Re: recipient delimiters

2019-06-19 Thread @lbutlr via dovecot 
On 19 Jun 2019, at 17:37, Stephan Bosch via dovecot  wrote:
> On 20/06/2019 01:20, @lbutlr via dovecot wrote:
>> On 18 Jun 2019, at 15:03, @lbutlr via dovecot  wrote:
>>> I don’t see a way to tell dovecot what delimiters to use, and it appears it 
>>> is still using a single delimiter only despite postfix having added support 
>>> for more than one years ago.
>> Ideas?
> 
> There is the recipient_delimiter setting. For recent versions, this is a list 
> of characters recognized as such.

In Dovecot? Ugh, I searched dovecot wiki for that.

Oh, I forgot to click on “text” for the search and got zero hits.



protocol lmtp {
  postmaster_address = postmas...@covisp.net   # required
  mail_plugins = quota sieve
  info_log_path = /var/log/dovecot-lmtp.log
  lmtp_save_to_detail_mailbox = yes
  recipient_delimiter = +_
}

爛
-- 
Lead me not into temptation, I can find the way.

Re: recipient delimiters

2019-06-19 Thread Stephan Bosch via dovecot 




On 20/06/2019 01:20, @lbutlr via dovecot wrote:

On 18 Jun 2019, at 15:03, @lbutlr via dovecot  wrote:

I don’t see a way to tell dovecot what delimiters to use, and it appears it is 
still using a single delimiter only despite postfix having added support for 
more than one years ago.

Ideas?


There is the recipient_delimiter setting. For recent versions, this is a 
list of characters recognized as such.


Regards,

Stephan.

Re: RFC 8314 § 3.3 support at Dovecot submission proxy service?

2019-06-19 Thread Stephan Bosch via dovecot 




On 10/06/2019 01:51, Robert Scheck via dovecot wrote:

Hello all,

I'm currently wondering whether Dovecot submission proxy service supports
RFC 8314 § 3.3 as well, which means implicit TLS for SMTP submission.

https://github.com/dovecot/core/blob/2cbbe9b4829adb184c83dbf780316f4144559054/doc/example-config/conf.d/10-master.conf#L48
from Git master just mentions port 587 like this:

service submission-login {
   inet_listener submission {
 #port = 587
   }
}

As per RFC 8314 § 3.3, I would expect the following to work (which I did
not try), and if it already works, I even would expect this snippet part
of the future Dovecot example/default configuration:

service submission-login {
   inet_listener submission {
 #port = 587
   }
   inet_listener submissions {
 #port = 465
 #ssl = yes
   }
}

And if it isn't supported yet, I would indeed like to raise this as feature
request. Note that 465 is named "submissions" as per RFC 8314 § 7.3.


That should work. Just try it.

Regards,

Stephan.

Re: recipient delimiters

2019-06-19 Thread @lbutlr via dovecot 
On 18 Jun 2019, at 15:03, @lbutlr via dovecot  wrote:
> I don’t see a way to tell dovecot what delimiters to use, and it appears it 
> is still using a single delimiter only despite postfix having added support 
> for more than one years ago.

Ideas?

-- 
Lead me not into temptation, I can find the way.

Re: IMAP IDLE

2019-06-19 Thread @lbutlr via dovecot 
On 19 Jun 2019, at 16:11, Jorge Bastos via dovecot  wrote:
> root@fastmail:/etc/dovecot# doveconf |grep -i idle
> default_idle_kill = 1 mins
> imap_idle_notify_interval = 2 mins
> imapc_max_idle_time = 29 mins
> mailbox_idle_check_interval = 30 secs

I have: 
default_idle_kill = 1 mins
director_ping_idle_timeout = 30 secs
imap_idle_notify_interval = 2 mins
imapc_max_idle_time = 29 mins
mailbox_idle_check_interval = 30 secs

[ A lot of idle_kill = ]

submission_relay_max_idle_time = 29 mins

(none of these are in doveconf -n)

What version of dovecot are you running?

-- 
Lead me not into temptation, I can find the way.

Re: Case sensitive problem for vacation with dovecot lmtp pigeonhole

2019-06-19 Thread Stephan Bosch via dovecot 




On 09/06/2019 16:07, kadafax--- via dovecot wrote:

Hi list,

This issue was raised here by John Fawcett on 12/02/19 but got no 
response.

So, as I'm facing the same issue, I would like to try again:

When using the vacation sieve extension, if I send an email to 
user.n...@mydomain.com it will work, but not to 
user.n...@mydomain.com. Is there a way to make the user part case 
insensitive so that the vacation auto-reply is fired whatever the way 
user part is written ?




Hmm, I need to look into this.

