Re: Set X-Original-To based an ORCPT?
Hi,
to get a 'Delivered-to' header based on ORCPT, I wrote a patch
(attached) to force Dovecot lmtp to advertise DSN after a LHLO command.
In this way, Postfix add an ORCPT to the RCTP command
(http://postfix.1071664.n5.nabble.com/pipe-flags-vs-lmtp-td11587.html#a11596).
Be carefully: in this way DSN notification is broken, but they were
broken in any case at the time I wrote the patch (read the entire post
linked above).
The first patch is for Dovecot 2.2.x: after apply, you cannot disable
the DSN advertisement. The other is for Dovecot 2.3.0: you can
enable/disable the advertisement using the new bool parameter
'lmtp_lhlo_dsn'.
I'm using it for the past two years, without any problem.
Thanks,
Marco
On 2018-08-07 11:48, Tom Sommer wrote:
> On 2015-09-02 22:01, Peer Heinlein wrote:
>> Since
>>
>> http://dovecot.org/pipermail/dovecot-cvs/2014-November/025241.html
>>
>> Dovecot's LMTP does support ORCPT.
>>
>> Is it possible to set X-Original-To-Header based on that ORCPT?
>
> Any news or response on this? I too am in need of this header being
> passed and saved correctly.
>
> Thanks.
>
> --
> Tom
>
--
Marco Giunta - ITCS SysAdmin
Via Bonomea, 265
34136 - Trieste, Italy
Tel: +39-040-3787-503
Fax: +39-040-3787-244
--- dovecot-2.2.24/src/lmtp/commands.c.orig 2016-04-26 15:01:21.0 +0200
+++ dovecot-2.2.24/src/lmtp/commands.c 2017-02-16 16:01:39.091220376 +0100
@@ -82,7 +82,8 @@
client_send_line(client, "250-XCLIENT ADDR PORT TTL TIMEOUT");
client_send_line(client, "250-8BITMIME");
client_send_line(client, "250-ENHANCEDSTATUSCODES");
- client_send_line(client, "250 PIPELINING");
+ client_send_line(client, "250-PIPELINING");
+ client_send_line(client, "250 DSN");
i_free(client->lhlo);
client->lhlo = i_strdup(str_c(domain));
@@ -200,6 +201,11 @@
client->state.mail_body_7bit = TRUE;
else if (strcasecmp(*argv, "BODY=8BITMIME") == 0)
client->state.mail_body_8bitmime = TRUE;
+ /* Skip unsupported DSN parameters */
+ else if (strncasecmp(*argv, "RET=", 4) == 0)
+ continue;
+ else if (strncasecmp(*argv, "ENVID=", 6) == 0)
+ continue;
else {
client_send_line(client,
"501 5.5.4 Unsupported options");
@@ -638,9 +644,12 @@
argv = t_strsplit(params, " ");
for (; *argv != NULL; argv++) {
- if (strncasecmp(*argv, "ORCPT=", 6) == 0) {
+ if (strncasecmp(*argv, "ORCPT=", 6) == 0)
rcpt->params.dsn_orcpt = parse_xtext(client, *argv + 6);
- } else {
+ /* Skip unsupported DSN parameter */
+ else if (strncasecmp(*argv, "NOTIFY=", 7) == 0)
+ continue;
+ else {
client_send_line(client, "501 5.5.4 Unsupported options");
return 0;
}
diff -up dovecot-2.3.0/src/lmtp/client.c.orig dovecot-2.3.0/src/lmtp/client.c
--- dovecot-2.3.0/src/lmtp/client.c.orig 2018-01-05 07:45:36.0 +0100
+++ dovecot-2.3.0/src/lmtp/client.c 2018-01-16 08:55:49.437006465 +0100
@@ -151,6 +151,8 @@ struct client *client_create(int fd_in,
SMTP_CAPABILITY_ENHANCEDSTATUSCODES |
SMTP_CAPABILITY_8BITMIME |
SMTP_CAPABILITY_CHUNKING;
+ if (client->lmtp_set->lmtp_lhlo_dsn)
+ lmtp_set.capabilities |= SMTP_CAPABILITY_DSN;
if (!conn->ssl && master_service_ssl_is_enabled(master_service))
lmtp_set.capabilities |= SMTP_CAPABILITY_STARTTLS;
lmtp_set.hostname = client->unexpanded_lda_set->hostname;
diff -up dovecot-2.3.0/src/lmtp/lmtp-settings.c.orig dovecot-2.3.0/src/lmtp/lmtp-settings.c
--- dovecot-2.3.0/src/lmtp/lmtp-settings.c.orig 2018-01-05 07:45:36.0 +0100
+++ dovecot-2.3.0/src/lmtp/lmtp-settings.c 2018-01-16 08:53:13.513920390 +0100
@@ -62,6 +62,7 @@ static const struct setting_define lmtp_
DEF(SET_BOOL, lmtp_proxy),
DEF(SET_BOOL, lmtp_save_to_detail_mailbox),
DEF(SET_BOOL, lmtp_rcpt_check_quota),
+ DEF(SET_BOOL, lmtp_lhlo_dsn),
DEF(SET_UINT, lmtp_user_concurrency_limit),
DEF(SET_ENUM, lmtp_hdr_delivery_address),
DEF(SET_STR_VARS, login_greeting),
@@ -74,6 +75,7 @@ static const struct lmtp_settings lmtp_d
.lmtp_proxy = FALSE,
.lmtp_save_to_detail_mailbox = FALSE,
.lmtp_rcpt_check_quota = FALSE,
+ .lmtp_lhlo_dsn = FALSE,
.lmtp_user_concurrency_limit = 0,
.lmtp_hdr_delivery_address = "final:none:original",
.login_greeting = PACKAGE_NAME" ready.",
diff -up dovecot-2.3.0/src/lmtp/lmtp-settings.h.orig dovecot-2.3.0/src/lmtp/lmtp-settings.h
--- dovecot-2.3.0/src/lmtp/lmtp-settings.h.orig 2018-01-05 07:45:36.0 +0100
+++ dovecot-2.3.0/src/lmtp/lmtp-settings.h 2018-01-16 08:57:18.505887547 +0100
@@ -16,6 +16,7 @@ struct lmtp_settings {
bool lmtp_proxy;
bool lmtp_save_to_detail_mailbox;
bool lmtp_rcpt_check_quota;
+ bool lmtp_lhlo_dsn;
unsigned int lmtp_user_concurrency_limit;
const char *lmtp_hdr_delivery_address;
const char *login_greeting;
Re: Shared mailboxes, index files and 'per-user-seen' flags
Hi Thomas,
it is a known problem:
https://www.dovecot.org/pipermail/dovecot/2018-February/111057.html
Try the solution suggested in above mail; it works for me.
Thanks,
Marco
On 2018-06-06 13:53, Thomas Robers wrote:
> Hello,
>
> i have a dovecot server version 2.3.1 under CentOS 6.9 and we're
> using shared mailboxes with index files shared. With this configuration
> I can see a lot of error messages like:
>
> Jun 6 13:20:31 mail dovecot: Error: imap(us...@tutech.de)<4513>
> : /export/home/imap/us...@tutech.de/shared
> /us...@tutech.de/folder/dovecot.index.pvt view is inconsistent
>
> In 10-mail.conf the location setting is:
>
> location = maildir:%%h/Maildir:INDEXPVT=%h/shared/%%u
>
> I thought setting the index files to "not shared" might help to
> get rid of the errors, so I changed the setting to:
>
> location = maildir:%%h/Maildir:INDEX=%h/shared/%%u:INDEXPVT=%h
> /shared/%%u
>
> like it's mentioned in the Dovecot wiki. But that doesn't work as
> I expected, because the 'per-user-seen' flags do not work correctly
> anymore, i think. If UserA, who has UserB as shared mailbox,
> changes the seen flags of UserBs INBOX, UserBs seen flags are also
> changed. The other way, if UserB changes seen flags in his INBOX
> they are not changed in the shared view of UserA. Is this the
> supposed way to work or do i have an error in the configuration?
>
> Any help is appreciated.
>
> Thanks, Thomas.
