Re: SMTP and IMAP authentication critically fails out of the blue
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 14 Nov 2017, Felix Plapper wrote: Mail.errNov 13 23:59:06 webdev dovecot: auth: Error: PLAIN(acco...@domain2.com, XXX.XXX.XXX.XXX,): Request 29154.1 timed out after 150 secs, state=1 looks like the connection to your passdb (mysql) is not working. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWgqHA3z1H7kL/d9rAQL0kAf/eWMYH6ae6VpVVYyyxTSL3Mv+0iDTXHmV nu/Hi0ldkMgnW7d8hOwLKwxr8a1jOAQwxnWhCNMtbbspC05lrqPN1u2/nd+FqLhE G+vAcAaXvkYTpFqKQsQ8tYJuSBuVJ2zx19+uG48os8oPt6lISQ7ml1s9LTHRVZGe btXVPWHkwh3tWKUSuf+/q3lEGr2MDDuGDkfw6u6ykqWeNifDxBFBNTJYbGl1UeDB sTB0tj7rpKmwy0JR9r1U9QR/MFWT9LlwCfOZqH7Mym/9AJkPDU6ewcrTPOFkt7bF sI+GsmPwJ7+7rU4+hgW8em+wRflphMF8J3BAygVSNWwOJUyZpCiubQ== =NMr4 -END PGP SIGNATURE-
Re: home folder for virtual users with autoexpunge setting
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sun, 19 Nov 2017, fe...@kngnt.org wrote: I understand this is correct: as is a virtual user, it does not have home folder. Is there any way I can set the autoexpunge plugin to store the lock file in the virtual user email home folder? well, home folder in Dovecot != $HOME (or ~user), but user-specific besides the mail storage root folder: https://wiki2.dovecot.org/VirtualUsers/Home Dovecot however uses ~ as abbrevation for "home directory". - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWhPXQ3z1H7kL/d9rAQJBHwf+PjLMPpRPLuNC9NztmJ9G+1xo+vwQBWDM TZZ2+LHg453ojhR/vdZhuhwl/UnMPq+PTyCINwtSzcvHjeRY9GCtUlnPWSH4nHN8 1x7YlsZm6kLa9K0d2e7MJ52s9yUEHlxtvIUxuRMrFfQyc6sHm7Q8WTGNDCH12N8q Ob8sikXdh7+IFJvRP2sjXAb4MldPFudio5CtSfQ0MbrgLEp/pl8BCbrlcycpHCPX s6+cis0GXaKu4ntCyUZAbsckPJ30JFAxhRNltUo+nmCCF4BY1Md87geyUnDr8ehE 4mJP4M4KfZne9i/+XTPuPfw4H3cCNMq3svBJtpLcvqWmnjnLzOhhyQ== =YVgN -END PGP SIGNATURE-
Re: home folder for virtual users with autoexpunge setting
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 21 Nov 2017, fe...@kngnt.org wrote: dovecot-acl-list dovecot.list.index.log dovecot.mailbox.log.2 dovecot-uidvalidity.51e5857f storage dovecot.list.index dovecot-uidvalidity dovecot.mailbox.log mailboxes subscriptions Which ones should I move to / ? these: dovecot.sieve.log dovecot.svbin sieve dovecot.sieve dovecot.sieve.log.0 I'm not sure about this one: spamassassin This is probably used by an plugin or something like that, so it should go into home as well. Thank you! Felix November 21, 2017 9:08 AM, "Steffen Kaiser" wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sun, 19 Nov 2017, fe...@kngnt.org wrote: I understand this is correct: as is a virtual user, it does not > have home folder. Is there any way I can set the autoexpunge plugin to > store the lock file in the virtual user email home folder? well, home folder in Dovecot != $HOME (or ~user), but user-specific besides the mail storage root folder: https://wiki2.dovecot.org/VirtualUsers/Home Dovecot however uses ~ as abbrevation for "home directory". - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWhPXQ3z1H7kL/d9rAQJBHwf+PjLMPpRPLuNC9NztmJ9G+1xo+vwQBWDM TZZ2+LHg453ojhR/vdZhuhwl/UnMPq+PTyCINwtSzcvHjeRY9GCtUlnPWSH4nHN8 1x7YlsZm6kLa9K0d2e7MJ52s9yUEHlxtvIUxuRMrFfQyc6sHm7Q8WTGNDCH12N8q Ob8sikXdh7+IFJvRP2sjXAb4MldPFudio5CtSfQ0MbrgLEp/pl8BCbrlcycpHCPX s6+cis0GXaKu4ntCyUZAbsckPJ30JFAxhRNltUo+nmCCF4BY1Md87geyUnDr8ehE 4mJP4M4KfZne9i/+XTPuPfw4H3cCNMq3svBJtpLcvqWmnjnLzOhhyQ== =YVgN -END PGP SIGNATURE- - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWhQPH8QnQQNheMxiAQJDEQgAv7jPTkGDZSC3iuYWutWcflJE+FbRoC6a T3E932MHUHU0b3kXmzubFyXgKdLIWcWmZD6R+e1x0ys1Hc/4SzcdSPlpyNYCKzUf beQeMQZFa7vvXuLlUaFBMnV5LCl2VlnT5sxm9hcu3mQAP2fj6A2fmJ1d5Mv5eepP id3ILPTs+eO/ms03GJAwTtgqm8XVUhK+idXJEibvGKCuNDZKbq9XGyiHac74tpvX q8EjBwy7VJ1l4B9XTr8GLuqRKApKtu6s9MC5GFeiVU9Qzt5Q4XseUf0ucDfbJ6XP 6MGvLWPLrsanoeDbHrz8P1kNf8luzr6wnu8KwkbFBEKE7QjaE9YhiQ== =b/+T -END PGP SIGNATURE-
Re: set parameter per user
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 21 Nov 2017, A. Schulze wrote: in /etc/dovecot/ldap.conf user_attrs = ... =lmtp_save_to_detail_mailbox=%{ldap:lmtp-save-to-detail-mailbox:no}, =... Unfortunately messages to user+extension@domain are still delivered to INBOX/ while they should be delivered to INBOX/extension. I also tried to make the attribute accessible vi pass_attr and userdb_foo = ... because I use prefetch driver as userdb. I also disabled prefetching at all but no luck :-/ Is the detail delived to Dovecot by the MTA at all? - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWhayysQnQQNheMxiAQKZlAgAwbgQHs46y/g79WjuDN3I5FTxSULOr1c6 hyNmYKC4h+2ZEwyVrOzGZx9debh+idw8iGaCpyqj2mJnBfuJ31ZwXXVjKV6Nvq8C SCntpHW/38vjEKHDiPz9z8O0GE6kPU+nNrqHtaw3RGNygZWH3ZDvMe52HARmGLlz MFqg2s3Uwxx9/bdcfRKjbu98flU9TOv710ZSY5fihWmLYW0u9txoQra1FN+O2cmW sPWomXkJjHHHQi5C9jIp1bvAAFRPzmTKhwdWxlUwlO2iOYcgmFoJ/T+A5UtLOG83 5xLGuVNQBXoui/PixpQn+kBqvw8mpqoY858u0ot2iHFqz8GcVD4JsA== =vpQM -END PGP SIGNATURE-
Re: Exclude disabled accounts
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 23 Nov 2017, Evgeniy Korneechev wrote: We have userdb=passwd. userdb { driver = passwd #server was entered domain Active Directory override_fields = home=/var/vmail/glu_vrem/%u } If I disable in AD user's account, he can not sign in. But he can and will receive letters, which of course is not correct. How can I exclude disabled accounts from 'userdb'? Dovecot uses your system's getpwnam(), so if getent passwd username returns something, Dovecot uses it. There is no notion about "disabled" status in passwd databases. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWhaz5cQnQQNheMxiAQJomQgAldUZ2F22x5aoMOkJyyRBi2H7ChRrvTWS THDuYr9SfMoCSaeebrdvDeS7Cqs03/a3G9ffCXsvk15g8rWkEC98vtpUc6NObpLy JhiXU6qL2O+j5jVdR1bCVTqt3IgmC+wQb+2z7C16+PPJMB0uBK3S0e8PBjrqbESI ni/UFXwCUEybNrUiToqCuCvTSujFlnk83oeQhzN/NN1JZefPOixovn+vci1O9zba NVMDrjbC0vb/e+EQkJQmQGjGmhwPsMb1Z0waTQPq5fjV3DgUy1XaPOoP3gMexKpx dB3SPZ2WK3rNc1uR6CyrZrdjObLC6XKjN6xZg070dFX2kRcpJMyZOw== =Dp0N -END PGP SIGNATURE-
Re: set parameter per user
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 23 Nov 2017, A. Schulze wrote: Steffen Kaiser: Is the detail delived to Dovecot by the MTA at all? sure! have to say: I faked that example. In reality I tested the inverse way: My lab setup actually *do* deliver to folders and I saw, setting lmtp_save_to_detail_mailbox to 'no' still deliver to folder while INBOX was expected. so, correct hint: I should really try on an other system ... But from my debug logs it really should not matter if doveconf.conf: lmtp_save_to_detail_mailbox = yes set to 'no' per user from ldap vs. doveconf.conf: lmtp_save_to_detail_mailbox = no set to 'yes' per user from ldap maybe you need: lda_mailbox_autocreate = yes - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWhgO8MQnQQNheMxiAQIVxwf+OGigRWAj/EjOl6psAUxFf3EtRi3oWg4A lnF0u3990fqkLZmFF18KUKsnoIKIYkK5Gegp0keHbEZTydULCYozgi7Zks61kiRT tkDq+m9O++89bu6QZkhac2uJrAZx+hNvNFrOSm5htVSZy+IDP1mXfvJlq5vziV62 uQRqigv3OSUukzzhaPCjK8b8bPrqKodW5WKvP2mohX2LQdWsjbIWkY+NY1lkpM5v GTkxab8nZhYBcmEP0bx36aOeB5hgVJMsa+YBcaTTLQKJg560CIE/3YjYqlh5Fcl6 CwmPKf/PXtdMbyD8fWFp5K6g+PaYLMrExi/GS3dup+RnT9VemLqGLg== =9rWz -END PGP SIGNATURE-
Re: Server migration
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 24 Nov 2017, Gandalf Corvotempesta wrote: I've asked this before, but now it's time to move one server to another, I can't delay the operation anymore (the older server is failing) Both server are pretty old: 1.2.15 Probably, faster way would be to rsync all mailboxes from the older server to the newer one. I can start migrating everything while running then, stop the older server and sync only what is changed, keeping downtime at minimum. Any better solution ? No, it would go this way. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWhuqEMQnQQNheMxiAQJxDQf/UHW0IdjQclo81XtGIzs2Wo6L/h6Zw1gd BBwpS8KaqKSprxOVJY375ybzvwU+POuujmaN2v8TXPRuJY6ptyy57cqfgPPMN1gG eDp4SoDtQQk0Y1rocM9GdNx5yWb3RLukvpAxLXHaFoQlNRkbIB7kCvNofxiCTcdA 1xcQ7rB1gh+HxCOxf+tLWR/S29EqJeIhxlBUGjTcY42t2hQLBnVwqUJN53GkSWet h+V10iihSkpd3mXPbc49DV0NWUZTVMuspFNWp74sEeJSaOTYbPQU+im60n93ZWBO wotPioiQfES561G2+/SOe0ySvG0h92b2ICZWXKRwSRhcCGI4sNdeiw== =pxDV -END PGP SIGNATURE-
Re: Autoreplies are not sent
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 29 Nov 2017, Sergio Belkin wrote: Now, I'd want to every mail was sent to support-...@example.com it triggers an autoreply vacation style. So, I've wrote and compiled a sieve filter, something like that and put in op1@example.local sieve folder. But it fails complaining like that: nov 29 15:55:39 muteriver.example.local dovecot[12549]: lmtp(12675, op1@example.local): CqNdF6sCH1qDMQAAcSFsIQ: sieve: msgid=< ded22f3d-f1e3-157e-0667-ca73d851d...@example.com>: discarding vacation response for implicitly delivered message; no known (envelope) recipient address found in message headers (recipient=, and additional `:addresses' are specified) your MTA does not pass the envelope sender to Dovecot. Do you use LMTP or LDA to deliver the messages? - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWh+tI8QnQQNheMxiAQLi4AgAuTja/RGggap3E/EmqoDt42FNfPV/Tx+i wYC/IoM9KG+IZE4YcVVQW15EMt3CYNWf8VFU4ln45yAPuE/QidZLBdV5P0Ob9CLn uh7o02fc4RHQsmLeDNL3A9NpNTJR/Tj013fW2ZFvEA4hNU7f7IM07j28xZMWLI0Z ToRXWptFmw4SYKuK3utPlE2D3H7kqxskY/736qEoW97p6KFzAre36BH1ANe25/dD SygYJNEuh5B1VsKZg/NJjTpPbZwLCsqoP0lOW/tCG/SyPO991jPM1vzuI2A5r9fk OsxjYnb4xnufiu3Xe0EUkFee3fen9EAQ1LZdDHaueKva3TQmPLb4ow== =2Ex/ -END PGP SIGNATURE-
Re: Use multiple mbox locations
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sun, 3 Dec 2017, bapt x wrote: With GNU mailutils on Debian 9, we receive mails in /var/mail/ but when we read mails with the "mail" command, they are moved in a file ~/mbox: "Saved 1 message in /home//mbox". I use Roundcube webmail with Dovecot but if I also use use the "mail" command to read emails, Roundcube will not display old messages anymore since they were moved to ~/mbox. Hmm, this is a job for: https://wiki2.dovecot.org/Plugins/Snarf - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWipSjsQnQQNheMxiAQJqQAf/W9DKVJpR+5SX/imTYICgW3fCjj6VR5rl K/0SNROZDj7U8KoaFc4fs0Bgxuq0j/DhflDeNa+9cQF3dm0QJRVfW7UrAgsuLPUU XB3MKwoma270YjKpnChVqFjOIoOIhJm07e8MWaZge3QZByVFMpLCF707cWHav8OQ pURoo4MUXWKMHJO8gbUR+Tn1naSEmK7wBkVdQpINScRLlqS7vKOmYAwkb0h1DBoc C81P8EI5HqPjZvajL63F57aGi8VJGY6AHwR7dhuXT17yitrv0TBCGwcn4Ql9HPXA Wa34L1PXGe6NbEzj0PZvhiBY8+nFZ6ZfN/qOOTkQmj7Oq4ygy96vNA== =L+Yz -END PGP SIGNATURE-
Re: Howto authenticate smartPhone via Active Directory
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sat, 2 Dec 2017, Mark Foley wrote: I have a Samba4 Active Directory server. Dovecot authenticates AD Users with domain credentials using GSSAPI (Thunderbird client). I believe I have Dovecot set to attempt authentication via ^^ shadow first and. failing that, it does authenticate via GSSAPI. Smartphones connect to Dovecot via port 143 and SSL. They are not domain members so if the shadow authentication fails, no other methods are tried and no connection is made. What can I do with my dovecot config to fix this? If you are asking about how to auth against AD with plain credentials, see https://wiki2.dovecot.org/AuthDatabase/LDAP You can add another passdb {} . However, this enables any client to use plain credentials, incl. Thunderbird. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWi4pxMQnQQNheMxiAQJeKQf/UmSsc1YRSgPAJKEjB12lJCpCX2oj8Wfd qV9by9tyU942gNsAArBzMaSxgRWYb8yr6lmuPer0/HZJCQyExchjGgzc/HDeMJPU uxt0dOVvY4SXmfwv+phwlDO3UvDt5sagLNNx54v8nal+OIxAZ+juAxs/NiNPTlt+ 78R7TGaRj6Fxoyc/Ssf1CbCVr2ECK6m1YtJ+Jpe6Zi5FPMndx9rwWj/MMp5CW93/ UDUMM2wWoYBavzBXIEVb8Xi9n7PYJH8kdA4YILQdNrYTQR5k6XDLsKH9UYc/n216 CjktUGSC75E3zUk8a665gDJ+D/CjPfJSz/DICgkIeGAzweUfvVZk3Q== =L5oG -END PGP SIGNATURE-
Re: dovecot (+sendmail) fails to get email into thunderbird
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 13 Dec 2017, jo land wrote: I use 143 Imap to connect which i have tested with telnet and was able to login. But if i select the inbox with telnet it returns "0 EXISTS" like so: telnet 192.168.1.13 143 Trying 192.168.1.13... Connected to sub.domain.net. Escape character is '^]'. oper2 select INBOX * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft \*)] Flags permitted. * 0 EXISTS * 0 RECENT * OK [UIDVALIDITY 1513093097] UIDs valid * OK [UIDNEXT 1] Predicted next UID * OK [NOMODSEQ] No permanent modsequences oper2 OK [READ-WRITE] Select completed. Mail location set to: /var/mail/ Well, /var/mail typically contains a bunch of mbox files, one per local users. They are considered an INBOX for each user. You have configured this for Dovecot: https://wiki2.dovecot.org/MailLocation/mbox Each user, that logs in successfully, uses the same files in /var/mail as mbox storage. The "INBOX" is empty, because there does not exist "/var/mail/inbox", I guess. See 2nd example. If you see /var/mail/username, you should at least configure 1st example: # %u is replaced with the username that logs in mail_location = mbox:~/mail:INBOX=/var/mail/%u Note the %u and ~ and make sure, each user has an unique home directory. You could replace ~ with some specific user-specific path using %u as well. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWjIQfMQnQQNheMxiAQIvzggAo4PjphR52C0eHUsKFEojGWaCHPn8gCoA oIJbuqa9DM2zdbYDvDxHmPYXjnnk8zh2210sd6+wvvpCr13+R1Rbm65oXfi++zgk AUu7d/NB+wULafRxl+NY2HQNVDG1dk/1eHhDijmDDqF9A4eKYNjvHhZbRyQ7gEMw CwBOne8R8uP+pWiFjDMyvPJObjFrGflxlwVgqopbEBq7WM6cCx96esY4sJVJzG/B NN9PMHsmPdysngTXlE7DzzCrRrTzuccXCHD40AKh5n8Q5/HKHvl3egvQY/I6x21J jYCEEEGTG0vN8kVQDKSXD0Q0l+yYq1hA6VYpsKS4CI8kL0UpRRo0jA== =yetO -END PGP SIGNATURE-
Re: sieve filter move wrong email to Junk folder
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 15 Dec 2017, Bill Shirley wrote: This is what I use. Notice the comma: require "fileinto"; if header :contains "X-Spam-Status" "Yes," { fileinto "SystemFolders.SuspectedSpam"; stop; } I would even add the space: if header :contains "X-Spam-Status" "Yes, " { because the list of tests won't contain a space. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWjOKB8QnQQNheMxiAQIdeAgAyL+FDM/DE5J1sRkJ6P8MuIAT3Zx8zfPO Mljn/kswG551jyso2FfGqAw6et5uHrab3Wk22NxQVK6yR4ySZstr3RF9ICeuJVvs pNFzyvBf0BivihWZLMWiVum0/B0LfpW6T7B93Yvbl/JXei2C6+uy8Mk2zFo/5jWP lpKdIxWs/SMmsjFE2QccfP7Id1aUw+tYM+9P/fzc0/kGkNRs5UCodeo/e30opdvv tJ8QpwPV/873uhk9p5m2NB/0bi4i9Rg5VMC2ui5trVlyOR2q2WpYVZ1gV2tvVpEA B3QY8vrzDf9xb1zDoVi8hMDCqynZZGQ++nSfIux/7DBDJvvYx5sYKg== =sUdv -END PGP SIGNATURE-
Re: Managesieve and virtual users
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 11 Jan 2018, CP wrote: I'm trying to setup sieve on a Debian 9 install with virtual users. Perhaps I'm getting old, but I can't figure out why managesieve is not working for virtual users. I have about 20 v users on this machine and only one has also a real unix account. The sieve rules work for this single unix account but not for any other account. Hmm, your conf contains just one passdb and one userbd: mail_location = maildir:/home/vmail/%d/%n/Maildir sieve = file:/home/vmail/%d/%n/sieve;active=/home/vmail/%d/%n/.dovecot.sieve userdb { args = uid=vmail gid=vmail home=/home/vmail/%d/%n/Maildir driver = static } So, how does the real user authentificate? Second, you've violated: https://wiki2.dovecot.org/VirtualUsers/Home?highlight=%28home%29|%28mail%29 make home and mail_location distinct. I guess, above should read: home=/home/vmail/%d/%n/ You've wrote "managesieve" is not working. That means, sieve is working? So, has vmail write permission to : /home/vmail/%d/%n/sieve is it a directory? Does your users log into managesieve with domain, too? but nothing is working for my case, so something is wrong in my setup and I hope you guys might shed some light . The setup is rather simple it's 20 v users with one public folder , I have tried both dovecot lda and lmtp . doveconf -n included Thanks in advance for any help - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWldLMMQnQQNheMxiAQLwjAf/enwWoeT5Phx1zuFPh3L0Cn2xemt+nJZU N1z0N6bkICBJKty7L8t/KNnA0a3L7suFKw3lCuQnP3O1FS6O9Kb8dtdynZgjkBeI xjdtVMjK1qtNmwdEtWfZ1LwAuPeMe/qNDDMBpsyqPAPN6RwMrFsEwvoGgq+PdVVX 1XQsQkSpJqjv2mzZfHRqS4c7vrUR/6l54+PY6NT8MEGtX4tZs/z7TVd0Oh75yTKn SpQT7cW/4Xmt06k4ddfB+WjR5MMaEtrc14Zr7RGCIuAyyaS3c/j9xCTYm/nRben8 GykXJS8VYY2xHT2Eq7q397EZKjtMISv07qunLaZjONAsIxMt6T6dBA== =I8QQ -END PGP SIGNATURE-
Re: Questions about SPECIAL-USE IMAP extension
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 11 Jan 2018, Joseph Tam wrote: I'd like to configure my dovecot service to use the IMAP SPECIAL-USE well, in my experience SPECIAL-USE is just a suggestions to clients. Check RFC 6154 for MUSTs, you'll find only few. Hence, how the client (or the server) behaves in a special case is implementor-defined. I do expect that any client supporting SPECIAL-USE honors the server setting (first time it connects to the server or everytime, but at least once) and creates the mailboxes it uses itself. Otherwise, Dovecot can autocreate the mailboxes regardless of its use: https://wiki2.dovecot.org/MailboxSettings - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWlhV0cQnQQNheMxiAQKgMggAweFTjdisGCIV1anbAJ44GK/dzSBn5Xp3 UUednPv/DwxwOiXBXexY0FNgOrNco7HKU/I62ibHgnLAHvSnJwBFV+l6iIHe4Rwm lM0XxK4OVDNIA8urYsEHTEEiVHvodmnIYQLPczO6VVPIOPWviIO4UQkN7PZRAjev 57UM1dvAfx7VaYfKXLVlVMjs+oJbt6XABzs5F0SJAtesxUuISvJwfaY4D/fgHRQY usW7+rfTuMKyW51+iMy86o2N3q+v1Qv9RNJPKfUMfdQWEQTjyr7o30HCK4GVf/62 68EKbHxhl0haK+0M9cDK17KWZXaWMBWTJzAANRHUFAHPbY9AidHgNw== =DYph -END PGP SIGNATURE-
Re: rewrite copy to trash->delete->expunge mail with move??