Regards,

Stephan.


doveconf -n output:

# 2.3.5.1 (7ec6d0ade): /usr/local/etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.5 (2483b085)
# OS: Linux 3.10.0-957.5.1.el7.x86_64 x86_64 CentOS Linux release 
7.6.1810 (Core)  ext4

# Hostname: myserver.mydomain.com
auth_master_user_separator = *
auth_username_chars = 
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@*

auth_verbose = yes
debug_log_path = /var/log/dovecot-debug.log
default_client_limit = 10640
default_process_limit = 2128
default_vsz_limit = 0
hostname = mydomain.com
info_log_path = /var/log/dovecot.log
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
listen = *
log_path = /var/log/dovecot-error.log
login_greeting = Welcome
mail_gid = vmail
mail_location = maildir:/var/vmail/%Ln
mail_plugins = quota fts fts_lucene
mail_uid = vmail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope 
encoded-character vacation subaddress comparator-i;ascii-numeric 
relational regex imap4flags copy include variables body enotify 
environment mailbox date index ihave duplicate mime foreverypart 
extracttext

namespace inbox {
  inbox = yes
  location = maildir:/var/vmail/%Ln
  mailbox Drafts {
    auto = subscribe
    special_use = \Drafts
  }
  mailbox Sent {
    auto = subscribe
    special_use = \Sent
  }
  mailbox "Sent Messages" {
    special_use = \Sent
  }
  mailbox Trash {
    auto = subscribe
    special_use = \Trash
  }
  prefix =
  type = private
}
passdb {
  args = /usr/local/etc/dovecot/deny-users
  deny = yes
  driver = passwd-file
}
passdb {
  args = /usr/local/etc/dovecot/master-users
  driver = passwd-file
  master = yes
  pass = yes
}
passdb {
  args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext
  driver = ldap
}
plugin {
  fts = lucene
  fts_autoindex = yes
  fts_lucene = whitespace_chars=@.
  quota = maildir:User quota
  quota_rule = *:storage=30GB
  quota_rule2 = Trash:storage=+200M
  quota_warning = storage=95%% quota-warning 95 %u
  quota_warning2 = storage=80%% quota-warning 80 %u
  sieve = /var/sieve-scripts/%Ln.sieve
  sieve_dir = /var/vmail/%Ln/home/sieve
}
postmaster_address = postmas...@mydomain.com
protocols = imap pop3 lmtp sieve sieve
quota_full_tempfail = yes
service auth-worker {
  user = $default_internal_user
}
service auth {
  unix_listener /var/spool/postfix/private/auth {
    mode = 0777
    user = vmail
  }
}
service imap-login {
  inet_listener imaps {
    port = 993
    ssl = yes
  }
  process_min_avail = 10
}
service imap {
  process_limit = 2128
}
service lmtp {
  executable = lmtp -L
  process_min_avail = 15
  unix_listener /var/spool/postfix/private/dovecot-lmtp {
    group = postfix
    mode = 0600
    user = postfix
  }
}
service managesieve-login {
  inet_listener sieve {
    port = 4190
  }
}
service pop3-login {
  inet_listener pop3s {
    port = 995
    ssl = yes
  }
}
service quota-warning {
  executable = script /usr/local/bin/quota-warning.sh
  user = nobody
}
ssl_cert =

IMAP IDLE

2019-06-19 Thread Jorge Bastos via dovecot 
Hi,

 

With outlook 2016+ i've seen that IDLE may be missing some configuration.

Almost all time, when i'm in the inbox, i don't get new emails if no
activity for 1 or 2 minutes (i think), i have to get out of the account and
select the inbox or click other folder in the account and go to inbox again
for them to appear.

 

My idle conf's are the defaults, the one's bellow.

Is there anything else that i need to make it work always and the change
folders is not needed for outlook clients?

 

root@fastmail:/etc/dovecot# doveconf |grep -i idle

default_idle_kill = 1 mins

imap_idle_notify_interval = 2 mins

imapc_max_idle_time = 29 mins

mailbox_idle_check_interval = 30 secs

Re: Problem syncing mail with IMAP

2019-06-19 Thread @lbutlr via dovecot 
On 19 Jun 2019, at 12:17, Odhiambo Washington via dovecot  
wrote:
> I am seeing the following errors in my logs, which I believe are preventing 
> Outlook from syncing.
> How do I solve these?

Have you rebuilt the index files?

The simplest and surest way is to stop dovecot, move the index files aside, and 
restart dovecot.

dovecot.index
dovecot.index.cache
dovecot.index.log

You could start with just the dovecot.index.cache, but usually it is simpler to 
just force dovecot to rebuild the indexes.

If this is a persistent problem, then you need to figure out why things are 
wonky (like, are you storing the indexes and/or mail on a network share?).

If things go badly, replace the index files you moved.

I think that maybe 

# doveadm index -A “*” 

will rebuilt the indexes without stopping dovecot, but I will wait for someone 
to correct me on that.

