Re: [Dovecot] LMTP with virtual and system users
Hi Adrian, thanks for your reply. I have also thought in this direction already but I didn't want to have lda SUID root... I saw that the Passwd-file passdb supports username_format as argument. Would it be possible to add this feature also to the LMTP passdb driver? thanks Philipp On 01/01/14 18:25, Adrian Zaugg wrote: Hi Philipp You are completely right, the proposed solution doesn't work. It seems exim always qualifies an address without a domain, I believe this is because LMTP requiers to get only qualified addresses (LMTP is based on SMTP and the RFC, if I read it correctly specifies it like this). So, another solution would be to use LDA for your local users and LMTP for the rest. The configuration for exim would be: a router and a transport for your local users using LDA, and your virtual users setup as you have it using LMTP. local_user: debug_print = R: local_user for $local_part@$domain driver = accept domains = @ : localhost : ${primary_hostname} check_local_user transport = dovecot_lda cannot_route_message = Unknown user dovecot_lda: driver = pipe command = /usr/lib/dovecot/dovecot-lda \ -f $sender_address \ -a $original_local_part@$original_domain log_output delivery_date_add return_path_add envelope_to_add user = $local_part group = mail temp_errors = 64 : 69 : 70 : 71 : 72 : 73 : 74 : 75 : 78 Please check man dovecot-lda and the dovecot wiki (http://wiki2.dovecot.org/LDA/Exim) for details. Also check the permissions you need for dovecot-lda to write to your mailspool (user and group options from the transport). I haven't tried the above, but I think it works like this ... Best regards, Adrian. Am 30.12.13 09:40 schrieb Philipp Kolmann: Hi Adrian, Am 26.12.2013 12:20, schrieb Adrian Zaugg: You can use exim to prepare the address as you wish: only the user name for pam users and the full address for virtual users. Configure a new router to strip the domain part for pam users: local_pam_users: debug_print = R: strip domain for local pam users driver = redirect check_local_user domains = @ : localhost : ${primary_hostname} data = ${local_part} redirect_router = local_user I'm not 100% sure of the domains condition; it should restrict the router to your domain(s) where your pam users receive their email. The redirect_router designates the router which routes your local deliveries to your lmtp transport. Place the new router to run just before your local_user router. Since your config works for your virtual users, you don't need to do anything in addition. I had tried this once already. I have used your snipplet and attached the debug output from exim. Sadly it didn't work, because the mtp process got the foll email again and not just the username. thanks Philipp -- --- DI Mag. Philipp Kolmann mail: kolm...@zid.tuwien.ac.at Technische Universitaet Wien web: www.zid.tuwien.ac.at Zentraler Informatikdienst (ZID) tel: +43(1)58801-42011 Wiedner Hauptstr. 8-10, A-1040 WienDVR: 0005886 ---
Re: [Dovecot] LMTP with virtual and system users
Hi Adrian, Am 26.12.2013 12:20, schrieb Adrian Zaugg: You can use exim to prepare the address as you wish: only the user name for pam users and the full address for virtual users. Configure a new router to strip the domain part for pam users: local_pam_users: debug_print = R: strip domain for local pam users driver = redirect check_local_user domains = @ : localhost : ${primary_hostname} data = ${local_part} redirect_router = local_user I'm not 100% sure of the domains condition; it should restrict the router to your domain(s) where your pam users receive their email. The redirect_router designates the router which routes your local deliveries to your lmtp transport. Place the new router to run just before your local_user router. Since your config works for your virtual users, you don't need to do anything in addition. I had tried this once already. I have used your snipplet and attached the debug output from exim. Sadly it didn't work, because the mtp process got the foll email again and not just the username. thanks Philipp -- --- DI Mag. Philipp Kolmann mail: kolm...@zid.tuwien.ac.at Technische Universitaet Wien web: www.zid.tuwien.ac.at Zentraler Informatikdienst (ZID) tel: +43(1)58801-42011 Wiedner Hauptstr. 