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 22 Jan 2018, Chi Min Wang wrote: When user got quota exceed and trying to delete mail. Most MUA's default "move to trash folder" will proceed by copy mail to trash folder,then by delete/expunge it(copy before expunge). Unfortunately this will not success due to quota exceed. Is there any way to let dovecot proceed it by IMAP MOVE instead of "copy to trash folder"->delete/expunge,Thanks!! when your MUA uses COPY, why/how should the server mangle it into MOVE? Should it forsee the later expunge? The server must reply to the COPY before it sees the later commands. If you buy lemons and water, what would you think, if the shop gives you lemonade, because it (computer, roboter or shopkeeper) forsees that you want to put both together anyway? The work around would be: https://wiki2.dovecot.org/Quota/Configuration search for Trash The problem however is, that some MUAs use other mailboxes than "Trash". "move to trash folder" is bad thing and painful, I agree with you. Add the other aspect: Delete in another namespace. *** CONFIDENTIALITY NOTICE:This e-mail and any attachments are confidential and may be legally privileged. If you are not the intended recipient, (i) please do not read or disclose to others, and (ii) please notify immediately the sender by reply mail, and (iii) please delete all copies of the email from your system. Failure to follow this process may be unlawful. We greatly appreciate your cooperation. Well, a public mailing list ... - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWmbgH8QnQQNheMxiAQKp/Qf/aKk5Sn7mlzoJU2C5DjMrU3p+BxeSeWjw 5ePNIHxs1zmpC8XEBcEMpikXzvz+1XBKFrmDrYzQv6iibNNMFcXkcHE+FWDeJ/eb 4rdsjb2Eovo3gAIg8fT+LcKrUNXMPDb6FoWl94YyIu4BUzysrhpkWTdHmU3pH1Fu 520NaOSVOASSqMKYaO8t3AGZYK6CMinfFCyO+PSFt/CiBc642adzaqnRdtiNkMeY VBhF8wf4WEqiyaysbbuSmC5/VZ1NTyVRt9KdWaThAcQVVMUf3rMngu70ssYVhWbZ 1A3KMV4ZGh4W7CQJ0vxJHgLoxu0C9pNu15fTfa3TJtkrZbCJNORt3w== =6ZYx -END PGP SIGNATURE-
Re: How to set autoexpunge rule for single user mailbox in dovecot conf?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 23 Jan 2018, Alexey Murz Korepov wrote: I need to set autoexpunge rule only for one single user and one mailbox (mail folder), so apply it only for user al...@example.com mailbox INBOX. How can I set namespace in dovecot config, that will apply only to single user? https://wiki2.dovecot.org/Namespaces#From_userdb However, I don't know if you can limit the setting to mailbox INBOX. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWmcddsQnQQNheMxiAQJo+ggAwMC4m6obuK8GHQE8b8FkGkTVlkJZhixr EyJmphdbtFwSKFTKPQsC+k64Kg8zmuBzPAgN5I513FWhiSQATy2iMSKzsIxGCdy2 pQ8P6XzaLFx+lwMWoARpEz8SS7S8H+amaF4JBYG+p0Y497vDxFVmDCt1G2ubVX68 UrZGIpvtUf+i+O3pBKJFLSYS+GQnrPV0RV9eUZuZjGcHrvP+AqTjY79Owvket9Eh 9C4QLar3GSj9kihwDarPTnPBC0tpDsl/Rzt8mU4qEni2Rv2r4N1f7cr3qDl3j4mC E2yaEkGGA+6ywflRMoSAsLhb7hg1xdR36uj6lpUEjS0DpnMVmY6khQ== =ldIj -END PGP SIGNATURE-
Re: Cannot delete IMAP Mail-Folder in Trash
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 1 Feb 2018, Gabriel Kaufmann wrote: I've noticed an annoying problem. Trying to delete a folder that has been deleted on IMAP and is moved to trash has problems being deleted. Thunderbird does you have subscribed a probably non-existant subfolder of that folder? Check out the subscription file. This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden. ?? - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWnqiYcQnQQNheMxiAQIMGQf/VBzyNrx9VPMKdiYa78iQSE4WMJ6PVj+H ZkMITFxvVP+3MRIfWM3I7QSkCXimgUm9aYeYIGtQNJuuvP3Zo+PGmOrsstXXGaUo 9xe0af3ETo8zo/2k1ec8Hg5QYQZAecsAyJWuTR6J9bEDfRZcU1Kw28pIKevL6HGd 9Wg1ITD5z/8+8zRPTfzhZvBAE8agUZnuI5NeqSz5F+9uCFzkDeC5iQBahUP8AojP maSNrjg2okU8l5mc2qz4sZEvOWgsLe+iEJJ0qOqxpS+nMC68SIjWph9tLpxRxKhX VIDZ1zlegULVI1Ji7ZR/9xaltvN0UdlZ2aSiYNbXNR3h2jhT/AH5bw== =wJBG -END PGP SIGNATURE-
Re: LDAP userdb and dovecot LDA/LMTP - different requirements
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 6 Feb 2018, Franta Hanzlík wrote: I want to use Dovecot LDA (or rather LMTP) use as local deliver with Postfix MTA. Users are in LDAP DB with structure as: dn: cn=username, ou=rank, o=myorg cn: username objectClass: Person gidNumber: uNNN uidNumber: gNNN userPassword: (somehow hashed, can only bind verification) homeDirectory: /Home/$rank/$username mailActive: 0/1 mail: usera@OneDomain mail: userb@SecDomain (not all users have 2+ addresses] uid: username groupMembership: group DN (can be multiple times for different groups) ... where: - cn = uid = expected IMAP login username (which hasn't @domain part) - user1 (and user2) isn't always same as username ?? What means this requirement? Now I not know, how to solve IMO diferent requirements to userdb: - LDA/LMTP need LDAP userdb unit, that can retrieve the name from an email address (ie for "usera@myDomain" returns cn/uid (as dovecot "username"). For LDA, just use another config. - IMAP server need LDAP userdb unit, that will have the user login (username) as the input parameter, and which returns information whether or not the user exists. user_filter = (&(|(mail=%n)(uid=%u))(mailActive=1)(objectClass=person)) this assumes that usera (without @domain) is not the username of another entry and that there is one entry for each mail address only. Users may login with their mail address. On the other hand, can you solve the aliases in LDAP into usernames by Postfix: http://www.postfix.org/ldap_table.5.html user_attrs = \ =home=%{ldap:homeDirectory}, \ =uid=%{ldap:uidNumber}, =gid=%{ldap:gidNumber}, =quota_rule=*:bytes=%{ldap:quotaBytes}, =namespace/default/separator=%{ldap:mailSeparator} Can anyone explain how these constructions work? And what do mean attribute notations in the form '=attr=' or '@attr=' or 'quota_rule=*:storage=100M' ? Nowhere have I found a sufficiently comprehensible description of these constructions... https://wiki2.dovecot.org/AuthDatabase/LDAP/Userdb?highlight=%28%40mail%29 - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWnqnY8QnQQNheMxiAQKihgf/bNNeVf+I4k75Buub0y1i46SIfqLdVdpb /qRTMz/ZJKZcNM5yu4st6HS/z8adZU5/UGC/sSrjTyYajtsXsXpKjKm+vzi25ylU X+C3Eq2Z6V07ijr20uqJVcO0JxoQ86aqVEoN+gP1IkvymjFPJdAZKXwooaAevX44 /cwCvykYeYlAYhF2ONGbcES+rwirQkBQOebzOuA+ncyiKhbjjwjzRfy6kdMMHtGn 06AKeENBjsXIHkoMdR+AyKFWN4lGcOqEYK56g231CwsMHz5VQCskRo6ZyIlKwKjx BFU/N4Wy1V4jQ56czLCEq+bM3wGDjMvmkh2xuHFPeX8xL/JOCt9Rhg== =czTH -END PGP SIGNATURE-
Re: stats-writer failed: Permission denied
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 7 Feb 2018, Jakobus Schürz wrote: Since i compile my own dovecot (not using dovecot from debian), i get this error on each startup dovecot with systemd Feb 07 11:16:35 aldebaran dovecot[7455]: imap: Error: net_connect_unix(/usr/local/var/run/dovecot/stats-writer) failed: Permission denied Feb 07 11:16:35 aldebaran dovecot[7455]: imap: Error: net_connect_unix(/usr/local/var/run/dovecot/stats-writer) failed: Permission denied I can change the owner and/or permissions of the file, than it works till the next reboot. How can i set this correctly in my configs? check out something like: service stats { fifo_listener stats-mail { user = vmail mode = 0600 } } https://wiki2.dovecot.org/Services#unix_listeners_and_fifo_listeners - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWnwNqcQnQQNheMxiAQLyVwf8DBEV27Nz5VXG3ENcjkkTblDS1/7dkTHc ZWbBY9VfRMp8VzjCCFHRNcHiPB26Y9qeXlVjOnDkBJXtl+XvmH+2Stg+LALp5Elh mS4GZNbu2ydYz4w35DbDY1+3Yg29LTp6kzLbn6s9wWLci0CiJCxbHuHvXKhBPMNE VGTBoGRhh+VOLJmN5lduVPHz0BDMUzeB74I3vWLNrYgIlXG7+vezEMPG4SgiX0b7 pggzrUEcQPPGnFDGDzuGtK7XWVJUoYEnJ81BYBplf/p6dB9ExqlOLl9c8jmeglwb JsBI2UNp2BSANggKG0oCRfbkAUgeCPpIIejGnhNFGKujBNdz1lYDNA== =49Ge -END PGP SIGNATURE-
Re: requiring a full fqdn for authentication
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 2 Mar 2018, David Mehler wrote: dovecot to require a complete email address as a login. Currently I can log in by either a username or fqdn. I've got the below what is the issue? If I need to provide my sql password query let me know. your SQL query in passdb allows both usernames. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWp6JisQnQQNheMxiAQKuuggAjNcedq1DVGWbe/3vpKHUHdgBJVzmmEsI seSm/NFfR6/Fw8c4fCz0BAiIBUkmo7LEowFFo6M9Yf+ZJHP1IDt6N7gWTgral2Vh pMrNn+mv9okzL2UvJzUlkCA4ntBJVG3BrG9ZUJfk/1f8IKS090nNpu4F79Ag0TG2 MiobX5XtIRvpwSTCteVzQaIanpNhmW/BSvA2smPcdt58AmVI6HUslxcsv9A1XZLP q47pYucUTyPdsNcK4OrzitRH2+0HNTw70kClP/dfUWEvL4ssw3drCXhO7LjN+Crq IpdfHp0k7bkfIv/e5Lfg4ZZs4uV5obEyqaa+UP0IUTLrEau1syZd9Q== =lhft -END PGP SIGNATURE-
Re: requiring a full fqdn for authentication
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 6 Mar 2018, David Mehler wrote: Thanks. Can you elaborate? post your sql config of Dovecot. On 3/6/18, Steffen Kaiser wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 2 Mar 2018, David Mehler wrote: dovecot to require a complete email address as a login. Currently I can log in by either a username or fqdn. I've got the below what is the issue? If I need to provide my sql password query let me know. your SQL query in passdb allows both usernames. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWp6JisQnQQNheMxiAQKuuggAjNcedq1DVGWbe/3vpKHUHdgBJVzmmEsI seSm/NFfR6/Fw8c4fCz0BAiIBUkmo7LEowFFo6M9Yf+ZJHP1IDt6N7gWTgral2Vh pMrNn+mv9okzL2UvJzUlkCA4ntBJVG3BrG9ZUJfk/1f8IKS090nNpu4F79Ag0TG2 MiobX5XtIRvpwSTCteVzQaIanpNhmW/BSvA2smPcdt58AmVI6HUslxcsv9A1XZLP q47pYucUTyPdsNcK4OrzitRH2+0HNTw70kClP/dfUWEvL4ssw3drCXhO7LjN+Crq IpdfHp0k7bkfIv/e5Lfg4ZZs4uV5obEyqaa+UP0IUTLrEau1syZd9Q== =lhft -END PGP SIGNATURE- - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWp+YQsQnQQNheMxiAQJTmwf9GMcFCQT0wZmBjJom7Ni3UHTz0eHyYEHS aCQ0aJ0VFz7WRxuHjlyfCaTkcwtMNQ3chos/wcLpNZ6gsSb4LIMLTXFkO6ibioWS f1IUVlcQ1EefekyZh/AC8DvH3pw+mejLsG7eUzUwNerbQ7bhh49q2lDZNjaBVlPu O48t8HV4Jt2X84GTo8vNkNmTc0PCs0ul+Y2Hg9H7WjTl8HMGH+YR/P1cTC6yk8dU JfQ1jhvBpdvXG8lccSehHrpJ7f76yuB9i7QUDVHy+193ECwkFHOfhFVwsm54Edpb nPJrygwyciDz57ItMABbDsaek66tZyVmUNEnLyaeKbkCw1XH3B7tuw== =3UkM -END PGP SIGNATURE-
Re: extra IMAP folders: how to make all clients use the same Sent folder?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 28 Feb 2018, Stanislaw Findeisen wrote: I have just setup IMAP with Maildir, but unfortunately some clients create their own folders instead of using those specified in 15-mailboxes.conf . What could be the reason? Because the clients do so. Here's what it looks like: B list "" * * LIST (\HasNoChildren \Sent) "." "Sent Messages" * LIST (\HasNoChildren) "." Gesendet * LIST (\HasNoChildren) "." Entw&APw-rfe * LIST (\HasNoChildren \Trash) "." Trash * LIST (\HasNoChildren) "." Papierkorb * LIST (\HasNoChildren \Drafts) "." Drafts * LIST (\HasNoChildren \Sent) "." Sent * LIST (\HasNoChildren) "." Ausgang * LIST (\HasNoChildren \Junk) "." Junk * LIST (\HasNoChildren) "." INBOX B OK List completed. Here for example "Gesendet" (meaning "Sent" in German) is a folder created by some Android client app. This app uses it to store its sent mail, while another client uses the Sent folder. Yeah. If the blue traffic sign with the bicycle on it tags the left road, many bicycles will choose this way, but some still choose the right road with the blue traffic sign with the pedestrian on it. The "\Sent" is a hint for client, which way to go. Either force your users to use another client, re-configure their client manuelly, or - sometimes - - the mail client needs to refresh its configuration. Also, is it correct that all those folders (both pre-made and extra) get created directly in the user's maildir, alongside cur, new, tmp and Dovecot index files? Shouldn't there be any subdir? Yes. What kind of subdir do you expect? - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWp++r8QnQQNheMxiAQKA+gf9FbHKK8aOvmK2wMKw7KCG2M/tIP/jG3th 5aGdiEzWAoiU9RNlAhW+7I8mzRknnmdoUI5wOGNLUdvlXxbYm0MBUuL8JJufNOCl 7eJ15/J03MWgPMKdANs2TePZNyNEtvkLxKNQJbYw4QY1AtaUXS1brPa8/qaIiHmo Nts9UWs1c/to1MzMPjWbBjkmlQ6ftKs8q6UkhQ+xv1YdfqD9ObV3xWIJHzWiUDFL zU7SnpwEm3m8Vj+z47NVFvtDDSk23CarFx3XnVXH56ThFPZU5VXqfsNxdwkY7gRz 3hs3dicwWNLf87jtTDL9o2d0cYj3KqZvgmmMAOapoY/dnq0U993mAA== =NbrQ -END PGP SIGNATURE-
Re: Accentuated email addresses stored in LDAP
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sun, 18 Mar 2018, André Rodier wrote: Every other alias works, but not those with accents. They are correctly stored in the LDAP database, using base64. Despite Aki's answer, whether it works at all, I would expect the enconding in LDAP is UTF8 instead of base64. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWq9ac8QnQQNheMxiAQIDPggAs2T7WwPYoHhIjl8r0Iyt00VFLnlqwECD IqFYL+aznVC2KXWzhK8Q9wZyQk1NyjNtEZnPUmsET0YUF9CK2P7WfruKLhqIH6VU ebLC7GXrCOeweaFsd81KFANyJ4XlsIkETceA6Myyzn6cgvYiaFptVa3n1y7LHx3P 6cmkCG0qwxM90+ucsZZkddkqCyaPQ8RbyFXTVp08ygAHIVhXALN5CWAR76B3KE1i q9WBh4PMTxu50gJDYBPHwONrz6qJ8JznnSwOKpxu7cTVPmMrwunqd4+s4EfqLl85 k+4DKOyUYIUeNTILAZ4kutXBf796ZFXAd4ADybVV9Q1ghltvbVTE/Q== =etDA -END PGP SIGNATURE-
Re: Accentuated email addresses stored in LDAP
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 19 Mar 2018, André Rodier wrote: I had to use base64 encoding to store email addresses, because they are rejected otherwise, with an error message of illegal characters. I also you are using the stock "mail" attribute in LDAP as: olcAttributeTypes: ( 0.9.2342.19200300.100.1.3 NAME ( 'mail' 'rfc822Mailbox' ) DESC 'RFC1274: RFC822 Mailbox' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) http://www.oid-info.com/get/1.3.6.1.4.1.1466.115.121.1.26 https://en.wikipedia.org/wiki/IA5STRING IA5 :- 7bit noticed that some of the fields, like 'dn' and 'cn' where automatically encoded in base64 when stored when including accentuated chars. you mean when you use ldapsearch or similiar tool to export data? LDIF traditionally encode all data in 7bit ASCII, which is noted by the double "::" after the LDAP attribute name. The data in LDAP is UTF8 and binary connections need not encode it either. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWq9lWMQnQQNheMxiAQL3ywgAtbWsT1U+PQgdK0D3StI9c44r8KgEG7dr AXhIvFPowuD3U0KH0ZJ8VHc+/WN0DMqCONvuaUyueaGY8bgqx+cNw8z01zMC9hTF xfs8x1lQsgikacyyjo3o9WehOJzgnlGvt33LLwjsI62WOLFE8PXnkZFXpkAWI1f4 yTWoTFOxPnAA90CDBS4aBHdBaFI0TwbiGP5oIyjGCvI1aHJSTy5lNKfwUkvTdI+L tH4Z0JDkB3YBnRVIL6ST5W7p0VvBAQo+ia+UXpsZ4b1t3/xYCKtNV0ls9jIoqVzg dEFeyUoKQe8k5N8k6/vVVElzwtW6fxzQUJQXj01u03udqVMmTqXhrw== =8rp9 -END PGP SIGNATURE-
Re: Accentuated email addresses stored in LDAP
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 19 Mar 2018, Andre Rodier wrote: In fact, I am using the otherMailBox attribute, from the standard OpenLDAP distribution, which is also IA5String. - Is there any way in Dovecot to encode the fields in base 64, to send queries? as the query is "eq", this would be enough, I think. Check out: https://wiki2.dovecot.org/Variables?highlight=(base64) However, I never used this modifier and Aki pointed out, that UTF8 usernames are not (100%) supported, yet. - Or is the LDAP server is supposed to store attributes as UTF8, and in this case, how to configure it that way? To achieve this, you must/can extend the schema with your own attribute that uses: https://www.ldap.com/understanding-ldap-schema "Directory String "The directory string syntax is basically a catch-all syntax for UTF-8 strings. It allows values with this syntax to have any combination of one or more UTF-8 characters (empty directory string values are not allowed, although some directory servers ignore this constraint). "The directory string syntax is defined in RFC 4517 section 3.3.6, and has an OID of "1.3.6.1.4.1.1466.115.121.1.15"." Otherwise, you could _misuse_ an exiting attribute of this type unused in your directory otherwise. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWrC/hcQnQQNheMxiAQLV+wf+P/gzADRyNSIQtILNKoN7eHEVPNGt9iVd TzHl5rka9XB89eUE2lsGjlURH3PIVqDKjtTEAl27CYiBr9OI66u+PvhE1o2lvY7R YBG1Z/R3n8FWF58HpxwJGBbY4iiPQKSvvRM43/Q2mYnEveyIBvNZawNo0okTNMOM bMSmpUhxGKsqmAeEoUQHOKrujAK0qfucZDI7nuSGjJeej7L2HXm3sEEKTEuYmUDQ E2ox5fAyIMURA+NINzdmk7chXu30DfWuHNY8jwezM3SEds5xlAy4x6qD6EZ4f7qP KnYEfxnYyISDqcXSy9AL20srIzn2OXiTA3/TiVOKFXpHrrst8kVCeg== =+Me+ -END PGP SIGNATURE-
Re: Sieve "redirect" changes envelope sender in 2.3. / pigeonhole 0.5
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 20 Apr 2018, Olaf Hopp wrote: On 04/20/2018 02:53 PM, Olaf Hopp wrote: On 04/20/2018 02:01 PM, Olaf Hopp wrote: Hi (Stephan?), is it a new feature of dovecot 2.3 /pigeonhole 0.5 that a sieve "redirect" changes the envelope sender of a redirected mail or simply a bug ? A sends mail to B, B redirects to C C sees B (not A!) as envelope sender. It is not a problem if C gets the mail but if that mail bounces for various reasons it goes back to B and A will never know about this. That's just one problem these days. Envelope *senders* should never ever be modified. If the domain of sender A has SPF records installed and B redirects to C, but keeps the envelope sender A, the SPF check will fail on C. Looks like any redirect has potential to fail, unless to establish some sort of SRS as well. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWt1u98QnQQNheMxiAQISqgf+JsHAG9PRFJ+A2XMOTgFN6fCeVHAHDA9+ bmoQV89lbU60TXyrEIsAsVafCZgNWpIeqI9x4gfkAEXkw9TW1AY0Sk7pk07K8Wbw G3aSpNI2VKFrgQ21ysLbiLn2urGapQzavmkV1UmWq4iIKfnNKPocFW+EXLWm7Gdx 7lXK9nMFwG0n8M3uLN8+p+quh6COF7cW0UKQmELcgYMBIiwZWbyTt9xo5Tj9eqsk blUaBHxREKQhs+FsgQPEaWsnE73wRUsWzt7yRRw+kZFa3r3OLUc1io9duc+AKJ2Y j3dkqq5bqHlDVoiprtdFVEicWhWgJ1t4YQWOZ8iLwprq2kwkHgk+gA== =cbC3 -END PGP SIGNATURE-
Re: end-to-end encryption
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 15 May 2018, Gandalf Corvotempesta wrote: I was looking at protonmail.com Is possible to implement and end-to-end encryption with dovecot, where server-side there is no private key to decrypt messages? Maybe the term "end-to-end encryption" has changed, but usually that means that clients are the "end". Hence, there are no keys on the server. There are some approaches to automatic key discovery and hosting with GnuPG's WKD / WKS. If I understood properly, on protonmail the private key is encrypted with user's password, so that only an user is able to decrypt the mailbox. When the encryption takes place on the server, the server admin is able to tinker the process, hence, this is no end-to-end. But, read Aki's fine answer about this. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWvvNJcQnQQNheMxiAQKGvggAmTSJypn1AnTbarajkEoTWw3q3ciBjDFP Ivv7ENlbXLVVEurx+KWCvP/eO3OnMunUKQjBcTqc9q4fuaDD8GK8CssP1I31oi1i FC4FPOU2U3WGlOjGmgCUsAJuQpdO3kyy28UGWZgmWLFOqDrGtBh3xEGJxOpxI3MH w1Sqhig9M//CBVT+cT5+jcQy2YxuHJODFQj0rhimdRXmK+xSsQioxlUrKpXihw1U n594pw9ogXkZPm5MoEsOahtqxwtXtWbzUqnQZiq3mPDWTtHj0YsSz2HoSAix8oJ/ mGOazhZwLTKYyRLjjTfzmKtT6XMvuHINqXIcrG78t7L9bJwIjdfpnQ== =VBMS -END PGP SIGNATURE-
Re: Cannot delete folder
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 21 May 2018, Yves Goergen wrote: May 21 10:36:14 mond2 dovecot: imap(yg@.de): Debug: Namespace : /var/mail/virtual/.de/yg/.Test doesn't exist yet, using default permissions May 21 10:36:14 mond2 dovecot: imap(yg@.de): Debug: Namespace : Using permissions from /var/mail/virtual/.de/yg: mode=0700 gid=default May 21 10:36:23 mond2 dovecot: imap(yg@.de): Debug: Namespace : /var/mail/virtual/.de/yg/.Trash.Test doesn't exist yet, using default permissions That's it. Thunderbird shows an error message with: [CANNOT] Renaming not supported across conflicting directory permissions (0.000 + 0.000 secs). Well, there is the first error, too: yg/.Test doesn't exist yet is it possible, that you are subscribed to a non-existant folder? Thunderbird (or some versions anyway) will display any subscribed folder, regardless if it exists or not. Dovecot fails to both delete or rename non-existant folders. Checkout the local file "subscriptions" in your mailbox storage. (Close any mail client before). - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWwPXicQnQQNheMxiAQLGFAf/Wzy0BkUBTROoi5qxzk+kjCdLVfpWkuth l5ubst9ktPmMbE1M3TFyL05ovAH1FPn+ebYTYOAS6ge2qrtgZoejzvtOxZ34hCnV gHR7P6fDA/Kj+NCO0xRzS522K/Y42JSgkg1MDGkauiJ4R+RoUabo6Fbi+EToUOGy b/oE8iDvG2toL06zUj1vptpq1kCjNDO3WKfb9DeNJQq186fpudSuz2VaHgr8lpCF zbKooIPPLLn+0QIYPpusoJMz3nAqGNrZC+gKdmdB83nhogUi5jAzwBNGmA9I/5yn g3mx68jM9cdWquHJWpJpgAlvAMys0fqz5dnZx/zNNd6d2X5pYzRRtA== =UED3 -END PGP SIGNATURE-
Re: Problem in Pigeonhole sievec
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 28 May 2018, Thorsten Hater wrote: I stumbled upon the following behaviour of Pigeonhole, which I consider to be problematic. A user deployed a Sieve script similar to the following snippet if not anyof (address :is ["from","cc"] ["...", ..., "...@... GARBAGE", ...] { fileinto "inbox.Trash"; stop; } Note the extra line break before GARBAGE. This script is obviously broken, but gets accepted by sievec and only fails later, at runtime with line X: error: found stray carriage-return (CR) character in quoted string started at line X. So, the question is whether line breaks in strings are allowed in general and the runtime error is unavoidable, or should sievec return an error? https://www.ietf.org/rfc/rfc3028.txt first hit of quoted-string quoted-string = DQUOTE *CHAR DQUOTE ;; in general, \ CHAR inside a string maps to CHAR ;; so \" maps to " and \\ maps to \ ;; note that newlines and other characters are all allowed ;; strings So, it's correct. But the address should reject the CR. I guess, Pigeonhole triggers the error for sanity purpose? - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWwvuQsQnQQNheMxiAQILoAgAyRjSObVJkrAmxzyLau9gIvvMOM2R++HP pwsptIQ72xoYJOO/Lnd1TmfKTE9QYwtOGkSKr8tiJVD8JOpL5fUbB6mZNOTXkAv0 TOW2gA7v06nXq6K0ETum8anoKTIF0o4j5aQJ5yQ5CrzlVQqUwTsf4mVVNqK0hn/L X5RAuCVQyx6sdvCB+lSOGmLv/fT8+xHS03U6jzCp/Yov5OKsT29oOOF6dXWR49Iw BL+DOd9T37hHF6ENp4A5wxX6iCMKLsWL0f5xTcxwRK5GOiCDoUH6ZpiywD0PtCuT VlusmbIByGON7foNlCPusTVcfq8GenMhOrgFcbp1PfRrShIQgsjWSg== =vgR1 -END PGP SIGNATURE-
Re: cant login to Dovecot