-- 
Updated to be PRCE compatible after 400 years: /(bb|[^b]{2})/

mremap_anon() failed: Not enough space

2019-06-19 Thread Dave McGuire via dovecot 


  Hey folks.  Suddenly I'm getting lots and lots of messages like this
in my logs:

Jun 19 14:47:31  dovecot: [ID 583609 local0.error]
imap(): Error:
mremap_anon(/var/mail///mailboxes/INBOX/Trash/dbox-Mails/dovecot.index.cache,
27632) failed: Not enough space

  I'm running 2.2.36.1 under Solaris 10 (patched to current) on
UltraSPARC.  There's plenty of memory, plenty of swap, and plenty of
disk, but this is a fairly busy mail server.

  Can anyone point me in the right direction?  I'm guessing I have to
increase a vsz_limit somewhere, but where?  It's not clear to me exactly
what is running out of what here.  The output of doveconf -n is pasted
below.

   Thanks,
   -Dave

--
$ doveconf -n
# 2.2.36.1 (5d621cf65): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.24 (124e06aa)
# OS: SunOS 5.10 sun4v
# Hostname: mail.neurotica.com
auth_failure_delay = 5 secs
auth_mechanisms = plain login
base_dir = /var/run/dovecot/
debug_log_path = /var/log/dovecot-debug
disable_plaintext_auth = no
first_valid_uid = 200
login_access_sockets = tcpwrap
mail_fsync = never
mail_plugins = fts fts_solr
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date index ihave duplicate mime foreverypart
extracttext editheader
mdbox_rotate_size = 64 M
mmap_disable = yes
namespace inbox {
  inbox = yes
  location =
  mailbox uncaught-spam {
auto = subscribe
special_use = \Junk
  }
  prefix =
}
passdb {
  args = /etc/dovecot/dovecot-sql.conf
  driver = sql
}
plugin {
  fts = solr
  fts_solr = break-imap-search url=http://localhost:8983/solr/
  sieve = /var/sieve-scripts/%u.sieve
  sieve_dir = ~/sieve
  sieve_extensions = +editheader
  sieve_global_dir = /var/lib/dovecot/sieve/global/
  sieve_global_path = /var/lib/dovecot/sieve/default.sieve
}
protocols = imap pop3 sieve
service auth {
  unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
  }
  unix_listener auth-master {
group = vmail
mode = 0600
user = vmail
  }
  user = root
}
service imap-login {
  process_min_avail = 10
  service_count = 10
  vsz_limit = 512 M
}
service imap {
  executable = /usr/local/libexec/dovecot/imap
  vsz_limit = 512 M
}
service managesieve-login {
  inet_listener sieve {
port = 4190
  }
  process_min_avail = 1
  service_count = 1
  vsz_limit = 64 M
}
service managesieve {
  process_limit = 10
}
service pop3-login {
  process_min_avail = 10
  service_count = 10
  vsz_limit = 512 M
}
service pop3 {
  executable = /usr/local/libexec/dovecot/pop3
}
service tcpwrap {
  unix_listener login/tcpwrap {
group = $default_login_user
mode = 0600
user = $default_login_user
  }
}
ssl_cert =

Problem syncing mail with IMAP

2019-06-19 Thread Odhiambo Washington via dovecot 
I am seeing the following errors in my logs, which I believe are preventing
Outlook from syncing.
How do I solve these?
Can I just delete the index.cache??


