Re: dovecot quota-warning detection mail
Let me just add, of course you should play around with some test entries. You don't want problems with dovecot finding the home directory, users suddenly seeing an empty mailbox, or LMTP delivering to the wrong place. Just in case this isn't obvious :-) On 10/29/20 2:08 PM, Gedalya wrote: > Very good. > > See https://doc.dovecot.org/configuration_manual/authentication/passwd_file/ > > You can add the "user" field as an "extra field" > > In users.auth, just add in the end "user=-...@ddd.example.com" to match > the respective entry in /etc/dovecot/users > > Good luck! > > > On 10/29/20 2:02 PM, 森川 孝司 wrote: >> OK. "passdb/userdb" Setting part >> >> $ dovecot -n (Excerpt from change) >> >> - >> passdb { >> args = scheme=CRYPT username_format=%u /etc/dovecot/users.auth >> driver = passwd-file >> } >> >> userdb { >> args = username_format=%u /etc/dovecot/users.auth >> driver = passwd-file >> } >> protocol lmtp { >> info_log_path = /var/log/lmtplog >> mail_plugins = " quota quota sieve" >> userdb { >> args = username_format=%u /etc/dovecot/users >> driver = passwd-file >> name = >> } >> } >> >> - >> >> cat /etc/dovecot/users.auth (Excerpt from change) >> >> - >> root:*/root:: >> :{CRAM-MD5}b09a26aedaddd0e66901eb4bc146b81930aac8be0dac96d1c83bb652fd4f7 >> 451/var/home/xxx/:: >> -ccc-ddd:{CRAM-MD5}b09a15aedaddd0e55901eb4bc146b81930aac8be0dac96d1c83bb >> 652fd4f7451/home/vhosts/ddd/-ccc-ddd:: >> -fff-ggg:{CRAM-MD5}f4c336c68f063d1bbc2a1e32ae32bc9c978d0d2565eae42b4485d >> 50370d157cd/home/vhosts/ggg/-fff-ggg:: >> -iii-jjj:{CRAM-MD5}78b337b326d57d564454d8019ed22b5d5cd181437aff77988e2c3 >> a12ec2d8490/home/vhosts/jjj/-iii-jjj:: >> : >> : >> >> - >> >> cat /etc/dovecot/users (Excerpt from change) >> >> - >> root:/root:: >> :/var/home/xxx/:: >> -...@ddd.example.com:/home/vhosts/ddd/-ccc-ddd:: >> -...@ggg.example.net:/home/vhosts/ggg/-fff-ggg:: >> -...@jjj.example.co.jp:/home/vhosts/jjj/-iii-jjj:: >> : >> : >> >> - >> >> -Original Message- >> From: dovecot [mailto:dovecot-boun...@dovecot.org] On Behalf Of Gedalya >> Sent: Thursday, October 29, 2020 2:27 PM >> To: dovecot@dovecot.org >> Subject: Re: dovecot quota-warning detection mail >> >> Perhaps if you share some information about your passdb / userdb >> authentication setup, I or others might be able to help further. >> >> >> On 10/29/20 12:51 PM, 森川 孝司 wrote: >>> Gedalya-san >>> >>> Thank you for the information. >>> >>> It seems to be difficult... >>> >>> morikawa >>> -Original Message- >>> From: dovecot [mailto:dovecot-boun...@dovecot.org] On Behalf Of >>> Gedalya >>> Sent: Thursday, October 29, 2020 1:17 PM >>> To: dovecot@dovecot.org >>> Subject: Re: dovecot quota-warning detection mail >>> >>> Aha. Then it's not a straightforward case of just adding the domain >>> name to the same username, you need to transform the username too. >>> Dovecot's userdb / authdb allows you to return a "user" field, which >>> sets a new username for dovecot to use. >>> Depending on what you use as your authentication backend, you may be >>> able to do the transformation at that layer. >>> >>> https://doc.dovecot.org/configuration_manual/authentication/user_extra >>> _field >>> / >>> >>> On 10/29/20 12:06 PM, 森川 孝司 wrote: >>>> Gedalya-san >>>> >>>> You are currently logged in without a domain name. >>>> >>>> Currently, "abc-xyz-unyo-sekkei" users have been converted to >>>> "abc-xyz-u...@example.co.jp". >>>> (There is no "sekkei" in the address.) >>>> >>>> Or just add "@example.co.jp"? >>>> When it comes to "abc-xyz-unyo-sek...@example.co.jp" >>>> I can't send a mail. >>>> >>>> Thank you. >>>> >>>> morikawa
Re: dovecot quota-warning detection mail
Very good. See https://doc.dovecot.org/configuration_manual/authentication/passwd_file/ You can add the "user" field as an "extra field" In users.auth, just add in the end "user=-...@ddd.example.com" to match the respective entry in /etc/dovecot/users Good luck! On 10/29/20 2:02 PM, 森川 孝司 wrote: > OK. "passdb/userdb" Setting part > > $ dovecot -n (Excerpt from change) > > - > passdb { > args = scheme=CRYPT username_format=%u /etc/dovecot/users.auth > driver = passwd-file > } > > userdb { > args = username_format=%u /etc/dovecot/users.auth > driver = passwd-file > } > protocol lmtp { > info_log_path = /var/log/lmtplog > mail_plugins = " quota quota sieve" > userdb { > args = username_format=%u /etc/dovecot/users > driver = passwd-file > name = > } > } > > - > > cat /etc/dovecot/users.auth (Excerpt from change) > > - > root:*/root:: > :{CRAM-MD5}b09a26aedaddd0e66901eb4bc146b81930aac8be0dac96d1c83bb652fd4f7 > 451/var/home/xxx/:: > -ccc-ddd:{CRAM-MD5}b09a15aedaddd0e55901eb4bc146b81930aac8be0dac96d1c83bb > 652fd4f7451/home/vhosts/ddd/-ccc-ddd:: > -fff-ggg:{CRAM-MD5}f4c336c68f063d1bbc2a1e32ae32bc9c978d0d2565eae42b4485d > 50370d157cd/home/vhosts/ggg/-fff-ggg:: > -iii-jjj:{CRAM-MD5}78b337b326d57d564454d8019ed22b5d5cd181437aff77988e2c3 > a12ec2d8490/home/vhosts/jjj/-iii-jjj:: > : > : > > - > > cat /etc/dovecot/users (Excerpt from change) > > - > root:/root:: > :/var/home/xxx/:: > -...@ddd.example.com:/home/vhosts/ddd/-ccc-ddd:: > -...@ggg.example.net:/home/vhosts/ggg/-fff-ggg:: > -...@jjj.example.co.jp:/home/vhosts/jjj/-iii-jjj:: > : > : > > ----- > > -Original Message- > From: dovecot [mailto:dovecot-boun...@dovecot.org] On Behalf Of Gedalya > Sent: Thursday, October 29, 2020 2:27 PM > To: dovecot@dovecot.org > Subject: Re: dovecot quota-warning detection mail > > Perhaps if you share some information about your passdb / userdb > authentication setup, I or others might be able to help further. > > > On 10/29/20 12:51 PM, 森川 孝司 wrote: >> Gedalya-san >> >> Thank you for the information. >> >> It seems to be difficult... >> >> morikawa >> -Original Message- >> From: dovecot [mailto:dovecot-boun...@dovecot.org] On Behalf Of >> Gedalya >> Sent: Thursday, October 29, 2020 1:17 PM >> To: dovecot@dovecot.org >> Subject: Re: dovecot quota-warning detection mail >> >> Aha. Then it's not a straightforward case of just adding the domain >> name to the same username, you need to transform the username too. >> Dovecot's userdb / authdb allows you to return a "user" field, which >> sets a new username for dovecot to use. >> Depending on what you use as your authentication backend, you may be >> able to do the transformation at that layer. >> >> https://doc.dovecot.org/configuration_manual/authentication/user_extra >> _field >> / >> >> On 10/29/20 12:06 PM, 森川 孝司 wrote: >>> Gedalya-san >>> >>> You are currently logged in without a domain name. >>> >>> Currently, "abc-xyz-unyo-sekkei" users have been converted to >>> "abc-xyz-u...@example.co.jp". >>> (There is no "sekkei" in the address.) >>> >>> Or just add "@example.co.jp"? >>> When it comes to "abc-xyz-unyo-sek...@example.co.jp" >>> I can't send a mail. >>> >>> Thank you. >>> >>> morikawa >
Re: dovecot quota-warning detection mail
Perhaps if you share some information about your passdb / userdb authentication setup, I or others might be able to help further. On 10/29/20 12:51 PM, 森川 孝司 wrote: > Gedalya-san > > Thank you for the information. > > It seems to be difficult... > > morikawa > -Original Message- > From: dovecot [mailto:dovecot-boun...@dovecot.org] On Behalf Of Gedalya > Sent: Thursday, October 29, 2020 1:17 PM > To: dovecot@dovecot.org > Subject: Re: dovecot quota-warning detection mail > > Aha. Then it's not a straightforward case of just adding the domain name to > the same username, you need to transform the username too. > Dovecot's userdb / authdb allows you to return a "user" field, which sets a > new username for dovecot to use. > Depending on what you use as your authentication backend, you may be able to > do the transformation at that layer. > > https://doc.dovecot.org/configuration_manual/authentication/user_extra_field > / > > On 10/29/20 12:06 PM, 森川 孝司 wrote: >> Gedalya-san >> >> You are currently logged in without a domain name. >> >> Currently, "abc-xyz-unyo-sekkei" users have been converted to >> "abc-xyz-u...@example.co.jp". >> (There is no "sekkei" in the address.) >> >> Or just add "@example.co.jp"? >> When it comes to "abc-xyz-unyo-sek...@example.co.jp" >> I can't send a mail. >> >> Thank you. >> >> morikawa
Re: dovecot quota-warning detection mail
Aha. Then it's not a straightforward case of just adding the domain name to the same username, you need to transform the username too. Dovecot's userdb / authdb allows you to return a "user" field, which sets a new username for dovecot to use. Depending on what you use as your authentication backend, you may be able to do the transformation at that layer. https://doc.dovecot.org/configuration_manual/authentication/user_extra_field/ On 10/29/20 12:06 PM, 森川 孝司 wrote: > Gedalya-san > > You are currently logged in without a domain name. > > Currently, "abc-xyz-unyo-sekkei" users have been converted to > "abc-xyz-u...@example.co.jp". > (There is no "sekkei" in the address.) > > Or just add "@example.co.jp"? > When it comes to "abc-xyz-unyo-sek...@example.co.jp" > I can't send a mail. > > Thank you. > > morikawa
Re: dovecot quota-warning detection mail
It should only affect users who authenticate with a username only, without a domain. The only effect is to add the domain name to the username. You could perhaps test, by logging in as just "user" and then as "u...@example.co.jp" and make sure everything behaves the same. If everything behaves the same, then setting auth_default_realm should not do any harm. In other words, the question is: does any functionality actually depend on having a username without a domain. On 10/29/20 8:18 AM, 森川 孝司 wrote: > Gedalya-san > > I have a question. > Currently, there are thousands of users. (In multi-domain) > The setting of "auth_default_realm = example.co.jp" is > Is it possible to set without affecting the current user? > > Thank you.