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 12 Jun 2018, Walter Ulmke wrote: un 12 12:30:06 ulmke2 dovecot[5814]: auth: Fatal: APOP mechanism can't be supported with given passdbs Config error. "Fatal" sounds fatal ;-) stats: open(old-stats-user) failed: Permission denied Likewise config error, but not fatal. Post your config - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWx+rFMQnQQNheMxiAQL4kgf+NIOIf/sUgrloibuBz2HyTEwsdFma7/OS jb7ibn9GkG5Q+72Jlfei/O6CG/v6t0poUgGrRhEOU6JTMLwkHB5PQgip8Spu4C1S K16HMRBHOibOjAhoS2JB/On2KRTb6qH3gNd//xuPbkM3tjTT3s+YoI3+Yg+2dVbp 3L4Bfb9ajosYzD3fb2L+UH1EFIyXY73GqUriXJCxApMbTTCGrvZQ6mEqObVCUqiR 8mbx72v4Es/RgXpXJT1DAvoJanGEbUk7YE7SWTHYUzQ3JyN9KtUYIgn6pca9mmWI y8GRn3nIHOI6ny2HCDp5SyFKQ7A0GJeVHLECUjD8Wv/uXF/8tpADWQ== =gFZM -END PGP SIGNATURE-
Re: cant login to Dovecot
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 12 Jun 2018, Walter Ulmke wrote: Date: Tue, 12 Jun 2018 14:23:30 +0200 From: Walter Ulmke To: dovecot@dovecot.org Subject: Re: cant login to Dovecot On 2018-06-12 13:14, Steffen Kaiser wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 12 Jun 2018, Walter Ulmke wrote: un 12 12:30:06 ulmke2 dovecot[5814]: auth: Fatal: APOP mechanism can't be supported with given passdbs Config error. "Fatal" sounds fatal ;-) see below. Update your mechs stats: open(old-stats-user) failed: Permission denied There is no stats config. Likewise config error, but not fatal. Post your config auth_mechanisms = plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi https://wiki2.dovecot.org/Authentication/Mechanisms?highlight=(apop) APOP: This is a POP3-specific authentication. Similar to CRAM-MD5, but requires storing password in plaintext. But PAM does not offer access to plain/text, IMHO. managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = pam } plugin { sieve = file:~/sieve;active=~/.dovecot.sieve } ssl = no ssl_cipher_list = ALL:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@STRENGTH ssl_options = no_compression ssl_prefer_server_ciphers = yes userdb { driver = passwd } - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWx/IGsQnQQNheMxiAQLZaQgAwqOE59dZoXqcBkYYmdgiej4glYRhjaSl kwZeY6aFHjoErXK9B2VmrL9atmcMWoI3cocoCzpk5lib5CDuAXdQujCWluT/B/CK 5597D/OG77GhlWhG73Dptytkc03qjx3l4XipkcVrNKtuKVtKO1POFnldfIyUb0mr v73XsTo6trbQu9+S+oK9nZGrUUnirGivz+aVj6Xe2JNke69H8Et6LOJdmQdDxKqR gmGKXwtPMspX5yKOb/4oOLnc6yzif+RVSdC8wcMyGc3dQapVIRKtFOceal5B3eu9 PopaPlTmLTA27GmbxlNbQYP/YZnAxlZTTCvls28fegm1mVfpQeQ9qg== =HFv8 -END PGP SIGNATURE-
Re: new problem
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 14 Jun 2018, Walter Ulmke wrote: 1) my inbox is "Posteingang". should I officially declare it somewhere? I now get the following error messages: Jun 14 00:23:32 ulmke2 dovecot[3981]: imap(ulw)<3997><4O/Xbo1uotLAqGQd>: Error: opendir(/u/ulw/Mail) failed: Permission denied (euid=503(ulw) egid=100(users) UNIX perms appear ok (ACL/MAC wrong?)) https://www.dovecot.org/list/dovecot/2014-November/098808.html Jun 14 00:23:32 ulmke2 dovecot[3981]: imap(ulw)<3997><4O/Xbo1uotLAqGQd>: Error: opendir(/u/ulw/Mail) failed: Permission denied (euid=503(ulw) egid=100(users) UNIX perms appear ok (ACL/MAC wrong?)) Jun 14 00:23:32 ulmke2 dovecot[3981]: imap(ulw)<3997><4O/Xbo1uotLAqGQd>: Error: Couldn't create mailbox list lock /u/ulw/Mail/mailboxes.lock: file_create_locked(/u/ulw/Mail/mailboxes.lock) failed: safe_mkstemp(/u/ulw/Mail/mailboxes.lock) failed: Permission denied Jun 14 00:23:33 ulmke2 dovecot[3981]: Error: imap(ulw)<3997><4O/Xbo1uotLAqGQd>: open(/u/ulw/Mail/dovecot.index.log) failed: Permission denied (euid=503(ulw) egid=100(users) UNIX perms appear ok (ACL/MAC wrong?)) Jun 14 00:23:33 ulmke2 dovecot[3981]: Error: imap(ulw)<3997><4O/Xbo1uotLAqGQd>: Mailbox INBOX: file_dotlock_create(/u/ulw/Mail/dovecot-uidlist) failed: Permission denied (euid=503(ulw) egid=100(users) UNIX perms appear ok (ACL/MAC wrong?)) Jun 14 00:23:33 ulmke2 dovecot[3981]: Error: imap(ulw)<3997><4O/Xbo1uotLAqGQd>: Mailbox INBOX: open(/u/ulw/Mail/dovecot-uidlist) failed: Permission denied Jun 14 00:23:43 ulmke2 dovecot[3981]: Error: imap(ulw)<3997><4O/Xbo1uotLAqGQd>: open(/u/ulw/Mail/dovecot.index.log) failed: Permission denied (euid=503(ulw) egid=100(users) UNIX perms appear ok (ACL/MAC wrong?)) Also, when I start Thunderbird I get the following error message: "der aktuelle Vorgang in "Posteingang" ist fehlgeschlagen. Der Server des Kontos antwortete (Serverbug) Internal error ocurred. Refer to server log WHERE IS THE SERVER LOG? What you've posted amd what contains a detailed error description. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWyH30cQnQQNheMxiAQJXkQgAybOI2jhLcRgIlEXOSuLq9tP3d3epkVHO QUZ3Ehd415NyVeXW4f7npOuycyRWpa0d8bwwnLwYITbHeNDtJMeVUWqfDMq6JIA3 x9I++9EifRlOacfcFrd24w1Ivtu2mNxs261Ii1wLDxEDaB6D8UvWPUS3vKZ+DPt8 oM7r5XS5M9NhedgmXcL+pnAiGSqUz+ucvuYSUf7ghsJZg/gJTE2Ogz+YOI+5O5HS YYt+6vqqrxUA3qcHc3iXLrf0U3AbMxXAIxaBVlxlOLkeFucyLL0R3jC6ubgB/AzL tpNqmoM7ftD0l7oJGM3fofFGaC6DrB2L8kFS2MRx263K291Z1KLFPQ== =sNJL -END PGP SIGNATURE-
Re: Sharing Mailbox between users using IMAP
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 29 Jun 2018, Remko Lodder wrote: On 29 Jun 2018, at 09:42, Luca Bertoncello wrote: Hi list! I have an account (let's say i...@mydomain.com) that should be read from more people. These people does NOT have an account on the server. Currently i...@mydomain.com is a forward to their addresses, but of course this solution has a huge problem: if info@ receives spam that the server does not recognize, the server forwards spam... Now I want to solve this problem and I had the idea to change info@ from "forward" to "local account". Then, I can read the E-Mails via IMAP. Now the question: if I have 5-6 people accessing the account via IMAP, has Dovecot (2.2.13 from Debian repositories) problems? Is there other solution, if the users don't want to have an account on the server? Emails can only be read if they are authenticated / authorized in someway to access the store. That means you might need to share the info@ credentials with the other people so that they can read it over imap or webmail etc. As Remko points out, you need some sort of authorization to access the messages. The easiest is an account on the server, the messages are located at. I would suggest one account for the "info" role, that shares its mailboxes to one account per (natural) person. That way, if one person is to deny the access, you do not have to change the password and give it to the other persons. If you have other ways of authorization, such as: IP address (remote side of connection), think about using those implicit ones. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWzXp4cQnQQNheMxiAQIJgwf+POvM8AN47w8fOypRZHjZN8izQgs0dAtB HCN6dXK8TNCEVrvNQhRW/zcKVzYp69N+hxcRbjUxK7JT57y/GqgrQX8byV8PSqtC G2SxmMZD82xYxt1TVe0Er54lj+TFU26kms2CiV2jNstJbK3hlTYTSNLsPACo1fSt x0bMn27zZnqBnBBdiO5hb+gAPzs2vJGGjAVrwoNI4qBISp09rQ+xxyweD7KgjUR3 Gn2kKZKTux+42Wil5R060BgmjC9kTBM17ZQexFjxKAvOxgkRZ4uzwxWNk1VEDft8 aV6ztCJE01IwjImqUF1BxHZn/M3NPmFCTOg3m4bj44p1h1U/Y3xMsw== =hAvM -END PGP SIGNATURE-
Re: Authentication failure with OpenLDAP
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 10 Jul 2018, Anushka Bandara wrote: * Error: User initialization failed: Namespace '': mkdir(/home/users/"user"/Desktop/Maildir) failed: Permission denied (euid=1000(myuser) egid=5000() missing +w perm: /home, we're not in group 100(users), dir owned by 0:100 mode=0775)* Well, what is >>"user"<<, >>myuser<< and "". Which information did you modified? Where is the correct data? Which permissions does /home/users/"user"/Desktop usually have? Is the uid/gid of /home/users/"user"/Desktop correspond to euid=1000 and egid=5000 ? How should I give the permission to overcome this error. This is a dovecot error. LDAP authentication is successful. And also, I don't know the default user whom is creating mail directories for mail users. I think the problem will be solved if I grant user the permission. But I don't know how to grant. Maybe, maybe not. On Tue, Jul 10, 2018 at 2:54 PM, Aki Tuomi wrote: Turn on auth_verbose=yes and auth_debug=yes and post logs. --- Aki Tuomi Dovecot oy Original message From: Anushka Bandara Date: 10/07/2018 08:53 (GMT+02:00) To: dovecot@dovecot.org Subject: Authentication failure with OpenLDAP Hi all, *Dovecot version: 2.2.22 (fe789d2)* *Ubuntu version: 16.04* *OpenLDAP version: openldap-2.4.42+dfsg* Configurations *# 2.2.22 (fe789d2): /etc/dovecot/dovecot.conf# Pigeonhole version 0.4.13 (7b14904)# OS: Linux 4.10.0-28-generic x86_64 Ubuntu 16.04.3 LTS disable_plaintext_auth = nolisten = *log_path = /var/log/dovecot.logmail_location = maildir:~/Maildirnamespace inbox { inbox = yes location = mailbox Drafts {special_use = \Drafts } mailbox Junk {special_use = \Junk } mailbox Sent {special_use = \Sent } mailbox "Sent Messages" {special_use = \Sent } mailbox Trash {special_use = \Trash } prefix = }passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap}protocols = pop3 imapservice auth { unix_listener /var/spool/postfix/private/auth {mode = 0666 }}ssl = nouserdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap}* I am having "*Authentication failed" *problem with dovecot-ldap. Before it, I had binding error and I fixed it. Now I am having authentication problem when I am trying to log dovecot (usign telnet localhost 110) using a user which is created in ldap server. I can provide any configuration file and I did this configurations according to this " https://help.ubuntu.com/community/DovecotLDAP";. Now I am having an authentication error. Thank you - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBW0XKBsQnQQNheMxiAQIa/wf+NaN70/blWGeyOWyqiEwLap/OY1V69QyU RzKmz6ui+xCo/ULn5JUdH60t5Ye+sUPQg5TfVCSANR1Tl7in8rv0ZFmMglUquNUW gVXR9McSePdZYp/1ZO2Z8Rkz4YM0Ou9jDzolruWI1Qlcoz/QJNFheWP4LzlxFbzb su2uTUJwUAD8yj0yU2UNuOdoeoexn/YI8tlAzJtaIIKf2Zr1Hq7+EdsDKLC8U2xL EA6/lGknCM+K2fAnPdU14T2jjSeCyKU5ciUwQ3RlO6Vcm8U127+CTk4WbSdyNdgB 2f56zT3yXrH4lYAMtRsHTDjRWRRMg0y5G9OfsFlislIyjlaHv4N8Dg== =v6my -END PGP SIGNATURE-
Re: Dovecot and Sieve setup
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 16 Jul 2018, Will Merkens wrote: I thought I had sieve working I could create the rules in TB and it says it's communicating properly and saves the file but the sieve rules do not seem to be working. when I look at /var/spool/maildir/domain/user I see Maildir Maildir =uid=1000 inside Maildir =uid=1000/sieve I see my sieve script I created Test.sieve and a tmp directory Should not this be in the main Maildir/sieve directory. See https://wiki2.dovecot.org/VirtualUsers/Home "Home vs. mail directory", first you should make sure that mail dir != home dir, hence, "sieve" is no longer below Maildir. 2nd: make sure that you have enabled "sieve" as shown on https://wiki2.dovecot.org/Pigeonhole/Sieve/Configuration . As you see, Sieve works only, if you use Dovecot's LMTP or LDA. 3rd: verify ManageSieve https://wiki2.dovecot.org/Pigeonhole/ManageSieve/Configuration . If you want to have an opinion about your configuration, you ought to post it. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBW02ETMQnQQNheMxiAQLX+QgAipteOUjkk3M0qGRBjfAk0x1+plGTU9de d6ETnIXX6XB0EeIHAfCYhxil8cMvc3e8XnHjf4ltoQ6JiYBUHLw9b7bMG9CTNzHX th6euh6Jtf+LlL9QPslG6C6z4g/6OBc5xulfE218W2ivx5oGxeD6/tnDIbS/Rhev lkGcmeG9Z9WUr6GfwIW3beLMO7FiCHsAlpB2rwUxTavX4kUzn3HBq2vmVzXAJsJu WB/NSY7lBmjAlR2skdljoHEWOK2CYPCDN3ogRKqDU/wS6rxiDDsbtOh6L+iEXEL6 RUnx4HkYN9kpHRgn1dwH39D+nHitTNFpgsPrOEnhp/0osqAR5v5uKw== =i7XU -END PGP SIGNATURE-
Re: folders not visible on copied mail folders
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 16 Jul 2018, Mark Foley wrote: We had a user quit recently. Three days ago I copied his entire Maildir folder to another user to that user's Maildir/.JoesEmail. I changed ownership and made the permission 'chmod -R og-rwx .', just like all the other files/directories of the new owner. This didn't work to show the new folder. Today, in his Thunderbird client, I subscribed to the 'JoesEmail' folder. I restarted dovecot and restarted Thunderbird. In Thunderbird, the 'JoesEmail' folder now shows, but it is empty and shows none of the subordinate mail folders. I ran 'doveadm index -u newowner JoesEmail' and 'doveadm force-resync -u newowner JoesEmail'. This didn't help. I did this once before with a previous user who quit and only changed ownership, no subscribing, no doveadm, and that worked. What am I doing wrong? Your description might be interpreted one way or another, esp. "copied his entire Maildir folder ... to that user's Maildir/.JoesEmail". Also, it depends on how you have configured mail_location. If this means that you have: Maildir/.JoesEmail/{new,cur,tmp} Maildir/.JoesEmail/.mailbox/{new,cur,tmp} Maildir/.JoesEmail/.mailbox.submailbox/{new,cur,tmp} now, that will clash with the standard Maildir format: https://wiki2.dovecot.org/MailboxFormat/Maildir You would need to move the subfolders with a leading dot of .JoesEmail into: Maildir/.JoesEmail/{new,cur,tmp} Maildir/.JoesEmail.mailbox/{new,cur,tmp} Maildir/.JoesEmail.mailbox.submailbox/{new,cur,tmp} If you use :LAYOUT=fs to mail_location, .JoesEmail should spell JoesEmail Subscription is needed only, if the mail client "displays subscribed folders only" or does not "display all folders". The meaning of the setting varies from client to client. Another way would to keep the other account and share it via ACLs: https://wiki2.dovecot.org/SharedMailboxes/Shared - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBW02HYMQnQQNheMxiAQKykggAsmr3CfQNaw0K+vx/OhyH5VUbJ/RI5vvG 92ZmNdrkQf0qB8/NADCljz7vYa5aRGFlEjOjEn5Piww6238uQBce/m/aN1v7ax4+ asF22sPF5G+Q2DZhBVvm4sGrWvgzNt2xhPF3jedF0oRZ5PZ0GEH88ZO1JEy/Xj/p 1IJuFlU8b8kUNDmaR2cZcIucJLBp7067UJWY/4VPfA19yK9HJKIY0IkeDeFBG/pT Sg7Au9MiiIxxhmqRbmOi4nbUkc8mZ9WpCAxEVhDIDeOjn8d+o/xzJ7Cdv9EA2Rj4 1ViL2ET0yIsaiSvL95sMr3kO0eRutAXP6aHV5arjfGkXQWDD5zthmA== =gn2m -END PGP SIGNATURE-
Re: folders not visible on copied mail folders
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 17 Jul 2018, Mark Foley wrote: On Tue, 17 Jul 2018 08:06:24 +0200 Steffen Kaiser wrote: On Mon, 16 Jul 2018, Mark Foley wrote: We had a user quit recently. Three days ago I copied his entire Maildir folder to another user to that user's Maildir/.JoesEmail. I changed ownership and made the permission 'chmod -R og-rwx .', just like all the other files/directories of the new owner. This didn't work to show the new folder. Today, in his Thunderbird client, I subscribed to the 'JoesEmail' folder. I restarted dovecot and restarted Thunderbird. In Thunderbird, the 'JoesEmail' folder now shows, but it is empty and shows none of the subordinate mail folders. I ran 'doveadm index -u newowner JoesEmail' and 'doveadm force-resync -u newowner JoesEmail'. This didn't help. I did this once before with a previous user who quit and only changed ownership, no subscribing, no doveadm, and that worked. What am I doing wrong? Your description might be interpreted one way or another, esp. "copied his entire Maildir folder ... to that user's Maildir/.JoesEmail". Also, it depends on how you have configured mail_location. If this means that you have: Maildir/.JoesEmail/{new,cur,tmp} Maildir/.JoesEmail/.mailbox/{new,cur,tmp} Maildir/.JoesEmail/.mailbox.submailbox/{new,cur,tmp} now, that will clash with the standard Maildir format: https://wiki2.dovecot.org/MailboxFormat/Maildir You would need to move the subfolders with a leading dot of .JoesEmail into: Maildir/.JoesEmail/{new,cur,tmp} Maildir/.JoesEmail.mailbox/{new,cur,tmp} Maildir/.JoesEmail.mailbox.submailbox/{new,cur,tmp} If you use :LAYOUT=fs to mail_location, .JoesEmail should spell JoesEmail Subscription is needed only, if the mail client "displays subscribed folders only" or does not "display all folders". The meaning of the setting varies from client to client. Another way would to keep the other account and share it via ACLs: https://wiki2.dovecot.org/SharedMailboxes/Shared Steffen Kaiser Steffen, thanks for your reply. I did have the copied folders as shown in your first example. I changed that to what you show as the remedy. The target user's Maildir folder now has: drwx-- 5 mpress domusers 4096 2017-06-28 20:07 .Deleted\ Messages.Junk/ drwx-- 5 mpress domusers 4096 2018-07-16 23:22 .Delta\ Dental/ drwx-- 21 mpress domusers 4096 2018-07-17 16:48 .Dennis\ Email/ drwx-- 5 mpress domusers 4096 2018-07-16 23:15 .Dennis\ Email.Deleted\ Items/ drwx-- 5 mpress domusers 4096 2018-07-16 23:15 .Dennis\ Email.Deleted\ Items.Sent/ drwx-- 5 mpress domusers 4096 2018-07-17 17:02 .Drafts/ drwx-- 5 mpress domusers 4096 2018-07-17 16:35 .ESI/ Where '.Dennis Email' is the folder for the old user. I copied the old user's 'Maildir/.Deleted Items' and 'Maildir/.Deleted Items/Sent' to the target user's 'Maildir/.Dennis Email.Deleted Items' and 'Maildir/.Deleted Items/Sent, respective. That how I understood what you advised. There are more such subfolders, but I thought I'd try this one first. However, still only the "Dennis Email" folder shows in the mail client, empty, no sub-folders even though "Deleted Items.Sent/cur" has plenty of mail files (1522). I did try running 'doveadm index -u mpress "Dennis Email"', again; and restarting dovecot and thunderbird again, but still nothing. First check if Dovecot thinks the folders are there: doveadm mailbox list -u "mpress" | grep Dennis Then make sure that each of the three folders contain the cur, new, tmp subfolders. Does the Dovecot log contains something? - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBW07OusQnQQNheMxiAQLf+Qf+N1Itpq1Zfa94rgIslD5ZaH8dTNVZDMil rBKD7bAQw9pVW4nzSfhPPWtSi07JgSgOkp+Z2UCeRFH5ehRtEs8js8vrUBelJ9UE mcKiI+3EjfSKbFEI1N8lqA1g+0LT5mrPgFzuglXBlTTM0QWe/XxT2bWYza+k+n95 ifLunVhlDYuedZQyY5vl5Vz+Q943RuDKMOqfL519dXqSXlUtDw8lP2eiu+H5BL/g dK2ihgfXqffBmz9wBttJsczSBJhDgXrLEIeSBwiuSBONa4SCllBBzNEzs9aMyruI pzswT/HK/8xT6T4s14ktQRAi1ZAnQdgAmPs/7YutG0MeuQjZ5yjKtw== =jXNX -END PGP SIGNATURE-
Re: Sendmail Dovecot Trouble
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 18 Jul 2018, John Rowan wrote: /var/mail is a symlink to /var/spool/mail I tried both, neither works. I just wiped out the server, reinstalled from scratch this time I selected e-mail server while selecting packages after specifying GUI-server on the CentOS install. I had previously installed Dovecot after the initial server build. This time Dovecot was installed and active at boot but still can't find my mail in /var/spool/mail. Actually, I would use the LMTP service anyway, https://www.dovecot.org/list/dovecot/2013-August/091799.html On 7/13/2018 11:44 AM, Aki Tuomi wrote: Should your INBOX path be /var/spool/mail/%u then? --- Aki Tuomi Dovecot oy Original message From: John Rowan Date: 13/07/2018 17:44 (GMT+02:00) To: dovecot@dovecot.org Subject: Sendmail Dovecot Trouble I've been struggling trying to get Thunderbird to read e-mail off a CentOS 7 server. Sendmail writes mail in /var/spool/mail I've configured dovecot to try to read from there using Thunderbird (POP3/SMTP). The firewall allows ports 25/110. I verified I have mail in /var/spool/mail but Thunderbird is unable to retrieve that mail. I've googled sendmail / dovecot config, I've looked a the wiki but I just can't figure this out. Please don't suggest using postfix, I just want to get sendmail / dovecot working. [@mail conf.d]# dovecot --version 2.2.10 [root@mail conf.d]# dovecot -n # 2.2.10: /etc/dovecot/dovecot.conf # OS: Linux 3.10.0-327.36.3.el7.i686 i686 CentOS Linux release 7.2.1511 (AltArch) auth_mechanisms = plain login disable_plaintext_auth = no mail_location = mbox:~/mail:INBOX=/var/mail/%u mbox_write_locks = fcntl namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = pam } protocols = ssl_cert = https://www.avast.com/antivirus - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBW1AiFsQnQQNheMxiAQKAuwf/WMAPR53fmIhCgKLdzkjpSECzizC0cWoV WZMKIwFHmVftPISCpGGgaKCci8SOBGAHDTSC0s/sALkQ4czp45NufblP4I0xcXDU lPxu3yEsomGqcyNpdWT0L0mDvc5XdWB1wj57fvLUqcdupOJ0D6UbHQmbmaXfrLhQ yT3SFe8ylhBtLgAV3uIWs4VXR4Pb8lQC+iFjIiTqCcfhti9DalROTAbw4MGdYeSc eqMMLOI+1ejAlPiiWmC9t1tPc+sSmUFmH+W4xX7wPYORHKCASkFYFmu2SkWTNFT5 y1/8IcZVJQ1wy9CkYmparb8FbqCa/o++BPoYIsC76wbaFSEKwmb5Bg== =ewMN -END PGP SIGNATURE-
Re: folders not visible on copied mail folders
