Re: Dovecot 2.3.0 TLS

[Aki Tuomi]

On 22.01.2018 22:14, Odhiambo Washington wrote:
>
>
> On 22 January 2018 at 23:10, Matthias Fechner  > wrote:
>
> Dear Odhiambo,
>
> Am 22.01.2018 um 19:58 schrieb Odhiambo Washington:
>> ...and I am still unable to successfully compile 2.3RC on FreeBSD
>> 8.4 and 9.3
>> and my reports were ignored, so should I assume support for
>> those has been dropped?
>
> Support for FreeBSD 8.4 stopped August 1, 2015.
> Support for FreeBSD 9.3 stopped December 31, 2016
>
> Please see here:
> https://www.freebsd.org/security/unsupported.html
> 
>
> You should really upgrade to current version 10.4 or 11.1.
>
> Gruß
> Matthias
>
> Hello Matthias,
>
> I am running the latest version of Dovecot on FreeBSD 8.4, 9.3 and 11.
> I am not really planning to upgrade now, unless I am told that Dovecot
> 2.3.x will not compile on them. In which case I can let them run the
> version they have and forget about 2.3.
> Until I hear such from Aki or Timo, I will wait :-)
>
>  
>
>
>
> -- 
> Best regards,
> Odhiambo WASHINGTON,
> Nairobi,KE
> +254 7 3200 0004/+254 7 2274 3223
> "Oh, the cruft."

Have you tried compiling latest 2.3.0 instead of RC?

Aki

Re: v2.3.0 release candidate released

[Aki Tuomi]

On 20.12.2017 11:31, Thomas Leuxner wrote:
> * Timo Sirainen  2017.12.18 16:23:
>
> Hi,
>
> what is the correct way of implementing carbon stats with 2.3?
>
> /etc/dovecot/conf.d/90-stats.conf: 
> old_stats_carbon_server=127.0.0.1:2003
> old_stats_carbon_name=host_domain_tld
> old_stats_carbon_interval=60s
>
> /etc/dovecot/conf.d/20-imap.conf:
>
> mail_plugins =
>
> I changed imap_stats to imap_old_stats, however this yields the following 
> error:
>
> Dec 20 10:20:30 edi dovecot: imap(t...@leuxner.net)<26352><9VA9GMJgns4FkqmS>: 
> Error: module /usr/lib/dovecot/modules/lib95_imap_old_stats_plugin.so: 
> dlsym(imap_old_stats_plugin_init) failed: 
> /usr/lib/dovecot/modules/lib95_imap_old_stats_plugin.so: undefined symbol: 
> imap_old_stats_plugin_init
> Dec 20 10:20:30 edi dovecot: imap(t...@leuxner.net)<26352><9VA9GMJgns4FkqmS>: 
> Error: module /usr/lib/dovecot/modules/lib95_imap_old_stats_plugin.so: 
> dlsym(imap_old_stats_plugin_deinit) failed: 
> /usr/lib/dovecot/modules/lib95_imap_old_stats_plugin.so: undefined symbol: 
> imap_old_stats_plugin_deinit
> Dec 20 10:20:30 edi dovecot: imap(t...@leuxner.net): Error: Couldn't load 
> required plugin /usr/lib/dovecot/modules/lib95_imap_old_stats_plugin.so: 
> Module doesn't have init function
>
> Regards
> Thomas
Hi!

This has been fixed with
https://github.com/dovecot/core/commit/2f0784526c801d7ccf065a6f566a473957e1ba7a

Aki

Re: rewrite copy to trash->delete->expunge mail with move??

[Steffen Kaiser]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Mon, 22 Jan 2018, Chi Min Wang wrote:

  When user got quota exceed and trying to delete mail. Most MUA's 
default "move to trash folder" will proceed by copy mail to trash folder,then 
by delete/expunge it(copy before expunge). Unfortunately this will not 
success due to quota exceed. Is there any way to let dovecot proceed it by 
IMAP MOVE instead of "copy to trash folder"->delete/expunge,Thanks!!


when your MUA uses COPY, why/how should the server mangle it into MOVE? 
Should it forsee the later expunge? The server must reply to the COPY 
before it sees the later commands.
If you buy lemons and water, what would you think, if the shop gives you 
lemonade, because it (computer, roboter or shopkeeper) forsees that you 
want to put both together anyway?


The work around would be:
https://wiki2.dovecot.org/Quota/Configuration

search for Trash

The problem however is, that some MUAs use other mailboxes than "Trash".

"move to trash folder" is bad thing and painful, I agree with you.
Add the other aspect: Delete in another namespace.


