Re: [Dovecot] LMTP with virtual and system users
Hi Adrian,
thanks for your reply. I have also thought in this direction already but
I didn't want to have lda SUID root...
I saw that the Passwd-file passdb supports username_format as argument.
Would it be possible to add this feature also to the LMTP passdb driver?
thanks
Philipp
On 01/01/14 18:25, Adrian Zaugg wrote:
Hi Philipp
You are completely right, the proposed solution doesn't work. It seems
exim always qualifies an address without a domain, I believe this is
because LMTP requiers to get only qualified addresses (LMTP is based on
SMTP and the RFC, if I read it correctly specifies it like this).
So, another solution would be to use LDA for your local users and LMTP
for the rest. The configuration for exim would be: a router and a
transport for your local users using LDA, and your virtual users setup
as you have it using LMTP.
local_user:
debug_print = R: local_user for $local_part@$domain
driver = accept
domains = @ : localhost : ${primary_hostname}
check_local_user
transport = dovecot_lda
cannot_route_message = Unknown user
dovecot_lda:
driver = pipe
command = /usr/lib/dovecot/dovecot-lda \
-f $sender_address \
-a $original_local_part@$original_domain
log_output
delivery_date_add
return_path_add
envelope_to_add
user = $local_part
group = mail
temp_errors = 64 : 69 : 70 : 71 : 72 : 73 : 74 : 75 : 78
Please check man dovecot-lda and the dovecot wiki
(http://wiki2.dovecot.org/LDA/Exim) for details. Also check the
permissions you need for dovecot-lda to write to your mailspool (user
and group options from the transport).
I haven't tried the above, but I think it works like this ...
Best regards, Adrian.
Am 30.12.13 09:40 schrieb Philipp Kolmann:
Hi Adrian,
Am 26.12.2013 12:20, schrieb Adrian Zaugg:
You can use exim to prepare the address as you wish: only the user name
for pam users and the full address for virtual users.
Configure a new router to strip the domain part for pam users:
local_pam_users:
debug_print = R: strip domain for local pam users
driver = redirect
check_local_user
domains = @ : localhost : ${primary_hostname}
data = ${local_part}
redirect_router = local_user
I'm not 100% sure of the domains condition; it should restrict the
router to your domain(s) where your pam users receive their email. The
redirect_router designates the router which routes your local deliveries
to your lmtp transport. Place the new router to run just before your
local_user router.
Since your config works for your virtual users, you don't need to do
anything in addition.
I had tried this once already. I have used your snipplet and attached
the debug output from exim. Sadly it didn't work, because the mtp
process got the foll email again and not just the username.
thanks
Philipp
--
---
DI Mag. Philipp Kolmann mail: kolm...@zid.tuwien.ac.at
Technische Universitaet Wien web: www.zid.tuwien.ac.at
Zentraler Informatikdienst (ZID) tel: +43(1)58801-42011
Wiedner Hauptstr. 8-10, A-1040 WienDVR: 0005886
---
Re: [Dovecot] LMTP with virtual and system users
Hi Adrian,
Am 26.12.2013 12:20, schrieb Adrian Zaugg:
You can use exim to prepare the address as you wish: only the user name
for pam users and the full address for virtual users.
Configure a new router to strip the domain part for pam users:
local_pam_users:
debug_print = R: strip domain for local pam users
driver = redirect
check_local_user
domains = @ : localhost : ${primary_hostname}
data = ${local_part}
redirect_router = local_user
I'm not 100% sure of the domains condition; it should restrict the
router to your domain(s) where your pam users receive their email. The
redirect_router designates the router which routes your local deliveries
to your lmtp transport. Place the new router to run just before your
local_user router.
Since your config works for your virtual users, you don't need to do
anything in addition.
I had tried this once already. I have used your snipplet and attached
the debug output from exim. Sadly it didn't work, because the mtp
process got the foll email again and not just the username.