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 19 Jul 2018, Mark Foley wrote: On Wed, 18 Jul 2018 07:23:06 +0200 Steffen Kaiser wrote: On Tue, 17 Jul 2018, Mark Foley wrote: On Tue, 17 Jul 2018 08:06:24 +0200 Steffen Kaiser wrote: On Mon, 16 Jul 2018, Mark Foley wrote: We had a user quit recently. Three days ago I copied his entire Maildir folder to another user to that user's Maildir/.JoesEmail. I changed ownership and made the permission 'chmod -R og-rwx .', just like all the other files/directories of the new owner. This didn't work to show the new folder. Today, in his Thunderbird client, I subscribed to the 'JoesEmail' folder. I restarted dovecot and restarted Thunderbird. In Thunderbird, the 'JoesEmail' folder now shows, but it is empty and shows none of the subordinate mail folders. I ran 'doveadm index -u newowner JoesEmail' and 'doveadm force-resync -u newowner JoesEmail'. This didn't help. I did this once before with a previous user who quit and only changed ownership, no subscribing, no doveadm, and that worked. What am I doing wrong? Your description might be interpreted one way or another, esp. "copied his entire Maildir folder ... to that user's Maildir/.JoesEmail". Also, it depends on how you have configured mail_location. If this means that you have: Maildir/.JoesEmail/{new,cur,tmp} Maildir/.JoesEmail/.mailbox/{new,cur,tmp} Maildir/.JoesEmail/.mailbox.submailbox/{new,cur,tmp} now, that will clash with the standard Maildir format: https://wiki2.dovecot.org/MailboxFormat/Maildir You would need to move the subfolders with a leading dot of .JoesEmail into: Maildir/.JoesEmail/{new,cur,tmp} Maildir/.JoesEmail.mailbox/{new,cur,tmp} Maildir/.JoesEmail.mailbox.submailbox/{new,cur,tmp} If you use :LAYOUT=fs to mail_location, .JoesEmail should spell JoesEmail Subscription is needed only, if the mail client "displays subscribed folders only" or does not "display all folders". The meaning of the setting varies from client to client. Another way would to keep the other account and share it via ACLs: https://wiki2.dovecot.org/SharedMailboxes/Shared Steffen Kaiser Steffen, thanks for your reply. I did have the copied folders as shown in your first example. I changed that to what you show as the remedy. The target user's Maildir folder now has: drwx-- 5 mpress domusers 4096 2017-06-28 20:07 .Deleted\ Messages.Junk/ drwx-- 5 mpress domusers 4096 2018-07-16 23:22 .Delta\ Dental/ drwx-- 21 mpress domusers 4096 2018-07-17 16:48 .Dennis\ Email/ drwx-- 5 mpress domusers 4096 2018-07-16 23:15 .Dennis\ Email.Deleted\ Items/ drwx-- 5 mpress domusers 4096 2018-07-16 23:15 .Dennis\ Email.Deleted\ Items.Sent/ drwx-- 5 mpress domusers 4096 2018-07-17 17:02 .Drafts/ drwx-- 5 mpress domusers 4096 2018-07-17 16:35 .ESI/ Where '.Dennis Email' is the folder for the old user. I copied the old user's 'Maildir/.Deleted Items' and 'Maildir/.Deleted Items/Sent' to the target user's 'Maildir/.Dennis Email.Deleted Items' and 'Maildir/.Deleted Items/Sent, respective. That how I understood what you advised. There are more such subfolders, but I thought I'd try this one first. However, still only the "Dennis Email" folder shows in the mail client, empty, no sub-folders even though "Deleted Items.Sent/cur" has plenty of mail files (1522). I did try running 'doveadm index -u mpress "Dennis Email"', again; and restarting dovecot and thunderbird again, but still nothing. First check if Dovecot thinks the folders are there: doveadm mailbox list -u "mpress" | grep Dennis yes: # doveadm mailbox list -u "mpress" | grep Dennis Dennis Email Dennis Email.Deleted Items Dennis Email.Deleted Items.Sent That means: Dovecot sees them, but your client is not. Are you absolutely sure the client is set to "display all folders"? Secondly, make sure Thunderbird rescans the folders. Sometimes you need to collapse *certain* levels and expand them. I mean, collaps the whole tree of the account, then expand it again, see if the triangle in front of Dennis Email appeared, tap there, a.s.o. I have a Thunderbird client, that for whatever reason I don't know, "forgets" about a certain hierarchie (subtree) now and then. As another test, you could speak IMAP: telnet localhost 143 1 login mpress "pwd" 2 list * * 3 lsub * * You could manually add those to the subscription file, if LSUB does not display the folders. LSUB displays only subscribed folders, LIST displays all. Then make sure that each of the three folders contain the cur, new, tmp subfolders. They do: drwx-- 2 mpress domusers 4096 2018-07-13 14:30 ./.Dennis\ Email/cur/ drwx-- 2 mpress domusers 4096 2018-0
Re: Dovecot pop3d and imapd problem
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 23 Jul 2018, John Paul Iglesia wrote: Recently, i had issues on dovecot. All packages of dovecot were installed on my system then suddenly when I checked yesterday the packages for dovecot-pop3d and dovecot-imapd were no longer on the list of app installed. Because of this dovecot service stop running. I checked the apt history log, term log and even dpkg log, there were no information about removing the packages. It just shown on my apt list the packages were not longer there. I had to reinstalled these 2 packages just to make dovecot run and for me to be able to receive and send messages. What do you think is the problem, is it dovecot bug? Dovecot does not entangle itself with the package management of the system. So: No, it's no Dovecot bug. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBW1V1hMQnQQNheMxiAQK8jAf/X+tVqkO8HTAeF6gxRtKBTvv+oczRizxl BzaKZAfJyvtY21hO0TTViDzk2vDjYUo9tQEMK+qvwFTg8ZclIisRwgDeJcwQa1by irtRAY/djuagcKkVUdGZRXFauECFnnTxJvN5HPO8udwbfe1gzg6iQIpD0eJ/ppgh Qo7JRY6qCh9hzFRaoaEBdd2YF4qlHAbrwygaLHDrq5wzJphqTgTCDMAU542/IdZO irN3PsFXvaNISXF4XPn5nYPY6H6qBYgNK6hlsNNTyagBSqXiDVVD8i68G8BP/bFQ oSTnE+h2kjGYdMcvfltSOjGNesTPRH1yzTBcfmaXe3aZDNglJh9C3w== =4G9A -END PGP SIGNATURE-
Re: doveadm who reverse dns lookups
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 24 Jul 2018, Michael Grant wrote: Perhaps this is a feature request... It would be nice if the ‘doveadm who’ command printed out the reverse dns name of where the user was logged in from. Would it be possible to either add some option to doveadm who for this, or make it the do it by default and add a ‘-n’ option (like many of the other programs that look up ip addresses by default) and take a -n option to not do that? Not sure if that would break some existing thing which is why I hesitate. Might be safer to add, say, a -r option to do the rDNS lookup. Hmm, use the Unix construction kit: doveadm who| perl -np -MSocket -e 'sub addr { my $i = shift; my $iaddr = inet_aton($i); return gethostbyaddr($iaddr, AF_INET) || $i; } s/((?:\d+\.){3}\d+)/addr($1)/eg' - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBW1gMSsQnQQNheMxiAQJaLgf/UYjZaKZU4yUN9YdGhFdq+4+6GKk/UFpG tT99rNSwYVnk1rBwaW07fkDMV0HcuFmB6gDpDx6D2hVW/yNJWvi1PQTb+GZvbB9P QRXamrB0WRVBcq5v4FM7QuNiMW921pJ6MWt03vDzhPHSMd/y99B3ZCz2gbMQuUVG rj3X+YxhMoQUGTgvPEsZ2TGbRE5VNWojUEbCnlSUGOuRtwKMrmaahzKGHsrf8Dub fzNrEJ8mxrySgC79+2FdLInv+YiguE3Xv6rN2c1tygC7sDeETfloe0GL3kWnUw4L bhhf+mcpzyqoutfcGCM9ggHieXBQk9xKsMBhftT3dAZ/f3Rok/eZHA== =2JK3 -END PGP SIGNATURE-
"For end user, only PGP or similar provides sufficient security against admin." (was: [trees-plugin] - Dovecot index gets corrupted,^M when using maildir and recievend and accessing mail at the same
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sat, 11 Aug 2018, Aki Tuomi wrote: While this is true, it can be useful to encrypt messages in-rest at 3rd party storage. For end user, only PGP or similar provides sufficient security against admin. Nice, short, pinpointed words I will file away for upcoming discussions. And I will file M's response, too, for the management. Thanks both of you. Original message From: "M. Balridge" Date: 11/08/2018 13:56 (GMT+02:00) To: Dovecot Mailing List Subject: Re: [trees-plugin] - Dovecot index gets corrupted, when using maildir and recievend and accessing mail at the same time Quoting Joseph Tam : Another privacy plugin that assumes the server operator is unmotivated or respects your privacy anyways, and won't just skim your password right off the top to look at your mail. A vault with steel walls and a dirt floor. *SIGH* As usual, you're right on the money, Joseph. I used to let things like this "slide", but somewhat recently I've had some clients badgering me to implement something like this. It takes longer than it should to explain how pointless the exercise is. Given that: 1) Email transactions, from submission, to delivery, to final reception by a MUA, are done with plaintext contents. Those who want security, will undergo the additional steps and hassles with using PGP to encrypt the contents, providing the only demonstrably secure (against "Evil SysAdmins") means of cloaking your content. The submission, delivery, and final reception is still performed as "plaintext", albeit with an attachment that is encrypted, a process done (and undone) by the ultimate endpoint clients. 2) Even if the "Evil SysAdmin" doesn't scribble all of the users' passphrases into a log, it's trivial for various tools, many of which were hastily cobbled together during the fad of implementing Sarbanes-Oxley Act (SOX) compliance on mail servers. Tools like "milter-bcc" and friends which automatically clone all email submitted to or arriving through SMTP, etc. It doesn't matter if your SMTP software implements 65,536 Jiggabyte Key Quantum-Computing-Resistant crypto, when it has the decrypted contents in its spool. I imagine this is an exercise in buzzword collection, and to be seen to be "doing something" to improve security and/or privacy. If privacy is desired, there are only end-to-end encryption/signature schemes to ensure anything at all, and even there we're at the mercy of mathematical gods greater than we. Looking to a "magical" oracle on your server to do it for you, whilst keeping all of the leaky, plaintext, and promiscuous protocols (DSN, bounces, intermediate MXer hosts that eruct contents to various envelope addresses, etc) that will betray you behind your back without a moment's notice is a Fool's Errand. Think it over. =M= - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBW3ErEMQnQQNheMxiAQJZ+Qf9ECwe0SZXwClaM+wHBVdsOPLPuL6rkSzV TAkPe7bV2jnqUL8J0I7F46MW4yV76ttbWMbZ3wP6Mom2roNOqGoQIxWsQLkgZvib Wdg29L0nsMkHY6A5zCRM/n4rvNi/xDHIUWIinZRUWvFr8J6WWkSaYneX2Xjvf6tF 24nj+tqcuYtFomsY802WySgovLZi5y0s8nSSkQ9nnPA44hpozfbQXXf/pO14D2BL vhsiqvLKnS/3wY83Y05RLCsojfQDG3Vbqgm6qV9qkpOtGN9sLV/ufXc8tui070UW FDmV5S/KnP8Z7ru9Hq83JEhxkaApPhcKqIQcpjUIeWyobIwvYr718A== =cbbG -END PGP SIGNATURE-
Re: doveadm mailbox delete not working
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 14 Aug 2018, Ralf Becker wrote: Date: Tue, 14 Aug 2018 15:13:12 +0200 From: Ralf Becker To: dovecot@dovecot.org Subject: doveadm mailbox delete not working I have a user who has several folders in his mailbox, which we can not delete, neither via IMAP nor via doveadm: root@ka-nfs-mail:~# doveadm mailbox list -u | grep hbereiche | cat -v INBOX/[Fachbereiche ^M Any ideas? I haven't seen this idea and you've wrote nothing about the ^M: The ^M means that there is a "\015" / \r at the end of the output. Where does this char come from? In "normal" output, this char is almost invisible, esp. at the end of a line. I don't know how Dovecot handles this char internally. The char should show up in the JSON formatted list, Aki suggested, too: doveadm -fjson mailbox list -u user INBOX/* But I haven't seen the output in your replies. Can you verify in the filesystem, if the char is there, too? E.g. ls -1 | cat -v Maybe doveadm mailbox delete -u 'INBOX/Fachbereiche '"\015" Would help? - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBW3QxbcQnQQNheMxiAQJ1vggAmYnlV4xnMJmec34RnpkQpHlz+NK+JnPY JYB3HsI4RwShJwFp7kDpa8GQDub4Hml249v2Hy2TAd270j7QYJn258vyLMJjrIzy Gi82Q/M65mF6seYtOXsR6sl9qqXcEZaVPsSUmHTpP+JfNEGye1RCfuqoaoV0pSuu Kdv8naUDtdTvXVqJfe3McPRbx/+PZouMGLk1AuH3ol0fM+K4SMM65eZDp4VlbZvb ZBklQleH7K8bz2p1rV6yhsJ/1KooS/QgaGz4Ejfm5U2FVFb2dpuAkVFNMu1LpJP9 gD9Y5cH6CbuPYlp2t/8xrozIUpZ/q7CBfdRZVdm3DsaiEnRtq4g4Lg== =OaBM -END PGP SIGNATURE-
Re: How to send mail to mailbox with disabled domain?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 11 Sep 2018, Kai Schaetzl wrote: Gerald Galster wrote on Tue, 11 Sep 2018 20:49:17 +0200: Is this a dovecot problem on your side? dovecot usually accepts mail from MTA like postfix, so it would be better to remove example1.com from postfix relaydomains (mailbox domains, alias domains, ...). Then there is no delivery to dovecot. Most MTAs ignore MX records - if a domain is configured locally, it gets delivered. Thanks for your reply. I don't want the MTA to deliver that domain. As an email address. But I want to deliver to the virtual mailbox of that name. That's the point. I make a distinction. lmtp doesn't ;-) I don't want some.addr...@example1.com getting delivered. But I want some.otheraddr...@example2.com getting delivered. Which just happens to be aliased to the mailbox "us...@example1.com". And example1.com is disabled for mail. "aliased to" seems to be a job for the MTA, hence, it will never deliver to Dovecot, if the domain is disabled there. I used to have mailbox names of "user1" (system accounts), not of "us...@example1.com" (virtual mailboxes). There doesn't seem to be a way to have virtual mailbox names like "user1". Not a problem - until you remove the mailbox domain from the accepted domains. Then it suddenly doesn't deliver although it's not getting used as an email address. Delivery is done via postfix/lmtp which actually is dovecot lmtp if I understand correctly. And lmtp resolves "everything". I can't deliver to a virtual mailbox named only "user1" it seems (I tried it some months ago and hit several weird problems, so I stopped that). I have to use a "user@domain" combination mailbox and the domain has to be in the local- host-names table or postfix/lmtp won't understand it's local. But then it will try to file all mail for this domain locally and it will also accept mail for this domain from outside. You can configure multiple userdb's in Dovecot. Also, a userdb of LDAP or SQL can use %u, %n and %d. Hence, you can configure Dovecot to "find" the user by "user1" and "us...@example1.com". However, you must ensure that only one entry is found. However, can you configure Postfix to pass one kind of users without domain and the other kind with domain? So far I came up with two ways to work around this problem: 1. use another domain for example1.com mailbox names (for instance example1.localmail) and put everything in place that it resolves locally and is in the local-host-names table. It works, I tested it. But this requires changing all the already created mailbox names. And change the code behind the web interface. This depends on the userdb. You can use the dummy domain as key and return specific mail locations. 2. set example1.com to be deliverable again and don't setup any addresses (aliases) for this domain. As the mailboxes are not directly deliverable to, only if they are aliased, there is no way to send to this domain from outside. And I have to put up a few aliases for it that forward mail externally to some subdomain that isn't locally configured. Or just have it sent right-away this way. Both things are not the real deal, though. Kai - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBW5ijTMQnQQNheMxiAQKBOQgAtxitoGR1lHLIEGi7WANWDa/N7QbrRypt LVel1D6xrbEyDZva8eRiapuf9O0LRpjEdOCPLkxQZPu45a/kzL7/ohcYnYsP7zW+ 7Xt0zKArFvQ/NS+7wrYL6gh/mYQwtpF53/R1jnOG6qvR1T6MZtvDfcTl8FTWftG5 WVdafzUka20caxicRHX/zLSYhpOBpycCoUezEm3msXb1RrTywat8qiagFhS2Ui5q teHwwQQUPDCizhkoLi1rOrgn715oNQKI+5YkTMVgmrCygYCsURRN5M0p6uyOzJAp GNYFGjbgbWqCtrYXPkac5/y9PCuhPQn/yUHVIraLjzGd/1OL8wyK/Q== =Z5Mu -END PGP SIGNATURE-
Re: Authenticate users using their firstname
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sat, 29 Sep 2018, Fady AL HAYALI wrote: I'm setting up a Postfic and Dovecot with LDAP email server. My users in LDAP is like this: dn: uid=firstname,ou=People,dc=domain,dc=com uid: firstname uidNumber: 4025 gidNumber: 4025 givenName: firstname objectClass: top objectClass: person objectClass: posixAccount objectClass: shadowAccount objectClass: organizationalPerson objectClass: inetOrgPerson loginShell: /bin/bash homeDirectory: /home/firstname cn: firstname lastname mail: firstname.lastn...@domain.com<mailto:firstname.lastn...@domain.com> This is how I connect Dovecot with LDAP hosts = ldapserver ldap_version = 3 base = ou=People,dc=domain,dc=com deref = never scope = subtree user_attrs = user_filter = (&(objectclass=inetOrgPerson)(uid=%n) pass_attrs = uid=user,userPassword=password pass_filter = (&(objectclass=inetOrgPerson)(uid=%n)) default_pass_scheme = SSHA When I enter a user's email address and password as the following: email: firstname.lastn...@domain.com<mailto:firstname.lastn...@domain.com> password: password and according to my setting which I used "%n" as you see above, the username used to authenticate is "firstname.lastname". I checked the Dovecot variables but I couldn't find something useful in this case to manipulate the "%n" variable. I would like to keep using email addresses as "firstname.lastn...@domain.com"<mailto:firstname.lastn...@domain.com> but authenticate users using their first name. I really hit a wall here and any help will be much appreciated. Well, for me, this sounds strange, using firstname only. Why not let your users enter the firstname only? Or: pass_filter = (&(objectclass=inetOrgPerson)(|(uid=%n)(mail=%n@*))) If firstname is unique, mail should be unique as well. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBW7IQ7MQnQQNheMxiAQIqtwgAkswe2jx7rXSJsGI8sh6Bd5d2f0MVx9nw 8IcW23vZlqpZOq9jGe8wD937IwKU1PSmMw7Ac2RiGUDts8rUWLp829DtwgovxGpj iP6qwxhfp8HcFaH0LE8oqWUnlaxh8Df9Nrwg7DPr/qebepUJAzQU6CAkODUy+osl z799U6RoI74fZyIT8gaAJ1mI+swOFcdawNMqv8S7+Iab7jtzTdHYN7J/YYM0rvzF amt+kad1OayunRl7OhV1j0BPqdIFDHaC08KAf2cN+GKAWzWNY/ZWe9Y0nloq++fh IAHZSDe8CSTS/fT+4IiHXT10aJJQob3AnbJ3264+JZ9cIZjpnn/KnQ== =sof6 -END PGP SIGNATURE-
Re: immediate delete of mails
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 9 Oct 2018, Selmeci Tamás wrote: On Tue, 9 Oct 2018 12:08:00 +0200 Sami Ketola wrote: How do you deliver then mails to the server? also mbox is very unoptimised mailbox format for this. Each time mail is deleted from mbox mailbox the whole mbox while needs to be rewritten to remove the mail. OpenSMTPD and Dovecot run on the same machine. OpenSMTPD receives incoming mails and stores them in a mailbox (/var/spool/mail/user). Dovecot then fetches mails from this mailbox file. Mailbox file is indeed very unoptimal, but at this moment I'm more curious about the reason why I can't expunge mails... perhaps it'd simpler with maildir, where it just means a simple file deletion. try out pure IMAP via telnet: https://wiki2.dovecot.org/TestInstallation?highlight=(telnet)#Check_out_some_other_IMAP_commands telnet server 143 1 login user pwd 2 select inbox 4 CREATE Trash 5 COPY 1 Trash 3 STORE 1 +FLAGS \Deleted 4 EXPUNGE Try with another mailbox, 7 select Trash 3 STORE 1 +FLAGS \Deleted 4 EXPUNGE - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBW7ywrsQnQQNheMxiAQJKNgf/SqbCxUHv7Ga6COtUVeFxv51e5YGBJzrE IDjD1bG/DAweaYDkWG+sJvwihpcYU7LRIX7nGGx7LiCOuFatWoQ2r/yIh1FSnMny SBjRdaDP/V+JaM3t+wAQ8AS8ObLi3RSy5GXrSbQvxrXzillVC6lKl37jQ4vbxevm MEazFDFubV9OSVs1n8oAUdKTvQVFL19xc2PYn8jkxXZMtED8a9Z7EAlwXFIbCQ/M WMkRE2G2WFy5sxchEgxDdrXwHnr7fe6mIEm1fyp+1ed6NytDNEwXDCryh0PmR5p5 XT95amjqRlCc3YVB+Q3R8W5AcrG9/bWfaPTglA3o3MBR8iH7xkbQPg== =znSD -END PGP SIGNATURE-
Re: Copying from a previous Dovecot server
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 30 Oct 2018, Peter Lindgren wrote: Hello! I have installed a new dovecot server on a new server, using imap and Maildir. The old Maildirs are accessible on a mounted disk. I have tried to copy a few folders manually, by first creating the folder on the new server through the a-mail client, and then copying the contents of the cur folder from the old to the new. Works fine, but is a manual process. I'm looking for a way to script this. if you do not change the names of the mailboxes, copy the whole Maildir directory from old to new. Dovecot updates all files. At the first access of a mailbox, you probably see a "broken" warning and the repair takes place. The warning and repair can probably be forced by doveadm index. If you already added ACLs or something like that, you probably need to backup some files from the new Maildir. Is it safe to copy a template folder to a new folder, and then copy the cur folder contents? The files that Dovecot creates in an empty folder have different contents, will Dovecot update them when the user retrieves the mails in that folder? Or, can I just make a symlink to the old Maildir somewhere? Peter - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBW9lNBcQnQQNheMxiAQKrAggAvrcWrBuf9H72U4aOQd8SoiZTzuLpVuTV lZah7ccYzQS62sfun+y49XndNiWWEIVLP3t7C6HPqiW1b4mr8+Hs56GhZOUac9kx wih4CxROR4/75/Gzs3varoDYVaR1MmMkc15YE/sglmw4RbDhuX6PK3mct5Z7QzVr sObSL+TuhLhGvzJiLJftknoiov3w44NeLKLNYweeISJ8D1vW/Xzc4B3LItPwXI/n bhlZ619GdzHO5mSJmXZYTOEirn10XYMsesV3UKEy6ncr2txeprkTCaGe9CyPNXKf giQm17LfgdGUpLEKQDx6BkCviMQWDOiw7Z60R9QDTS7YoeylIiZ8Gw== =+S4G -END PGP SIGNATURE-
Re: BUG: sieve does not set seen-Flag
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 5 Dec 2018, Jakobus Schürz wrote: Am 05.12.18 um 22:19 schrieb Ralph Seichter: * Jakobus Schürz: Does it matter, if the keyword-files do not match? I think it does not matter. 6 Seen This does not look right to me. AFAIK, "Seen" should not appear in this list, because it is one of the predefined flags, but that is also a Ok. I use dovecot as a service... i did nothing, which is not said in the official dovecot doku... so... Seen is in this file... Dovecot must write it down there... because i did it not... i work with thunderbird, gmail and horde... so dovecot must wrote it itself... Yes, Dovecot write it there, but a client instructed Dovecot to do so as keyword (tag or whatever it is named), maybe the Sieve script was it. Seen in this file is not the "seen" status of IMAP. To get deeper into the problem, I would: 1) edit the dovecot-keywords files to spell "Seen" as "XSeen", in order to make sure this setting (local keyword) does not interfere with \Seen (global IMAP flag) 2) change (I know it should not matter) addflag "Junk \\seen"; into addflag "Junk"; addflag "\\Seen"; 3) use a file dump tool to verify that "what you see is what you've typed", meaning that "\\Seen" is really ASCII \\Seen, e.g. in Linux: hd sieve-script - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBXAjx48QnQQNheMxiAQKaFgf+NLsYdX83pDDj0JDRjXzot/jGDWSEm3Ec IhCmFtaKf/nE2WQsgZct4pHPicGgjRX6BrLWbGlQepiQY3yMp5qlZYu6rk1wkk8q qtmkL5mgGL53KtaHPdHGBp20+ATGVF7eAQbnaNFBK3UEBddKbq/QNbeChrHtxXuF kbVLYN+6nyX9YGBayo1CT05jwhu77Taflx6jIxRXncY1kEYkdGz8E7K/AqSNkYBn KTHhYfuRUL69vJrJMUpzlnJWtV7H3BCv1yLxYMAOqJFFa4pAOcezGIh2mUIOFl2L wdzwOQ0LQKekdV5m36K2UrcxTJ94j22/g2N5H6OO3zLh0i/uXT3FNA== =gt8A -END PGP SIGNATURE-
Catch all for Metadata storage in SQL database
Hi, the https://doc.dovecot.org/configuration_manual/imap_metadata/ sample uses mail_attribute_dict = file:%h/Maildir/dovecot-attributes which stores all keys=value pairs in the file. http://dovecot.2317879.n4.nabble.com/Dovecot-v2-3-9-3-HTTP-API-Endpoint-for-mailbox-cryptokey-operations-td70801.html uses a SQL dict, however very specific ones. How can I use a SQL dict to store _all_ keys, as with a file based storage? I cannot find a documentation for "pattern" specification, that works as "catch all", in order to store anything not catched by patterns into the database. https://wiki.dovecot.org/Dictionary does not give any hint (in my eyes). -- Steffen Kaiser