>
> Here's my currently used configuration:
>
> # 2.3.1 (c5a5c0c82): /etc/dovecot/dovecot.conf
> # Pigeonhole version 0.5.devel (61b47828)
> # OS: Linux 2.6.32-696.23.1.el6.x86_64 x86_64 CentOS release 6.9 (Final)
> ext4
> # Hostname: mail.tutech.de
> auth_master_user_separator = *
> auth_mechanisms = plain login
> auth_verbose = yes
> disable_plaintext_auth = no
> doveadm_password = # hidden, use -P to show it
> doveadm_port = 12345
> imap_max_line_length = 2 M
> mail_debug = yes
> mail_location = maildir:/export/home/imap/%Lu/Maildir
> mail_plugins = acl zlib mail_log notify
> mail_prefetch_count = 1
> mailbox_idle_check_interval = 10 secs
> managesieve_notify_capability = mailto
> managesieve_sieve_capability = fileinto reject envelope
> encoded-character vacation subaddress comparator-i;ascii-numeric
> relational regex imap4flags copy include variables body enotify
> environment mailbox date index ihave duplicate mime foreverypart
> extracttext
> namespace {
> hidden = no
> ignore_on_failure = no
> inbox = no
> list = children
> location = maildir:%%h/Maildir:INDEXPVT=%h/shared/%%u
> prefix = shared/%%u/
> separator = /
> subscriptions = yes
> type = shared
> }
> namespace inbox {
> hidden = no
> inbox = yes
> list = yes
> location =
> mailbox Drafts {
> special_use = \Drafts
> }
> mailbox Junk {
> special_use = \Junk
> }
> mailbox Sent {
> special_use = \Sent
> }
> mailbox "Sent Messages" {
> special_use = \Sent
> }
> mailbox Trash {
> special_use = \Trash
> }
> prefix = INBOX/
> separator = /
> type = private
> }
>
> passdb {
> args = /etc/dovecot/master-users
> driver = passwd-file
> master = yes
> }
> passdb {
> args = /etc/dovecot/dovecot-ldap.conf.ext
> driver = ldap
> }
> plugin {
> acl = vfile:/etc/dovecot/global-acls:cache_secs=300
> acl_shared_dict = file:/export/home/shared-db/shared-mailboxes
> mail_log_events = append delete undelete expunge copy mailbox_delete
> mailbox_rename flag_change
> mail_log_fields = uid box msgid size from flags
> mail_replica = tcp:mail2.tutech.de
> sieve = ~/.dovecot.sieve
> sieve_dir = ~/sieve
> sieve_global = /var/lib/dovecot/sieve/global/
> sieve_user_log = ~/.dovecot.sieve.log
> zlib_save = gz
> zlib_save_level = 6
> }
> protocols = imap pop3 lmtp sieve sieve
> service aggregator {
> fifo_listener replication-notify-fifo {
> mode = 0666
> user = vmail
> }
> unix_listener replication-notify {
> mode = 0666
> user = vmail
> }
> }
> service auth {
> unix_listener /var/spool/postfix/private/auth {
> mode = 0666
> }
> unix_listener auth-userdb {
> group = vmail
> mode = 0660
> user = vmail
> }
> }
> service config {
> unix_listener config {
> user = vmail
> }
> }
> service doveadm {
> inet_listener {
> port = 12345
> }
> user = vmail
> }
> service imap-login {
> inet_listener imaps {
> port = 993
> ssl = yes
> }
> process_limit = 500
> process_min_avail = 20
> }
> service imap {
> executable = imap
> }
> service lmtp {
> inet_listener lmtp {
> address = 127.0.0.1
> port = 24
> }
> }
> service managesieve-login {
> inet_listener sieve {
> port = 4190
> }
> inet_listener sieve_deprecated {
> port = 2000
> }
> }
> service pop3-login {
> inet_listener pop3s {
> port = 995
> ssl = yes
> }
> }
> service pop3 {
> executable = pop3
> }
> service replicator {
> unix_listener replicator-doveadm {
> mode = 0666
>
Re: dovecot.index.pvt reset, view is now inconsistent
Fun, I didn't read your message yesterday, but today I send an email like yours !!! Cheers, Marco On 2018-02-27 19:02, Rupert Gallagher wrote: Problem solved by going in manually. The log message appears for empty "public" folders. Say, you have a folder X with subfolder Y, where X does not contain any e-mail. The log message disappears if you drop an email into X, then remove it. Puf, gone! So, there seems to be a baby bug in how dovecot manages the index in this case. -- Marco Giunta - ITCS SysAdmin Via Bonomea, 265 34136 - Trieste, Italy Tel: +39-040-3787-503 Fax: +39-040-3787-244
BUG: Error: dovecot.index.pvt reset, view is now inconsistent when shared folder is new and empty
Hi,
I'm using Dovecot 2.2.33.2 on a RHEL 7, new installation. My log is full
of :
Error: INDEX_FOLDER/dovecot.index.pvt reset, view is now inconsistent
or
Error: INDEX_FOLDER/dovecot.index.pvt view is inconsistent
when shared folder is never touched and empty.
UserA share X folder with UserB, if X folder is new (never
touched) and empty every time UserB looks in that folder, an error
appears in log file. If UserA copy a mail in X folder, no more
errors. If UserA (or UserB) delete all mails in X folder (the folder
is empty again), no more errors.
So the errors appear when UserB access a new (never touched) shared
empty folder; if the folder is empty, but not new (p.e. UserA has
already copied and deleted mails in that folder) error is logged only once.
Attached my configuration.
Thanks,
Marco
--
Marco Giunta - ITCS SysAdmin
Via Bonomea, 265
34136 - Trieste, Italy
Tel: +39-040-3787-503
Fax: +39-040-3787-244
# 2.2.33.2 (d6601f4ec): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.21 (92477967)
# OS: Linux 3.10.0-693.17.1.el7.x86_64 x86_64 CentOS Linux release 7.4.1708
(Core)
auth_debug = yes
auth_master_user_separator = *
auth_mechanisms = plain login
auth_username_format = %Ln
auth_verbose = yes
auth_verbose_passwords = sha1:6
doveadm_password = # hidden, use -P to show it
doveadm_port = 26001
first_valid_uid = 200
hostname = hostname.example.com
imap_client_workarounds = delay-newmail
imapc_features = rfc822.size fetch-headers
imapc_host = hostname.example.com
imapc_master_user = dovesuper
imapc_password = # hidden, use -P to show it
imapc_user = %u
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
lda_original_recipient_header = Delivered-To
listen = *
lmtp_hdr_delivery_address = original
lmtp_rcpt_check_quota = yes
login_trusted_networks = 10.0.0.0/30 10.0.0.0/30 10.0.0.0/23
mail_fsync = always
mail_gid = vmail
mail_home = /srv/mail/%1n/%n
mail_location =
mdbox:~/dbox:ALT=/srv/archives/%1n/%n/dbox:INDEX=/srv/indexes/%1n/%n:VOLATILEDIR=/var/tmp/dovecot-volatile/%1n/%n
mail_plugins = acl mailbox_alias quota fts fts_solr
mail_prefetch_count = 20
mail_server_admin = mailto:postmas...@example.com
mail_shared_explicit_inbox = yes
mail_uid = vmail
mailbox_list_index = yes
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy
include variables body enotify environment mailbox date index ihave duplicate
mime foreverypart extracttext vacation-seconds spamtest spamtestplus editheader
imapflags notify
mbox_write_locks = fcntl
mdbox_rotate_interval = 1 days
mdbox_rotate_size = 64 M
mmap_disable = yes
namespace inbox {
inbox = yes
location =
mailbox Archives {
auto = subscribe
special_use = \Archive
}
mailbox Drafts {
auto = subscribe
special_use = \Drafts
}
mailbox Junk {
auto = subscribe
special_use = \Junk
}
mailbox Sent {
auto = subscribe
special_use = \Sent
}
mailbox Trash {
auto = subscribe
special_use = \Trash
}
prefix =
separator = /
}
namespace others {
list = children
location =
mdbox:%%h/dbox:ALT=/srv/archives/%%1n/%%n/dbox:INDEX=/srv/indexes/%%1n/%%n:INDEXPVT=/srv/indexes/%1n/%n/shared/%%n:VOLATILEDIR=/var/tmp/dovecot-volatile/%1n/%n/shared/%%n
prefix = Other Users/%%n/
separator = /
subscriptions = no
type = shared
}
passdb {
args = /etc/dovecot/passwd.masterusers
default_fields = userdb_master_user=%{login_user}
driver = passwd-file
master = yes
pass = yes
}
passdb {
args = /etc/dovecot/dovecot-ldap.conf.masterusers.acl
default_fields = userdb_acl_defaults_from_inbox=yes
userdb_mail=mdbox:/srv/mail/%1{login_user}/%{login_user}/dbox:ALT=/srv/archives/%1{login_user}/%{login_user}/dbox:INDEX=/srv/indexes/%1{login_user}/%{login_user}:INDEXPVT=/srv/indexes/%1n/%n/master/%{login_user}:VOLATILEDIR=/var/tmp/dovecot-volatile/%1n/%n/master/%{login_user}
driver = ldap
master = yes
pass = yes
}
passdb {
args = /etc/dovecot/dovecot-ldap.conf.masterusers.noacl
default_fields = userdb_master_user=%{login_user}
userdb_mail=mdbox:/srv/mail/%1{login_user}/%{login_user}/dbox:ALT=/srv/archives/%1{login_user}/%{login_user}/dbox:INDEX=/srv/indexes/%1{login_user}/%{login_user}:INDEXPVT=/srv/indexes/%1n/%n/master/%{login_user}:VOLATILEDIR=/var/tmp/dovecot-volatile/%1n/%n/master/%{login_user}
driver = ldap
master = yes
pass = yes
}
passdb {
args = /etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
plugin {
acl = vfile:/srv/shared/dovecot/global-acls:cache_secs=300
acl_shared_dict = fs:posix:prefix=/srv/shared/dovecot/shared-acls/
fts = solr
fts_autoindex = yes
fts_autoindex_max_recent_msgs = 20
fts_index_timeout = 60
fts_solr = url=http://localhost:8983/solr/dovecot/
last_login_dict = fs:posix:prefix=~/
last_login_key = lastlogin
mail_log_events = delete undelete expunge copy mailbox_delete
deny passdb match messages logged only with auth_verbose=yes