***
CONFIDENTIALITY NOTICE:This e-mail and any attachments are confidential and 
may be legally privileged.
If you are not the intended recipient, (i) please do not read or disclose to 
others, and (ii) please
notify immediately the sender by reply mail, and (iii) please delete all 
copies of the email from your
system. Failure to follow this process may be unlawful. We greatly appreciate 
your cooperation.


Well, a public mailing list ...

- -- 
Steffen Kaiser

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQEVAwUBWmbgH8QnQQNheMxiAQKp/Qf/aKk5Sn7mlzoJU2C5DjMrU3p+BxeSeWjw
5ePNIHxs1zmpC8XEBcEMpikXzvz+1XBKFrmDrYzQv6iibNNMFcXkcHE+FWDeJ/eb
4rdsjb2Eovo3gAIg8fT+LcKrUNXMPDb6FoWl94YyIu4BUzysrhpkWTdHmU3pH1Fu
520NaOSVOASSqMKYaO8t3AGZYK6CMinfFCyO+PSFt/CiBc642adzaqnRdtiNkMeY
VBhF8wf4WEqiyaysbbuSmC5/VZ1NTyVRt9KdWaThAcQVVMUf3rMngu70ssYVhWbZ
1A3KMV4ZGh4W7CQJ0vxJHgLoxu0C9pNu15fTfa3TJtkrZbCJNORt3w==
=6ZYx
-END PGP SIGNATURE-

logging download speed for services

[Arkadiusz Miśkiewicz]

Jan 23 07:14:13 srv dovecot[7702]: imap(something): session=, 
Logged out bytes=189/2669
Jan 23 07:14:57 srv dovecot[7702]: pop3(abc): session=, 
Disconnected: Logged out top=0/0, retr=0/0, del=0/0, size=0, bytes=12/43

Could dovecot be logging download speed for these and log it?
(ignoring idle times for imap and only counting fetches etc)

The goal is to be able to compare users speed, notice degradation and other 
such problems.

-- 
Arkadiusz Miśkiewicz, arekm / ( maven.pl | pld-linux.org )

rewrite copy to trash->delete->expunge mail with move??

[Chi Min Wang]

Hello Everyone:
  When user got quota exceed and trying to delete mail. Most MUA's 
default "move to trash folder" will proceed by copy mail to trash 
folder,then by delete/expunge it(copy before expunge). Unfortunately 
this will not success due to quota exceed. Is there any way to let 
dovecot proceed it by IMAP MOVE instead of "copy to trash 
folder"->delete/expunge,Thanks!!


***
CONFIDENTIALITY NOTICE:This e-mail and any attachments are confidential and may 
be legally privileged.
If you are not the intended recipient, (i) please do not read or disclose to 
others, and (ii) please
notify immediately the sender by reply mail, and (iii) please delete all copies 
of the email from your
system. Failure to follow this process may be unlawful. We greatly appreciate 
your cooperation.




rfc6851.pdf
Description: Adobe PDF document

Re: Dovecot 2.3.0 TLS

[Odhiambo Washington]

On 22 January 2018 at 23:10, Matthias Fechner  wrote:

> Dear Odhiambo,
>
> Am 22.01.2018 um 19:58 schrieb Odhiambo Washington:
>
> ...and I am still unable to successfully compile 2.3RC on FreeBSD 8.4 and
> 9.3
> and my reports were ignored, so should I assume support for those has
> been dropped?
>
> Support for FreeBSD 8.4 stopped August 1, 2015.
> Support for FreeBSD 9.3 stopped December 31, 2016
>
> Please see here:
> https://www.freebsd.org/security/unsupported.html
>
> You should really upgrade to current version 10.4 or 11.1.
>
> Gruß
> Matthias
>
>
> Hello Matthias,

I am running the latest version of Dovecot on FreeBSD 8.4, 9.3 and 11.
I am not really planning to upgrade now, unless I am told that Dovecot
2.3.x will not compile on them. In which case I can let them run the
version they have and forget about 2.3.
Until I hear such from Aki or Timo, I will wait :-)





-- 
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft."

Re: Dovecot 2.3.0 TLS

[Matthias Fechner]

Dear Odhiambo,

Am 22.01.2018 um 19:58 schrieb Odhiambo Washington:
> ...and I am still unable to successfully compile 2.3RC on FreeBSD 8.4
> and 9.3
> and my reports were ignored, so should I assume support for those
> has been dropped?

