Dovecot Server issue, cache corruption

[David Mehler via dovecot]

Hello,

I'm using Thunderbird 102 to atempt to retrieve my messages via imap 
(have tried both 143 and 993) first I wasn't getting any error messages 
now I am. This is with Dovecot 2.3 on Debian 12.5. Here's the error 
messages. I do not believe the first set related to public mailboxes is 
related but I'm not sure what it's problem is either, the problem seems 
to be corrupted cache.


2024-04-26T02:01:47.832997-04:00 hostname dovecot: 
imap(usern...@example.com)<586617>: Error: Mailbox 
public/example-1: mkdir(/var/vmail/public/.example-1/cur) failed: 
Permission denied (euid=999(vmail) egid=992(vmail) missing +w perm: 
/var/vmail/public/.example-1, dir owned by 0:0 mode=0755)
2024-04-26T02:01:48.742111-04:00 hostname dovecot: 
imap(usern...@example.com)<586617>: Error: Mailbox 
INBOX: Deleting corrupted cache record uid=34640: UID 34640: Broken 
physical size in mailbox INBOX: 
read(/var/vmail/mailboxes/example.com/username/mail/mailboxes/INBOX/dbox-Mails/u.34640) 
failed: Cached message size smaller than expected (1376 < 1647, 
box=INBOX, UID=34640)
2024-04-26T02:01:48.742239-04:00 hostname dovecot: 
imap(usern...@example.com)<586617>: Error: Mailbox 
INBOX: UID=34640: 
read(/var/vmail/mailboxes/example.com/username/mail/mailboxes/INBOX/dbox-Mails/u.34640) 
failed: Cached message size smaller than expected (1376 < 1647, 
box=INBOX, UID=34640) (read reason=)
2024-04-26T02:01:48.742308-04:00 hostname dovecot: 
imap(usern...@example.com)<586617>: Disconnected: 
FETCH failed: Mailbox INBOX: UID=34640: 
read(/var/vmail/mailboxes/example.com/username/mail/mailboxes/INBOX/dbox-Mails/u.34640) 
failed: Cached message size smaller than expected (1376 < 1647, 
box=INBOX, UID=34640) (read reason=) in=889 out=6253 deleted=0 
expunged=0 trashed=0 hdr_count=5 hdr_bytes=10 body_count=0 body_bytes=0


Here is a doveconf -n output:

# doveconf -n
# 2.3.19.1 (9b53102964): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.19 (4eae2f79)
# OS: Linux 4.19.0 x86_64 Debian 12.5
# Hostname: hostname.example.com
auth_mechanisms = plain login
dict {
  lastlogin = mysql:/etc/dovecot/dovecot-last-login.conf
}
imap_client_workarounds = tb-extra-mailbox-sep tb-lsub-flags
listen = *
lmtp_rcpt_check_quota = yes
mail_attribute_dict = file:%h/Maildir/dovecot-attributes
mail_gid = vmail
mail_home = /var/vmail/mailboxes/%d/%n
mail_location = dbox:~/mail:LAYOUT=fs
mail_plugins = acl quota welcome
mail_privileged_group = vmail
mail_uid = vmail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope 
encoded-character vacation subaddress comparator-i;ascii-numeric 
relational regex imap4flags copy include variables body enotify 
environment mailbox date index ihave duplicate mime foreverypart 
extracttext imapsieve vnd.dovecot.imapsieve

namespace {
  list = children
  location = maildir:/var/vmail/public:INDEXPVT=~/public
  prefix = public/
  separator = /
  subscriptions = no
  type = public
}
namespace inbox {
  inbox = yes
  location =
  mailbox Drafts {
auto = subscribe
special_use = \Drafts
  }
  mailbox Sent {
auto = subscribe
special_use = \Sent
  }
  mailbox Spam {
auto = subscribe
special_use = \Junk
  }
  mailbox Trash {
auto = subscribe
special_use = \Trash
  }
  prefix =
}
passdb {
  args = /etc/dovecot/dovecot-sql.conf
  driver = sql
}
plugin {
  acl = vfile:/etc/dovecot/dovecot-acl
  imapsieve_mailbox1_before = file:/var/vmail/sieve/global/learn-spam.sieve
  imapsieve_mailbox1_causes = COPY
  imapsieve_mailbox1_name = Spam
  imapsieve_mailbox2_before = file:/var/vmail/sieve/global/learn-ham.sieve
  imapsieve_mailbox2_causes = COPY
  imapsieve_mailbox2_from = Spam
  imapsieve_mailbox2_name = *
  last_login_dict = proxy::lastlogin
  last_login_key = # hidden, use -P to show it
  quota = count:User quota
  quota2 = maildir:Shared quota:ns=public/
  quota_exceeded_message = User %u has exhausted allowed storage space.
  quota_grace = 10%%
  quota_max_mail_size = 100M
  quota_rule = *:storage=1G
  quota_rule2 = Trash:storage=+100M
  quota_rule3 = SPAM:ignore
  quota_status_nouser = DUNNO
  quota_status_overquota = 552 5.2.2 Mailbox is full
  quota_status_success = DUNNO
  quota_vsizes = yes
  quota_warning = storage=100%% quota-warning +100 %u
  quota_warning2 = storage=95%% quota-warning +95 %u
  quota_warning3 = storage=80%% quota-warning +80 %u
  quota_warning4 = -storage=100%% quota-warning -100 %u
  sieve = 
file:/var/vmail/sieve/%d/%n/scripts;active=/var/vmail/sieve/%d/%n/active-script.sieve

  sieve_before = /var/vmail/sieve/global/spam-global.sieve
  sieve_global_extensions = +vnd.dovecot.pipe
  sieve_pipe_bin_dir = /usr/bin
  sieve_plugins = sieve_imapsieve sieve_extprograms
  stats_refresh = 30 secs
  stats_track_cmds = yes
  welcome_script = welcome %u
  welcome_wait = no
}
protocols = imap lmtp sieve
service auth-worker {
  vsz_limit = 0
}
service auth {
  unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user 

Debian, Postfix, Dovecot, MySQL, and argon2 password hashing scheme?

[David Mehler via dovecot]

Hello,

I have a quick question. Can Debian, and/or it's 
Postfix/Dovecot/MySQL/MariaDB packages support the argon2 password 
hashing scheme? I had a previously-working e-mail setup on a *BSD 
system, utilizing the argon2ID scheme with Dovecot, Postfix, and MySQL. 
Since changing systems to Debian 12.5 I can't send, though checking the 
password with a manual login to Dovecot works fine. I'm wondering if I 
have to migrate the passwords from argon2ID to SHA512-CRYPT?


Thanks.
Dave.

--
Sent from Mozilla Thunderbird 91.13.1
___
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org

Re: Dovecot, mail_crypt, global keys, permissions

[David Mehler]

al/bin/quota-warning.sh
  unix_listener quota-warning {
group = vmail
mode = 0660
user = vmail
  }
  user = vmail
}
service stats {
  fifo_listener stats-mail {
mode = 0644
user = vmail
  }
  inet_listener {
address = 127.0.0.1
port = 24242
  }
}
service welcome {
  executable = script /usr/local/bin/welcome.sh
  unix_listener welcome {
group = vmail
mode = 0660
user = vmail
  }
}
ssl = required
ssl_cert =  wrote:
> Do you still get same error?
>
> Can you send `doveconf -n`?
>
> Aki
>
>> On 12/08/2023 14:45 EEST David Mehler  wrote:
>>
>>
>> Hello,
>>
>> Thanks for your reply. That didn't do it, still having the issue? Any
>> other suggestions? Is there any other information I can provide?
>>
>> Thanks.
>> Dave.
>>
>>
>> On 8/11/23, Aki Tuomi  wrote:
>> > Seems like you are missing mail_attribute_dict?
>> >
>> > Aki
>> >
>> >> On 11/08/2023 11:32 EEST David Mehler  wrote:
>> >>
>> >>
>> >> Hello,
>> >>
>> >> I'm using Dovecot v2.3 with the mail_crypt plugin and global keys. I
>> >> am seeing this error immediately after imap login then after this
>> >> error imap logs out. I'm hoping this is a simple permissions problem
>> >> and the key can not be read rather than an underlying configuration
>> >> issue.
>> >>
>> >> I do not know what this UID 5395 refers to.
>> >>
>> >> 2023-08-11T04:14:14.539308-04:00 hostname dovecot:
>> >> imap(usern...@domain.org)<492738>: Error: Mailbox
>> >> INBOX: UID=5395: read() failed:
>> >> read(/var/mail/mailboxes/domain.org/username/mail/mailboxes/INBOX/dbox-Mails/u.5395)
>> >> failed: Private key not available: mailbox_attribute_get(INBOX,
>> >> /priv/vendor/vendor.dovecot/pvt/crypt/privkeys/e9f195fe9fd1953d08e815ba6fda9b6c5ae1ed692c9adade2f958c322552cbb0)
>> >> failed: Mailbox attributes not enabled (FETCH BODY[HEADER])
>> >>
>> >> #ls -ld crypt
>> >> drwxr-xr-x 2 root root 4096 Jul 25 08:52 crypt/
>> >>
>> >> # cd crypt
>> >> #ls -l *
>> >> -r 1 root root 241 Jul 25 15:43 master.key
>> >> -rw-r--r-- 1 root root 178 Jul 25 15:43 master.pub
>> >>
>> >> Thanks.
>> >> Dave.
>> >> ___
>> >> dovecot mailing list -- dovecot@dovecot.org
>> >> To unsubscribe send an email to dovecot-le...@dovecot.org
>> >
>> ___
>> dovecot mailing list -- dovecot@dovecot.org
>> To unsubscribe send an email to dovecot-le...@dovecot.org
>
___
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org

Re: Dovecot, mail_crypt, global keys, permissions

[David Mehler]

Hello,

Thanks for your reply. That didn't do it, still having the issue? Any
other suggestions? Is there any other information I can provide?

Thanks.
Dave.


On 8/11/23, Aki Tuomi  wrote:
> Seems like you are missing mail_attribute_dict?
>
> Aki
>
>> On 11/08/2023 11:32 EEST David Mehler  wrote:
>>
>>
>> Hello,
>>
>> I'm using Dovecot v2.3 with the mail_crypt plugin and global keys. I
>> am seeing this error immediately after imap login then after this
>> error imap logs out. I'm hoping this is a simple permissions problem
>> and the key can not be read rather than an underlying configuration
>> issue.
>>
>> I do not know what this UID 5395 refers to.
>>
>> 2023-08-11T04:14:14.539308-04:00 hostname dovecot:
>> imap(usern...@domain.org)<492738>: Error: Mailbox
>> INBOX: UID=5395: read() failed:
>> read(/var/mail/mailboxes/domain.org/username/mail/mailboxes/INBOX/dbox-Mails/u.5395)
>> failed: Private key not available: mailbox_attribute_get(INBOX,
>> /priv/vendor/vendor.dovecot/pvt/crypt/privkeys/e9f195fe9fd1953d08e815ba6fda9b6c5ae1ed692c9adade2f958c322552cbb0)
>> failed: Mailbox attributes not enabled (FETCH BODY[HEADER])
>>
>> #ls -ld crypt
>> drwxr-xr-x 2 root root 4096 Jul 25 08:52 crypt/
>>
>> # cd crypt
>> #ls -l *
>> -r 1 root root 241 Jul 25 15:43 master.key
>> -rw-r--r-- 1 root root 178 Jul 25 15:43 master.pub
>>
>> Thanks.
>> Dave.
>> ___
>> dovecot mailing list -- dovecot@dovecot.org
>> To unsubscribe send an email to dovecot-le...@dovecot.org
>
___
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org

Dovecot, mail_crypt, global keys, permissions

[David Mehler]

Hello,

I'm using Dovecot v2.3 with the mail_crypt plugin and global keys. I
am seeing this error immediately after imap login then after this
error imap logs out. I'm hoping this is a simple permissions problem
and the key can not be read rather than an underlying configuration
issue.

I do not know what this UID 5395 refers to.

2023-08-11T04:14:14.539308-04:00 hostname dovecot:
imap(usern...@domain.org)<492738>: Error: Mailbox
INBOX: UID=5395: read() failed:
read(/var/mail/mailboxes/domain.org/username/mail/mailboxes/INBOX/dbox-Mails/u.5395)
failed: Private key not available: mailbox_attribute_get(INBOX,
/priv/vendor/vendor.dovecot/pvt/crypt/privkeys/e9f195fe9fd1953d08e815ba6fda9b6c5ae1ed692c9adade2f958c322552cbb0)
failed: Mailbox attributes not enabled (FETCH BODY[HEADER])

#ls -ld crypt
drwxr-xr-x 2 root root 4096 Jul 25 08:52 crypt/

# cd crypt
#ls -l *
-r 1 root root 241 Jul 25 15:43 master.key
-rw-r--r-- 1 root root 178 Jul 25 15:43 master.pub

Thanks.
Dave.
___
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org

Quota possibly overcomplicating, need sanity check?

[David Mehler]

Hello,
New setup and trying to get quotas going. It's a
Dovecot/Postfix/Mariadb virtual user setup. In my db I have a varchar
field called quota with a default value of 128. Here's what I have in
dovecot configs for quota:

# Plugins
mail_plugins = acl mail_crypt quota

service stats {
fifo_listener stats-mail {
user = vmail
mode = 0644
}

inet_listener {
address = 127.0.0.1
port = 24242
}
}

# quota status
service quota-status {
executable = quota-status -p postfix
unix_listener /var/spool/postfix/private/dovecot-quota {
user = postfix
group = postfix
mode = 0660
}
client_limit = 1
}

# Quota warnings
service quota-warning {
executable = script /usr/local/bin/quota-warning.sh
user = vmail
unix_listener quota-warning {
group = vmail
mode = 0660
user = vmail
}
}

plugin {
  quota = count:User quota
  quota2 = maildir:Shared quota:ns=public/
  quota_max_mail_size = 100M
  # Required for 'count' quota driver
  quota_vsizes = yes
   quota_rule2 = Trash:storage=+10%%
quota_rule = *:storage=1G
quota_rule2 = Trash:storage=100M
quota_rule3 = SPAM:ignore
   quota_warning = storage=100%% quota-warning +100 %u
   quota_warning2 = storage=95%% quota-warning +95 %u
   quota_warning3 = storage=80%% quota-warning +80 %u
   quota_warning4 = -storage=100%% quota-warning -100 %u # user is
no longer over quota
quota_exceeded_message = User %u has exhausted allowed storage space.
  quota_grace = 10%%
  # 10% is the default
  quota_status_success = DUNNO
  quota_status_nouser = DUNNO
  quota_status_overquota = "552 5.2.2 Mailbox is full"

## Stats

### how often to session statistics (must be set)
stats_refresh = 30 secs
### track per-IMAP command statistics (optional)
stats_track_cmds = yes
}

The protocol imap has the imap_quota plugin and protocol lmtp has the
quota plugin. I've also got

lmtp_rcpt_check_quota = yes
mailbox_list_index = yes

In my dovecot-sql.conf file my user query looks like this:

user_query = SELECT concat('*:storage=', quota, 'M') AS quota_rule
FROM accounts WHERE username = '%Ln' AND domain = '%Ld' AND sendonly =
false;

Postfix checks:

 check_policy_service unix:private/dovecot-quota

Am I overcomplicating?

Thanks.
Dave.
___
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org

mail_crypt on existing mailstore

[David Mehler]

Hello,

I've got a pre-existing mailstore, it's a Postfix/Dovecot/Mariadb
virtual-user setup, with users and mailboxes. I'd now like to get
mail_crypt going. Can I do this with this existing store or if not how
would I set this up?


Thanks.
Dave.
___
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org

argon2id best practices, generating and database storage

[David Mehler]

Hello,

To users of argon2id as a password hash, what are best practices/what
do you use to generate the argon2id password hashes? I want to know if
I should do more than:

doveadm pw -s ARGON2ID

Also, for storing an argon2id password hash in a database
(mysql/mariadb in this example) what value(s) do you use for the
field?

Thanks.
Dave.
___
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org

Re: Server migration, password scheme/hashing, argon2i, argon2d, argon2id, sha512, sha512-crypt, tiger2, salt?

[David Mehler]

Hello,

Thanks. The other utility I would be using is the Roundcube webmail
password plugin.  Still trying to figure the best option.

More opinions?
Thanks.
Dave.


On 6/24/23, Robert Lister  wrote:
>
> I did a similar upgrade, and now in the process of migrating from
> SHA512-CRYPT
> to BLF-CRYPT with an appropriately set rounds, as I think the default
> rounds
> is a little low.
>
> A good write-up on migrating passwords and calculating the rounds:
> https://kaworu.ch/blog/2016/04/20/strong-crypt-scheme-with-dovecot-postfixadmin-and-roundcube/
>
>
> I would take into consideration the following factors when deciding the
> hashing algo.
>
> 1. Other tools/scripts that need to update or check passwords in the
> database,
> for example:
> - roundcube webmail has a plugin to allow users to change their
> password
>   using a variety of methods.
> - postfixadmin
>
> For a long time, bcrypt wasn't natively supported by either the
> version of php
> or underlying OS libs, so these tools had to rely on calling "doveadm
> pw "
> to generate BLF-CRYPT hashes. And assumed that doveadm was available
> on the same server as it.
>
> The latest versions support bcrypt and newer hashing algos natively.
>
> Some tools might rely on the database (mysql/mariadb) to hash
> passwords, so
> this may also be a consideration.
>
> 2. Server load / libs:
>
> - The Dovecot docs:
> https://doc.dovecot.org/configuration_manual/authentication/password_schemes/
>   has this to say on ARGON2I/ARGON2ID:
>
>   "Argon2 is the winner of password hashing competition held at July
> 2015. The password will
>start with $argon2i$ or $argon2id$. You can use -r to tune
> computational complexity,
>minimum is 3. ARGON2ID is only available if your libsodium is
> recent enough.
>ARGON2 can require quite a hefty amount of virtual memory, so we
> recommend that you set
>service auth { vsz_limit = 2G } at least, or more."
>
> There's a good write up of considering the various algos:
>
> https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html
>
> I considered BLF-CRYPT (for the time being) to be strong enough and a
> good balance between compatibility, strength and server load, given the
> number of users etc.
>
> Rob
>
>
> On 2023-06-23 02:14, David Mehler wrote:
>> Hello,
>>
>> I'm migrating to a new server. It's running Debian 11 currently though
>> that's going 12 this weekend. Currently it uses Openssl v3.0.9, and
>> dovecot 2.3.13 and MySQL (in this case Mariadb) for storing user
>> account information v10.6.14. My question is in regards password
>> storage and scheme/encryption/salts.
>>
>> Currently they are stored in Mariadb password field with a type of
>> varchar and a 255 character length, and are stored as SHA512-CRYPT.
>> I'm wondering if I should keep this as is or when I migrate go to
>> another scheme? I'm thinking argon2i, argon2d, argon2id, sha512,
>> sha512-crypt, tiger2, saltt?
>
>
> --
> Robert Lister  - email:  r...@lentil.org  - tel: 020 7043 7996
> ___
> dovecot mailing list -- dovecot@dovecot.org
> To unsubscribe send an email to dovecot-le...@dovecot.org
>
___
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org

Server migration, password scheme/hashing, argon2i, argon2d, argon2id, sha512, sha512-crypt, tiger2, salt?

[David Mehler]

Hello,

I'm migrating to a new server. It's running Debian 11 currently though
that's going 12 this weekend. Currently it uses Openssl v3.0.9, and
dovecot 2.3.13 and MySQL (in this case Mariadb) for storing user
account information v10.6.14. My question is in regards password
storage and scheme/encryption/salts.

Currently they are stored in Mariadb password field with a type of
varchar and a 255 character length, and are stored as SHA512-CRYPT.
I'm wondering if I should keep this as is or when I migrate go to
another scheme? I'm thinking argon2i, argon2d, argon2id, sha512,
sha512-crypt, tiger2, saltt?

Discussion/opinions welcome.
Thanks.
Dave.
___
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org

Re: migrating dovecot to new server

[David Mehler]

Hello,

Thanks, the directory structure and files will all be the same so i'll
just rsync.

Thanks.
Dave.


On 5/29/20, Francis Augusto Medeiros-Logeay  wrote:
> I did what Aki said. Actually I moved it all to a new server and to docker
> containers. From Dovecot 2.2 to 2.3. And it worked fine. Of course one
> always forget something - the path for the certificates, the different
> directory for mounting storage, etc.
>
> But am surprise and happy that it worked very well.
>
> __
> Francis Augusto Medeiros-Logeay
> Oslo, Norway
> Sent from a mobile device / Enviado a partir de dispositivo móvel
>
>> On 29 May 2020, at 19:33, Aki Tuomi  wrote:
>>
>> 
>>> On 29/05/2020 20:12 Ralph Seichter  wrote:
>>>
>>>
>>> * David Mehler:
>>>
>>>> I'd ideally like to back up all the mails in the maildir location,
>>>> copy that over, load in my configuration files, and bring the system
>>>> back up.
>>>
>>> I don't think this qualifies as "ideal" for migration. My recommendation
>>> is to set up the new server and configure Dovecot replication (see
>>> Wiki).
>>>
>>> If you configured things correctly, migration will happen without
>>> further intervention, and if there is a problem, you can resolve it in
>>> your own time, without damaging the existing server and data.
>>>
>>> -Ralph
>>
>> If your directory structure *and* namespace structure stays the same, you
>> can rsync files over.
>>
>> If you are going to change anything, do as Ralph suggests.
>>
>> Aki
>

migrating dovecot to new server

[David Mehler]

Hello,

I'm needing to migrate my dovecot installation it's 2.3 on FreeBSD
12.1 to a new server. I'd ideally like to back up all the mails in the
maildir location, copy that over, load in my configuration files, and
bring the system back up. I doubt it's that easy, any pitfalls I
should watch out for?

Thanks.
Dave.

Re: problem with a public folder

[David Mehler]

Hello,

Thanks, yes the global-acls file is the one I'm refering to and I
created it before all this started.

Yes, the users can both login properly and can access there own inboxes.

Thanks.
Dave.


On 4/26/20, Markus Winkler  wrote:
> Hi Dave,
>
> thanks for the information.
>
> On 26.04.20 18:37, David Mehler wrote:
>> In answer to your questions I made a file global-acls containing:
>
> It's the '/usr/local/etc/dovecot/global-acls', right?
>
>> # cat global-acls
>> Public/general user=us...@domain.com lrwstipekxa
>> Public/TestFolder user=us...@domain.com lrwstipekxa
>>
>> Public/general user=us...@domain2.com lrwstipekxa
>> Public/TestFolder user=us...@domain2.com lrwstipekxa
>
> Just to be sure: when did you create this file and it's content: before you
>
> reported (i.e. yesterday) the results of 'doveadm acl get -A
> "Public/general"' and 'doveadm acl get -A "Public/TestFolder"' or only
> today before you wrote this mail? In the latter case: did this change the
> output of 'doveadm acl get -A ...'
>
> To me this file looks OK and so the ACLs should be reported and working
> correctly ...
>
> And an additional question: the users us...@domain.com and
> us...@domain2.com are generally able to login, use their own Inbox etc.
> without any problem?
>
> Regards,
> Markus
>

Re: problem with a public folder

[David Mehler]

Hello,

Thank you for your response. In answer to your questions I made a file
global-acls containing:

# cat global-acls
Public/general user=us...@domain.com lrwstipekxa
Public/TestFolder user=us...@domain.com lrwstipekxa

Public/general user=us...@domain2.com lrwstipekxa
Public/TestFolder user=us...@domain2.com lrwstipekxa

Here's the ls -la output:

#ls -la /var/vmail/public/TestFolder/
total 28
drwx--  5 vmail  vmail  512 Apr 26 10:09 ./
drwx--  4 vmail  vmail  512 Apr 26 10:09 ../
drwx--  2 vmail  vmail  512 Apr 25 13:55 cur/
-rw---  1 vmail  vmail   51 Apr 26 10:09 dovecot-uidlist
-rw---  1 vmail  vmail  232 Apr 26 10:09 dovecot.index.log
drwx--  2 vmail  vmail  512 Apr 25 13:55 new/
drwx--  2 vmail  vmail  512 Apr 25 13:55 tmp/

#ls -la /var/vmail/public/general/
total 28
drwx--  5 vmail  vmail  512 Apr 25 13:47 ./
drwx--  4 vmail  vmail  512 Apr 26 10:09 ../
drwx--  2 vmail  vmail  512 Apr 25 13:42 cur/
-rw---  1 vmail  vmail   51 Apr 25 13:47 dovecot-uidlist
-rw---  1 vmail  vmail  232 Apr 25 13:47 dovecot.index.log
drwx--  2 vmail  vmail  512 Apr 25 13:42 new/
drwx--  2 vmail  vmail  512 Apr 25 13:42 tmp/

Thanks.
Dave.