RE: dovecot quota-warning detection mail
OK. "passdb/userdb" Setting part $ dovecot -n (Excerpt from change) - passdb { args = scheme=CRYPT username_format=%u /etc/dovecot/users.auth driver = passwd-file } userdb { args = username_format=%u /etc/dovecot/users.auth driver = passwd-file } protocol lmtp { info_log_path = /var/log/lmtplog mail_plugins = " quota quota sieve" userdb { args = username_format=%u /etc/dovecot/users driver = passwd-file name = } } - cat /etc/dovecot/users.auth (Excerpt from change) - root:*/root:: :{CRAM-MD5}b09a26aedaddd0e66901eb4bc146b81930aac8be0dac96d1c83bb652fd4f7 451/var/home/xxx/:: -ccc-ddd:{CRAM-MD5}b09a15aedaddd0e55901eb4bc146b81930aac8be0dac96d1c83bb 652fd4f7451/home/vhosts/ddd/-ccc-ddd:: -fff-ggg:{CRAM-MD5}f4c336c68f063d1bbc2a1e32ae32bc9c978d0d2565eae42b4485d 50370d157cd/home/vhosts/ggg/-fff-ggg:: -iii-jjj:{CRAM-MD5}78b337b326d57d564454d8019ed22b5d5cd181437aff77988e2c3 a12ec2d8490/home/vhosts/jjj/-iii-jjj:: : : - cat /etc/dovecot/users (Excerpt from change) - root:/root:: :/var/home/xxx/:: -...@ddd.example.com:/home/vhosts/ddd/-ccc-ddd:: -...@ggg.example.net:/home/vhosts/ggg/-fff-ggg:: -...@jjj.example.co.jp:/home/vhosts/jjj/-iii-jjj:: : : - -Original Message- From: dovecot [mailto:dovecot-boun...@dovecot.org] On Behalf Of Gedalya Sent: Thursday, October 29, 2020 2:27 PM To: dovecot@dovecot.org Subject: Re: dovecot quota-warning detection mail Perhaps if you share some information about your passdb / userdb authentication setup, I or others might be able to help further. On 10/29/20 12:51 PM, 森川 孝司 wrote: > Gedalya-san > > Thank you for the information. > > It seems to be difficult... > > morikawa > -Original Message- > From: dovecot [mailto:dovecot-boun...@dovecot.org] On Behalf Of > Gedalya > Sent: Thursday, October 29, 2020 1:17 PM > To: dovecot@dovecot.org > Subject: Re: dovecot quota-warning detection mail > > Aha. Then it's not a straightforward case of just adding the domain > name to the same username, you need to transform the username too. > Dovecot's userdb / authdb allows you to return a "user" field, which > sets a new username for dovecot to use. > Depending on what you use as your authentication backend, you may be > able to do the transformation at that layer. > > https://doc.dovecot.org/configuration_manual/authentication/user_extra > _field > / > > On 10/29/20 12:06 PM, 森川 孝司 wrote: >> Gedalya-san >> >> You are currently logged in without a domain name. >> >> Currently, "abc-xyz-unyo-sekkei" users have been converted to >> "abc-xyz-u...@example.co.jp". >> (There is no "sekkei" in the address.) >> >> Or just add "@example.co.jp"? >> When it comes to "abc-xyz-unyo-sek...@example.co.jp" >> I can't send a mail. >> >> Thank you. >> >> morikawa
RE: dovecot quota-warning detection mail
Gedalya-san Thank you for the information. It seems to be difficult... morikawa -Original Message- From: dovecot [mailto:dovecot-boun...@dovecot.org] On Behalf Of Gedalya Sent: Thursday, October 29, 2020 1:17 PM To: dovecot@dovecot.org Subject: Re: dovecot quota-warning detection mail Aha. Then it's not a straightforward case of just adding the domain name to the same username, you need to transform the username too. Dovecot's userdb / authdb allows you to return a "user" field, which sets a new username for dovecot to use. Depending on what you use as your authentication backend, you may be able to do the transformation at that layer. https://doc.dovecot.org/configuration_manual/authentication/user_extra_field / On 10/29/20 12:06 PM, 森川 孝司 wrote: > Gedalya-san > > You are currently logged in without a domain name. > > Currently, "abc-xyz-unyo-sekkei" users have been converted to > "abc-xyz-u...@example.co.jp". > (There is no "sekkei" in the address.) > > Or just add "@example.co.jp"? > When it comes to "abc-xyz-unyo-sek...@example.co.jp" > I can't send a mail. > > Thank you. > > morikawa
RE: dovecot quota-warning detection mail
Gedalya-san You are currently logged in without a domain name. Currently, "abc-xyz-unyo-sekkei" users have been converted to "abc-xyz-u...@example.co.jp". (There is no "sekkei" in the address.) Or just add "@example.co.jp"? When it comes to "abc-xyz-unyo-sek...@example.co.jp" I can't send a mail. Thank you. morikawa -Original Message- From: dovecot [mailto:dovecot-boun...@dovecot.org] On Behalf Of Gedalya Sent: Thursday, October 29, 2020 11:55 AM To: dovecot@dovecot.org Subject: Re: dovecot quota-warning detection mail It should only affect users who authenticate with a username only, without a domain. The only effect is to add the domain name to the username. You could perhaps test, by logging in as just "user" and then as "u...@example.co.jp" and make sure everything behaves the same. If everything behaves the same, then setting auth_default_realm should not do any harm. In other words, the question is: does any functionality actually depend on having a username without a domain. On 10/29/20 8:18 AM, 森川 孝司 wrote: > Gedalya-san > > I have a question. > Currently, there are thousands of users. (In multi-domain) The setting > of "auth_default_realm = example.co.jp" is Is it possible to set > without affecting the current user? > > Thank you.
RE: dovecot quota-warning detection mail
Gedalya-san I have a question. Currently, there are thousands of users. (In multi-domain) The setting of "auth_default_realm = example.co.jp" is Is it possible to set without affecting the current user? Thank you. -Original Message- From: dovecot [mailto:dovecot-boun...@dovecot.org] On Behalf Of 森川 孝司 Sent: Wednesday, October 28, 2020 4:16 PM To: 'Gedalya' ; dovecot@dovecot.org Subject: RE: dovecot quota-warning detection mail Hi Gedalya-san I would like to set "auth_default_realm = example.co.jp". I'm just replacing from older server to new server, Older servers also had this problem. So, we decided to proceed with server replacement in this state. As another task, we will start and set up this issue. Therefore, it takes time to set and confirm. If we can confirm it, we will report it again. Thank you.
Re: dovecot quota-warning detection mail
On 10/28/20 12:19 PM, 森川 孝司 wrote: > " > "Recipient address rejected: User unknown in local recipient table" If abc-xyz-unyo-sekkei is supposed to be abc-xyz-unyo-sek...@example.co.jp then you could try to set in dovecot configuration: auth_default_realm = example.co.jp Then %u will contain the domain part too. Otherwise, you could try to configure postfix to qualify unqualified addresses with the appropriate domain. Finally, you could just prohibit users from authenticating with an unqualified username (without a domain).
RE: dovecot quota-warning detection mail
Morikawa-san, Okey, then your conf should be right. Did you try the conf below which was noticed by Gedalya? auth_default_realm = example.co.jp Kouga -Original Message- From: 森川 孝司 Sent: Wednesday, October 28, 2020 4:28 PM To: 林 宏河 ; dovecot@dovecot.org Subject: RE: dovecot quota-warning detection mail kouga-san After copying and pasting, something went wrong. Actually "quota_warning = storage=95%% quota-warning 95 %u" It is set in. (In fact, I usually receive a notification email.) Thank you. -Original Message- From: dovecot [mailto:dovecot-boun...@dovecot.org] On Behalf Of Koga Hayashi Sent: Wednesday, October 28, 2020 1:58 PM To: 森川 孝司 ; dovecot@dovecot.org Subject: RE: dovecot quota-warning detection mail Morikawa-san, Your conf is wrong. Should be: quota_warning = storage = 95 %% quota-warning 95 %u Your conf: quota_warning = storage = 95 %% quota-warning 95% u There's a space between % and u. First of all, try the above and let us know if it changes. Kouga
RE: dovecot quota-warning detection mail
kouga-san After copying and pasting, something went wrong. Actually "quota_warning = storage=95%% quota-warning 95 %u" It is set in. (In fact, I usually receive a notification email.) Thank you. -Original Message- From: dovecot [mailto:dovecot-boun...@dovecot.org] On Behalf Of Koga Hayashi Sent: Wednesday, October 28, 2020 1:58 PM To: 森川 孝司 ; dovecot@dovecot.org Subject: RE: dovecot quota-warning detection mail Morikawa-san, Your conf is wrong. Should be: quota_warning = storage = 95 %% quota-warning 95 %u Your conf: quota_warning = storage = 95 %% quota-warning 95% u There's a space between % and u. First of all, try the above and let us know if it changes. Kouga
RE: dovecot quota-warning detection mail
Hi Gedalya-san I would like to set "auth_default_realm = example.co.jp". I'm just replacing from older server to new server, Older servers also had this problem. So, we decided to proceed with server replacement in this state. As another task, we will start and set up this issue. Therefore, it takes time to set and confirm. If we can confirm it, we will report it again. Thank you.
RE: dovecot quota-warning detection mail
Morikawa, What do you mean by "logged-in user"? %u stands for the username. If, for an example, user "morikawa" exists in your dovecot server (I mean as local user), your quota warning configuration should be fine. But if user "morikawa" does not exist in your server, and, dovecot can't resolve the username to the mail address, then the quota warning mail be rejected because dovecot can't find the "username" in local recipient table. A little more information about your server environment will be appreciated. Kouga -Original Message- From: dovecot On Behalf Of 森川 孝司 Sent: Wednesday, October 28, 2020 10:17 AM To: dovecot@dovecot.org Subject: dovecot quota-warning detection mail Hi, all. we use quota-warning emails to notify you of quotas. In rare cases, the email address has changed to the logged-in user. (Because the address of %u is passed as the logged-in user.) So I couldn’t send the email with “Recipient address rejected: User unknown in local recipient table”. Why does my email address change to a logged-in user? %u of "quota_warning = storage = 95 %% quota-warning 95% u" The output is the logged-in user. By Morikawa
RE: dovecot quota-warning detection mail
Morikawa-san, Your conf is wrong. Should be: quota_warning = storage = 95 %% quota-warning 95 %u Your conf: quota_warning = storage = 95 %% quota-warning 95% u There's a space between % and u. First of all, try the above and let us know if it changes. Kouga -Original Message- From: 森川 孝司 Sent: Wednesday, October 28, 2020 1:20 PM To: 林 宏河 ; dovecot@dovecot.org Subject: RE: dovecot quota-warning detection mail Hi,Kouga-san When quota-warning works normally I'm sending an email to "From: to = " When it doesn't work An email was sent to "From: to = " "Recipient address rejected: User unknown in local recipient table" It will be. cat /etc/dovecot/conf.d/90-quota.conf -- plugin { quota_warning = storage = 95 %% quota-warning 95% u quota_warning1 = storage = 90 %% quota-warning 90% u quota_warning2 = storage = 85 %% quota-warning 85% u quota_warning3 = storage = 80 %% quota-warning 80% u } service quota-warning { executable = script /usr/local/bin/quota-warning.pl user = dovecot unix_listener quota-warning { user = vmail } } -- - And it is set. Thank you. -Original Message- From: Koga Hayashi [mailto:haya...@progdence.co.jp] Sent: Wednesday, October 28, 2020 12:50 PM To: 森川 孝司 ; dovecot@dovecot.org Subject: RE: dovecot quota-warning detection mail Morikawa, What do you mean by "logged-in user"? %u stands for the username. If, for an example, user "morikawa" exists in your dovecot server (I mean as local user), your quota warning configuration should be fine. But if user "morikawa" does not exist in your server, and, dovecot can't resolve the username to the mail address, then the quota warning mail be rejected because dovecot can't find the "username" in local recipient table. A little more information about your server environment will be appreciated. Kouga -Original Message- From: dovecot On Behalf Of 森川 孝司 Sent: Wednesday, October 28, 2020 10:17 AM To: dovecot@dovecot.org Subject: dovecot quota-warning detection mail Hi, all. we use quota-warning emails to notify you of quotas. In rare cases, the email address has changed to the logged-in user. (Because the address of %u is passed as the logged-in user.) So I couldn’t send the email with “Recipient address rejected: User unknown in local recipient table”. Why does my email address change to a logged-in user? %u of "quota_warning = storage = 95 %% quota-warning 95% u" The output is the logged-in user. By Morikawa
RE: dovecot quota-warning detection mail
Hi,Kouga-san When quota-warning works normally I'm sending an email to "From: to = " When it doesn't work An email was sent to "From: to = " "Recipient address rejected: User unknown in local recipient table" It will be. cat /etc/dovecot/conf.d/90-quota.conf -- plugin { quota_warning = storage = 95 %% quota-warning 95% u quota_warning1 = storage = 90 %% quota-warning 90% u quota_warning2 = storage = 85 %% quota-warning 85% u quota_warning3 = storage = 80 %% quota-warning 80% u } service quota-warning { executable = script /usr/local/bin/quota-warning.pl user = dovecot unix_listener quota-warning { user = vmail } } -- - And it is set. Thank you. -Original Message- From: Koga Hayashi [mailto:haya...@progdence.co.jp] Sent: Wednesday, October 28, 2020 12:50 PM To: 森川 孝司 ; dovecot@dovecot.org Subject: RE: dovecot quota-warning detection mail Morikawa, What do you mean by "logged-in user"? %u stands for the username. If, for an example, user "morikawa" exists in your dovecot server (I mean as local user), your quota warning configuration should be fine. But if user "morikawa" does not exist in your server, and, dovecot can't resolve the username to the mail address, then the quota warning mail be rejected because dovecot can't find the "username" in local recipient table. A little more information about your server environment will be appreciated. Kouga -Original Message- From: dovecot On Behalf Of 森川 孝司 Sent: Wednesday, October 28, 2020 10:17 AM To: dovecot@dovecot.org Subject: dovecot quota-warning detection mail Hi, all. we use quota-warning emails to notify you of quotas. In rare cases, the email address has changed to the logged-in user. (Because the address of %u is passed as the logged-in user.) So I couldn’t send the email with “Recipient address rejected: User unknown in local recipient table”. Why does my email address change to a logged-in user? %u of "quota_warning = storage = 95 %% quota-warning 95% u" The output is the logged-in user. By Morikawa
dovecot quota-warning detection mail
Hi, all. we use quota-warning emails to notify you of quotas. In rare cases, the email address has changed to the logged-in user. (Because the address of %u is passed as the logged-in user.) So I couldn’t send the email with “Recipient address rejected: User unknown in local recipient table”. Why does my email address change to a logged-in user? %u of "quota_warning = storage = 95 %% quota-warning 95% u" The output is the logged-in user. By Morikawa
Re: Dovecot, quota, warning, and issue with setup?