Jun 18 11:23:34 imap(techni...@mydomain.co.ke)<59754>:
Error: Corrupted record in index cache file /var/spool/virtual/
mydomain.co.ke/technical/mdbox/mailboxes/INBOX/dbox-Mails/dovecot.index.cache:
UID 29: Broken virtual  size in mailbox INBOX: read(/var/spool/virtual/
mydomain.co.ke/technical/mdbox/storage/m.1): FETCH BODY[] got too little
data: 131524 vs 772408
Jun 18 11:23:45 imap(sa...@mydomain.co.ke)<59812>: Error:
Corrupted record in index cache file /var/spool/virtual/
mydomain.co.ke/sales/mdbox/mailboxes/INBOX/dbox-Mails/dovecot.index.cache:
UID 25: Broken virtual size in mailbox INBOX: read(/var/spool/virtual/
mydomain.co.ke/sales/mdbox/storage/m.552): FETCH BODY[] got too little
data: 17130 vs 370736
Jun 18 11:24:03 imap(techni...@mydomain.co.ke)<59891>:
Error: Corrupted record in index cache file /var/spool/virtual/
mydomain.co.ke/technical/mdbox/mailboxes/INBOX/dbox-Mails/dovecot.index.cache:
UID 29: Broken virtual size in mailbox INBOX: read(/var/spool/virtual/
mydomain.co.ke/technical/mdbox/storage/m.1): FETCH BODY[] got too little
data: 131524 vs 772408
Jun 18 11:24:12 imap(sa...@mydomain.co.ke)<59933>: Error:
Corrupted record in index cache file /var/spool/virtual/
mydomain.co.ke/sales/mdbox/mailboxes/INBOX/dbox-Mails/dovecot.index.cache:
UID 25: Broken virtual size in  mailbox INBOX: read(/var/spool/virtual/
mydomain.co.ke/sales/mdbox/storage/m.552): FETCH BODY[] got too little
data: 17130 vs 370736
Jun 18 11:24:40 imap(sa...@mydomain.co.ke)<60053>: Error:
Corrupted record in index cache file /var/spool/virtual/
mydomain.co.ke/sales/mdbox/mailboxes/INBOX/dbox-Mails/dovecot.index.cache:
UID 25: Broken virtual size in mailbox INBOX: read(/var/spool/virtual/
mydomain.co.ke/sales/mdbox/storage/m.552): FETCH BODY[] got too little
data: 17130 vs 370736
Jun 18 11:24:49 imap(techni...@mydomain.co.ke)<60079>:
Error: Corrupted record in index cache file /var/spool/virtual/
mydomain.co.ke/technical/mdbox/mailboxes/INBOX/dbox-Mails/dovecot.index.cache:
UID 29: Broken virtual  size in mailbox INBOX: read(/var/spool/virtual/
mydomain.co.ke/technical/mdbox/storage/m.1): FETCH BODY[] got too little
data: 131524 vs 772408
Jun 18 11:25:09 imap(sa...@mydomain.co.ke)<60184>: Error:
Corrupted record in index cache file /var/spool/virtual/
mydomain.co.ke/sales/mdbox/mailboxes/INBOX/dbox-Mails/dovecot.index.cache:
UID 25: Broken virtual size in  mailbox INBOX: read(/var/spool/virtual/
mydomain.co.ke/sales/mdbox/storage/m.552): FETCH BODY[] got too little
data: 17130 vs 370736
Jun 18 11:25:13 imap(techni...@mydomain.co.ke)<60204>:
Error: Corrupted record in index cache file /var/spool/virtual/
mydomain.co.ke/technical/mdbox/mailboxes/INBOX/dbox-Mails/dovecot.index.cache:
UID 29: Broken virtual  size in mailbox INBOX: read(/var/spool/virtual/
mydomain.co.ke/technical/mdbox/storage/m.1): FETCH BODY[] got too little
data: 131524 vs 772408
Jun 18 11:25:42 imap(techni...@mydomain.co.ke)<60328>:
Error: Corrupted record in index cache file /var/spool/virtual/
mydomain.co.ke/technical/mdbox/mailboxes/INBOX/dbox-Mails/dovecot.index.cache:
UID 29: Broken virtual size in mailbox INBOX: read(/var/spool/virtual/
mydomain.co.ke/technical/mdbox/storage/m.1): FETCH BODY[] got too little
data: 131524 vs 772408
Jun 18 11:26:03 imap(sa...@mydomain.co.ke)<60358><9ckk3JSLLe7FsVm2>: Error:
Corrupted record in index cache file /var/spool/virtual/
mydomain.co.ke/sales/mdbox/mailboxes/INBOX/dbox-Mails/dovecot.index.cache:
UID 25: Broken virtual size in mailbox INBOX: read(/var/spool/virtual/
mydomain.co.ke/sales/mdbox/storage/m.552): FETCH BODY[] got too little
data: 17130 vs 370736
Jun 18 11:26:11 imap(techni...@mydomain.co.ke)<60455>:
Error: Corrupted record in index cache file /var/spool/virtual/
mydomain.co.ke/technical/mdbox/mailboxes/INBOX/dbox-Mails/dovecot.index.cache:
UID 29: Broken virtual size in mailbox INBOX: read(/var/spool/virtual/
mydomain.co.ke/technical/mdbox/storage/m.1): FETCH BODY[] got too little
data: 131524 vs 772408
Jun 18 11:26:32 imap(sa...@mydomain.co.ke)<60548>: Error:
Corrupted record in index cache file /var/spool/virtual/
mydomain.co.ke/sales/mdbox/mailboxes/INBOX/dbox-Mails/dovecot.index.cache:
UID 25: Broken virtual size in mailbox INBOX: read(/var/spool/virtual/
mydomain.co.ke/sales/mdbox/storage/m.552): FETCH BODY[] got too little
data: 17130 vs 370736
Jun 18 11:26:33 imap(techni...@mydomain.co.ke)<60553>:
Error: Corrupted record in index cache file /var/spool/virtual/
mydomain.co.ke/technical/mdbox/mailboxes/INBOX/dbox-Mails/dovecot.index.cache:
UID 29: Broken virtual size in mailbox INBOX: read(/var/spool/virtual/
mydomain.co.ke/technical/mdbox/storage/m.1): FETCH BODY[] got too little
data: 131524 vs 772408
Jun 18 11:26:45 imap(techni...@mydomain.co.ke)<60602>:
Error: Corrupted record in index cache file /var/spool/virtual/

RE: Help on CRAM-MD5

2019-06-19 Thread Jorge Bastos via dovecot 
Howdy,

Answering all, so cram-md5 is old, don't want then!
I only noticed thunderbird as default using this, so, won't implement it!