thanks
Philipp
--
---
DI Mag. Philipp Kolmann mail: kolm...@zid.tuwien.ac.at
Technische Universitaet Wien web: www.zid.tuwien.ac.at
Zentraler Informatikdienst (ZID) tel: +43(1)58801-42011
Wiedner Hauptstr. 8-10, A-1040 WienDVR: 0005886
---
17788 local_pam_users router
17788 local_part=pkolmann domain=lukas.rudolfina.at
17788 checking domains
17788 lukas.rudolfina.at in @ : localhost : lukas.rudolfina.at? yes (matched
@)
17788 checking for local user
17788 seeking password data for user pkolmann: using cached result
17788 getpwnam() succeeded uid=1002 gid=1002
17788 R: strip domain for local pam users
17788 calling local_pam_users router
17788 rda_interpret (string): ${local_part}
17788 expanded: pkolmann
17788 file is not a filter file
17788 parse_forward_list: pkolmann
17788 extract item: pkolmann
17788 local_pam_users router generated pkolm...@lukas.rudolfina.at
17788 errors_to=NULL transport=NULL
17788 uid=unset gid=unset home=NULL
17788 routed by local_pam_users router
17788 envelope to: pkolm...@lukas.rudolfina.at
17788 transport: none
17788 locking /var/spool/exim4/db/retry.lockfile
17788 locked /var/spool/exim4/db/retry.lockfile
17788 EXIM_DBOPEN(/var/spool/exim4/db/retry)
17788 returned from EXIM_DBOPEN
17788 opened hints database /var/spool/exim4/db/retry: flags=O_RDONLY
17788
17788 Considering: pkolm...@lukas.rudolfina.at
17788 unique = \0\pkolm...@lukas.rudolfina.at
17788 dbfn_read: key=R:lukas.rudolfina.at
17788 dbfn_read: key=R:pkolm...@lukas.rudolfina.at
17788 dbfn_read: key=R:pkolm...@lukas.rudolfina.at:phil...@kolmann.at
17788 no domain retry record
17788 no address retry record
17788 pkolm...@lukas.rudolfina.at: queued for routing
17788
17788 routing pkolm...@lukas.rudolfina.at
17788 local_user router
17788 local_part=pkolmann domain=lukas.rudolfina.at
17788 checking domains
17788 search_open: mysql NULL
17788 cached open
17788 search_find: file=NULL
17788 key=SELECT domain FROM domain WHERE domain='lukas.rudolfina.at';
partial=-1 affix=NULL starflags=0
17788 LRU list:
17788 :/etc/aliases
17788 End
17788 internal_search_find: file=NULL
17788 type=mysql key=SELECT domain FROM domain WHERE
domain='lukas.rudolfina.at';
17788 cached data used for lookup of SELECT domain FROM domain WHERE
domain='lukas.rudolfina.at';
17788 lookup failed
17788 lukas.rudolfina.at in @:localhost:? yes (matched @)
17788 lukas.rudolfina.at in +local_domains? yes (matched +local_domains)
17788 checking local_parts
17788 pkolmann in ! root? yes (end of list)
17788 checking for local user
17788 seeking password data for user pkolmann: using cached result
17788 getpwnam() succeeded uid=1002 gid=1002
17788 R: local_user for pkolm...@lukas.rudolfina.at
17788 calling local_user router
17788 local_user router called for pkolm...@lukas.rudolfina.at
17788 domain = lukas.rudolfina.at
17788 set transport dovecot_lmtp
17788 queued for dovecot_lmtp transport: local_part = pkolmann
17788 domain = lukas.rudolfina.at
17788 errors_to=NULL
17788 domain_data=NULL localpart_data=NULL
17788 routed by local_user router
17788 envelope to: pkolm...@lukas.rudolfina.at
17788 transport: dovecot_lmtp
17788
17788 After routing:
17788 Local deliveries:
17788 pkolm...@lukas.rudolfina.at
17788 Remote deliveries:
17788 Failed addresses:
17788 Deferred addresses:
17788 search_tidyup called
17788 close MYSQL connection: localhost/exim/exim
17788 Local deliveries
17788 pkolm...@lukas.rudolfina.at
17788 locking /var/spool/exim4/db/retry.lockfile
17788 locked /var/spool/exim4/db/retry.lockfile
17788 EXIM_DBOPEN(/var/spool/exim4/db/retry)
17788 returned from EXIM_DBOPEN
[Dovecot] LMTP with virtual and system users
Hi,
I have a mailsystem where i have some local users with shell access and
full home dirs which receive mail and also several SQL virtual users
only for mail.
With the virtual users, everything works fine. Mail is delivered via
LMTP and also sieve works :)
The SQL Lookup knows what to do with usern...@domain.com
The problem is the system user. If exim delivers the mail to the lmtp
socket, the LMTPd can't find usern...@local.host
I would be able to specify the global auth_username_format=%n but then
my SQL queries break and I like the possibility to have x...@domain1.com
and x...@domain2.com routed to two different accounts.