On 16 Jun2019, at 13:42, David Mehler via dovecot wrote: > quota = maildir:User quota This was covered a few days ago. On 13 Jun2019, at 17:22, Ranbir via dovecot wrote: > I switched to "quota = count:User quota" (as Aki suggested) and now the > errors are gone. Thanks to the both of you! HTH -- 'An appointment is an engagement to see someone, while a morningstar is a large lump of metal used for viciously crushing skulls. It is important not to confuse the two.’
Dovecot, quota, warning, and issue with setup?
it:]]+\.[[:digit:]]+)\] sieve_spamtest_status_header = X-Spamd-Result: default: [[:alnum:]]+ \[(-?[[:digit:]]+\.[[:digit:]]+) / -?[[:digit:]]+\.[[:digit:]]+\] sieve_spamtest_status_type = score sieve_user_log = /home/vmail/sieve/sieve_error.log sieve_virustest_status_header = X-Virus-Scan: Found to be (.+)\. sieve_virustest_status_type = text sieve_virustest_text_value1 = clean sieve_virustest_text_value5 = infected trash = /usr/local/etc/dovecot/trash.conf welcome_script = welcome %u postmaster@%d welcome_wait = yes } postmaster_address = postmas...@example.net protocols = imap lmtp sieve sendmail_path = /usr/local/sbin/sendmail service auth-worker { user = vmail } service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-userdb { group = vmail mode = 0666 user = vmail } } service dict { unix_listener dict { mode = 0600 user = vmail } user = root } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } process_min_avail = 1 } service imap { executable = imap } service lmtp { executable = lmtp unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0660 user = postfix } } service managesieve-login { inet_listener sieve { address = 172.16.21.3 port = 4190 } } service quota-status { client_limit = 1 executable = quota-status -p postfix unix_listener /var/spool/postfix/private/dovecot-quota { group = postfix mode = 0660 user = postfix } } service quota-warning { executable = script /usr/local/etc/dovecot/quota-warning.sh unix_listener quota-warning { group = vmail mode = 0660 user = vmail } user = vmail } service welcome { executable = script /usr/local/etc/dovecot/welcome.sh unix_listener welcome { user = vmail } user = vmail } ssl = required ssl_cert =
Re: Dovecot quota and Postfix smtpd_recipient_restrictions?
On 3/21/19 10:17 PM, Davide Marchi via dovecot wrote: I've a doubt (again): Is it correct the the space between "[..]service" and "inet[..]"? As suggested here: https://blog.sys4.de/postfix-dovecot-mailbox-quota-en.html I've run: postconf smtpd_recipient_restrictions=check_policy_service inet:mailstore.example.com:12340 but obtain the error: postconf: fatal: missing '=' after attribute name: "inet:mailstore.example.com:12340" Please, which is the correct syntax? :-) Thanks again! Davide Davide, I think this is the shell that is giving three arguments to postconf instead of just one (beacuse of the space). In order to disable this, you might want to try to put the whole argument between quotes. You also forgot to give the command the -e switch in order to edit the main.cf file. Try : postconf -e smtpd_recipient_restrictions="check_policy_service inet:mailstore.example.com:12340" Yassine.
Re: Dovecot quota and Postfix smtpd_recipient_restrictions?
Well, so the right syntax (in my case) would be: -o smtpd_recipient_restrictions = reject_non_fqdn_recipient,reject_unknown_recipient_domain,permit_sasl_authenticated,reject,check_policy_service inet:mailstore.example.com:12340 right?? I configured it before the "permit_sasl_authenticated" and the "reject" statement. I've a doubt (again): Is it correct the the space between "[..]service" and "inet[..]"? As suggested here: https://blog.sys4.de/postfix-dovecot-mailbox-quota-en.html I've run: postconf smtpd_recipient_restrictions=check_policy_service inet:mailstore.example.com:12340 but obtain the error: postconf: fatal: missing '=' after attribute name: "inet:mailstore.example.com:12340" Please, which is the correct syntax? :-) Thanks again! Davide
Re: Dovecot quota and Postfix smtpd_recipient_restrictions?
From: Urban Loesch Hi, Well, so the right syntax (in my case) would be: -o smtpd_recipient_restrictions = reject_non_fqdn_recipient,reject_unknown_recipient_domain,permit_sasl_authenticated,reject,check_policy_service inet:mailstore.example.com:12340 right?? I configured it before the "permit_sasl_authenticated" and the "reject" statement. And eventually, should you suggest me how made some functional verification test? According to: http://www.postfix.org/SMTPD_POLICY_README.html try on your postfix: telnet mailstore.example.com 12340 and insert the following lines: sender=somesen...@somedomain.com recipient=y...@recipient.com size=12345 [empty line] Set a size= in bytes which is greater that your configured quota. In theory the policy service should respond with your configured error message "552 5.2.2 Mailbox is full". Example on my server: ... sender=postmas...@somedomain.com recipient=m...@recipient.com size=12345000 action=552 5.2.2 Mailbox is full ... For a livetest reduce the quota of your testaccount to ex. 100KB and the send a mail > 100BK from outside to it. You should see the "552" error message in your logs and you should get back a bouncemail from the sending server. Hope I explained it correct. Best Urban WAW! Very very clear your example! Thanks again Urban, you are a friend ;-) I will try... Thanks again to all! Davide -- cosmogoniA n o p r o v a r e n o f a r e o n o n f a r e n o n c e p r o v a r e
Re: Dovecot quota and Postfix smtpd_recipient_restrictions?
From: Urban Loesch Hi, I would like to enable (the same) quota (count) for all (virtual)users, on Debian Stretch, Postfix 3.1.8, Dovecot 2.2.27, and is not clear for me if I need to tell Postfix to communicate with the service in /etc/postfix/main.cf as here: smtpd_recipient_restrictions = ... check_policy_service inet:mailstore.example.com:12340 I configured it like your example above and it works for me. Best Urban Well, so the right syntax (in my case) would be: -o smtpd_recipient_restrictions = reject_non_fqdn_recipient,reject_unknown_recipient_domain,permit_sasl_authenticated,reject,check_policy_service inet:mailstore.example.com:12340 right? :-) And eventually, should you suggest me how made some functional verification test? Many many many thanks Urban!! ;-) Davide
Re: Dovecot quota and Postfix smtpd_recipient_restrictions?
On 3/19/19 6:00 PM, Davide Marchi via dovecot wrote: [...] is not clear for me if I need to tell Postfix to communicate with the service in /etc/postfix/main.cf as here: smtpd_recipient_restrictions = ... check_policy_service inet:mailstore.example.com:12340 Davide Hey Davide, You don't *have* to, but you can. Now whether you should or shouldn't is up to you. The downside of enabling this is that if John is over quota, then if you try to send a mail to three recipients John, Mary and Socrates postfix will refuse to relay mail for any of them, even if only John is over quota. This has confused my users who couldn't understand why things were like this, but apparently this is how postfix is designed to work ? (or is it a protocol limitation ?) I don't know if other people here can testify of this or have they found a way to circumvent this ? (or more likely is it simply a bad configuration on my part ^:^' ?) Yassine.
Re: Dovecot quota and Postfix smtpd_recipient_restrictions?
Hi, I would like to enable (the same) quota (count) for all (virtual)users, on Debian Stretch, Postfix 3.1.8, Dovecot 2.2.27, and is not clear for me if I need to tell Postfix to communicate with the service in /etc/postfix/main.cf as here: smtpd_recipient_restrictions = ... check_policy_service inet:mailstore.example.com:12340 I configured it like your example above and it works for me. Best Urban
Dovecot quota and Postfix smtpd_recipient_restrictions?