8-10, A-1040 WienDVR: 0005886 --- 17788 local_pam_users router 17788 local_part=pkolmann domain=lukas.rudolfina.at 17788 checking domains 17788 lukas.rudolfina.at in @ : localhost : lukas.rudolfina.at? yes (matched @) 17788 checking for local user 17788 seeking password data for user pkolmann: using cached result 17788 getpwnam() succeeded uid=1002 gid=1002 17788 R: strip domain for local pam users 17788 calling local_pam_users router 17788 rda_interpret (string): ${local_part} 17788 expanded: pkolmann 17788 file is not a filter file 17788 parse_forward_list: pkolmann 17788 extract item: pkolmann 17788 local_pam_users router generated pkolm...@lukas.rudolfina.at 17788 errors_to=NULL transport=NULL 17788 uid=unset gid=unset home=NULL 17788 routed by local_pam_users router 17788 envelope to: pkolm...@lukas.rudolfina.at 17788 transport: none 17788 locking /var/spool/exim4/db/retry.lockfile 17788 locked /var/spool/exim4/db/retry.lockfile 17788 EXIM_DBOPEN(/var/spool/exim4/db/retry) 17788 returned from EXIM_DBOPEN 17788 opened hints database /var/spool/exim4/db/retry: flags=O_RDONLY 17788 17788 Considering: pkolm...@lukas.rudolfina.at 17788 unique = \0\pkolm...@lukas.rudolfina.at 17788 dbfn_read: key=R:lukas.rudolfina.at 17788 dbfn_read: key=R:pkolm...@lukas.rudolfina.at 17788 dbfn_read: key=R:pkolm...@lukas.rudolfina.at:phil...@kolmann.at 17788 no domain retry record 17788 no address retry record 17788 pkolm...@lukas.rudolfina.at: queued for routing 17788 17788 routing pkolm...@lukas.rudolfina.at 17788 local_user router 17788 local_part=pkolmann domain=lukas.rudolfina.at 17788 checking domains 17788 search_open: mysql NULL 17788 cached open 17788 search_find: file=NULL 17788 key=SELECT domain FROM domain WHERE domain='lukas.rudolfina.at'; partial=-1 affix=NULL starflags=0 17788 LRU list: 17788 :/etc/aliases 17788 End 17788 internal_search_find: file=NULL 17788 type=mysql key=SELECT domain FROM domain WHERE domain='lukas.rudolfina.at'; 17788 cached data used for lookup of SELECT domain FROM domain WHERE domain='lukas.rudolfina.at'; 17788 lookup failed 17788 lukas.rudolfina.at in @:localhost:? yes (matched @) 17788 lukas.rudolfina.at in +local_domains? yes (matched +local_domains) 17788 checking local_parts 17788 pkolmann in ! root? yes (end of list) 17788 checking for local user 17788 seeking password data for user pkolmann: using cached result 17788 getpwnam() succeeded uid=1002 gid=1002 17788 R: local_user for pkolm...@lukas.rudolfina.at 17788 calling local_user router 17788 local_user router called for pkolm...@lukas.rudolfina.at 17788 domain = lukas.rudolfina.at 17788 set transport dovecot_lmtp 17788 queued for dovecot_lmtp transport: local_part = pkolmann 17788 domain = lukas.rudolfina.at 17788 errors_to=NULL 17788 domain_data=NULL localpart_data=NULL 17788 routed by local_user router 17788 envelope to: pkolm...@lukas.rudolfina.at 17788 transport: dovecot_lmtp 17788 17788 After routing: 17788 Local deliveries: 17788 pkolm...@lukas.rudolfina.at 17788 Remote deliveries: 17788 Failed addresses: 17788 Deferred addresses: 17788 search_tidyup called 17788 close MYSQL connection: localhost/exim/exim 17788 Local deliveries 17788 pkolm...@lukas.rudolfina.at 17788 locking /var/spool/exim4/db/retry.lockfile 17788 locked /var/spool/exim4/db/retry.lockfile 17788 EXIM_DBOPEN(/var/spool/exim4/db/retry) 17788 returned from EXIM_DBOPEN
[Dovecot] LMTP with virtual and system users
Hi, I have a mailsystem where i have some local users with shell access and full home dirs which receive mail and also several SQL virtual users only for mail. With the virtual users, everything works fine. Mail is delivered via LMTP and also sieve works :) The SQL Lookup knows what to do with usern...@domain.com The problem is the system user. If exim delivers the mail to the lmtp socket, the LMTPd can't find usern...@local.host I would be able to specify the global auth_username_format=%n but then my SQL queries break and I like the possibility to have x...@domain1.com and x...@domain2.com routed to two different accounts. As I have seen in the source, I can't specify username_format=%n in the passdb { driver = pam } backend. Do you have any suggestion how to solve this issue? thanks Philipp # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-4-686-pae i686 Debian 7.3 auth_debug = yes auth_verbose = yes first_valid_uid = 100 lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes mail_debug = yes mail_location = maildir:~/Maildir managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox Sent Messages { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } passdb { driver = pam } plugin { mail_log_fields = uid box msgid size from subject flags sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } postmaster_address = postmas...