As I have seen in the source, I can't specify username_format=%n in the
passdb { driver = pam } backend. Do you have any suggestion how to
solve this issue?
thanks
Philipp
# 2.1.7: /etc/dovecot/dovecot.conf
# OS: Linux 3.2.0-4-686-pae i686 Debian 7.3
auth_debug = yes
auth_verbose = yes
first_valid_uid = 100
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
mail_debug = yes
mail_location = maildir:~/Maildir
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy
include variables body enotify environment mailbox date ihave
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox Sent Messages {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
}
passdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
passdb {
driver = pam
}
plugin {
mail_log_fields = uid box msgid size from subject flags
sieve = ~/.dovecot.sieve
sieve_dir = ~/sieve
}
postmaster_address = postmas...@rudolfina.at
protocols = imap lmtp sieve
service auth {
unix_listener auth-client {
group = Debian-exim
mode = 0660
}
}
service managesieve-login {
inet_listener sieve {
port = 4190
}
process_min_avail = 0
service_count = 1
vsz_limit = 64 M
}
ssl_cert = /etc/exim4/exim.crt
ssl_key = /etc/exim4/exim.key
userdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
userdb {
driver = passwd
}
protocol lmtp {
mail_plugins = quota sieve
}
protocol lda {
mail_plugins = sieve
}
protocol imap {
mail_plugins = quota
}
protocol sieve {
mail_max_userip_connections = 10
managesieve_implementation_string = Dovecot Pigeonhole
managesieve_logout_format = bytes=%i/%o
managesieve_max_compile_errors = 5
managesieve_max_line_length = 65536
}
user_query = \
SELECT concat('maildir:/var/spool/virtual_mail/', mailbox,'/Maildir/') as
mail, \
concat('/var/spool/virtual_mail/', mailbox,'/') as home, \
100 as uid, 102 as gid \
FROM email \
WHERE mailbox = '%u'
password_query = \
SELECT mailbox as user, \
boxpass as password \
FROM email \
WHERE mailbox = '%u'
Re: [Dovecot] Can't establish Dovecot authorization in Exim.
On 2010-06-30 16:26, 秋元 亮二 wrote: - Exim -- dovecot_login: driver = dovecot public_name = LOGIN server_socket = /var/run/dovecot/auth-client server_set_id = $auth1 dovecot_plain: driver = dovecot public_name = PLAIN server_socket = /var/run/dovecot/auth-client server_set_id = $auth2 -- I have also $auth1 in dovecot_plain: dovecot_plain: driver = dovecot public_name = PLAIN server_socket = /var/run/dovecot/auth-client server_set_id = $auth1 I have debian with exim4-daemon-heavy and nothing ordinary. hth philipp
[Dovecot] deliver to root
Hi, we use dovecot 1.1.11 on a RH Server with sendmail. Local delivery is done with deliver: Mlocal, P=/usr/local/libexec/dovecot/deliver, F=lsDFMAw5:/|@qSPfhn9, S=EnvFromL/HdrFromL, R=EnvToL/HdrToL, T=DNS/RFC822/X-Unix, A=deliver -d $u This setup works without issues for us, but mail to root has a problem with deliver: deliver(root): Mar 04 16:31:31 Error: userdb(root) returned 0 as uid deliver(root): Mar 04 16:31:31 Error: userdb(root) returned 0 as gid deliver(root): Mar 04 16:31:31 Error: User root is missing UID (set mail_uid) Is it generally not possible to use deliver to deliver mail to root? Thanks Philipp
Re: [Dovecot] Cyrus vs Dovecot
Mathieu Kretchner wrote: Charles Marcus a écrit : On 8/11/2008, Mathieu Kretchner ([EMAIL PROTECTED]) wrote: So here is my next environment : how many mailbox ? 5000 with adequate hardware/RAM, no problem how many users ? 6000 again - with adequate hardware/RAM, no problem Ok it seems to be great, but wath do you consider to be an adequate hardware/RAM for this kind of environment ? Hi, we are providing Mail-Service (POP3, IMAP; either TLS or SSL) to 22000 students here at my university. There are 2 machines running as active-passive cluster with DRBD to sync the maildata. Each box is a 4 core Intel(R) Xeon(R) CPU 5160 @ 3.00GHz with 8 gigs RAM. After a tuneup for DRBD and upgrade to dovecot 1.1 average load is around 1.0. HTH Philipp
Re: [Dovecot] v1.1.0 released
Charles Marcus wrote: On 6/23/2008, Luca Corti ([EMAIL PROTECTED]) wrote: It fails on random files, since the system is running a few daemons without any problem I'd go for the gcc bug. Actually, failing at random point when compiling is *much* more likely to be a memory error. If the 'few daemons' don't happen to ever hit the bad ram, that would explain why they don't fail. Just try replacing the RAM (RAM is chep nowadays), and see if it fixes the problem. or test with memtest (if x86): http://www.memtest.org/ hth Philipp
Re: [Dovecot] stalling on LOGIN
On Tue, Apr 01, 2008 at 04:12:13PM -0400, Brandon Keepers wrote: On Apr 1, 2008, at 3:50 PM, Scott Silva wrote: on 4-1-2008 12:34 PM Brandon Keepers spake the following: Upgrade. rc15 way over a year old. I think backports has newer version. That did it. Thanks Another reason not to use Debian stable. well there are backports.org :) http://packages.debian.org/etch-backports/dovecot-common Philipp -- If you have problems in Windows: REBOOT If you have problems in Linux: BE ROOT
Re: [Dovecot] Gluster / DRBD Anyone using either?