Re: Shared instance
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 25 Jan 2019, Stepan Khlebalov via dovecot wrote: and another private namespace used for archiving namespace archive { prefix = archived/ inbox = no type = private location = maildir:/mailStorageArchive/%Ld/%Ln:LAYOUT=fs mailbox Archive { auto = subscribe special_use = \Archive } mailbox Archive_Sent { auto = subscribe special_use = \Archive } } namespace { type = shared separator = / prefix = shared/%%u/ location = maildir:/mailStorage/%%d/%%n:INDEXPVT=/mailStorage/%d/%u/shared/%%u subscriptions = yes list = children } it works. 1st: I think you must replicate the "location" with all options, that means at least LAYOUT=fs, maybe %L as well. When I create shared namespace like this namespace { type = shared separator = / prefix = shared/%%u/ you already have such prefix, as far as I understand it, you must choose another, unique prefix. Try prefix = shared_archive/%%u/ location = maildir:/mailStorageArchive/%%d/%%n:INDEXPVT=/mailStorageArchive/%d/%u/shared/%%u I think, you'll need LAYOUT=fs here as well subscriptions = yes list = children } it does not work. I want to share mailbox Archive from namespace archive. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBXErw+sQnQQNheMxiAQLNrQf/Ul+ulVdM3AG8/NUhk5jpM8aCD8n5qDT/ xbOWGH5EuCRAX6I6hBLW1iesWU9pQroF5fKyUiVlgzjmkRWL4+XH7kuzu5eNmzjQ 5bR+BLywMN3HULxcWN1PCyGx6Ey1zuWqYZVF3itMtaoNIOrEWoLy7nb41E4V4HgG Lhq/0F9WudmAA3tmttpXE0L6JwH8qCVjpbP3xXE+VheFERHMAsnoYBpT5U+Kduk6 QiUSve7GuUFsP5CA33PPy5Jcyt0Deyy5Z1ZKo3qe6VJSBsHZuECQY8N4T8ywndEF o47cy2CBNR7B/b9xVJonYx1qMgfpwww/z9WzVfODbOJBRvBfev8fkw== =7JNF -END PGP SIGNATURE-
RE: POP3 & IMAP inbox setting for virtual
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 29 Jul 2016, Michael Fox wrote: you can select the passwd-file by %u , e.g. see the first example of passdb's on http://wiki2.dovecot.org/AuthDatabase/PasswdFile I think you mean by %s. Correct? yes, %s = %{service} So, generate a passwd-file with namespace/inbox/inbox, make a script to strip this settings from it and dump into another file. This script is to run each time, the main file changes (or by cron), in order to keep both files in sync. Then: userdb { driver = passwd-file args = username_format=%n /etc/passwd.%s # default_fields = uid=vmail gid=vmail home=/home/vmail/%u } Then symlink /etc/passwd.POP3 to the file with and /etc/passwd.IMAP (and any other that generates not-found errors) to the file without the virtual namespace. Hmm. But the goal is for both POP3 and IMAP to see both namespaces. POP3 would see both via the virtual namespace. So, following the idea of passwd-file per %s, it seems like I should do something like: .../passwd.pop3: Set the "extra fields" = userdb_namespace/virtual/inbox=yes .../passwd.imap: Set the "extra fields" = userdb_namespace/inbox/inbox=yes Does that make sense? yes :-) - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBV57qe3z1H7kL/d9rAQKX0Qf+KN9L0mgDLJTB27yrtJc9XmOifXqyzUGS D49BALfSOv5aRXUoIW0Y7cRVYbcPPyeJPN5jdWeg93Hbljk8VryLh0kGGuU+y8YC fToNd/rIyBVyX0nv4a4mxhbnxdwt5isSRzpr5aXANjJsUtJaCNqg7rs3l5vnvd7q gWDiM9XkbKkxWVmwpVR5vXio8EMNNCdtNQWsdBxqqNvpHvnnOGu1NWyO20IHiK/b NdPBxBImML8oxEmEGbIsbDs8wRefjXNak5RTAfIMpuQyb/31zwSIeOHWkLCGU9EQ kLVQbl/lnbMxLcxVK37B3Q9TlbyFAWzCGf00FCZnyv0loGw2OVAV9w== =QrF6 -END PGP SIGNATURE-
Re: self signed certs and dovecot imaps : howto? tlsv1 alert unknown ca
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sat, 30 Jul 2016, hanas...@gmail.com wrote: How do you setup dovecot to use a self signed cert? One server will be connected to the internet. One will be totally internal and have no runtime access to the internet. Getting the below error msg. Also, I think I have a TLS 1.0 and need a 1.2 cert?... Thank you. Jul 28 20:09:27 host dovecot: imap-login:: user=<>, rip=10, lip=10, TLS: SSL_read() failed: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca: SSL alert number 48, session= have you imported the certificate into the client? - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBV57spnz1H7kL/d9rAQKurgf/WFtVim8mnPSpEr8fSUpfxssLw3yOYoLm Hsc0TzoeU43BPJtIbtgNk9GcvXmpUVkYj6jDY1QcEx5UGWTn0TU3uO1LVPVCfBs7 nscBZPgEoEK6V52BGtzwTKlTPQAJKdoiJDgW8Djkzwwaum1nFBf+7l33YRQv2/yZ b0qiTH5UeXm9KggEHX5FNseHITF98mq8X/qbgn3bvpbxoItF5cZzKUppV+6xyZAb 7mvvl3tzdB6+fKSStW7UZ+Xm++2K+dLac8vshhszspKHM9mQO51/FyeiT4rj1JOI 2dJRTf3j28mLLqzBw1JB4LIi/ODHy8aanTz1+IvbNzzbwbBxEgE7GA== =8S0y -END PGP SIGNATURE-
RE: service-specific userdb affecting lmtp, quota-service
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 2 Aug 2016, Michael Fox wrote: Update: I was able to eliminate the /var/log/mail.err error messages (shown below) by creating a userdb.quota-status and userdb.lmtp passwd-file. However, since userdb.pop3 and userdb.imap will have different extra-fields values for namespace (different namespace/xxx/inbox=yes values) I can't simply create userdb.quota-status and userdb.lmtp as the union of userdb.pop3 and userdb.imap. At a minimum, the extra-fields namespace info has to be left out. do LMTP and Quota-status fail, if you symlink them to the imap version? So this creates the question: For each service, which fields does the userdb need to contain? I can't find that documented anywhere. For example, for the quota-status service, I presume the following are needed: -- username -- home directory (since mail_location = maildir:~/Maildir) -- any "quota=" overrides in the extra-fields -- nothing else Is that right? And I presume userdb.lmtp needs to return: -- username -- home directory (since mail_location = maildir:~/Maildir) -- nothing else Is that right? Thanks, Michael -Original Message- The service specific passwd-file userdb is causing quota-status and lmtp to fail. Using: userdb { args = ... /etc/dovecot/auth.d/%d/userdb.%s } I'm getting the following in /var/log/mail.err when I try to send/receive mail: Aug 1 15:46:57 n6mef-gw dovecot: auth: Error: passwd-file(mef...@email.n6mef.org): stat(/etc/dovecot/auth.d/email.n6mef.org/userdb.quota-status) failed: Address family not supported by protocol Aug 1 15:47:08 n6mef-gw dovecot: auth: Error: passwd-file(mef...@email.n6mef.org): stat(/etc/dovecot/auth.d/email.n6mef.org/userdb.lmtp) failed: Address family not supported by protocol I don't have a userdb.quota-status or userdb.lmtp. Is there something else that needs to be in the configuration to prevent these services from needing their own userdb? Thanks, Michael $ doveconf -n # 2.2.9: /etc/dovecot/dovecot.conf # OS: Linux 3.16.0-76-generic x86_64 Ubuntu 14.04.4 LTS auth_mechanisms = cram-md5 auth_verbose = yes mail_gid = vmail mail_location = maildir:~/Maildir mail_plugins = " quota" mail_uid = vmail namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/dovecot/deny-users deny = yes driver = passwd-file } passdb { args = scheme=cram-md5 username_format=%n /etc/dovecot/auth.d/%d/passdb driver = passwd-file } plugin { quota = maildir:User quota quota_grace = 10%% quota_rule = *:storage=50MB quota_rule2 = Trash:storage=+10%% quota_status_nouser = DUNNO quota_status_overquota = 552 5.2.2 Mailbox is full quota_status_success = DUNNO quota_status_toolarge = 552 5.2.3 Message is too large quota_warning = storage=90%% quota-warning 90 %n %d quota_warning2 = storage=75%% quota-warning 75 %n %d } pop3_lock_session = yes protocols = pop3 imap lmtp service auth { unix_listener /var/spool/postfix/private/dovecot-auth { group = postfix mode = 0660 user = postfix } unix_listener auth-userdb { group = vmail mode = 0600 user = vmail } } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } service pop3 { executable = pop3 postlogin process_limit = 25 } service postlogin { executable = script-login /etc/dovecot/postlogin.sh group = vmail user = vmail } service quota-status { client_limit = 1 executable = quota-status -p postfix inet_listener { port = 12340 } } service quota-warning { executable = /etc/dovecot/quota-warning.sh user = vmail } ssl = required ssl_cert = - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBV6F2unz1H7kL/d9rAQKP0AgArfFBzFeioX/90YBHWJlyOAJT8D+daQWl TRBg8OJo15haoKn6JkzJbtuZHOkV0/YPW09sWKF8e8/6LgIU512HZibE2QkD2cPl 6v5Xt4hxRtDeY7YpdzxegJ1HjoLkGsCiFIc9EXBSxlDIcvnyz74h4FdYIldhwjoY WErisoF3bKzz5vzf609JoB4veu6nK24MMdo7OxvyUlswizAN2AGSbevCLaTVkvsy iXbK4jXgvHyTK26EqNeZ6rCTx1htT4Jk/tsx3Hicg+rbX4JuaUUNRJXkVWLc4haO yJSSleqXjddEiH+UwH9LvNS2fZg99sv8tj/Ad+UHpmWedPMZFOvNGg== =tC1k -END PGP SIGNATURE-
RE: service-specific userdb affecting lmtp, quota-service
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 3 Aug 2016, Steffen Kaiser wrote: Update: I was able to eliminate the /var/log/mail.err error messages (shown below) by creating a userdb.quota-status and userdb.lmtp passwd-file. However, since userdb.pop3 and userdb.imap will have different extra-fields values for namespace (different namespace/xxx/inbox=yes values) I can't simply create userdb.quota-status and userdb.lmtp as the union of userdb.pop3 and userdb.imap. At a minimum, the extra-fields namespace info has to be left out. do LMTP and Quota-status fail, if you symlink them to the imap version? BTW: your posted conf does not contain the virtual plugin and its namespace. So this creates the question: For each service, which fields does the userdb need to contain? I can't find that documented anywhere. For example, for the quota-status service, I presume the following are needed: -- username -- home directory (since mail_location = maildir:~/Maildir) -- any "quota=" overrides in the extra-fields -- nothing else Is that right? And I presume userdb.lmtp needs to return: -- username -- home directory (since mail_location = maildir:~/Maildir) -- nothing else Is that right? Thanks, Michael -Original Message- The service specific passwd-file userdb is causing quota-status and lmtp to fail. Using: userdb { args = ... /etc/dovecot/auth.d/%d/userdb.%s } I'm getting the following in /var/log/mail.err when I try to send/receive mail: Aug 1 15:46:57 n6mef-gw dovecot: auth: Error: passwd-file(mef...@email.n6mef.org): stat(/etc/dovecot/auth.d/email.n6mef.org/userdb.quota-status) failed: Address family not supported by protocol Aug 1 15:47:08 n6mef-gw dovecot: auth: Error: passwd-file(mef...@email.n6mef.org): stat(/etc/dovecot/auth.d/email.n6mef.org/userdb.lmtp) failed: Address family not supported by protocol I don't have a userdb.quota-status or userdb.lmtp. Is there something else that needs to be in the configuration to prevent these services from needing their own userdb? Thanks, Michael $ doveconf -n # 2.2.9: /etc/dovecot/dovecot.conf # OS: Linux 3.16.0-76-generic x86_64 Ubuntu 14.04.4 LTS auth_mechanisms = cram-md5 auth_verbose = yes mail_gid = vmail mail_location = maildir:~/Maildir mail_plugins = " quota" mail_uid = vmail namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/dovecot/deny-users deny = yes driver = passwd-file } passdb { args = scheme=cram-md5 username_format=%n /etc/dovecot/auth.d/%d/passdb driver = passwd-file } plugin { quota = maildir:User quota quota_grace = 10%% quota_rule = *:storage=50MB quota_rule2 = Trash:storage=+10%% quota_status_nouser = DUNNO quota_status_overquota = 552 5.2.2 Mailbox is full quota_status_success = DUNNO quota_status_toolarge = 552 5.2.3 Message is too large quota_warning = storage=90%% quota-warning 90 %n %d quota_warning2 = storage=75%% quota-warning 75 %n %d } pop3_lock_session = yes protocols = pop3 imap lmtp service auth { unix_listener /var/spool/postfix/private/dovecot-auth { group = postfix mode = 0660 user = postfix } unix_listener auth-userdb { group = vmail mode = 0600 user = vmail } } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } service pop3 { executable = pop3 postlogin process_limit = 25 } service postlogin { executable = script-login /etc/dovecot/postlogin.sh group = vmail user = vmail } service quota-status { client_limit = 1 executable = quota-status -p postfix inet_listener { port = 12340 } } service quota-warning { executable = /etc/dovecot/quota-warning.sh user = vmail } ssl = required ssl_cert = - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBV6F8znz1H7kL/d9rAQKltAf/bl5r175/Iokd+XxoBnsbT8LUfsCM20/p 0tPsnfz9E75nnFgOTTYYKPhc7zJvA61ZMz+yZ9SIYxce7mfA86AGvg7cpD8/KIfO RnhDuLEmFZbaRqnmrDuJvtbLzg2VargYj65Y0hykeRisdNE/3nh//iPxs/5BQs2z ZRTeJer3UkYae4AxI8E3P+S5fKWbirIJ5mapM28IVw3+uabRED/2TGO5rEuCToLU UMgI3tQKDIp04dqPfZGbsYefzv6azUtQQ/JL7BeSd/YdiJibGxI/yb7Z6zNPwUvJ sn7i6FBKdwT0sirEBfHIk4E+gAZZ0fQMkWq1z8q9C7ImoEgtqsObBg== =0g6C -END PGP SIGNATURE-
Re: file/folder perms permissions
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 4 Aug 2016, Jim Pazarena wrote: Forgive me if I am blind, but I cannot find default folder permissions. there are no "default"s, because it depends on your installation heavily. For the home directories, with the sub of mail: and deeper, I see some files with 660, some with 600, some folders with 770 some with 660 If you have folders with permission 660, they are wrong, because they miss access perm for all, even the owner. I am a bit confused. I manually messed with some files, and my MUA complained about permissions. So I got that mess fixed, and in doing so I noticed the seemingly contradictory permissions. The user must be able to access the files, so: user/owner: + if you use system users, Dovecot uses the user's system id to access the files, + if you use virtual users, Dovecot uses the mail_uid specified in the conf file or userdb, group (usually): + for some operations additional permissions might be necessary, those are *usually* given via group "mail", e.g. sharing of mailboxes with system users, direct deliviering of messages without Dovecot LDA or LMTP, ... usually you get very descriptive hints, what permissions are required, by reading the logs. Dovecot 2 even walks up directories, if an access perm is missing. Very convient! If you have trouble with mailboxes (rather than the complete mail store of an user), create a new mailbox within an account, that has no problems and use the permissions given there for problematic mailboxes. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBV6QtxXz1H7kL/d9rAQLB1Qf/ezS2Go1khR9D69IeAKSQ+V1Vd/7pQb2G 8HJFB8QgnLBMpmwN3vrz3+t0kWqNhW+TKusYIl70kkDYzUCC+oBeNHHVb94d20s+ sN6Up1kdLbuPJ926QiW0Sb8n6pOAyXels4L4RrKqpX4PafhtumsltOiPI82pfUpY Mel69RRh23TAepV2CnEyeWxfQ+ffJrumsVu00FR0EAd8pFw3LsKStBfQr4qA/f/+ G2aXNHPDQK2fzmP0SFK3uxk/AXgl5cbUqxEvf7n7STxaCZpcSH3DVrK7Nt0aQEBa dHm6dc+TgcY0GhJRmtKyLhnRQhZyiPW1vIBs3YS8uMcBQKG+cY9Bsw== =BIxI -END PGP SIGNATURE-
Re: Save user passwords in clear text
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 5 Aug 2016, Lefteris Tsintjelis wrote: Is it possible to save user passwords as clear text through dovecot? I am currently using MD5 passwords and I allow only "plain and login” mechanisms but I want to switch my database to clear text as this will give me the ability to use more mechanisms such as CRAM-MD5. Is this possible? Someone tried to do something like that with: http://wiki2.dovecot.org/AuthDatabase/CheckPassword Check the archive of this list. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBV6hvY3z1H7kL/d9rAQK/iAf/XNP52dpnKIoXvhounpTg58QgIoY+i1tW oka3uAfjFiwyNH/QzZaEdISaogWqpxKXmebWNZeyjvScGzM5VAoC6XMbmvuUfoaC /gwpadMez416RlTnGpfTvB9GIV+5F8UE+4wCPAnP8Vzp9zCBueKhTrq4q8Ffevfj z1ikHWIQI8wwFdTNI82Iyybw4S6F2vWGrR/ypHHWyNhRH6bluMTLc9UOBGORMFc4 eTeARYIFjDYM6RVZBPlRmoFXZ+qUy72tIV8PyqYbcFlC61lPMsYKleXgDT5KH/V6 r62h4vYCyJn8uGxCwuNmxq9uQws0fRfL2rIgdVuauGxkGmPphgizlw== =UW2U -END PGP SIGNATURE-
Re: receiving and associating emails to single a/c
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 11 Aug 2016, David Tildesley wrote: Hi,Looking for advice.Scenario: we have a dmz mta that currently redirects received emails for a selection of email domains to specific internal ms exchange servers. We want this mta to redirect incoming customer emails directed to a set of email addresses numbering about 30, to a dovecot server and associate these emails to a single dovecot user account so that a contact Centre platform can pull these emails on a frequent cycle.How to go about configuring this on the dovecot? I assume a postfix server needs to be installed on the dovecot server for the dmz mta to send these emails to dovecot inbox? So, you want to sent messages of 30 or so specific mail addresses to one Dovecot server. First, configure the Dovecot server so, that those addresses are mapped to the same (virtual) user account via a userdb. Second, enabled LMTP in Dovecot. Third, configure the MTA in the DMZ to drop the messages via LMTP to Dovecot. Forth, configure a passdb{} in Dovecot so that the contact people may access the same mail storage. There are many different ways for step 1 and for LMTP itself. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBV61xvnz1H7kL/d9rAQJEkggApg16h2Xxbxa0Bj1ut3EewqxsfYdtOfE3 yM1URhunMN4YIZ/hwuA9DrUo104+0spnOjNdz5GaDfi3Y3QfwLNTUQrmS24Ih9zG YGbmtsC0izfudfGeLb5zHRC+GDJV4g2j67pSEg7rwQdfnS6LTgtwPyMrcCxLtRjQ OCCya26u3TJLwgZ73BTe53HLSlfFYL739rvpk16aLhl/B6i8Ue9PYYNEa6hk2tRe FMc3QLv3iBvsfDrT38oXpwaoF7J20LH7jWNExgF2ZAeBLdpESCNK6jHNeS9qjAaI DZY9ZJ6D/oQXnq+iScYBgWLrz8cS6v1TckOxjQSvqUH8gKXJO9PShQ== =7mdJ -END PGP SIGNATURE-
Re: dovecot-lda core-dumps when antispam pipe script calls it
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 19 Aug 2016, b...@indietorrent.org wrote: On 2016-08-19 12:17, b...@indietorrent.org wrote: Aha! Clearly, the vmail user cannot read from nor write to /tmp. (Why that is, I have no idea, as the /tmp directory's permissions certainly Do you have SELinux active? See almost at the end of http://wiki2.dovecot.org/WhyDoesItNotWork?highlight=%28selinux%29 allow for both; maybe Dovecot implements this as a security measure.) No. Dovecot does not implement anything like that. Do you chroot ? This prompted me to change all references to /tmp in the pipe script to ~/tmp, and create this directory: $ whoami vmail $ mkdir ~/tmp && chmod 770 ~/tmp $ /bin/bash /usr/local/bin/sa-learn-pipe.sh --ham < /var/vmail/gtube.txt No errors this time (at least not on the console). But I do get this in /var/log/mail.err: Aug 19 12:04:24 example.com dovecot: lda(sa-train...@example.com): Fatal: Can't open delivery mail as raw: Permission denied I'm not sure how to interpret this message. Where is permission being denied? More importantly, what's the fix? Thanks for any hints! -Ben Apologies for the rapid-fire replies here. The strace output that I'm capturing in the pipe script pinpointed the problem: open("/root/~/tmp/sendmail-msg-26272.txt", O_RDONLY) = -1 EACCES (Permission denied) Er, '/root/~/tmp/' ?? There seems to be some expansion occurring that assumes the root user, despite executing the pipe script as the vmail user, so I changed all references to ~/tmp in the pipe script to /var/vmail/tmp and permission is no longer denied. But, now dovecot-lda is core-dumping. Here is the strace output: http://pastebin.com/RrKmFhzC So, I'm back to where I was with this problem two years ago. At that time, I gave-up, because I couldn't invest the time required to compile the latest versions of Dovecot and all plugins from scratch in an effort to prove that the bug exists in the latest source. "Dovecot always logs a detailed error message if something goes wrong. If it doesn't, it's considered a bug and will be fixed." - http://wiki2.dovecot.org/Logging I'm happy to help identify the root-cause, but I need some guidance here. First: check the SELinux thing. Second: Do you run in a chrooted environment? Third: Enclose all your script with logging, e.g.: #!/bin/bash ( date echo "$@" id id -a echo environment env set # check for chroot echo stat / stat / echo /proc/1/mountinfo awk '$5=="/" {print}' > /var/tmp/antispam.$$.log 2>&1 Make sure /var/tmp/antispam.$$.log is writeable, maybe create a new directory with owner vmail. Make sure you have 2>&1 at the end. Your log misses all the error messages. Also, you will now have a log file for each run of the script. To check for chroot: stat / should print inode 2, but any mountpoint has inode 2. /proc/$$/mountinfo displays the physical information of a mount, if both differ, the current process is chrooted. "1" should be the init process. In your script: for opt; do if [[ "$*" =~ .*ham.* ]] This makes no sense, either use for loop and test "$opt" here, or do not use for, but use "$*"; .*ham.* should be quoted anyway. cat<&0 >> /tmp/sendmail-msg-$$.txt Well, if for any reason this file exists, .. cat - >/tmp/sendmail-msg-$$.txt /usr/lib/dovecot/deliver -d "sa-train...@example.com" -m "Training.$mode" You've already scraped the message from stdin into a file, so add: < /tmp/sendmail-msg-$$.txt About the '-p' switch present in the strace-variant: Please scan the mailing list for the status of it, IMHO, there had been lots of trouble in certain cases. The strace variant should use -oLogfile.strace.$$.log in order to separate the output of the command and strace logging. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBV7qnd3z1H7kL/d9rAQJXWQf9E/ucaEXMy10IE5f7JY3tbZVlROGrz+wk 5rA0/Xe/aFwgNvCzyTX+MV7BblHH//aDwlNs3L4P+bZatCjAVCmoDdQ/WDZ7wr51 mBq/vOjcullnzz8NHv2+gQgRCKhGGd8M+mVjGUlyK6jXEFjwAaivEnRA86AudZi4 ybK0CZKw+Pg+VzDcfGjvO4PHZWAxvbqktqVOUhQwEL/+A/CZ7FNSsBuuZug42TGK tmghQmAKuwY96djSV/vFax8J8WyVnGKBVLpONP9iMllGkZ7MHGacpfm0MSgsIgPv DTTdjdk1P6FIQ615rp6BRg0JKaTn7COC6YxMnuaNtlXJ2t/M5zoCNA== =/xgA -END PGP SIGNATURE-
Re: Sub addressing delimiters
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 29 Aug 2016, Timo Sirainen wrote: For v2.3 (maybe early next year): https://git.dovecot.net/dovecot/core/commit/972c9172e9e6a0fc6053efb3d2ee9d354b67727f is this an internal address? $ host git.dovecot.net Host git.dovecot.net not found: 3(NXDOMAIN) - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBV8WJ83z1H7kL/d9rAQLlbggAlTKNhRbBieDf/RoaVfIjCQZXv7wH+W9N 5gtu9/to5mw62I+3dtsyCF9Ui2YFm0AGTeOAyU8p//oYv34jttjBV4/OUL+U73QP PDxo/1DiJly1YCAATl1KAlc4jlvjk99XRES0P7ykIznHPM9x4a5OmsH1OWLYq4SH nEi5BqsfBCuoeY/xDM+bFZ4eLWXcNF1PHVIStp8eM7xWaGHUb5lE7YLsqf/x2187 Zsjhlj2xiHgXf1n55dWP2nkJmBHnZCieokcHOfA3fyBVdIogbt1jEwtFYShYinoi X4j6zgLs6kJjbdY5ToD/3FG5ZYwPxihzah+lnO718HbNA0nPzycZGg== =V1Oe -END PGP SIGNATURE-