@rudolfina.at protocols = imap lmtp sieve service auth { unix_listener auth-client { group = Debian-exim mode = 0660 } } service managesieve-login { inet_listener sieve { port = 4190 } process_min_avail = 0 service_count = 1 vsz_limit = 64 M } ssl_cert = /etc/exim4/exim.crt ssl_key = /etc/exim4/exim.key userdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } userdb { driver = passwd } protocol lmtp { mail_plugins = quota sieve } protocol lda { mail_plugins = sieve } protocol imap { mail_plugins = quota } protocol sieve { mail_max_userip_connections = 10 managesieve_implementation_string = Dovecot Pigeonhole managesieve_logout_format = bytes=%i/%o managesieve_max_compile_errors = 5 managesieve_max_line_length = 65536 } user_query = \ SELECT concat('maildir:/var/spool/virtual_mail/', mailbox,'/Maildir/') as mail, \ concat('/var/spool/virtual_mail/', mailbox,'/') as home, \ 100 as uid, 102 as gid \ FROM email \ WHERE mailbox = '%u' password_query = \ SELECT mailbox as user, \ boxpass as password \ FROM email \ WHERE mailbox = '%u'
Re: [Dovecot] Can't establish Dovecot authorization in Exim.
On 2010-06-30 16:26, 秋元 亮二 wrote: - Exim -- dovecot_login: driver = dovecot public_name = LOGIN server_socket = /var/run/dovecot/auth-client server_set_id = $auth1 dovecot_plain: driver = dovecot public_name = PLAIN server_socket = /var/run/dovecot/auth-client server_set_id = $auth2 -- I have also $auth1 in dovecot_plain: dovecot_plain: driver = dovecot public_name = PLAIN server_socket = /var/run/dovecot/auth-client server_set_id = $auth1 I have debian with exim4-daemon-heavy and nothing ordinary. hth philipp
[Dovecot] deliver to root
Hi, we use dovecot 1.1.11 on a RH Server with sendmail. Local delivery is done with deliver: Mlocal, P=/usr/local/libexec/dovecot/deliver, F=lsDFMAw5:/|@qSPfhn9, S=EnvFromL/HdrFromL, R=EnvToL/HdrToL, T=DNS/RFC822/X-Unix, A=deliver -d $u This setup works without issues for us, but mail to root has a problem with deliver: deliver(root): Mar 04 16:31:31 Error: userdb(root) returned 0 as uid deliver(root): Mar 04 16:31:31 Error: userdb(root) returned 0 as gid deliver(root): Mar 04 16:31:31 Error: User root is missing UID (set mail_uid) Is it generally not possible to use deliver to deliver mail to root? Thanks Philipp
Re: [Dovecot] Cyrus vs Dovecot
Mathieu Kretchner wrote: Charles Marcus a écrit : On 8/11/2008, Mathieu Kretchner ([EMAIL PROTECTED]) wrote: So here is my next environment : how many mailbox ? 5000 with adequate hardware/RAM, no problem how many users ? 6000 again - with adequate hardware/RAM, no problem Ok it seems to be great, but wath do you consider to be an adequate hardware/RAM for this kind of environment ? Hi, we are providing Mail-Service (POP3, IMAP; either TLS or SSL) to 22000 students here at my university. There are 2 machines running as active-passive cluster with DRBD to sync the maildata. Each box is a 4 core Intel(R) Xeon(R) CPU 5160 @ 3.00GHz with 8 gigs RAM. After a tuneup for DRBD and upgrade to dovecot 1.1 average load is around 1.0. HTH Philipp
Re: [Dovecot] v1.1.0 released
Charles Marcus wrote: On 6/23/2008, Luca Corti ([EMAIL PROTECTED]) wrote: It fails on random files, since the system is running a few daemons without any problem I'd go for the gcc bug. Actually, failing at random point when compiling is *much* more likely to be a memory error. If the 'few daemons' don't happen to ever hit the bad ram, that would explain why they don't fail. Just try replacing the RAM (RAM is chep nowadays), and see if it fixes the problem. or test with memtest (if x86): http://www.memtest.org/ hth Philipp
Re: [Dovecot] stalling on LOGIN
On Tue, Apr 01, 2008 at 04:12:13PM -0400, Brandon Keepers wrote: On Apr 1, 2008, at 3:50 PM, Scott Silva wrote: on 4-1-2008 12:34 PM Brandon Keepers spake the following: Upgrade. rc15 way over a year old. I think backports has newer version. That did it. Thanks Another reason not to use Debian stable. well there are backports.org :) http://packages.debian.org/etch-backports/dovecot-common Philipp -- If you have problems in Windows: REBOOT If you have problems in Linux: BE ROOT
Re: [Dovecot] Gluster / DRBD Anyone using either?
