /usr/local/cpanel/etc/dovecot/cpauthd-dict.conf
  driver = dict
  result_failure = return-fail
}
passdb {
  args = /usr/local/cpanel/bin/dovecot-wrap
  driver = checkpassword
  skip = authenticated
}
plugin {
  acl = vfile:cache_secs=86400
  acl_anyone = allow
  acl_shared_dict = proxy::acl
  expire_cache = yes
  fts = solr
  fts_solr = 
url=http://lTkFlGxjRar1hZAW:Ocj1FRRvlUs5Udj6@127.0.0.1:8984/solr/dovecot/
  quota_exceeded_message = Mailbox is full please archive you old mail
  zlib_save = gz
}
protocols = lmtp imap
service auth {
  unix_listener auth-client {
mode = 0666
  }
}
service config {
  vsz_limit = 2 G
}
service dict {
  unix_listener dict {
group = dovecot
mode = 0660
  }
}
service imap-login {
  client_limit = 500
  inet_listener imap {
address = *,::
  }
  inet_listener imaps {
address = *,::
  }
  process_limit = 100
  process_min_avail = 8
  service_count = 0
  vsz_limit = 128 M
}
service imap {
  process_limit = 1024
  vsz_limit = 512 M
}
service lmtp {
  client_limit = 1
  process_limit = 500
  unix_listener lmtp {
group = mail
mode = 0660
user = mailnull
  }
  vsz_limit = 512 M
}
service managesieve-login {
  client_limit = 500
  process_limit = 100
  process_min_avail = 8
  service_count = 0
  vsz_limit = 128 M
}
service managesieve {
  process_limit = 1024
  vsz_limit = 512 M
}
service quota-status {
  executable = quota-status -p postfix
  unix_listener quota-status {
mode = 0666
  }
}
ssl = required
ssl_cert =

Re: localhost logins

2017-06-23 Thread Marcus Rueckert 
On Fri, 23 Jun 2017 11:38:28 -0700
Daniel Miller  wrote:

> While auditing my logs after an account was compromised, I see a
> number of entries like:
> 
> Jun 23 11:32:18 bubba dovecot: auth: 
> ldap("one-of-my-accounts",127.0.0.1): invalid credentials

webmail?


-- 
  openSUSE - SUSE Linux is my linux
  openSUSE is good for you
  www.opensuse.org

localhost logins

2017-06-23 Thread Daniel Miller 
While auditing my logs after an account was compromised, I see a number 
of entries like:


Jun 23 11:32:18 bubba dovecot: auth: 
ldap("one-of-my-accounts",127.0.0.1): invalid credentials


I'm trying to figure out where this login attempt is coming from.  I do 
run ASSP (an SMTP proxy) on this server, as well as Postfix - but I 
wouldn't think there'd be any communication with Dovecot for those?


Postfix does use Dovecot SASL - but I see separate log entries for 
Postfix authentication failures.


There are of course plenty of external IP's listed in Dovecot logs - I'm 
just asking for possible causes for the localhost entries.


--
Daniel

Re: Courier migration to dovecot

2017-06-23 Thread j.emerlik 
Thx Christian,
Yes, I read about it but I wonder why that is so and why couldn't be A or B.
Best regards,
Jack

2017-06-23 16:31 GMT+02:00 Christian Kivalo :

>
>
> Am 23. Juni 2017 14:57:59 MESZ schrieb "j.emerlik" :
> >Hi,
> >I'm almost ready to migrate Courier to Dovecot 2.2.31 but I have one
> >question about home and mail directory.
> >
> >It's good idea to have same directory form home and mail ?
> No.
> >Which scenerio will be better and why ?
> >
> >For example:
> >
> >A)
> >Home: /home/doamin/user1
> >Mail: /home/doamin/user1
> >
> >B)
> >Home: /home/doamin/user1/home
> >Mail: /home/doamin/user1
> >
> >C)
> >Home: /home/doamin/user1/
> >Mail: /home/doamin/user1/mail
> The recommended way to set up home and mail directory is example C.
>
> https://wiki2.dovecot.org/VirtualUsers/Home
>  In fact it depends a bit what storage format you will be using. See also
> https://wiki2.dovecot.org/MailLocation
>
> >Thanks & regards,
> >Jack
>
> --
> Christian Kivalo
>