Hi Friends, a doubt: I would like to enable (the same) quota (count) for all (virtual)users, on Debian Stretch, Postfix 3.1.8, Dovecot 2.2.27, and is not clear for me if I need to tell Postfix to communicate with the service in /etc/postfix/main.cf as here: smtpd_recipient_restrictions = ... check_policy_service inet:mailstore.example.com:12340 My current Postfix "smtpd_recipient_restrictions": -o smtpd_recipient_restrictions=reject_non_fqdn_recipient,reject_unknown_recipient_domain,permit_sasl_authenticated,reject Currently I've edited: conf.d/10-mail.conf: # Space separated list of plugins to load for all services. Plugins specific to # IMAP, LDA, etc. are added to this list in their own .conf files. mail_plugins = $mail_plugins quota conf.d/20-imap.conf: protocol imap { # Space separated list of plugins to load (default is global mail_plugins). mail_plugins = $mail_plugins imap_quota } conf.d/90-quota.conf: (for use with the quota-status service) plugin { quota_grace = 10%% # 10% is the default quota_status_success = DUNNO quota_status_nouser = DUNNO quota_status_overquota = "552 5.2.2 Mailbox is full" } /etc/dovecot/conf.d/90-quota.conf: plugin { quota = maildir quota_rule = *:storage=3G quota_rule2 = Trash:storage=+100M # LDA/LMTP allows saving the last mail to bring user from under quota to # over quota, if the quota doesn't grow too high. Default is to allow as # long as quota will stay under 10% above the limit. Also allowed e.g. 10M. #quota_grace = 10%% # 10% is the default quota_status_success = DUNNO quota_status_nouser = DUNNO quota_status_overquota = "552 5.2.2 Mailbox is full" } plugin { quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u } plugin { #quota = dirsize:User quota #quota = maildir:User quota #quota = dict:User quota::proxy::quota #quota = fs:User quota quota = count:User quota # This is required - it uses "virtual sizes" rather than "physical sizes" for quota counting: quota_vsizes = yes } plugin { #quota = dict:user::proxy::quota #quota2 = dict:domain:%d:proxy::quota_domain #quota_rule = *:storage=102400 #quota2_rule = *:storage=1048576 } service quota-warning { executable = script /usr/local/bin/quota-warning.sh user = dovecot unix_listener quota-warning { user = vmail } } service quota-status { executable = quota-status -p postfix inet_listener { port = 12340 # You can choose any port you want } client_limit = 1 } Many many thanks!! Davide
Re: [dovecot quota-status] error "Invalid character in path"
Hi, Op 18/10/2018 om 23:59 schreef k675...@keit.eu: Hello, I'm using using: - dovecot 2.3.3 (dcead646b) - postfix 3.3.1 - dovecot "quota = maildir:User quota" I'm facing the error: "quota-status: Error: quota-status: Client sent invalid recipient address: Invalid character in path" This occurred with this e-mail address: "John Smith"@keit.eu That is weird. I just tested that the SMTP path parser in Dovecot correctly handles the address as you present it above. But I wonder what Postfix actually sends. Unfortunately, the current error message in quota-status is rather unhelpful in that regard. You could apply the following patch (against master, but v2.3 should be no problem) to get a better error message: diff --git a/src/plugins/quota/quota-status.c b/src/plugins/quota/quota-status.c index c88586d55..fdfd0fc4c 100644 --- a/src/plugins/quota/quota-status.c +++ b/src/plugins/quota/quota-status.c @@ -1,6 +1,7 @@ /* Copyright (c) 2013-2018 Dovecot authors, see the included COPYING file */ #include "lib.h" +#include "str-sanitize.h" #include "ostream.h" #include "connection.h" #include "restrict-access.h" @@ -169,8 +170,8 @@ static int client_input_line(struct connection *conn, const char *line) SMTP_ADDRESS_PARSE_FLAG_BRACKETS_OPTIONAL, >recipient, ) < 0) { i_error("quota-status: " - "Client sent invalid recipient address: %s", - error); + "Client sent invalid recipient address `%s': " + "%s", str_sanitize(line + 10, 256), error); return 0; } } else if (str_begins(line, "size=")) { Well I know it is not a conventional address but it is normally perfectly authorized. Yes, Dovecot v2.3 pays special attention to parse these correctly. When I disable quota check, I can received correctly the incoming e-mail. So is there a mean to enable quota check with this kind of e-mail address ? Please try the patch.. then I can tell you more. Regards, Stephan.
[dovecot quota-status] error "Invalid character in path"
Hello, I'm using using: - dovecot 2.3.3 (dcead646b) - postfix 3.3.1 - dovecot "quota = maildir:User quota" I'm facing the error: "quota-status: Error: quota-status: Client sent invalid recipient address: Invalid character in path" This occurred with this e-mail address: "John Smith"@keit.eu Well I know it is not a conventional address but it is normally perfectly authorized. When I disable quota check, I can received correctly the incoming e-mail. So is there a mean to enable quota check with this kind of e-mail address ? Thanks
Re: [Dovecot] quota-status not working in distributed environment
On 27.07.2018 16:26, Tom Sommer wrote: > On 2013-06-16 21:46, Timo Sirainen wrote: >> On 14.6.2013, at 9.15, Benoit Panizzon wrote: >> >>> Is there a way to get quota-status to also use the proxy feature to >>> request >>> the quota information from the correct machine? >> >> Looks like this is a missing feature. I first thought quota-status >> would go through doveadm protocol, which would make this work via >> doveadm proxying, but looks like it doesn't. Perhaps it optionally >> should. > > Any news on this? Seems strange to lose this feature when running > Director. > > -- > Tom We'll look into this. Aki
Re: [Dovecot] quota-status not working in distributed environment
On 2013-06-16 21:46, Timo Sirainen wrote: On 14.6.2013, at 9.15, Benoit Panizzon wrote: Is there a way to get quota-status to also use the proxy feature to request the quota information from the correct machine? Looks like this is a missing feature. I first thought quota-status would go through doveadm protocol, which would make this work via doveadm proxying, but looks like it doesn't. Perhaps it optionally should. Any news on this? Seems strange to lose this feature when running Director. -- Tom
Dovecot Quota and subject utf-8
Hi. When a user is over quota and a message is rejected, it sends a message back changing partially the subject (depending on the size). With utf-8 it breaks the information, we noticed this behavior when the subject line uses utf-8 and it is broken in more than one line: Subject: Quêm casé erat vim id, vix ín dicit putânt, minim çónsequuntur ea iús. Agam cetêro tê eôs, ád vim ipsum tantâs expetêndis. Ut prõ vidit diçit iudicabit, cum út çômmódo Subject of a delivered message: Subject: =?UTF-8?Q?Qu=C3=AAm_cas=C3=A9_erat_vim_id=2C_vix_=C3=ADn_dicit_p?= =?UTF-8?Q?ut=C3=A2nt=2C_minim_=C3=A7=C3=B3nsequuntur_ea_i=C3=BAs=2E_Agam_?= =?UTF-8?Q?cet=C3=AAro_t=C3=AA_e=C3=B4s=2C_=C3=A1d_vim_ipsum_tant=C3=A2s_e?= =?UTF-8?Q?xpet=C3=AAndis=2E_Ut_pr=C3=B5_vidit_di=C3=A7it_iudicabit=2C_cum?= =?UTF-8?Q?_=C3=BAt_=C3=A7=C3=B4mm=C3=B3do?= Subject of a message rejected with Dovecot Quota: Subject: Rejected: =?UTF-8?Q?Qu=C3=AAm_cas=C3=A9_erat_vim_id=2C_vix_=C3=ADn_dicit_p?=? =?... Auto-Submitted: auto-replied (rejected) Precedence: bulk https://pastebin.com/raw/SWJJARga Regards. -- Danilo G. Baio (dbaio) signature.asc Description: PGP signature
Re: Dovecot quota
t: [[:alnum:]]+ > \[(-?[[:digit:]]+\.[[:digit:]]+) / -?[[:digit:]]+\.[[:digit:]]+\] > sieve_spamtest_status_type = score > sieve_user_log = /home/vmail/sieve/sieve_error.log > sieve_virustest_status_header = X-Virus-Scan: Found to be (.+)\. > sieve_virustest_status_type = text > sieve_virustest_text_value1 = clean > sieve_virustest_text_value5 = infected > welcome_script = welcome %u > welcome_wait = yes > } > postmaster_address = postmas...@example.com > protocols = imap lmtp sieve > sendmail_path = /usr/local/sbin/sendmail > service auth-worker { > user = vmail > } > service auth { > unix_listener /var/spool/postfix/private/auth { > group = postfix > mode = 0666 > user = postfix > } > unix_listener auth-userdb { > group = vmail > mode = 0666 > user = vmail > } > } > service dict { > unix_listener dict { > group = vmail > mode = 0660 > user = vmail > } > user = root > } > service imap-login { > inet_listener imap { > address = 127.0.0.1 > port = 143 > } > inet_listener imaps { > address = xxx.xxx.xxx.xxx > port = 993 > ssl = yes > } > } > service imap { > executable = imap > } > service lmtp { > unix_listener /var/spool/postfix/private/dovecot-lmtp { > group = postfix > mode = 0666 > user = postfix > } > } > service managesieve-login { > inet_listener sieve { > address = 127.0.0.1 > port = 4190 > } > } > service quota-status { > client_limit = 1 > executable = quota-status -p postfix > unix_listener /var/spool/postfix/private/dovecot-quota { > group = postfix > mode = 0660 > user = postfix > } > } > service quota-warning { > executable = script /usr/local/etc/dovecot/quota-warning.sh > unix_listener quota-warning { > group = vmail > mode = 0660 > user = vmail > } > user = vmail > } > service welcome { > executable = script /usr/local/etc/dovecot/welcome.sh > unix_listener welcome { > user = vmail > } > user = vmail > } > ssl = required > ssl_cert = ssl_cipher_list = > ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256 > ssl_dh_parameters_length = 4096 > ssl_key = # hidden, use -P to show it > ssl_options = no_compression > ssl_prefer_server_ciphers = yes > ssl_protocols = !SSLv2 !SSLv3 !TLSv1 !TLSv1.1 TLSv1.2 > userdb { > args = /usr/local/etc/dovecot/dovecot-sql.conf.ext > driver = sql > } > protocol lmtp { > mail_fsync = optimized > mail_plugins = acl mail_log notify quota quota_clone trash virtual > welcome zlib quota acl sieve > } > protocol lda { > mail_fsync = optimized > mail_plugins = acl mail_log notify quota quota_clone trash virtual > welcome zlib quota acl sieve virtual > } > protocol imap { > mail_max_userip_connections = 20 > mail_plugins = acl mail_log notify quota quota_clone trash virtual > welcome zlib quota acl imap_acl imap_quota imap_sieve imap_zlib > last_login virtual fts fts_lucene > } > > dovecot-dict-sql.conf.ext > connect = host=SocketLocation dbname=DBName user=UserName > password=PasswordHere > > map { > pattern = priv/quota/storage > table = quota2 > username_field = username > value_field = bytes > } > > map { > pattern = priv/quota/messages > table = quota2 > username_field = username > value_field = messages > } > > map { > pattern = shared/shared-boxes/user/$to/$from > table = user_shares > value_field = dummy > > fields { > from_user = $from > to_user = $to > } > } > > map { > pattern = shared/shared-boxes/anyone/$from > table = anyone_shares > value_field = dummy > > fields { > from_user = $from > } > } > > dovecot-sql.conf.extdriver = mysql > connect = host=SocketLocation dbname=DBName user=UserName > password=PasswordHere > default_pass_scheme = SHA512-CRYPT > password_query = SELECT username AS user, domain, password FROM > accounts WHERE username = '%n' AND domain = '%d' and enabled = true > LIMIT 1; > user_query = SELECT concat('*:storage=', quota, 'M') AS quota_rule > FROM accounts WHERE username = '%n' AND domain = '%d' AND sendonly = > false; > iterate_query = SELECT username, domain FROM accounts where sendonly = false;
Dovecot quota
n subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext spamtest spamtestplus virustest editheader imapflags notify imapsieve vnd.dovecot.imapsieve namespace { location = maildir:/home/vmail/public/:CONTROL=~/mail/public:INDEX=~/mail/public mailbox TestFolder { auto = subscribe comment = Public Folder for message sharing } prefix = Public/ separator = / subscriptions = yes type = public } namespace { list = children location = maildir:/home/vmail/mail/%%d/%%n:LAYOUT=fs:INDEX=/home/vmail/indexes/%d/%n/shared/%%u:INDEXPVT=/home/vmail/indexes/%d/%n/shared/%%u prefix = shared/%%d/%%n/ separator = / subscriptions = no type = shared } namespace inbox { inbox = yes location = mailbox Archives { auto = subscribe special_use = \Archive } mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Sent { auto = subscribe special_use = \Sent } mailbox Spam { auto = subscribe autoexpunge = 30 days special_use = \Junk } mailbox Trash { auto = subscribe autoexpunge = 30 days special_use = \Trash } mailbox virtual/All { comment = All my messages special_use = \All } prefix = separator = / type = private } namespace virtual { location = virtual:/usr/local/etc/dovecot/virtual:INDEX=~/virtual:CONTROL=~/virtual prefix = virtual/ separator = / } passdb { args = /usr/local/etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { acl = vfile acl_shared_dict = proxy::acl fts = lucene fts_autoindex = yes fts_autoindex_max_recent_msgs = 80 fts_index_timeout = 90 fts_lucene = whitespace_chars=@. normalize no_snowball imapsieve_mailbox1_before = file:/home/vmail/sieve/global/learn-spam.sieve imapsieve_mailbox1_causes = COPY imapsieve_mailbox1_name = Spam imapsieve_mailbox2_before = file:/home/vmail/sieve/global/learn-ham.sieve imapsieve_mailbox2_causes = COPY imapsieve_mailbox2_from = Spam imapsieve_mailbox2_name = * mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = uid box msgid size quota = dict:User quota::proxy::quota quota_exceeded_message = Storage quota for this account has been exceeded, please try again later. quota_grace = 10%% quota_status_nouser = DUNNO quota_status_overquota = 552 5.2.2 Mailbox is full quota_status_success = DUNNO quota_vsizes = true quota_warning = storage=100%% quota-exceeded 100 %u quota_warning2 = storage=95%% quota-warning 95 %u quota_warning3 = storage=90%% quota-warning 90 %u quota_warning4 = storage=85%% quota-warning 85 %u quota_warning5 = storage=75%% quota-warning 75 %u sieve = ~/.dovecot.sieve sieve_before = /home/vmail/sieve/before.d sieve_default = /home/vmail/sieve/default.sieve sieve_dir = ~/sieve sieve_extensions = +notify +imapflags +spamtest +spamtestplus +virustest +editheader sieve_global_dir = /home/vmail/sieve sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.execute +vnd.dovecot.environment sieve_max_redirects = 30 sieve_max_script_size = 1M sieve_pipe_bin_dir = /home/vmail/sieve sieve_plugins = sieve_imapsieve sieve_extprograms sieve_spamtest_max_header = X-Spamd-Result: default: [[:alnum:]]+ \[-?[[:digit:]]+\.[[:digit:]]+ / (-?[[:digit:]]+\.[[:digit:]]+)\] sieve_spamtest_status_header = X-Spamd-Result: default: [[:alnum:]]+ \[(-?[[:digit:]]+\.[[:digit:]]+) / -?[[:digit:]]+\.[[:digit:]]+\] sieve_spamtest_status_type = score sieve_user_log = /home/vmail/sieve/sieve_error.log sieve_virustest_status_header = X-Virus-Scan: Found to be (.+)\. sieve_virustest_status_type = text sieve_virustest_text_value1 = clean sieve_virustest_text_value5 = infected welcome_script = welcome %u welcome_wait = yes } postmaster_address = postmas...@example.com protocols = imap lmtp sieve sendmail_path = /usr/local/sbin/sendmail service auth-worker { user = vmail } service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } unix_listener auth-userdb { group = vmail mode = 0666 user = vmail } } service dict { unix_listener dict { group = vmail mode = 0660 user = vmail } user = root } service imap-login { inet_listener imap { address = 127.0.0.1 port = 143 } inet_listener imaps { address = xxx.xxx.xxx.xxx port = 993 ssl = yes } } service imap { executable = imap } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0666 user = postfix } } service managesieve-login { inet_listener sieve { address = 127.0.0.1 port = 4190 } } service quota-status { client_limit = 1 executable = quota-status -p postfix unix_listener /var/spool/postfix/private/dovecot-quota { group = postfix mode