Support for FreeBSD 8.4 stopped August 1, 2015.
Support for FreeBSD 9.3 stopped December 31, 2016

Please see here:
https://www.freebsd.org/security/unsupported.html

You should really upgrade to current version 10.4 or 11.1.

Gruß
Matthias

-- 

"Programming today is a race between software engineers striving to
build bigger and better idiot-proof programs, and the universe trying to
produce bigger and better idiots. So far, the universe is winning." --
Rich Cook

Re: PDFs getting mangled

[Stephan Bosch]

Op 1/21/2018 om 4:34 PM schreef Stephan Bosch:
> Op 1/20/2018 om 11:01 PM schreef Adam Weinberger:
>>> On 20 Jan, 2018, at 10:05, Adam Weinberger  wrote:
>>>
>>>
 On 19 Jan, 2018, at 4:39, Aki Tuomi  wrote:



 On 19.01.2018 04:35, Adam Weinberger wrote:
> Since upgrading to 2.3.0 / 0.5.0.1, incoming PDFs are getting mangled.
> It seems to be happening when I use vnd.dovecot.filter. When I comment
> out the block, things come through fine.
>
> My filter block looks like this:
>    require "vnd.dovecot.filter";
>    filter "bogofilter_filter";
>
>     if header :contains "X-Bogosity" [
>     "Spam, tests=bogofilter, spamicity=1.00",
>     "Spam, tests=bogofilter, spamicity=0.99"
>     ] {
>     fileinto "spam/totally";
>     stop;
>     }
>     elsif header :contains "X-Bogosity" "Spam," {
>     fileinto "spam/probably";
>     stop;
>     }
>     elsif header :contains "X-Bogosity" "Unsure," {
>     fileinto "spam/maybe";
>     stop;
>     }
>
> filter/bogofilter_filter looks like this:
>     #!/bin/sh
>     cat /dev/stdin | /usr/local/bin/bogofilter -p -e -c
> /path/to/bogofilter.cf
>
> Images seem to come through fine. I didn't have this problem before
> the
> upgrade. It could easily be a problem with bogofilter, but I figured
> that I'd check here first to see if anybody else has an
> attachment-mangling issue with vnd.dovecot.filter.
>
> # Adam
>
>
> -- 
> Adam Weinberger
> ad...@adamw.org
> http://www.adamw.org
 It might work better with

 exec /usr/local/bin/bogofilter -p -e -c /path/to/bogofilter.cf

 Aki
>>> After looking into this some more, what's happening is that messages
>>> are getting truncated. Regardless of whether it's an attachment or
>>> just a long message body, the message gets truncated.
>>>
>>> To show this, I made a fileinto :copy rule to save a message copy
>>> before it gets sent off to bogofilter.
>>>
>>> You can see from the below pastings that the message is definitely
>>> getting truncated. When I replace my filter script with "cat
>>> /dev/stdin", it works fine. When I send the message to bogofilter on
>>> the command-line, it works fine. Something about the combination of
>>> vnd.dovecot.filter + bogofilter is causing the messages to truncate,
>>> and I don't know whether it's from truncating on the send or receive
>>> of the filter.
>>>
>>> Can you give me any advice?
>>>
>>> 1)
>>> $ jot 20 1 > numbers.txt
>>> $ du -a . | grep numbers
>>> 1260    ./numbers-sent.txt
>>> 1248    ./numbers-received.txt
>>>
>>> 2)
>>> root@imap:~# ll test-*
>>> 125 -rw---  1 root  wheel   123K Jan 20 09:35 test-afterbogo.msg
>>> 149 -rw---  1 root  wheel   136K Jan 20 09:35 test-beforebogo.msg
>> The more I look into it, the more it looks to me like pigeonhole is
>> somehow losing the last 4-6K of messages over 100K.
>>
>> When my filter script is:
>> cat /dev/stdin | tee /tmp/input | bogofilter[...] | tee /tmp/output
>> Then /tmp/output is the full message, but what pigeonhole gets back is
>> truncated at by about 4K.
>>
>> Same with
>> [...] bogofilter[...] > /tmp/output; cat /tmp/output
>> The message is truncated there too.
>>
>> I've tried everything I can think of to make sure it's not a buffering
>> problem:
>> [...] bogofilter[...] | cat
>> [...] bogofilter[...] | dd bs=1k
>> [...] bogofilter[...] ; a=$?; sleep 2; exit $a
>>
>> But everything I do comes up with the same problem.
>>
>> But a simple "cat /dev/stdin" and the message comes through fine.
>>
>> Your help is really appreciated. I'm in the process of buying a house,
>> so the mangled attachments is not coming at a great time :-)
> We are looking into it.