Re: initd script does not stop/restart all dovecot processes
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 2 Sep 2016, Sami Ketola wrote: On 01 Sep 2016, at 17:25, Florent B wrote: Hi everyone, On Debian Jessie servers, I use initd script provided by Dovecot 2.2 (in doc/dovecot-initd.sh) and when I stop or restart dovecot service, it still remains some process : ps aux | grep dove dovecot 1798 0.0 0.1 9408 2116 ?S16:15 0:00 dovecot/anvil [1 connections] root 1799 0.0 0.1 9544 2288 ?S16:15 0:00 dovecot/log dovecot 1812 0.0 0.2 39144 5720 ?S16:15 0:00 dovecot/auth [0 wait, 0 passdb, 0 userdb] root 1844 0.0 0.1 12728 2076 pts/0S+ 16:16 0:00 grep dove Is it expected ? "restart" does not work of course, and "start" after "stop" too. How can I fix this ? Debian Jessie comes with systemd so you really should not use initscript anymore but switch to systemd for starting dovecot. There is systemd service description file available for you in case your vendor does not provide it in the package: https://github.com/dovecot/core/blob/master/dovecot.service.in I have the same experience, that Dovecot keeps running for a while. An immediate stop & start always fails. IMHO, that behaviour started with the introduction of anvil. If the ps command lists all processes, that is what I see on Jessie and Squeeze as well. @Florent: Please check, if the Dovecot processess dies after some timeout. I have patched the scripts to wait 5s then send an extra HUP and after 5s INT. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBV8ksh3z1H7kL/d9rAQJY8gf+NnFjsEKI3a4opD4Wkim8eGtQvkWkFEtA Ywf7vS3cGzU2rJGqUq6X/zVjrW5oU5NUdePdR5nZqpkKz5+QR5jHluZ/zX4Cgmeh ujKSIf4VZnUmvw9XG5RRFzUlTUkZilSGz97KtcnLcLJQj7KNhC39sFBPTUl6Li2X 2lwDpyNz+u5rhPti1LTKwooiGI2Pr5X6YT+aZQcebzj++0qLiwRha6Gmm5PWzgS4 mMsMe2zFwvKhP6/XuVWMzT9nsgmEQaeiDsu4u3A+TDRdFwfYrHvhyG0uh8SgG6a6 Vye30fy53e/KWzfXAE37m1zRyouHUuxSzHjr4YtM9K/E8rYBDWR0Ow== =HdJT -END PGP SIGNATURE-
Re: Softlinks
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 28 Sep 2016, Chris wrote: I'm using Maildir. Is it possible to move all (or only some) maildirs with softlinks to another partition? I did this, but be prepared that you have left-overs when the user deletes the mailbox (mail folder). I have mapped for instance SPAM / HAM reporting and some widely folders folders into user's Maildir, this works without any problems. Well, no user tried to delete those linked ones so far. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBV+y9Anz1H7kL/d9rAQLkswf+K71RLMNh6DsehPjgd4jb8Rk9MvixcINa 1RYZqowHvfEf/zWGF+uOZxIycSTxf+84K3Qiac6EjHSQXsVbosy7o4v6S1EZOeAi n9mK9itDjXhDGnY1MlYgpJ1C/pK+UqbYzgelR1WgBH8AiI+zEzEHv4RCEvLaFSxB RfizZ66Nz2kaw9PnXkwmN5R8wzasdT3+1DKiekGzMRi4U/Rc61PuWEwNBZKllfnc 5jQAopi7PsEX8eO11xWtGbyTtLj2qm/k9odphiWl8fJlZpTICdtuyFxVpbsZf/t/ TRO5meXfIAHs4+BI/LYmHnCNiELUlwaGJAyRBzPNcMO7aDtANqSatw== =9vGQ -END PGP SIGNATURE-
Re: Login just at special timeslots / working hours
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 27 Sep 2016, Aki Tuomi wrote: On September 27, 2016 at 5:42 PM Götz Reinicke - IT Koordinator wrote: is there a dovecot feature I did not found yet, which can limit the access to the server to special timeslots like working hours? Or is that a serverside / sssd / auth / pam / account feature? Thanks for hints to some helpfull documentation and sugesstions. At least this is doable with PAM. See http://www.linux-pam.org/Linux-PAM-html/sag-pam_time.html Should be also doable with SQL-based passdb by adding the check to the WHERE clause - even by user. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBV+zNiHz1H7kL/d9rAQL0Lwf8Ca4frRhb/99pLgFw90XcSnUqbT/AU2dw Nr4xb5uQaT3mkO67aME0jA+0yRW8Bz74qV+ULkC/KxzMo1Oh5f1t+4eeSseZWUBe TZik2z1ypzzAvMOdf8Z/ldkmNibAjiAdE1/WOioefTVL+LYmRwwrc4BBRQGXtLvO Ef3ZcHWPwPJ6JCji0GsYbfR8is2vNj9YJEdhjROAPokWQ6up5fpULWUAVvk5vTxd d6YGrmBpUFydgK36uxB11LefVawd0hFJN+ogFtFiP2J+gZEx+AQ0NgKA+CFwYGxL 4ltCEAN1NYbyuPTezZaZWZBBu2uUXwdXT7oxzzKhZqtpBIJXQUl/NA== =R0HA -END PGP SIGNATURE-
Re: shared folders
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 3 Oct 2016, Scherff wrote: you do not write, if you get errors in the log. Enable mail_debug and see what Dovecot thinks about the location of mailboxes etc. Also, use doveadm acl debug -u to verify the ACLs. mail_home = /var/vmail/mailboxes/%d/%n mail_location = maildir:~/mail:LAYOUT=fs namespace { ^^ maybe this namespace section is missing a name hidden = no ignore_on_failure = no list = children location = maildir:%%h/mail:INDEX=%h/mail/shared/%%u:CONTROL=%h/mail/shared/%%u This location does not match mail_location above, it is missing LAYOUT=fs prefix = shared/%%u/ separator = / subscriptions = yes type = shared } - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBV/Oafnz1H7kL/d9rAQKDlgf8CjTbLVHs9Lfof4vfoHyCXgusB//39+rj UEl/fsP+4NkWr8naU5Rb4RU+7/LfhhCGPC5H7VeXBNCO+a+VxzJEzncNOdMAaQt/ AUYz9oHnPO/NptVuCV/LbYKaULE8KsXQWUr1BYScmt8F91KDIO6rpkuwaMaA+p+s XRkh10+ucnPKO1cUv6yBiBu/citff2uQdzX4+jr66djS5DXWZgOh/XsZDGS868Y1 Id88Kh0ZudpFBhEAQbrwbUCbgVx5O+7O9AC9s4RKyMGqCKS7DVIKM2VvCBQgvaad ApHpTkt6MegAMY0+BW9bsxpdb/lmhfCFbwyexVSwEJRXc4qS0qdE4Q== =oC93 -END PGP SIGNATURE-
Re: Dovecot does not close connections
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 14 Oct 2016, Benedikt Carda wrote: I am running into this error: /Maximum number of connections from user+IP exceeded (mail_max_userip_connections=10)/ The suggested solution in hundreds of support requests on this mailing list and throughout the internet is to increase the number of maximum userip connections. But this is not curing the problem, it is just postponing it to the moment when the new limit is reached. When i type: /doveadm who// / I can see that some accounts have several pids running: /someaccount 10 imap (25396 25391 25386 25381 25374 7822 7817 5559 5543 5531) (xxx.xxx.xxx.xxx)/ Now when I check these pids with /ps aux/ I find out that the oldest pid (5531) has a lifetime of already over 12 hours. Anyway I know that the clients that initiated the connections are not connected anymore, so there is no way that there is a valid reason why this connection should still be open. What's the state of the connection ? - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWADK13z1H7kL/d9rAQKw6gf/SbLMdf988i3u5arben3YseszjkOfMLqr bRzuBa3wopFC7h456qORiSUqs14YWK7IvLkC5Ke81pdz3beDPFaYrjxvIjldn0KJ YZzsAp7Nc04OzdcC1JZlZ96zjL85AfiokGVvjhCuqVNV0S1R9dy5wJLyouvdnNym gLO2twykuEajJugcnqSfMj0QWhMFO+quYAOEUNeRpf4fDvPPNo11Y89aDtwCrZUp OMEbDIMa92CnNRARkiqRINJmqt3v9ou3DEETnoyj8qGglO/zU+uAOE9BeoihPF4l GIKMJ4agva1p1Un53RBsnpsXxVCljMcvt++M5g/vs+svYqulRpZeXQ== =O6DY -END PGP SIGNATURE-
Re: Migrating users from a 2.0.19 to a 2.2.24 installation
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 20 Oct 2016, Gerben Wierda wrote: I am currently still running an older dovecot (2.0.19apple1 on Mac OS X 10.8.5) and I want to migrate my users to a new server (macOS 10.12 with Server 5, which contains dovecot 2.2.24 (a82c823)). Basically, I want to create a new server installation on the new server so I don't bring any junk over (new user accounts, with the same uid/gid (still need to figure that one out), but after I have done that I need to move the data over from the old instalation to the new. Has anything changed in the formats between 2.0 and 2.2 that will stop me from doing this? The index files etc.pp. will be updated on the fly. You should check if your mailbox storage format is supported, still. Check out http://wiki2.dovecot.org/Upgrading If have moved Maildir with Sieve with no trouble. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWAnpOXz1H7kL/d9rAQJf1Qf/coQ9550WukxX/bAivbdW129vDk5DfvRv /JvOequE9R4Vc8ylxA0WFVnQ1cc2hPHNw4ZDiYerypoj9DOA78HKa/xpHPADuSSh U8yEkaVR1bszrheR1CzbN2e3ghfR+dJQ0PTfJzoH8jNvaDWESS5CYAQksNyxEuEB iQZXzCBJmPlTFySxCeVyIiot65a6qyR/S6otF80xqDDrexXOMo7KKwyXtM/UtNZA aUZHS8YbNyta4fnQW73Mg7R36K9enDAaP5xFpSNJ4b8E64xdH2PQ51FG8ZsyUV5s Yp1d7owBjULj/QWyPSX3T9Yy4UkFaMCSBXgHYribVdZAP/jvGzBJbg== =q079 -END PGP SIGNATURE-
Re: Problem to configure dovecot-ldap.conf.ext
;{scheme}" before password overrides this. # List of supported schemes is in: http://wiki2.dovecot.org/Authentication #default_pass_scheme = CRYPT - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWA8xnHz1H7kL/d9rAQKjlQf/VyK1ipVnt3B+NGwWlIc29MERp7Zy1DFI 8x7GKRFSwJ9pKRalreVL/D+3hI/mKzoqQOiaWG6QSNlX+zj1uu6FkpsiJrAmuJP2 uOObVjyS9DSw8zmU9wNJmqxUvWNTb857udnwAazsMbKge+ApKa4w8GmLUIyZXBZt oBziQZjbASlReaIGv8q+R8z5B0wUx9FRfqFuEY4N2mSudZMdf6kBsUXnFPTxWlEY kpIFpOFhfCi0dFRYduVQXhP9qR8BMOBwjm1NizZGTFgGSHgY2sgr4ouOKtoXHePh 28EvYzRY/FHvSKGDv3R8KVqnf6BJ03SkJ5+L0Smbr9XUg+1UuaQqkg== =0e2c -END PGP SIGNATURE-
Re: Problem to configure dovecot-ldap.conf.ext
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 25 Oct 2016, Günther J. Niederwimmer wrote: Thanks for the answer and help, I mean I found the biggest problem it is "auth_bind_userdn = " Am Dienstag, 25. Oktober 2016, 12:19:08 schrieb Steffen Kaiser: On Tue, 25 Oct 2016, Günther J. Niederwimmer wrote: I setup ldap (FreeIPA) to have a user for dovecot that can (read search compare) all attributes that I need for dovecot. I must also have mailAlternateAddress When I make a ldapsearch with this user, I found all I need to configure dovecot. doveadm auth test office and doveadm auth test off...@examle.com with success authentication but when I make a doveadm auth test i...@example.co (mailAlternateAddress) I guess the missing 'm' in .co is a typo? ;-) Yes Do you find doveadm user -u office doveadm user -u off...@examle.com doveadm user -u i...@example.com yes this is working with all user ? doveadm user -u office userdb: office user : office home : /srv/vmail/office uid : 1 gid : 1 doveadm user -u i...@example.com userdb: i...@example.com user : office home : /srv/vmail/office uid : 1 gid : 1 I have a broken authentication Can any give me a hint what is wrong, or is this not possible ? Show us your LDAP record of this user. this is a result from ldapsearch with dovecots special user, from the dovecot system! ldapsearch -w 'XXX' -h ipa.example.com -D 'uid=system,cn=sysaccounts,cn=etc,dc=example,dc=com' -s sub -b 'dc=example,dc=com' 'mail=off...@example.com' I can also search for 'mailAlternateAddress=i...@example.com' with the same result. # extended LDIF # # LDAPv3 # base with scope subtree # filter: mail=off...@example.com # requesting: ALL # # office, users, accounts, example.com dn: uid=office,cn=users,cn=accounts,dc=example,dc=com st: AUSTRIA l: Salzburg postalCode: 5020 krbPasswordExpiration: 2038010100Z krbLastPwdChange: 20160929133721Z memberOf: cn=ipausers,cn=groups,cn=accounts,dc=example,dc=com memberOf: cn=mailusers,cn=groups,cn=accounts,dc=example,dc=com mailAlternateAddress: i...@example.com displayName:: R8O8bnRoZXIgSi4gTmllZGVyd2ltbWVy uid: office objectClass: ipaobject objectClass: person objectClass: top objectClass: ipasshuser objectClass: inetorgperson objectClass: mailrecipient objectClass: organizationalperson objectClass: krbticketpolicyaux objectClass: krbprincipalaux objectClass: inetuser objectClass: posixaccount objectClass: ipaSshGroupOfPubKeys objectClass: mepOriginEntry loginShell: /bin/bash initials: GN gecos:: R8O8bnRoZXIgSi4gTmllZGVyd2ltbWVy sn: Niederwimmer homeDirectory: /home/office mail: off...@example.com krbPrincipalName: off...@example.com givenName:: R8O8bnRoZXIgSi4= cn:: R8O8bnRoZXIgSi4gTmllZGVyd2ltbWVy ipaUniqueID: 3a6e2256-8648-11e6-b45d-5254002cd3fc uidNumber: 150785 gidNumber: 150785 # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 # For example: # auth_bind_userdn = cn=%u,ou=people,o=org # auth_bind_userdn = uid=%n,cn=users,cn=accounts,dc=example,dc=com That one looks strange, you really have an account (uid=off...@examle.com) ? I mean I don't understand this in the Moment (?), but I can comment out this ? Well, you must comment this setting, because: http://wiki2.dovecot.org/AuthDatabase/LDAP/AuthBinds?highlight=%28auth_bind_userdn%29 "If you're using DN template, pass_attrs and pass_filter settings are completely ignored." That is: Only if *all* your users log in using their "uid" attribute and are located at a single predictable hierarchie level, you can use this in order to avoid the LDAP query with passdb_filter to locate the user's DN. I make now also Tests with commented out "#auth_bind_userdn = uid=%n" now the tests are WORKING !!! now I have to find out the correct syntax for auth_bind_userdn !!! when it is possible ? - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWBBGA3z1H7kL/d9rAQKsEgf8C0xuesf4YJYD6sHF1eMMhAbQew3I9gP1 TxSVkRJP2VYZM4mkIfPEnyK0GOGU1uri8yT65gQLSxZCg+R77UZjIls9pUsZ3Zqq Ko/jBWbXzphglHlppLQ6EiLnaRfiLPT5dO7EynQm7RiFWiwhc4mL9Gc8w0X6Gye8 copDqauC3hm9LHtxfcQe28K82A0WuJHHxyz7AchT38N4EzzkAp5jOeNvt4fV4L+s C9Juxz2uVE5/qhHE1/w3BWY0dpy+1SRdVoXHX8iix4Lz3STUcVDSuiYptNhLjKPv 2KEF/7gPRONCz7b6wDqIfVDoYrBYcueACASdtg3re/xrVjbh7fsG/Q== =wO5h -END PGP SIGNATURE-
Re: Dovecot 2 LDAP "unknown user"
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 1 Nov 2016, Peter Fraser wrote: root@BSD-11:/usr/local/etc/dovecot # doveadm auth test username Password: passdb: user auth succeeded extra fields: user=username root@BSD-11:/usr/local/etc/dovecot # But when I run telnet 127.0.0.1 110 and try to log in it says unknown user. Error below in maillog. BSD-11 dovecot: pop3: Error: Authenticated user not found from userdb, auth lookup id=2262958081 (client-pid=2273 client-id=1) Nov 1 15:15:41 BSD-11 dovecot: pop3-login: Internal login failure (pid=2273 id=1) (internal failure, 1 successful auths): user= passdb { args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext driver = ldap } userdb { args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext driver = ldap } #Contents of dovecot-ldap.conf.ext hosts = 192.168.153.143 dn = u...@domain.com dnpass = password auth_bind = yes auth_bind_userdn = domain\%u ldap_version = 3 base = dc=domain,dc=com pass_filter = (&(objectclass=person)(uid=%u)) user_attrs = homeDirectory=/home/vmail/%u,uid=1002,gid=1002 duplicate pass_filter to user_filter. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWBm0Onz1H7kL/d9rAQJWhQf+PRD5yd29UyL1drjlTOWD/s4qUffg8OBh inb8L3eCKDuSad8s9INUJSa6WxGEVdatL4PKjTcbL5IsPIob87W5jOduWFMtPlt0 FXxWtfc1bAjRyNLzkGe1mUT1z0EDVO22UkQSd9J3bZQ9wR+FzgeGqdcyzl+WSyzB Eaiea23ieCjhZRAZF/pl1gDjkap+tPQ8gZLdt4p1QQrY5Jllifu5jYEyjqPkwUXf YMfEiCJSInyMQ8CCuL1Aj8iM/7qLLi8pyC9KSA6NntK4mpHAaInYln6SZY+ZGJCY KV60nGuwwv3qQFeKchhhr+GpGDQYXJ5eBq+Ji+cKgvbypFa13NNS8A== =l02F -END PGP SIGNATURE-
Re: Dovecot 2 LDAP "unknown user"
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 2 Nov 2016, Peter Fraser wrote: #Custom Settings hosts = 192.168.153.143 dn = u...@domain.com dnpass = password auth_bind = yes auth_bind_userdn = %u...@domain.com ldap_version = 3 base = dc=rpservices,dc=com #user_filter = (&(objectclass=person)(mail=%u)) user_filter = (&(objectclass=person)(uid=%u)) pass_filter = (&(objectclass=person)(uid=%u)) user_attrs = homeDirectory=/home/vmail/%u,uid=1002,gid=1002 you wrote: root@BSD-11:/usr/local/etc/dovecot # doveadm auth test username extra fields: user=username is successful. Is user=username ^^^ that same as the username in doveadm? What about: doveadm user -u username ? When I tried to log in again using telnet 127.0.0.1 110, the error shows up in maillog. I first tried logging in with just the username, then I tried using usern...@domain.com. Using doveadm still works though. BSD-11 dovecot: auth: ldap(peter,127.0.0.1,): unknown user Nov 2 11:29:23 BSD-11 dovecot: auth: Error: ldap(user,127.0.0.1,): user not found from userdb Nov 2 11:29:23 BSD-11 dovecot: pop3: Error: Authenticated user not found from userdb, auth lookup id=226492417 (client-pid=874 client-id=1) Nov 2 11:29:23 BSD-11 dovecot: pop3-login: Internal login failure (pid=874 id=1) (internal failure, 1 successful auths): user=, method=PLAIN Nov 2 11:30:42 BSD-11 dovecot: auth: ldap(u...@domain.com): invalid credentials Nov 2 14:08:17 BSD-11 dovecot: auth: ldap(user,127.0.0.1,<4uLkKVZAvY9/AAAB>): invalid credentials Nov 2 14:09:38 BSD-11 dovecot: auth: ldap(u...@domain.com,127.0.0.1,<4uLkKVZAvY9/AAAB>): invalid credentials Nov 2 14:11:00 BSD-11 dovecot: pop3-login: Disconnected: Inactivity (auth failed, 2 attempts in 163 secs): user= On Wed, Nov 2, 2016 at 4:39 AM, Steffen Kaiser < skdove...@smail.inf.fh-brs.de> wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 1 Nov 2016, Peter Fraser wrote: root@BSD-11:/usr/local/etc/dovecot # doveadm auth test username Password: passdb: user auth succeeded extra fields: user=username root@BSD-11:/usr/local/etc/dovecot # But when I run telnet 127.0.0.1 110 and try to log in it says unknown user. Error below in maillog. BSD-11 dovecot: pop3: Error: Authenticated user not found from userdb, auth lookup id=2262958081 (client-pid=2273 client-id=1) Nov 1 15:15:41 BSD-11 dovecot: pop3-login: Internal login failure (pid=2273 id=1) (internal failure, 1 successful auths): user= passdb { args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext driver = ldap } userdb { args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext driver = ldap } #Contents of dovecot-ldap.conf.ext hosts = 192.168.153.143 dn = u...@domain.com dnpass = password auth_bind = yes auth_bind_userdn = domain\%u ldap_version = 3 base = dc=domain,dc=com pass_filter = (&(objectclass=person)(uid=%u)) user_attrs = homeDirectory=/home/vmail/%u,uid=1002,gid=1002 duplicate pass_filter to user_filter. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWBm0Onz1H7kL/d9rAQJWhQf+PRD5yd29UyL1drjlTOWD/s4qUffg8OBh inb8L3eCKDuSad8s9INUJSa6WxGEVdatL4PKjTcbL5IsPIob87W5jOduWFMtPlt0 FXxWtfc1bAjRyNLzkGe1mUT1z0EDVO22UkQSd9J3bZQ9wR+FzgeGqdcyzl+WSyzB Eaiea23ieCjhZRAZF/pl1gDjkap+tPQ8gZLdt4p1QQrY5Jllifu5jYEyjqPkwUXf YMfEiCJSInyMQ8CCuL1Aj8iM/7qLLi8pyC9KSA6NntK4mpHAaInYln6SZY+ZGJCY KV60nGuwwv3qQFeKchhhr+GpGDQYXJ5eBq+Ji+cKgvbypFa13NNS8A== =l02F -END PGP SIGNATURE- - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWBrpDnz1H7kL/d9rAQKwzggAnJz4LR0SXVWSFdSDrKYs40IEN/ko/4el D7/4q4lVBo9dntf+NeGS1JxttebiN7ng4F5pm841Z0l7acj6z8HzMCr11Voqbuy7 4WJirG2DnwmzxZRi1M86QGqXWU00jhFplSvZfWhX8uQasmp1FqV3hhUMmcTFfXTX DqtFali5ymUPV87XU2hZEtpe3jkBdjWmmHW8gVfSXVXBcRBa96+12FEOwONLVVcQ VGZRb6XxWexRcwAo4NY+NfqcM3OEGC4AZgfqBsWnZOUhijnw+ffbu4YL8aZBIGlB P78R0N0DtpRAToRJYvr00OMk27dkHU+0Ock/cFUr6H1cYXHBsfvO2A== =lz82 -END PGP SIGNATURE-
Re: Dovecot 2 LDAP "unknown user"
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 3 Nov 2016, Peter Fraser wrote: The command doveadm user -u username successfully returns the username and any information it can for the user in AD. As a matter of fact, I entered some home directory information in AD and this command returned the User's Home Directory as well. Is it a problem though that the telnet test won't work? Hmm, I don't understand the question, telnet xyz 143 1 login username password must work in order to login via IMAP. But you didn't answered the other question, see below On Thu, Nov 3, 2016 at 2:36 AM, Steffen Kaiser < skdove...@smail.inf.fh-brs.de> wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 2 Nov 2016, Peter Fraser wrote: #Custom Settings hosts = 192.168.153.143 dn = u...@domain.com dnpass = password auth_bind = yes auth_bind_userdn = %u...@domain.com ldap_version = 3 base = dc=rpservices,dc=com #user_filter = (&(objectclass=person)(mail=%u)) user_filter = (&(objectclass=person)(uid=%u)) pass_filter = (&(objectclass=person)(uid=%u)) user_attrs = homeDirectory=/home/vmail/%u,uid=1002,gid=1002 you wrote: root@BSD-11:/usr/local/etc/dovecot # doveadm auth test username extra fields: user=username is successful. Is user=username ^^^ that same as the username in doveadm? Here. You've posted mangled information only, so if the extra fields return another username, other tests are different. What about: doveadm user -u username ? When I tried to log in again using telnet 127.0.0.1 110, the error shows up in maillog. I first tried logging in with just the username, then I tried using usern...@domain.com. Using doveadm still works though. BSD-11 dovecot: auth: ldap(peter,127.0.0.1,): unknown user Nov 2 11:29:23 BSD-11 dovecot: auth: Error: ldap(user,127.0.0.1,): user not found from userdb what about here, is peter, appearing in the first line, the unmangled "user" here? Nov 2 11:29:23 BSD-11 dovecot: pop3: Error: Authenticated user not found from userdb, auth lookup id=226492417 (client-pid=874 client-id=1) Nov 2 11:29:23 BSD-11 dovecot: pop3-login: Internal login failure (pid=874 id=1) (internal failure, 1 successful auths): user=, method=PLAIN Nov 2 11:30:42 BSD-11 dovecot: auth: ldap(u...@domain.com): invalid credentials Nov 2 14:08:17 BSD-11 dovecot: auth: ldap(user,127.0.0.1,<4uLkKVZAvY9/AAAB>): invalid credentials Nov 2 14:09:38 BSD-11 dovecot: auth: ldap(u...@domain.com,127.0.0.1,<4uLkKVZAvY9/AAAB>): invalid credentials Nov 2 14:11:00 BSD-11 dovecot: pop3-login: Disconnected: Inactivity (auth failed, 2 attempts in 163 secs): user= On Wed, Nov 2, 2016 at 4:39 AM, Steffen Kaiser < skdove...@smail.inf.fh-brs.de> wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 1 Nov 2016, Peter Fraser wrote: root@BSD-11:/usr/local/etc/dovecot # doveadm auth test username Password: passdb: user auth succeeded extra fields: user=username root@BSD-11:/usr/local/etc/dovecot # But when I run telnet 127.0.0.1 110 and try to log in it says unknown user. Error below in maillog. BSD-11 dovecot: pop3: Error: Authenticated user not found from userdb, auth lookup id=2262958081 (client-pid=2273 client-id=1) Nov 1 15:15:41 BSD-11 dovecot: pop3-login: Internal login failure (pid=2273 id=1) (internal failure, 1 successful auths): user= passdb { args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext driver = ldap } userdb { args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext driver = ldap } #Contents of dovecot-ldap.conf.ext hosts = 192.168.153.143 dn = u...@domain.com dnpass = password auth_bind = yes auth_bind_userdn = domain\%u ldap_version = 3 base = dc=domain,dc=com pass_filter = (&(objectclass=person)(uid=%u)) user_attrs = homeDirectory=/home/vmail/%u,uid=1002,gid=1002 duplicate pass_filter to user_filter. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWBm0Onz1H7kL/d9rAQJWhQf+PRD5yd29UyL1drjlTOWD/s4qUffg8OBh inb8L3eCKDuSad8s9INUJSa6WxGEVdatL4PKjTcbL5IsPIob87W5jOduWFMtPlt0 FXxWtfc1bAjRyNLzkGe1mUT1z0EDVO22UkQSd9J3bZQ9wR+FzgeGqdcyzl+WSyzB Eaiea23ieCjhZRAZF/pl1gDjkap+tPQ8gZLdt4p1QQrY5Jllifu5jYEyjqPkwUXf YMfEiCJSInyMQ8CCuL1Aj8iM/7qLLi8pyC9KSA6NntK4mpHAaInYln6SZY+ZGJCY KV60nGuwwv3qQFeKchhhr+GpGDQYXJ5eBq+Ji+cKgvbypFa13NNS8A== =l02F -END PGP SIGNATURE- - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWBrpDnz1H7kL/d9rAQKwzggAnJz4LR0SXVWSFdSDrKYs40IEN/ko/4el D7/4q4lVBo9dntf+NeGS1JxttebiN7ng4F5pm841Z0l7acj6z8HzMCr11Voqbuy7 4WJirG2DnwmzxZRi1M86QGqXWU00jhFplSvZfWhX8uQasmp1FqV3hhUMmcTFfXTX DqtFali5ymUPV87XU2hZEtpe3jkBdjWmmHW8gVfSXVXBcRBa96+12FEOwONLVVcQ VGZRb6XxWexRcwAo4NY+NfqcM3OEGC4AZgfqBsWnZOUhijnw+ffbu4YL8aZBIGlB P78R0N0DtpRAToRJYvr00OMk27dkHU+0Ock/cFUr6H1cYXHBsfvO2A== =lz82 -END PGP SIGNATURE- - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version:
Re: question concerning junk folder
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 9 Nov 2016, Rajesh M wrote: using centos 6.5, qmailtoaster, dovecot, spamassassin. i found that junk folder is specified under /etc/dovecot/conf.d/15-mailboxes.conf the issue is that this folder is getting created automatically and genuine emails from both within the server and also from external domains are being routed to the Junk folder. all these emails are not scanned by spamassasin. i wish to disable to creation of Junk folder and also routing of emails to the Junk folder. the user's mail client moves the messages there, because it believe the message is SPAM. # # NOTE: Assumes "namespace inbox" has been defined in 10-mail.conf. namespace inbox { # These mailboxes are widely used and could perhaps be created automatically: mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } this setting just tells a client, "Junk" *should* be used as junk folder. mailbox Trash { special_use = \Trash } ##### rajesh - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWCRzIHz1H7kL/d9rAQLAywgApaoJlVoFHiA3rLBl9xUYl3gdIbAMWChi PXUEUzMUEqP4nA9JmtZVyBOok5zB25VbnuscqASRUDpIllHho/G8F14RXlzM6dIS FXPJmkARD4oE6/lo7UXxB86HDD9B656Pvh2NYZs1kXK6FoFkMedecZKhiChvwrJL awMIT5AfnmRcEa5i8Ynw+MTgPg4OBoWZLQs5MqXYV2kLsel43P7s9bCq92DbLP3A SoXBdMaM2zsDbgP/Ro8gv4YfXAacq9TXVMDvl8s/OSzc0A+QbuJU1IUt1aTFWPAX XeqEo+OuyF+uh1jogBkGakwSRDU6jdJWwNhhZwsGwlDkL4amoeDLtg== =Q6YX -END PGP SIGNATURE-
Dovecot & AD (was: Dovecot 2 LDAP "unknown user")
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sat, 5 Nov 2016, Peter Fraser wrote: 1. I need to make sure the user logon name in AD and the samAccountname are exactly the same, case and all. It seems postfix uses the samAccountname and Dovecot the User logon name. 2. I also noticed that if the Display name for a user in AD is blank, that user cannot log in using telnet 110. OK, this is something interesting and dovecot-ldap.conf.ext reads as follows #Custom Settings hosts = ip address ldap_version = 3 scope = subtree deref = never base = cn=users,dc=domain,dc=com dn = cn=administrator,cn=users,dc=domain,dc=com dnpass = password auth_bind = yes auth_bind_userdn = %n ldap_version = 3 scope = subtree user_attrs = home=/home/vmail/%u,=uid=vmail,=gid=vmail pass_attrs = uid=%n,userPassword=password #pass_attrs=uid=user, userpassword=password user_filter = (&(objectclass=person)(samaccountname=%n)) pass_filter = (&(objectclass=inetorgperson)(mail=%u)) Check out your 1. and pass_filter "postfix uses samAccountname" <-> pass_filter uses "mail" to identify an user. So I suggest you use: pass_filter = (&(objectclass=inetorgperson)(|(mail=%u)(samaccountname=%n)(cn=%n))) Note: add all LDAP attributes to the LDAP query, that identify exactly one user (never more than one). If cn is not unique, use something you think is appropriate. Some examples in the net use userPrincipalName, ... Also, search the net for "dovecot active directory" and you'll find that some exclude entries with certain userAccountControl strings. That way Dovecot finds the user regardless of what s/he enters as username. You could even use something like (mail=%n...@example.com) pass_attrs=samaccountname=user, userpassword=password This will return samaccountname as new username for userdb queries. user_filter = (&(objectclass=person)(samaccountname=%n)) Finally, this query must find the user's data. Because pass_attrs mangle the "user" information of Dovecot to be samaccountname, this attribute must be present. If postfix delivers to this user, too, you are done. Otherwise use a similiar approach as with pass_filter. Dovecot LDA and LMTP do not use pass_filter, but only user_filter. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWCSKXnz1H7kL/d9rAQI2Wgf+OIFn5vssn1giLEocVSpZDvirLHLe4c1m br+PBzklJ2OtM4gYjVdcSkgOmuDGOoeIOcxZQIZwmz7413oCjmA8jloUzzYhj6Q6 6CSLHlBWMqtsnQC8+bITuEWBO+ygXT4A5HdEiJANT/oq+Jq1PXq6gN4W3CVwaq+4 f0b+H+Ejk9Xf8jjnpsvhL4SeS71fc7QwmcDZ3syxutQhWgu/urkAUqu3B0R9PD2r FOxJS+q4lF4JTni4vlWrqtuUeK9Mv675vLq1Uw8c+jLdlBgD5QKKsFNy3LTokMEm qU1g7uSISl16AmZ6arIk2ZEtBMpYlFYhxct/EMbjfgeKZ75zG9g6Fw== =S+La -END PGP SIGNATURE-
exim problem with Redirect the emails from domain2 to domain1
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 7 Nov 2016, Quaquaraquà wrote: I have a VPS using these two applications. I am transitioning from a domain_old to a domain_new. I'd like to redirect all the emails from domain_old to the local mailboxes of users @ domain_new. In exim I've assumed that it is enough to add domain_old to the list of local domains: I cannot help you with exim domainlist local_domains = @ : domain_new : domain_old ... begin routers ... local_users: debug_print = "R: local_user for $local_part@$domain" driver = accept domains = +local_domains transport = dovecot_lmtp cannot_route_message = Unknown user However in Dovecot I'm checking both the username and the domain to perform the authentication: auth_username_format = %Lu passdb { driver = sql ; } password_query = SELECT username, domain, password FROM users WHERE username = '%n' AND domain = '%d' To have this system to work, I wish some special rule that rewrites the domain from domain_old to domain_new. But I'm not sure whether this needs to be done in exim or dovecot and how to add it? If exim would map domain_old to domain and your users will use domain always, that would be the easiest way. More consitent, IMHO. Otherwise (if you want to support users to login with old domains, for instance): 1) add another column with domain_old and use AND (domain = '%d' OR domain_old = '%d) domain_old would contain the old domain, domain the new one. 2) if you think you get more domains per user over the time, add another table and use JOIN or sub-SELECT. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWCSTH3z1H7kL/d9rAQJNFgf/fjfpv/v9tyU8E3QXzGeEtyb1V84t3yut 2ML1oS07soZPhs+Kbh15HqDi3a+0geLElpnMbvXV7dHqYE2az11QgFKf2krV9dVO Y/SN22Pjwn9S6T0HGpGqk+aY62FG8uN6deXZeimKnmMRXQ0b1iswtSVb1KuTml9s jMx7OPPexxiS6keKJrFU0LsSPQjqSDc7OmtuMEbWWpJL6ANYb3pYCJl9BugUHDp/ fenmJ2Ft8e8FjSpP/kXkYlgEVhs/Xw8rSz5I2XoQ+T68IICqCe+RwrazNJ8X6N3W 1bEsX9OYG4VTNasjJCLGaJ7i1ktfI5Bu1kvv1U4oeAlrd7acNpP7oA== =7dPg -END PGP SIGNATURE-
Re: save failed to open mailbox quarantine
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 14 Nov 2016, Eggert Ehmke FTV Spandau wrote: I have dovecot 2.2.13 set up with spamassassin and amavis. This works fine so far, Spam emails are forwarded to "username+quarant...@mydomain.de". The recipient_delimiter=+ is set, the Quarantine folder exists. However, Dovecot tries to deliver it to a folder quarantine, that does not exist. In the dovecot-deliver.log there are these lines: Nov 14 14:16:13 lda(usern...@mydomain.de): Info: msgid=<2707212.2aHC3KDWrN@wookie>: save failed to open mailbox quarantine: Mailbox doesn't exist: quarantine Nov 14 14:16:13 lda(usern...@mydomain.de): Info: msgid=<2707212.2aHC3KDWrN@xx>: saved mail to INBOX Indeed the message is found in the inbox. What can be done so the folder name is not converted to lower case? which MTA you are using? sendmail? By default sendmail lowercases the local part, see mailer flags "u". - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWCnIOHz1H7kL/d9rAQKlvQgArwppNSObhjo/hHr9WHkkda4QhBy5LsFk 6uneZUSWwuW97qou9pE8rANJJLk2AhofZx8WSFAmQXc8I8YNcGlbMOCeloeiSV3m ybzTb3Ldc2phhDTHTth2r2kSEj6U81u3T1upweyEFD16AD51ELuqUaFar8feg0aI kSESms6LyJXrkYQ90N2cwX4v+xiVLTbpzCJs46NMRpzTSYfl3y1YuG4I/vY6ZQ6e m9iKDijCRxczPjKMBPz70VkV/sKuRVntulNxf44caqvgW2RKVYIq1gyPAEvRwepy 3AYRj4S19cE6TyIzIWGnNiNDI5ZCc1Q8hFa6X0ns96AZtBLUPvJ88Q== =hnlt -END PGP SIGNATURE-
Re: save failed to open mailbox quarantine
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 14 Nov 2016, Eggert Ehmke FTV Spandau wrote: I use postfix. The folder name is still uppercase when forwarded to dovecot, as can be seen in /var/log/mail.log. post your config, do you use %Ln or %Lu to lower-case the username somewhere in passdb? Am Montag, 14. November 2016, 15:20:40 schrieb Steffen Kaiser: - gpg control packet On Mon, 14 Nov 2016, Eggert Ehmke FTV Spandau wrote: I have dovecot 2.2.13 set up with spamassassin and amavis. This works fine so far, Spam emails are forwarded to "username+quarant...@mydomain.de". The recipient_delimiter=+ is set, the Quarantine folder exists. However, Dovecot tries to deliver it to a folder quarantine, that does not exist. In the dovecot-deliver.log there are these lines: Nov 14 14:16:13 lda(usern...@mydomain.de): Info: msgid=<2707212.2aHC3KDWrN@wookie>: save failed to open mailbox quarantine: Mailbox doesn't exist: quarantine Nov 14 14:16:13 lda(usern...@mydomain.de): Info: msgid=<2707212.2aHC3KDWrN@xx>: saved mail to INBOX Indeed the message is found in the inbox. What can be done so the folder name is not converted to lower case? which MTA you are using? sendmail? By default sendmail lowercases the local part, see mailer flags "u". -- Steffen Kaiser - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWCnJrnz1H7kL/d9rAQLmlAf/X7xBDthPzpOLBgSt7U+NbZYvic7F3O0E +/+BGaLUnh6t3MEv9jXpjeFWzCjFEyTslroXf6rr6yaji0mjCuB5c0Pf9XbK8nLl sW8GBWPdXPaRW0kDAXlhW/JhxrQ3Ms6e0XIG6m05xvHB5UkXwu0W4kg9uul+ODxO 5mtUUrQxP9aB0fSFEpe3Abt4uzFApNxqcOd56dxGfma5RQrDfy+Sj8Gh+JwF7PGi JeMVtXp2BKJTuvym3ZEhM8UIwEp09z585wUbbyYx80k7Ma0iKZY1gzUn2mlKwp73 bGLXoVUTxsW63uDmCS0B96meSxlP/U5wLmeKcUXPclHVfBR1F5QBZQ== =5aLy -END PGP SIGNATURE-
Re: Good email client to use with Dovecot?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 17 Nov 2016, Steve Litt wrote: What email clients are all of you using to look at your IMAP email? https://de.wikipedia.org/wiki/Alpine_(E-Mail-Programm) :-) - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWC1hq3z1H7kL/d9rAQIgvAgAiPKjxwTGRzfCK/muIevIYPwybxaD0BUt ceVNEZN5NC8mu3E2hpJSG5jdNVeP8DhWQ+kV0I192GomJ/QFRs+5st9MUvlkwqz9 ahCC8hOhVnNgjPnVA/+F0cXrhARCKaHD6N5yFQkKjxcIINS5/nWFbYQMVhRTIxno 5JAIB3FU6TOb0iq7edpNbp5Uxux4yKAOcSd31jenn08HTIrqjX3caHYf4u7P/ap8 hMPlfp9+tVUL/EYxt7FEtlhk4UItPOyqDyAIhSvyhfR/mSibIkKNd8+R77LEFdtp y3sqWct20gSFUT7V9ibmjI0vTneHqE6b5Bw1Xnw5Adj1qiRIS4nZhw== =POL7 -END PGP SIGNATURE-
Re: Good email client to use with Dovecot?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 17 Nov 2016, Steve Litt wrote: On Thu, 17 Nov 2016 08:52:11 +0100 (CET) Steffen Kaiser wrote: On Thu, 17 Nov 2016, Steve Litt wrote: What email clients are all of you using to look at your IMAP email? https://de.wikipedia.org/wiki/Alpine_(E-Mail-Programm) :-) I installed Alpine and got it to work as a window to my Dovecot IMAP server, but I could only "import" one mailbox at a time, and as I actually, Alpine does not cache anything locally, hence, it does not import. You select one mailbox and work with it. Then change the mailbox using G or L. * How does one import *all* folders from the Dovecot server at once, without repeatedly typing in 192.168.100.2/ssl/user=slitt and all the rest of the process? You add a new collection via S L * Is there a way of viewing my folder hierarchy hierarchically, including collapse and expand? Not really. L gets you to the collection list, where you enter one hierarchie at a time. * How does one manually expunge an email previously marked for deletion? I know it's possible because one config item is "*only* expunge manually." Is there a way of expunging ranges of emails? (Al)Pine is merely a front-end for IMAP, see https://tools.ietf.org/html/rfc3501#section-6.4.3 eXpunge (X) key issues this command: "The EXPUNGE command permanently removes all messages that have the \Deleted flag set from the currently selected mailbox. Before returning an OK to the client, an untagged EXPUNGE response is sent for each message that is removed." Hence, all messages, that have the \Deleted flag, are expunged by X. "expunge manually" means, that Pine does not expunge a mailbox on exit automatically. In fact, instead of mark many messages as \Deleted, move them somewhere else. Instead of using the Deleted keyword (tag, flag, ...), use another, possble self-created keyword, s. https://www.washington.edu/alpine/tech-notes/config.html#keywords . Mark them, then ;k ENTER adx ; - select k - by Keyword a - Apply (next command to all selected messages) d - mark as \Deleted x - eXpunge all messages marked as deleted * How does one switch the sort order while in the folder list or the message list? You mean $ in the message list? The folder list is fixed, as far as I know; maybe the global option https://www.washington.edu/alpine/tech-notes/config.html#folder-sort-rule effects this view. I usully use G to changes folders / mailboxes. * And most important, where can I find the best, most unambiguous Alpine documentation, that doesn't assume I know anything about Alpine? Hmm, http://roqet.org/pine.html Getting started with config http://www.ii.com/internet/messaging/pine/ All About PINE ;-) https://www.washington.edu/alpine/ https://www.washington.edu/pine/ - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWC7Nsnz1H7kL/d9rAQISwQf8D4JQ3zxD4RTTzjejcfEhpLqQnGIlVLjr GgXFDirv3t33BaUyCNzxzAjieEIuJxL6Kt71NclkQEhBzdt5I5xGNN1fVhp2QDFy 6QA6bPy1w1gyMi54pLlyIP0+NQi8j9cpfOubXYD3LNoFS7NB2E2kRd+4wzCJxOFc 7oMn2nACLzjQSIVawlP2PuVLif1A2a2b/eoVm0ywNy3NoSMcHnsavfwtkIxZFy5T KPFlerGc3Ha2CzvhW7o64ozNJTOBnmGMQ5+bGkmb+6sukfQYivUUfzZssTuzNksE A+h1BvcTnMGbsxF270s+PoKfvyqmyvxykN8kimEJ2cimTegd7FQbJw== =ijod -END PGP SIGNATURE-
Re: Good email client to use with Dovecot?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 18 Nov 2016, Tanstaafl wrote: On 11/17/2016 10:58 AM, Steve Litt wrote: I have over 620K emails in over 1000 folders. This turns Thunderbird into an all day affair, just to refresh its caches. There are lots of knobs you can tweak to improve the situation, but the bottom line is - 1,000 folders (really?!?), 650,000 emails - well... this is going to be a problem for almost any client. That is actually the area, in which a non-caching client (pine, mutt) is playing well, if there is a stable connection to the server. Some time ago, I read an article about the following setup: 1) external mail server - no matter which 2) local Dovecot and MTA - actually on some notebook or behind some slow link 3) a cron job that performs a two-way sync with the external server, if the link available 4) the user works locally only - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWC8DU3z1H7kL/d9rAQINRAf+KTL+BwPS+3oMXnCaY0rWFLfU3Qq/r16h vZZajqmbfirmBtklWLsDKV3aLA+DdMoFPXTzYf69PUdc4zslgv3BO7whPGRy0AY7 lao5MPWGUWkyltT62nuQqy4rMoP/FAk/pogiLWh2xapgR1wCQcD7XncxkdAb+IQY OqP13nfLXuyD6DUYwq/NpGViOC/HqHEUHW0WXdXaLhJpMjHqyKc6pn6HpyZyI6ya gSEIPsrAKK/HppcSXBOzYVkJKwc1zZvWG+sRRB5IxetlSzfaWr7XguhAos7HF2Aa N3cKsStXIBSjPMFNWmgl2bnkwKbOVjO/4lacmP7ehY4K3bJXuuMOHQ== =PufZ -END PGP SIGNATURE-
Re: LDAP auth problems "unknown user"
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sun, 20 Nov 2016, Nikolai Lusan wrote: # grep -v '^ *\(#.*\)\?$' /etc/dovecot/ldap/maliuta.org-ldap.conf.ext uris = ldap://localhost dn = cn=admin,dc=maliuta,dc=org dnpass = tls = yes tls_ca_cert_dir = /etc/ssl/certs auth_bind = no ldap_version = 3 base = ou=mail,dc=mailuta,dc=org scope = subtree default_pass_scheme = SSHA deref = never user_attrs = postfixDeliveryAddress=user user_filter = (&(postfixDeliveryEnabled=TRUE)(objectClass=postfixMailPerson)) pass_attrs = postfixDeliveryAddress=user,userPassword=password pass_filter = (&(postfixDeliveryEnabled=TRUE)(objectClass=postfixMailPerson)(postfixD eliveryAddress=%u)) Your userdb and passdb filter differ, user_filter is missing the (a / some) %u part iterate_attrs = uid=user iterate_filter = (objectClass=postfixMailPerson) # ldapsearch -H ldap://localhost:389 -x -D 'cn=admin,dc=maliuta,dc=org' -W -b "ou=mail,dc=maliuta,dc=org" -s sub -LLL -ZZ '(&(postfixDeliveryEnabled=TRUE)(objectClass=postfixMailPerson)(postfixDeliveryAddress=niko...@test.maliuta.org))' uid userPassword Enter LDAP Password: dn: mail=niko...@test.maliuta.org,ou=mail,dc=maliuta,dc=org uid: nikolai userPassword:: e1NTSEF9QVBZMTlaeGw1cWd0a25XeGxURXdqM2g5Yk5YL3BxOGY= ## From /var/log/mail.log Nov 20 07:24:20 kiliya dovecot: auth: Debug: auth client connected (pid=27086) Nov 20 07:24:20 kiliya dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=imap#011secured#011session=1kW2C65BFI2WZbl8#011lip=#011rip=#011lport=143#011rport=36116#011local_name=#011resp=AG5pa29sYWlAdGVzdC5tYWxpdXRhLm9yZwBmb29iYXIzMzQ0 (previous base64 data may contain sensitive data) Nov 20 07:24:20 kiliya dovecot: auth: Debug: ldap(niko...@test.maliuta.org,,<1kW2C65BFI2WZbl8>): cache miss Nov 20 07:24:20 kiliya dovecot: auth: Debug: ldap(niko...@test.maliuta.org,): pass search: base=ou=mail,dc=mailuta,dc=org scope=subtree filter=(&(postfixDeliveryEnabled=TRUE)(objectClass=postfixMailPerson)(postfixDeliveryAddress=niko...@test.maliuta.org)) fields=postfixDeliveryAddress,userPassword Nov 20 07:24:20 kiliya dovecot: auth: ldap(niko...@test.maliuta.org,,<1kW2C65BFI2WZbl8>): unknown user (given password: ) Nov 20 07:24:22 kiliya dovecot: auth: Debug: client passdb out: FAIL#0111#011user=niko...@test.maliuta.org - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWDROvHz1H7kL/d9rAQIujAgAumoghZV5Wo7ONK/Uncoa6iVB30NP0D5m SdU/a++El5bLeiyKcdKoLkIqD74ZcFGjwImhRtd2Y8jroaGA15lK8HRRgJCERBKf Nr/ZQ5B4Nhbig8ETwYYrJi2KOGkKMGQyXaSHxxlXmVKNFBrWmxo8SRqa0V39KYUB pH9hVSNheHCkqpV6iS6JXnOmjXvguVtyB8ezA1zdrVfytMLL04oRKmK3Zn5s5JrO M3mfArDdVitTad5r7stf9QOBR6xMG6rNBs+2WaEuJZV7/Dlln6fcd5IbhO/X0poN pJIJ42VLirIMqAMLCRA7OWDjQcxbBFEAPAbaDh3O/pPRL/IXPJxjyw== =AxPt -END PGP SIGNATURE-
Re: Active sieve script symbolic link doesn't update when changed.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 23 Nov 2016, Steven Mainor wrote: Any help would be greatly appreciated. ~# grep sieve /var/log/syslog | nano temp.save Nov 23 01:32:09 1 dovecot: lda(st...@degga.net): Warning: sieve: file storage: Active Sieve script symlink /var/mail/vmail/degga.net/steve/.dovecot.sieve is broken: Invalid scriptname (points to myfilter.svbin). ^^^ no mail here vmail@1:/var/mail/vmail/degga.net/steve/mail$ ls -l -a ^^^ mail here #redacted irrelevant stuff lrwxrwxrwx 1 vmail vmail 14 Nov 23 02:43 .dovecot.sieve -> myfilter.sieve I guess, you changed the symlink at the wrong place. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWDVTJ3z1H7kL/d9rAQJumwgAro6oLt0nS3MXpWqxsM3pLX2o3xXlTbxv jqq4il/y7+m1xm2SiHOKeDvYFMyhhl7G4rLoB3KcVsixidGcsVQtsiI7HiouD0bf Ds4AFiLyYLPv09bBYOJJ/HGvwt11MCgiC9hS3wrWtMsNEu3LGFoq2+n0kHLIG2Ey TcqzSpW19ohxUK0pMxVnPn1MAABJRxWsfmhrzNkUSuIaSfDggrMylkIxYgXB0ahX UlL6JzJjegpH6s3MxJEnhwpovQF3gRwcz1beFCKiukn+0DW/O5Ho4rx8X2XcybFo vAhmptTCq5ag12Q+mj7mfT6NugWM/ICWHG0MI3gZZ7IzKzGg8/8cSg== =nfU8 -END PGP SIGNATURE-
Re: Updated my Dovecot certificate for the first time
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 23 Nov 2016, Steve Litt wrote: On Wed, 23 Nov 2016 16:04:22 -0600 (CST) Greg Rivers wrote: $ strings $(whence alpine) | grep '^/.*certs$' /etc/ssl/certs The directory or the certs isn't the problem. Alpine sees the self-signed cert I just made, but complains because it's self-signed, and gives me the choice between saying "yes" every time, and just not checking for certs at all. "sees the self-signed cert"? Did you've added it as trusted to the CA as Greg said and wrote what to do? - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWDaOQ3z1H7kL/d9rAQLRMQgAtKeIMWG+aLn+y9D3EQMUfd21P7oS2xCS 6JuEUo9DfA4DqaoR8f29JiNk9Hjv0LArda3rGCGHKA+XhXrsZLe4FviXJ8ZPxPFp wiA8PnfaXiHi4ctQqz9SjpDr3DpbVlZ/XY563lkQoTlXYrR4ZL9y9wXDqeJKSTth nKwv0ORCi89lVUrRLCZycjZaCJZ9DvuiBftxBl5IUJY8S9/elSgbClcZroF0ej4c ReHp6uiBJzIrtDc3Vm3IfYoUl9C+IpLjhX3C7yQgac28eZ2TbY2tpxycGDOoTTdl saL/qS9MEND6XgKq9pffPcPlTiVWjrwzpHDA2nMbQvloJQ50+gALvA== =uLed -END PGP SIGNATURE-
Re: Updated my Dovecot certificate for the first time