Hi at all, using deny passwd to restrict IMAP/POP3 access (https://wiki.dovecot.org/Authentication/RestrictAccess), I get deny passdb match messages: Feb 13 16:09:33 server-02 dovecot: auth: passwd-file(USERNAME,10.10.10.46,<9hzaYRllbsCTehgu>): User found from deny passdb only with auth_verbose=yes, sets global or defined in passdb block. But if I set auth_verbose=yes, for every user not present in passwd-file, Dovecot logs: Feb 13 16:09:57 server-02 dovecot: auth: passwd-file(USERNAME,10.10.10.46,<9hzaYRllbsCTehgu>): unknown user I know that if the account does not exist in the first passdb (deny passdb), then the error occur, even if it exists in the other passdb. This is normal, but auth_verbose shouldn't be used only to " Log unsuccessful authentication attempts and the reasons why they failed." ?? Again, I'm not a programmer, but 'auth_request_log_info' function in 'https://github.com/dovecot/core/blob/release-2.2.33/src/auth/auth-request.c' seems to log events only when 'auth_verbose=yes'. Is there another way to get deny passdb match messages, without enable verbose log ? Thanks, Marco -- Marco Giunta - ITCS SysAdmin Via Bonomea, 265 34136 - Trieste, Italy Tel: +39-040-3787-503 Fax: +39-040-3787-244
Re: BUG: panic when using fs:posix as dict for acl_shared_dict
On 2018-02-07 13:23, Aki Tuomi wrote: Maybe you can use sqlite3 instead as workaround? Ok, I've done what you suggested; I had some permissions problems on sqlite file/directory, but now it seems to work. Thanks for your advice, Marco -- Marco Giunta - ITCS SysAdmin Via Bonomea, 265 34136 - Trieste, Italy Tel: +39-040-3787-503 Fax: +39-040-3787-244
Re: BUG: panic when using fs:posix as dict for acl_shared_dict
On 2018-02-07 13:23, Aki Tuomi wrote: Maybe you can use sqlite3 instead as workaround? Ok, I try it and let you know. Thanks, Marco -- Marco Giunta - ITCS SysAdmin Via Bonomea, 265 34136 - Trieste, Italy Tel: +39-040-3787-503 Fax: +39-040-3787-244
BUG: panic when using fs:posix as dict for acl_shared_dict
Hi,
I'm using Dovecot 2.2.33.2 on a RHEL 7, new installation. When I use
fs:posix as dict for acl_shared_dict, like in Dovecot wiki
(https://wiki.dovecot.org/SharedMailboxes/ClusterSetup), doveadm-server
crash with error:
# doveadm acl set -u USERNAME FOLDER user=DEST_USERNAME lookup read
write-seen
doveadm(USERNAME): Panic: file dict-fs.c: line 127
(fs_dict_iterate_init): assertion failed: ((flags &
DICT_ITERATE_FLAG_RECURSE) == 0)
doveadm(USERNAME): Error: Raw backtrace:
/usr/lib64/dovecot/libdovecot.so.0(+0x9f3de) [0x7f0e4a4b23de] ->
/usr/lib64/dovecot/libdovecot.so.0(default_fatal_handler+0x2a)
[0x7f0e4a4b244a] -> /usr/lib64/dovecot/libdovecot.so.0(i_fatal+0)
[0x7f0e4a44377c] -> /usr/lib64/dovecot/libdovecot.so.0(+0x31688)
[0x7f0e4a444688] ->
/usr/lib64/dovecot/libdovecot.so.0(dict_iterate_init_multiple+0x4d)
[0x7f0e4a47cadd] ->
/usr/lib64/dovecot/libdovecot.so.0(dict_iterate_init+0x29)
[0x7f0e4a47cb89] ->
/usr/lib64/dovecot/lib01_acl_plugin.so(acl_lookup_dict_rebuild+0x3e1)
[0x7f0e49a40371] ->
/usr/lib64/dovecot/lib01_acl_plugin.so(acl_backend_vfile_acllist_rebuild+0x488)
[0x7f0e49a3dd18] ->
/usr/lib64/dovecot/lib01_acl_plugin.so(acl_backend_vfile_object_update+0x3c7)
[0x7f0e49a3e867] ->
/usr/lib64/dovecot/lib01_acl_plugin.so(acl_mailbox_update_acl+0x68)
[0x7f0e49a41e28] ->
/usr/lib64/dovecot/doveadm/lib10_doveadm_acl_plugin.so(+0x2c11)
[0x7f0e48da1c11] ->
/usr/lib64/dovecot/doveadm/lib10_doveadm_acl_plugin.so(+0x3060)
[0x7f0e48da2060] -> doveadm(+0x2b41c) [0x556f1280b41c] ->
doveadm(+0x2c01a) [0x556f1280c01a] ->
doveadm(doveadm_cmd_ver2_to_mail_cmd_wrapper+0x23b) [0x556f1280ce7b] ->
doveadm(doveadm_cmd_run_ver2+0x50c) [0x556f1281c73c] ->
doveadm(doveadm_cmd_try_run_ver2+0x37) [0x556f1281c7d7] ->
doveadm(main+0x1e4) [0x556f127fb944] ->
/lib64/libc.so.6(__libc_start_main+0xf5) [0x7f0e4a071c05] ->
doveadm(+0x1bd35) [0x556f127fbd35]
Aborted
Attached coredump and configuration.
I'm not a programmer, but seems that assert is raised by
'fs_dict_iterate_init' function inside 'src/lib-dict-extra/dict-fs.c':
static struct dict_iterate_context *
fs_dict_iterate_init(struct dict *_dict, const char *const *paths,
enum dict_iterate_flags flags)
{
...
/* these flags are not supported for now */
i_assert((flags & DICT_ITERATE_FLAG_RECURSE) == 0);
...
because it is called by 'acl_lookup_dict_iterate_read' function in file
'src/plugins/acl/acl-lookup-dict.c'
static void acl_lookup_dict_iterate_read(struct acl_lookup_dict_iter *iter)
{
...
dict_iter = dict_iterate_init(iter->dict->dict, prefix,
DICT_ITERATE_FLAG_RECURSE);
...
with DICT_ITERATE_FLAG_RECURSE set.
Same problem also with Dovecot 2.3.0.
Thanks,
Marco
--
Marco Giunta - ITCS SysAdmin
Via Bonomea, 265
34136 - Trieste, Italy
Tel: +39-040-3787-503
Fax: +39-040-3787-244
# 2.2.33.2 (d6601f4ec): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.21 (92477967)
# OS: Linux 3.10.0-693.17.1.el7.x86_64 x86_64 CentOS Linux release 7.4.1708
(Core)
auth_debug = yes
auth_master_user_separator = *
auth_mechanisms = plain login
auth_username_format = %Ln
auth_verbose = yes
auth_verbose_passwords = sha1:6
doveadm_password = # hidden, use -P to show it
doveadm_port = 26001
first_valid_uid = 200
hostname = hostname.example.com
imap_client_workarounds = delay-newmail
imapc_features = rfc822.size fetch-headers
imapc_host = hostname.example.com
imapc_master_user = dovesuper
imapc_password = # hidden, use -P to show it
imapc_user = %u
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
lda_original_recipient_header = Delivered-To
listen = *
lmtp_hdr_delivery_address = original
lmtp_rcpt_check_quota = yes
login_trusted_networks = 10.0.0.0/30 10.0.0.0/30 10.0.0.0/23
mail_fsync = always
mail_gid = vmail
mail_home = /srv/mail/%1n/%n
mail_location =
mdbox:~/dbox:ALT=/srv/archives/%1n/%n/dbox:INDEX=/srv/indexes/%1n/%n:VOLATILEDIR=/var/tmp/dovecot-volatile/%1n/%n
mail_plugins = acl mailbox_alias quota fts fts_solr
mail_prefetch_count = 20
mail_server_admin = mailto:postmas...@example.com
mail_shared_explicit_inbox = yes
mail_uid = vmail
mailbox_list_index = yes
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy
include variables body enotify environment mailbox date index ihave duplicate
mime foreverypart extracttext vacation-seconds spamtest spamtestplus editheader
imapflags notify
mbox_write_locks = fcntl
mdbox_rotate_interval = 1 days
mdbox_rotate_size = 64 M
mmap_disable = yes
namespace inbox {
inbox = yes
location =
mailbox Archives {
auto = subscribe
special_use = \Archive
}
mailbox Drafts {
auto = subscribe
special_use = \Drafts
}
mailbox Junk {
auto = subscribe
special_use =
Re: Re: Bug in dovecot 2.3 virtual plugin
= \Junk
}
mailbox INBOX/Sent {
auto = no
special_use = \Sent
}
mailbox INBOX/Spam {
auto = no
special_use = \Junk
}
prefix = Synoptic/
separator = /
subscriptions = no
}
namespace inbox {
hidden = no
inbox = yes
location =
mailbox Archiv {
auto = no
special_use = \Archive
}
mailbox Archive {
auto = no
special_use = \Archive
}
mailbox Archives {
auto = no
special_use = \Archive
}
mailbox "Deleted Messages" {
auto = no
autoexpunge = 30 days
special_use = \Trash
}
mailbox Drafts {
auto = no
special_use = \Drafts
}
mailbox Entwürfe {
auto = no
special_use = \Drafts
}
mailbox "Gelöschte Elemente" {
auto = no
autoexpunge = 30 days
special_use = \Trash
}
mailbox "Gelöschte Objekte" {
auto = no
autoexpunge = 30 days
special_use = \Trash
}
mailbox Gesendet {
auto = no
special_use = \Sent
}
mailbox "Gesendete Elemente" {
auto = no
special_use = \Sent
}
mailbox "Gesendete Objekte" {
auto = no
special_use = \Sent
}
mailbox Important {
auto = no
}
mailbox Junk {
auto = subscribe
autoexpunge = 30 days
special_use = \Junk
}
mailbox Mistkübel {
auto = no
autoexpunge = 30 days
special_use = \Trash
}
mailbox Papierkorb {
auto = no
autoexpunge = 30 days
special_use = \Trash
}
mailbox Sent {
auto = subscribe
special_use = \Sent
}
mailbox "Sent Messages" {
auto = no
special_use = \Sent
}
mailbox Spam {
auto = no
autoexpunge = 30 days
special_use = \Junk
}
mailbox Synoptic/Alle {
auto = no
comment = All my messages
special_use = \All
}
mailbox Trash {
auto = no
autoexpunge = 30 days
special_use = \Trash
}
mailbox Wichtig {
auto = create
}
prefix = INBOX/
separator = /
subscriptions = no
type = private
}
namespace subscriptions {
hidden = yes
list = no
location =
prefix =
subscriptions = yes
}
passdb {
args = scheme=CRYPT username_format=%u /usr/local/etc/dovecot/users
driver = passwd-file
}
plugin {
acl = vfile:/etc/dovecot/dovecot-acl:cache_secs=300
acl_shared_dict = file:/var/lib/dovecot/db/shared-mailboxes.db
fts = lucene
fts_autoindex = yes
fts_autoindex_max_recent_msgs = 80
fts_index_timeout = 90s
fts_lucene = whitespace_chars=@. normalize no_snowball
mail_home = /var/mail/%u
setting_name = sieve, managedsieve
sieve = file:/var/mail/%u/sieve/;active=/var/mail/%u/sieve/%u.sieve
}
postmaster_address = postmaster@localhost
protocols = imap pop3 lmtp imap lmtp sieve pop3 sieve
service anvil {
unix_listener anvil-auth-penalty {
mode = 00
}
}
service auth {
unix_listener auth-client {
group = vmail
mode = 0666