Problem found; working on a fix.

Regards,

Stephan.

Re: Dovecot 2.3.0 TLS

[Odhiambo Washington]

On 11 January 2018 at 14:29, Aki Tuomi  wrote:

>
>
> On 11.01.2018 13:28, Hauke Fath wrote:
> > On Thu, 11 Jan 2018 13:22:07 +0200, Aki Tuomi wrote:
> >> Can you try if it works if you concatenate the cert and cert-chain
> >> to single file? We'll start looking if this is misunderstanding or bug.
> > This is a production machine, so I would rather stick with the
> > downgrade until you've looked into the issue. I went home late
> > yesterday.  ;)
> >
> > Cheerio,
> > Hauke
> >
>
> Fine. You might want to invest into a test environment, by the way. It's
> far more safe to try out new major releases and stuff. =)
>
> Aki
>

...and I am still unable to successfully compile 2.3RC on FreeBSD 8.4 and
9.3
and my reports were ignored, so should I assume support for those has
been dropped?




-- 
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft."

Re: Dovecot 2.3.0 TLS

[Olaf Hopp]

On 01/11/2018 12:22 PM, Aki Tuomi wrote:



On 11.01.2018 13:20, Hauke Fath wrote:

On Thu, 11 Jan 2018 12:20:45 +0200, Aki Tuomi wrote:

Was the certificate path bundled in the server certificate?

No, as a separate file, provided from the local (intermediate) CA:

ssl_cert = 

Seems we might've made a unexpected change here when we revamped the ssl
code. Can you try if it works if you concatenate the cert and cert-chain
to single file? We'll start looking if this is misunderstanding or bug.

Aki



Hello,
let me confirm this issue.
I have a setup similar to Hauke Fath. Doing the workaround suggested by Aki

 cat /etc/openssl/certs/ca-cert-chain.pem >> /etc/openssl/certs/server.cert

and removing "ssl_ca" from the config file presents the correct CA-Chain.
Whereas the original config presented my three time my own server cert as chain.


Since server certs tend to change more frequent than the CA chains
I really want to keep them in separate files.

So this is really a show stopper for me.

CU, Olaf




--
Karlsruher Institut für Technologie (KIT)
ATIS - Abt. Technische Infrastruktur, Fakultät für Informatik

Dipl.-Geophys. Olaf Hopp
- Leitung IT-Dienste -

Am Fasanengarten 5, Gebäude 50.34, Raum 009
76131 Karlsruhe
Telefon: +49 721 608-43973
Fax: +49 721 608-46699
E-Mail: olaf.h...@kit.edu
atis.informatik.kit.edu

www.kit.edu

KIT – Die Forschungsuniversität in der Helmholtz-Gemeinschaft

Das KIT ist seit 2010 als familiengerechte Hochschule zertifiziert.




smime.p7s
Description: S/MIME Cryptographic Signature

Re: Strange thing on log rotation front

[Luciano Mannucci]

On Sat, 20 Jan 2018 15:23:42 +0100
Andreas Jobs  wrote:

> Remove "U" from the flags:
> 
> U indicates that the file specified by path_to_pid_cmd_file will
>   contain the ID for a process group instead of a process.
Got the very same result:

Jan 22 15:00:00 master: Warning: Sent SIGKILL to 1 log processes

> And sometimes "B" (don't insert info message about log rotation) is useful
> too.
The only difference is that now I have no evidence of why the logfile.info
is empty.
I'll try to compile the last 2.2 version, mine is the 2.2.28 that comes
with freebsd.

Thanks anyway,

Luciano.
-- 
 /"\ /Via A. Salaino, 7 - 20144 Milano (Italy)
 \ /  ASCII RIBBON CAMPAIGN / PHONE : +39 2 485781 FAX: +39 2 48578250
  X   AGAINST HTML MAIL/  E-MAIL: posthams...@sublink.sublink.org
 / \  AND POSTINGS/   WWW: http://www.lesassaie.IT/

-- 
 /"\ /Via A. Salaino, 7 - 20144 Milano (Italy)
 \ /  ASCII RIBBON CAMPAIGN / PHONE : +39 2 485781 FAX: +39 2 48578250
  X   AGAINST HTML MAIL/  E-MAIL: posthams...@sublink.sublink.org
 / \  AND POSTINGS/   WWW: http://www.lesassaie.IT/

Autoexpunge is not working with dotlock locking

[Jaakko Seppälä]

Hello,

Autoexpunge is not working when used with dotlock locking. It seems to 
been broken since version 2.2.28.