On 4/26/20, Markus Winkler  wrote:
> Hi David,
>
> On 25.04.20 21:23, David Mehler wrote:
>> I've added a mailbox to the namespace definition for the public
>> folders. I can do a doveadm acl get -A "Public/general" works but
>> "Public/TestFolder" does not.
>
> did you already used something like this on your server?:
>
> # doveadm acl set -A "Public/..."
>
> or how did you set the ACLs?
>
> And:
>
>> Here's my ls output:
>> #ls -l /var/vmail/public
>> total 16
>> drwx--  5 vmail  vmail  512 Apr 25 13:56 TestFolder/
>> -rw---  1 vmail  vmail0 Apr 25 13:43 dovecot-acl-list
>> -rw---  1 vmail  vmail8 Apr 25 13:47 dovecot-uidvalidity
>> -r--r--r--  1 vmail  vmail0 Apr 25 13:47 dovecot-uidvalidity.5ea477b0
>> -rw---  1 vmail  vmail  804 Apr 25 13:59 dovecot.list.index.log
>> drwx--  5 vmail  vmail  512 Apr 25 13:47 general/
>
> could you please also show the output of:
>
> # ls -la /var/vmail/public/TestFolder
>
> and
>
> # ls -la /var/vmail/public/general
>
> Thanks and regards,
> Markus
>

Re: problem with a public folder

[David Mehler]

ents = delete undelete expunge copy mailbox_delete mailbox_rename
  mail_log_fields = uid box msgid size
  quota = count:User quota
  quota_exceeded_message = Storage quota for this account has been
exceeded, please try again later.
  quota_grace = 10%%
  quota_rule2 = Trash:ignore
  quota_status_nouser = DUNNO
  quota_status_overquota = 552 5.2.2 Mailbox is full
  quota_status_success = DUNNO
  quota_vsizes = true
  quota_warning = storage=100%% quota-exceeded 100 %u
  quota_warning2 = storage=95%% quota-warning 95 %u
  quota_warning3 = storage=90%% quota-warning 90 %u
  quota_warning4 = storage=85%% quota-warning 85 %u
  quota_warning5 = storage=75%% quota-warning 75 %u
  sieve = 
file:/var/vmail/sieve/%d/%n/scripts;active=/var/vmail/sieve/%d/%n/active-script.sieve
  sieve_before = /var/vmail/sieve/global/spam-global.sieve
  sieve_extensions = +notify +imapflags +spamtest +spamtestplus
+virustest +editheader
  sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.execute
+vnd.dovecot.environment
  sieve_max_redirects = 30
  sieve_max_script_size = 1M
  sieve_pipe_bin_dir = /usr/local/lib/dovecot/sieve
  sieve_plugins = sieve_imapsieve sieve_extprograms
  sieve_spamtest_max_header = X-Spamd-Result: default: [[:alnum:]]+
\[-?[[:digit:]]+\.[[:digit:]]+ / (-?[[:digit:]]+\.[[:digit:]]+)\]
  sieve_spamtest_status_header = X-Spamd-Result: default: [[:alnum:]]+
\[(-?[[:digit:]]+\.[[:digit:]]+) / -?[[:digit:]]+\.[[:digit:]]+\]
  sieve_spamtest_status_type = score
  sieve_user_log = /var/vmail/sieve/sieve_error.log
  sieve_virustest_status_header = X-Virus-Scan: Found to be (.+)\.
  sieve_virustest_status_type = text
  sieve_virustest_text_value1 = clean
  sieve_virustest_text_value5 = infected
  trash = /usr/local/etc/dovecot/trash.conf
  welcome_script = welcome %n postmaster@%d
  welcome_wait = yes
}
postmaster_address = postmas...@domain.com
protocols = imap lmtp sieve
sendmail_path = /usr/local/sbin/sendmail
service auth-worker {
  user = vmail
}
service auth {
  unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
  }
  unix_listener auth-userdb {
group = vmail
mode = 0666
user = vmail
  }
}
service dict {
  unix_listener dict {
mode = 0600
user = vmail
  }
  user = root
}
service imap-login {
  inet_listener imap {
port = 143
  }
  process_min_avail = 1
}
service imap {
  executable = imap
}
service lmtp {
  executable = lmtp
  unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0660
user = postfix
  }
}
service managesieve-login {
  inet_listener sieve {
address = xxx.xxx.xxx.xxx
port = 4190
  }
}
service quota-status {
  client_limit = 1
  executable = quota-status -p postfix
  unix_listener /var/spool/postfix/private/dovecot-quota {
group = postfix
mode = 0660
user = postfix
  }
}
service quota-warning {
  executable = script /usr/local/etc/dovecot/quota-warning.sh
  unix_listener quota-warning {
group = vmail
mode = 0660
user = vmail
  }
  user = vmail
}
service stats {
  unix_listener stats-reader {
group = vmail
mode = 0660
user = vmail
  }
  unix_listener stats-writer {
group = vmail
mode = 0660
user = vmail
  }
}
service welcome {
  executable = script /usr/local/etc/dovecot/welcome.sh
  unix_listener welcome {
user = vmail
  }
  user = vmail
}
ssl = required
ssl_cert =  wrote:
>
>
> On April 25, 2020 2:35:20 AM GMT+02:00, David Mehler 
> wrote:
>>Hello,
>>
>>I'm trying to set up a public folder called TestFolder. I'm getting
>>this error:
>>
>>#doveadm acl get -A "Public/TestFolder"
>>doveadm(usern...@example.com): Error: Can't open mailbox
>>Public/TestFolder: Mailbox doesn't exist: Public/TestFolder
>>Username ID Global Rights
>
> Have you enabled debug log and what does it show when you run this command?
>
>># ls -ld /var/vmail/public
>>drwx-- 4 vmail vmail 512 Apr 15 23:17 public/
>>
>># ls -ld public/.TestFolder
>>drwx-- 5 vmail vmail 512 Apr 15 23:20 .TestFolder/
>>
>>My goal is a public namespace under which I have several folders for
>>internal communications that users can access, TestFolder being an
>>example.
>>
>>Suggestions welcome.
>>Thanks.
>>Dave.
>>
>>#doveconf -n
>># 2.3.10 (0da0eff44): /usr/local/etc/dovecot/dovecot.conf
>># Pigeonhole version 0.5.10 (bf8ef1c2)
>># OS: FreeBSD 12.1-RELEASE-p3 amd64
>># Hostname: mail.example.com
>>auth_cache_size = 10 M
>>auth_default_realm = example.com
>>auth_mechanisms = plain login
>>auth_realms = example.com
>>dict {
>>  lastlogin = mysql:/usr/local/etc/dovecot/dovecot-last-login.conf
>>}
>>first_valid_gid = 2100
>>first_valid_uid = 2100
>>hostname = mail.example.com
>>imap_client_workarounds = delay-newmail tb-e

problem with a public folder

[David Mehler]

Hello,

I'm trying to set up a public folder called TestFolder. I'm getting this error:

#doveadm acl get -A "Public/TestFolder"
doveadm(usern...@example.com): Error: Can't open mailbox
Public/TestFolder: Mailbox doesn't exist: Public/TestFolder
Username ID Global Rights

# ls -ld /var/vmail/public
drwx-- 4 vmail vmail 512 Apr 15 23:17 public/

# ls -ld public/.TestFolder
drwx-- 5 vmail vmail 512 Apr 15 23:20 .TestFolder/

My goal is a public namespace under which I have several folders for
internal communications that users can access, TestFolder being an
example.

Suggestions welcome.
Thanks.
Dave.

#doveconf -n
# 2.3.10 (0da0eff44): /usr/local/etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.10 (bf8ef1c2)
# OS: FreeBSD 12.1-RELEASE-p3 amd64
# Hostname: mail.example.com
auth_cache_size = 10 M
auth_default_realm = example.com
auth_mechanisms = plain login
auth_realms = example.com
dict {
  lastlogin = mysql:/usr/local/etc/dovecot/dovecot-last-login.conf
}
first_valid_gid = 2100
first_valid_uid = 2100
hostname = mail.example.com
imap_client_workarounds = delay-newmail tb-extra-mailbox-sep tb-lsub-flags
imap_idle_notify_interval = 1 mins
last_valid_gid = 2100
last_valid_uid = 2100
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
lda_original_recipient_header = X-Original-To
listen = xxx.xxx.xxx.xxx
lmtp_rcpt_check_quota = yes
log_timestamp = "%Y-%m-%d %H:%M:%S "
mail_access_groups = vmail
mail_fsync = never
mail_gid = vmail
mail_home = /var/vmail/mailboxes/%d/%n
mail_location = dbox:~/mail
mail_plugins = acl fts fts_lucene mail_log notify quota trash virtual
welcome zlib mail_crypt
mail_privileged_group = vmail
mail_server_admin = mailto:postmas...@example.com
mail_uid = vmail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date index ihave duplicate mime foreverypart
extracttext spamtest spamtestplus virustest editheader imapflags
notify imapsieve vnd.dovecot.imapsieve
namespace {
  location = 
sdbox:/var/vmail/public/:CONTROL=~/mail/public:INDEX=~/mail/public:INDEXPVT=~/mail/public
  prefix = Public/
  separator = /
  subscriptions = yes
  type = public
}
namespace {
  hidden = no
  list = yes
  location = 
maildir:/var/vmail/shared/office/.Maildir:CONTROL=~/.Maildir/control/office:INDEX=~/.Maildir/index/office
  prefix = shared/%%u/
  separator = /
  subscriptions = yes
  type = shared
}
namespace inbox {
  inbox = yes
  location =
  mailbox Drafts {
auto = subscribe
special_use = \Drafts
  }
  mailbox Sent {
auto = subscribe
special_use = \Sent
  }
  mailbox Spam {
auto = subscribe
autoexpunge = 30 days
special_use = \Junk
  }
  mailbox Trash {
auto = subscribe
autoexpunge = 30 days
special_use = \Trash
  }
  prefix =
  separator = /
  type = private
}
passdb {
  args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
  driver = sql
}
plugin {
  acl = vfile:/usr/local/etc/dovecot/global-acls:cache_secs=300
  acl_anyone = allow
  fts = lucene
  fts_autoindex = yes
  fts_autoindex_exclude = \Junk
  fts_autoindex_exclude2 = \Trash
  fts_autoindex_exclude3 = \Spam
  fts_autoindex_max_recent_msgs = 80
  fts_index_timeout = 90
  fts_lucene = whitespace_chars=@. normalize no_snowball
  imapsieve_mailbox1_before =
file:/usr/local/lib/dovecot/sieve/report-spam.sieve
  imapsieve_mailbox1_causes = COPY
  imapsieve_mailbox1_name = Spam
  imapsieve_mailbox2_before = file:/usr/local/lib/dovecot/sieve/report-ham.sieve
  imapsieve_mailbox2_causes = COPY
  imapsieve_mailbox2_from = Spam
  imapsieve_mailbox2_name = *
  last_login_dict = proxy::lastlogin
  last_login_key = # hidden, use -P to show it
  mail_crypt_curve = prime256v1
  mail_crypt_global_private_key = # hidden, use -P to show it
  mail_crypt_global_public_key = # hidden, use -P to show it
  mail_crypt_save_version = 2
  mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename
  mail_log_fields = uid box msgid size
  quota = count:User quota
  quota_exceeded_message = Storage quota for this account has been
exceeded, please try again later.
  quota_grace = 10%%
  quota_rule2 = Trash:ignore
  quota_status_nouser = DUNNO
  quota_status_overquota = 552 5.2.2 Mailbox is full
  quota_status_success = DUNNO
  quota_vsizes = true
  quota_warning = storage=100%% quota-exceeded 100 %u
  quota_warning2 = storage=95%% quota-warning 95 %u
  quota_warning3 = storage=90%% quota-warning 90 %u
  quota_warning4 = storage=85%% quota-warning 85 %u
  quota_warning5 = storage=75%% quota-warning 75 %u
  sieve = 
file:/var/vmail/sieve/%d/%n/scripts;active=/var/vmail/sieve/%d/%n/active-script.sieve
  sieve_before = /var/vmail/sieve/global/spam-global.sieve
  sieve_extensions = +notify +imapflags +spamtest +spamtestplus
+virustest +editheader
  sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.execute

Re: Dovecot and thunderbird authentication issue?

[David Mehler]

Hello,

I got the issue fixed. Here's what it was, and my understanding is a
little vague in some areas. I use letsencrypt for my certificates and
one of the options I pass to acme.sh is the --ocsp option. This works
fine for web servers apparently, but for some reason and here I get
muddy depending on what I'm reading on Google, both Dovecot and
Postfix do not support OCSP stapling, so when Thunderbird asks Dovecot
about an OCSP response gets back faulty, invalid, or nothing, (I did
say my knowledge was muddy) Thunderbird apparently concludes the
certificate is invalid, expired, or whatever, and doesn't accept it.

This problem only occurs with Thunderbird, my phone with various email
clients, and Outlook 2010 all work great, so I was unwilling to mess
around with my certificates. What I ended up doing was going in to
thunderbird's configuration editor and searching for ocsp there were a
bunch of options, I turned all that were on or enabled off, restarted
Thunderbird, and it fired right up.

Thanks and hope this helps someone.
Dave.


On 4/20/20, Juri Haberland  wrote:
> On 19.04.20 23:44, David Mehler wrote:
>> I'm using Dovecot 2.2, Postfix 3.5, and am atempting to get the latest
>> version of Thunderbird to work. I tried account autoconfig which did
>> not work, so I had to manually enter information and correct other
>> information. On my server dovecot supports plane and login
>> authentication methods but only over starttls i've got a letsencrypt
>> certificate. My thunderbird configuration looks good, right hosts for
>> incoming and outgoing mail, right ports, 143 starttls, and 587 smtp
>> submission, and thunderbird has the authentication method set for
>> normal password. This I interpreted to mean thunderbird is going to
>> starttls then send the username and password. Thunderbird is giving me
>> this error:
>>
>> imap server does not support the selected authentication method
>>
>> I realize this is vague, any suggestions?
>
> What about showing what dovecot logged at that moment?
> Output from "doveconf -n" would be helpful, too.
>
> Even though I don't use Thunderbird with STARTTLS (but with SSL/TLS on port
> 993) I'm pretty sure this should work.
>
>
> Best,
>   Juri
>

Dovecot and thunderbird authentication issue?

[David Mehler]

Hello,

I'm using Dovecot 2.2, Postfix 3.5, and am atempting to get the latest
version of Thunderbird to work. I tried account autoconfig which did
not work, so I had to manually enter information and correct other
information. On my server dovecot supports plane and login
authentication methods but only over starttls i've got a letsencrypt
certificate. My thunderbird configuration looks good, right hosts for
incoming and outgoing mail, right ports, 143 starttls, and 587 smtp
submission, and thunderbird has the authentication method set for
normal password. This I interpreted to mean thunderbird is going to
starttls then send the username and password. Thunderbird is giving me
this error:

imap server does not support the selected authentication method

I realize this is vague, any suggestions?

Thanks.
Dave.

got a listener on 993

[David Mehler]

Hello,

Before I get in to my question is ssl on 993 or starttls on 143 better
from a security perspective?

I've noticed that I've got a dovecot listener on port 993, below is my
doveconf -n output I don't have an imaps listener uncommented should I
do so and set it's port to 0? Will that disable the 993 listener?
Thanks.
Dave.

# 2.3.10 (0da0eff44): /usr/local/etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.10 (bf8ef1c2)
# OS: FreeBSD 12.1-RELEASE-p2 amd64
# Hostname: hostname.example.com
auth_cache_size = 10 M
auth_default_realm = example.com
auth_mechanisms = plain login
auth_realms = example.com
dict {
  lastlogin = mysql:/usr/local/etc/dovecot/dovecot-last-login.conf
}
first_valid_gid = 2100
first_valid_uid = 2100
hostname = hostname.example.com
imap_client_workarounds = delay-newhostname tb-extra-hostnamebox-sep
tb-lsub-flags
imap_idle_notify_interval = 1 mins
last_valid_gid = 2100
last_valid_uid = 2100
lda_hostnamebox_autocreate = yes
lda_hostnamebox_autosubscribe = yes
lda_original_recipient_header = X-Original-To
listen = xxx.xxx.xxx.xxx
lmtp_rcpt_check_quota = yes
log_timestamp = "%Y-%m-%d %H:%M:%S "
hostname_access_groups = vhostname
hostname_fsync = never
hostname_gid = vhostname
hostname_home = /var/vhostname/hostnameboxes/%d/%n
hostname_location = dbox:~/hostname
hostname_plugins = acl fts fts_lucene mail_log notify quota trash
virtual welcome zlib mail_crypt
hostname_privileged_group = vhostname
hostname_server_admin = hostnameto:postmas...@example.com
hostname_uid = vhostname
managesieve_notify_capability = hostnameto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment hostnamebox date index ihave duplicate mime foreverypart
extracttext spamtest spamtestplus virustest editheader imapflags
notify imapsieve vnd.dovecot.imapsieve
namespace {
  location = 
sdbox:/var/vhostname/public/:CONTROL=~/hostname/public:INDEX=~/hostname/public
  prefix = Public/
  separator = /
  subscriptions = yes
  type = public
}
namespace {
  hidden = no
  list = yes
  location = 
hostnamedir:/var/vhostname/shared/office/.hostnamedir:CONTROL=~/.hostnamedir/control/office:INDEX=~/.hostnamedir/index/office
  prefix = shared/%%u/
  separator = /
  subscriptions = yes
  type = shared
}
namespace inbox {
  inbox = yes
  location =
  hostnamebox Drafts {
auto = subscribe
special_use = \Drafts
  }
  hostnamebox Sent {
auto = subscribe
special_use = \Sent
  }
  hostnamebox Spam {
auto = subscribe
autoexpunge = 30 days
special_use = \Junk
  }
  hostnamebox Trash {
auto = subscribe
autoexpunge = 30 days
special_use = \Trash
  }
  prefix =
  separator = /
  type = private
}
passdb {
  args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
  driver = sql
}
plugin {
  acl = vfile:/usr/local/etc/dovecot/global-acls:cache_secs=300
  fts = lucene
  fts_autoindex = yes
  fts_autoindex_exclude = \Junk
  fts_autoindex_exclude2 = \Trash
  fts_autoindex_exclude3 = \Spam
  fts_autoindex_max_recent_msgs = 80
  fts_index_timeout = 90
  fts_lucene = whitespace_chars=@. normalize no_snowball
  imapsieve_hostnamebox1_before =
file:/var/vhostname/sieve/global/learn-spam.sieve
  imapsieve_hostnamebox1_causes = COPY
  imapsieve_hostnamebox1_name = Spam
  imapsieve_hostnamebox2_before =
file:/var/vhostname/sieve/global/learn-ham.sieve
  imapsieve_hostnamebox2_causes = COPY
  imapsieve_hostnamebox2_from = Spam
  imapsieve_hostnamebox2_name = *
  last_login_dict = proxy::lastlogin
  last_login_key = # hidden, use -P to show it
  hostname_crypt_curve = prime256v1
  hostname_crypt_global_private_key = # hidden, use -P to show it
  hostname_crypt_global_public_key = # hidden, use -P to show it
  hostname_crypt_save_version = 2
  hostname_log_events = delete undelete expunge copy
hostnamebox_delete hostnamebox_rename
  hostname_log_fields = uid box msgid size
  quota = count:User quota
  quota_exceeded_message = Storage quota for this account has been
exceeded, please try again later.
  quota_grace = 10%%
  quota_rule2 = Trash:ignore
  quota_status_nouser = DUNNO
  quota_status_overquota = 552 5.2.2 hostnamebox is full
  quota_status_success = DUNNO
  quota_vsizes = true
  quota_warning = storage=100%% quota-exceeded 100 %u
  quota_warning2 = storage=95%% quota-warning 95 %u
  quota_warning3 = storage=90%% quota-warning 90 %u
  quota_warning4 = storage=85%% quota-warning 85 %u
  quota_warning5 = storage=75%% quota-warning 75 %u
  sieve = 
file:/var/vhostname/sieve/%d/%n/scripts;active=/var/vhostname/sieve/%d/%n/active-script.sieve
  sieve_before = /var/vhostname/sieve/global/spam-global.sieve
  sieve_extensions = +notify +imapflags +spamtest +spamtestplus
+virustest +editheader
  sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.execute
+vnd.dovecot.environment
  sieve_max_redirects = 30
  sieve_max_script_size = 1M
  sieve_pipe_bin_dir = /usr/bin
  sieve_plugins 

Dovecot, FreeBSD, and Solr?

[David Mehler via dovecot]

Hello,

Does anyone have this combination going? I'm running freebsd and
dovecot, to which i'd like to add solr text search. I am stuck on xml
schema integration, if anyone has any notes i'd appreciate them.

Thanks.
Dave.

Re: solr vs fts

[David Mehler via dovecot]

Hi,

Is Clucene no longer prefered/developed indexer?

Thanks.
Dave.


On 7/4/19, Felix Zielcke via dovecot  wrote:
> Am Donnerstag, den 04.07.2019, 12:27 +0300 schrieb Aki Tuomi via
> dovecot:
>> On 4.7.2019 12.22, Maciej Milaszewski IQ PL via dovecot wrote:
>> > Hi
>> > So you're advised to use a solr or something else?
>> >
>>
>> Using any FTS is advisable, currently suitable ones would be SOLR or
>> Xapian (see https://github.com/grosjo/fts-xapian)
>>
>
> Hi Aki,
>
> I didn't yet think about using FTS either but followed a bit the thread
> about developing the Xapian plugin.
> How stable is that now?
>
> https://wiki.dovecot.org/Plugins/FTS says above:
>
> "The following FTS indexers (in preferred order) are supported"
>
> but fts-xapian is listed below all others and Solr at the top.
>
> Is the wiki just outdated?
>
> Felix
>
>

virtual users, change password on first login?

[David Mehler via dovecot]

Hello,

I've got an email server setup all with virtual users. There only
interaction with it will be via a webmail interface in this case
roundcube. What I'm wanting to do is set up automatic password change
on first login. Would this be considered a dovecot or a roundcube
issue?

Any solution appreciated.

Thanks.
Dave.

last login user tracking

[David Mehler via dovecot]

Hello,

I'm trying to get last login user tracking going, using Dovecot and
mysql. I'm using:

https://docs.iredmail.org/track.user.last.login.html

and it is working, I am seeing an entry and it is updated, the problem
is the last login value does not mean anything to me. I was wondering
if it's possible to have the value be of a last login date and time,
and also a remote ip would be helpful so I can see from where users
are logging in from.

Thanks.
Dave.

Re: mailbox encryption

[David Mehler via dovecot]

Hello,

Thanks, I think I have it. The message files the u5 and u6 files are
showing up as data, and they sure look encrypted to me.

One thing is there a way to get logging of output of the mail_crypt
module? What I'm wanting to have if possible is a user gets a message,
the logs show message being encrypted, then stored to disk?

Thanks.
Dave.


On 6/17/19, Aki Tuomi  wrote:
>
> On 16.6.2019 23.04, David Mehler via dovecot wrote:
>> Hello,
>>
>> I've got dovecot 2.3 going, and I've got a file 10-mailcrypt.conf
>> which is loading mail_crypt, thinking that that plugin would propagate
>> through all the services, sieve, lmtp, and mailbox message storage.
>> I'm not seeing anything in the logs indicating that the encryption is
>> happening.
>>
>> I am using a file format dbox specifically sdbox format, and in my
>> mailbox I am seeing files like u.5 and others, a file check on them
>> reveals them as data.
>>
>> Should I be seeing encryption in the logs?
>>
>> Thanks.
>> Dave.
>
>
> Please see https://wiki2.dovecot.org/Plugins/MailCrypt
>
> Aki
>
>

mailbox encryption

[David Mehler via dovecot]

Hello,

I've got dovecot 2.3 going, and I've got a file 10-mailcrypt.conf
which is loading mail_crypt, thinking that that plugin would propagate
through all the services, sieve, lmtp, and mailbox message storage.
I'm not seeing anything in the logs indicating that the encryption is
happening.

I am using a file format dbox specifically sdbox format, and in my
mailbox I am seeing files like u.5 and others, a file check on them
reveals them as data.

Should I be seeing encryption in the logs?

Thanks.
Dave.

Dovecot, quota, warning, and issue with setup?

[David Mehler via dovecot]

Hello,

I'm having an issue or two with my new Dovecot setup. I'm running
version 2.3.6 new setup, and using sdbox as the mailbox format. I'm
getting the following warning:

Jun 16 13:57:16 mail dovecot[9583]: lmtp(59153): Warning: quota:
Namespace '' is not Maildir, skipping for Maildir++ quota
Jun 16 13:57:16 mail dovecot[9583]:
lmtp(usern...@example.net)<59153>: Warning:
quota: Namespace '' is not Maildir, skipping for Maildir++ quota

I'm also having issue with the public folder, it's not showing up.
Below is my doveconf -n output.

Any suggestions welcome.
Thanks.
Dave.

# 2.3.6 (7eab80676): /usr/local/etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.6 (92dc263a)
# OS: FreeBSD 12.0-RELEASE-p4 amd64
# Hostname: mail.example.local
auth_cache_size = 10 M
auth_default_realm = example.net
auth_mechanisms = plain login
auth_realms = example.net example.com
dict {
  acl = mysql:/usr/local/etc/dovecot/dovecot-dict-sql.conf.ext
  quota = mysql:/usr/local/etc/dovecot/dovecot-dict-sql.conf.ext
}
first_valid_gid = 2100
first_valid_uid = 2100
hostname = mail.example.net
imap_client_workarounds = delay-newmail tb-extra-mailbox-sep tb-lsub-flags
imap_idle_notify_interval = 29 mins
last_valid_gid = 2100
last_valid_uid = 2100
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
lda_original_recipient_header = X-Original-To
listen = 172.16.21.3
lmtp_rcpt_check_quota = yes
log_timestamp = "%Y-%m-%d %H:%M:%S "
mail_access_groups = vmail
mail_fsync = never
mail_gid = vmail
mail_home = /var/vmail/mailboxes/%d/%n
mail_location = dbox:~/sdbox
mail_plugins = acl fts fts_lucene mail_log notify quota trash virtual
welcome zlib mail_crypt
mail_privileged_group = vmail
mail_server_admin = mailto:postmas...@example.net
mail_uid = vmail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date index ihave duplicate mime foreverypart
extracttext spamtest spamtestplus virustest editheader imapflags
notify imapsieve vnd.dovecot.imapsieve
namespace {
  location = 
sdbox:/var/vmail/public/:CONTROL=~/sdbox/public:INDEX=~/sdbox/public
  prefix = Public/
  separator = /
  subscriptions = yes
  type = public
}
namespace inbox {
  inbox = yes
  location =
  mailbox Drafts {
auto = subscribe
special_use = \Drafts
  }
  mailbox Sent {
auto = subscribe
special_use = \Sent
  }
  mailbox Spam {
auto = subscribe
autoexpunge = 30 days
special_use = \Junk
  }
  mailbox Trash {
auto = subscribe
autoexpunge = 30 days
special_use = \Trash
  }
  prefix =
  separator = /
  type = private
}
passdb {
  args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
  driver = sql
}
plugin {
  acl = vfile
  acl_shared_dict = proxy::acl
  fts = lucene
  fts_autoindex = yes
  fts_autoindex_exclude = \Junk
  fts_autoindex_exclude2 = \Trash
  fts_autoindex_exclude3 = \Spam
  fts_autoindex_max_recent_msgs = 80
  fts_index_timeout = 90
  fts_lucene = whitespace_chars=@. normalize no_snowball
  imapsieve_mailbox1_before = file:/var/vmail/sieve/global/learn-spam.sieve
  imapsieve_mailbox1_causes = COPY
  imapsieve_mailbox1_name = Spam
  imapsieve_mailbox2_before = file:/var/vmail/sieve/global/learn-ham.sieve
  imapsieve_mailbox2_causes = COPY
  imapsieve_mailbox2_from = Spam
  imapsieve_mailbox2_name = *
  mail_crypt_curve = prime256v1
  mail_crypt_global_private_key = # hidden, use -P to show it
  mail_crypt_global_public_key = # hidden, use -P to show it
  mail_crypt_save_version = 2
  mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename
  mail_log_fields = uid box msgid size
  quota = maildir:User quota
  quota_exceeded_message = Storage quota for this account has been
exceeded, please try again later.
  quota_grace = 10%%
  quota_rule2 = Trash:ignore
  quota_status_nouser = DUNNO
  quota_status_overquota = 552 5.2.2 Mailbox is full
  quota_status_success = DUNNO
  quota_vsizes = true
  quota_warning = storage=100%% quota-exceeded 100 %u
  quota_warning2 = storage=95%% quota-warning 95 %u
  quota_warning3 = storage=90%% quota-warning 90 %u
  quota_warning4 = storage=85%% quota-warning 85 %u
  quota_warning5 = storage=75%% quota-warning 75 %u
  sieve = 
file:/var/vmail/sieve/%d/%n/scripts;active=/var/vmail/sieve/%d/%n/active-script.sieve
  sieve_after = /home/vmail/sieve/after.d
  sieve_before = /var/vmail/sieve/global/spam-global.sieve
  sieve_extensions = +notify +imapflags +spamtest +spamtestplus
+virustest +editheader
  sieve_global_dir = /home/vmail/sieve
  sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.execute
+vnd.dovecot.environment
  sieve_max_redirects = 30
  sieve_max_script_size = 1M
  sieve_pipe_bin_dir = /usr/bin
  sieve_plugins = sieve_imapsieve sieve_extprograms
  sieve_spamtest_max_header = X-Spamd-Result: default: [[:alnum:]]+
\[-?[[:digit:]]+\.[[:digit:]]+ / 

sdbox format, quota not maildir, and public folder

[David Mehler via dovecot]

Hello,

I'm using Dovecot 2.3.x and using dbox as mailbox storage format,
specifically sdbox. I'm getting an error from quota about namespace is
not maildir is there a setting I have to use for quota to use the
sdbox?