Re: dovecot quota service for postfix
Hello, Thanks for the clarifications plugin { quota = maildir:User quota quota_rule = *:storage=1G quota_grace = 10%% # 10% is the default quota_status_success = DUNNO quota_status_nouser = DUNNO quota_status_overquota = "552 5.2.2 Mailbox is full" } The above configurations is my default for all users. but my mail system is using mbox format and not maildir so what should i change in the above configuration to use mbox INSTEAD of maildir ?? Also for the quota paramater, can i use (myquota = maildir:User quota) INSTEAD of (quota = maildir:User quota) ?? or it must "QUOTA =" and not any thing else to work ? same for quota_rule parameter, should i add (_rule) after quota to work ??? can i add for example qouta_restriction INSTEAD of quota_rules ?? i am asking this question to better understand how dovecot work.. also last question when i use the following command to get quota for existing system user called michael , it gives me an error as follow, so why dovecot is not able to get the quota for the system users? doveadm quota get -u michael doveadm(michael): Fatal: User doesn't exist Many thanks >> Incase user is underquota, then the email is returned back to postfix for >> processing and delivering email to user mbox, incase user has no sufficient quota then dovecot will inform postfix to reject email. Please confirm if what i mentioned above is correct and that i >> understand >> correctly how dove-cot policy works with postfix. > Your understanding is mor or less correct, except that postfix never passes the email itself to dovecot when performing the quota check. It simply sends a message to the quota policy service asking if the recipient is over quota. If the recipient is over quota, dovecot provides postfix with the response configured in quota_status_overquota. If the recipient is under quota, dovecot provides postfix with the response configured in quota_status_success. If dovecot does not know the user, it provides postfix with the response configured in > quota_status_nouser. >> Kindly check my configuration below and advise the missing parts to add... > I don't see anything wrong with your configuration on first appraisal, but if it isn't working I would recommend you perform the following troubleshooting steps. > 1. Verify the user's mailbox is over or under quota in alignment with your expectations > - `doveadm quota -u $RECIPIENT` > 2. Test that the quota service provides the response you expect it to > - `echo "recipient=$RECIPIENT" | nc -q1 localhost 12340` > On 09/26/2015 01:40 AM, Michael Peter wrote: >> Hello, >> I am trying to use dovecot quota service for postfix in order set quota for some users. >> i configure postfix policy service to ask dovecot if user quota is sufficient to accept the email or not. >> (dovecot in this case acts only as policy server to postfix as it only ACCEPT/REJECT email according to user quota, but it is not used to deliver >> email , because postfix will deliver the email to user mailbox) Incase user is underquota, then the email is returned back to postfix for >> processing and delivering email to user mbox, incase user has no sufficient quota then dovecot will inform postfix to reject email. Please confirm if what i mentioned above is correct and that i >> understand >> correctly how dove-cot policy works with postfix. >> Kindly check my configuration below and advise the missing parts to add... >> plugin { >> quota_rule = *:storage=1G >> quota_grace = 10%% >> # 10% is the default >> quota_status_success = DUNNO >> quota_status_nouser = DUNNO >> quota_status_overquota = "552 5.2.2 Mailbox is full" >> ... >> } >> The above configurations is for all users which is not override by quota >> rules in userdb's extra fields in my password file below. >> Is the above configuration missing some thing ? i am using mbox format for >> emails storage. do you i have to add (quota= SOMETHING) before >> (quote_rule >> = *:storage=1G) and what to do add to make dovecot support mbox quota? smtpd_recipient_restrictions = >> check_policy_service inet:SERVER-HIDDEN-FOR-SECRUITY.com:12340 >> service quota-status { >> executable = quota-status -p postfix >> inet_listener { >> port = 12340 >> } >> client_limit = 1 >> } >> now in order to configure dovecot specific quota for user named (user1) i >> use passwd-file as follow >> user1:{plain}pass3:1002:1002::/home/user1::userdb_mail=mbox:~/mymail:INBOX=/var/mail/user1 userdb_quota_rule=*:bytes=300M >> All other users except users1 should have 1GB storage according to this configuration. which user1 will only have 300MB >> Please advise what is my configuration is missing and if i need to add any >> thing to run without issues. >> Many thanks >> Michael Peter
Re: dovecot quota service for postfix
Incase user is underquota, then the email is returned back to postfix for processing and delivering email to user mbox, incase user has no sufficient quota then dovecot will inform postfix to reject email. Please confirm if what i mentioned above is correct and that i understand correctly how dove-cot policy works with postfix. Your understanding is mor or less correct, except that postfix never passes the email itself to dovecot when performing the quota check. It simply sends a message to the quota policy service asking if the recipient is over quota. If the recipient is over quota, dovecot provides postfix with the response configured in quota_status_overquota. If the recipient is under quota, dovecot provides postfix with the response configured in quota_status_success. If dovecot does not know the user, it provides postfix with the response configured in quota_status_nouser. Kindly check my configuration below and advise the missing parts to add... I don't see anything wrong with your configuration on first appraisal, but if it isn't working I would recommend you perform the following troubleshooting steps. 1. Verify the user's mailbox is over or under quota in alignment with your expectations - `doveadm quota -u $RECIPIENT` 2. Test that the quota service provides the response you expect it to - `echo "recipient=$RECIPIENT" | nc -q1 localhost 12340` On 09/26/2015 01:40 AM, Michael Peter wrote: Hello, I am trying to use dovecot quota service for postfix in order set quota for some users. i configure postfix policy service to ask dovecot if user quota is sufficient to accept the email or not. (dovecot in this case acts only as policy server to postfix as it only ACCEPT/REJECT email according to user quota, but it is not used to deliver email , because postfix will deliver the email to user mailbox) Incase user is underquota, then the email is returned back to postfix for processing and delivering email to user mbox, incase user has no sufficient quota then dovecot will inform postfix to reject email. Please confirm if what i mentioned above is correct and that i understand correctly how dove-cot policy works with postfix. Kindly check my configuration below and advise the missing parts to add... plugin { quota_rule = *:storage=1G quota_grace = 10%% # 10% is the default quota_status_success = DUNNO quota_status_nouser = DUNNO quota_status_overquota = "552 5.2.2 Mailbox is full" ... } The above configurations is for all users which is not override by quota rules in userdb's extra fields in my password file below. Is the above configuration missing some thing ? i am using mbox format for emails storage. do you i have to add (quota= SOMETHING) before (quote_rule = *:storage=1G) and what to do add to make dovecot support mbox quota? smtpd_recipient_restrictions = check_policy_service inet:SERVER-HIDDEN-FOR-SECRUITY.com:12340 service quota-status { executable = quota-status -p postfix inet_listener { port = 12340 } client_limit = 1 } now in order to configure dovecot specific quota for user named (user1) i use passwd-file as follow user1:{plain}pass3:1002:1002::/home/user1::userdb_mail=mbox:~/mymail:INBOX=/var/mail/user1 userdb_quota_rule=*:bytes=300M All other users except users1 should have 1GB storage according to this configuration. which user1 will only have 300MB Please advise what is my configuration is missing and if i need to add any thing to run without issues. Many thanks Michael Peter
dovecot quota service for postfix
Hello, I am trying to use dovecot quota service for postfix in order set quota for some users. i configure postfix policy service to ask dovecot if user quota is sufficient to accept the email or not. (dovecot in this case acts only as policy server to postfix as it only ACCEPT/REJECT email according to user quota, but it is not used to deliver email , because postfix will deliver the email to user mailbox) Incase user is underquota, then the email is returned back to postfix for processing and delivering email to user mbox, incase user has no sufficient quota then dovecot will inform postfix to reject email. Please confirm if what i mentioned above is correct and that i understand correctly how dove-cot policy works with postfix. Kindly check my configuration below and advise the missing parts to add... plugin { quota_rule = *:storage=1G quota_grace = 10%% # 10% is the default quota_status_success = DUNNO quota_status_nouser = DUNNO quota_status_overquota = "552 5.2.2 Mailbox is full" ... } The above configurations is for all users which is not override by quota rules in userdb's extra fields in my password file below. Is the above configuration missing some thing ? i am using mbox format for emails storage. do you i have to add (quota= SOMETHING) before (quote_rule = *:storage=1G) and what to do add to make dovecot support mbox quota? smtpd_recipient_restrictions = check_policy_service inet:SERVER-HIDDEN-FOR-SECRUITY.com:12340 service quota-status { executable = quota-status -p postfix inet_listener { port = 12340 } client_limit = 1 } now in order to configure dovecot specific quota for user named (user1) i use passwd-file as follow user1:{plain}pass3:1002:1002::/home/user1::userdb_mail=mbox:~/mymail:INBOX=/var/mail/user1 userdb_quota_rule=*:bytes=300M All other users except users1 should have 1GB storage according to this configuration. which user1 will only have 300MB Please advise what is my configuration is missing and if i need to add any thing to run without issues. Many thanks Michael Peter
Dovecot quota via custom column
Hello, we have multiple domains connected to single user account and we want to have quota counted via this column - called account_id. Users are stored in mysql database. - iterate_query = SELECT email AS user FROM mailboxes user_query=SELECT email, 501 AS uid, 501 AS gid, CONCAT('*:storage=',quota,'M') AS quota_rule FROM mailboxes AS m WHERE email='%u' password_query=SELECT email AS user, pw_hash AS password, CONCAT('*:storage=',quota,'M') AS userdb_quota_rule FROM mailboxes AS e WHERE email='%u' - We have quota stored in dovecot dictionary and as usable variables we found only - http://wiki2.dovecot.org/Variables. Is there any way to do use account_id as quota username? Thanks, Filip Bartmann
Re: [Dovecot] quota using wrong limits in user shared mailboxes
Hi, I confirm this bug with LDAP userdb. The temporary workaround is to set quota ignore rule for Shared namespace or specific shared folder. This is obviously not secure workaround. Example: for a shared namespace: namespace ( prefix = Shared Folders/%%u/ ... } you have to set quota_rule4 = Shared Folders/*:ignore or quota_rule4 = Shared Folders/username/*:ignore - Bartlomiej Nogas
Re: [Dovecot] quota using wrong limits in user shared mailboxes
We were supposed to get an update to fix this (and other bugs) over a month or more ago if I remember right, but developer seems to be on extended hiatus On 10/3/14, Bartłomiej Nogaś bart.no...@gmail.com wrote: Hi, I confirm this bug with LDAP userdb. The temporary workaround is to set quota ignore rule for Shared namespace or specific shared folder. This is obviously not secure workaround. Example: for a shared namespace: namespace ( prefix = Shared Folders/%%u/ ... } you have to set quota_rule4 = Shared Folders/*:ignore or quota_rule4 = Shared Folders/username/*:ignore - Bartlomiej Nogas
Re: postfix alias and dovecot quota
Le 1 juil. 2014 à 04:57, Nick Edwards nick.z.edwa...@gmail.com a écrit : http://dovecot.2317879.n4.nabble.com/Postfix-aliases-with-quota-status-service-td43511.html search for post from Ulrich Zehl Thanks for the link, I use a SQL backend containing user and alias data. So I've changed the user_query to include alias and it's actually working fine on my test environnement.