Re: v2.2.31 release candidate released

2017-06-23 Thread Mark Moseley 
On Fri, Jun 23, 2017 at 4:30 AM, Timo Sirainen  wrote:

> On 23 Jun 2017, at 3.44, Mark Moseley  wrote:
> >
> > It'd be great if https://dovecot.org/list/dovecot/2016-June/104763.html
> > could make it into this RC (assuming you guys approved it back when it
> was
> > submitted)
>
> I'll try to get it to 2.2.32. 2.2.31 won't have any changes anymore that
> aren't absolutely required.
>
>
Sounds good to me :)

Thanks!

Re: sieve vacation message if ....

2017-06-23 Thread Jerry 
On Fri, 23 Jun 2017 16:25:24 +0200, Stephan Bosch stated:

>Op 23-6-2017 om 16:15 schreef Larry Rosenman:
>> On 6/23/17, 9:13 AM, "dovecot on behalf of Jerry"
>>  wrote:
>>
>>  On Fri, 23 Jun 2017 14:46:21 +0200, Stephan Bosch stated:
>>
>>  >Op 21-6-2017 om 19:16 schreef lejeczek:  
>>  >> hi fellas
>>  >>
>>  >> generic construct for(if possible): reply vacation message if
>>  >> address is not from add1@com1 add2@com2
>>  >>
>>  >> would you share?  
>>  >
>>  >require "vacation";
>>  >
>>  >if not address "from" ["add1@com1", "add2@com2"] {
>>  > vacation "I am on vacation.";
>>  >}
>>  >
>>  >Regards,
>>  >
>>  >Stephan.  
>>  
>>  
>>  I have used this myself. I have always wondered though is it
>> possible to have a vacation message only sent on a weekend. This is
>> the scenario. My office closes on Friday at 4pm and does not reopen
>> until Monday at 9am. I would like to automate a way to have a
>> message sent that states that to customers who send us emails on the
>> weekend. Right now I have to do it manually. Is there another way to
>> do it? 
>>  Thanks!
>>  
>> Look at the “date” extension:
>> https://tools.ietf.org/html/rfc5260#section-4  
>
>Specifically, use the "currentdate" test described in Section 5.
>
>Regards,
>
>Stephan.

Thanks. I was not aware that test even existed.

-- 
Jerry

Re: Courier migration to dovecot

2017-06-23 Thread j.emerlik 
I wrote because I read on the official website Dovecot.org:

"Home directory shouldn't be the same as mail directory with mbox or
Maildir formats (but with dbox/obox it's fine). It's possible to do that,
but you might run into trouble with it sooner or later. "

https://wiki.dovecot.org/VirtualUsers/Home

Regards,
Jack


2017-06-23 16:25 GMT+02:00 Odhiambo Washington :

>
>
> On 23 June 2017 at 15:57, j.emerlik  wrote:
>
>> Hi,
>> I'm almost ready to migrate Courier to Dovecot 2.2.31 but I have one
>> question about home and mail directory.
>>
>> It's good idea to have same directory form home and mail ?
>>
>> Which scenerio will be better and why ?
>>
>> For example:
>>
>> A)
>> Home: /home/doamin/user1
>> Mail: /home/doamin/user1
>>
>> B)
>> Home: /home/doamin/user1/home
>> Mail: /home/doamin/user1
>>
>> C)
>> Home: /home/doamin/user1/
>> Mail: /home/doamin/user1/mail
>>
>> Thanks & regards,
>> Jack
>>
>
> Just wondering why you have to debate this, because it should depend on
> where your mail is currently stored. Dovecot will find it when you set the
> correct mail_location and the correct authentication - userdb/passdb - in
> whatever option you chose in /conf.d/10-auth.conf. I'd only be worried
> about whether users who left mail on the server are forced to fetch them
> again or if the migration is transparent.
>
>
> --
> Best regards,
> Odhiambo WASHINGTON,
> Nairobi,KE
> +254 7 3200 0004/+254 7 2274 3223
> "Oh, the cruft."
>