Dovecot 2.3 error, FreeBSD 12 in a jail

[David Mehler via dovecot]

Hello,

I'm trying to get Dovecot going on my system. It's a FreeBSD
12.0-RELEASE system and it's running dovecot 2.3 via ports in a jail.
I'm getting the same error message(s) as in this bug report, which has
been marked as closed:

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=225078

Dovecot is not starting at all in this jail when starting with service
dovecot start. A service dovecot status also reveals the error message
about /var/run/dovecot/dovecot.conf file, but a doveconf -n does not
reveal any configuration file issues. I did put a symlink in
/var/run/dovecot to /usr/local/etc/dovecot/dovecot.conf, this did not
correct the issue.

Any suggestions welcome.
Thanks.
Dave.

Re: Convert Maildir to Dbox?

[David Mehler via dovecot]

Hello,

Thank you, yes I have, it's not answering my questions.

Thanks.
Dave.

On 5/28/19, Ralph Seichter via dovecot  wrote:
> * David Mehler:
>
>> Are there any performance or stability advantages Sdbox over Maildir?
>
> Have you read the documentation at all?
>
> -Ralph
>

Re: Convert Maildir to Dbox?

[David Mehler via dovecot]

Hello,

Thanks. Are there any performance or stability advantages Sdbox over
Maildir? I'm also thinking ease of encryption an Sdbox or Mdbox vs
Maildir?

Thanks.
Dave.


On 5/28/19, Ralph Seichter via dovecot  wrote:
> * David Mehler via dovecot:
>
>> Any help appreciated.
>
> https://wiki.dovecot.org/Migration/MailFormat
>
> -Ralph
>

Convert Maildir to Dbox?

[David Mehler via dovecot]

Hello,

I've got a Dovecot 2.3.x setup. Currently it's running Maildir
storage. I'd like to convert that to Dbox specifically Sdbox safely.
I'm also looking to at the same time or shortly thereafter encrypt the
email storage with mail_crypt.

Any help appreciated.
Thanks.
Dave.

Re: dovecot 2.3.x, ECC and wildcard certificates, any issues

[David Mehler]

Hello,

I have discovered what I believe is the issue after hearing back from
Aquamail. And that is that android 7 which I'm running 7.0 that is,
only supports up to the p256 ecc curve. This brings up a question to
users of letsencrypt, when you revoke a certificate does it take it
out on the usage as well? I've got one domain that says i've issued to
many certificates for it and no more can be issued, thought I was
using the staging server. I'd like to get those certs off the
letsencrypt servers so I can make a new one using the p256 curve. Does
anyone know if this is doable? Using acme.sh I tried --revoke which
revoked one cert but letsencrypt still would not let me issue another.

Thanks.
Dave.


On 7/30/18, Aki Tuomi  wrote:
> I don't know how to get both RSA and ECC cert from letsencrypt.
>
> Aki
>
>> On 30 July 2018 at 20:43 David Mehler  wrote:
>>
>>
>> Hello,
>>
>> What acme implementation do you use for your letsencrypt certificates?
>> If it's acme.sh how do you get both rsa and ecc certificates? What
>> configuration options are you using in your configuration of services
>> to allow access to both rsa and ecc?
>>
>> Thanks.
>> Dave.
>>
>>
>> On 7/30/18, David Mehler  wrote:
>> > Hello,
>> >
>> > The client in question is the latest version of AquaMail running on
>> > android.
>> >
>> > Thanks.
>> > Dave.
>> >
>> >
>> > On 7/30/18, Aki Tuomi  wrote:
>> >> You should, in practice, enable both. This gives best client
>> >> compability.
>> >> It
>> >> is possible you have clients that cannot understand ECC certificates?
>> >> You
>> >> can use ssl_alt_cert to provide RSA cert too.
>> >>
>> >> Aki
>> >>
>> >>> On 30 July 2018 at 20:05 David Mehler  wrote:
>> >>>
>> >>>
>> >>> Hi,
>> >>>
>> >>> Thanks, good news is that worked. Bad news is it all looks good which
>> >>> means I do not know hwhy my remote clients can't get their email,
>> >>> looked like from the logs it was that.
>> >>>
>> >>> Would 143 be better or 993 for the external clients?
>> >>>
>> >>> Thanks.
>> >>> Dave.
>> >>>
>> >>>
>> >>> On 7/30/18, Aki Tuomi  wrote:
>> >>> >
>> >>> >> On 30 July 2018 at 19:16 David Mehler 
>> >>> >> wrote:
>> >>> >>
>> >>> >>
>> >>> >> Hello,
>> >>> >>
>> >>> >> Does dovecot 2.3.x have any issues recognizing or using
>> >>> >> certificates
>> >>> >> that are ECC and wildcard? I'm trying to switch my letsencrypt
>> >>> >> implementation from acme-client which does not support either of
>> >>> >> those
>> >>> >> capabilities to acme.sh which does. Since then external clients
>> >>> >> checking their email has not worked. A manual telnet to
>> >>> >> mail.example.com 993 gives a connected message but then nothing no
>> >>> >> greeting or capabilities.
>> >>> >>
>> >>> >> The certificate is for example.com with an alt name of
>> >>> >> *.example.com
>> >>> >> if that's not right let me know, i'm not sure about that one,
>> >>> >> connecting to the web sites of these pages seems noticeably
>> >>> >> slower,
>> >>> >> I'm wondering if both of these issues aren't key related?
>> >>> >>
>> >>> >> Thanks.
>> >>> >> Dave.
>> >>> >
>> >>> > These both should be fine.
>> >>> >
>> >>> > Port 993 is TLS encrypted, you should use openssl s_client -connect
>> >>> > server:993
>> >>> >
>> >>> > Aki
>> >>> >
>> >>
>> >
>

Re: dovecot 2.3.x, ECC and wildcard certificates, any issues

[David Mehler]

Hello,

What acme implementation do you use for your letsencrypt certificates?
If it's acme.sh how do you get both rsa and ecc certificates? What
configuration options are you using in your configuration of services
to allow access to both rsa and ecc?

Thanks.
Dave.


On 7/30/18, David Mehler  wrote:
> Hello,
>
> The client in question is the latest version of AquaMail running on
> android.
>
> Thanks.
> Dave.
>
>
> On 7/30/18, Aki Tuomi  wrote:
>> You should, in practice, enable both. This gives best client compability.
>> It
>> is possible you have clients that cannot understand ECC certificates? You
>> can use ssl_alt_cert to provide RSA cert too.
>>
>> Aki
>>
>>> On 30 July 2018 at 20:05 David Mehler  wrote:
>>>
>>>
>>> Hi,
>>>
>>> Thanks, good news is that worked. Bad news is it all looks good which
>>> means I do not know hwhy my remote clients can't get their email,
>>> looked like from the logs it was that.
>>>
>>> Would 143 be better or 993 for the external clients?
>>>
>>> Thanks.
>>> Dave.
>>>
>>>
>>> On 7/30/18, Aki Tuomi  wrote:
>>> >
>>> >> On 30 July 2018 at 19:16 David Mehler  wrote:
>>> >>
>>> >>
>>> >> Hello,
>>> >>
>>> >> Does dovecot 2.3.x have any issues recognizing or using certificates
>>> >> that are ECC and wildcard? I'm trying to switch my letsencrypt
>>> >> implementation from acme-client which does not support either of
>>> >> those
>>> >> capabilities to acme.sh which does. Since then external clients
>>> >> checking their email has not worked. A manual telnet to
>>> >> mail.example.com 993 gives a connected message but then nothing no
>>> >> greeting or capabilities.
>>> >>
>>> >> The certificate is for example.com with an alt name of *.example.com
>>> >> if that's not right let me know, i'm not sure about that one,
>>> >> connecting to the web sites of these pages seems noticeably slower,
>>> >> I'm wondering if both of these issues aren't key related?
>>> >>
>>> >> Thanks.
>>> >> Dave.
>>> >
>>> > These both should be fine.
>>> >
>>> > Port 993 is TLS encrypted, you should use openssl s_client -connect
>>> > server:993
>>> >
>>> > Aki
>>> >
>>
>

Re: dovecot 2.3.x, ECC and wildcard certificates, any issues

[David Mehler]

Hello,

The client in question is the latest version of AquaMail running on android.

Thanks.
Dave.


On 7/30/18, Aki Tuomi  wrote:
> You should, in practice, enable both. This gives best client compability. It
> is possible you have clients that cannot understand ECC certificates? You
> can use ssl_alt_cert to provide RSA cert too.
>
> Aki
>
>> On 30 July 2018 at 20:05 David Mehler  wrote:
>>
>>
>> Hi,
>>
>> Thanks, good news is that worked. Bad news is it all looks good which
>> means I do not know hwhy my remote clients can't get their email,
>> looked like from the logs it was that.
>>
>> Would 143 be better or 993 for the external clients?
>>
>> Thanks.
>> Dave.
>>
>>
>> On 7/30/18, Aki Tuomi  wrote:
>> >
>> >> On 30 July 2018 at 19:16 David Mehler  wrote:
>> >>
>> >>
>> >> Hello,
>> >>
>> >> Does dovecot 2.3.x have any issues recognizing or using certificates
>> >> that are ECC and wildcard? I'm trying to switch my letsencrypt
>> >> implementation from acme-client which does not support either of those
>> >> capabilities to acme.sh which does. Since then external clients
>> >> checking their email has not worked. A manual telnet to
>> >> mail.example.com 993 gives a connected message but then nothing no
>> >> greeting or capabilities.
>> >>
>> >> The certificate is for example.com with an alt name of *.example.com
>> >> if that's not right let me know, i'm not sure about that one,
>> >> connecting to the web sites of these pages seems noticeably slower,
>> >> I'm wondering if both of these issues aren't key related?
>> >>
>> >> Thanks.
>> >> Dave.
>> >
>> > These both should be fine.
>> >
>> > Port 993 is TLS encrypted, you should use openssl s_client -connect
>> > server:993
>> >
>> > Aki
>> >
>

Re: dovecot 2.3.x, ECC and wildcard certificates, any issues

[David Mehler]

Hi,

Thanks, good news is that worked. Bad news is it all looks good which
means I do not know hwhy my remote clients can't get their email,
looked like from the logs it was that.

Would 143 be better or 993 for the external clients?

Thanks.
Dave.


On 7/30/18, Aki Tuomi  wrote:
>
>> On 30 July 2018 at 19:16 David Mehler  wrote:
>>
>>
>> Hello,
>>
>> Does dovecot 2.3.x have any issues recognizing or using certificates
>> that are ECC and wildcard? I'm trying to switch my letsencrypt
>> implementation from acme-client which does not support either of those
>> capabilities to acme.sh which does. Since then external clients
>> checking their email has not worked. A manual telnet to
>> mail.example.com 993 gives a connected message but then nothing no
>> greeting or capabilities.
>>
>> The certificate is for example.com with an alt name of *.example.com
>> if that's not right let me know, i'm not sure about that one,
>> connecting to the web sites of these pages seems noticeably slower,
>> I'm wondering if both of these issues aren't key related?
>>
>> Thanks.
>> Dave.
>
> These both should be fine.
>
> Port 993 is TLS encrypted, you should use openssl s_client -connect
> server:993
>
> Aki
>

dovecot 2.3.x, ECC and wildcard certificates, any issues

[David Mehler]

Hello,

Does dovecot 2.3.x have any issues recognizing or using certificates
that are ECC and wildcard? I'm trying to switch my letsencrypt
implementation from acme-client which does not support either of those
capabilities to acme.sh which does. Since then external clients
checking their email has not worked. A manual telnet to
mail.example.com 993 gives a connected message but then nothing no
greeting or capabilities.

The certificate is for example.com with an alt name of *.example.com
if that's not right let me know, i'm not sure about that one,
connecting to the web sites of these pages seems noticeably slower,
I'm wondering if both of these issues aren't key related?

Thanks.
Dave.

Re: massive mail move

[David Mehler]

Hello Aki,

Thanks. I am wondering with my vps would dbox give me any advantages?
I'm not using network attached storage or nfs just a single raided
disk for files.

Thanks.
Dave.


On 4/20/18, Aki Tuomi <aki.tu...@dovecot.fi> wrote:
> 'doveadm move' might help here?
>
> Aki
>
>
> On 20.04.2018 03:18, David Mehler wrote:
>> Hello,
>>
>> I've got dovecot 2.3 going and a mailbox with a lot of system messages
>> in it. What I'm wanting to do is massively move them to another
>> mailbox. Is this doable with sieve?
>>
>> Thanks.
>> Dave.
>
>

maildir vs dbox?

[David Mehler]

Hello,

I've got a Dovecot virtual email setup using maildir as the mailbox
format. I am wondering from others who have chosen dbox a comparison
between maildir and dbox or those who have migrated from one format to
another. I am wondering if changing to dbox would be beneficial?

Thanks.
Dave.

massive mail move

[David Mehler]

Hello,

I've got dovecot 2.3 going and a mailbox with a lot of system messages
in it. What I'm wanting to do is massively move them to another
mailbox. Is this doable with sieve?

Thanks.
Dave.

imapsieve fail to pipe to sa-learn-spam.sh

[David Mehler]

Hello,

I'm trying to get Dovecot 2.31, pidgeonhole 0.51 going with imapsieve
and rspamd. I'm getting the below in my errorlog:

cat dovecot.log
2018-04-13 17:35:34 imap-login: Info: Login:
user=, method=PLAIN, rip=127.0.0.1,
lip=127.0.0.1, mpid=57977, secured, session=
2018-04-13 17:35:34
imap(testu...@domain.com)<57977>: Error: sieve: pipe
action: failed to pipe message to program: program `sa-learn-spam.sh'
not found
2018-04-13 17:35:34
imap(testu...@domain.com)<57977>: Info: sieve: left
message in mailbox 'Spam'
2018-04-13 17:35:34
imap(testu...@domain.com)<57977>: Error: sieve:
Execution of script /usr/home/vmail/sieve/global/report-spam.sieve
failed
2018-04-13 17:35:34
imap(testu...@domain.com)<57977>: Info: copy from
INBOX: box=Spam, uid=1, msgid=, size=1638
2018-04-13 17:35:34
imap(testu...@domain.com)<57977>: Info: delete:
box=INBOX, uid=2, msgid=, size=1638
2018-04-13 17:35:34
imap(testu...@domain.com)<57977>: Info: expunge:
box=INBOX, uid=2, msgid=, size=1638
2018-04-13 17:35:34
indexer-worker(testu...@domain.com)<59488>:
Info: Indexed 0 messages in Spam
2018-04-13 17:35:34
imap(testu...@domain.com)<57977>: Info: Logged out
in=144 out=1227 deleted=1 expunged=1 trashed=0 hdr_count=0 hdr_bytes=0
body_count=0 body_bytes=0

90-plugin.conf excerpt:
plugin {
  sieve_plugins = sieve_imapsieve sieve_extprograms
sieve_before = /home/vmail/sieve/global/admin.sieve
sieve = 
file:/home/vmail/sieve/%d/%n/scripts;active=/home/vmail/sieve/%d/%n/active-script.sieve

# Spam learning
  # From elsewhere to Spam folder
  imapsieve_mailbox1_name = Spam
  imapsieve_mailbox1_causes = COPY
imapsieve_mailbox1_before = file:/home/vmail/sieve/global/report-spam.sieve

  # From Spam folder to elsewhere
  imapsieve_mailbox2_name = *
  imapsieve_mailbox2_from = Spam
  imapsieve_mailbox2_causes = COPY
imapsieve_mailbox2_before = file:/home/vmail/sieve/global/report-ham.sieve
sieve_pipe_bin_dir = /home/vmail/sieve
sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.execute
+vnd.dovecot.environment

Here are my sieve scripts, they have been compiled, and the shell
scripts, all are owned and group of vmail:vmail and the scripts are
775.
home/vmail/sieve/global#cat report-spam.sieve
require ["vnd.dovecot.pipe", "copy", "imapsieve", "environment", "variables"];
if environment :matches "imap.user" "*" {
  set "username" "${1}";
}
pipe :copy "sa-learn-spam.sh" [ "${username}" ];

/home/vmail/sieve/global#cat report-ham.sieve
require ["vnd.dovecot.pipe", "copy", "imapsieve", "environment", "variables"];
if environment :matches "imap.mailbox" "*" {
  set "mailbox" "${1}";
}
if string "${mailbox}" "Trash" {
  stop;
}
if environment :matches "imap.user" "*" {
  set "username" "${1}";
}
pipe :copy "sa-learn-ham.sh" [ "${username}" ];

/home/vmail/sieve/global#cat sa-learn-spam.sh
#!/bin/sh
exec /usr/local/bin/rspamc -h /var/run/rspamd/rspamd.sock -P
"Password" learn_spam

/home/vmail/sieve/global#cat sa-learn-ham.sh
#!/bin/sh
exec /usr/local/bin/rspamc -h /var/run/rspamd/rspamd.sock -P
"password" learn_ham

I'd appreciate any suggestions.

Thanks.
Dave.

Re: two unrelated issues, lastlogin, and an out of memory fatal error

[David Mehler]

Hello Aki and everyone,

"Increase memory, your cache takes more memory than you have anticipated."

What setting do I need to update in dovecot? I hope your not talking
about the vps it has 4GB of ram.

Thanks.
Dave.


On 4/12/18, Reio Remma <r...@mrstuudio.ee> wrote:
> Hey,
>
> maybe it's like Aki said, you need more memory. :) Other than that I
> can't think of anything. :/
>
> Good luck,
> Reio
>
> On 12.04.18 2:42, David Mehler wrote:
>> Hello,
>>
>> Thanks a lot. That did it.
>>
>> Do you have any idea as to my other issue, the fatal out of memory one?
>>
>> Thanks.
>> Dave.
>>
>>
>> On 4/11/18, Reio Remma <r...@mrstuudio.ee> wrote:
>>> Hello, try:
>>>
>>> SELECT userid, FROM_UNIXTIME(last_login) FROM users;
>>>
>>> Reio
>>>
>>> On 11.04.2018 21:39, David Mehler wrote:
>>>> Hi,
>>>>
>>>> Can I get the database display to display those timestamps in a
>>>> particular format?
>>>>
>>>> Thanks.
>>>> Dave.
>>>>
>>>>
>>>> On 4/11/18, Reio Remma <r...@mrstuudio.ee> wrote:
>>>>> On 11.04.18 18:23, David Mehler wrote:
>>>>>> Hello Aki,
>>>>>>
>>>>>> Thanks for your suggestion. I followed it and the wiki at:
>>>>>>
>>>>>> https://wiki.dovecot.org/Plugins/LastLogin
>>>>>>
>>>>>> Good news, I get a record in the users table, with the username that
>>>>>> just logged in. This is good. Bad news is I got unexpected output
>>>>>> from
>>>>>> the last_login time stamp. Here's the table and the user:
>>>>>>
>>>>>> mysql> describe users;
>>>>>> ++--+--+-+-+---+
>>>>>> | Field  | Type | Null | Key | Default | Extra |
>>>>>> ++--+--+-+-+---+
>>>>>> | userid | varchar(255) | NO   | PRI | NULL|   |
>>>>>> | last_login | int(11)  | YES  | | NULL|   |
>>>>>> ++--+--+-+-+---+
>>>>>> 2 rows in set (0.00 sec)
>>>>>>
>>>>>> mysql> select * from users;
>>>>>> +++
>>>>>> | userid | last_login |
>>>>>> +++
>>>>>> | u...@domain.com | 1523459718 |
>>>>>> +++
>>>>>> 1 row in set (0.01 sec)
>>>>>>
>>>>>>
>>>>>> The issue is the 1523459718  I was expecting something like a time
>>>>>> stamp. Is this fixable? Also, can I use last_login to see on which IP
>>>>>> the user last logged in from?
>>>>> SELECT FROM_UNIXTIME(1523459718)
>>>>>
>>>>> Maybe that will help?
>>>>>
>>>>> Good luck,
>>>>> Reio
>>>>>
>>>
>
>
> --
> Tervitades
> Reio Remma
>
>
> MR Stuudio 25 aastat
>
> *MR Stuudio OÜ*
> Tondi 17b, 11316, Tallinn
> Tel +372 650 4808
> Mob +372 56 22 00 33
> r...@mrstuudio.ee
> www.mrstuudio.ee
>
>
>
>

Re: two unrelated issues, lastlogin, and an out of memory fatal error

[David Mehler]

Hello Aki,

Thanks for your suggestion. I followed it and the wiki at:

https://wiki.dovecot.org/Plugins/LastLogin

Good news, I get a record in the users table, with the username that
just logged in. This is good. Bad news is I got unexpected output from
the last_login time stamp. Here's the table and the user:

mysql> describe users;
++--+--+-+-+---+
| Field  | Type | Null | Key | Default | Extra |
++--+--+-+-+---+
| userid | varchar(255) | NO   | PRI | NULL|   |
| last_login | int(11)  | YES  | | NULL|   |
++--+--+-+-+---+
2 rows in set (0.00 sec)

mysql> select * from users;
+++
| userid | last_login |
+++
| u...@domain.com | 1523459718 |
+++
1 row in set (0.01 sec)


The issue is the 1523459718  I was expecting something like a time
stamp. Is this fixable? Also, can I use last_login to see on which IP
the user last logged in from?

Any ideas on my other issue, the one on the running out of memory when
attempting to access the imported gmail messages?

Thanks for your help so far.

Thanks.
Dave.


On 4/11/18, Aki Tuomi <aki.tu...@dovecot.fi> wrote:
> Hi!
>
>
> On 10.04.2018 19:31, David Mehler wrote:
>> Hello,
>>
>> I've got a few misc issues that I'm trying to get a handle on.
>>
>> I'm having what is probably a simple error with last logins. It's not
>> working, unable to write values to the database. Here's the log lines:
>>
>> 2018-04-10 10:43:34 imap-login: Info: Login: user=<u...@domain.com>,
>> method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=75934, TLS,
>> session=
>> 2018-04-10 10:43:34 imap(u...@domain.com)<75934>:
>> Error: last_login_dict: Failed to write value for user
>> u...@domain.com: dict-server returned failure: sql dict: commit
>> failed: Field 'name' doesn't have a default value (reply took 0.013
>> secs (0.000 in dict wait, 0.012 in other ioloops, 0.000 in locks,
>> async-id reply 0.002 secs ago, started on dict-server 0.005 secs ago,
>> took 0.005 secs))
> It's attempting to insert a new row there for some reason. I'd recommend
> using separate table for last-login values.
>
>> Here's an excerpt from my dovecot-dict-sql.conf.ext file:
>>
>> map {
>>   pattern = shared/last-login/$user
>>   table = accounts
>>   value_field = last_login
>>   value_type = uint
>>
>>   fields {
>> username = $user
>>   }
>> }
>>
>> and the relevant database table:
>> describe accounts;
>> ++--+--+-+-++
>>
>> | Field  | Type | Null | Key | Default | Extra  |
>>
>> ++--+--+-+-++
>>
>> | id | int(10) unsigned | NO   | PRI | NULL| auto_increment |
>>
>> | name   | varchar(255) | NO   | | NULL||
>>
>> | username   | varchar(64)  | NO   | MUL | NULL||
>>
>> | domain | varchar(255) | NO   | MUL | NULL||
>>
>> | password   | varchar(255) | NO   | | NULL||
>>
>> | quota  | int(10) unsigned | YES  | | 0   ||
>>
>> | enabled| tinyint(1)   | YES  | | 0   ||
>>
>> | sendonly   | tinyint(1)   | YES  | | 0   ||
>>
>> | last_login | int(11)  | YES  | | NULL||
>>
>>
>> Second issue, I've used imapsync to download my gmail messages to
>> dovecot. I am atempting to access these messages and getting:
>> 2018-04-08 11:11:58
>> indexer-worker(u...@domain.com)<44193><4GzoqFdpisJ/AAAB:StoZDD4xylqhrAAA0J78UA>:
>> Info: Indexed 0 messages in INBOX
>> 2018-04-08 11:11:58
>> indexer-worker(u...@domain.com)<44193><4GzoqFdpisJ/AAAB:0AaXFD4xylqhrAAA0J78UA>:
>> Info: Indexed 0 messages in INBOX
>> 2018-04-08 11:11:58
>> indexer-worker(u...@domain.com)<44193><4GzoqFdpisJ/AAAB:CP3TIT4xylqhrAAA0J78UA>:
>> Info: Indexed 0 messages in INBOX
>> 2018-04-08 11:11:58
>> indexer-worker(u...@domain.com)<44193><4GzoqFdpisJ/AAAB:eNEWMT4xylqhrAAA0J78UA>:
>> Info: Indexed 0 messages in INBOX
>> 2018-04-08 11:15:28 imap(u...@domain.com)<21374><4GzoqFdpisJ/AAAB>:
>> Fatal: block_alloc(8388608): Out of memory
>> 2018-04-0

Re: doveconf error upon boot up

[David Mehler]

Hello Jerry,

>From what I'm seeing here everything looks fine. Without seeing it i'm
out of ideas.

Dave.