user = Debian-exim
}
unix_listener auth-userdb {
group = vmail
mode = 0666
user = vmail
}
}
service imap-login {
inet_listener imap {
port = 143
}
inet_listener imaps {
port = 993
ssl = yes
}
process_min_avail = 1
service_count = 0
}
service imap {
executable = imap postlogin
process_limit = 1024
vsz_limit = 400 M
}
service lmtp {
executable = lmtp -L
user = vmail
vsz_limit = 400 M
}
service postlogin {
executable = script-login -d rawlog
}
ssl = required
ssl_cert =
--
Marco Giunta - ITCS SysAdmin
Via Bonomea, 265
34136 - Trieste, Italy
Tel: +39-040-3787-503
Fax: +39-040-3787-244
Re: Dovecot 2.3.0, Panic: file mailbox-attribute.c: line 362 (mailbox_attribute_get_stream): assertion failed: (value_r->value != NULL || value_r->value_stream != NULL)
Hi, If I downgrade to Dovecot 2.2.33.2, there are no problems to sync users with ACL Thanks, Marco On 2018-02-02 14:39, Marco Giunta wrote: Hi at all, I have a RHEL7 server with Dovecot 2.3.0 (new installation). I've a problem when trying to dsync from a Dovecot 2.2.24 server. If I try to sync any user with a folder with ACL, dsycn crash with panic: Source server: dsync-local(USERNAME): Debug: sieve: file storage: sync: Synchronization active dovecot: dsync-local(USERNAME): Debug: acl vfile: reading file /var/spool/mail/U/USERNAME/dovecot-acl dsync-local(USERNAME): Error: read(DEST_SERVER.example.com) failed: EOF (last sent=mail_change (EOL), last recv=mailbox) Destination server: Feb 2 14:15:23 DEST_SERVER dovecot: dsync-server(USERNAME): Panic: file mailbox-attribute.c: line 362 (mailbox_attribute_get_stream): assertion failed: (value_r->value != NULL || value_r->value_stream != NULL) Feb 2 14:15:23 DEST_SERVER dovecot: dsync-server(USERNAME): Error: Raw backtrace: /usr/lib64/dovecot/libdovecot.so.0(+0xc8cc4) [0x7fa861bc0cc4] -> /usr/lib64/dovecot/libdovecot.so.0(+0xc8d7e) [0x7fa861bc0d7e] -> /usr/lib64/dovecot/libdovecot.so.0(i_fatal+0) [0x7fa861b34190] -> /usr/lib64/dovecot/libdovecot-storage.so.0(+0x55cbc) [0x7fa861ec1cbc] -> dovecot/doveadm-server [10.0.11.137 USERNAME INBOX send:mail_requests recv:attributes](dsync_mailbox_import_attribute+0x4d) [0x55b9d4ce215d] -> dovecot/doveadm-server [10.0.11.137 USERNAME INBOX send:mail_requests recv:attributes](dsync_brain_sync_mails+0x2ef) [0x55b9d4cddbdf] -> dovecot/doveadm-server [10.0.11.137 USERNAME INBOX send:mail_requests recv:attributes](dsync_brain_run+0x2b0) [0x55b9d4cd93e0] -> dovecot/doveadm-server [10.0.11.137 USERNAME INBOX send:mail_requests recv:attributes](+0x43a10) [0x55b9d4cd9a10] -> dovecot/doveadm-server [10.0.11.137 USERNAME INBOX send:mail_requests recv:attributes](+0x5837f) [0x55b9d4cee37f] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_call_io+0x65) [0x7fa861bd82b5] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handler_run_internal+0x10f) [0x7fa861bd9b5f] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handler_run+0x52) [0x7fa861bd83b2] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_run+0x38) [0x7fa861bd85d8] -> dovecot/doveadm-server [10.0.11.137 USERNAME INBOX send:mail_requests recv:attributes](+0x28369) [0x55b9d4cbe369] -> dovecot/doveadm-server [10.0.11.137 USERNAME INBOX send:mail_requests recv:attributes](+0x29c07) [0x55b9d4cbfc07] -> dovecot/doveadm-server [10.0.11.137 USERNAME INBOX send:mail_requests recv:attributes](+0x3f969) [0x55b9d4cd5969] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_call_io+0x65) [0x7fa861bd82b5] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handler_run_internal+0x10f) [0x7fa861bd9b5f] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handler_run+0x52) [0x7fa861bd83b2] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_run+0x38) [0x7fa861bd85d8] -> /usr/lib64/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7fa861b56b23] -> dovecot/doveadm-server [10.0.11.137 USERNAME INBOX send:mail_requests recv:attributes](main+0x1b6) [0x55b9d4cb0536] -> /lib64/libc.so.6(__libc_start_main+0xf5) [0x7fa861756c05] -> dovecot/doveadm-server [10.0.11.137 USERNAME INBOX send:mail_requests recv:attributes](+0x1a5f5) [0x55b9d4cb05f5] Feb 2 14:15:23 DEST_SERVER dovecot: dsync-server(USERNAME): Fatal: master: service(doveadm): child 2149 killed with signal 6 (core dumped) Coredump and configuration attached. On source server I run this command: # doveadm -D backup -f -u USERNAME -x 'Archives*' tcp:DEST_SERVER.example.com but same panic if try to sync from destination server: # doveadm -D backup -fR -u USERNAME -x 'Archives*' tcp:SOURCE_SERVER.example.com Same panic also syncing any user with acl and using different acl_shared_dict (file or fs:posix) in dovecot configuration. Thanks, Marco -- Marco Giunta - ITCS SysAdmin Via Bonomea, 265 34136 - Trieste, Italy Tel: +39-040-3787-503 Fax: +39-040-3787-244
Dovecot 2.3.0, Panic: file mailbox-attribute.c: line 362 (mailbox_attribute_get_stream): assertion failed: (value_r->value != NULL || value_r->value_stream != NULL)
Hi at all, I have a RHEL7 server with Dovecot 2.3.0 (new installation). I've a problem when trying to dsync from a Dovecot 2.2.24 server. If I try to sync any user with a folder with ACL, dsycn crash with panic: Source server: dsync-local(USERNAME): Debug: sieve: file storage: sync: Synchronization active dovecot: dsync-local(USERNAME): Debug: acl vfile: reading file /var/spool/mail/U/USERNAME/dovecot-acl dsync-local(USERNAME): Error: read(DEST_SERVER.example.com) failed: EOF (last sent=mail_change (EOL), last recv=mailbox) Destination server: Feb 2 14:15:23 DEST_SERVER dovecot: dsync-server(USERNAME): Panic: file mailbox-attribute.c: line 362 (mailbox_attribute_get_stream): assertion failed: (value_r->value != NULL || value_r->value_stream != NULL) Feb 2 14:15:23 DEST_SERVER dovecot: dsync-server(USERNAME): Error: Raw backtrace: /usr/lib64/dovecot/libdovecot.so.0(+0xc8cc4) [0x7fa861bc0cc4] -> /usr/lib64/dovecot/libdovecot.so.0(+0xc8d7e) [0x7fa861bc0d7e] -> /usr/lib64/dovecot/libdovecot.so.0(i_fatal+0) [0x7fa861b34190] -> /usr/lib64/dovecot/libdovecot-storage.so.0(+0x55cbc) [0x7fa861ec1cbc] -> dovecot/doveadm-server [10.0.11.137 USERNAME INBOX send:mail_requests recv:attributes](dsync_mailbox_import_attribute+0x4d) [0x55b9d4ce215d] -> dovecot/doveadm-server [10.0.11.137 USERNAME INBOX send:mail_requests recv:attributes](dsync_brain_sync_mails+0x2ef) [0x55b9d4cddbdf] -> dovecot/doveadm-server [10.0.11.137 USERNAME INBOX send:mail_requests recv:attributes](dsync_brain_run+0x2b0) [0x55b9d4cd93e0] -> dovecot/doveadm-server [10.0.11.137 USERNAME INBOX send:mail_requests recv:attributes](+0x43a10) [0x55b9d4cd9a10] -> dovecot/doveadm-server [10.0.11.137 USERNAME INBOX send:mail_requests recv:attributes](+0x5837f) [0x55b9d4cee37f] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_call_io+0x65) [0x7fa861bd82b5] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handler_run_internal+0x10f) [0x7fa861bd9b5f] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handler_run+0x52) [0x7fa861bd83b2] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_run+0x38) [0x7fa861bd85d8] -> dovecot/doveadm-server [10.0.11.137 USERNAME INBOX send:mail_requests recv:attributes](+0x28369) [0x55b9d4cbe369] -> dovecot/doveadm-server [10.0.11.137 USERNAME INBOX send:mail_requests recv:attributes](+0x29c07) [0x55b9d4cbfc07] -> dovecot/doveadm-server [10.0.11.137 USERNAME INBOX send:mail_requests recv:attributes](+0x3f969) [0x55b9d4cd5969] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_call_io+0x65) [0x7fa861bd82b5] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handler_run_internal+0x10f) [0x7fa861bd9b5f] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handler_run+0x52) [0x7fa861bd83b2] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_run+0x38) [0x7fa861bd85d8] -> /usr/lib64/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7fa861b56b23] -> dovecot/doveadm-server [10.0.11.137 USERNAME INBOX send:mail_requests recv:attributes](main+0x1b6) [0x55b9d4cb0536] -> /lib64/libc.so.6(__libc_start_main+0xf5) [0x7fa861756c05] -> dovecot/doveadm-server [10.0.11.137 USERNAME INBOX send:mail_requests recv:attributes](+0x1a5f5) [0x55b9d4cb05f5] Feb 2 14:15:23 DEST_SERVER dovecot: dsync-server(USERNAME): Fatal: master: service(doveadm): child 2149 killed with signal 6 (core dumped) Coredump and configuration attached. On source server I run this command: # doveadm -D backup -f -u USERNAME -x 'Archives*' tcp:DEST_SERVER.example.com but same panic if try to sync from destination server: # doveadm -D backup -fR -u USERNAME -x 'Archives*' tcp:SOURCE_SERVER.example.com Same panic also syncing any user with acl and using different acl_shared_dict (file or fs:posix) in dovecot configuration. Thanks, Marco -- Marco Giunta - ITCS SysAdmin Via Bonomea, 265 34136 - Trieste, Italy Tel: +39-040-3787-503 Fax: +39-040-3787-244 # 2.3.0 (c8b89eb): /etc/dovecot/dovecot.conf # Pigeonhole version 0.5.0.1 (d33dca2) # OS: Linux 3.10.0-693.17.1.el7.x86_64 x86_64 CentOS Linux release 7.4.1708 (Core) auth_master_user_separator = * auth_mechanisms = plain login auth_username_format = %Ln auth_verbose = yes auth_verbose_passwords = sha1:6 doveadm_password = # hidden, use -P to show it doveadm_port = 26001 first_valid_uid = 200 hostname = server-02.example.com imap_client_workarounds = delay-newmail imapc_features = rfc822.size fetch-headers imapc_host = posta-01.example.com imapc_master_user = dovesuper imapc_password = # hidden, use -P to show it imapc_user = %u lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes lda_original_recipient_header = Delivered-To listen = * lmtp_hdr_delivery_address = original lmtp_lhlo_dsn = yes lmtp_rcpt_check_quota = yes login_trusted_networks = 10.0.0.172/30 10.0.0.212/30 10.0.0.0/23 mail_fsync = always mail_gid = vmail mail_home = /srv/mail/%1n/%n mail_location = mdbox:~/dbox:ALT=/srv/archives/%1n/%n/