Thanks for the clarify,

-Original Message-
From: dovecot  On Behalf Of Aki Tuomi via dovecot
Sent: 19 de junho de 2019 07:31
To: Alexander Dalloz ; dovecot@dovecot.org
Subject: Re: Help on CRAM-MD5


On 19.6.2019 7.48, Alexander Dalloz via dovecot wrote:
> Am 19.06.2019 um 00:04 schrieb Jorge Bastos via dovecot:
>> Howdy,
>>
>> I'm using dovecot and mysql users, and i'm creating the password with:
>>
>> ENCRYPT('some-passwd',CONCAT('$6$', SUBSTRING(SHA(RAND()), -16)))
>>
>> So far so good, everything's fine.
>> Today saw that i didn't enabled CRAM-MD5, but if I do, and the (at
>> least)
>> IMAP client (roundcube/thunderbird/etc) issues CRAM-MD5 it doesn't 
>> authenticate.
>> What am i doing wrong, or that can be done so that all types work 
>> (SASL PLAIN LOGIN + CRAM-MD5)?
>>
>> Thanks in advanced,
>>
>
> For shared secret mechanisms like CRAM-MD5 to work the password must 
> be stored in plaintext AFAIK. That's a good reason not to offer that.
>
> Alexander
>

CRAM-MD5 can also be stored as stage 1 MD5 hashed blob. Only marginally better 
than plaintext. But as pointed out, CRAM-MD5, DIGEST-MD5 cannot work with 
crypted passwords. If you want to use "secure passwords",
SCRAM-SHA1 is an option, but probably best is to disable other than 'PLAIN' and 
'LOGIN' mech unless you know what you are doing.


Aki

Re: User listing returned failure with -A

2019-06-19 Thread @lbutlr via dovecot 
On 19 Jun 2019, at 08:33, Aki Tuomi via dovecot  wrote:
> Dovecot uses auth process to collect users, so maybe look at your iterate 
> query? https://wiki.dovecot.org/AuthDatabase/SQL#User_iteration

Yeah, didn’t have one of those.  ¯\_(ツ)_/¯ 

iterate_query = select username from mailbox

Seem to have sorted that out, thank you.

-- 
The Nixon I remembered was absolutely humorless; I couldn't imagine
him laughing at anything except maybe a paraplegic who wanted to vote
Democratic but couldn't quite reach the lever on the voting machine.
 - Hunter S Thompson

Re: User listing returned failure with -A

2019-06-19 Thread Aki Tuomi via dovecot 


 
 
  
   
  
  
   
On 19 June 2019 17:23 @lbutlr via dovecot <
dovecot@dovecot.org> wrote:
   
   

   
   

   
   
On 19 Jun 2019, at 00:42, Aki Tuomi via dovecot <
dovecot@dovecot.org> wrote:
   
   

 Your userdb does not support listing, check dovecot logs, the error will


 not be reported by doveadm.

   
   
sqlpool(mysql): Query failed, retrying: Table 'postfix.users' doesn't exist
   
   

   
   
Well, that is true, there is no users table, the table is ‘mailbox’ and the field is ‘username'
   
   

   
   
Any way yo tell doveadm what to look for?
   
   

   
   

   
   

   
   
--
   
   
*** AgentSmith sets mode: +m
   
  
  
   
  
  
   Dovecot uses auth process to collect users, so maybe look at your iterate query? https://wiki.dovecot.org/AuthDatabase/SQL#User_iteration
  
  
   ---
Aki Tuomi

Re: User listing returned failure with -A

2019-06-19 Thread @lbutlr via dovecot 
On 19 Jun 2019, at 00:42, Aki Tuomi via dovecot  wrote:
> Your userdb does not support listing, check dovecot logs, the error will
> not be reported by doveadm.

sqlpool(mysql): Query failed, retrying: Table 'postfix.users' doesn't exist

Well, that is true, there is no users table, the table is ‘mailbox’ and the 
field is ‘username'

Any way yo tell doveadm what to look for?



-- 
*** AgentSmith sets mode: +m

Re: Cannot connect to DOVECOT from Roundcube using SSL on Port 993

2019-06-19 Thread Jean-Daniel Dupas via dovecot 


> Le 19 juin 2019 à 11:34, zahn via dovecot  a écrit :
> 
> Hello
> 
> I try to connect to dovecot from roundcube using this setup:
> 
> $config['default_host'] = 'ssl://chogolisa.akadia.com';
> $config['default_port'] = 993;
> 
> and I get the following error message from dovecot:
> 
> Jun 19 11:30:21 chogolisa dovecot: imap-login: Disconnected (no auth attempts 
> in 0 secs): user=<>, rip=84.253.50.195, lip=84.253.50.195, TLS handshaking: 
> Connection closed, session=
> 
> When I try to connect from:
> 
> $config['default_host'] = 'tls://chogolisa.akadia.com';
> $config['default_port'] = 143;
> 
> it works !
> 
> Roundcube: 1.0.12
> Dovecot: 2.3.6
> 
> Can you help me ?