On 4/10/18, Jerry <je...@seibercom.net> wrote:
> On Tue, 10 Apr 2018 11:08:20 -0400, David Mehler stated:
>
>>Can you send a complete doveconf -n and your dovecot startup lines in
>>/etc/rc.conf?
>
> /etc/rc.conf
> ## Dovecot
> dovecot_enable="YES"
>
> # 2.3.1 (8e2f634): /usr/local/etc/dovecot/dovecot.conf
> # Pigeonhole version 0.5.1 (d9bc6dfe)
> # OS: FreeBSD 11.1-RELEASE-p9 amd64  zfs
> # Hostname: localhost
> auth_mechanisms = plain login
> auth_verbose = yes
> auth_verbose_passwords = yes
> lda_mailbox_autocreate = yes
> lda_mailbox_autosubscribe = yes
> log_path = /var/log/dovecot.log
> login_greeting = Seibercom NET Here
> mail_location = maildir:/var/mail/vmail/%d/gerard
> managesieve_notify_capability = mailto
> managesieve_sieve_capability = fileinto reject envelope encoded-character
> vacation subaddress comparator-i;ascii-numeric relational regex imap4flags
> copy include variables body enotify environment mailbox date index ihave
> duplicate mime foreverypart extracttext
> namespace inbox {
>   inbox = yes
>   location =
>   mailbox Drafts {
> special_use = \Drafts
>   }
>   mailbox Junk {
> special_use = \Junk
>   }
>   mailbox Sent {
> special_use = \Sent
>   }
>   mailbox "Sent Messages" {
> special_use = \Sent
>   }
>   mailbox Trash {
> special_use = \Trash
>   }
>   prefix =
>   subscriptions = yes
>   type = private
> }
> passdb {
>   args = scheme=CRYPT username_format=%u
> /usr/local/etc/dovecot/users/passwd
>   driver = passwd-file
> }
> plugin {
>   sieve_default = /usr/local/etc/dovecot/sieve/default.sieve
>   sieve_global = /usr/local/etc/dovecot/sieve/default.sieve
>   sieve_vacation_send_from_recipient = yes
> }
> postmaster_address = postmas...@seibercom.net
> service auth {
>   unix_listener /var/spool/postfix/private/auth {
> group = postfix
> mode = 0666
> user = postfix
>   }
>   unix_listener auth-userdb {
> group = vmail
> mode = 0666
> user = vmail
>   }
> }
> service imap-login {
>   inet_listener imap {
> port = 143
>   }
>   inet_listener imaps {
> port = 993
> ssl = yes
>   }
> }
> service lmtp {
>   unix_listener /var/spool/postfix/private/dovecot-lmtp {
> group = postfix
> mode = 0660
> user = postfix
>   }
> }
> service pop3-login {
>   inet_listener pop3 {
> port = 110
>   }
>   inet_listener pop3s {
> port = 995
> ssl = yes
>   }
> }
> ssl_cert =  ssl_dh =  ssl_key =  ssl_prefer_server_ciphers = yes
> userdb {
>   args = username_format=%u /usr/local/etc/dovecot/users/passwd
>   driver = passwd-file
> }
> protocol lda {
>   mail_plugins = sieve
> }
> protocol lmtp {
>   mail_plugins = sieve
> }
>
>
> --
> Jerry
>

two unrelated issues, lastlogin, and an out of memory fatal error

[David Mehler]

Hello,

I've got a few misc issues that I'm trying to get a handle on.

I'm having what is probably a simple error with last logins. It's not
working, unable to write values to the database. Here's the log lines:

2018-04-10 10:43:34 imap-login: Info: Login: user=,
method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=75934, TLS,
session=
2018-04-10 10:43:34 imap(u...@domain.com)<75934>:
Error: last_login_dict: Failed to write value for user
u...@domain.com: dict-server returned failure: sql dict: commit
failed: Field 'name' doesn't have a default value (reply took 0.013
secs (0.000 in dict wait, 0.012 in other ioloops, 0.000 in locks,
async-id reply 0.002 secs ago, started on dict-server 0.005 secs ago,
took 0.005 secs))

Here's an excerpt from my dovecot-dict-sql.conf.ext file:

map {
  pattern = shared/last-login/$user
  table = accounts
  value_field = last_login
  value_type = uint

  fields {
username = $user
  }
}

and the relevant database table:
describe accounts;
++--+--+-+-++

| Field  | Type | Null | Key | Default | Extra  |

++--+--+-+-++

| id | int(10) unsigned | NO   | PRI | NULL| auto_increment |

| name   | varchar(255) | NO   | | NULL||

| username   | varchar(64)  | NO   | MUL | NULL||

| domain | varchar(255) | NO   | MUL | NULL||

| password   | varchar(255) | NO   | | NULL||

| quota  | int(10) unsigned | YES  | | 0   ||

| enabled| tinyint(1)   | YES  | | 0   ||

| sendonly   | tinyint(1)   | YES  | | 0   ||

| last_login | int(11)  | YES  | | NULL||


Second issue, I've used imapsync to download my gmail messages to
dovecot. I am atempting to access these messages and getting:
2018-04-08 11:11:58
indexer-worker(u...@domain.com)<44193><4GzoqFdpisJ/AAAB:StoZDD4xylqhrAAA0J78UA>:
Info: Indexed 0 messages in INBOX
2018-04-08 11:11:58
indexer-worker(u...@domain.com)<44193><4GzoqFdpisJ/AAAB:0AaXFD4xylqhrAAA0J78UA>:
Info: Indexed 0 messages in INBOX
2018-04-08 11:11:58
indexer-worker(u...@domain.com)<44193><4GzoqFdpisJ/AAAB:CP3TIT4xylqhrAAA0J78UA>:
Info: Indexed 0 messages in INBOX
2018-04-08 11:11:58
indexer-worker(u...@domain.com)<44193><4GzoqFdpisJ/AAAB:eNEWMT4xylqhrAAA0J78UA>:
Info: Indexed 0 messages in INBOX
2018-04-08 11:15:28 imap(u...@domain.com)<21374><4GzoqFdpisJ/AAAB>:
Fatal: block_alloc(8388608): Out of memory
2018-04-08 11:15:28 imap(u...@domain.com)<21374><4GzoqFdpisJ/AAAB>:
Fatal: master: service(imap): child 21374 returned error 83 (Out of
memory (service imap { vsz_limit=256 MB }, you may need to increase
it) - set CORE_OUTOFMEM=1 environment to get core dump)

when I atempt to do so. For completeness the imapsync command I used was:

imapsync --host1 imap.gmail.com --user1 Username --password1 Password
--host2 localhost --user2 username --password2 Password --ssl1
--useheader 'Message-Id' --regextrans2 's/\[Gmail\]/user\@domain/'


Any help appreciated on either issue.
Thanks.
Dave.

doveconf -n
# 2.3.1 (8e2f634): /usr/local/etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.1 (d9bc6dfe)
# OS: FreeBSD 11.1-RELEASE-p4 amd64
# Hostname: localhost
auth_cache_size = 24 M
auth_cache_ttl = 18 hours
auth_default_realm = domain.com
auth_mechanisms = plain login
dict {
  acl = mysql:/usr/local/etc/dovecot/dovecot-dict-sql.conf.ext
  lastlogin = mysql:/usr/local/etc/dovecot/dovecot-dict-sql.conf.ext
  quota = mysql:/usr/local/etc/dovecot/dovecot-dict-sql.conf.ext
}
first_valid_gid = 999
first_valid_uid = 999
hostname = ..
imap_idle_notify_interval = 10 mins
last_valid_gid = 999
last_valid_uid = 999
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
lda_original_recipient_header = X-Original-To
listen = 127.0.0.1 xxx.xxx.xxx.xxx
log_path = /var/log/dovecot/dovecot.log
log_timestamp = "%Y-%m-%d %H:%M:%S "
mail_access_groups = vmail
mail_gid = vmail
mail_home = /home/vmail/mailboxes/%d/%n
mail_location = maildir:~/mail:LAYOUT=fs
mail_plugins = acl mail_log notify quota trash virtual welcome zlib
mail_privileged_group = vmail
mail_server_admin = mailto:postmas...@davemehler.com
mail_uid = vmail
mailbox_idle_check_interval = 59 secs
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date index ihave duplicate mime foreverypart
extracttext spamtest spamtestplus virustest editheader imapflags
notify imapsieve vnd.dovecot.imapsieve
namespace {
  location = 
maildir:/home/vmail/public/:LAYOUT=fs:CONTROL=~/mail/public:INDEX=~/mail/public
  mailbox office {
auto = subscribe

Re: doveconf error upon boot up

[David Mehler]

Hello,

I'm also running FreeBSD 11.1, Dovecot 2.3, and Pidgeonhole 0.5, I am
not getting the error you are noticing. I also do have a symlinked
/var/run/dovecot/dovecot.conf which goes to
/usr/local/etc/dovecot/dovecot.conf.

Can you send a complete doveconf -n and your dovecot startup lines in
/etc/rc.conf?

Thanks.
Dave.


On 4/10/18, Jerry  wrote:
> FreeBSD 11.1-RELEASE-p9 amd64
>
> doveconf
> # 2.3.1 (8e2f634): /usr/local/etc/dovecot/dovecot.conf
> # Pigeonhole version 0.5.1 (d9bc6dfe)
> # OS: FreeBSD 11.1-RELEASE-p9 amd64  zfs
> # Hostname: localhost
>
> I can send the entire output if necessary.
>
> Error message upon boot up:
>
> doveconf: error: t_readlink(/var/run/dovecot/dovecot.conf) failed:
> readlink() failed: No such file or directory
>
> Starting dovecot.
>
> Dovecot appears to start correctly
>
> There is a link in the "/var/run/dovecot directory for dovecot.conf"
>
> lrwx-- 1 root wheel 35B 2018-04-10 10:21:52 EDT dovecot.conf@->
> /usr/local/etc/dovecot/dovecot.conf
>
> This error message has only started since the update to the latest version
> of
> dovecot. I am assuming it is just a harmless error message; however, I
> would
> like to confirm that hypothesis.
>
> --
> Jerry
>

dovecot, imap sieve, roundcube markasjunk2 plugin

[David Mehler]

Hello,

Does anyone have the above combination going?

Per the wiki:

https://wiki.dovecot.org/HowTo/AntispamWithSieve

I have configured Dovecot for imap sieve and rspamd setting up the
learn sieve and shell scripts.

This is working.

Now i'd like to integrate roundcube's markasjunk2 plugin. Looking at
it's config file I am uncertain as to which options to enable. If
anyone has a working markasjunk2 roundcube config that works with
dovecot and imap sieve i'd appreciate seeing it.

Thanks.
Dave.

sharing a folder with all users in a domain

[David Mehler]

Hello,

I'm wanting to make a shared folder that anyone in a domain can get
to, but not anyone in any other domain.

Here's my dovecot shared namespace:

namespace {
  type = shared
  separator = /
  prefix = shared/%%u/
  location = maildir:%%h:INDEX=~/shared/%%u
  subscriptions = no
  list = yes
}

The dovecot-dict-sql.conf.ext file has:

map {
  pattern = shared/shared-boxes/user/$to/$from
  table = user_shares
  value_field = dummy

  fields {
from_user = $from
to_user = $to
  }
}

map {
  pattern = shared/shared-boxes/anyone/$from
  table = anyone_shares
  value_field = dummy

  fields {
from_user = $from
  }
}

and in my global acl file I have:
shared/office@ u...@domain.com lrwstipekxa
 shared/office@ us...@domain.com lrwstipekxa

Thanks.
Dave.

last login tracking error

[David Mehler]

Hello,

I'm running dovecot 2.2 and trying to do last login tracking. I am
using a MySQL database. When a user logs in I get this in the log:

2018-04-07 16:55:14 imap(u...@example.com)<54415>:
Error: last_login_dict: Failed to write value for user
u...@example.com: dict-server returned failure: sql dict: commit
failed: Field 'name' doesn't have a default value (reply took 0.018
secs (0.000 in dict wait, 0.009 in other ioloops, 0.001 in locks,
async-id reply 0.000 secs ago, started on dict-server 0.006 secs ago,
took 0.006 secs))

Here's an excerpt from my dovecot-dict-sql.conf.ext file:

map {
  pattern = shared/last-login/$user
  table = accounts
  value_field = last_login
  value_type = uint

  fields {
username = $user
  }
}



The username does have a value. Can anyone see what I've got wrong?

Thanks.
Dave.

doveconf -n
2018-04-07 16:55:14 imap(u...@example.com)<54415>:
Error: last_login_dict: Failed to write value for user
u...@example.com: dict-server returned failure: sql dict: commit
failed: Field 'name' doesn't have a default value (reply took 0.018
secs (0.000 in dict wait, 0.009 in other ioloops, 0.001 in locks,
async-id reply 0.000 secs ago, started on dict-server 0.006 secs ago,
took 0.006 secs))

# 2.3.1 (8e2f634): /usr/local/etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.1 (d9bc6dfe)
# OS: FreeBSD 11.1-RELEASE-p4 amd64
# Hostname: localhost
auth_cache_size = 24 M
auth_cache_ttl = 18 hours
auth_default_realm = example.com
auth_mechanisms = plain login
auth_realms = example.com nickandwill.com
dict {
  acl = mysql:/usr/local/etc/dovecot/dovecot-dict-sql.conf.ext
  lastlogin = mysql:/usr/local/etc/dovecot/dovecot-dict-sql.conf.ext
  quota = mysql:/usr/local/etc/dovecot/dovecot-dict-sql.conf.ext
}
first_valid_gid = 999
first_valid_uid = 999
hostname = mail.example.com
imap_idle_notify_interval = 10 mins
last_valid_gid = 999
last_valid_uid = 999
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
lda_original_recipient_header = X-Original-To
listen = 127.0.0.1 66.228.47.34
log_path = /var/log/dovecot/dovecot.log
log_timestamp = "%Y-%m-%d %H:%M:%S "
mail_access_groups = vmail
mail_gid = vmail
mail_home = /home/vmail/mailboxes/%d/%n
mail_location = maildir:~/mail:LAYOUT=fs
mail_plugins = acl mail_log notify quota trash virtual welcome zlib
mail_privileged_group = vmail
mail_server_admin = mailto:postmas...@example.com
mail_uid = vmail
mailbox_idle_check_interval = 59 secs
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date index ihave duplicate mime foreverypart
extracttext spamtest spamtestplus virustest editheader imapflags
notify imapsieve vnd.dovecot.imapsieve
namespace {
  location = 
maildir:/home/vmail/public/:CONTROL=~/mail/public:INDEX=~/mail/public
  mailbox TestFolder {
auto = subscribe
comment = Public Folder for message sharing
  }
  prefix = Public/
  separator = /
  subscriptions = yes
  type = public
}
namespace {
  hidden = no
  location = 
maildir:/home/vmail/shared/office/.Maildir:CONTROL=~/.Maildir/control/office:INDEX=~/.Maildir/index/office
  prefix = office/
  separator = /
}
namespace inbox {
  inbox = yes
  location =
  mailbox Archives {
auto = subscribe
special_use = \Archive
  }
  mailbox Drafts {
auto = subscribe
special_use = \Drafts
  }
  mailbox Sent {
auto = subscribe
special_use = \Sent
  }
  mailbox Spam {
auto = subscribe
autoexpunge = 30 days
special_use = \Junk
  }
  mailbox Trash {
auto = subscribe
autoexpunge = 30 days
special_use = \Trash
  }
  mailbox virtual/All {
comment = All my messages
special_use = \All
  }
  prefix =
  separator = /
  type = private
}
namespace virtual {
  location = 
virtual:/usr/local/etc/dovecot/virtual:INDEX=~/virtual:CONTROL=~/virtual
  prefix = virtual/
  separator = /
}
passdb {
  args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
  driver = sql
}
plugin {
  acl = vfile:/usr/local/etc/dovecot/global-acls:cache_secs=300
  acl_anyone = allow
  acl_globals_only = yes
  acl_shared_dict = proxy::acl
  fts = lucene
  fts_autoindex = yes
  fts_autoindex_max_recent_msgs = 80
  fts_index_timeout = 90
  fts_lucene = whitespace_chars=@. normalize no_snowball
  imapsieve_mailbox1_before = file:/home/vmail/sieve/global/learn-spam.sieve
  imapsieve_mailbox1_causes = COPY
  imapsieve_mailbox1_name = Spam
  imapsieve_mailbox2_before = file:/home/vmail/sieve/global/learn-ham.sieve
  imapsieve_mailbox2_causes = COPY
  imapsieve_mailbox2_from = Spam
  imapsieve_mailbox2_name = *
  last_login_dict = proxy::lastlogin
  last_login_key = last-login/%n
  mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename
  mail_log_fields = uid box msgid size
  quota = dict:User quota::proxy::quota
  quota_exceeded_message = Storage quota for this account has been

dovecot lastlogin tracking

[David Mehler]

Hello,

I am trying to get Dovecot 2.3.1 to track lastlogins of users. I'm
using a MySQL database. When I log in I am getting this in the error
log:

2018-04-02 18:24:21 imap(u...@domain.com)<61855><6R0rDeVodcl/AAAB>:
Error: last_login_dict: Failed to write value for user
u...@domain.com: dict-server returned failure: sql dict: commit
failed: Field 'name' doesn't have a default value (reply took 0.026
secs (0.000 in dict wait, 0.020 in other ioloops, 0.001 in locks,
async-id reply 0.000 secs ago, started on dict-server 0.019 secs ago,
took 0.005 secs))

Here's an excerpt from my dovecot-dict-sql.conf.ext file:
map {
  pattern = shared/last-login/$username
  table = accounts
  username_field = username
  value_field = lastlogin
  fields {
username = $username
  }
}



I've got all users in the accounts table and there is a lastlogin column:


describe accounts;
+---+--+--+-+-++
| Field | Type | Null | Key | Default | Extra  |
+---+--+--+-+-++
| id| int(10) unsigned | NO   | PRI | NULL| auto_increment |
| name  | varchar(255) | NO   | | NULL||
| username  | varchar(64)  | NO   | MUL | NULL||
| domain| varchar(255) | NO   | MUL | NULL||
| password  | varchar(255) | NO   | | NULL||
| quota | int(10) unsigned | YES  | | 0   ||
| enabled   | tinyint(1)   | YES  | | 0   ||
| sendonly  | tinyint(1)   | YES  | | 0   ||
| lastlogin | int(11) unsigned | NO   | | 0   ||

Thanks.
Dave.

doveconf -n
# 2.3.1 (8e2f634): /usr/local/etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.1 (d9bc6dfe)
# OS: FreeBSD 11.1-RELEASE-p4 amd64
# Hostname: localhost
auth_cache_size = 24 M
auth_cache_ttl = 18 hours
auth_default_realm = example.com
auth_mechanisms = plain login
auth_realms = example.com example2.com
dict {
  acl = mysql:/usr/local/etc/dovecot/dovecot-dict-sql.conf.ext
  lastlogin = mysql:/usr/local/etc/dovecot/dovecot-dict-sql.conf.ext
  quota = mysql:/usr/local/etc/dovecot/dovecot-dict-sql.conf.ext
}
first_valid_gid = 999
first_valid_uid = 999
hostname = mail.example.com
imap_idle_notify_interval = 10 mins
last_valid_gid = 999
last_valid_uid = 999
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
lda_original_recipient_header = X-Original-To
listen = 127.0.0.1 xxx.xxx.xxx.xxx
log_path = /var/log/dovecot/dovecot.log
log_timestamp = "%Y-%m-%d %H:%M:%S "
mail_access_groups = vmail
mail_gid = vmail
mail_home = /home/vmail/mailboxes/%d/%n
mail_location = maildir:~/mail:LAYOUT=fs
mail_plugins = acl mail_log notify quota trash virtual welcome zlib
mail_privileged_group = vmail
mail_server_admin = mailto:postmas...@example.com
mail_uid = vmail
mailbox_idle_check_interval = 59 secs
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date index ihave duplicate mime foreverypart
extracttext spamtest spamtestplus virustest editheader imapflags
notify imapsieve vnd.dovecot.imapsieve
namespace {
  location = 
maildir:/home/vmail/public/:CONTROL=~/mail/public:INDEX=~/mail/public
  mailbox TestFolder {
auto = subscribe
comment = Public Folder for message sharing
  }
  prefix = Public/
  separator = /
  subscriptions = yes
  type = public
}
namespace {
  list = children
  location = 
maildir:/home/vmail/mail/%%d/%%n:LAYOUT=fs:INDEX=/home/vmail/indexes/%d/%n/shared/%%u:INDEXPVT=/home/vmail/indexes/%d/%n/shared/%%u
  prefix = shared/%%d/%%n/
  separator = /
  subscriptions = no
  type = shared
}
namespace inbox {
  inbox = yes
  location =
  mailbox Archives {
auto = subscribe
special_use = \Archive
  }
  mailbox Drafts {
auto = subscribe
special_use = \Drafts
  }
  mailbox Sent {
auto = subscribe
special_use = \Sent
  }
  mailbox Spam {
auto = subscribe
autoexpunge = 30 days
special_use = \Junk
  }
  mailbox Trash {
auto = subscribe
autoexpunge = 30 days
special_use = \Trash
  }
  mailbox virtual/All {
comment = All my messages
special_use = \All
  }
  prefix =
  separator = /
  type = private
}
namespace virtual {
  location = 
virtual:/usr/local/etc/dovecot/virtual:INDEX=~/virtual:CONTROL=~/virtual
  prefix = virtual/
  separator = /
}
passdb {
  args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
  driver = sql
}
plugin {
  acl = vfile
  acl_shared_dict = proxy::acl
  fts = lucene
  fts_autoindex = yes
  fts_autoindex_max_recent_msgs = 80
  fts_index_timeout = 90
  fts_lucene = whitespace_chars=@. normalize no_snowball
  imapsieve_mailbox1_before = file:/home/vmail/sieve/global/learn-spam.sieve
  

domain email autoconfiguration

[David Mehler]

Hello,

If anyone has autoconfiguration going with their email domain please
email me privately. I'd like to ask you some questions about your
setup. What do you use?

Thanks.
Dave.

Dovecot quota

[David Mehler]

Hello,

I'm running Dovecot on a FreeBSD system with Postfix in a virtual user
setup, with Mysql. I am trying to understand the quota configuration.

I've got a Mysql database with an accounts table with a quota field.
I've also got two other tables one quota (currently has nothing in it
an empty set), and quota2 messages and bytes which has one entry. My
goal is to have different quotas for each user so say one user has a
512MB quota I put 512 in the accounts quota column, while another user
might have 256MB, put 256 in the accounts quota column. These are just
examples. I'm assuming messages in the quota2 table track how many
messages are under that user's is it inbox or all folders in the
account? And bytes is that the space being taken up again by inbox or
by all messages in the account?

I'm also trying to have a separate quota for my public folders, which
is not working.

If anyone could take a look at this configuration see if it looks good
and maybe where public is not happening i'd appreciate it.

Thanks.
Dave.

Configuration:
mysql> describe accounts;
+--+--+--+-+-++
| Field| Type | Null | Key | Default | Extra  |
+--+--+--+-+-++
| id   | int(10) unsigned | NO   | PRI | NULL| auto_increment |
| name | varchar(255) | NO   | | NULL||
| username | varchar(64)  | NO   | MUL | NULL||
| domain   | varchar(255) | NO   | MUL | NULL||
| password | varchar(255) | NO   | | NULL||
| quota| int(10) unsigned | YES  | | 0   ||
| enabled  | tinyint(1)   | YES  | | 0   ||
| sendonly | tinyint(1)   | YES  | | 0   ||
| last_login   | int(11)  | YES  | | NULL||
| last_login_ip| varchar(16)  | YES  | | NULL||
| last_login_date  | datetime | YES  | | NULL||
| last_login_proto | varchar(16)  | YES  | | NULL||
+--+--+--+-+-++
12 rows in set (0.00 sec)

mysql> describe quota;
+--+--+--+-+-+---+
| Field| Type | Null | Key | Default | Extra |
+--+--+--+-+-+---+
| username | varchar(255) | NO   | PRI | NULL|   |
| path | varchar(100) | NO   | PRI | NULL|   |
| current  | bigint(20)   | NO   | | 0   |   |
+--+--+--+-+-+---+
3 rows in set (0.00 sec)

mysql> describe quota2;
+--+--+--+-+-+---+
| Field| Type | Null | Key | Default | Extra |
+--+--+--+-+-+---+
| username | varchar(100) | NO   | PRI | NULL|   |
| bytes| bigint(20)   | NO   | | 0   |   |
| messages | int(11)  | NO   | | 0   |   |
+--+--+--+-+-+---+
3 rows in set (0.01 sec)

mysql> select * from quota;
Empty set (0.00 sec)

mysql> select * from quota2;
++---+--+
| username   | bytes | messages |
++---+--+
| u...@example.com | 171430625 |20591 |
++---+--+
1 row in set (0.00 sec)

doveconf -n
# 2.2.35 (b1cb664): /usr/local/etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.23 (b2e41927)
# OS: FreeBSD 11.1-RELEASE-p4 amd64
# Hostname: localhost
auth_cache_size = 24 M
auth_cache_ttl = 18 hours
auth_default_realm = example.com
auth_mechanisms = plain login
auth_realms = example.com
dict {
  acl = mysql:/usr/local/etc/dovecot/dovecot-dict-sql.conf.ext
  quota = mysql:/usr/local/etc/dovecot/dovecot-dict-sql.conf.ext
}
first_valid_gid = 999
first_valid_uid = 999
hostname = mail.example.com
imap_idle_notify_interval = 10 mins
last_valid_gid = 999
last_valid_uid = 999
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
lda_original_recipient_header = X-Original-To
listen = 127.0.0.1 xxx.xxx.xxx.xxx
log_path = /var/log/dovecot/dovecot.log
log_timestamp = "%Y-%m-%d %H:%M:%S "
mail_access_groups = vmail
mail_fsync = never
mail_gid = vmail
mail_home = /home/vmail/mailboxes/%d/%n
mail_location = maildir:~/mail:LAYOUT=fs
mail_plugins = acl mail_log notify quota quota_clone trash virtual welcome zlib
mail_privileged_group = vmail
mail_server_admin = mailto:postmas...@example.com
mail_uid = vmail
mailbox_idle_check_interval = 59 secs
mailbox_list_index = yes
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress 

Re: dovecot sha512-crypt database storage

[David Mehler]

Hello,

Yes I am referencing my virtual users table.

Other suggestions welcome.

Thanks.
Dave.


On 3/11/18, @lbutlr <krem...@kreme.com> wrote:
> On 2018-03-10 (16:48 MST), David Mehler <dave.meh...@gmail.com> wrote:
>>
>> Thanks. That query doesn't return any parse errors but it does say
>> that it can't save the password.
>
> Are you referencing the right table in your database?
>
> --
> It is the business of the future to be dangerous.
>
>

Re: dovecot sha512-crypt database storage

[David Mehler]

Hi,

Thanks. That query doesn't return any parse errors but it does say
that it can't save the password.

Any ideas?

Thanks.
Dave.


On 3/10/18, David Mehler <dave.meh...@gmail.com> wrote:
> Hello,
>
> Thanks. Trying that query adapted to my database table and getting an
> error can not save password, any ideas?
>
> When you made your initial database tables how did you set up the
> password field and in MySQL how did you make it?
>
> I'm trying to figure out what is different about your setup than mine.
>
> Thanks.
> Dave.
>
>
> On 3/10/18, Thore Bödecker <m...@foxxx0.de> wrote:
>> Hey,
>>
>> using the roundcube password plugin allows you to specify arbitrary
>> statements for password_query.
>>
>> I'm using SHA512-CRYPT too and this is my $config['password_query']:
>>
>> "UPDATE vhostapi_prod.mail_accounts SET
>> password=CONCAT(_utf8'{SHA512-CRYPT}',ENCRYPT(_utf8%p,CONCAT(_utf8'$6$',
>> SUBSTRING(SHA(RAND()), -16 WHERE email=%u LIMIT 1"
>>
>>
>> Cheers,
>> Thore
>>
>> On 10.03.18 - 16:00, David Mehler wrote:
>>> Hello,
>>>
>>> I've got dovecot authenticating to a MySQL database. I've got a field
>>> varchar(128) called password. Whenever I create a password I use
>>> doveadm pw as in:
>>>
>>> doveadm pw -s sha512-crypt
>>>
>>> now i'd like to get MySQL to make a dovecot-specific password. My goal
>>> is to eventually have roundcube's password plugin working with this
>>> MySQL database to change the password.
>>>
>>> Thanks.
>>> Dave.
>>
>> --
>>
>>
>

dovecot sha512-crypt database storage

[David Mehler]

Hello,

I've got dovecot authenticating to a MySQL database. I've got a field
varchar(128) called password. Whenever I create a password I use
doveadm pw as in:

doveadm pw -s sha512-crypt

now i'd like to get MySQL to make a dovecot-specific password. My goal
is to eventually have roundcube's password plugin working with this
MySQL database to change the password.