Re: Courier migration to dovecot

2017-06-23 Thread Christian Kivalo 


Am 23. Juni 2017 14:57:59 MESZ schrieb "j.emerlik" :
>Hi,
>I'm almost ready to migrate Courier to Dovecot 2.2.31 but I have one
>question about home and mail directory.
>
>It's good idea to have same directory form home and mail ?
No. 
>Which scenerio will be better and why ?
>
>For example:
>
>A)
>Home: /home/doamin/user1
>Mail: /home/doamin/user1
>
>B)
>Home: /home/doamin/user1/home
>Mail: /home/doamin/user1
>
>C)
>Home: /home/doamin/user1/
>Mail: /home/doamin/user1/mail
The recommended way to set up home and mail directory is example C. 

https://wiki2.dovecot.org/VirtualUsers/Home
 In fact it depends a bit what storage format you will be using. See also  
https://wiki2.dovecot.org/MailLocation 

>Thanks & regards,
>Jack

-- 
Christian Kivalo

Re: Courier migration to dovecot

2017-06-23 Thread Odhiambo Washington 
On 23 June 2017 at 15:57, j.emerlik  wrote:

> Hi,
> I'm almost ready to migrate Courier to Dovecot 2.2.31 but I have one
> question about home and mail directory.
>
> It's good idea to have same directory form home and mail ?
>
> Which scenerio will be better and why ?
>
> For example:
>
> A)
> Home: /home/doamin/user1
> Mail: /home/doamin/user1
>
> B)
> Home: /home/doamin/user1/home
> Mail: /home/doamin/user1
>
> C)
> Home: /home/doamin/user1/
> Mail: /home/doamin/user1/mail
>
> Thanks & regards,
> Jack
>

Just wondering why you have to debate this, because it should depend on
where your mail is currently stored. Dovecot will find it when you set the
correct mail_location and the correct authentication - userdb/passdb - in
whatever option you chose in /conf.d/10-auth.conf. I'd only be worried
about whether users who left mail on the server are forced to fetch them
again or if the migration is transparent.


-- 
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft."

Re: sieve vacation message if ....

2017-06-23 Thread Stephan Bosch 



Op 23-6-2017 om 16:15 schreef Larry Rosenman:

On 6/23/17, 9:13 AM, "dovecot on behalf of Jerry"  wrote:

 On Fri, 23 Jun 2017 14:46:21 +0200, Stephan Bosch stated:
 
 >Op 21-6-2017 om 19:16 schreef lejeczek:

 >> hi fellas
 >>
 >> generic construct for(if possible): reply vacation message if
 >> address is not from add1@com1 add2@com2
 >>
 >> would you share?
 >
 >require "vacation";
 >
 >if not address "from" ["add1@com1", "add2@com2"] {
 > vacation "I am on vacation.";
 >}
 >
 >Regards,
 >
 >Stephan.
 
 
 I have used this myself. I have always wondered though is it possible

 to have a vacation message only sent on a weekend. This is the scenario.
 My office closes on Friday at 4pm and does not reopen until Monday at
 9am. I would like to automate a way to have a message sent that states
 that to customers who send us emails on the weekend. Right now I have
 to do it manually. Is there another way to do it?
 
 Thanks!
 
Look at the “date” extension:

https://tools.ietf.org/html/rfc5260#section-4


Specifically, use the "currentdate" test described in Section 5.

Regards,

Stephan.

Re: sieve vacation message if ....

2017-06-23 Thread Larry Rosenman 
On 6/23/17, 9:13 AM, "dovecot on behalf of Jerry"  wrote:

On Fri, 23 Jun 2017 14:46:21 +0200, Stephan Bosch stated:

>Op 21-6-2017 om 19:16 schreef lejeczek:
>> hi fellas
>>
>> generic construct for(if possible): reply vacation message if
>> address is not from add1@com1 add2@com2
>>
>> would you share?  
>
>require "vacation";
>
>if not address "from" ["add1@com1", "add2@com2"] {
> vacation "I am on vacation.";
>}
>
>Regards,
>
>Stephan.