Re: [BUG] dovecot 2.3.0 - service(lmtp) killed with signal 11 when user is overquota
On 2018-01-18 08:01, Aki Tuomi wrote: Hi! This is fixed with https://github.com/dovecot/core/commit/2bf919786518d138cc07d9cc21e14ad5e07e5e56.patch Aki Tuomi yes, it works. Thanks, Marco --
[BUG] dovecot 2.3.0 - service(lmtp) killed with signal 11 when user is overquota
Hi,
I'm using dovecot 2.3.0 installed on a new CentOS 7.4 with rpm from
Dovecot repo. When I use LMTP to deliver an email to an overquota user,
lmtp service hangs with a segfault:
Jan 17 13:39:45 server-02.example.com kernel: lmtp[5099]: segfault at 0
ip 563599e372c2 sp 7ffeaa4fdc80 error 4 in lmtp[563599e31000+b000]
Jan 17 13:39:45 server-02.example.com dovecot[5089]: lmtp(5099): Fatal:
master: service(lmtp): child 5099 killed with signal 11 (core dumped)
If I try to deliver a mail with 'dovecot-lda' on the same overquota
user, email was rejected, as expected:
Jan 17 13:38:26 server-02.example.com dovecot[6773]:
lda(USERNAME)<6773>: Debug: Mailbox stdin:
Opened mail UID=1 because: copying
Jan 17 13:38:26 server-02.example.com dovecot[6773]:
lda(USERNAME)<6773>: msgid=unspecified: save
failed to INBOX: Quota exceeded (mailbox for user is full)
Jan 17 13:38:26 server-02.example.com dovecot[6773]:
lda(USERNAME)<6773>: msgid=unspecified:
rejected: Quota exceeded (mailbox for user is full)
Jan 17 13:38:26 server-02.example.com dovecot[6773]:
lda(USERNAME)<6773>: msgid=: Return-Path
missing, rejection reason: Quota exceeded (mailbox for user is full)
If user is no more overquota, LTMP delivery works:
Jan 17 14:13:16 server-02.example.com dovecot[8651]:
lmtp(usern...@example.com)<8665>: Debug: Mailbox
: Opened mail UID=1 because: copying
Jan 17 14:13:16 server-02.example.com dovecot[8651]:
lmtp(usern...@example.com)<8665>: Debug: INBOX:
Mailbox opened because: quota count
Jan 17 14:13:16 server-02.example.com dovecot[8651]:
lmtp(usern...@example.com)<8665>: sieve:
msgid=<151619479629.10128.16766154794856971...@client.example.com>:
stored mail into mailbox 'INBOX'
Attached my dovecot configuration and a backtrace from gdb.
Thanks,
Marco
--
#0 lmtp_local_rcpt_reply_overquota (rcpt=rcpt@entry=0x55ee1015b400,
error=0x55ee101835c0 "Quota exceeded (mailbox for user is full)") at
lmtp-local.c:136
address =
lda_set =
#1 0x55ee0dff5652 in lmtp_local_rcpt_check_quota (rcpt=0x55ee1015b400) at
lmtp-local.c:231
box = 0x55ee10176ef8
status = {messages = 0, recent = 0, unseen = 0, uidvalidity = 0,
uidnext = 0, first_unseen_seq = 0, first_recent_uid = 0, last_cached_seq = 0,
highest_modseq = 0,
highest_pvt_modseq = 0, keywords = 0x0, permanent_flags = 0, flags =
0, permanent_keywords = false, allow_new_keywords = false, nonpermanent_modseqs
= false,
no_modseq_tracking = false, have_guids = true, have_save_guids =
true, have_only_guid128 = false}
mail_error = MAIL_ERROR_NOQUOTA
ret =
client =
address = 0x55ee10150770
user = 0x55ee101613e8
ns =
error = 0x55ee101835c0 "Quota exceeded (mailbox for user is full)"
#2 lmtp_local_rcpt_anvil_finish (rcpt=rcpt@entry=0x55ee1015b400) at
lmtp-local.c:287
cmd = 0x55ee10150638
#3 0x55ee0dff5bf8 in lmtp_local_rcpt (client=client@entry=0x55ee10135aa8,
cmd=cmd@entry=0x55ee10150638, data=data@entry=0x55ee10150728,
username=,
detail=0x7f6aa397e4c8 "") at lmtp-local.c:400
conn =
address = 0x55ee10150770
trans =
rcpt = 0x55ee1015b400
input = {parent_event = 0x0, module = 0x55ee0dff7dc3 "lmtp", service =
0x55ee0dff7dc3 "lmtp", username = 0x55ee100f4210 "usern...@example.com",
session_id = 0x55ee10150af0 "pWtqHtE7X1rqEwAASpDaHg",
session_id_prefix = 0x0, session_create_time = 0, local_ip = {family = 2, u =
{ip6 = {__in6_u = {
__u6_addr8 = "\223z\v\205", '\000' ,
__u6_addr16 = {31379, 34059, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {2232122003, 0,
0, 0}}}, ip4 = {
s_addr = 2232122003}}}, remote_ip = {family = 2, u = {ip6 =
{__in6_u = {__u6_addr8 = "\223z\030.", '\000' , __u6_addr16 =
{31379, 11800,
0, 0, 0, 0, 0, 0}, __u6_addr32 = {773356179, 0, 0, 0}}},
ip4 = {s_addr = 773356179}}}, local_port = 24, remote_port = 47292,
userdb_fields = 0x0,
Missing separate debuginfos, use: debuginfo-install
cyrus-sasl-lib-2.1.26-21.el7.x86_64 dovecot-pigeonhole-2.3.0-4.x86_64
glibc-2.17-196.el7_4.2.x86_64 keyutils-libs-1.5.8-3.el7.x86_64
krb5-libs-1.15.1-8.el7.x86_64 libcom_err-1.42.9-10.el7.x86_64
libselinux-2.5-11.el7.x86_64 nspr-4.13.1-1.0.el7_3.x86_64
nss-3.28.4-15.el7_4.x86_64 nss-softokn-freebl-3.28.3-8.el7_4.x86_64
nss-util-3.28.4-3.el7.x86_64 openldap-2.4.44-5.el7.x86_64
openssl-libs-1.0.2k-8.el7.x86_64 pcre-8.32-17.el7.x86_64
zlib-1.2.7-17.el7.x86_64
flags_override_add = (unknown: 0), flags_override_remove = (unknown:
0), no_userdb_lookup = false, debug = false, conn_secured = true,
conn_ssl_secured = false}
service_user = 0x55ee10150dc8
session_id = 0x55ee10150af0 "pWtqHtE7X1rqEwAASpDaHg"
error = 0x0
ret =
__func__ = "lmtp_local_rcpt"
#4 0x55ee0dff4eb9 in cmd_rcpt (conn_ctx=0x55ee10135aa8,
cmd=0x55ee10150638, data=0x55ee10150728) at
Re: Re: Setting lmtp_user_concurrency_limit causes anvil permission error
Same problem here: Apr 26 15:01:37 posta-01 dovecot: lmtp(2432): Error: net_connect_unix(/var/run/dovecot/anvil) failed: Permission denied # ls -l /var/run/dovecot/anvil srw--- 1 root root 0 Apr 26 15:08 /var/run/dovecot/anvil but I don't use 'lmtp_rcpt_check_quota'. Marco On 2016-04-07 14:39, Tom Sommer wrote: On 2016-04-07 13:41, Tom Sommer wrote: I've set lmtp_user_concurrency_limit to 5 and now LMTP throws this at me for every delivery: Apr 07 13:38:33 lmtp(4434): Error: net_connect_unix(/var/run/dovecot/anvil) failed: Permission denied ls -l /var/run/dovecot/anvil srw--- 1 root root 0 Apr 7 13:32 /var/run/dovecot/anvil If I set lmtp_user_concurrency_limit to 0, the error goes away. Hrm, if I disable lmtp_rcpt_check_quota, then the error goes away as well. Very confusing. -- Marco Giunta - ITCS SysAdmin Via Bonomea, 265 34136 - Trieste, Italy Tel: +39-040-3787-503 Fax: +39-040-3787-244
problem with Sieve Duplicate Extension when used together with fileinto
e...@example.com):
rSM3And3GFdFaQAAIDyJFw: sieve:
msgid=<20160421064922.26919.68...@myhost.example.com>: stored mail into
mailbox 'mail02'
Apr 21 08:49:22 smtp-server dovecot: lmtp(use...@example.com):
YVCsNPJ3GFd1dgAAIDyJFw: sieve:
msgid=<20160421064922.26919.68...@myhost.example.com>: marked message to
be discarded if not explicitly delivered (discard action)
Apr 21 08:49:23 smtp-server dovecot: lmtp(use...@example.com):
bSaBBU53GFdhbwAAIDyJFw: sieve:
msgid=<20160421064922.26919.68...@myhost.example.com>: marked message to
be discarded if not explicitly delivered (discard action)
Apr 21 08:49:27 smtp-server dovecot: lmtp(use...@example.com):
fSOyOtV3GFcmdAAAIDyJFw: sieve:
msgid=<20160421064927.26926.28...@myhost.example.com>: stored mail into
mailbox 'mail01'
Apr 21 08:49:27 smtp-server dovecot: lmtp(use...@example.com):
sSM3And3GFdFaQAAIDyJFw: sieve:
msgid=<20160421064927.26926.28...@myhost.example.com>: stored mail into
mailbox 'mail01'
Apr 21 08:49:27 smtp-server dovecot: lmtp(use...@example.com):
sSM3And3GFdFaQAAIDyJFw: sieve:
msgid=<20160421064927.26926.28...@myhost.example.com>: stored mail into
mailbox 'mail02'
Apr 21 08:49:27 smtp-server dovecot: lmtp(use...@example.com):
fSOyOtV3GFcmdAAAIDyJFw: sieve:
msgid=<20160421064927.26926.28...@myhost.example.com>: stored mail into
mailbox 'mail02'
Apr 21 08:49:27 smtp-server dovecot: lmtp(use...@example.com):
ZVCsNPJ3GFd1dgAAIDyJFw: sieve:
msgid=<20160421064927.26926.28...@myhost.example.com>: marked message to
be discarded if not explicitly delivered (discard action)
As you can see, the message ID of a single sent, is the same, so the
duplicate extension should work. If I replace the 'fileinto' rule with,
for example, a 'setflag' rule:
---
require ["fileinto", "duplicate", "imap4flags"];
if duplicate {
discard;
stop;
}
if address :is :all "to" "mai...@example.com" {
setflag "\\seen";
}
if address :is :all "to" "mai...@example.com" {
setflag "\\seen";
}
--
it works like a charm: for every mail sent, the duplicate extension works.