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 24 Nov 2016, Steve Litt wrote: On Thu, 24 Nov 2016 07:52:51 +0100 (CET) Steffen Kaiser wrote: On Wed, 23 Nov 2016, Steve Litt wrote: On Wed, 23 Nov 2016 16:04:22 -0600 (CST) Greg Rivers wrote: $ strings $(whence alpine) | grep '^/.*certs$' /etc/ssl/certs The directory or the certs isn't the problem. Alpine sees the self-signed cert I just made, but complains because it's self-signed, and gives me the choice between saying "yes" every time, and just not checking for certs at all. "sees the self-signed cert"? Did you've added it as trusted to the CA as Greg said and wrote what to do? No. I don't want to deal with a third party "Trusted Party": I want it self-signed. What I was looking for was a way Alpine could be set to check for a cert, warn if the cert is conflicting, but not warn if it's self-signed. Er, question: what is a self-signed cert? A cert signed with a CA that is itself. How can a client trust a cert? Because beginning with the cert presented by the server, the client walks up the cert chain, until it reaches either a missing cert or a trusted cert. In latter case, trust is given -> no warning. In first case, no trust -> warning. So, because there is just one certificate involved with self-signed certs, you have to follow Greg's advice and make it trusted on your system. Maybe, Frank-Ulrich's suggestion is even better. Roll your own CA. Mark the CA cert as trusted on your system and sign as many certs with it, as you wish. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWDfntHz1H7kL/d9rAQJjDAgAj4xJEFD+j9o+UMn+gKOFR/6fqYn/L3kz YwueoBi0+WSZR1rv3V1sZhCsfQDcU7zcrYIwt7ZhxOj9RE0g+20jo0qTPYHrX8ym m0cfv87az/UjZuK2HeKJL6u8ywoGQUQL0TxTiXOCdiQfKQwdPtIYJmtOSmNvyNce NlWNAZEgn1bJRJCbASWDIPypSnBNrAiMssjheEPV8XV7AZYR/ShjnqXCKoxohjY3 DCPwDqe53t3znwoqtAsocecqXVk6oentDiUbrcu9y9zBAeqBR/ScSR+p3+N45l16 NFIkeySHEIqmUiv+iagt6dy+XdFg/Wk6HHzvO3YC4c2S3RSrrUPm7g== =kva+ -END PGP SIGNATURE-
Re: Dovecot seems to open extra namespaces
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 29 Nov 2016, Thorsten Hater wrote: I am slightly confused by the following log entries ...: imap(...): Debug: Namespace inbox: type=private, prefix=INBOX., sep=., ^ inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:~/Maildir ...: imap(...): Debug: maildir++: root=~/Maildir, index=, indexpvt=, control=, inbox=~/Maildir, alt= ...: imap(...): Debug: Namespace : type=private, prefix=, sep=, inbox=no, ^^^ hidden=yes, list=no, subscriptions=no location=fail::LAYOUT=none ...: imap(...): Debug: none: root=, index=, indexpvt=, control=, inbox=, alt= It seems that Dovecot opens two different namespaces, despite only one being configured in 10-mail.conf/15-mailboxes.conf. Is this normal and intended? Check out doveconf -a, you will see two namespace definitions, one namespace inbox { and the 2nd one namespace { Name equally. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWD1D5Xz1H7kL/d9rAQLG5wgAkk+ShnTH2VZGUIamQsEr0+SNQrXZjyNS BQKO2W1WTeEwyRT9GTPH7DCFJu7URf3PN4uIZEYtc3m2X3yG4snFtnQ/MM/rH5Hd e2IX/r4sJrm3F0EFuPT6sjrGE9rcr3tmEWUzAqh22yqkaWEQfUZImAP3sefkZxAM rSN2kPOA5v+ydn+xKO8OxHRKXygyQnR7TDaf9kCEbdkdzS7kGv/vKUKKuuN+krey dWS0VDkYV6ho6kKMr+xv60HqkBwWXGMoHRKSndYncfd21e2Fem0LReOIw5BA3a4v zmAj7n+J2mqVC4cvzVk+B4DBjPWB4fCQw4Hiju1roClrlO34v2O0AQ== =C1YS -END PGP SIGNATURE-
Re: Sieve script won't compile. Compiler output isn't helpful.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 30 Nov 2016, Stephan Bosch wrote: Op 30-11-2016 om 11:04 schreef Steven Mainor: The main problem is that Sieve quoted strings are allowed to contain newlines, which means that a string doesn't necessarily end before the end of the line. perl does display a comment in this case: (Might be a runaway multi-line "" string starting on line 2) I find this info very helpful. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWD7OD3z1H7kL/d9rAQL8cgf+MfppUhPQrN+gPaNGfK/PZnqp0wv2G2ax B9Ik5IkmjPuiQJkrdYOCEPRsibXKlEcG9Hzm99u0lYJMupMduFH7UoXE8Ve48Scz YuFixqEccfkIsfy2HIIbtcE4IuhDFcvf6g6DaGPNSkJlDHqXqwLlyOHbznz9J1f7 HQBAbZRINJoX4GmfeiHPU3bg2GEBpzPTD6RWGio7lsNmQgH74QIQKJXC/y4EyB9P XqQLjKt0b92n3QYsIKvM62CLZ2LqU3zwbWw/H7g/PY74xddTOXThldJVWHBw1RcL RWDgdV2x8FEKO1nsOh8wyHfVTzltYIIMbk5pA+FZzQC6hCjSod2Ylw== =za9p -END PGP SIGNATURE-
Re: LMTP delivery honours .forward by default?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 2 Dec 2016, MRob wrote: I was under the impression that Dovecot does not look at .forward by default, since of course, Sieve is where that kind of logic should go. However, I'm seeing a .forward file being honoured by the LMTP delivery agent. Is this to be expected? What version of Dovecot are you using? In my installation the MTA handles .forward. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWEUUw3z1H7kL/d9rAQI18Af+PErZBLD76iIaPitbT2dimCgkTAc1jnxT jYsi85LF2QILdWGvqE3KETzSD8U8zx0Nf0krqU7Lj7WgaVnxdMWR2+kt+HsMdsz8 Px8pywSYQWYOwO/I3ELSouZlBuJgMEga/itT9zklLi/NOXQr0qQ9BACAjbk3HdpU 7Mwdx986sBctD6+R+nOaMCj1gB+FHTVmsdktveG9kViyXTGbHJbRFKmZg25T8bir j1c/V4KzsRIjF0pC9Jcxj66rPLdMWKpQqu9jc7MSSC2bdVxnjerRgMdH4xIj/tqV LUjtDqV35/q48kWj814eQ8Hz4exXQ0js55wUPA4dRegwMyVFx73HpQ== =blfZ -END PGP SIGNATURE-
Re: doveadm edit headers?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sun, 4 Dec 2016, MRob wrote: Hello, is there a way to edit a message header using doveadm? I guess not. I see how I can fetch the things I need, but even if I can't edit in place; if I extract the full message, edit it, there doesn't seem to be a way to append it back again? check out doveadm import http://wiki2.dovecot.org/Tools/Doveadm/Import it should be easy to fake a maildir or mbox structure. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWEUYnHz1H7kL/d9rAQIefgf/aO5IqfQsI7Xu4Xy6/wzxrMw8aAkDyf3j RNa58av4udtZtNufSA9Im95lt3cTK6cAeRn0ccBTYNwaWKA4L45WDJkrgtfbRjYu ZRlJJ1Z3FvbFtn/89ywgndU3qYo/5lwxPL1IssjX2LrHmg+zPUYR5dwlahWyfp92 UQpHL3z4z714mEc2Qdd9rZS+axSEJIAbYG3Yz1XODxLotnMC2umT9ulKLzxoNcQr 5Ini/XcYH/zlR9/DMAsRxESR77Rj5/5k/ecxO+oY9s1UfZmlrv7UUItIJ2hwv+z6 Ncw+j0KoyDQmhLzxuw1XR5+m3i4F8eRXLJitvDiDR2nwn/BBz1QmkA== =mDfu -END PGP SIGNATURE-
Re: Virtual mailboxes, please help
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sat, 3 Dec 2016, Peter Hodur wrote: I'm trying to setup virtual mailboxes. My setup: - migrated from Courier, so: separator = . prefix = INBOX. inbox = yes In doc i have read, thant i need to create separate namespace. namespace { prefix = virtual/ separator = / location = virtual:~/Maildir/virtual So i need to change / with . (Dot) in prefix and separator? Do i need to append LAYOUT=maildir++ to location? Where must location point? To the same directory where mail_location? Or do i need to create separate hierarchy for virtual mailboxes? Do you mix virtual users with virtual mailboxes? A virtual mailbox displays messages according some search / selection expressions, hence, there is no layout. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWEUZ13z1H7kL/d9rAQKO3wf/VaPNWwPu2cnzTboV6Mj+JFmjDZ9Q4Vqp IgNbLU9XHfb5mEVxoRm9yOJbPdnQqE1o3rh7NRPkP/89uzXQRYzzMIYXV/ozTHo7 DA0KdLm15fri1B+w4DTxa1aX51O/AwNOW8hMgPn0qQC/zsyPVnnmuPh4gn7TTXgH YScYWDftPVoX7MPuKXfo4IYFl6K1PeYy1pi7evFGvhfBVw0HWI+msCvrFSb6c8QE qQ1D91n5u4dO1QK3aZO9JdfEpY1rXMUx79Tx7zxzlKRPo7g2BDRdkfepRj1ke3VN q1/nOLI5jAVQVGAQgVTrCMA8/D5EsX7/ZVd/yieu94Ywznp1xfpo0w== =qOpD -END PGP SIGNATURE-
Re: doveadm edit headers?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 5 Dec 2016, Aki Tuomi wrote: On 05.12.2016 09:34, Steffen Kaiser wrote: On Sun, 4 Dec 2016, MRob wrote: Hello, is there a way to edit a message header using doveadm? I guess not. I see how I can fetch the things I need, but even if I can't edit in place; if I extract the full message, edit it, there doesn't seem to be a way to append it back again? check out doveadm import http://wiki2.dovecot.org/Tools/Doveadm/Import it should be easy to fake a maildir or mbox structure. 4. Use doveadm save to save the message Oh, "save" is not documented on: http://wiki2.dovecot.org/Tools/Doveadm There seems to be no man page either. :-) - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWEUapnz1H7kL/d9rAQJHKAf9HzgdzqZlNKso7kSxInIMBV/ccS2V07ni XnlKVWVueNjY43DQbOPod3MUXmWu8RZOa5IMFlOCrh42MxjZGLJRkPa7SAxdCVDk RocTifagUNWpvK+j6Hqs3z8tXPikBQ61wS5rFUEAGjFBbk8Ei0YuSV/PyOcrWe04 qy2QDXvOAUwJbfVJfFHv1Zq6MrQy04Qmpqar56nCA/hHo5pIP9LwkHmJEQHYcrio YpVtiwS+6BB6UZXMloluJh6gL4ycWDi92CLoQU8VrS18+rpnu4Vm837QUqzgllPl E+XEauYYHQzQ9AqPQUBreSyuVds4yeouzXl9bryVs4NuG4Fh0BfSAA== =6eXV -END PGP SIGNATURE-
Re: LMTP delivery honours .forward by default?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 5 Dec 2016, MRob wrote: On 2016-12-05 16:37, MRob wrote: On 2016-12-05 05:53, MRob wrote: On 2016-12-04 23:18, Steffen Kaiser wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 2 Dec 2016, MRob wrote: I was under the impression that Dovecot does not look at .forward by default, since of course, Sieve is where that kind of logic should go. However, I'm seeing a .forward file being honoured by the LMTP delivery agent. Is this to be expected? What version of Dovecot are you using? 2.2.22 In my installation the MTA handles .forward. Using with postfix connected to dovecot's LMTP for delivery. So what you are saying is that postfix first looks at the .forward in the user's home before handing off to dovecot LMTP? Why would it do such a thing? The why: ".forward" is a way to let an user specify a forward address, IMHO, it origins from the times, when sendmail delivered the messages to mailboxes in the user's home and when users could manage the mail flow from their home directory as well. Maybe just to redirect local deliveries to somewhere else. Never mind. Turns out this IS postfix after all. fine you found it. :) - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWEZn1Xz1H7kL/d9rAQL9tQgAgBOgK7oM8Ay2f0DdNpKrgRr3CLELRHva hTuiYHWWXB44uK4+04tMUP1TuiJUFknO6r7MiNHVNR6CFDEUrlrQAjzaCSOk9nkP EWX14gyMthxe8JsLkpFFK8ORvdsbMsrfMYIl7fHGFPD/cVlmZd18Hx6ZjXHU1SXD 5dsI2YVX8kE8A+W3VkIpiee9/B+FKgYrxL+Yq0E2OxEMcPxappkNxDD1MHw/Mb7I v17eB0yXlePH7Ka7d09iYVpgYMZgSu7of0wNKgXeDHQCrIbmD/TYkEl3E9DiI6g8 b386j02f7ay9kWVA8ObM+dTGAKsFMyHcFYbWSswaVNw6wmwqj+UdMQ== =JSVy -END PGP SIGNATURE-
Re: Dovecot: Mails flagged as read get flagged as unread
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 6 Dec 2016, plataleas wrote: We experience some unexpected behavior with dovecot. It happens that emails marked as read get marked as unread (MUA is Thunderbird on port 143). Unfortunately this happens randomly, reproducing this issue is difficult. We could not find any pattern, it happens rarely. does your user(s) access these mailboxes from two or more clients simultaneously - either from the same account or as shared mailboxes? - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWEaBc3z1H7kL/d9rAQI71gf/Y0U/GNaxJO2nEQFfTjXMzb68NfH4x7Nn lMFhb+HJjqLIb8VfBFbEEMx2fTcxH0Aq4QxdapnCpT8GSJWx6Eu2/XycnothrXpV y96UUMcCP4CGS5w6ezdJyFQxmapp6XNCZ3FU+tm5J54Vpe2dX5q60+xAY+yPog3E obf1/VXjfLy++ubUcv0LGhgkBbmYlsAR4v5Ht2Er8ArfyIOzNhbbmneDAemL+nIE IdzXmeLuEEY0xTrp5K6jFWe4Q+h6Zt+Q/R+5PXSj67s0e6wPeO/0/bPXdnDJHITJ DqT1vrMZpCXD5fInNVU85mjhjrY/1iu1AbbJCjRuMkHCfJz2YwCi4Q== =YcKj -END PGP SIGNATURE-
Re: mailboxes and capitalisation
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 13 Dec 2016, Tanstaafl wrote: On 12/13/2016 4:48 AM, Thorsten Hater wrote: I have set up a series of special-use mailboxes in the default namespace differing by capitalisation of the names, mainly to capture multiple mailboxes with autoexpunge namespace inbox { ... mailbox Trash { auto= no autoexpunge = 30d special_use = \Trash } mailbox trash { auto= no autoexpunge = 30d special_use = \Trash } Ugh... why create such a huge pain point for yourself? I would never allow case sensitivity for usernames, or mail storage. Makes no sense. it starts with missing standards and device- or application-specific ways to do the same thing. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWFAQwHz1H7kL/d9rAQJkxwf/ea5WVv13qiPWhEUvNSKwIAXbgUDRbxru YJRYvqc9MpNDi+WibI0/2KojbjH2dxMk2xTRGfDodfkDd41Eue0npKaTR1/D49YZ CNT34yQMHGVpGyRQbRSsLncoMTrtGx9S8xYS/JwTWXgZ6B7FFYe00ypXVp8T6mxu O+/yre/DUfkTZW/0pqMj2i0kbL2NAeb6A1dSOxMuOCS2U4T5ZYNB6MuA6kIZsZ+S ZDvRx0uNJSRpS9hjdNdRFJ/ODyAdAE97LNqJTGUwSVlXHnTo3b4ibuLWHO9F4xs0 Cy/kRmpvxnyStcBaQqkARGefSRpp/hHI0E7X8AylDJpY4Ib38g5tmg== =ZiGg -END PGP SIGNATURE-
Re: LDAP cache clear ??
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 13 Dec 2016, Günther J. Niederwimmer wrote: Can any tell me a way to clear the passwords in dovecot when I have to change a password in LDAP? auth_cache_ttl: is not working what do you mean with "is not working", does the passwords time out never? Manually you can use: doveadm auth cache flush http://wiki2.dovecot.org/Tools/Doveadm/Auth - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWFDkZ3z1H7kL/d9rAQIWDwgArKPAMsQORchT9Rb2+RM1Ae3Rc7/Ad+un KgfSf6eRG3JZ1VHISWddOUmw1u4ohlLakhZJDh8HKEiZifB6je2G1CThzXSR49ju e5E6HJkjBBmg3SSL2fhdxPhlfnWGsbFyQHp7o2rHiWKULEre5+LpdfK54BKJk6O5 QEaIYr8AO+EiauMMQS40BUo3uI5ZDbFJ9D3EtR/vgcIsYUnIDuz1Nb1COhrlE0iQ BxMMdJLhyqzA4Pd96hLMWjrEfA3L4Tf2Zd/B6U1JBr2eckqQAx+GBS9U7s783/Je y2GF+JxkdkoMfzA95aVGJM+qC8QV0lQfqqi1AOs4WfPcANtXOO7IOQ== =ZS2d -END PGP SIGNATURE-
Re: Maildir: do message files need to have a unique name across all directories?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 15 Dec 2016, Gerben Wierda wrote: While testing a new mail server I created a temporary account and filled its mailbox (Milder, dovecot) with the contents of another account. That means the actual message files in each account have identical names. Is that a problem? (I’m asking because I see some weird behaviour of visible/invisible messages and I wonder if this could have been the reason). I have no problems using the same filenames in different Maildir directories (not in new and cur of the same Maildir). - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWFKgeXz1H7kL/d9rAQLxtQgApZ294wK4y+8Tc5f40AAy53UFxVEaZLLZ wnFxwpWUhPLh02Y7cNxND8jTcNLBTC4hnuzRVkqpJNFbEUwWYkcc7zdmOm3Kra3z yguiZ0p7phFsBMG85aAfQLyPeLBSGzDJsdDe+wojUdCBmbvMTdF5KICbVcEM8LyT M1V+Ecm6nhdgmCkGzFe1yrWzXWbfwTMPaK4DPOJi0FWLZ0YWYhppZ5XFI+pOaPnE d60Lbry+/B9FSgfbkgnQ7s92FdjpkRR9oAANLZVzx3J+X5aXSap5TMn/Rx/1zNKj MVoa3Xy3gNdsXQlwe2VeP8hik+DbXdvsSNHXMSODHbI9XGhgrbaWWw== =bslK -END PGP SIGNATURE-
Re: Upgrade from version 1 to 2
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sat, 17 Dec 2016, Peter Fraser wrote: I am upgrading from dovecot-1.2.17 to dovecot2-2.2.27_4. I configured version 2 from scratch. I have email in the maildir format. Would it be ok in theory if I simply copy over the email files from the version 1 server to the version 2 server or are there any hidden dangers here? Any problems with indexing? I upgrades from Dovecot v1 to v2.0 with Maildir without any problem. The indexes got upgraded onb the fly on the first use if the mailbox. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWFfi23z1H7kL/d9rAQLLDgf+J/hcIzVA4EsCKcW8KXo6jkylZREEb3EP Elq6Fl/Z+KPgB8Fk9pnlJY1c9gy9pRlr25c+MKn8Hu1ABPyI9j8eEKvYGrqoz0dn G0MOkypOVnGRgiMY2MKUmGUa/jsnL9WMBybQkl5DEFm1mbovIF4O/02PSiILXDgq FoZbL/J+XLSd2PmzlehLhP0G1npf90dEW7RTU6t6mHREa6FvZmmzkCf8rEwJ7ryJ Dr4FRXiBW4AK2TjYeiuJ5Ihk8rrUT8tjdGxRKH1eQ8GirE9mA5jsJ/apwQgDWJrr 0zh3U/wMCfCcjo1kNHIa0lvf3gCkPfbE4eLfzOuTpDATEBsirnybOQ== =ohAY -END PGP SIGNATURE-
Re: dovecot-pigeonhole running external script ends with signal 11
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 4 Jan 2017, Tobi wrote: [New process 20844] Program received signal SIGSEGV, Segmentation fault. [Switching to process 20844] 0x77203694 in _IO_vfprintf_internal (s=s@entry=0x7fffd710, format=, format@entry=0x55764938 "chroot(%s) failed: Bad address", ap=ap@entry=0x7fffd970) at vfprintf.c:1635 1635 process_string_arg (((struct printf_spec *) NULL)); Does your script tries to chroot? Do you have LMTP or Dovecot configured to chroot? As Stephan asked, can you determine with process is spawned here? The format string "chroot(%s) failed: Bad address" may stem from a Dovecot library. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWG9Nxnz1H7kL/d9rAQJIrgf/Y6NvtcCa0HkOHogOJwC42a5NSpA5nqlP sdANI8onYt/JReJA9PzeIKXgCps92xj0d85LNAIVcS4HjKcnBJZLSuWCVg8ppyjy NQbW499DsPtW/sw4bjs4P/yUR5eLw8ERV5EOABwemTBQz03EuBVa4bm6vkses+sN X+C9WJ54bBtjH6fPljpTagwfijNgAnPbkr/EuthMOKzx5IS02Nr3ec0hgDdFGHPu 4slRViTuYSr1dx0MmsqdiEE6wDdZLagLuc6kpVWa5M04L7wrQIri4b6AECf5sFOZ YQaosywbBTZKGYMXGHwX09A3wa8Uei1WgXkRNh6NyVbdy+Ubp5Dahw== =ntGy -END PGP SIGNATURE-
Re: Prohibit dots in folder names
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 11 Jan 2017, Aki Tuomi wrote: On 10.01.2017 17:38, Marek Grondecki wrote: Hello Dovecot Community, I am using Dovecot 2.2.13-12~deb8u1 (Debian Jessie). separator = / listescape plugin is NOT active LAYOUT=fs is NOT active I would like to prohibit a creation of folders with dot "." in the names - so creation of a folder "foo.bar" should NOT be possible. Currently, when I create "foo.bar" in Outlook 2013 it will be created but won't be synchronised with the mail server - Outlook shows it as "foo.bar (Only this computer)". Ideally the user should receive an error message informing that "the folder foo.bar could not be created." Thank you for your help. Regards, Marek Grondecki Are you sure the folder is actually created in dovecot instance? Can you run doveadm mailbox status -u username foo.bar? Yes, they are. If you issue * create t.t.t.t.t.t.t the complete set of t's is created. (I'm using Maildir as backend.) This case is what the listescape plugin is to help. I don't use it myself, however. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWHX8fnz1H7kL/d9rAQKLTgf/aDCLrP/BjVAASw/Vd/lBXmrZ41SdDbb8 tJCHcOT1EqGCEV5T7vKBilSHc1w0pX4Mtvx48GQc0mCRbmDsNq2ZplSZRmyCsHQh V4Mkk/orj8ekRzv7DJ8MaUC5A5wyVSsTFAwPKus2l7HjgsufEumUESyBaRfbPVIE 6zI5ANw91EI+eJvxnbk8tkpGEVwjZlA4AVwPOMTC8zT4lJSWiZR3oG48TnHZ469j 4CjEw6BoFw1N+QcD5ByuS0ZhZUA3RLKDqs1kU+5D1d8wSDi2z5RtZ0NH+1g+0aR4 gq8p9tzOxfXNCjt4EU0uXE+AUpLmvQJ1OgEDrmZRKncvZ77IYek/tg== =kJA6 -END PGP SIGNATURE-
Re: Ban dots in folder names
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 11 Jan 2017, Marek Grondecki wrote: separator = / listescape plugin is NOT active LAYOUT=fs is NOT active I would like to prohibit/ban the creation of folders with dot "." in the names - so creation of a folder "foo.bar" should NOT be possible. Currently, when I create "foo.bar" in Outlook 2013 it will be created but won't be synchronised with the mail server - Outlook shows it as "foo.bar (Only this computer)". Ideally the user should receive an error message informing that "the folder foo.bar could not be created." Ah, your situation is different then mine, I use separator = ., then you get subfolders in this case. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWHYAr3z1H7kL/d9rAQJdWQf/b+FKYeHba5333L/ihrIFHIvu1ua9eqwT P3MM2U1+6PgaCaXqkzglEpO1F1q5qyQZf3zq0BN9OJGZ6kZYpmoqgwAgivB9Kl2V 2gOPnwgZw3DrEjT1B1isgoEAjwsdcoUXER4ookF7UruAOdvLxeJzjIT5voUPMH2M MQSn0W3IPds7/v3uNfzzgmmYKzykVCJeMWL4C5niIGcfWJX/Zq9uda+TyFItqpr8 8lq4ZrZjjqqcNu73fZ/CY8s37SejLDc0/lRDUs7WdBoJF9sacMttTgPMzVoKh2uG mGg/+VjwKWn2WEVgrnPwJE8DlU5IqdDNU3AfBe6/B6PN0i9KiDtBQA== =P7UT -END PGP SIGNATURE-
Re: Sieve removeflag Action
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 13 Jan 2017, Thomas Leuxner wrote: I recently noticed that some of my automatically processed mails do no longer show flags with current Dovecot builds. This used to work before, not sure what broke it or whether I used it in the wrong way. When the removeflag line is dropped *both* messages get flagged in the client, one in INBOX and one in Trash. With removeflag in place, *both* messages are unflagged, the one in INBOX and the one in Trash. This used to work differently before if memory doesn't fail me. #Test if address :is "From" "u...@example.com" { addflag "\\Flagged $MailFlagBit1"; keep; removeflag "\\Flagged $MailFlagBit1"; fileinto "Trash"; } from point of "logic" I would turn around both actions: removeflag "\\Flagged $MailFlagBit1"; fileinto "Trash"; addflag "\\Flagged $MailFlagBit1"; keep; Because keep is an action at the end of script processing, so the removeflag superceeds the "add". Or use fileinto "INBOX"; - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWHiimXz1H7kL/d9rAQJJWggAnF/VfdP4LYIuH4eSG7Pzvu0iwYA4WHQ2 2aJzFzVmtnCNgidJ/SvN6CJ5VLF0K+SjbDT7/VmSV9tOaMjTh1cWqGe5jbJMhgBu emeHd6sy/XrVYqIhHeLadQGmR4pzT9SQo4Z/6rI5oDzhEhyZC8kXuxOqbtOtUOmr XyHorah814gxKDHzoTbbTZXeTRa7sCjy0gon60qBWEPEuom2mzyCGIPznLAmme7q YTfZWEfgfhuN4K6ENn0AJl/BAvpYQW2jUUH+My0ZykwDzqPPkOkOvmPiI/1yG0CB p34jJrM8f+z3CErWeg+sNXtCvQbjMUVtLRoWjy50ARGs+WekqYzezQ== =3vQF -END PGP SIGNATURE-
Re: Dovecot source code audit
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 13 Jan 2017, Timo Sirainen wrote: Mozilla sponsored source code audit for Dovecot. So thanks to them we have our first public code audit: https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#dovecot Dates: October 2016 - January 2017 dovecot is a POP and IMAP mailserver; it is used in 68% of IMAP server deployments worldwide. The audit was performed by Cure53. The team found the following problems: • 3 Low Congratulations. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWHx7z3z1H7kL/d9rAQIunAf+PTs0C03TD5Fa9R82DdZt370eluds0qTL M2N32QkDrmaTi6VkWg9I8v9YoV2jjg7zSy6lSskfqY8Pu2woKL9CplQaGTwwy7ki bs1uyjI2ZStBwgUkrhtFO/Tbxm6IqmMRm9NNfBmXnnwd8qFtYDlFPKxY9ah2A/bB qROhXftt+qM1l0LD1kv846AehZNJkMrrBmbkgWm83IndwpbiJ1BWd4nIv7cELSlA D5bKlD9y/qUIxUn0A2x4jrUwnfb+Tp99e3kuYcTlj3Tfh8k9e1+3BrPNjGEWL6pd s/fMXgddkqkXxzjqsl42QRrhs9EmblkUhrao55OFkSr0T+xttOwZ9g== =0/Te -END PGP SIGNATURE-
Re: Mail rescue from Dovecot Server
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 17 Jan 2017, Joakim Magnussen - MediaLabs AS wrote: I have a mail folder from Dovecot server. Screenshot: https://i.stack.imgur.com/11NHs.jpg looks like Maildir Is there any way to import to Outlook, or otherwise convert to readable format? "readable" is kind of stretchy. Each file in the cur and new subdirs represents one raw message. I could setup Dovecot on my own server if there is any point. That's one way. There are some Maildir-aware clients, such as mutt. Convert Maildir to mbox, which can be used with Thunderbird: https://wiki2.dovecot.org/Migration/MailFormat There are some converters mbox -> pst . - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWH42YXz1H7kL/d9rAQJIFgf/dN1Esx9GaMEbWuwEYQmtX7lmsN0v+4EV FxqZxfcWm/uizpkM+v85KO+JY/BcDParo9Z68js3OrkEqn+WgMliHo0fI1FT4TS2 G71gfHcRKmZI0bOlnXjXgzG4uPYHH4nYwOZ3H9orROcr2NCpCAZ2QFNevwPM5Y0G 9OoAUCkWySIEDCbgV2exZjwrSdby1r9ryiEp/0406uV9OSv8cSPFjbtw2QfCHgHc 53+ySoFW1cUGXAfiGUjfwIPTbGuE4yG87t6779H0QwC2TAr19+HirFUBD6+YK5mN 7BRe5M2M6kfiuilq4yfJmaRki6yonlU5VR/mIarkuZIzAnPERhZ42Q== =R/Qj -END PGP SIGNATURE-