Re: postfix alias and dovecot quota
On 6/29/14, Alexandre Ellert aell...@numeezy.com wrote: Le 29 juin 2014 à 06:24, Nick Edwards nick.z.edwa...@gmail.com a écrit : it is the job of postfix to do this, aliases are just that, aliases of the real mail account, they do not exist in real storage, else, they would not be alias. The problem i'm trying to solve is about dovecot capability to serve quota status via Postfix policy server protocol. It works fine when the destination address is a real mailbox, but if it's a Postfix alias, then the email is not rejected because dovecot doesn't know this user. Maybe it's a wrong idea to try to make Postfix alias visible to dovecot. Do you have another suggestion ? of course its wrong mail aliases are for MTA's *only* its not for dovecot (or any pop3/imap server), if postfix is not saying oh ok alias foo really goes to user bar, do we;ll check out bar's quota, status etc,, then ur postfix is foobarred somehow.
Re: postfix alias and dovecot quota
On 30.6.2014 12:33, Nick Edwards wrote: On 6/29/14, Alexandre Ellert aell...@numeezy.com wrote: Le 29 juin 2014 à 06:24, Nick Edwards nick.z.edwa...@gmail.com a écrit : it is the job of postfix to do this, aliases are just that, aliases of the real mail account, they do not exist in real storage, else, they would not be alias. The problem i'm trying to solve is about dovecot capability to serve quota status via Postfix policy server protocol. It works fine when the destination address is a real mailbox, but if it's a Postfix alias, then the email is not rejected because dovecot doesn't know this user. Maybe it's a wrong idea to try to make Postfix alias visible to dovecot. Do you have another suggestion ? of course its wrong mail aliases are for MTA's *only* its not for dovecot (or any pop3/imap server), if postfix is not saying oh ok alias foo really goes to user bar, do we;ll check out bar's quota, status etc,, then ur postfix is foobarred somehow. I'm not completely sure about that. If you want to use Dovecot's quota-status to reject message during SMTP session, Postfix' smtpd process needs to do that and - to my knowledge - it's only able to pass recipient address, not the aliases involved. I was looking for a solution to this few months ago as well. In the end I created sort of policy service proxy between Postfix and Dovecot. The proxy looks up aliases in database, converts them into real users and asks Dovecot about those. Final result is then reported back to postfix/smtpd.
Re: postfix alias and dovecot quota
I've the same problem. Dovecot can reply REJECT when Postfix ask for know the quota of the real user. But if the email it's alias, Dovecot does not know the email and reply DUNNO, but when the mail must be delivred by the LDA, Dovecot reject because the user it's over quota. I search since several weeks how to fix that and for postfix ask the quota-service with the real user email and not the alias. Because Postfix know the real user email because it's search it on the first time before ask Dovecot... I don't understand that postfix can't have a feature for check the quota-service with the real user email and not the alias... It's possible that I was wrong and not really understand the Postfix doku (that's really possible). If anobody have one idea that would be great, because I'm really lost, and I think i'm not alone :) Bests Regards, Nathan - Mail original - De: Jiri Bourek bou...@thinline.cz À: dovecot@dovecot.org Envoyé: Lundi 30 Juin 2014 13:37:26 Objet: Re: postfix alias and dovecot quota On 30.6.2014 12:33, Nick Edwards wrote: On 6/29/14, Alexandre Ellert aell...@numeezy.com wrote: Le 29 juin 2014 à 06:24, Nick Edwards nick.z.edwa...@gmail.com a écrit : it is the job of postfix to do this, aliases are just that, aliases of the real mail account, they do not exist in real storage, else, they would not be alias. The problem i'm trying to solve is about dovecot capability to serve quota status via Postfix policy server protocol. It works fine when the destination address is a real mailbox, but if it's a Postfix alias, then the email is not rejected because dovecot doesn't know this user. Maybe it's a wrong idea to try to make Postfix alias visible to dovecot. Do you have another suggestion ? of course its wrong mail aliases are for MTA's *only* its not for dovecot (or any pop3/imap server), if postfix is not saying oh ok alias foo really goes to user bar, do we;ll check out bar's quota, status etc,, then ur postfix is foobarred somehow. I'm not completely sure about that. If you want to use Dovecot's quota-status to reject message during SMTP session, Postfix' smtpd process needs to do that and - to my knowledge - it's only able to pass recipient address, not the aliases involved. I was looking for a solution to this few months ago as well. In the end I created sort of policy service proxy between Postfix and Dovecot. The proxy looks up aliases in database, converts them into real users and asks Dovecot about those. Final result is then reported back to postfix/smtpd.
Re: postfix alias and dovecot quota
On 30 Jun 2014, at 15:01, Nathan Schultheiss nat...@schultheiss.fr wrote: ... I search since several weeks how to fix that and for postfix ask the quota-service with the real user email and not the alias. Because Postfix know the real user email because it's search it on the first time before ask Dovecot... I don't understand that postfix can't have a feature for check the quota-service with the real user email and not the alias... It's possible that I was wrong and not really understand the Postfix doku (that's really possible). You’re not: http://www.postfix.org/SMTPD_POLICY_README.html#protocol If anobody have one idea that would be great, because I'm really lost, and I think i'm not alone :) One idea is to use the same data source for the userdb of postfix and dovecot. Mail alias data that postfix uses would then also become available for dovecot. Dovecot would then be able to correctly resolve mail aliases to users and provide useful quota information about the mailbox.
Re: postfix alias and dovecot quota
On 6/30/14, Jiri Bourek bou...@thinline.cz wrote: On 30.6.2014 12:33, Nick Edwards wrote: On 6/29/14, Alexandre Ellert aell...@numeezy.com wrote: Le 29 juin 2014 à 06:24, Nick Edwards nick.z.edwa...@gmail.com a écrit : it is the job of postfix to do this, aliases are just that, aliases of the real mail account, they do not exist in real storage, else, they would not be alias. The problem i'm trying to solve is about dovecot capability to serve quota status via Postfix policy server protocol. It works fine when the destination address is a real mailbox, but if it's a Postfix alias, then the email is not rejected because dovecot doesn't know this user. Maybe it's a wrong idea to try to make Postfix alias visible to dovecot. Do you have another suggestion ? of course its wrong mail aliases are for MTA's *only* its not for dovecot (or any pop3/imap server), if postfix is not saying oh ok alias foo really goes to user bar, do we;ll check out bar's quota, status etc,, then ur postfix is foobarred somehow. I'm not completely sure about that. If you want to use Dovecot's quota-status to reject message during SMTP session, Postfix' smtpd process needs to do that and - to my knowledge - it's only able to pass recipient address, not the aliases involved. I was looking for a solution to this few months ago as well. In the end I created sort of policy service proxy between Postfix and Dovecot. The proxy looks up aliases in database, converts them into real users and asks Dovecot about those. Final result is then reported back to postfix/smtpd. http://dovecot.2317879.n4.nabble.com/Postfix-aliases-with-quota-status-service-td43511.html search for post from Ulrich Zehl
Re: postfix alias and dovecot quota
Le 29 juin 2014 à 06:24, Nick Edwards nick.z.edwa...@gmail.com a écrit : it is the job of postfix to do this, aliases are just that, aliases of the real mail account, they do not exist in real storage, else, they would not be alias. The problem i’m trying to solve is about dovecot capability to serve quota status via Postfix policy server protocol. It works fine when the destination address is a real mailbox, but if it’s a Postfix alias, then the email is not rejected because dovecot doesn’t know this user. Maybe it’s a wrong idea to try to make Postfix alias visible to dovecot. Do you have another suggestion ?
postfix alias and dovecot quota
Hello, Can someone tell me if it’s possible to configure dovecot to answer quota information about real mailbox when I query a postfix alias mailbox (this information is actually in a mysql database) ? Example : doveadm quota get - u al...@domain.com doveadm(al...@domain.com): Fatal: User doesn't exist doveadm quota get - u realmail...@domain.com Quota name Type Value Limit % user STORAGE 2048853 2048000 100 user MESSAGE6783 - 0 I’d like to have this result : doveadm quota get - u al...@domain.com Quota name Type Value Limit % user STORAGE 2048853 2048000 100 user MESSAGE6783 - 0 doveadm quota get - u realmail...@domain.com Quota name Type Value Limit % user STORAGE 2048853 2048000 100 user MESSAGE6783 - 0 Thanks for your help. Alexandre.