What is it wrong ? someone has any clue ?
Cheers,
Marco
--
Marco Giunta - ITCS SysAdmin
Via Bonomea, 265
34136 - Trieste, Italy
Tel: +39-040-3787-503
Fax: +39-040-3787-244
Re: Re: Accessing to mail as another user
Hi,
we have such configuration in our Dovecot; it is configured with virtual
users and acl. To enable access of userA mailbox to userB, first I have
to add userB to userA acl, and then I put userA username in an
ARBITRARY_FIELD of userB record in our ldap (if you use a db for your
account, the configuration could be more simple). We use the
ARBITRARY_FIELD to limit the access of other users mailboxes: the field
is not writable by the user, only by administrators.
Our config files:
/etc/dovecot/conf.d/auth-master.conf.ext
...
passdb {
driver = ldap
master = yes
args = /etc/dovecot/dovecot-ldap.conf.masterusers
pass = yes
default_fields =
userdb_mail=maildir:/path_to_mailboxes/%1{login_user}/%{login_user}:INDEXPVT=/path_to_indexes/%1n/%n/shared/%{login_user}
}
and in /etc/dovecot/dovecot-ldap.conf.masterusers
...
pass_attrs = uid=user,userPassword=password
pass_filter =
(&(uid=%n)(accountStatus=active)(ARBITRARY_FIELD=%{login_user}))
to login, you have to use the same way of a masteruser:
Login: userA*userB
Password: userB_password
Cheers,
Marco
On 2016-02-10 07:49, Angel L. Mateo wrote:
El 09/02/16 a las 13:44, Matthias Fechner escribió:
do you maybe mean shared mailboxes:
http://wiki.dovecot.org/SharedMailboxes
I don't want shared mailboxes. I have to access the other mailbox
as a complete separate account from my personal one.
I think I can achive this with master user, but I need to found a
way to configure permissions so the real user has access to all folders
in the other mailbox.
--
Marco Giunta - ITCS SysAdmin
Via Bonomea, 265
34136 - Trieste, Italy
Tel: +39-040-3787-503
Fax: +39-040-3787-244
BUG: service(auth) crash when quota-status lookup an address with local-part starting with auth_master_user_separator
Hi, I'm using dovecot 2.2.15 (configuration attached below), and I 've enabled quota-status; when I try to look up the quota status of an address with the local-part starting with the same character as 'auth_master_user_separator', dovecot/auth crash: My 'auth_master_user_separator' is '*' # telnet localhost 25001 Trying 127.0.0.1... Connected to localhost.localdomain (127.0.0.1). Escape character is '^]'. request=smtpd_access_policy sender=john...@example.com recipient=*@example.com size=1 action=DEFER_IF_PERMIT Internal error occurred. Refer to server log for more information. request=smtpd_access_policy sender=john...@example.com recipient=*jane...@example.com size=1 action=DEFER_IF_PERMIT Internal error occurred. Refer to server log for more information. request=smtpd_access_policy sender=john...@example.com recipient=;@example.com size=1 action=DUNNO request=smtpd_access_policy sender=john...@example.com recipient=;jane...@example.com size=1 and in server log: Sep 29 08:51:05 my_server dovecot: master: Dovecot v2.2.15 starting up for imap, pop3, lmtp, sieve (core dumps disabled) Sep 29 08:51:05 my_server dovecot: master: Warning: /mnt is no longer mounted. See http://wiki2.dovecot.org/Mountpoints Sep 29 08:51:41 my_server dovecot: auth: Panic: file auth-request.c: line 1252 (auth_request_set_login_username): assertion failed: (*username != '\0') Sep 29 08:51:41 my_server dovecot: auth: Error: Raw backtrace: /usr/lib64/dovecot/libdovecot.so.0 [0x3d70a7126a] -> /usr/lib64/dovecot/libdovecot.so.0 [0x3d70a712d6] -> /usr/lib64/dovecot/libdovecot.so.0 [0x3d70a70cac] -> dovecot/auth [0x4131eb] -> dovecot/auth(auth_request_set_username+0x94) [0x413284] -> dovecot/auth [0x40dc4c] -> dovecot/auth [0x40e60b] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_call_io+0x49) [0x3d70a82699] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handler_run_internal+0xd5) [0x3d70a83a55] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handler_run+0x9) [0x3d70a82739] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_run+0x38) [0x3d70a829b8] -> /usr/lib64/dovecot/libdovecot.so.0(master_service_run+0x13) [0x3d70a29233] -> dovecot/auth(main+0x383) [0x41cfc3] -> /lib64/libc.so.6(__libc_start_main+0xf4) [0x3302e1d9f4] -> dovecot/auth [0x40b5f9] Sep 29 08:51:41 my_server dovecot: quota-status: Error: userdb lookup(*@example.com): Disconnected unexpectedly Sep 29 08:51:41 my_server dovecot: auth: Fatal: master: service(auth): child 2147 killed with signal 6 (core dumps disabled) Sep 29 10:02:02 my_server dovecot: auth: Fatal: master: service(auth): child 12592 killed with signal 6 (core dumps disabled) Sep 29 10:03:52 my_server dovecot: auth: Panic: file auth-request.c: line 1252 (auth_request_set_login_username): assertion failed: (*username != '\0') Sep 29 10:03:52 my_server dovecot: auth: Error: Raw backtrace: /usr/lib64/dovecot/libdovecot.so.0 [0x3d70a7126a] -> /usr/lib64/dovecot/libdovecot.so.0 [0x3d70a712d6] -> /usr/lib64/dovecot/libdovecot.so.0 [0x3d70a70cac] -> dovecot/auth [0x4131eb] -> dovecot/auth(auth_request_set_username+0x94) [0x413284] -> dovecot/auth [0x40dc4c] -> dovecot/auth [0x40e60b] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_call_io+0x49) [0x3d70a82699] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handler_run_internal+0xd5) [0x3d70a83a55] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handler_run+0x9) [0x3d70a82739] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_run+0x38) [0x3d70a829b8] -> /usr/lib64/dovecot/libdovecot.so.0(master_service_run+0x13) [0x3d70a29233] -> dovecot/auth(main+0x383) [0x41cfc3] -> /lib64/libc.so.6(__libc_start_main+0xf4) [0x3302e1d9f4] -> dovecot/auth [0x40b5f9] Sep 29 10:03:52 my_server dovecot: quota-status: Error: userdb lookup(*jane...@example.com): Disconnected unexpectedly Sep 29 10:03:52 my_server dovecot: auth: Fatal: master: service(auth): child 9945 killed with signal 6 (core dumps disabled) Sep 29 10:16:10 my_server dovecot: auth: userdb(?): Username character disallowed by auth_username_chars: 0x3b (username: ;@example.com) Sep 29 10:16:43 my_server dovecot: auth: userdb(?): Username character disallowed by auth_username_chars: 0x3b (username: ;jane...@example.com) If I change my 'auth_master_user_separator' to an other character, for example ';' : # telnet localhost 25001 Trying 127.0.0.1... Connected to localhost.localdomain (127.0.0.1). Escape character is '^]'. request=smtpd_access_policy sender=john...@example.com recipient=*@example.com size=1 action=DUNNO request=smtpd_access_policy sender=john...@example.com recipient=*jane...@example.com size=1 action=DUNNO request=smtpd_access_policy sender=john...@example.com recipient=;@example.com size=1 action=DEFER_IF_PERMIT Internal error occurred. Refer to server log for more information. request=smtpd_access_policy sender=john...@example.com recipient=;jane...@example.com size=1
Re: BUG: service(auth) crash when quota-status lookup an address with local-part starting with auth_master_user_separator
On 2015-09-29 11:06, Timo Sirainen wrote:
On 29 Sep 2015, at 11:36, Marco Giunta <giu...@sissa.it> wrote:
>
but a better fix would be to disale the separator for these lookups. I think
something like this would work:
auth_master_user_separator = *
protocol quota-status {
# disable
auth_master_user_separator =
}
Thank you Timo, this works like a charms on 2.2.16; I'm waiting 2.2.19
to update my servers.