Thanks.
Dave.

last login tracking

[David Mehler]

Hello,

I've got dovecot going with postfix and MySQL database for user and
domain storage. Dovecot handles the authentication.

My last login is not working, does anyone have a table example and
configs? I looked at the wiki page on the lastlogin plugin but
obviously what I'm doing isn't working, I keep getting message write
was unsuccessful for the lastlogin ip.

I'd appreciate any help.

Thanks.
Dave.

#doveconf -n
# 2.2.34 (874deae): /usr/local/etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.22 (22940fb7)
# OS: FreeBSD 11.1-RELEASE-p4 amd64
# Hostname: localhost
auth_cache_size = 10 M
auth_default_realm = example.com
auth_mechanisms = plain login
auth_realms = example.com example2.com
dict {
  acl = proxy:mysql:/usr/local/etc/dovecot/shared-folders.conf
  lastlogin = proxy:mysql:/usr/local/etc/dovecot/last-login.conf
  sqlquota = proxy:mysql:/usr/local/etc/dovecot/quota.conf
}
first_valid_gid = 999
first_valid_uid = 999
hostname = mail.example.com
imap_idle_notify_interval = 10 mins
last_valid_gid = 999
last_valid_uid = 999
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
lda_original_recipient_header = X-Original-To
listen = 127.0.0.1 xxx.xxx.xxx.xxx
lmtp_rcpt_check_quota = yes
mail_access_groups = vmail
mail_fsync = never
mail_gid = vmail
mail_home = /home/vmail/mailboxes/%d/%n
mail_location = maildir:~/mail:LAYOUT=fs
mail_plugins = acl mail_log notify quota quota_clone trash virtual welcome zlib
mail_privileged_group = vmail
mail_server_admin = mailto:postmas...@example.com
mail_uid = vmail
mailbox_list_index = yes
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date index ihave duplicate mime foreverypart
extracttext imapflags notify imapsieve vnd.dovecot.imapsieve
namespace {
  location = 
maildir:/home/vmail/public/:CONTROL=~/mail/public:INDEX=~/mail/public
  mailbox TestFolder {
auto = subscribe
comment = Public Folder for message sharing
  }
  prefix = Public/
  separator = /
  subscriptions = yes
  type = public
}
namespace {
  list = children
  location = maildir:%%h/Maildir:INDEXPVT=~/Maildir/shared/%%u
  prefix = shared/%%u/
  separator = /
  subscriptions = no
  type = shared
}
namespace inbox {
  inbox = yes
  location =
  mailbox Archive {
auto = no
special_use = \Archive
  }
  mailbox Archives {
auto = subscribe
special_use = \Archive
  }
  mailbox "Deleted Messages" {
auto = no
autoexpunge = 30 days
special_use = \Trash
  }
  mailbox Drafts {
auto = subscribe
special_use = \Drafts
  }
  mailbox Junk {
auto = no
autoexpunge = 30 days
special_use = \Junk
  }
  mailbox "Junk E-mail" {
auto = no
autoexpunge = 30 days
special_use = \Junk
  }
  mailbox Sent {
auto = subscribe
special_use = \Sent
  }
  mailbox "Sent Items" {
auto = no
special_use = \Sent
  }
  mailbox "Sent Messages" {
auto = no
special_use = \Sent
  }
  mailbox Spam {
auto = subscribe
autoexpunge = 30 days
special_use = \Junk
  }
  mailbox Trash {
auto = subscribe
autoexpunge = 30 days
special_use = \Trash
  }
  mailbox virtual/All {
comment = All my messages
special_use = \All
  }
  prefix =
  separator = /
  type = private
}
namespace virtual {
  location = 
virtual:/usr/local/etc/dovecot/virtual:INDEX=~/virtual:CONTROL=~/virtual
  prefix = virtual/
  separator = /
}
passdb {
  args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
  driver = sql
}
plugin {
  acl = vfile:/usr/local/etc/dovecot/global-acls:cache_secs=300
  acl_anyone = allow
  acl_globals_only = yes
  acl_shared_dict = proxy::acl
  imapsieve_mailbox1_before = file:/home/vmail/sieve/global/learn-spam.sieve
  imapsieve_mailbox1_causes = COPY
  imapsieve_mailbox1_name = Spam
  imapsieve_mailbox2_before = file:/home/vmail/sieve/global/learn-ham.sieve
  imapsieve_mailbox2_causes = COPY
  imapsieve_mailbox2_from = Spam
  imapsieve_mailbox2_name = *
  last_login_dict = proxy::lastlogin
  last_login_key = last-login/%u
  mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename
  mail_log_fields = uid box msgid size
  quota = count:User quota
  quota_clone_dict = proxy::sqlquota
  quota_exceeded_message = Storage quota for this account has been
exceeded, please try again later.
  quota_grace = 10%%
  quota_status_nouser = DUNNO
  quota_status_overquota = 552 5.2.2 Mailbox is full
  quota_status_success = DUNNO
  quota_vsizes = true
  quota_warning = storage=100%% quota-exceeded 100 %u
  quota_warning2 = storage=95%% quota-warning 95 %u
  quota_warning3 = storage=90%% quota-warning 90 %u
  quota_warning4 = storage=85%% quota-warning 85 %u
  quota_warning5 = storage=75%% quota-warning 75 %u
  sieve = ~/.dovecot.sieve
  sieve_before = /home/vmail/sieve/before.d
  sieve_default = /home/vmail/sieve/default.sieve
  sieve_dir = 

Re: requiring a full fqdn for authentication

[David Mehler]

Hi,

Thanks. Can you elaborate?

Thanks.
Dave.


On 3/6/18, Steffen Kaiser <skdove...@inf.h-brs.de> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On Fri, 2 Mar 2018, David Mehler wrote:
>
>> dovecot to require a complete email address as a login. Currently I
>> can log in by either a username or fqdn. I've got the below what is
>> the issue?
>
>> If I need to provide my sql password query let me know.
>
> your SQL query in passdb allows both usernames.
>
>
> - --
> Steffen Kaiser
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1
>
> iQEVAwUBWp6JisQnQQNheMxiAQKuuggAjNcedq1DVGWbe/3vpKHUHdgBJVzmmEsI
> seSm/NFfR6/Fw8c4fCz0BAiIBUkmo7LEowFFo6M9Yf+ZJHP1IDt6N7gWTgral2Vh
> pMrNn+mv9okzL2UvJzUlkCA4ntBJVG3BrG9ZUJfk/1f8IKS090nNpu4F79Ag0TG2
> MiobX5XtIRvpwSTCteVzQaIanpNhmW/BSvA2smPcdt58AmVI6HUslxcsv9A1XZLP
> q47pYucUTyPdsNcK4OrzitRH2+0HNTw70kClP/dfUWEvL4ssw3drCXhO7LjN+Crq
> IpdfHp0k7bkfIv/e5Lfg4ZZs4uV5obEyqaa+UP0IUTLrEau1syZd9Q==
> =lhft
> -END PGP SIGNATURE-
>

dovecot connections to mysql

[David Mehler]

Hello,

I'm running a virtual mail hosting system with MySQL as a backend for
dovecot to do it's authentication against. I am getting intermediant
failures when users attempt mail-related tasks such as checking their
inbox or setting up an alias. The error is to many connections.

Any ideas?

Thanks.
Dave.

getmail, dovecot, virtual users

[David Mehler]

Hello,

I've got a dovecot setup with virtual users coming from a MySQL
database. The only system user I have is the vmail owner of the email
store. What i'd like to do is use the program getmail to back up my
gmail account and place that in my user's virtual mail store. I'm
having issues making the configuration file and where to put it.
Should it go in the virtual user's home directory or somewhere else
and run by which user root or the vmail user?

If anyone has this working any suggestions appreciated.

Thanks.
Dave.

requiring a full fqdn for authentication

[David Mehler]

Hello,

I'm using dovecot to do postfix authentication. I'm trying to get
dovecot to require a complete email address as a login. Currently I
can log in by either a username or fqdn. I've got the below what is
the issue?

If I need to provide my sql password query let me know.

Thanks.
Dave.

doveconf -n
# 2.2.34 (874deae): /usr/local/etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.21 (92477967)
# OS: FreeBSD 11.1-RELEASE-p4 amd64
# Hostname: localhost
auth_cache_size = 10 M
auth_default_realm = example.com
auth_realms = example.com example2.com
dict {
  acl = mysql:/usr/local/etc/dovecot/shared-folders.conf
  sqlquota = mysql:/usr/local/etc/dovecot/quota.conf
}
first_valid_gid = 999
first_valid_uid = 999
hostname = mail.example.com
imap_idle_notify_interval = 10 mins
last_valid_gid = 999
last_valid_uid = 999
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
lda_original_recipient_header = X-Original-To
listen = 127.0.0.1 xxx.xxx.xxx.xxx
lmtp_rcpt_check_quota = yes
mail_access_groups = vmail
mail_fsync = never
mail_gid = vmail
mail_home = /home/vmail/mailboxes/%d/%n
mail_location = maildir:~/mail:LAYOUT=fs
mail_plugins = acl mail_log notify quota quota_clone trash virtual welcome zlib
mail_privileged_group = vmail
mail_server_admin = mailto:postmas...@example.com
mail_uid = vmail
mailbox_list_index = yes
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date index ihave duplicate mime foreverypart
extracttext imapflags notify imapsieve vnd.dovecot.imapsieve
namespace {
  list = children
  location = maildir:/home/vmail/public:LAYOUT=fs:INDEXPVT=~/mail/public
  mailbox TestFolder {
auto = subscribe
comment = Public Folder for message sharing
  }
  prefix = public/
  separator = /
  subscriptions = no
  type = public
}
namespace {
  list = children
  location = maildir:%%h/Maildir:INDEXPVT=~/Maildir/shared/%%u
  prefix = shared/%%u/
  separator = /
  subscriptions = no
  type = shared
}
namespace inbox {
  inbox = yes
  location =
  mailbox Archive {
auto = no
special_use = \Archive
  }
  mailbox Archives {
auto = subscribe
special_use = \Archive
  }
  mailbox "Deleted Messages" {
auto = no
autoexpunge = 30 days
special_use = \Trash
  }
  mailbox Drafts {
auto = subscribe
special_use = \Drafts
  }
  mailbox Junk {
auto = no
autoexpunge = 30 days
special_use = \Junk
  }
  mailbox "Junk E-mail" {
auto = no
autoexpunge = 30 days
special_use = \Junk
  }
  mailbox Sent {
auto = subscribe
special_use = \Sent
  }
  mailbox "Sent Items" {
auto = no
special_use = \Sent
  }
  mailbox "Sent Messages" {
auto = no
special_use = \Sent
  }
  mailbox Spam {
auto = subscribe
autoexpunge = 30 days
special_use = \Junk
  }
  mailbox Trash {
auto = subscribe
autoexpunge = 30 days
special_use = \Trash
  }
  mailbox virtual/All {
comment = All my messages
special_use = \All
  }
  prefix =
  separator = /
  type = private
}
namespace virtual {
  location = 
virtual:/usr/local/etc/dovecot/virtual:INDEX=~/virtual:CONTROL=~/virtual
  prefix = virtual/
  separator = /
}
passdb {
  args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
  driver = sql
}
plugin {
  acl = vfile:/usr/local/etc/dovecot/global-acls:cache_secs=300
  acl_anyone = allow
  acl_globals_only = yes
  acl_shared_dict = proxy::acl
  fts = solr
  fts_autoindex = yes
  fts_solr = url=http://127.0.0.1:8983/solr/dovecot/
  imapsieve_mailbox1_before = file:/home/vmail/sieve/global/learn-spam.sieve
  imapsieve_mailbox1_causes = COPY
  imapsieve_mailbox1_name = Spam
  imapsieve_mailbox2_before = file:/home/vmail/sieve/global/learn-ham.sieve
  imapsieve_mailbox2_causes = COPY
  imapsieve_mailbox2_from = Spam
  imapsieve_mailbox2_name = *
  last_login_dict = proxy::lastlogin
  last_login_key = last-login/%u
  mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename
  mail_log_fields = uid box msgid size
  quota = count:User quota
  quota_clone_dict = proxy::sqlquota
  quota_exceeded_message = Storage quota for this account has been
exceeded, please try again later.
  quota_grace = 10%%
  quota_status_nouser = DUNNO
  quota_status_overquota = 552 5.2.2 Mailbox is full
  quota_status_success = DUNNO
  quota_vsizes = true
  quota_warning = storage=100%% quota-exceeded 100 %u
  quota_warning2 = storage=95%% quota-warning 95 %u
  quota_warning3 = storage=90%% quota-warning 90 %u
  quota_warning4 = storage=85%% quota-warning 85 %u
  quota_warning5 = storage=75%% quota-warning 75 %u
  sieve = ~/.dovecot.sieve
  sieve_before = /home/vmail/sieve/before.d
  sieve_default = /home/vmail/sieve/default.sieve
  sieve_dir = ~/sieve
  sieve_extensions = +notify +imapflags
  sieve_global_dir = /home/vmail/sieve
  sieve_global_extensions = 

Re: Virtual question

[David Mehler]

Hello,

Can you elaborate?

Thanks.
Dave.


On 3/1/18, Aki Tuomi  wrote:
> You can also use
> namespace virtual
> { 
> location=virtual:/etc/dovecot/virtual:INDEX=~/virtual/:CONTROL=~/virtual/}
> so you put the folder definitions under /etc and per-user indexes end up
> under user home. ---Aki TuomiDovecot oy
>  Original message From: LuKreme  Date:
> 01/03/2018  20:40  (GMT+02:00) To: dovecot@dovecot.org Subject: Virtual
> question
> “For each virtual directory you need to create a dovecot-virtual file. Its
> syntax is like:”
> OK, where does this file get created?
> Say I want the users to have a virtual mailbox that is messages received in
> the last month, does that file go into each user'
> s Maildir path?
> It sounds like I have to create a virtual folder for each user, then any
> folders inside that folders, and then the config files in each of the sub
> folders.
> user1/Maildir/virtual/month/dovecot-virtualuser1/Maildir/virtual/week/dovecot-virtualuser1/Maildir/virtual/flagged/dovecot-virtualuser1/Maildir/virtual/Amazon/dovecot-virtualuser2/Maildir/virtual/month/dovecot-virtualuser2/Maildir/virtual/week/dovecot-virtualuser2/Maildir/virtual/flagged/dovecot-virtualuser2/Maildir/virtual/Amazon/dovecot-virtual
> Yes?
> If so, is there anyway to have a "global”virtual that applies to all users
> (but not that unifies the mail between users or anything like that).
> Also, will virtual mailboxes show up automatically for the user in the
> folder list or will they have to specifically subscribe to them? (Assuming
> they use a client that allows subscribing instead of auto showing all
> mailboxes like iOS).
> ˜kremels/ $ cat Maildir/virtual/month/dovecot-vitual #
> ~/Maildir/virtual/month/dovecot-virtualINBOXwork/*  all younger 2678400
> That should create a mailbox "month” in a folder named "virtual” that shows
> all the messages from the last 31d, yes? And I should be able to access that
> mailbox in a MUA like Roundcube or Thunderbird?
> -- My main job is trying to come up with new and innovative and effective
> ways to reject even more mail. I'm up to about 97% now.

Re: Using virtual folders with younger and index files

[David Mehler]

Hello Rob,

Do you by chance have a virtual/All folder which holds all your
messages? If so, could I see that configuration?

Thanks.
Dave.


On 2/27/18, Rob Hoelz  wrote:
> Hi list,
>
> I just encountered a problem while using dovecot's Virtual plugin with
> 2.3.0.  I managed to solve the issue,
> but I wanted to bring it to the attention of others on the list to see if
> there exists a better solution, if
> I found a bug, or if it's just a matter of updating documentation.
>
> I have a virtual folder to get the most recent two weeks of mails; it looks
> something like this:
>
>> INBOX
>>   all younger 1209600
>
> I made this folder back in October.  Lately, I started to notice that the
> virtual folder had a surprising amount
> of mail in it - I don't get 1,000 e-mails per week!  After some doveadm
> commands, I realized that e-mails from
> October were still present in my virtual folder!  Updating the
> dovecot-virtual would clear away e-mails older than
> two weeks (I needed to actually introduce a change, even if it was just
> whitespace - just touching the file didn't
> update things), and removing the dovecot index file also cleared things
> away.  In then end, I ended up just telling
> dovecot to disable on-disk indexes for that folder.
>
> I created this folder based on the examples on
> https://wiki.dovecot.org/Plugins/Virtual - I'm wondering if I found a bug
> or if that page should be changed to recommend disabling on-disk indexes
> when using certain search query filters such as
> "younger".  If the latter, I can always make the change - just let me know!
>
> -Rob
>

dovecot solr and users

[David Mehler]

Hello,

I'm trying to get fts searching done with dovecot. I keep getting the
below error. Any help appreciated?

Thanks.
Dave.

#doveadm index -A inbox
doveadm(u...@example.com): Info: User no longer exists, skipping


#doveconf -n
# 2.2.33.2 (d6601f4ec): /usr/local/etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.21 (92477967)
# OS: FreeBSD 11.1-RELEASE-p4 amd64
auth_cache_size = 10 M
auth_default_realm = example.com
auth_realms = example.com example2.com
dict {
  acl = mysql:/usr/local/etc/dovecot/shared-folders.conf
  sqlquota = mysql:/usr/local/etc/dovecot/quota.conf
}
first_valid_gid = 999
first_valid_uid = 999
hostname = mail.example.com
imap_idle_notify_interval = 10 mins
last_valid_gid = 999
last_valid_uid = 999
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
listen = 127.0.0.1
lmtp_rcpt_check_quota = yes
mail_access_groups = vmail
mail_fsync = never
mail_gid = vmail
mail_home = /home/vmail/mailboxes/%d/%n
mail_location = maildir:~/mail:LAYOUT=fs
mail_plugins = acl mail_log notify quota quota_clone trash virtual
welcome zlib fts fts_solr
mail_privileged_group = vmail
mail_server_admin = mailto:postmas...@example.com
mail_uid = vmail
mailbox_list_index = yes
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date index ihave duplicate mime foreverypart
extracttext imapflags notify imapsieve vnd.dovecot.imapsieve
namespace {
  hidden = no
  list = yes
  location = 
maildir:/home/vmail/public/:LAYOUT=fs:CONTROL=~/mail/public:INDEXPVT=~/mail/public:INDEX=~/mail/public
  mailbox TestFolder {
auto = subscribe
comment = Public Folder for message sharing
  }
  prefix = public/
  separator = /
  subscriptions = yes
  type = public
}
namespace {
  list = yes
  location = maildir:~/mail/:INDEX=~/mail/shared/%%Ld/%%Ln
  prefix = shared/%%u/
  separator = /
  subscriptions = yes
  type = shared
}
namespace {
  location = virtual:/usr/local/etc/dovecot/virtual
  mailbox All {
auto = subscribe
comment = All my messages
special_use = \All
  }
  prefix = virtual/
  separator = /
}
namespace inbox {
  inbox = yes
  location =
  mailbox Archive {
auto = no
special_use = \Archive
  }
  mailbox Archives {
auto = subscribe
special_use = \Archive
  }
  mailbox "Deleted Messages" {
auto = no
autoexpunge = 30 days
special_use = \Trash
  }
  mailbox Drafts {
auto = subscribe
special_use = \Drafts
  }
  mailbox Junk {
auto = no
autoexpunge = 30 days
special_use = \Junk
  }
  mailbox "Junk E-mail" {
auto = no
autoexpunge = 30 days
special_use = \Junk
  }
  mailbox Sent {
auto = subscribe
special_use = \Sent
  }
  mailbox "Sent Items" {
auto = no
special_use = \Sent
  }
  mailbox "Sent Messages" {
auto = no
special_use = \Sent
  }
  mailbox Spam {
auto = subscribe
autoexpunge = 30 days
special_use = \Junk
  }
  mailbox Trash {
auto = subscribe
autoexpunge = 30 days
special_use = \Trash
  }
  mailbox virtual/All {
comment = All my messages
special_use = \All
  }
  prefix =
  separator = /
  type = private
}
passdb {
  args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
  driver = sql
}
plugin {
  acl = vfile:/usr/local/etc/dovecot/global-acls:cache_secs=300
  acl_anyone = allow
  acl_globals_only = yes
  acl_shared_dict = proxy::acl
  fts = solr
  fts_autoindex = yes
  fts_solr = url=http://127.0.0.1:8983/solr/dovecot/
  imapsieve_mailbox1_before = file:/home/vmail/sieve/global/learn-spam.sieve
  imapsieve_mailbox1_causes = COPY
  imapsieve_mailbox1_name = Spam
  imapsieve_mailbox2_before = file:/home/vmail/sieve/global/learn-ham.sieve
  imapsieve_mailbox2_causes = COPY
  imapsieve_mailbox2_from = Spam
  imapsieve_mailbox2_name = *
  last_login_dict = proxy::lastlogin
  last_login_key = last-login/%u
  mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename
  mail_log_fields = uid box msgid size
  quota = count:User quota
  quota_clone_dict = proxy::sqlquota
  quota_exceeded_message = Storage quota for this account has been
exceeded, please try again later.
  quota_grace = 10%%
  quota_status_nouser = DUNNO
  quota_status_overquota = 552 5.2.2 Mailbox is full
  quota_status_success = DUNNO
  quota_vsizes = true
  quota_warning = storage=100%% quota-exceeded 100 %u
  quota_warning2 = storage=95%% quota-warning 95 %u
  quota_warning3 = storage=90%% quota-warning 90 %u
  quota_warning4 = storage=85%% quota-warning 85 %u
  quota_warning5 = storage=75%% quota-warning 75 %u
  sieve = ~/.dovecot.sieve
  sieve_before = /home/vmail/sieve/before.d
  sieve_default = /home/vmail/sieve/default.sieve
  sieve_dir = ~/sieve
  sieve_extensions = +notify +imapflags
  sieve_global_dir = /home/vmail/sieve
  sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.execute
  

dovecot auth and horde webmail

[David Mehler]

Hello,

I'm not sure if this is a Dovecot-specific question, or Postfix or
Horde webmail. As Dovecot is used for authenticating both Postfix as
well as horde I thought i'd start here.

I've got a new horde webmail install going on a FreeBSD 11.1 jail.
I've got Dovecot set up so that it appends a domain name if one is not
given, so that user and u...@example.com can both log in.

When I logged in with horde webmail I used for the first attempt
username with no @example.com suffix. I logged in ok, but couldn't
send an email, gave me a weird error no address associated with host.
I logged out, logged back in using u...@example.com the full address,
and this time the message sending went through.

Any ideas or if this is not a Dovecot question let me know, as that
means I'll have two other places to try.

Thanks.
Dave.

doveconf -n
# 2.2.33.2 (d6601f4ec): /usr/local/etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.21 (92477967)
# OS: FreeBSD 11.1-RELEASE-p4 amd64
auth_cache_size = 16 k
auth_default_realm = example.com
auth_mechanisms = plain login
auth_realms = example.com example2.com
dict {
  acl = mysql:/usr/local/etc/dovecot/shared-folders.conf
  sqlquota = mysql:/usr/local/etc/dovecot/quota.conf
}
first_valid_gid = 999
first_valid_uid = 999
hostname = mail.example.com
imap_client_workarounds = delay-newmail tb-extra-mailbox-sep tb-lsub-flags
last_valid_gid = 999
last_valid_uid = 999
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
listen = 127.0.0.1 xxx.xxx.xxx.xxx
lmtp_rcpt_check_quota = yes
mail_access_groups = vmail
mail_fsync = never
mail_gid = vmail
mail_home = /home/vmail/%d/%n
mail_location = maildir:~/mail/:LAYOUT=fs:INDEX=~/mail/
mail_plugins = acl mail_log notify quota quota_clone trash virtual welcome zlib
mail_server_admin = mailto:postmas...@example.com
mail_uid = vmail
mailbox_list_index = yes
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date index ihave duplicate mime foreverypart
extracttext imapflags notify imapsieve vnd.dovecot.imapsieve
namespace {
  hidden = no
  list = yes
  location = 
maildir:/home/vmail/public/:LAYOUT=fs:CONTROL=~/mail/public:INDEXPVT=~/mail/public:INDEX=~/mail/public
  mailbox TestFolder {
auto = subscribe
comment = Public Folder for message sharing
  }
  prefix = public/
  separator = /
  subscriptions = yes
  type = public
}
namespace {
  list = yes
  location = maildir:~/mail/:INDEX=~/mail/shared/%%Ld/%%Ln
  prefix = shared/%%u/
  separator = /
  subscriptions = yes
  type = shared
}
namespace {
  location = virtual:/usr/local/etc/dovecot/virtual
  mailbox All {
auto = subscribe
comment = All my messages
special_use = \All
  }
  prefix = virtual/
  separator = /
}
namespace inbox {
  inbox = yes
  location =
  mailbox Archive {
auto = no
special_use = \Archive
  }
  mailbox Archives {
auto = subscribe
special_use = \Archive
  }
  mailbox "Deleted Messages" {
auto = no
autoexpunge = 30 days
special_use = \Trash
  }
  mailbox Drafts {
auto = subscribe
special_use = \Drafts
  }
  mailbox Junk {
auto = no
autoexpunge = 30 days
special_use = \Junk
  }
  mailbox "Junk E-mail" {
auto = no
autoexpunge = 30 days
special_use = \Junk
  }
  mailbox Sent {
auto = subscribe
special_use = \Sent
  }
  mailbox "Sent Items" {
auto = no
special_use = \Sent
  }
  mailbox "Sent Messages" {
auto = no
special_use = \Sent
  }
  mailbox Spam {
auto = subscribe
autoexpunge = 30 days
special_use = \Junk
  }
  mailbox Trash {
auto = subscribe
autoexpunge = 30 days
special_use = \Trash
  }
  prefix =
  separator = /
  type = private
}
passdb {
  args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
  driver = sql
}
plugin {
  acl = vfile:/usr/local/etc/dovecot/global-acls:cache_secs=300
  acl_anyone = allow
  acl_globals_only = yes
  acl_shared_dict = proxy::acl
  imapsieve_mailbox1_before =
file:/usr/local/lib/dovecot/sieve/report-spam.sieve
  imapsieve_mailbox1_causes = COPY
  imapsieve_mailbox1_name = Spam
  imapsieve_mailbox2_before = file:/usr/local/lib/dovecot/sieve/report-ham.sieve
  imapsieve_mailbox2_causes = COPY
  imapsieve_mailbox2_from = Spam
  imapsieve_mailbox2_name = *
  mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename
  mail_log_fields = uid box msgid size
  quota = count:User quota
  quota_clone_dict = proxy::sqlquota
  quota_exceeded_message = Storage quota for this account has been
exceeded, please try again later.
  quota_grace = 10%%
  quota_status_nouser = DUNNO
  quota_status_overquota = 552 5.2.2 Mailbox is full
  quota_status_success = DUNNO
  quota_vsizes = true
  quota_warning = storage=100%% quota-exceeded 100 %u
  quota_warning2 = storage=95%% quota-warning 95 %u
  quota_warning3 = storage=90%% 

Re: ACLs, shared, public, virtual mailboxes not working

[David Mehler]

Hello,

The user1 is my original user, user2 is the second user that I want to
have access to the public and shared folder.