Look like your using a very old roundcube instance. Maybe you should start by 
updating it.
I'm using the same setting with roundcube 1.3.9 (ssl://hostname 
, port 993), and never had any issue connection dovecot.

Shared mailbox: share whole inbox

2019-06-19 Thread Zdeněk Sobotka via dovecot 
Hi,

I'd like to share the whole INBOX of one user with another. That should
go through:

doveadm acl add -u us...@example.cz SharedDirectory
user=us...@example.cz lookup read insert

It's works fine, when I connect through imap I see:

. list "" "*"* LIST (\Noselect \HasChildren) "/" shared* LIST (\Noselect
\HasChildren) "/" shared/example.cz/name.surname* LIST (\HasNoChildren)
"/" shared/example.cz/name.surname/SharedDirectory* LIST
(\HasNoChildren) "/" INBOX. OK List completed (0.000 + 0.000 secs).

But now I would like to share the whole INBOX by: doveadm acl delete -u
us...@example.cz SharedDirectory us...@example.cz 2 list "" "*" * LIST
(\HasNoChildren) "/" INBOX 2 OK List completed (0.000 + 0.000 + 0.002
secs). doveadm acl add -u us...@example.cz INBOX user=us...@example.cz
lookup read insert 2 list "" "*" * LIST (\HasNoChildren) "/" INBOX 2 OK
List completed (0.000 + 0.000 + 0.002 secs). But it doesn't do what I
expected, IMAP output it's the same and INBOX in shared folder is not
subscribed. I'm looking for help to debug what might be wrong. Thanks. Z.


auth_cache_size = 10 M
auth_default_realm = %d
auth_mechanisms = plain login
auth_realms = example.cz
default_client_limit = 1024
default_process_limit = 1024
dict {
  acl = pgsql:/etc/dovecot/postgre-acl.conf
}
mail_location = maildir:/var/vmail/%d/%n/Maildir
mail_plugins = acl listescape zlib
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character 
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy 
include variables body enotify environment mailbox date index ihave duplicate 
mime foreverypart extracttext imapflags notify
namespace {
  list = children
  location = 
maildir:/var/vmail/%%d/%%n/Maildir:INDEX=/var/vmail/%d/%n/Maildir/shared/%%d/%%n:INDEXPVT=/var/vmail/%d/%n/Maildir/shared/%%d/%%n
  prefix = shared/%%d/%%n/
  separator = /
  subscriptions = no
  type = shared
}
namespace inbox {
  inbox = yes
  location = 
  prefix = 
  separator = /
  type = private
}
passdb {
  args = /etc/dovecot/dovecot-ldap_people.conf.ext
  driver = ldap
}
plugin {
  acl = vfile
  acl_shared_dict = proxy::acl
  recipient_delimiter = +
  sieve = 
file:/var/vmail/%d/%n/Maildir/sieve;active=/var/vmail/%d/%n/Maildir/dovecot.sieve
  sieve_before = /usr/local/etc/dovecot/default.sieve
  sieve_default = /usr/local/etc/dovecot/default.sieve
  sieve_extensions = +notify +imapflags +duplicate
  sieve_trace_debug = yes
  sieve_trace_level = matching
  sieve_user_log = file:/var/vmail/%d/%n/Maildir/sieve/sieve_user.log
}
protocols = " imap lmtp sieve"
service auth-worker {
  user = root
}
service auth {
  unix_listener /var/spool/postfix/private/auth {
    group = postfix
    mode = 0660
    user = postfix
  }
  unix_listener auth-userdb {
    group = postfix
    mode = 0660
    user = postfix
  }
  user = dovecot
}
service dict {
  unix_listener dict {
    mode = 0600
    user = vmail
  }
}
service imap-login {
  inet_listener imap {
    port = 143
  }
  inet_listener imaps {
    port = 993
    ssl = yes
  }
  vsz_limit = 1 G
}
service imap {
  vsz_limit = 1 G
}
service lmtp {
  executable = lmtp -L
  process_min_avail = 10
  unix_listener /var/spool/postfix/private/dovecot-lmtp {
    group = postfix
    mode = 0600
    user = postfix
  }
}
service managesieve-login {
  inet_listener sieve {
    port = 4190
  }
  process_min_avail = 1
  service_count = 1
  vsz_limit = 64 M
}
ssl_ca = < /etc/ssl/certs/mail.example.cz/mail.example.cz.intermediate.crt
ssl_cert = < /etc/ssl/certs/mail.example.cz/mail.example.cz.crt
ssl_cipher_list = 
ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
ssl_key =  # hidden, use -P to show it
ssl_prefer_server_ciphers = yes
userdb {
  args = /etc/dovecot/dovecot-ldap_people.conf.ext
  driver = ldap
}
protocol lmtp {
  info_log_path = /var/log/dovecot/dovecot-lmtp.log
  log_path = /var/log/dovecot/dovecot-lmtp-errors.log
  mail_plugins = acl listescape zlib quota sieve
  postmaster_address = adm...@example.cz
}
protocol imap {
  mail_max_userip_connections = 500
  mail_plugins = acl listescape zlib imap_acl
}
protocol sieve {
  info_log_path = /var/log/dovecot-sieve.log
  log_path = /var/log/dovecot-sieve-errors.log
  mail_max_userip_connections = 100
  managesieve_implementation_string = Dovecot Pigeonhole
 