Marco
--
---
|Marco Giunta - SISSA Computer Staff|
|Via Bonomea, 265 |
|34136 - Trieste, Italy |
|Tel: +39-40-3787-503 |
|Fax: +39-040-3787-244 |
|e-mail: giu...@sissa.it|
---
Re: bug in acl_defaults_from_inbox option
On 2015-09-07 23:10, Timo Sirainen wrote:
This happens to all boolean settings inside plugin {}. Not ideal, but
also not something that will get fixed without some larger settings code
changes.
ok, no problem, but I didn't find this note on Dovecot wiki; maybe it is
better to add it on a general page about configuration, to save future
sysadmin headaches ;-)
--
---
|Marco Giunta - SISSA Computer Staff|
|Via Bonomea, 265 |
|34136 - Trieste, Italy |
|Tel: +39-40-3787-503 |
|Fax: +39-040-3787-244 |
|e-mail: giu...@sissa.it|
---
sharing INBOX with ACL - share all folders
= solr
fts_autoindex = yes
fts_autoindex_max_recent_msgs = 20
fts_solr = url=http://solr.localdomain:8080/solr/
mailbox_alias_new = INBOX_spam
mailbox_alias_old = Junk
quota = maildir:User quota:ns=
quota2 = maildir:Archive quota:ns=Archives.
quota2_rule = *:storage=20GB
quota2_warning = storage=95%% quota2-warning 95 %u
quota2_warning2 = storage=90%% quota2-warning 90 %u
quota2_warning3 = storage=80%% quota2-warning 80 %u
quota_rule = *:storage=5GB
quota_rule2 = Trash:storage=+20%%
quota_status_nouser = DUNNO
quota_status_overquota = 552 5.2.2 Quota exceeded (mailbox for user
is full)
quota_status_success = DUNNO
quota_warning = storage=100%% quota-warning 100 %u
quota_warning2 = storage=95%% quota-warning 95 %u
quota_warning3 = storage=90%% quota-warning 90 %u
quota_warning4 = storage=80%% quota-warning 80 %u
sieve = file:~/sieve;active=~/sieve/.dovecot.sieve
sieve_default = /etc/dovecot/sieve/dovecot.sieve
sieve_extensions = +notify +imapflags
sieve_max_redirects = 16
}
pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
postmaster_address = postmas...@sissa.it
protocols = imap pop3 lmtp sieve
rejection_reason = Your message to %t was automatically rejected for
the following reason: %n%n%r
service auth {
inet_listener {
port = 49494
}
unix_listener auth-userdb {
user = vmail
}
}
service dict {
unix_listener dict {
user = vmail
}
}
service doveadm {
inet_listener {
port = 26001
}
}
service imap-login {
process_min_avail = 16
service_count = 0
}
service imap {
process_limit = 2048
}
service lmtp {
inet_listener lmtp {
port = 24
}
process_min_avail = 5
}
service managesieve-login {
inet_listener sieve {
port = 4190
}
inet_listener sieve_deprecated {
port = 2000
}
process_min_avail = 16
service_count = 0
vsz_limit = 256 M
}
service quota-status {
client_limit = 1
executable = /usr/libexec/dovecot/quota-status -p postfix
inet_listener {
port = 25001
}
}
service quota-warning {
executable = script /usr/local/bin/dovecot-quota-warning.sh
unix_listener quota-warning {
user = vmail
}
user = vmail
}
service quota2-warning {
executable = script /usr/local/bin/dovecot-quota2-warning.sh
unix_listener quota2-warning {
user = vmail
}
user = vmail
}
ssl_cert = /etc/pki/dovecot/certs/x-crt.pem
ssl_key = /etc/pki/dovecot/private/X-key.pem
ssl_protocols = !SSLv2 !SSLv3
submission_host = xx.sissa.it:25
syslog_facility = local2
userdb {
driver = prefetch
}
userdb {
args = /etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
protocol lmtp {
mail_plugins = acl fts fts_solr mailbox_alias quota sieve
postmaster_address = ...@sissa.it
}
protocol lda {
info_log_path =
log_path =
mail_plugins = acl fts fts_solr mailbox_alias quota sieve
syslog_facility = local2
}
protocol imap {
mail_max_userip_connections = 50
mail_plugins = acl fts fts_solr mailbox_alias quota imap_quota imap_acl
}
protocol sieve {
mail_max_userip_connections = 50
}
protocol pop3 {
mail_max_userip_connections = 50
}
--
---
|Marco Giunta - SISSA Computer Staff|
|Via Bonomea, 265 |
|34136 - Trieste, Italy |
|Tel: +39-40-3787-503 |
|Fax: +39-040-3787-244 |
|e-mail: giu...@sissa.it|
---
bug in acl_defaults_from_inbox option
executable = /usr/libexec/dovecot/quota-status -p postfix
inet_listener {
port = 25001
}
}
service quota-warning {
executable = script /usr/local/bin/dovecot-quota-warning.sh
unix_listener quota-warning {
user = vmail
}
user = vmail
}
service quota2-warning {
executable = script /usr/local/bin/dovecot-quota2-warning.sh
unix_listener quota2-warning {
user = vmail
}
user = vmail
}
ssl_cert = /etc/pki/dovecot/certs/x-crt.pem
ssl_key = /etc/pki/dovecot/private/X-key.pem
ssl_protocols = !SSLv2 !SSLv3
submission_host = xx.sissa.it:25
syslog_facility = local2
userdb {
driver = prefetch
}
userdb {
args = /etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
protocol lmtp {
mail_plugins = acl fts fts_solr mailbox_alias quota sieve
postmaster_address = ...@sissa.it
}
protocol lda {
info_log_path =
log_path =
mail_plugins = acl fts fts_solr mailbox_alias quota sieve
syslog_facility = local2
}
protocol imap {
mail_max_userip_connections = 50
mail_plugins = acl fts fts_solr mailbox_alias quota imap_quota imap_acl
}
protocol sieve {
mail_max_userip_connections = 50
}
protocol pop3 {
mail_max_userip_connections = 50
}
--
---
|Marco Giunta - SISSA Computer Staff|
|Via Bonomea, 265 |
|34136 - Trieste, Italy |
|Tel: +39-40-3787-503 |
|Fax: +39-040-3787-244 |
|e-mail: giu...@sissa.it|
---
Re: sharing INBOX with ACL - share all folders
Hi Chris,
fortunately I've solved the problem with INBOX sharing: there is a bug
with option 'acl_defaults_from_inbox'. When you define it with ANY value
('yes', 'no', 'whatyouwant', 'xxx') it acts like the value is ALWAYS
'yes', the only way to disable it, is comment it or delete from
configuration file.
My Maildir directories and files are all owned by the UNIX user that
owns the file.
to avoid problems with acl, mailbox sharing and so on, I've changed my
configuration from different UNIX users to a single virtual user some
years ago
Is having it all running as one [UNIX] user a typical configuration
for dovecot2? Or just typical of installations using ACLs?
I don't know if is typical or not, but it is very simple, and till now I
didn't seen any particular problem
My configuration is attached in the first email; if you need some
explanation, let me know.
Marco
On 2015-07-28 16:38, Chris Ross wrote:
On Jul 28, 2015, at 05:13, Marco Giunta giu...@sissa.it wrote:
Hi at all,
I have a problem with ACL; I want to share INBOX and Sent folder to an other
user, but when I configure ACL on INBOX, all folders are shared (Sent, Junk,
Draft, Trash, etc)
Hello, Marco. Unfortunately I don’t know why you are seeing the behavior
you are, and hope that someone else will be able to help.
However, you seem to have accomplished something I’m wanting to do, and have
as yet been unable to get working. I have a Users INBOX that I want to share
to other users, but something is wrong with the way I’ve configured ACLs and
sharing.
Perhaps we could discuss off-list more of what your configuration looks
like, and how you got there? I’m running on FreeBSD with the ports system
version of dovecot2 2.2.16, currently, although I think I’m due an upgrade.
You say you’re have My Dovecot instance use a single user”, and I think
that’s different than I. My Maildir directories and files are all owned by the UNIX
user that owns the file. Maybe this is causing me the permissions problems I’m
seeing. Is having it all running as one [UNIX] user a typical configuration for
dovecot2? Or just typical of installations using ACLs?
Thank you.
- Chris
--
---
|Marco Giunta - SISSA Computer Staff|
|Via Bonomea, 265 |
|34136 - Trieste, Italy |
|Tel: +39-40-3787-503 |
|Fax: +39-040-3787-244 |
|e-mail: giu...@sissa.it|
---
Re: [Dovecot] Per-user seen flags for public read-only mailboxes
On 2013-03-25 09:11, Guido Berhoerster wrote: How can I get per-user SEEN flags to work? Hi, You have to create an empty file named '**dovecot-shared' in your '/srv/mail/public/' directory. Here the reference on dovecot wiki: http://wiki2.dovecot.org/SharedMailboxes/Public?highlight=%28dovecot-shared%29#Maildir:_Per-user_.2BAFw-Seen_flag I've waste a lot of time first time I've configure the same thing on our server Cheers, Marco -- --- |Marco Giunta - SISSA Computer Staff| |Via Bonomea, 265 | |34136 - Trieste, Italy | |Tel: +39-40-3787-503 | |Fax: +39-040-3787-244 | |e-mail: marco.giunta AT sissa.it | ---
Re: [Dovecot] Per-user seen flags for public read-only mailboxes
On 2013-03-25 11:07, Guido Berhoerster wrote:
Anything else I have to do
to allow seen flags to be set?
I've the same configuration and it works like expected :
mail_uid = vmail
mail_gid = mail
namespace public {
separator = /
prefix = Public/
location = maildir:/path/to/public:INDEX=/path/to/indexes/%u/public
subscriptions = no
list = children
}
Which are the permissions of file '/srv/mail/public/dovecot-shared' ???
Did you try with a new user ??
Marco
--
---
|Marco Giunta - SISSA Computer Staff|
|Via Bonomea, 265 |
|34136 - Trieste, Italy |
|Tel: +39-40-3787-503 |
|Fax: +39-040-3787-244 |
|e-mail: marco.giunta AT sissa.it |
---
Re: [Dovecot] statistics on proxy ???
On 2013-02-18 15:15, Timo Sirainen wrote: Nope, sorry. Dovecot proxy is very dummy and can't provide any but the most basic statistics, like number of connections, which you can get another way. are you talking about 'doveadm proxy list' or I'm missing something ??? Marco -- --- |Marco Giunta - SISSA Computer Staff| |Via Bonomea, 265 | |34136 - Trieste, Italy | |Tel: +39-40-3787-503 | |Fax: +39-040-3787-244 | |e-mail: marco.giunta AT sissa.it | ---
[Dovecot] statistics on proxy ???
Hi at all,
could I have imap statistics on my dovecot proxy server ??
Here my config:
# 2.1.13: /etc/dovecot/dovecot.conf
...
mail_plugins = stats
...
plugin {
...
stats_refresh = 30 secs
stats_track_cmds = yes
}
...
service stats {
fifo_listener stats-mail {
mode = 0666
}
}
...
protocol imap {
...
mail_plugins = stats imap_stats
}
File '/var/run/dovecot/stats' is always 0 byte:
# ls -la /var/run/dovecot/stats
srw---. 1 root root 0 Feb 18 14:24 /var/run/dovecot/stats
and 'dovecotadm' say always:
# doveadm stats dump session
doveadm(root): Info: no statistics available
Is there something wrong in my config, or stats are not available on
proxy ???