I have used this myself. I have always wondered though is it possible
to have a vacation message only sent on a weekend. This is the scenario.
My office closes on Friday at 4pm and does not reopen until Monday at
9am. I would like to automate a way to have a message sent that states
that to customers who send us emails on the weekend. Right now I have
to do it manually. Is there another way to do it?

Thanks!

Look at the “date” extension: 
https://tools.ietf.org/html/rfc5260#section-4

Re: sieve vacation message if ....

2017-06-23 Thread Jerry 
On Fri, 23 Jun 2017 14:46:21 +0200, Stephan Bosch stated:

>Op 21-6-2017 om 19:16 schreef lejeczek:
>> hi fellas
>>
>> generic construct for(if possible): reply vacation message if
>> address is not from add1@com1 add2@com2
>>
>> would you share?  
>
>require "vacation";
>
>if not address "from" ["add1@com1", "add2@com2"] {
> vacation "I am on vacation.";
>}
>
>Regards,
>
>Stephan.


I have used this myself. I have always wondered though is it possible
to have a vacation message only sent on a weekend. This is the scenario.
My office closes on Friday at 4pm and does not reopen until Monday at
9am. I would like to automate a way to have a message sent that states
that to customers who send us emails on the weekend. Right now I have
to do it manually. Is there another way to do it?

Thanks!

-- 
Jerry

Courier migration to dovecot

2017-06-23 Thread j.emerlik 
Hi,
I'm almost ready to migrate Courier to Dovecot 2.2.31 but I have one
question about home and mail directory.

It's good idea to have same directory form home and mail ?

Which scenerio will be better and why ?

For example:

A)
Home: /home/doamin/user1
Mail: /home/doamin/user1

B)
Home: /home/doamin/user1/home
Mail: /home/doamin/user1

C)
Home: /home/doamin/user1/
Mail: /home/doamin/user1/mail

Thanks & regards,
Jack

Re: sieve vacation message if ....

2017-06-23 Thread Stephan Bosch 



Op 21-6-2017 om 19:16 schreef lejeczek:

hi fellas

generic construct for(if possible): reply vacation message if address 
is not from add1@com1 add2@com2


would you share?


require "vacation";

if not address "from" ["add1@com1", "add2@com2"] {
vacation "I am on vacation.";
}

Regards,

Stephan.

Re: Trouble after Upgrade to v2.2.30.2 missing value for DOVECOT_

2017-06-23 Thread Timo Sirainen 
On 22 Jun 2017, at 9.55, Beng Hui Ong  wrote:
> 
> Hi,
> 
> I keep getting these errors after upgraded to 2.2.30.2. I can't seems to
> find what is going on. This is running a Freebsd 10.3-RELEASE-p11 :(

Did it work in some previous version?

> Jun 22 14:45:23 starlite2 dovecot: auth: Error: auth: environment corrupt;
> missing value for DOVECOT_

This error is coming from libc. It doesn't like Dovecot's environment handling 
somehow.

The only thing I can think of: Try increasing default_vsz_limit. If that 
doesn't help, try finding which Dovecot version broke this exactly.

Re: v2.2.31 release candidate released

2017-06-23 Thread Timo Sirainen 
On 23 Jun 2017, at 3.44, Mark Moseley  wrote:
> 
> It'd be great if https://dovecot.org/list/dovecot/2016-June/104763.html
> could make it into this RC (assuming you guys approved it back when it was
> submitted)

I'll try to get it to 2.2.32. 2.2.31 won't have any changes anymore that aren't 
absolutely required.

sieve vacation message if ....

2017-06-23 Thread lejeczek 

hi fellas

generic construct for(if possible): reply vacation message 
if address is not from add1@com1 add2@com2


would you share?
many thanks
L.