Cannot connect to DOVECOT from Roundcube using SSL on Port 993

2019-06-19 Thread zahn via dovecot 

Hello

I try to connect to dovecot from roundcube using this setup:

$config['default_host'] = 'ssl://chogolisa.akadia.com';
$config['default_port'] = 993;

and I get the following error message from dovecot:

Jun 19 11:30:21 chogolisa dovecot: imap-login: Disconnected (no auth 
attempts in 0 secs): user=<>, rip=84.253.50.195, lip=84.253.50.195, TLS 
handshaking: Connection closed, session=


When I try to connect from:

$config['default_host'] = 'tls://chogolisa.akadia.com';
$config['default_port'] = 143;

it works !

Roundcube: 1.0.12
Dovecot: 2.3.6

Can you help me ?

--

Schöne Grüsse aus Oberdiessbach Martin Zahn

Akadia AG
Martin Zahn
Software Ing. HTL
Oracle Certificate Professional
Information Technology
Fichtenweg 10
CH-3672 Oberdiessbach

Tel: +41 79 410 27 87
Web: www.akadia.com
E-Mail: martin.z...@akadia.com

Re: mdbox to Maildir

2019-06-19 Thread Sami Ketola via dovecot 


> On 19 Jun 2019, at 5.05, Adam Raszkiewicz  wrote:
> 
> I saw that before but there is only maildir -> mdbox but not mdbox -> maildir
> Did I have missed anything there?

There is no direct example on how to do just that but you can use your brain 
and modify the mbox -> maildir example a bit.

Sami

Re: Converting mdbox to mbox/MailDir

2019-06-19 Thread Aki Tuomi via dovecot 


On 19.6.2019 6.39, @lbutlr via dovecot wrote:
> On 18 Jun 2019, at 20:46, Adam Raszkiewicz  wrote:
>> maildir -> mdbox it is maildir to mdbox conversion when I'm looking 
>> something opposite: mdbox -> maildir
> Please go back and read all the words in my previous reply.
>

doveadm supports convering mdbox to maildir as well, it works pretty
much the same way as maildir to mdbox.