I am not seeing a subcommand rights for doveadm

Thanks.
DAve.


On 2/15/18, Aki Tuomi <aki.tu...@dovecot.fi> wrote:
> Since you have obfuscated your data it is hard to tell what's going on,
> especially as in your previous log you have 'user=user' and now you have
> user1 and user2.
>
> You can try
>
> doveadm rights -u victim folder
>
> to see what sort of rights dovecot thinks it's seeing.
>
> Aki
>
>> On 15 February 2018 at 18:11 David Mehler <dave.meh...@gmail.com> wrote:
>>
>>
>> Hello,
>>
>> Thank you for your reply. Here's my acl files:
>>
>>
>> public/TestFolder dovecot-acl
>> anyone lr
>> user=user1 akxeilprwts
>> -user=user1
>> user=user2 lr
>>
>> public/TestFolder1 dovecot-acl
>> user=user1 lr
>> user=user2 lr
>>
>> public/dovecot-acl
>> user=user1 lr
>> user=user2 lr
>>
>> and I have another dovecot-acl file in shared/office folder:
>>
>> user=us...@domain.com lrwstipekxa
>> user=us...@domain.com lrwstipekxa
>>
>> Thanks.
>> Dave.
>>
>>
>> On 2/15/18, Aki Tuomi <aki.tu...@dovecot.fi> wrote:
>> > Hi!
>> >
>> > It seems you are running 2.2.33.2 =)
>> >
>> > Also,
>> >
>> > Feb 12 08:48:40 imap(u...@example.com): Debug: Mailbox
>> > 'public/TestFolder' matches global ACL pattern 'public/TestFolder'
>> > Feb 12 08:48:40 imap(u...@example.com): Debug: acl vfile: reading file
>> > /home/vmail/public/TestFolder/dovecot-acl
>> > Feb 12 08:48:40 imap(u...@example.com): Debug: acl vfile: reading file
>> > /home/vmail/public/dovecot-acl
>> >
>> > it seems there are some folder specific ACLs, can you check these?
>> >
>> > Aki
>> >
>> > On 15.02.2018 10:40, David Mehler wrote:
>> >> Hello,
>> >>
>> >> I'm running Dovecot 2.2.3, and am having issues with my public
>> >> folders, shared folders, and virtual/ALl folders apparently ACLs are
>> >> on that list as well.
>> >>
>> >> I was debugging an unrelated problem with my smtp server and got the
>> >> following dovecot debug log output. Below is also a doveconf -n output
>> >> as well as my shared-folder definition file and my global-acls file.
>> >>
>> >> What I'm trying to accomplish is:
>> >>
>> >> 1. Have a public folder that any user on the system can put messages
>> >> into and respond to.
>> >> 2. Have a shared folder in which us...@example.com and
>> >> us...@example2.com can exchange messages.
>> >> 3. For each user on the system give them a Virtual/All folder for *all
>> >> of their messages.
>> >>
>> >> I'd appreciate any help. As an aside if anyone sees an issue with my
>> >> SSL ciphers list i'd appreciate knowing that as well, in brief I'm
>> >> trying to get the most secure list, pfs, and not worrying about
>> >> backware compatibility. If it's not TLS 1.2 I don't touch it.
>> >>
>> >> Thanks.
>> >> Dave.
>> >> Feb 12 08:48:40 imap(u...@example.com): Debug: Module loaded:
>> >> /usr/local/lib/dovecot/lib01_acl_plugin.so
>> >> Feb 12 08:48:40 imap(u...@example.com): Debug: Module loaded:
>> >> /usr/local/lib/dovecot/lib02_imap_acl_plugin.so
>> >> Feb 12 08:48:40 imap(u...@example.com): Debug: Effective uid=999,
>> >> gid=999, home=/home/vmail/example.com/user
>> >> Feb 12 08:48:40 imap(u...@example.com): Debug: Namespace inbox:
>> >> type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes,
>> >> subscriptions=yes location=maildir:~/mail/:LAYOUT=fs:INDEX=~/mail/
>> >> Feb 12 08:48:40 imap(u...@example.com): Debug: fs:
>> >> root=/home/vmail/example.com/user/mail, index=, indexpvt=, control=,
>> >> inbox=/home/vmail/example.com/user/mail, alt=
>> >> Feb 12 08:48:40 imap(u...@example.com): Debug: acl: initializing
>> >> backend with data:
>> >> vfile:/usr/local/etc/dovecot/global-acls:cache_secs=300
>> >> Feb 12 08:48:40 imap(u...@example.com): Debug: acl: acl username =
>> >> u...@example.com
>> >> Feb 12 08:48:40 imap(u...@example.com): Debug: acl: owner = 1
>> >> Feb 12 08:48:40 imap(u...@example.com): Debug: acl vfile: Global ACL
>> >> file: /usr/local/etc/dovecot/global-

Re: ACLs, shared, public, virtual mailboxes not working

[David Mehler]

Hello,

Thank you for your reply. Here's my acl files:


public/TestFolder dovecot-acl
anyone lr
user=user1 akxeilprwts
-user=user1
user=user2 lr

public/TestFolder1 dovecot-acl
user=user1 lr
user=user2 lr

public/dovecot-acl
user=user1 lr
user=user2 lr

and I have another dovecot-acl file in shared/office folder:

user=us...@domain.com lrwstipekxa
user=us...@domain.com lrwstipekxa

Thanks.
Dave.


On 2/15/18, Aki Tuomi <aki.tu...@dovecot.fi> wrote:
> Hi!
>
> It seems you are running 2.2.33.2 =)
>
> Also,
>
> Feb 12 08:48:40 imap(u...@example.com): Debug: Mailbox
> 'public/TestFolder' matches global ACL pattern 'public/TestFolder'
> Feb 12 08:48:40 imap(u...@example.com): Debug: acl vfile: reading file
> /home/vmail/public/TestFolder/dovecot-acl
> Feb 12 08:48:40 imap(u...@example.com): Debug: acl vfile: reading file
> /home/vmail/public/dovecot-acl
>
> it seems there are some folder specific ACLs, can you check these?
>
> Aki
>
> On 15.02.2018 10:40, David Mehler wrote:
>> Hello,
>>
>> I'm running Dovecot 2.2.3, and am having issues with my public
>> folders, shared folders, and virtual/ALl folders apparently ACLs are
>> on that list as well.
>>
>> I was debugging an unrelated problem with my smtp server and got the
>> following dovecot debug log output. Below is also a doveconf -n output
>> as well as my shared-folder definition file and my global-acls file.
>>
>> What I'm trying to accomplish is:
>>
>> 1. Have a public folder that any user on the system can put messages
>> into and respond to.
>> 2. Have a shared folder in which us...@example.com and
>> us...@example2.com can exchange messages.
>> 3. For each user on the system give them a Virtual/All folder for *all
>> of their messages.
>>
>> I'd appreciate any help. As an aside if anyone sees an issue with my
>> SSL ciphers list i'd appreciate knowing that as well, in brief I'm
>> trying to get the most secure list, pfs, and not worrying about
>> backware compatibility. If it's not TLS 1.2 I don't touch it.
>>
>> Thanks.
>> Dave.
>> Feb 12 08:48:40 imap(u...@example.com): Debug: Module loaded:
>> /usr/local/lib/dovecot/lib01_acl_plugin.so
>> Feb 12 08:48:40 imap(u...@example.com): Debug: Module loaded:
>> /usr/local/lib/dovecot/lib02_imap_acl_plugin.so
>> Feb 12 08:48:40 imap(u...@example.com): Debug: Effective uid=999,
>> gid=999, home=/home/vmail/example.com/user
>> Feb 12 08:48:40 imap(u...@example.com): Debug: Namespace inbox:
>> type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes,
>> subscriptions=yes location=maildir:~/mail/:LAYOUT=fs:INDEX=~/mail/
>> Feb 12 08:48:40 imap(u...@example.com): Debug: fs:
>> root=/home/vmail/example.com/user/mail, index=, indexpvt=, control=,
>> inbox=/home/vmail/example.com/user/mail, alt=
>> Feb 12 08:48:40 imap(u...@example.com): Debug: acl: initializing
>> backend with data:
>> vfile:/usr/local/etc/dovecot/global-acls:cache_secs=300
>> Feb 12 08:48:40 imap(u...@example.com): Debug: acl: acl username =
>> u...@example.com
>> Feb 12 08:48:40 imap(u...@example.com): Debug: acl: owner = 1
>> Feb 12 08:48:40 imap(u...@example.com): Debug: acl vfile: Global ACL
>> file: /usr/local/etc/dovecot/global-acls
>> Feb 12 08:48:40 imap(u...@example.com): Debug: Namespace :
>> type=public, prefix=public/, sep=/, inbox=no, hidden=no, list=yes,
>> subscriptions=yes
>> location=maildir:/home/vmail/public/:LAYOUT=fs:CONTROL=~/mail/public:INDEXPVT=~/mail/public:INDEX=~/mail/public
>> Feb 12 08:48:40 imap(u...@example.com): Debug: fs:
>> root=/home/vmail/public,
>> index=/home/vmail/example.com/user/mail/public,
>> indexpvt=/home/vmail/example.com/user/mail/public,
>> control=/home/vmail/example.com/user/mail/public, inbox=, alt=
>> Feb 12 08:48:40 imap(u...@example.com): Debug: acl: initializing
>> backend with data:
>> vfile:/usr/local/etc/dovecot/global-acls:cache_secs=300
>> Feb 12 08:48:40 imap(u...@example.com): Debug: acl: acl username =
>> u...@example.com
>> Feb 12 08:48:40 imap(u...@example.com): Debug: acl: owner = 0
>> Feb 12 08:48:40 imap(u...@example.com): Debug: acl vfile: Global ACL
>> file: /usr/local/etc/dovecot/global-acls
>> Feb 12 08:48:40 imap(u...@example.com): Debug: Namespace :
>> type=shared, prefix=shared/%u/, sep=/, inbox=no, hidden=no, list=yes,
>> subscriptions=yes location=maildir:~/mail/:INDEX=~/mail/shared/%Ld/%Ln
>> Feb 12 08:48:40 imap(u...@example.com): Debug: shared:
>> root=/var/run/dovecot, index=, indexpvt=, control=, inbox=, alt=
>> Feb 12 08:48:40 imap(u...@example.com): Debug: acl: initializing
>> b

ACLs, shared, public, virtual mailboxes not working

[David Mehler]

Hello,

I'm running Dovecot 2.2.3, and am having issues with my public
folders, shared folders, and virtual/ALl folders apparently ACLs are
on that list as well.

I was debugging an unrelated problem with my smtp server and got the
following dovecot debug log output. Below is also a doveconf -n output
as well as my shared-folder definition file and my global-acls file.

What I'm trying to accomplish is:

1. Have a public folder that any user on the system can put messages
into and respond to.
2. Have a shared folder in which us...@example.com and
us...@example2.com can exchange messages.
3. For each user on the system give them a Virtual/All folder for *all
of their messages.

I'd appreciate any help. As an aside if anyone sees an issue with my
SSL ciphers list i'd appreciate knowing that as well, in brief I'm
trying to get the most secure list, pfs, and not worrying about
backware compatibility. If it's not TLS 1.2 I don't touch it.

Thanks.
Dave.
Feb 12 08:48:40 imap(u...@example.com): Debug: Module loaded:
/usr/local/lib/dovecot/lib01_acl_plugin.so
Feb 12 08:48:40 imap(u...@example.com): Debug: Module loaded:
/usr/local/lib/dovecot/lib02_imap_acl_plugin.so
Feb 12 08:48:40 imap(u...@example.com): Debug: Effective uid=999,
gid=999, home=/home/vmail/example.com/user
Feb 12 08:48:40 imap(u...@example.com): Debug: Namespace inbox:
type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes,
subscriptions=yes location=maildir:~/mail/:LAYOUT=fs:INDEX=~/mail/
Feb 12 08:48:40 imap(u...@example.com): Debug: fs:
root=/home/vmail/example.com/user/mail, index=, indexpvt=, control=,
inbox=/home/vmail/example.com/user/mail, alt=
Feb 12 08:48:40 imap(u...@example.com): Debug: acl: initializing
backend with data:
vfile:/usr/local/etc/dovecot/global-acls:cache_secs=300
Feb 12 08:48:40 imap(u...@example.com): Debug: acl: acl username =
u...@example.com
Feb 12 08:48:40 imap(u...@example.com): Debug: acl: owner = 1
Feb 12 08:48:40 imap(u...@example.com): Debug: acl vfile: Global ACL
file: /usr/local/etc/dovecot/global-acls
Feb 12 08:48:40 imap(u...@example.com): Debug: Namespace :
type=public, prefix=public/, sep=/, inbox=no, hidden=no, list=yes,
subscriptions=yes
location=maildir:/home/vmail/public/:LAYOUT=fs:CONTROL=~/mail/public:INDEXPVT=~/mail/public:INDEX=~/mail/public
Feb 12 08:48:40 imap(u...@example.com): Debug: fs:
root=/home/vmail/public,
index=/home/vmail/example.com/user/mail/public,
indexpvt=/home/vmail/example.com/user/mail/public,
control=/home/vmail/example.com/user/mail/public, inbox=, alt=
Feb 12 08:48:40 imap(u...@example.com): Debug: acl: initializing
backend with data:
vfile:/usr/local/etc/dovecot/global-acls:cache_secs=300
Feb 12 08:48:40 imap(u...@example.com): Debug: acl: acl username =
u...@example.com
Feb 12 08:48:40 imap(u...@example.com): Debug: acl: owner = 0
Feb 12 08:48:40 imap(u...@example.com): Debug: acl vfile: Global ACL
file: /usr/local/etc/dovecot/global-acls
Feb 12 08:48:40 imap(u...@example.com): Debug: Namespace :
type=shared, prefix=shared/%u/, sep=/, inbox=no, hidden=no, list=yes,
subscriptions=yes location=maildir:~/mail/:INDEX=~/mail/shared/%Ld/%Ln
Feb 12 08:48:40 imap(u...@example.com): Debug: shared:
root=/var/run/dovecot, index=, indexpvt=, control=, inbox=, alt=
Feb 12 08:48:40 imap(u...@example.com): Debug: acl: initializing
backend with data:
vfile:/usr/local/etc/dovecot/global-acls:cache_secs=300
Feb 12 08:48:40 imap(u...@example.com): Debug: acl: acl username =
u...@example.com
Feb 12 08:48:40 imap(u...@example.com): Debug: acl: owner = 0
Feb 12 08:48:40 imap(u...@example.com): Debug: acl vfile: Global ACL
file: /usr/local/etc/dovecot/global-acls
Feb 12 08:48:40 imap(u...@example.com): Debug: Namespace :
type=private, prefix=virtual/, sep=/, inbox=no, hidden=no, list=yes,
subscriptions=yes location=virtual:/usr/local/etc/dovecot/virtual
Feb 12 08:48:40 imap(u...@example.com): Debug: fs:
root=/usr/local/etc/dovecot/virtual, index=, indexpvt=, control=,
inbox=, alt=
Feb 12 08:48:40 imap(u...@example.com): Debug: acl: initializing
backend with data:
vfile:/usr/local/etc/dovecot/global-acls:cache_secs=300
Feb 12 08:48:40 imap(u...@example.com): Debug: acl: acl username =
u...@example.com
Feb 12 08:48:40 imap(u...@example.com): Debug: acl: owner = 1
Feb 12 08:48:40 imap(u...@example.com): Debug: acl vfile: Global ACL
file: /usr/local/etc/dovecot/global-acls
Feb 12 08:48:40 imap(u...@example.com): Debug: quota: quota_over_flag
check: quota_over_script unset - skipping
Feb 12 08:48:40 imap(u...@example.com): Debug: acl vfile: file
/home/vmail/example.com/user/mail/dovecot-acl not found
Feb 12 08:48:40 imap(u...@example.com): Debug: acl vfile: file
/home/vmail/example.com/user/mail/Drafts/dovecot-acl not found
Feb 12 08:48:40 imap(u...@example.com): Debug: acl vfile: file
/home/vmail/example.com/user/mail/Spam/dovecot-acl not found
Feb 12 08:48:40 imap(u...@example.com): Debug: acl vfile: file
/home/vmail/example.com/user/mail/Trash/dovecot-acl not found
Feb 12 08:48:40 

dovecot listening imaps external interface

[David Mehler]

Hello,

I'm trying to get dovecot to listen on specific interfaces. On the
server itself I've got webmail going so am needing imap on 143. I do
not want this on the external server interface, so I am wanting imaps
port 993 external only. The configuration looks right, but Dovecot
isn't showing anything listening on port 993 at all.

Unrelated, my public and shared folders are not working.

Can anyone suggest fixes for either of these issues?

Thanks.
Dave.


# 2.2.32 (dfbe293d4): /usr/local/etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.20 (7cd71ba)
# OS: FreeBSD 10.3-RELEASE-p20 amd64
auth_default_realm = domain.com
auth_mechanisms = plain login
auth_realms = domain.com domain2.com
dict {
  acl = mysql:/usr/local/etc/dovecot/shared-folders.conf
  sqlquota = mysql:/usr/local/etc/dovecot/quota.conf
}
first_valid_gid = 999
first_valid_uid = 999
hostname = mail.domain.com
imap_client_workarounds = delay-newmail tb-extra-mailbox-sep tb-lsub-flags
last_valid_gid = 999
last_valid_uid = 999
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
listen = 127.0.0.1 xxx.xxx.xxx.xxx
lmtp_rcpt_check_quota = yes
mail_access_groups = vmail
mail_fsync = never
mail_gid = vmail
mail_home = /home/vmail/%d/%n
mail_location = maildir:~/mail/:LAYOUT=fs:INDEX=~/mail/
mail_plugins = acl mail_log notify quota quota_clone trash virtual welcome zlib
mail_server_admin = mailto:postmas...@domain.com
mail_uid = vmail
mailbox_list_index = yes
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date index ihave duplicate mime foreverypart
extracttext imapflags notify imapsieve vnd.dovecot.imapsieve
namespace {
  hidden = no
  list = yes
  location = 
maildir:/home/vmail/public/:LAYOUT=fs:CONTROL=~/mail/public:INDEXPVT=~/mail/public:INDEX=~/mail/public
  mailbox TestFolder {
auto = subscribe
comment = Public Folder for message sharing
  }
  prefix = public/
  separator = /
  subscriptions = yes
  type = public
}
namespace {
  list = yes
  location = maildir:~/mail/:INDEX=~/mail/shared/%%Ld/%%Ln
  prefix = shared/%%u/
  separator = /
  subscriptions = yes
  type = shared
}
namespace {
  location = virtual:/usr/local/etc/dovecot/virtual
  mailbox All {
auto = subscribe
comment = All my messages
special_use = \All
  }
  prefix = virtual/
  separator = /
}
namespace inbox {
  inbox = yes
  location =
  mailbox Archive {
auto = no
special_use = \Archive
  }
  mailbox Archives {
auto = subscribe
special_use = \Archive
  }
  mailbox "Deleted Messages" {
auto = no
autoexpunge = 30 days
special_use = \Trash
  }
  mailbox Drafts {
auto = subscribe
special_use = \Drafts
  }
  mailbox Junk {
auto = no
autoexpunge = 30 days
special_use = \Junk
  }
  mailbox "Junk E-mail" {
auto = no
autoexpunge = 30 days
special_use = \Junk
  }
  mailbox Sent {
auto = subscribe
special_use = \Sent
  }
  mailbox "Sent Items" {
auto = no
special_use = \Sent
  }
  mailbox "Sent Messages" {
auto = no
special_use = \Sent
  }
  mailbox Spam {
auto = subscribe
autoexpunge = 30 days
special_use = \Junk
  }
  mailbox Trash {
auto = subscribe
autoexpunge = 30 days
special_use = \Trash
  }
  prefix =
  separator = /
  type = private
}
passdb {
  args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
  driver = sql
}
plugin {
  acl = vfile:/usr/local/etc/dovecot/global-acls:cache_secs=300
  acl_anyone = allow
  acl_shared_dict = proxy::acl
  imapsieve_mailbox1_before =
file:/usr/local/lib/dovecot/sieve/report-spam.sieve
  imapsieve_mailbox1_causes = COPY
  imapsieve_mailbox1_name = Spam
  imapsieve_mailbox2_before = file:/usr/local/lib/dovecot/sieve/report-ham.sieve
  imapsieve_mailbox2_causes = COPY
  imapsieve_mailbox2_from = Spam
  imapsieve_mailbox2_name = *
  mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename
  mail_log_fields = uid box msgid size
  quota = count:User quota
  quota_clone_dict = proxy::sqlquota
  quota_exceeded_message = Storage quota for this account has been
exceeded, please try again later.
  quota_grace = 10%%
  quota_status_nouser = DUNNO
  quota_status_overquota = 552 5.2.2 Mailbox is full
  quota_status_success = DUNNO
  quota_vsizes = true
  quota_warning = storage=100%% quota-exceeded 100 %u
  quota_warning2 = storage=95%% quota-warning 95 %u
  quota_warning3 = storage=90%% quota-warning 90 %u
  quota_warning4 = storage=85%% quota-warning 85 %u
  quota_warning5 = storage=75%% quota-warning 75 %u
  sieve = ~/.dovecot.sieve
  sieve_before = /home/vmail/sieve/before.d
  sieve_default = /home/vmail/sieve/default.sieve
  sieve_dir = ~/sieve
  sieve_extensions = +notify +imapflags
  sieve_global_dir = /home/vmail/sieve
  sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.execute
  sieve_max_redirects = 

logging number of deleted messages

[David Mehler]

Hello,

I'm running Dovecot 2.29. I've got it going through a Mysql database.

I've got the auto expunge plugin loaded. What I'm wanting to know is
is there message count deletion ability?

For example, does the mail_log, trash, or auto expunge plugins log how
many messages were deleted?

Thanks.
Dave.

Re: most secure password scheme

[David Mehler]

Hello,

Thanks for the explanation. So should I go with SSHA512 or
SHA512-CRYPT? From your explanation i'm interpreting to mean that
SHA512-CRYPT also salts. This is for storing in a mysql database.
Also, what should the password field length and type be set for?
Currently it's varchar(128)

Thanks.
Dave.


On 4/29/17, Aki Tuomi <aki.tu...@dovecot.fi> wrote:
>
>> On April 29, 2017 at 4:22 AM David Mehler <dave.meh...@gmail.com> wrote:
>>
>>
>> Hello,
>>
>> I have a few questions on password schemes. Is SHA512 the most secure?
>> Is there a difference between SHA512 and SHA512-CRYPT? What about
>> SSHA512 and SSH512-CRYPT?
>>
>> Is there a problem with this sql statement:
>>
>> UPDATE virtual_users SET password=CONCAT(‘{SHA256-CRYPT}’, ENCRYPT
>> (‘Password Goes Here’, CONCAT(‘$5$’, SUBSTRING(SHA(RAND()), -16
>> WHERE user=’u...@example.com’;
>>
>> I'm getting an error 1064 at the ending email address.
>>
>> Thanks.
>> Dave.
>
> SSHA512 is salted SHA512, SHA512-CRYPT is crypt(3) compatible salted hash.
> PCKS5 or SHA512-CRYPT with over 1000 rounds is probably very secure, but
> SHA512-CRYPT is also good. Using SHA512 is not recommended, as it's unsalted
> hash.
>
> If ENCRYPT is same as crypt(3) then you can try put rounds into salt, like
> "$6$rounds=4000$s9Zc4OA11IuLt/iV$".
>
> Aki
>

configuration sanity check

[David Mehler]

Hello,

Can I get a sanity check on this configuration? It's a database setup
of Dovecot 2.2 with Postfix.

I'm having issues and i'd like to know if there's anything glaringly
wrong with my configuration?

With the password hash situation, should I go with SHA512,
SHA512-CRYPT or the SSHA512-CRYPT?

Thanks.
Dave.

# 2.2.29.1 (e0b76e3): /usr/local/etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.18 (29cc74d)
# OS: FreeBSD 10.3-RELEASE-p18 amd64
auth_default_realm = example.com
auth_mechanisms = plain login cram-md5
auth_realms = example.com example.net
dict {
  acl = mysql:/usr/local/etc/dovecot/dovecot-share-folder.conf
  lastlogin = mysql:/usr/local/etc/dovecot/dovecot-last-login.conf
  sqlquota = mysql:/usr/local/etc/dovecot/dovecot-used-quota.conf
}
disable_plaintext_auth = yes
first_valid_gid = 999
first_valid_uid = 999
hostname = mail.example.com
imap_client_workarounds = delay-newmail tb-extra-mailbox-sep tb-lsub-flags
last_valid_gid = 999
last_valid_uid = 999
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
listen = 127.0.0.1 xxx.xxx.xxx.xxx
mail_fsync = never
mail_gid = vmail
mail_home = /home/vmail/%d/%n
mail_location = maildir:~/mail/:LAYOUT=fs:INDEX=~/mail/
mail_plugins = acl mail_log notify quota quota_clone trash virtual welcome zlib
mail_server_admin = mailto:postmas...@example.com
mail_uid = vmail
mailbox_list_index = yes
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date index ihave duplicate mime foreverypart
extracttext imapflags notify imapsieve vnd.dovecot.imapsieve
namespace {
  hidden = no
  list = yes
  location = 
maildir:/home/vmail/public:LAYOUT=fs:CONTROL=~/mail/public:INDEXPVT=~/mail/public:INDEX=~/mail/public
  mailbox TestFolder {
auto = subscribe
comment = Public Folder for message sharing
  }
  prefix = public/
  separator = /
  subscriptions = yes
  type = public
}
namespace {
  list = yes
  location = maildir:~/mail/:INDEX=~/mail/shared/%%Ld/%%Ln
  prefix = shared/%%u/
  separator = /
  subscriptions = yes
  type = shared
}
namespace {
  location = virtual:/usr/local/etc/dovecot/virtual
  mailbox All {
auto = subscribe
comment = All my messages
special_use = \All
  }
  prefix = virtual/
  separator = /
}
namespace inbox {
  inbox = yes
  location =
  mailbox Archive {
auto = no
special_use = \Archive
  }
  mailbox Archives {
auto = subscribe
special_use = \Archive
  }
  mailbox "Deleted Messages" {
auto = no
autoexpunge = 30 days
special_use = \Trash
  }
  mailbox Drafts {
auto = subscribe
special_use = \Drafts
  }
  mailbox Junk {
auto = no
autoexpunge = 30 days
special_use = \Junk
  }
  mailbox "Junk E-mail" {
auto = no
autoexpunge = 30 days
special_use = \Junk
  }
  mailbox Sent {
auto = subscribe
special_use = \Sent
  }
  mailbox "Sent Items" {
auto = no
special_use = \Sent
  }
  mailbox "Sent Messages" {
auto = no
special_use = \Sent
  }
  mailbox Spam {
auto = subscribe
autoexpunge = 30 days
special_use = \Junk
  }
  mailbox Trash {
auto = subscribe
autoexpunge = 30 days
special_use = \Trash
  }
  prefix =
  separator = /
  type = private
}
passdb {
  args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
  driver = sql
}
plugin {
  acl = vfile:/usr/local/etc/dovecot/global-acls:cache_secs=300
  acl_anyone = allow
  acl_shared_dict = file:/usr/local/etc/dovecot/shared-mailboxes
  imapsieve_mailbox1_before =
file:/usr/local/lib/dovecot/sieve/report-spam.sieve
  imapsieve_mailbox1_causes = COPY
  imapsieve_mailbox1_name = Spam
  imapsieve_mailbox2_before = file:/usr/local/lib/dovecot/sieve/report-ham.sieve
  imapsieve_mailbox2_causes = COPY
  imapsieve_mailbox2_from = Spam
  imapsieve_mailbox2_name = *
  last_login_dict = proxy::lastlogin
  last_login_key = last-login/%u
  mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename
  mail_log_fields = uid box msgid size
  quota = count:User quota
  quota_clone_dict = proxy::sqlquota
  quota_exceeded_message = Storage quota for this account has been
exceeded, please try again later.
  quota_grace = 10%%
  quota_status_nouser = DUNNO
  quota_status_overquota = 552 5.2.2 Mailbox is full
  quota_status_success = DUNNO
  quota_vsizes = true
  quota_warning = storage=100%% quota-exceeded 100 %u
  quota_warning2 = storage=95%% quota-warning 95 %u
  quota_warning3 = storage=90%% quota-warning 90 %u
  quota_warning4 = storage=85%% quota-warning 85 %u
  quota_warning5 = storage=75%% quota-warning 75 %u
  sieve = /home/vmail/%d/sieve/dovecot.sieve
  sieve_before = /home/vmail/sieve/dovecot.sieve
  sieve_default = /usr/local/etc/dovecot/sieve/dovecot.sieve
  sieve_dir = /usr/local/etc/dovecot/sieve
  sieve_extensions = +notify +imapflags
  sieve_global_dir = /home/vmail/sieve
  

Re: Dovecot last_login plugin and Mysql

[David Mehler]

Hi,

Thanks for the pointing out of the oops! I missed that. Don't worry
that has been changed.