Cheers,
Marco
Re: [Dovecot] dovecot 2.1.13, proxy and nologin extras field
On 2013-01-24 09:07, Thomas Leuxner wrote: It needs to be either 'nologin=y' notice the y passed or 'allow_nets='. The problem is that even if I configure 'pass_attrs' to return always 'nologin=y' : pass_attrs = uid=user,userPassword=password,\ =userdb_home=/var/spool/mail/%1u/%u,uidNumber=userdb_uid,gidNumber=userdb_gid,\ =proxy=y,=host=imap.sissa.it,\ =nologin=y,=reason=Reason users are allowed to login: Jan 23 09:16:33 localhost dovecot: auth: Debug: client passdb out: OK#0111#011user=prova#011proxy#011host=imap.example.it#011nologin#011hostip=192.168.11.136#011pass=password It is something wrong in my 'pass_attrs' ??? Marco
Re: [Dovecot] dovecot 2.1.13, proxy and nologin extras field
On 2013-01-24 11:59, Timo Sirainen wrote: On Wed, 2013-01-23 at 13:44 +0100, Marco Giunta wrote: Hi at all, in our test environment, I'm playing with dovecot 2.1.13 configured as imap/pop/managesieve proxy. It is configured to authenticate users with ldap and it works very well. Now, I'd like to temporary disable some users's login, because we are moving to another storage, and I wouldn't stop imap service at all. I've found on Dovecot wiki that I could use 'nologin' extra field, but I wasn't been able to get it work. My dovecot configuration is: nologin field doesn't work with proxying. You'd have to return neither proxy nor host field. With host+nologin it would be treated as a login referral: http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Host Of course it would be possible to add yet another check where proxy+host +nologin returned would be treated in yet another way, but that gets too confusing.. I guess it was a mistake to use nologin for login referrals in the first place. And I guess just about no one uses them anyway. So them, so it would be possible to change this behavior.. Ok, thank you for the explanation. In this case, I'll use a 'deny' passdb or a different ldap filter ... Cheers, Marco -- --- |Marco Giunta - SISSA Computer Staff| |Via Bonomea, 265 | |34136 - Trieste, Italy | |Tel: +39-40-3787-503 | |Fax: +39-040-3787-244 | |e-mail: marco.giunta AT sissa.it | ---
[Dovecot] dovecot 2.1.13, proxy and nologin extras field
Hi at all,
in our test environment, I'm playing with dovecot 2.1.13 configured as
imap/pop/managesieve proxy. It is configured to authenticate users with
ldap and it works very well.
Now, I'd like to temporary disable some users's login, because we are
moving to another storage, and I wouldn't stop imap service at all.
I've found on Dovecot wiki that I could use 'nologin' extra field, but I
wasn't been able to get it work. My dovecot configuration is:
# 2.1.13: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-279.19.1.el6.x86_64 x86_64 ...
auth_debug = yes
auth_debug_passwords = yes
auth_verbose = yes
auth_verbose_passwords = plain
disable_plaintext_auth = no
listen = *
mail_debug = yes
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date ihave
mbox_write_locks = fcntl
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox Sent Messages {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
}
passdb {
args = /etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
plugin {
sieve = ~/.dovecot.sieve
sieve_dir = ~/sieve
}
protocols = imap pop3 sieve
service managesieve-login {
inet_listener sieve {
port = 4190
}
inet_listener sieve_deprecated {
port = 2000
}
}
ssl = no
ssl_cert = /etc/pki/dovecot/certs/dovecot.pem
ssl_key = /etc/pki/dovecot/private/dovecot.pem
userdb {
driver = prefetch
}
and my 'dovecot-ldap.conf.ext' is:
uris = ldap://ldap.example.it/
dn = cn=Reader,dc=example,dc=it
dnpass = password
base = ou=People,dc=example,dc=it
pass_attrs = uid=user,userPassword=password,\
=userdb_home=/var/spool/mail/%1u/%u,uidNumber=userdb_uid,gidNumber=userdb_gid,\
=proxy=y,=host=imap.example.it,\
=nologin=y
pass_filter = ((objectClass=qmailUser)(uid=%u)(accountStatus=active))
With this configuration, all users can login, and log said:
Jan 23 09:16:18 localhost dovecot: master: Dovecot v2.1.13 starting up
(core dumps disabled)
Jan 23 09:16:33 localhost dovecot: auth: Debug: Loading modules from
directory: /usr/lib64/dovecot/auth
Jan 23 09:16:33 localhost dovecot: auth: Debug: Module loaded:
/usr/lib64/dovecot/auth/libdriver_sqlite.so
Jan 23 09:16:33 localhost dovecot: auth: Debug: Loading modules from
directory: /usr/lib64/dovecot/auth
Jan 23 09:16:33 localhost dovecot: auth: Debug: Module loaded:
/usr/lib64/dovecot/auth/libauthdb_ldap.so
Jan 23 09:16:33 localhost dovecot: auth: Debug: auth client connected
(pid=3660)
Jan 23 09:16:33 localhost dovecot: auth: Debug: client in:
AUTH#0111#011PLAIN#011service=imap#011session=PsbzT/DT+gCTeiwf#011lip=192.168.129.109#011rip=192.168.44.31#011lport=143#011rport=53754
Jan 23 09:16:33 localhost dovecot: auth: Debug: client passdb out:
CONT#0111#011
Jan 23 09:16:33 localhost dovecot: auth: Debug: client in:
CONT#0111#011AHByb3ZhZm0AY2hlcGFsbGU=
Jan 23 09:16:33 localhost dovecot: auth: Debug:
ldap(prova,147.122.44.31,PsbzT/DT+gCTeiwf): pass search:
base=ou=People,dc=example,dc=it scope=subtree
filter=((objectClass=qmailUser)(uid=prova)(accountStatus=active))
fields=uid,userPassword,uidNumber,gidNumber,uid,uid
Jan 23 09:16:33 localhost dovecot: auth: Debug:
ldap(prova,192.168.44.31,PsbzT/DT+gCTeiwf): result: uid=prova
uidNumber=2944 gidNumber=650 userPassword={MD5}BjbsTtSovVAs1csswBTI7Q==
Jan 23 09:16:33 localhost dovecot: auth: Debug: client passdb out:
OK#0111#011user=prova#011proxy#011host=imap.example.it#011nologin#011hostip=192.168.11.136#011pass=password
Jan 23 09:16:33 localhost dovecot: imap-login: proxy(prova): started
proxying to imap.example.it:143: user=prova, method=PLAIN,
rip=192.168.44.31, lip=192.168.129.109, session=PsbzT/DT+gCTeiwf
As you can see 'nologin' field is present in 'passdb' answer, but it
doesn't seem to work.
If instead I try to disable login with 'allow_nets' extra field, it
works as expected:
'dovecot-ldap.conf.ext':
...
pass_attrs = uid=user,userPassword=password,\
=userdb_home=/var/spool/mail/%1u/%u,uidNumber=userdb_uid,gidNumber=userdb_gid,\
=proxy=y,=host=imap.example.it,\
=allow_nets=127.0.0.0/8
dovecot log:
Jan 22 18:28:19 localhost dovecot: master: Dovecot v2.1.13 starting up
(core dumps disabled)
Jan 22 18:28:32 localhost dovecot: auth: Debug: Loading modules from
directory: /usr/lib64/dovecot/auth
Jan 22 18:28:32 localhost dovecot: auth: Debug: Module loaded:
/usr/lib64/dovecot/auth/libdriver_mysql.so
Jan 22 18:28:32 localhost dovecot: auth: Debug: Module loaded:
/usr/lib64/dovecot/auth/libdriver_pgsql.so
Jan 22 18:28:32 localhost dovecot: auth: Debug: Module loaded:
/usr/lib64/dovecot/auth/libdriver_sqlite.so
Jan 22 18:28:32 localhost dovecot: auth: Debug: Loading modules from
directory:
[Dovecot] how add size (, S=size) and virtual size (, W=vsize) fields to a maildir filename ?
Hi to all, I'm a sys admin in a college, and we're using Dovecot as IMAP/POP3 server and delivery; we're also patch dovecot to add managesieve capability. I've a question: I've read on dovecot's wiki, that is possible improve the performance on maildir files by adding ,S=size,W=vsize fields on filename. How is possible to do that ? I've search on all the wiki and on the mailing list, but I didn't find nothing about modify the maildir file name. Someone can help me ? Best regards, Marco
Re: [Dovecot] how add size (, S=size) and virtual size (, W=vsize) fields to a maildir filename ?
Thank you Timo, I'll use quota plugin on delivery. Timo Sirainen wrote: On Tue, 2008-05-13 at 08:36 +0200, Marco Giunta wrote: Hi to all, I'm a sys admin in a college, and we're using Dovecot as IMAP/POP3 server and delivery; we're also patch dovecot to add managesieve capability. I've a question: I've read on dovecot's wiki, that is possible improve the performance on maildir files by adding ,S=size,W=vsize fields on filename. Only in some specific situations. Do you use Maildir++ quota? S= is useful only with it. Do you use Dovecot's deliver? It adds S= automatically if you use quota plugin. W= isn't added automatically by v1.0, but v1.1 adds it (actually I just noticed that the code was accidentally commented out, I enabled it again so the next release will have it). But as long as you're using index files (and you should be), W= doesn't really provide any performance benefits. -- --- |Marco Giunta - SISSA Computer Staff| |Via Beirut, 2-4| |34014 - Trieste, Italy| |Tel: +39-40-3787-503 | |Fax: +39-040-3787-528 | |e-mail: [EMAIL PROTECTED]| ---
[Dovecot] how add size and vsize filed to a maildir filename ?
Hi to all, I'm a sys admin in a college, and we're using Dovecot as IMAP/POP3 server and delivery; we're also patch dovecot to add managesieve capability. I've a question: I've read on dovecot's wiki, that is possible improve the performance on maildir file by adding ,S=size,W=vsize fields on filename. How is possible to do that ? I've search on all the wiki and on the mailing list, but I didn't find nothing about modify the maildir file name. Someone can help me ? Best regards, Marco