Re: postfix alias and dovecot quota
it is the job of postfix to do this, aliases are just that, aliases of the real mail account, they do not exist in real storage, else, they would not be aliaes. On 6/29/14, Alexandre Ellert aell...@numeezy.com wrote: Hello, Can someone tell me if it's possible to configure dovecot to answer quota information about real mailbox when I query a postfix alias mailbox (this information is actually in a mysql database) ? Example : doveadm quota get - u al...@domain.com doveadm(al...@domain.com): Fatal: User doesn't exist doveadm quota get - u realmail...@domain.com Quota name Type Value Limit % user STORAGE 2048853 2048000 100 user MESSAGE6783 - 0 I'd like to have this result : doveadm quota get - u al...@domain.com Quota name Type Value Limit % user STORAGE 2048853 2048000 100 user MESSAGE6783 - 0 doveadm quota get - u realmail...@domain.com Quota name Type Value Limit % user STORAGE 2048853 2048000 100 user MESSAGE6783 - 0 Thanks for your help. Alexandre.
Re: [Dovecot] [dovecot]Quota per user from openldap
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 27 May 2014, Selcuk Yazar wrote: in dovecot documentation i try to implement quota per users. i added dovecot-ldap.conf file user_attrs = homeDirectory=home, uidNumber=uid, gidNumber=gid, mailbox=mail, quota=quota_rule=*:bytes=%$ and i see in logs quota(quota_rule=*:bytes=%$)=*:bytes=241800 Debug: Added userdb setting: plugin/quota_rule=*:bytes=241800 is the quota correct at all, the limit and the current value, see: doveadm quota get -u user and it's companion recalc. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBU5BXBnz1H7kL/d9rAQLSVQf+Imtw+iRGs/upcKJV3QzR8fIVU5Sykt5z smyKTINS54WS7oaErL4hPy3Si0r3XModQaQFTA30e4DzZTOix7bQh4+Xpc0p4yHM YsnXNBEWZy+/vQblLqqbEYKBkEfUGW7yYQ1dw1vztKfYtqN07DU0jvd7SMD1W/Ra tVYOAy/0AFG58qTAYG/kk93Qr+pZ/HZlSpOy+wQRta8LK6u5lpJdPP8yTXGrQSV/ fcNKl0kmHVk/er498ecSvPmUoPKPG9mSpqXhZNC0jhlV+XIfSZbx4gPpdZ8++At4 ACOhH1Bw//6QIgtWCfABgnJExZJeiUNAprpGAeDYhfwngdqO2LTV5Q== =F4Le -END PGP SIGNATURE-
Re: [Dovecot] [dovecot]Quota per user from openldap
El 27/05/14 13:05, Selcuk Yazar escribió: Hi, in dovecot documentation i try to implement quota per users. i added dovecot-ldap.conf file user_attrs = homeDirectory=home, uidNumber=uid, gidNumber=gid, mailbox=mail, quota=quota_rule=*:bytes=%$ and i see in logs quota(quota_rule=*:bytes=%$)=*:bytes=241800 Debug: Added userdb setting: plugin/quota_rule=*:bytes=241800 but still mail is delivering , i'not sure other settings about 20-imap.conf and 20-pop3.conf from documentation. what is the correct steps for this? My working configuration is: pass_attrs = ...,quota=userdb_quota_rule user_attrs = ...,quota=quota_rule And entries in ldap have attribute as: quota: *:storage=20G -- Angel L. Mateo Martínez Sección de Telemática Área de Tecnologías de la Información y las Comunicaciones Aplicadas (ATICA) http://www.um.es/atica Tfo: 868887590 Fax: 86337
[Dovecot] [dovecot]Quota per user from openldap
Hi, in dovecot documentation i try to implement quota per users. i added dovecot-ldap.conf file user_attrs = homeDirectory=home, uidNumber=uid, gidNumber=gid, mailbox=mail, quota=quota_rule=*:bytes=%$ and i see in logs quota(quota_rule=*:bytes=%$)=*:bytes=241800 Debug: Added userdb setting: plugin/quota_rule=*:bytes=241800 but still mail is delivering , i'not sure other settings about 20-imap.conf and 20-pop3.conf from documentation. what is the correct steps for this? thanks in advance -- Selçuk YAZAR
[Dovecot] quota using wrong limits in user shared mailboxes
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, I have setup a shared namespace to expose user's mailboxes to other users. That works well. Via ACLs users can access other users mailboxes. I have setup a quota for each user, that works well, too. The quota is tracked and new messages are denied, if the quota is exceeded. I do not find hints, if you need to setup something special for shared namespaces. http://wiki2.dovecot.org/Quota/Configuration shows how to track the quota and http://wiki2.dovecot.org/SharedMailboxes/Shared shows how to setup the namespace and ACL. If user1 shares mailbox to user2 and user2 copies a message there, the quota is tracked in the quota of user1 correctly. But to calculate if * LOGIN user2 ... * COPY 1 users.user1.mailbox fails with overquota or succeed, the quota limit of user2 is used instead of the quota of user1, whom mailbox belongs to. I have tested it with a. limit(user2) limit(user1) b. quota(user1) + sizeof(message) limit(user1) if quota(user1) + sizeof(message) limit(user2), COPY fails with overquota. If I raise the quota of user2, the COPY succeeds. That means, although the target user's quota is not exceeded and won't after the copy, COPY fails. That seems to be wrong for me. The same will apply to the other way round, I guess: If the target user is over quota, but copying user's quota limit is greater than that, the COPY succeeds. [I have not tested it.] Hence, if you enable sharing, you undermine quota, because the other user can copy messages into a mailbox of an user overquota. Does other people see the same issue? My config: # 2.2.10 (5432b55a2b87): /usr/local/dovecot-2.2.10/etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.9 auth_cache_size = 30 M auth_mechanisms = plain login auth_verbose = yes auth_worker_max_count = 100 base_dir = /var/run/dovecot2.2/ default_vsz_limit = 512 M deliver_log_format = msgid=%m: %$ %p/%w %f %s dict { acl = pgsql:/usr/local/dovecot-2.2.10/etc/dovecot/dovecot-dict-sql.conf.ext quota = pgsql:/usr/local/dovecot-2.2.10/etc/dovecot/dovecot-dict-sql.conf.ext } disable_plaintext_auth = no instance_name = dovecot2.2 lda_mailbox_autocreate = yes lmtp_save_to_detail_mailbox = yes log_path = /var/log/dovecot/dovecot2.2.log log_timestamp = %F %H:%M:%S mail_gid = vmail mail_log_prefix = %Us(%u) [%p]: mail_max_userip_connections = 0 mail_plugins = quota notify mail_log zlib acl stats mail_shared_explicit_inbox = yes mail_uid = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave imapflags namespace { list = children location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u prefix = users.%%u. separator = . type = shared } namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox Sent Messages { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /usr/local/dovecot-2.2.10/etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { acl = vfile acl_shared_dict = proxy::acl antispam_allow_append_to_spam = yes antispam_backend = spool2dir antispam_spam = SPAM+ReportAsSPAM antispam_spool2dir_notspam = /tmp/spamspool/%%020lu-%%05lu-%u-H antispam_spool2dir_spam = /tmp/spamspool/%%020lu-%%05lu-%u-S antispam_trash = trash;TRASH;Trash;spam;SPAM;Spam;junk;JUNK;Junk;Deleted Items;Deleted Messages;GelAPY-schte Elemente;GelAPY-schte Objekte;Junk E-mail;Junk-E-Mail;INBOX.Trash;INBOX.TRASH;INBOX.trash mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = uid box msgid size vsize from subject quota = dict:User quota::proxy::quota quota_rule = *:storage=300MB quota_rule2 = Trash:storage=+30M recipient_delimiter = + sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_extensions = +imapflags sieve_max_actions = 0 sieve_quota_max_storage = 3M stats_command_min_time = 1 mins stats_domain_min_time = 12 hours stats_ip_min_time = 12 hours stats_memory_limit = 128 M stats_refresh = 30 secs stats_session_min_time = 15 mins stats_track_cmds = yes stats_user_min_time = 1 hours } postmaster_address = postmas...@inf.h-brs.de protocols = imap pop3 lmtp sieve quota_full_tempfail = yes service auth { unix_listener auth-client { mode = 0766 } unix_listener auth-userdb { mode = 0766 user = vmail } } service dict { unix_listener dict { group = vmail mode = 0660 user = vmail } } service doveadm { unix_listener doveadm-server { mode = 0666 } } service imap-login { process_min_avail = 4 service_count = 0 vsz_limit = 768 M } service imap { process_limit = 1000
[Dovecot] quota is exceeded during send mail
Hi, i try configure qouta plugin in dovecot. If i want sent mail to user with full mailbox all is ok, messege is reject. But if i want sent mail from user with full mailbox then messege is delivery and save to sent folder so quota is unlimited in this case. my dovecot.conf # 2.2.9: /usr/local/etc/dovecot/dovecot.conf # OS: Linux 2.6.32-358.el6.x86_64 x86_64 CentOS release 6.4 (Final) ext4 auth_mechanisms = plain login dict { quotadict = mysql:/usr/local/etc/dovecot/dovecot-dict-quota.conf } disable_plaintext_auth = no first_valid_gid = 12 first_valid_uid = 101 lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes lmtp_save_to_detail_mailbox = yes mail_location = maildir:/home/vmail/%d/%n mail_plugins = quota managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave passdb { args = /usr/local/etc/dovecot/dovecot-mysql.conf driver = sql } plugin { acl = vfile:/usr/local/etc/dovecot/acls quota = dict:user::proxy::quotadict quota_exceeded_message = Quota exceeded. quota_grace = 10MB trash = /usr/local/etc/dovecot/trash.conf } protocols = imap pop3 lmtp sieve service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } unix_listener auth-userdb { group = mail mode = 0666 user = vmail } } service dict { unix_listener dict { group = mail mode = 0666 user = vmail } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } } service imap { vsz_limit = 256 M } service managesieve-login { inet_listener sieve { port = 4190 } process_min_avail = 0 service_count = 1 vsz_limit = 64 M } service pop3-login { inet_listener pop3 { port = 110 } inet_listener pop3s { port = 995 ssl = yes } } ssl_cert = /etc/pki/tls/certs/localhost.crt ssl_key = /etc/pki/tls/private/localhost.key userdb { driver = prefetch } userdb { args = /usr/local/etc/dovecot/dovecot-mysql.conf driver = sql } protocol lda { mail_plugins = quota sieve postmaster_address = root@hostname } protocol imap { imap_client_workarounds = delay-newmail mail_plugins = quota imap_quota trash } protocol lmtp { mail_plugins = quota sieve } protocol pop3 { mail_plugins = quota pop3_client_workarounds = outlook-no-nuls oe-ns-eoh } protocol sieve { managesieve_implementation_string = Dovecot Pigeonhole managesieve_max_compile_errors = 5 managesieve_max_line_length = 65536 } -- View this message in context: http://dovecot.2317879.n4.nabble.com/quota-is-exceeded-during-send-mail-tp47149.html Sent from the Dovecot mailing list archive at Nabble.com.