When autoexpunge is enabled and mailbox locking is set to dotlock all 
imap, pop and lmtp connections crash with the same error "file 
file-lock.c: line 287: unreached".


Connected to localhost.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE 
LITERAL+ AUTH=PLAIN] Dovecot ready.

X LOGIN testuser password
X OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT 
SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT 
MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS 
LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES 
WITHIN CONTEXT=SEARCH LIST-STATUS BINARY MOVE LITERAL+ NOTIFY] Logged in

X LOGOUT
* BYE Logging out
X OK Logout completed (0.001 + 0.000 secs).
Connection closed by foreign host.

=>

Jan 22 09:25:55 dovecottest dovecot: imap-login: Login: user=, 
method=PLAIN, rip=::1, lip=::1, mpid=8274, secured, 
session=
Jan 22 09:25:57 dovecottest dovecot: 
imap(testuser)<8274>: Panic: file 
file-lock.c: line 287: unreached
Jan 22 09:25:57 dovecottest dovecot: 
imap(testuser)<8274>: Error: Raw 
backtrace: /usr/local/lib/dovecot/libdovecot.so.0(+0xc8d24) 
[0x7ff43bef5d24] -> /usr/local/lib/dovecot/libdovecot.so.0(+0xc8dde) 
[0x7ff43bef5dde] -> /usr/local/lib/dovecot/libdovecot.so.0(i_fatal+0) 
[0x7ff43be69190] -> /usr/local/lib/dovecot/libdovecot.so.0(+0xcd8ff) 
[0x7ff43befa8ff] -> 
/usr/local/lib/dovecot/libdovecot.so.0(file_wait_lock_error+0x26) 
[0x7ff43befac46] -> 
/usr/local/lib/dovecot/libdovecot.so.0(file_try_lock_error+0x13) 
[0x7ff43befacc3] -> 
/usr/local/lib/dovecot/libdovecot.so.0(file_create_locked+0x253) 
[0x7ff43bef7df3] -> 
/usr/local/lib/dovecot/libdovecot-storage.so.0(mail_user_lock_file_create+0xc5) 
[0x7ff43c1f5f15] -> 
/usr/local/lib/dovecot/libdovecot-storage.so.0(mail_user_autoexpunge+0x1f8) 
[0x7ff43c1dfc68] -> dovecot/imap(+0x1ba7c) [0x7ff43c72fa7c] -> 
dovecot/imap(client_input+0xb5) [0x7ff43c7308c5] -> 
/usr/local/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x65) 
[0x7ff43bf0d315] -> 
/usr/local/lib/dovecot/libdovecot.so.0(io_loop_handler_run_internal+0x10f) 
[0x7ff43bf0ebbf] -> 
/usr/local/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0x52) 
[0x7ff43bf0d412] -> 
/usr/local/lib/dovecot/libdovecot.so.0(io_loop_run+0x38) 
[0x7ff43bf0d638] -> 
/usr/local/lib/dovecot/libdovecot.so.0(master_service_run+0x13) 
[0x7ff43be8bb73] -> dovecot/imap(main+0x333) [0x7ff43c7226c3] -> 
/lib64/libc.so.6(__libc_start_main+0xf5) [0x7ff43ba8bc05] -> 
dovecot/imap(+0xe8a1) [0x7ff43c7228a1]
Jan 22 09:25:57 dovecottest dovecot: 
imap(testuser)<8274>: Fatal: master: 
service(imap): child 8274 killed with signal 6 (core dumps disabled)



Configuration used for testing:

[root@dovecottest dovecot]# /usr/local/sbin/dovecot -n
# 2.3.0 (c8b89eb): /usr/local/etc/dovecot/dovecot.conf
# OS: Linux 3.10.0-514.el7.x86_64 x86_64 CentOS Linux release 7.3.1611 
(Core)

lock_method = dotlock
mail_location = maildir:~/Maildir
namespace inbox {
  inbox = yes
  location =
  mailbox Drafts {
    special_use = \Drafts
  }
  mailbox INBOX {
    autoexpunge = 30 days
  }
  mailbox Junk {
    special_use = \Junk
  }
  mailbox Sent {
    special_use = \Sent
  }
  mailbox "Sent Messages" {
    special_use = \Sent
  }
  mailbox Trash {
    special_use = \Trash
  }
  prefix =
}
passdb {
  driver = pam
}
service lmtp {
  inet_listener lmtp {
    port = 24
  }
}
ssl = no
userdb {
  driver = passwd
}


Regards,
Jaakko