Ed W wrote: Anyone using either Glusterfs or DRBD in their mail setup? How is performance, manageability? Problems? Tips? I have DRBD below IMAP and it works nice for 20 accounts. A collegue has the student POP3/IMAP Server here with a 2.9 TB DRBD slice and dovecot on it with no other services and it works really nicely. /dev/drbd02.9T 252G 2.5T 10% /users hth Philipp
Re: [Dovecot] Gluster / DRBD Anyone using either?
Philipp Kolmann wrote: Ed W wrote: Anyone using either Glusterfs or DRBD in their mail setup? How is performance, manageability? Problems? Tips? I have DRBD below IMAP and it works nice for 20 accounts. A collegue has the student POP3/IMAP Server here with a 2.9 TB DRBD slice and dovecot on it with no other services and it works really nicely. /dev/drbd02.9T 252G 2.5T 10% /users On the later, we host over 22k users. FYI. Philipp
Re: [Dovecot] UW-IMAP to Dovecot conversion - How to migrate the folders?
On Mon, Aug 20, 2007 at 03:21:20PM -0700, Patrick - South Valley Internet wrote: We just migrated away from our AIX machines which were running Postfix and UW-IMAP. We're now running Postfix with Dovecot. I already converted everyone's mbox file to maildir, but now I'm having a little troubles with how to exactly populate their IMAP folders. People are saying they cannot see their folders. These 'folders' they are talking about can be found in their /home directory. We just moved from HPUX to linux and there we had the problem, that with IMAP and UW-IMAPd you had to specify a Folder Path in the client. With Dovecot and Maildir you don't need this. Check if your users have set this folder path. That solved a lot of problems here. Philipp -- If you have problems in Windows: REBOOT If you have problems in Linux: BE ROOT
[Dovecot] modules/imap/lib02_imap_quota_plugin.so: undefined symbol: quota_set
Hi,
I wanted to enable FS quota support in dovecot, and have configured the
following directives:
protocol imap {
mail_plugins = imap_quota
}
plugin {
quota = fs
}
With this additional settings, my normally working dovecot.conf doesn't start
anymore:
Starting mail server:
dovecotEdlopen(/usr/lib/dovecot/modules/imap/lib02_imap_quota_plugin.so)
failed: /usr/lib/dovecot/modules/imap/lib02_imap_quota_plugin.so: undefined
symbol: quota_set
Error: imap dump-capability process returned 89
I have tested this issue on the following versions:
* Debian etch: 1.0.rc15
* RedHat AS 5: 1.0.rc15
* Debian sid: 1.0.0
Thanks for any help in this issue.
Philipp Kolmann
--
If you have problems in Windows: REBOOT
If you have problems in Linux: BE ROOT
Re: [Dovecot] modules/imap/lib02_imap_quota_plugin.so: undefined symbol: quota_set
On Fri, Jul 06, 2007 at 02:58:58PM +0200, Nicolas Boullis wrote:
Hi,
Quoting Philipp Kolmann [EMAIL PROTECTED]:
Hi,
I wanted to enable FS quota support in dovecot, and have configured the
following directives:
protocol imap {
mail_plugins = imap_quota
The imap_quota plugin depends on the quota plugin. You should try
mail_plugins = quota imap_quota
thanks Nicolas, that was the trick.
Philipp
PS: It gives the same error msg with 1.0.1
--
If you have problems in Windows: REBOOT
If you have problems in Linux: BE ROOT