Aki

Re: User listing returned failure with -A

2019-06-19 Thread Aki Tuomi via dovecot 


On 19.6.2019 5.44, @lbutlr via dovecot wrote:
> First, I archive the old messages in the INBOX on my list account
>
>  # doveadm -Dv move -u krem...@kreme.com Archive mailbox INBOX BEFORE 90d 
>   
>Debug: Loading modules from directory: 
> /usr/local/lib/dovecot/doveadm
> Debug: Skipping module doveadm_acl_plugin, because dlopen() failed: 
> /usr/local/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so: Undefined symbol 
> "acl_user_module" (this is usually intentional, so just ignore this message)
> Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: 
> /usr/local/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so: Undefined 
> symbol "expire_set_lookup" (this is usually intentional, so just ignore this 
> message)
> Debug: Skipping module doveadm_quota_plugin, because dlopen() failed: 
> /usr/local/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so: Undefined 
> symbol "quota_user_module" (this is usually intentional, so just ignore this 
> message)
> Debug: Module loaded: 
> /usr/local/lib/dovecot/doveadm/lib10_doveadm_sieve_plugin.so
> Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: 
> /usr/local/lib/dovecot/doveadm/lib20_doveadm_fts_plugin.so: Undefined symbol 
> "fts_filter_filter" (this is usually intentional, so just ignore this message)
> Debug: Skipping module doveadm_mail_crypt_plugin, because dlopen() failed: 
> /usr/local/lib/dovecot/doveadm/libdoveadm_mail_crypt_plugin.so: Undefined 
> symbol "mail_crypt_user_get_public_key" (this is usually intentional, so just 
> ignore this message)
> doveadm(krem...@kreme.com)<64937><>: Debug: auth USER input: 
> krem...@kreme.com uid=89 gid=89 
> mail_location=maildir:/usr/local/virtual/krem...@kreme.com/Maildir 
> mail=maildir:/usr/local/virtual/krem...@kreme.com/Maildir 
> home=/usr/local/virtual/krem...@kreme.com/
> doveadm(krem...@kreme.com)<64937><>: Debug: Added userdb setting: 
> mail=maildir:/usr/local/virtual/krem...@kreme.com/Maildir
> doveadm(krem...@kreme.com)<64937><>: Debug: Added userdb setting: 
> mail_location=maildir:/usr/local/virtual/krem...@kreme.com/Maildir
> doveadm(krem...@kreme.com): Debug: Effective uid=89, gid=89, 
> home=/usr/local/virtual/krem...@kreme.com/
> doveadm(krem...@kreme.com): Debug: Namespace inbox: type=private, prefix=, 
> sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes 
> location=maildir:/usr/local/virtual/krem...@kreme.com/Maildir
> doveadm(krem...@kreme.com): Debug: maildir++: 
> root=/usr/local/virtual/krem...@kreme.com/Maildir, index=, indexpvt=, 
> control=, inbox=/usr/local/virtual/krem...@kreme.com/Maildir, alt=
> doveadm(krem...@kreme.com): Debug: Mailbox Archive: Mailbox opened because: 
> move
> doveadm(krem...@kreme.com): Debug: Mailbox INBOX: Mailbox opened because: move
>
> OK. that went well, how about all users now?
>
>  # doveadm -Dv move -A Archive mailbox INBOX BEFORE 90d   
>   
>Debug: Loading modules from directory: 
> /usr/local/lib/dovecot/doveadm
> Debug: Skipping module doveadm_acl_plugin, because dlopen() failed: 
> /usr/local/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so: Undefined symbol 
> "acl_user_module" (this is usually intentional, so just ignore this message)
> Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: 
> /usr/local/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so: Undefined 
> symbol "expire_set_lookup" (this is usually intentional, so just ignore this 
> message)
> Debug: Skipping module doveadm_quota_plugin, because dlopen() failed: 
> /usr/local/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so: Undefined 
> symbol "quota_user_module" (this is usually intentional, so just ignore this 
> message)
> Debug: Module loaded: 
> /usr/local/lib/dovecot/doveadm/lib10_doveadm_sieve_plugin.so
> Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: 
> /usr/local/lib/dovecot/doveadm/lib20_doveadm_fts_plugin.so: Undefined symbol 
> "fts_filter_filter" (this is usually intentional, so just ignore this message)
> Debug: Skipping module doveadm_mail_crypt_plugin, because dlopen() failed: 
> /usr/local/lib/dovecot/doveadm/libdoveadm_mail_crypt_plugin.so: Undefined 
> symbol "mail_crypt_user_get_public_key" (this is usually intentional, so just 
> ignore this message)
> Error: User listing returned failure
>
> doveadm: Error: Failed to iterate through some users
>
> Ok, so I try the following:
>
>  # cd /usr/local/virtual && for i in *; do doveadm move -u $i  Archive 
> mailbox INBOX BEFORE 90d; done 
>
> And that works fine.
>
> Everything is the same up until the Error but since nothing else is logged, 
> where do I go from here?
>

Your userdb does not support listing, check dovecot logs, the error will
not be reported by doveadm.

Aki

Re: Help on CRAM-MD5

2019-06-19 Thread Aki Tuomi via dovecot 


On 19.6.2019 7.48, Alexander Dalloz via dovecot wrote:
> Am 19.06.2019 um 00:04 schrieb Jorge Bastos via dovecot:
>> Howdy,
>>
>> I'm using dovecot and mysql users, and i'm creating the password with:
>>
>> ENCRYPT('some-passwd',CONCAT('$6$', SUBSTRING(SHA(RAND()), -16)))
>>
>> So far so good, everything's fine.
>> Today saw that i didn't enabled CRAM-MD5, but if I do, and the (at
>> least)
>> IMAP client (roundcube/thunderbird/etc) issues CRAM-MD5 it doesn't
>> authenticate.
>> What am i doing wrong, or that can be done so that all types work (SASL
>> PLAIN LOGIN + CRAM-MD5)?
>>
>> Thanks in advanced,
>>
>
> For shared secret mechanisms like CRAM-MD5 to work the password must
> be stored in plaintext AFAIK. That's a good reason not to offer that.
>
> Alexander
>

CRAM-MD5 can also be stored as stage 1 MD5 hashed blob. Only marginally
better than plaintext. But as pointed out, CRAM-MD5, DIGEST-MD5 cannot
work with crypted passwords. If you want to use "secure passwords",
SCRAM-SHA1 is an option, but probably best is to disable other than
'PLAIN' and 'LOGIN' mech unless you know what you are doing.


Aki