Ed W wrote: Anyone using either Glusterfs or DRBD in their mail setup? How is performance, manageability? Problems? Tips? I have DRBD below IMAP and it works nice for 20 accounts. A collegue has the student POP3/IMAP Server here with a 2.9 TB DRBD slice and dovecot on it with no other services and it works really nicely. /dev/drbd02.9T 252G 2.5T 10% /users hth Philipp
Re: [Dovecot] Gluster / DRBD Anyone using either?
Philipp Kolmann wrote: Ed W wrote: Anyone using either Glusterfs or DRBD in their mail setup? How is performance, manageability? Problems? Tips? I have DRBD below IMAP and it works nice for 20 accounts. A collegue has the student POP3/IMAP Server here with a 2.9 TB DRBD slice and dovecot on it with no other services and it works really nicely. /dev/drbd02.9T 252G 2.5T 10% /users On the later, we host over 22k users. FYI. Philipp
Re: [Dovecot] UW-IMAP to Dovecot conversion - How to migrate the folders?
On Mon, Aug 20, 2007 at 03:21:20PM -0700, Patrick - South Valley Internet wrote: We just migrated away from our AIX machines which were running Postfix and UW-IMAP. We're now running Postfix with Dovecot. I already converted everyone's mbox file to maildir, but now I'm having a little troubles with how to exactly populate their IMAP folders. People are saying they cannot see their folders. These 'folders' they are talking about can be found in their /home directory. We just moved from HPUX to linux and there we had the problem, that with IMAP and UW-IMAPd you had to specify a Folder Path in the client. With Dovecot and Maildir you don't need this. Check if your users have set this folder path. That solved a lot of problems here. Philipp -- If you have problems in Windows: REBOOT If you have problems in Linux: BE ROOT
[Dovecot] modules/imap/lib02_imap_quota_plugin.so: undefined symbol: quota_set
Hi, I wanted to enable FS quota support in dovecot, and have configured the following directives: protocol imap { mail_plugins = imap_quota } plugin { quota = fs } With this additional settings, my normally working dovecot.conf doesn't start anymore: Starting mail server: dovecotEdlopen(/usr/lib/dovecot/modules/imap/lib02_imap_quota_plugin.so) failed: /usr/lib/dovecot/modules/imap/lib02_imap_quota_plugin.so: undefined symbol: quota_set Error: imap dump-capability process returned 89 I have tested this issue on the following versions: * Debian etch: 1.0.rc15 * RedHat AS 5: 1.0.rc15 * Debian sid: 1.0.0 Thanks for any help in this issue. Philipp Kolmann -- If you have problems in Windows: REBOOT If you have problems in Linux: BE ROOT
Re: [Dovecot] modules/imap/lib02_imap_quota_plugin.so: undefined symbol: quota_set
On Fri, Jul 06, 2007 at 02:58:58PM +0200, Nicolas Boullis wrote: Hi, Quoting Philipp Kolmann [EMAIL PROTECTED]: Hi, I wanted to enable FS quota support in dovecot, and have configured the following directives: protocol imap { mail_plugins = imap_quota The imap_quota plugin depends on the quota plugin. You should try mail_plugins = quota imap_quota thanks Nicolas, that was the trick. Philipp PS: It gives the same error msg with 1.0.1 -- If you have problems in Windows: REBOOT If you have problems in Linux: BE ROOT