Any suggestions on my issue?

Thanks.
Dave.


On 4/28/17, David Mehler <dave.meh...@gmail.com> wrote:
> Hi,
>
> OOPS! I missed that one and it was big.
>
> Changing now.
>
> Thanks.
> Dave.
>
>
> On 4/28/17, Noel Butler <noel.but...@ausics.net> wrote:
>> umm
>>
>> It's usually a good idea to redact user and passwords for databases,
>> even if only local socket ;)
>>
>> I suggest you change it ASAP.
>>
>> On 29/04/2017 10:53, David Mehler wrote:
>>
>>> Hello,
>>>
>>> Here is the requested file:
>>>
>>> driver = mysql
>>> connect = host=/tmp/mysql.sock dbname=mail user=mail_admin
>>> password=MainBoard55
>>>
>>> # Last Login
>>> map {
>>> pattern = shared/last-login/$user
>>> table = virtual_users
>>> username_field = user
>>> value_field = lastlogin
>>> fields {
>>> user = $user
>>> }
>>> }
>>>
>>> Thanks.
>>> Dave.
>>>
>>> On 4/28/17, Aki Tuomi <aki.tu...@dovecot.fi> wrote:
>>> On April 29, 2017 at 12:29 AM David Mehler <dave.meh...@gmail.com>
>>> wrote:
>>>
>>> Hello,
>>>
>>> Trying to implement lastlogin via mysql. I'm getting an unknown column
>>> username which I don't get. Here's the log:
>>>
>>> Apr 28 17:18:15 ohio dovecot: imap-login: Login:
>>> user=<u...@example.com>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1,
>>> mpid=16257, secured, session=
>>>
>>> Apr 28 17:18:15 ohio dovecot: dict(17099): Error: sql dict: commit
>>> failed: Unknown column 'username' in 'field list'
>>>
>>> Apr 28 17:18:15 ohio dovecot: imap(u...@example.com): Error:
>>> dict-client: server returned failure: 1493414295 (reply took 0.026
>>> secs)
>>>
>>> Apr 28 17:18:15 ohio dovecot: imap(u...@example.com): Error:
>>> last_login_dict: Failed to write value for user u...@example.com
>>>
>>> You can configure all this in dovecot-dict-sql.conf, which you have not
>>> provided. The actual column names are defined there.
>>>
>>> Aki
>>
>> --
>> Kind Regards,
>>
>> Noel Butler
>>
>>  This Email, including any attachments, may contain legally 
>> privileged
>> information, therefore remains confidential and subject to copyright
>> protected under international law. You may not disseminate, discuss, or
>> reveal, any part, to anyone, without the authors express written
>> authority to do so. If you are not the intended recipient, please notify
>> the sender then delete all copies of this message including attachments,
>> immediately. Confidentiality, copyright, and legal privilege are not
>> waived or lost by reason of the mistaken delivery of this message. Only
>> PDF [1] and ODF [2] documents accepted, please do not send proprietary
>> formatted documents
>>
>>
>>
>> Links:
>> --
>> [1] http://www.adobe.com/
>> [2] http://en.wikipedia.org/wiki/OpenDocument
>

most secure password scheme

[David Mehler]

Hello,

I have a few questions on password schemes. Is SHA512 the most secure?
Is there a difference between SHA512 and SHA512-CRYPT? What about
SSHA512 and SSH512-CRYPT?

Is there a problem with this sql statement:

UPDATE virtual_users SET password=CONCAT(‘{SHA256-CRYPT}’, ENCRYPT
(‘Password Goes Here’, CONCAT(‘$5$’, SUBSTRING(SHA(RAND()), -16
WHERE user=’u...@example.com’;

I'm getting an error 1064 at the ending email address.

Thanks.
Dave.

Re: Dovecot last_login plugin and Mysql

[David Mehler]

Hello,

Here is the requested file:

driver = mysql
connect = host=/tmp/mysql.sock dbname=mail user=mail_admin password=MainBoard55

# Last Login
map {
  pattern = shared/last-login/$user
  table = virtual_users
  username_field = user
  value_field = lastlogin
  fields {
user = $user
  }
}


Thanks.
Dave.


On 4/28/17, Aki Tuomi <aki.tu...@dovecot.fi> wrote:
>
>> On April 29, 2017 at 12:29 AM David Mehler <dave.meh...@gmail.com> wrote:
>>
>>
>> Hello,
>>
>> Trying to implement lastlogin via mysql. I'm getting an unknown column
>> username which I don't get. Here's the log:
>>
>> Apr 28 17:18:15 ohio dovecot: imap-login: Login:
>> user=<u...@example.com>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1,
>> mpid=16257, secured, session=
>>
>> Apr 28 17:18:15 ohio dovecot: dict(17099): Error: sql dict: commit
>> failed: Unknown column 'username' in 'field list'
>>
>> Apr 28 17:18:15 ohio dovecot: imap(u...@example.com): Error:
>> dict-client: server returned failure: 1493414295 (reply took 0.026
>> secs)
>>
>> Apr 28 17:18:15 ohio dovecot: imap(u...@example.com): Error:
>> last_login_dict: Failed to write value for user u...@example.com
>>
>>
>>
>
> You can configure all this in dovecot-dict-sql.conf, which you have not
> provided. The actual column names are defined there.
>
> Aki
>

Re: Dovecot last_login plugin and Mysql

[David Mehler]

quota-warning 90 %u
  quota_warning4 = storage=85%% quota-warning 85 %u
  quota_warning5 = storage=75%% quota-warning 75 %u
  sieve = /home/vmail/%d/sieve/dovecot.sieve
  sieve_before = /home/vmail/sieve/dovecot.sieve
  sieve_default = /usr/local/etc/dovecot/sieve/dovecot.sieve
  sieve_dir = /usr/local/etc/dovecot/sieve
  sieve_extensions = +notify +imapflags
  sieve_global_dir = /home/vmail/sieve
  sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.execute
  sieve_max_redirects = 30
  sieve_max_script_size = 1M
  sieve_pipe_bin_dir = /usr/local/lib/dovecot/sieve
  sieve_plugins = sieve_imapsieve sieve_extprograms
  sieve_user_log = /home/vmail/sieve/sieve_error.log
  trash = /usr/local/etc/dovecot/dovecot-trash.conf.ext
  welcome_script = welcome %u
  welcome_wait = yes
}
protocols = imap sieve
sendmail_path = /usr/local/sbin/sendmail
service auth {
  unix_listener /var/spool/postfix/private/auth {
mode = 0666
  }
  unix_listener auth-userdb {
group = vmail
mode = 0666
user = vmail
  }
}
service dict {
  unix_listener dict {
mode = 0660
user = vmail
  }
}
service imap-login {
  inet_listener imap {
port = 143
  }
  inet_listener imaps {
port = 993
ssl = yes
  }
}
service managesieve-login {
  inet_listener sieve {
address = 127.0.0.1
port = 4190
  }
}
service quota-status {
  client_limit = 1
  executable = quota-status -p postfix
  inet_listener {
address = 127.0.0.1
port = 12345
  }
}
service quota-warning {
  executable = script /usr/local/etc/dovecot/quota-warning.sh
  unix_listener quota-warning {
group = vmail
mode = 0660
user = vmail
  }
  user = vmail
}
service welcome {
  executable = script /usr/local/bin/welcome.sh
  unix_listener welcome {
user = vmail
  }
  user = vmail
}
ssl_cert =  wrote:
>
> https://wiki2.dovecot.org/Plugins/LastLogin
>
> Aki
>
>> On April 28, 2017 at 9:05 PM David Mehler <dave.meh...@gmail.com> wrote:
>>
>>
>> Hi Aki,
>>
>> Thanks. Can you tell me how you implemented it?
>>
>> Thanks.
>> Dave.
>>
>>
>> On 4/28/17, Aki Tuomi <aki.tu...@dovecot.fi> wrote:
>> >
>> >> On April 28, 2017 at 8:08 PM David Mehler <dave.meh...@gmail.com>
>> >> wrote:
>> >>
>> >>
>> >> Hello,
>> >>
>> >> Is anyone using the last_login plugin with a Mysql database? I'd like
>> >> to track when users were last on the system.
>> >>
>> >> Thanks.
>> >> Dave.
>> >
>> > It's used by our customers.
>> >
>> > Aki
>> >
>

Re: Dovecot last_login plugin and Mysql

[David Mehler]

Hi Aki,

Thanks. Can you tell me how you implemented it?

Thanks.
Dave.


On 4/28/17, Aki Tuomi <aki.tu...@dovecot.fi> wrote:
>
>> On April 28, 2017 at 8:08 PM David Mehler <dave.meh...@gmail.com> wrote:
>>
>>
>> Hello,
>>
>> Is anyone using the last_login plugin with a Mysql database? I'd like
>> to track when users were last on the system.
>>
>> Thanks.
>> Dave.
>
> It's used by our customers.
>
> Aki
>

Dovecot last_login plugin and Mysql

[David Mehler]

Hello,

Is anyone using the last_login plugin with a Mysql database? I'd like
to track when users were last on the system.

Thanks.
Dave.

Re: several misc questions, public folders and sharing, quota, ssl

[David Mehler]

Hi Aki,

Thanks for your reply. Sorry, hit the reply to and not the reply to all option.

So, even when a folder is a public folder I'm still needing to use the
acl plugin?


The public/TestFolder is showing up, the public/TestFolder1 is not.

Thanks.
Dave.


On 4/14/17, Aki Tuomi <aki.tu...@dovecot.fi> wrote:
> Please keep responses on the list. Thank you. =)
>
> Without ACL plugin there is no way to restrict access, it's free for all.
>
> my site is a very tiny few user site, but ...
>
> auth_mechanisms = login plain
> mail_attribute_dict = file:%h/Mail/dovecot-attributes
> mail_location = sdbox:~/Mail
> mail_plugins = stats quota fts fts_lucene
> namespace inbox {
>   inbox = yes
>   list = yes
>   location =
>   mailbox Drafts {
> special_use = \Drafts
>   }
>   mailbox Sent {
> special_use = \Sent
>   }
>   mailbox "Sent Messages" {
> special_use = \Sent
>   }
>   mailbox Spam {
> auto = subscribe
> special_use = \Junk
>   }
>   mailbox Trash {
> special_use = \Trash
>   }
>   prefix =
>   separator = .
>   subscriptions = yes
>   type = private
> }
> passdb {
>   args = /etc/dovecot/dovecot-sql.conf.ext
>   driver = sql
> }
> plugin {
>   fts = lucene
>   fts_lucene = whitespace_chars=@.
>   imapsieve_mailbox1_before = file:/usr/lib/dovecot/sieve/report-spam.sieve
>   imapsieve_mailbox1_causes = COPY
>   imapsieve_mailbox1_name = Spam
>   imapsieve_mailbox2_before = file:/usr/lib/dovecot/sieve/report-ham.sieve
>   imapsieve_mailbox2_causes = COPY
>   imapsieve_mailbox2_from = Spam
>   imapsieve_mailbox2_name = *
>   quota = count:User quota
>   quota_vsizes = yes
>   recipient_delimiter = +
>   sieve = ~/.dovecot.sieve
>   sieve_dir = ~/sieve
>   sieve_extensions = +notify +imapflags
>   sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.execute
>   sieve_pipe_bin_dir = /usr/lib/dovecot/sieve
>   sieve_plugins = sieve_imapsieve sieve_extprograms
>   stats_refresh = 30
> }
> protocols = imap lmtp
> service auth {
>   unix_listener /var/spool/postfix/private/auth {
> mode = 0666
>   }
>   user = $default_internal_user
> }
> service doveadm {
>   inet_listener http {
> address = 127.0.0.1
> port = 38080
>   }
> }
> service imap-login {
>   inet_listener imap {
> port = 143
>   }
>   inet_listener imaps {
> port = 993
> ssl = yes
>   }
> }
> service lmtp {
>   inet_listener lmtp {
> address = 127.0.0.1
> port = 8025
>   }
> }
> service stats {
>   fifo_listener stats-mail {
> mode = 0666
>   }
> }
> ssl = required
> ssl_cert = #
> ssl_cipher_list =
> ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:AES128-SHA
> ssl_dh_parameters_length = 4096
> ssl_key =  #
> ssl_prefer_server_ciphers = yes
> ssl_protocols = !SSLv2 !SSLv3
> submission_host = 127.0.0.1:25
> userdb {
>   args = /etc/dovecot/dovecot-sql.conf.ext
>   driver = sql
> }
> protocol imap {
>   mail_plugins = stats quota fts fts_lucene imap_stats imap_sieve
> }
> protocol lmtp {
>   mail_plugins = stats quota fts fts_lucene sieve
> }
> protocol lda {
>   mail_plugins = stats quota fts fts_lucene sieve
> }
>
> Aki
>
>> On April 14, 2017 at 7:21 PM David Mehler <dave.meh...@gmail.com> wrote:
>>
>>
>> Hello Aki,
>>
>> Thank you for your reply.
>>
>> I've implemented your changes and thanks for the @STRENGTH reminder, I
>> had forgotten about that one.
>>
>> I'll check out the acl plugin. Is it required when sharing a public
>> folder or are public folders usable by all? I know it is for shared
>> folders.
>>
>> The TestFolder1 is still not showing up in public not sure why
>> everything looks good.
>>
>> My configuration was migrated from 2.0 to 2.1 then 2.2, various ports
>> along the way.
>>
>> I was wondering if I could take a look at your dovecot configuration
>> files and a doveconf -n output?
>>
>> Thanks.
>> Dave.
>>
>>
>> On 4/14/17, Aki Tuomi <aki.tu...@dovecot.fi> wrote:
>> >
>> >> On April 14, 2017 at 3:04 AM David Mehler <dave.meh...@gmail.com>
>> >> wrote:
>> >>
>> >>
>> >> Hello,
>> >>
>> >> I'm running dovecot 2.29 on a freebsd 10.3 system. I'm wanting to
>> >> optimize how the sy

several misc questions, public folders and sharing, quota, ssl

[David Mehler]

Hello,

I'm running dovecot 2.29 on a freebsd 10.3 system. I'm wanting to
optimize how the system is running and have a few misc questions.

First ssl, is my cipher list good? I'm trying for pfs and wanting to
ensure these cipherlist is appropriate:

ssl_cipher_list = EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH

Next, a new feature that I'm trying for is virtual folders that store
All messages. My understanding of this is that it stores a version of
every received message in one place? I've got the virtual plugin
loaded and have:

  mailbox virtual/All {
comment = All my messages
special_use = \All
  }

I've got a directory /home/vmail/example.com/username/virtual under
which is an ALL folder both directories are accessible to the vmail
user, yet there's no contents in this folder and it's showing up
nowhere.

Next, quota warnings, are not being sent at all. I set up a testuser
with a quota of 2 mb, then sent a message to that user getting the box
to 95% full, and no message. Took the user overquota with the next
message, still nothing, and a third message did trigger my custom
quota exceeded message and the message was bounced.

 I'm wanting to implement public folders. My mailboxes are all
virtual, and they are stored under /home/vmail/example.com/username
and /home/vmail/example.org/username in the maildir format. I've got
one user uid and gid of 999 name of vmail who owns all the mailboxes.
I've separated out public folders storing them under
/home/vmail/public. I've created one mailbox called TestFolder and
new, cur, and tmp directories under it. This is what it looks like:

ls -la /home/vmail/public
total 24
drwx--  4 vmail  vmail  512 Apr 13 18:23 ./
drwx--  8 vmail  vmail  512 Mar 15 10:34 ../
drwxr-xr-x  5 vmail  vmail  512 Apr 13 18:16 TestFolder/
drwxr-xr-x  5 vmail  vmail  512 Apr 13 18:25 TestFolder1/
-rw---  1 vmail  vmail8 Apr 13 18:15 dovecot-uidvalidity
-r--r--r--  1 vmail  vmail0 Apr 13 18:15 dovecot-uidvalidity.58eff89a
-rw---  1 vmail  vmail  688 Apr 13 18:24 dovecot.list.index.log

ls -la /home/vmail/public/TestFolder
total 28
drwxr-xr-x  5 vmail  vmail  512 Apr 13 18:16 ./
drwx--  4 vmail  vmail  512 Apr 13 18:23 ../
drwxr-xr-x  2 vmail  vmail  512 Apr 13 18:13 cur/
-rw-r--r--  1 vmail  vmail   51 Apr 13 18:16 dovecot-uidlist
-rw-r--r--  1 vmail  vmail  304 Apr 13 18:16 dovecot.index.log
drwxr-xr-x  2 vmail  vmail  512 Apr 13 18:13 new/
drwxr-xr-x  2 vmail  vmail  512 Apr 13 18:13 tmp/

ls -la /home/vmail/public/TestFolder1
total 20
drwxr-xr-x  5 vmail  vmail  512 Apr 13 18:25 ./
drwx--  4 vmail  vmail  512 Apr 13 18:23 ../
drwxr-xr-x  2 vmail  vmail  512 Apr 13 18:25 cur/
drwxr-xr-x  2 vmail  vmail  512 Apr 13 18:25 new/
drwxr-xr-x  2 vmail  vmail  512 Apr 13 18:25 tmp/

The public/TestFolder is showing up fine and I can switch to it. The
public/TestFolder1 is not showing up at all so I'm not seeing it and
can't switch to it. Any ideas?

My second question involves public folders and domain sharing. Are
public folders accessible to all users and all domains? I've got two
domains example.com and example.org i'd like to create a folder that
some users in example.com can share with some users in example.org,
not necessarily all users in those domains should be able to see the
folders.

Ideas welcome.

Thanks.
Dave.

doveconf -n
# 2.2.29 (13ebc01): /usr/local/etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.18 (29cc74d)
# OS: FreeBSD 10.3-RELEASE-p11 amd64  ufs
auth_cache_size = 8 k
auth_default_realm = example.com
auth_mechanisms = plain login cram-md5
auth_realms = example.com example.org
auth_socket_path = /var/run/dovecot/auth-userdb
dict {
  sqlquota = mysql:/usr/local/etc/dovecot/dovecot-dict-sql.conf.ext
}
disable_plaintext_auth = no
first_valid_gid = 999
first_valid_uid = 999
hostname = mail.example.com
imap_client_workarounds = delay-newmail tb-extra-mailbox-sep tb-lsub-flags
last_valid_gid = 999
last_valid_uid = 999
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
listen = 127.0.0.1 xxx.xxx.xxx.xxx
mail_fsync = never
mail_gid = vmail
mail_home = /home/vmail/%d/%n/home
mail_location = maildir:/home/vmail/%d/%n:LAYOUT=fs
mail_plugins = acl mail_log notify quota trash virtual welcome zlib
mail_server_admin = mailto:postmas...@example.com
mail_uid = vmail
mailbox_list_index = yes
maildir_broken_filename_sizes = yes
maildir_empty_new = yes
maildir_very_dirty_syncs = yes
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date index ihave duplicate mime foreverypart
extracttext imapflags notify imapsieve vnd.dovecot.imapsieve
namespace {
  hidden = no
  list = yes
  location = 
maildir:/home/vmail/public/:LAYOUT=fs:CONTROL=/home/vmail/public/:INDEX=/home/vmail/public/
  prefix = public/
  separator = /
  subscriptions = yes
  type = 

Cutting down on sql connections

[David Mehler]

Hello,

I'm running dovecot 2.29 on a freebsd 10.3 system. I'm trying to cut
down queries to my database and tried to do a userdb static and
prefetch. I modified the password query to pull in userdb_quota and
got an error that that was not valid. Is this behavior normal?

Apr 13 17:22:15 hostname dovecot: master: Dovecot v2.2.29 (13ebc01)
starting up for imap, sieve
Apr 13 17:22:24 hostname dovecot: imap-login: Login:
user=, method=PLAIN, rip=127.0.0.1,
lip=127.0.0.1, mpid=66452, secured, session=
Apr 13 17:22:24 hostname dovecot: imap(usern...@example.com): Logged
out in=102 out=3020
Apr 13 17:22:24 hostname dovecot: imap-login: Login:
user=, method=PLAIN, rip=127.0.0.1,
lip=127.0.0.1, mpid=68924, secured, session=<4xDQ6xJNht1/AAAB>
Apr 13 17:22:24 hostname dovecot: imap(username

Thanks.
Dave.

Cutting down on sql connections

[David Mehler]

Hello,

I'm running dovecot 2.29 on a freebsd 10.3 system. I'm trying to cut
down queries to my database and tried to do a userdb static and
prefetch. I modified the password query to pull in userdb_quota and
got an error that that was not valid. Is this behavior normal?

Apr 13 17:22:15 hostname dovecot: master: Dovecot v2.2.29 (13ebc01)
starting up for imap, sieve
Apr 13 17:22:24 hostname dovecot: imap-login: Login:
user=, method=PLAIN, rip=127.0.0.1,
lip=127.0.0.1, mpid=66452, secured, session=
Apr 13 17:22:24 hostname dovecot: imap(usern...@example.com): Logged
out in=102 out=3020
Apr 13 17:22:24 hostname dovecot: imap-login: Login:
user=, method=PLAIN, rip=127.0.0.1,
lip=127.0.0.1, mpid=68924, secured, session=<4xDQ6xJNht1/AAAB>
Apr 13 17:22:24 hostname dovecot: imap(username

Thanks.
Dave.

welcome plugin

[David Mehler]

Hello,

If anyone is using the welcome plugin in dovecot 2.2.x to sent a
one-time new welcome email to new users can I get a look at your
configuration? I'm stuck, I create a user and the welcome action does
not execute. If you've got a script to send the mail can I get a look
at that as well?

Thanks.
Dave.

dovecot 2.2.x listening on multiple interfaces

[David Mehler]

Hello,

I'm wondering if it's possible to get dovecot to listen on multiple
interfaces without designating * for everything?

I've got a machine with three interfaces going to three different
networks. I'm not wanting to let dovecot listen on all interfaces *
just two of them, standard ports. Is this doable?

Thanks.
Dave.

Re: letsencrypt

[David Mehler]

Hello,

Thanks. Is there another way of doing this? I've got a web server
running on 80 and 443. Are there any other options?

Thanks.
Dave.


On 3/3/17, Michael Neurohr <m...@michi.su> wrote:
> On 2017-03-03 19:07, David Mehler wrote:
>> Hello,
>>
>> I know some users here are using letsencrypt for their CA. If this is
>> to off topic write me privately.
>>
>> I'm wanting letsencrypt to take over as my CA, replacing existing self
>> signed certificates. I've got web working, a certificate for https
>> sites and one for webmail as they have different names. What I'm now
>> wanting to do is get letsencrypt going for my email setup, the smtp
>> handled by postfix, but mail, and imap I believe are handled by
>> dovecot.
>>
>> With the web it was easy just let apache serve the token that
>> letsencrypt needed and I got certificates. How do I do this with
>> regards email?
>
> You can use certbot. It has a built in webserver. It allows you to
> retrieve and renew the certificates automatically. I'm using it for
> Dovecot and Postfix.
>
> See https://certbot.eff.org/
>
> I'm doing everything with the following command:
>
> certbot/certbot-auto certonly --no-self-upgrade --standalone -n
> --rsa-key-size 4096 -d domain1.example.com -d domain2.example.com
> --pre-hook scripts/letsencrypt-pre-hook.sh --post-hook
> scripts/letsencrypt-post-hook.sh
>
> With the pre-hook and post-hook scripts I make sure to open and close
> the firewall on port 443, and to reload Postfix and Dovecot in case a
> certificate was update.
>
> You can find all information about the flags that I'm using at
> https://certbot.eff.org/docs/using.html
>
> Michael
>

Re: letsencrypt

[David Mehler]

Hello,

Thanks, should have mentioned dns tokens are not possible in my situation.

Thanks.
Dave.


On 3/3/17, Larry Rosenman <larry...@gmail.com> wrote:
> I have DNS setup as my auth, and use nsupdate to let it get the token.
>
>
>
> On 3/3/17, 12:07 PM, "dovecot on behalf of David Mehler"
> <dovecot-boun...@dovecot.org on behalf of dave.meh...@gmail.com> wrote:
>
> Hello,
>
> I know some users here are using letsencrypt for their CA. If this is
> to off topic write me privately.
>
> I'm wanting letsencrypt to take over as my CA, replacing existing self
> signed certificates. I've got web working, a certificate for https
> sites and one for webmail as they have different names. What I'm now
> wanting to do is get letsencrypt going for my email setup, the smtp
> handled by postfix, but mail, and imap I believe are handled by
> dovecot.
>
> With the web it was easy just let apache serve the token that
> letsencrypt needed and I got certificates. How do I do this with
> regards email?
>
> I hope that's clear.
>
> Any help appreciated.
>
> Thanks.
> Dave.
>
>
>
>

Re: welcome plugin

[David Mehler]

Hello,

Perms are 775 on that folder.

If you've got a working configuration can you do a doveconf -n and let
me see it? I'd like to compare yours to mine.

And if you've got a working welcome script i'd like to see that as well.

Thanks.
Dave.


On 3/3/17, @lbutlr <krem...@kreme.com> wrote:
> On 2017-03-02 (17:51 MST), David Mehler <dave.meh...@gmail.com> wrote:
>>
>> Feb 28 14:52:06 hostname dovecot: lda(testu...@domain.tld): Error:
>> userdb lookup: connect(/var/run/dovecot/auth-userdb) failed:
>> Permission denied (euid=143(dovecot) egid=143(dovecot) missing +r
>> perm: /var/run/dovecot/auth-userdb, dir owned by 0:0 mode=0755)
>
> This seems pretty clear. What are the permissions on that folder, and why is
> auth-userdb owned by root?
>
> On my system auth-userdb is owned by dovecot.
>
> --
> Apple broke AppleScripting signatures in Mail.app, so no random signatures.
>

letsencrypt

[David Mehler]

Hello,

I know some users here are using letsencrypt for their CA. If this is
to off topic write me privately.

I'm wanting letsencrypt to take over as my CA, replacing existing self
signed certificates. I've got web working, a certificate for https
sites and one for webmail as they have different names. What I'm now
wanting to do is get letsencrypt going for my email setup, the smtp
handled by postfix, but mail, and imap I believe are handled by
dovecot.

With the web it was easy just let apache serve the token that
letsencrypt needed and I got certificates. How do I do this with
regards email?

I hope that's clear.

Any help appreciated.

Thanks.
Dave.

Re: welcome plugin

[David Mehler]

Hello,

Thank you. My configuration is below. It looks like a perm problem,
i've set +r on the directory and it is readable.

One other thing I noticed when going through the log the testuser logs
in, then logs out. Then logs in again, and then gets the error. Any
ideas why the two logins? I see this all the time, a log in log out,
then another log in log out then the email transaction.

Thanks.
Dave.


# 2.2.28 (bed8434): /usr/local/etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.17 (e179378)
# OS: FreeBSD 10.3-RELEASE-p11 amd64  ufs
auth_default_realm = domain.tld
auth_mechanisms = plain login cram-md5
dict {
  sqlquota = mysql:/usr/local/etc/dovecot/dovecot-dict-sql.conf.ext
}
first_valid_gid = 999
first_valid_uid = 999
hostname = mail.domain.tld
imap_client_workarounds = delay-newmail tb-extra-mailbox-sep tb-lsub-flags
last_valid_gid = 999
last_valid_uid = 999
lmtp_rcpt_check_quota = yes
mail_gid = vmail
mail_home = /home/vmail/%d/%n/home
mail_location = maildir:/home/vmail/%d/%n:LAYOUT=fs
mail_plugins = acl quota zlib welcome
mail_server_admin = mailto:postmas...@domain.tld
mail_uid = vmail
mailbox_list_index = yes
maildir_broken_filename_sizes = yes
maildir_empty_new = yes
maildir_stat_dirs = yes
maildir_very_dirty_syncs = yes
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress tldparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date index ihave duplicate mime foreverypart
extracttext imapflags notify imapsieve
namespace {
  list = yes
  location = maildir:/home/vmail/public:LAYOUT=fs
  prefix = public/
  separator = /
  subscriptions = yes
  type = public
}
namespace inbox {
  hidden = no
  inbox = yes
  list = yes
  location =
  mailbox Drafts {
auto = no
special_use = \Drafts
  }
  mailbox Sent {
auto = subscribe
special_use = \Sent
  }
  mailbox Spam {
auto = subscribe
special_use = \Junk
  }
  mailbox Trash {
auto = no
special_use = \Trash
  }
  prefix =
  separator = /
  subscriptions = yes
  type = private
}
passdb {
  args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
  driver = sql
}
plugin {
  imapsieve_mailbox1_before =
file:/usr/local/lib/dovecot/sieve/report-spam.sieve
  imapsieve_mailbox1_causes = COPY
  imapsieve_mailbox1_name = Spam
  imapsieve_mailbox2_before = file:/usr/local/lib/dovecot/sieve/report-ham.sieve
  imapsieve_mailbox2_causes = COPY
  imapsieve_mailbox2_from = Spam
  imapsieve_mailbox2_name = *
  last_login_dict = redis:host=127.0.0.1:port=6379
  quota = dict:User quota::proxy::sqlquota
  quota_grace = 10%%
  quota_status_nouser = DUNNO
  quota_status_overquota = 552 5.2.2 Mailbox is full
  quota_status_success = DUNNO
  sieve = ~/.dovecot.sieve
  sieve_before = /usr/local/etc/dovecot/sieve/before.d
  sieve_extensions = +notify +imapflags
  sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.execute
  sieve_pipe_bin_dir = /usr/local/lib/dovecot/sieve
  sieve_plugins = sieve_imapsieve sieve_extprograms
}
postmaster_address = postmas...@domain.tld
protocols = imap
service auth-worker {
  user = vmail
}
service auth {
  unix_listener /var/spool/postfix/private/auth {
mode = 0666
  }
  unix_listener auth-userdb {
mode = 0600
user = vmail
  }
}
service dict {
  unix_listener dict {
mode = 0600
user = vmail
  }
}
service imap-login {
  inet_listener imap {
port = 143
  }
  inet_listener imaps {
port = 993
ssl = yes
  }
}
service lmtp {
  unix_listener dovecot-lmtp {
group = postfix
mode = 0660
user = postfix
  }
}
service quota-status {
  client_limit = 1
  executable = quota-status -p postfix
  inet_listener {
address = 127.0.0.1
port = 12345
  }
}
ssl_ca = /etc/ssl/certs/cacert.crt
ssl_cert = , method=PLAIN, rip=127.0.0.1,
lip=127.0.0.1, mpid=5840, secured, session=<5EXYh5xJesx/AAAB>
Feb 28 14:52:06 hostname dovecot: imap(testu...@domain.tld): Logged
out in=102 out=1373
Feb 28 14:52:06 hostname dovecot: imap-login: Login:
user=<testu...@domain.tld>, method=PLAIN, rip=127.0.0.1,
lip=127.0.0.1, mpid=7724, secured, session=<0nPch5xJMeR/AAAB>
Feb 28 14:52:06 hostname dovecot: lda(testu...@domain.tld): Error:
userdb lookup: connect(/var/run/dovecot/auth-userdb) failed:
Permission denied (euid=143(dovecot) egid=143(dovecot) missing +r
perm: /var/run/dovecot/auth-userdb, dir owned by 0:0 mode=0755)
Feb 28 14:52:06 hostname dovecot: lda: Fatal: Internal error occurred.
Refer to server log for more information.
Feb 28 14:52:06 hostname dovecot: welcome: Fatal: master:
service(welcome): child 8781 returned error 75
Feb 28 14:52:06 hostname dovecot: imap(testu...@domain.tld): Logged
out in=234 out=1549


On 3/2/17, @lbutlr <krem...@kreme.com> wrote:
> On 2017-03-02 (16:54 MST), David Mehler <dave.meh...@gmail.com> wrote:
>>
>> Is anyone using the welcome plugin? I'm trying to utilize it to send a
>> message 

welcome plugin

[David Mehler]

Hello,


Is anyone using the welcome plugin? I'm trying to utilize it to send a
message when a user first logs in to the system, containing important
information for them to know. The plugin loads, I don't have a
configuration problem, but the message never gets sent.

What can I provide to more easily troubleshoot this?

Thanks.
Dave.

Re: Replacement for antispam plugin

[David Mehler]

Hello,

Chiming in on this with a question, and will be getting to it over the
weekend or later this evening time permitting.

Does retraining a message as either spam or ham alter message headers
for example x-spam or the spamassassin-modified subject header?

If not is it possible to do so after processing? For example, I have a
message inadvertently tagged as spam, from Spamassassin it gets an
x-spam header added as well as a modified subject. Retraining that
message as ham moving it to say any other folder but spam i'd like for
that x-spam header to be set to as it is not spam, and the
spamassassin subject to be removed. Is this doable?

Thanks.
Dave.


On 2/10/17, Michael Slusarz  wrote:
>
>> On February 10, 2017 at 12:13 PM Ralph Seichter wrote:
>>
>> On 10.02.17 18:34, Michael Slusarz wrote:
>> > > Can we add an exception for the Trash folder?
>> > This is handled in the sieve script. E.g.:
>> >
>> > require "environment";
>> > if environment "imap.mailbox" "Trash" {
>> >  stop;
>> > }
>>
>> This does not work for me, and I don't really expect it to work either.
>> https://tools.ietf.org/html/rfc6785#section-4.4 states:
>>
>>  The implementation MUST set the Environment [RFC5183] item
>> "imap.mailbox"
>>  to the name of the mailbox that the affected message is in, in the
>>  case of existing messages, or is targeted to be stored into, in the
>>  case of new messages.
>>
>> The message already exists in the Spam folder, hence imap.mailbox should
>> be "Spam" instead of "Trash", correct?
>
> Incorrect.
>
> When you move a message to a new mailbox, that is a "new message" event (a
> new UID in the target mailbox is created; the message count increases).  So
> imap.mailbox is set to the name of the *target* mailbox.
>
>> Is there perhaps another way to ensure that manually deleted spam is not
>> erroneously learned as ham?
>>
>> -Ralph
>

Re: Dovecot and Windows Live Mail 2012?

[David Mehler]

Hello,

I'm using self-signed certificates, but my CA public key is imported.

I checked the logs and was getting an error about no authentication
which is probably why it was failing. I then switched to 587 and 993
ports and now it works, but it's very intermediant, sometimes it
works, other times not.

If there's a better free windows email client, (please not
thunderbird), that doesn't have these Microsoft-isms i'd appreciate
knowing about it.

Thanks.
Dave.


On 4/13/16, aki.tu...@dovecot.fi <aki.tu...@dovecot.fi> wrote:
>
>> On April 13, 2016 at 5:51 PM David Mehler <dave.meh...@gmail.com> wrote:
>>
>>
>> Hello,
>>
>> I hope someone has this working, because I'm pulling my hair out at this
>> one.
>>
>> I'm using well for this it's a win7 x64 machine running Windows
>> Essentials 2012 and using the Windows Live mail component. I am trying
>> to connect to my Dovecot server running 2.23 I believe. I keep getting
>> the error "the imap command could not be sent to the server because of
>> a non-network error" googling showed many with this, but no fix.
>>
>> In this account I'm trying to access port 143 which uses starttls. In
>> Mail I've got the boxes for require a secure connection and
>> authentication checked.
>>
>> I should note of course and with no surprise that Mail works oh just
>> fine with the Hotmail account I've also got configured, it's only with
>> the downloading of folders and sending of email to the dovecot server
>> that mail has the issue.
>>
>> Please let me know if I can provide any additional information.
>>
>> Help appreciated.
>>
>> Thanks.
>> Dave.
>
> Are you using public CA signed certificate? Are there any errors in dovecot
> logs?
>
> Aki
>

Dovecot and Windows Live Mail 2012?

[David Mehler]

Hello,

I hope someone has this working, because I'm pulling my hair out at this one.

I'm using well for this it's a win7 x64 machine running Windows
Essentials 2012 and using the Windows Live mail component. I am trying
to connect to my Dovecot server running 2.23 I believe. I keep getting
the error "the imap command could not be sent to the server because of
a non-network error" googling showed many with this, but no fix.

In this account I'm trying to access port 143 which uses starttls. In
Mail I've got the boxes for require a secure connection and
authentication checked.

I should note of course and with no surprise that Mail works oh just
fine with the Hotmail account I've also got configured, it's only with
the downloading of folders and sending of email to the dovecot server
that mail has the issue.

Please let me know if I can provide any additional information.

Help appreciated.

Thanks.
Dave.

Webmail accessive Dovecot logins

[David Mehler]

Hello,

I've seen this issue before, running a imap/smtp/database server on
localhost and adding in a webmail interface, in this case Roundcube.

In my maillog I'm seeing accessive Dovecot connections and logouts
just from my own transaction of logging in, going to compose a
message, sending, and logging out.

I'm using Mysql as database backend and was wondering if there was
something I could do to cut down on the amount of connections needed?

I'm running 2.2.19 on a FreeBSD 10.2 system.

I'm not sure what other information to provide, here's the relevant
log and a doveconf -n.

Second question, in the doveconf -n there's reference to my ssl_cipher
am I  using current tls ciphers that support pfs?

Thanks.
Dave.
Oct 29 20:51:21 server dovecot: imap-login: Login: user=,
method=PLAIN, rip=::1, lip=::1, mpid=71405, secured,
session=<6Px600cja6cB>
Oct 29 20:51:21 server dovecot: imap(xxx): Disconnected: Logged out
in=82 out=763
Oct 29 20:51:22 server dovecot: imap-login: Login: user=,
method=PLAIN, rip=::1, lip=::1, mpid=72189, secured,
session=
Oct 29 20:51:22 server dovecot: imap(xxx): Disconnected: Logged out
in=70 out=932
Oct 29 20:51:29 server dovecot: imap-login: Login: user=,
method=PLAIN, rip=::1, lip=::1, mpid=74281, secured,
session=
Oct 29 20:51:29 server dovecot: imap-login: Login: user=,
method=PLAIN, rip=::1, lip=::1, mpid=74927, secured,
session=
Oct 29 20:51:29 server dovecot: imap(xxx): Disconnected: Logged out
in=439 out=1702
Oct 29 20:51:29 server dovecot: imap(xxx): Disconnected: Logged out
in=326 out=24327
Oct 29 20:51:45 server dovecot: imap-login: Login: user=,
method=PLAIN, rip=::1, lip=::1, mpid=75557, secured,
session=<3tjm1EcjsjUB>
Oct 29 20:51:45 server dovecot: imap(xxx): Disconnected: Logged out
in=32 out=521
Oct 29 20:51:46 server dovecot: imap-login: Login: user=,
method=PLAIN, rip=::1, lip=::1, mpid=77051, secured,
session=
Oct 29 20:51:46 server dovecot: imap(xxx): Disconnected: Logged out
in=44 out=799


doveconf -n
# 2.2.19: /usr/local/etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.9 (357ac0a0e68b+)
# OS: FreeBSD 10.2-RELEASE amd64  ufs
auth_default_realm = domain.com
auth_mechanisms = plain login
dict {
  sqlquota = mysql:/usr/local/etc/dovecot/dovecot-dict-sql.conf.ext
}
first_valid_gid = 999
first_valid_uid = 999
hostname = x...@domain.com
imap_client_workarounds = delay-newmail tb-extra-mailbox-sep tb-lsub-flags
last_valid_gid = 999
last_valid_uid = 999
lmtp_rcpt_check_quota = yes
mail_gid = vmail
mail_home = /home/vmail/%d/%n/home
mail_location = maildir:/home/vmail/%d/%n:LAYOUT=fs
mail_plugins = acl quota zlib
mail_server_admin = mailto:postmas...@domain.com
mail_uid = vmail
mailbox_list_index = yes
maildir_broken_filename_sizes = yes
maildir_empty_new = yes
maildir_stat_dirs = yes
maildir_very_dirty_syncs = yes
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date index ihave duplicate
namespace {
  list = yes
  location = maildir:/home/vmail/public:LAYOUT=fs
  prefix = public/
  separator = /
  subscriptions = yes
  type = public
}
namespace inbox {
  hidden = no
  inbox = yes
  list = yes
  location =
  mailbox Drafts {
auto = subscribe
special_use = \Drafts
  }
  mailbox Sent {
auto = subscribe
special_use = \Sent
  }
  mailbox Spam {
auto = subscribe
special_use = \Junk
  }
  mailbox Trash {
auto = subscribe
special_use = \Trash
  }
  prefix =
  separator = /
  subscriptions = yes
  type = private
}
passdb {
  args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
  driver = sql
}
plugin {
  quota = dict:User quota::proxy::sqlquota
  quota_grace = 10%%
  quota_status_nouser = DUNNO
  quota_status_overquota = 552 5.2.2 Mailbox is full
  quota_status_success = DUNNO
  sieve_default = /home/vmail/conf.d/domain.com/sieve/default.sieve
}
postmaster_address = postmas...@domain.com
protocols = imap
service auth {
  unix_listener /var/spool/postfix/private/auth {
mode = 0666
  }
  unix_listener auth-userdb {
mode = 0600
user = vmail
  }
}
service dict {
  unix_listener dict {
mode = 0600
user = vmail
  }
}
service imap-login {
  inet_listener imap {
address =
  }
  inet_listener imaps {
ssl = yes
  }
}
service lmtp {
  unix_listener dovecot-lmtp {
group = postfix
mode = 0660
user = postfix
  }
}
service quota-status {
  client_limit = 1
  executable = quota-status -p postfix
  inet_listener {
address = 127.0.0.1
port = 12345
  }
}
ssl = required
ssl_cert = 

Re: Dovecot antispam

[David Mehler]

Hi,

Can I get a look at your antispam configs? I'd like to compare them
against mine.

Thanks.
Dave.


On 1/26/15, Steffen Kaiser skdove...@smail.inf.fh-brs.de wrote:
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1

 On Sun, 25 Jan 2015, David Mehler wrote:

 I've got a Postfix, amavisd-new, dovecot (delivery and sieve), setup
 with spamassassin. It's for the most part working fine, here's the
 problem, false positives and false negatives. The sieve moves
 spamassassin-tagged messages in to the Spam folder, sometimes it
 misses either a false positive or negative. What I'm wanting to do and
 this is where the dovecot-antispam plugin comes in is automatically
 retrain messages, a false positive or negative needs to be moved and
 reclassified accordingly. I've found a lot of google results
 indicating dspam, when I used this the results were terrible after
 three months of usage I gave up on it. I've thought about using spamc
 with dovecot-antispam to handle retraining or crm114, but not much on
 getting this going. If anyone has any information on this or any other
 non-dspam setup that would work I'd appreciate knowing about it.

 What kind of information you are seeking?
 In what regards are the results of dspam _terrible_?

 Installation / Configuration? :- http://wiki2.dovecot.org/Plugins/Antispam

 - --
 Steffen Kaiser
 -BEGIN PGP SIGNATURE-
 Version: GnuPG v1

 iQEVAwUBVMX0pnz1H7kL/d9rAQKDxQgAtPdGTRX3mbO/VQUQC2HIF0FlIt4197M5
 agAKg6PhGnwOiQ7hxfm97JXQ6BICdgboZLmE1Tgz/EVPnv5joHY3zP6nJL1J+AQX
 H4elEeFB1Cw8zMgb/cYJ+kNt8tHlIISztLF6qzK8nvQeZHvNaE5o6y0rn6i7+8nn
 b7cVVJSebjia113CN0duRFNEJyNEkU9S94TsSFceQPAMyWlxBbpt7kakDOREznSU
 zjhC7BqDMtcZYy3K/lRSTPDFXickI2fmlal1C5oJFNuSqVjCtm7veh6uL9eBcPvw
 OYeyrPctnTFth/m1mzTqv0S3NKiswk5YqnR3C+5hJpNEmp/hanYE8w==
 =zEhj
 -END PGP SIGNATURE-

Dovecot antispam

[David Mehler]

Hello,

This is not specifically a dovecot issue, but to it's antispam plugin,
that being the case if private responses are deemed so please do so.

I've got a Postfix, amavisd-new, dovecot (delivery and sieve), setup
with spamassassin. It's for the most part working fine, here's the
problem, false positives and false negatives. The sieve moves
spamassassin-tagged messages in to the Spam folder, sometimes it
misses either a false positive or negative. What I'm wanting to do and
this is where the dovecot-antispam plugin comes in is automatically
retrain messages, a false positive or negative needs to be moved and
reclassified accordingly. I've found a lot of google results
indicating dspam, when I used this the results were terrible after
three months of usage I gave up on it. I've thought about using spamc
with dovecot-antispam to handle retraining or crm114, but not much on
getting this going. If anyone has any information on this or any other
non-dspam setup that would work I'd appreciate knowing about it.

Thanks.
Dave.

Re: sieve filter not working

[David Mehler]

Hello,

I'd use Dovecot Lda for delivery if you want to use sieve.

Hth
Dave.


On 1/24/15, Michael Williamson michael.h.william...@gmail.com wrote:
 On 1/24/15, Christian Kivalo ml+dove...@valo.at wrote:

home_mailbox = Maildir/
 This tells postfix where to deliver the mails. dovecot is not configured
 to
 delivet mails.

 Take a look at dovecot wiki there are examples of how to incorporate
 dovecot
 lda into thendelivery process.

 I believe dovecot has actually nothing to do with delivering your
mails
 so no sieve filters are applied...

Is it postfix?

 yes, seems so


 OK, thanks.

 Now I ask, am I better off enabling dovecot lda with the sieve spam
 filter, or using postfix for filter?

 -Mike

Dovecot on Fedora 20 or 21

[David Mehler]

Hello,

Is anyone running Dovecot on either a Fedora 20 or 21 system? I'm
having an issue, on a system reboot, which I admit does not happen
often, Dovecot fails to start in the systemctl list, output is status
failed. The issue seems to be Dovecot can not bind to the ipv6
address. Now later if I manually log in to the box and start dovecot
it works just fine no problems. I've googled and seen similar issues
to this. Does anyone have a solution?

Thanks.
Dave.

dovecot and gmail backup

[David Mehler]

Hello,

I'm trying to use my server running dovecot to receive via imap a
backup of my gmail account, messages. I'm getting an error from
imap.gmail.com that it does support plain authentication but that it
failed to download messages. If anyone has this working please let me
know what you had to do.

Thanks.
Dave.

[Dovecot] Dovecot, mysql, and quota

[David Mehler]

Hello,

I'm running dovecot 2.2 and wanting to get quotas going. I've got the
plugins loaded appropriately and am wanting to configure a dictionary
backend to talk to my mysql database.

I've got a single database called mail which has all the mail-related
items in it. One table is for virtual users which postfix uses. It
looks like this:

CREATE TABLE `virtual_users` (
  `id` int(11) NOT NULL auto_increment,
  `domain_id` int(11) NOT NULL,
  `password` varchar(128) NOT NULL,
  `email` varchar(100) NOT NULL,
  PRIMARY KEY (`id`),
  UNIQUE KEY `email` (`email`),
  FOREIGN KEY (domain_id) REFERENCES virtual_domains(id) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
and a user looks like:
INSERT INTO `mail`.`virtual_users` (
  `id` ,
  `domain_id` ,
  `password` ,
  `email`
)
VALUES (
  '1', '1', SHA2( 'PasswordGoesHere', 512) , 'usern...@domain.com'
);

plugin {
  # SQL backend:
  quota = dict:User quota::proxy::sqlquota
}
dict {
  sqlquota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext
}

Now when creating the quota table i'd like to have the username field
linked to my virtual_users table username field, so I don't have to
set up two tables both with the same username information in it. Can
someone check me on this design so that if I delete a virtual user out
of the virtual_users table the coresponding row in the quota table is
also eliminated?

My second question has to do with global and per user quotas. If I
have something like this:

CREATE TABLE quota (
  username varchar(100) not null,
  bytes bigint not null default 262144,
  messages integer not null default 0,
  primary key (username)
);

256MB for all users by default, but then if I give a user a 100MB
value in the bytes field of their quota entry would that be a per-user
quota?

Thanks.
Dave.

[Dovecot] can not see public mailbox

[David Mehler]

Hello,

I'm running Dovecot2 and trying to set up public mailboxes. I've got a
virtual user system set up with postfix and using MySQL
authentication. I'm wanting to create several public mailboxes for
shared messages. I've followed the wiki and have the public folder
created. I've got a folder /home/vmail/public/public1 public1 being
the maildir of the public mailbox.

I can see in my folder list of my webmail client the root public
folder but I can't change in to it and I can not see the public1
public mailbox.

I'm using one user vmail set up for this setup, permissions on the
public1 folder allow the vmail user to read and execute.

In public1 I have a file dovecot-acl which has the user attempting to
access the public folder with the flags l and r.

Below is my config with doveconf -n. I'd appreciate any suggestions.

Thanks.
Dave.

# 2.1.16: /etc/dovecot/dovecot.conf
# OS: Linux 3.12.6-x86-linode55 i686 Fedora release 17 (Beefy Miracle) ext3
dict {
  quota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext
}
first_valid_gid = 5000
first_valid_uid = 5000
hostname = xxx
last_valid_gid = 5000
last_valid_uid = 5000
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
listen = *
mail_gid = vmail
mail_home = /home/vmail/%d/%n/home
mail_location = maildir:/home/vmail/%d/%n:LAYOUT=fs
mail_plugins =  acl quota zlib
mail_uid = vmail
maildir_very_dirty_syncs = yes
namespace {
  list = yes
  location = maildir:/home/vmail/public:LAYOUT=fs
  prefix = Public/
  separator = /
  subscriptions = yes
  type = public
}
namespace inbox {
  hidden = no
  inbox = yes
  list = yes
  location =
  mailbox Drafts {
special_use = \Drafts
  }
  mailbox Junk {
special_use = \Junk
  }
  mailbox Sent {
special_use = \Sent
  }
  mailbox Sent Messages {
special_use = \Sent
  }
  mailbox Trash {
special_use = \Trash
  }
  prefix =
  separator = /
  subscriptions = yes
  type = private
}
passdb {
  args = /etc/dovecot/dovecot-sql.conf.ext
  driver = sql
}
plugin {
  acl = vfile
  autocreate = Spam
  autosubscribe = Spam
  quota = dict:User quota::proxy::quota
  quota_rule = *:storage=1G
  quota_rule2 = Trash:storage=+100M
  quota_warning = storage=95%% quota-warning 95 %u
  quota_warning2 = storage=80%% quota-warning 80 %u
}
postmaster_address = postmaster@xxx
protocols = imap
service auth {
  unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
  }
  unix_listener auth-userdb {
mode = 0600
user = vmail
  }
}
service dict {
  unix_listener dict {
mode = 0600
user = vmail
  }
}
service imap-login {
  inet_listener imap {
address = 127.0.0.1 ::1
  }
  inet_listener imaps {
address = xxx xxx
ssl = yes
  }
}
service quota-warning {
  executable = script /usr/local/bin/quota-warning.sh
  user = vmail
}
ssl_cert = /etc/ssl/certs/server.crt
ssl_key = /etc/ssl/private/server.key
userdb {
  args = /etc/dovecot/dovecot-sql.conf.ext
  driver = sql
}
protocol lda {
  mail_plugins =  acl quota zlib quota
}
protocol imap {
  mail_plugins =  acl quota zlib autocreate imap_acl imap_quota imap_zlib
}

[Dovecot] Fedora Rpm of Dovecot Antispam plugin

[David Mehler]

Hello,

Quick question, does anyone have a fedora 17 rpm or a rel src.rpm that
can be rebuilt, of the dovecot antispam plugin?

Thanks.
Dave.