Re: [Dovecot] Quota-Status issue
Thanks for the help. For some reason I couldn't find the dovecot log before, but there it was staring me in the face, haha. Here's the error I was getting: Feb 27 14:55:06 auth-worker(30525): Error: sql(t...@example.com): User query failed: Unknown column 'mailbox.enablequota-status' in 'where clause' Feb 27 14:55:06 quota-status: Error: user t...@example.com: Auth USER lookup failed Looks like it was missing a column in the table. Was able to fix it by adding: ALTER TABLE vmail.umailbox ADD `enablequota-status` tinyint(1) DEFAULT 1 AFTER `enablelib-storage`; Now it works as expected! printf recipient=t...@example.com\nsize=12304\n\n | nc 127.0.0.1 12340 action=552 5.2.2 Mailbox is full Once again, thanks for the help. Everything is working smoothly now. On Mon, Feb 24, 2014 at 5:56 PM, Charles Sprickman sp...@bway.net wrote: On Feb 20, 2014, at 5:12 PM, Cyberonic Turbo wrote: Following this guide: http://sys4.de/en/blog/2013/04/08/postfix-dovecot-mailbox-quota/ I can't seem to get it to work, as soon as I add the smtpd_recipient_restrictions setting to postfix I can no longer send mail at all. I get the message SMTP Error (450): Failed to add recipient postmas...@example.com (4.7.1 : Recipient address rejected: Internal error occurred. Refer to server log for more information.). I googled around and found this command to test the quota-status service: printf recipient=postmaster at example.com\nsize=1234\n\n | nc 127.0.0.1 12340 It seems to always return the quota_status_nouser message. I'm really stumped here. What logs do I need to check for errors and does anyone have any experience with this? I'm not an expert, I just followed the same guide a few days ago while preparing to front an old vpopmail system with postfix. It did work for me. Before moving on to enabling the check in postfix, verify that the dovecot side is working. Your example test should work, I did the same here: [root@util-b /usr/local/etc/postfix]# printf recipient=c...@test.bway.net\nsize=12304\n\n | nc mbox.i 25001 action=DUNNO [root@util-b /usr/local/etc/postfix]# printf recipient=c...@test.bway.net\nsize=1234\n\n | nc mbox.i 25001 action=552 5.2.2 Mailbox is full If that fails for you, examine the dovecot log. In my case, I did have to provide the full path to the quota-status binary and dovecot complained about not being able to find it. Make sure you actually have quota-status installed. Full dovecot snippet for this below: # report quota to postfix # see http://sys4.de/en/blog/2013/04/08/postfix-dovecot-mailbox-quota/ plugin { quota_status_success = DUNNO quota_status_nouser = DUNNO quota_status_overquota = 552 5.2.2 Mailbox is full } service quota-status { executable = /usr/local/libexec/dovecot/quota-status -p postfix inet_listener { address = 10.x.x.19 # In my case I want it listening on a particular IP port = 25001 } client_limit = 5 } If the dovecot portion is working, then move on to your postfix logs... Charles I'm running Dovect 2.2.10 with Postfix 2.6.6 Here's my dovecot -n result: # 2.2.10: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-431.5.1.el6.x86_64 x86_64 CentOS release 6.5 (Final) auth_master_user_separator = * auth_mechanisms = PLAIN LOGIN dict { acl = mysql:/etc/dovecot/dovecot-share-folder.conf quotadict = mysql:/etc/dovecot/dovecot-used-quota.conf } first_valid_uid = 2000 last_valid_uid = 2000 listen = * log_path = /var/log/dovecot.log mail_gid = 2000 mail_location = maildir:/%Lh/Maildir/:INDEX=/%Lh/Maildir/ mail_plugins = quota mail_uid = 2000 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace { inbox = yes location = prefix = separator = / type = private } namespace { list = children location = maildir:/%%Lh/Maildir/:INDEX=/%%Lh/Maildir/Shared/%%u prefix = Shared/%%u/ separator = / subscriptions = yes type = shared } passdb { args = /etc/dovecot/dovecot-mysql.conf driver = sql } passdb { args = /etc/dovecot/dovecot-master-users-password driver = passwd-file master = yes } plugin { acl = vfile acl_shared_dict = proxy::acl auth_socket_path = /var/run/dovecot/auth-master autocreate = INBOX autocreate2 = Sent autocreate3 = Trash autocreate4 = Drafts autocreate5 = Junk autosubscribe = INBOX autosubscribe2 = Sent autosubscribe3 = Trash autosubscribe4 = Drafts autosubscribe5 = Junk quota = dict:user::proxy::quotadict quota_grace = 10%% quota_rule = *:storage=1G quota_status_nouser = DUNNO quota_status_overquota = 552 5.2.2 Mailbox is full quota_status_success = DUNNO quota_warning
Re: [Dovecot] Quota-Status issue
On Feb 20, 2014, at 5:12 PM, Cyberonic Turbo wrote: Following this guide: http://sys4.de/en/blog/2013/04/08/postfix-dovecot-mailbox-quota/ I can't seem to get it to work, as soon as I add the smtpd_recipient_restrictions setting to postfix I can no longer send mail at all. I get the message SMTP Error (450): Failed to add recipient postmas...@example.com (4.7.1 : Recipient address rejected: Internal error occurred. Refer to server log for more information.). I googled around and found this command to test the quota-status service: printf recipient=postmaster at example.com\nsize=1234\n\n | nc 127.0.0.1 12340 It seems to always return the quota_status_nouser message. I'm really stumped here. What logs do I need to check for errors and does anyone have any experience with this? I'm not an expert, I just followed the same guide a few days ago while preparing to front an old vpopmail system with postfix. It did work for me. Before moving on to enabling the check in postfix, verify that the dovecot side is working. Your example test should work, I did the same here: [root@util-b /usr/local/etc/postfix]# printf recipient=c...@test.bway.net\nsize=12304\n\n | nc mbox.i 25001 action=DUNNO [root@util-b /usr/local/etc/postfix]# printf recipient=c...@test.bway.net\nsize=1234\n\n | nc mbox.i 25001 action=552 5.2.2 Mailbox is full If that fails for you, examine the dovecot log. In my case, I did have to provide the full path to the quota-status binary and dovecot complained about not being able to find it. Make sure you actually have quota-status installed. Full dovecot snippet for this below: # report quota to postfix # see http://sys4.de/en/blog/2013/04/08/postfix-dovecot-mailbox-quota/ plugin { quota_status_success = DUNNO quota_status_nouser = DUNNO quota_status_overquota = 552 5.2.2 Mailbox is full } service quota-status { executable = /usr/local/libexec/dovecot/quota-status -p postfix inet_listener { address = 10.x.x.19 # In my case I want it listening on a particular IP port = 25001 } client_limit = 5 } If the dovecot portion is working, then move on to your postfix logs… Charles I'm running Dovect 2.2.10 with Postfix 2.6.6 Here's my dovecot -n result: # 2.2.10: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-431.5.1.el6.x86_64 x86_64 CentOS release 6.5 (Final) auth_master_user_separator = * auth_mechanisms = PLAIN LOGIN dict { acl = mysql:/etc/dovecot/dovecot-share-folder.conf quotadict = mysql:/etc/dovecot/dovecot-used-quota.conf } first_valid_uid = 2000 last_valid_uid = 2000 listen = * log_path = /var/log/dovecot.log mail_gid = 2000 mail_location = maildir:/%Lh/Maildir/:INDEX=/%Lh/Maildir/ mail_plugins = quota mail_uid = 2000 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace { inbox = yes location = prefix = separator = / type = private } namespace { list = children location = maildir:/%%Lh/Maildir/:INDEX=/%%Lh/Maildir/Shared/%%u prefix = Shared/%%u/ separator = / subscriptions = yes type = shared } passdb { args = /etc/dovecot/dovecot-mysql.conf driver = sql } passdb { args = /etc/dovecot/dovecot-master-users-password driver = passwd-file master = yes } plugin { acl = vfile acl_shared_dict = proxy::acl auth_socket_path = /var/run/dovecot/auth-master autocreate = INBOX autocreate2 = Sent autocreate3 = Trash autocreate4 = Drafts autocreate5 = Junk autosubscribe = INBOX autosubscribe2 = Sent autosubscribe3 = Trash autosubscribe4 = Drafts autosubscribe5 = Junk quota = dict:user::proxy::quotadict quota_grace = 10%% quota_rule = *:storage=1G quota_status_nouser = DUNNO quota_status_overquota = 552 5.2.2 Mailbox is full quota_status_success = DUNNO quota_warning = storage=85%% quota-warning 85 %u quota_warning2 = storage=90%% quota-warning 90 %u quota_warning3 = storage=95%% quota-warning 95 %u sieve = /%Lh/sieve/dovecot.sieve sieve_dir = /%Lh/sieve sieve_global_dir = /var/vmail/sieve sieve_global_path = /var/vmail/sieve/dovecot.sieve } protocols = pop3 imap sieve service auth { unix_listener /var/spool/postfix/dovecot-auth { group = postfix mode = 0666 user = postfix } unix_listener auth-master { group = vmail mode = 0666 user = vmail } unix_listener auth-userdb { group = vmail mode = 0660 user = vmail } } service dict { unix_listener dict { group = vmail mode = 0660 user = vmail } } service imap-login { process_limit = 500 service_count = 1 } service pop3-login { service_count = 1 } service quota-status { client_limit = 1 executable = quota-status -p postfix inet_listener { port = 12340 } } service quota
[Dovecot] Quota-Status issue
Following this guide: http://sys4.de/en/blog/2013/04/08/postfix-dovecot-mailbox-quota/ I can't seem to get it to work, as soon as I add the smtpd_recipient_restrictions setting to postfix I can no longer send mail at all. I get the message SMTP Error (450): Failed to add recipient postmas...@example.com (4.7.1 : Recipient address rejected: Internal error occurred. Refer to server log for more information.). I googled around and found this command to test the quota-status service: printf recipient=postmaster at example.com\nsize=1234\n\n | nc 127.0.0.1 12340 It seems to always return the quota_status_nouser message. I'm really stumped here. What logs do I need to check for errors and does anyone have any experience with this? I'm running Dovect 2.2.10 with Postfix 2.6.6 Here's my dovecot -n result: # 2.2.10: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-431.5.1.el6.x86_64 x86_64 CentOS release 6.5 (Final) auth_master_user_separator = * auth_mechanisms = PLAIN LOGIN dict { acl = mysql:/etc/dovecot/dovecot-share-folder.conf quotadict = mysql:/etc/dovecot/dovecot-used-quota.conf } first_valid_uid = 2000 last_valid_uid = 2000 listen = * log_path = /var/log/dovecot.log mail_gid = 2000 mail_location = maildir:/%Lh/Maildir/:INDEX=/%Lh/Maildir/ mail_plugins = quota mail_uid = 2000 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace { inbox = yes location = prefix = separator = / type = private } namespace { list = children location = maildir:/%%Lh/Maildir/:INDEX=/%%Lh/Maildir/Shared/%%u prefix = Shared/%%u/ separator = / subscriptions = yes type = shared } passdb { args = /etc/dovecot/dovecot-mysql.conf driver = sql } passdb { args = /etc/dovecot/dovecot-master-users-password driver = passwd-file master = yes } plugin { acl = vfile acl_shared_dict = proxy::acl auth_socket_path = /var/run/dovecot/auth-master autocreate = INBOX autocreate2 = Sent autocreate3 = Trash autocreate4 = Drafts autocreate5 = Junk autosubscribe = INBOX autosubscribe2 = Sent autosubscribe3 = Trash autosubscribe4 = Drafts autosubscribe5 = Junk quota = dict:user::proxy::quotadict quota_grace = 10%% quota_rule = *:storage=1G quota_status_nouser = DUNNO quota_status_overquota = 552 5.2.2 Mailbox is full quota_status_success = DUNNO quota_warning = storage=85%% quota-warning 85 %u quota_warning2 = storage=90%% quota-warning 90 %u quota_warning3 = storage=95%% quota-warning 95 %u sieve = /%Lh/sieve/dovecot.sieve sieve_dir = /%Lh/sieve sieve_global_dir = /var/vmail/sieve sieve_global_path = /var/vmail/sieve/dovecot.sieve } protocols = pop3 imap sieve service auth { unix_listener /var/spool/postfix/dovecot-auth { group = postfix mode = 0666 user = postfix } unix_listener auth-master { group = vmail mode = 0666 user = vmail } unix_listener auth-userdb { group = vmail mode = 0660 user = vmail } } service dict { unix_listener dict { group = vmail mode = 0660 user = vmail } } service imap-login { process_limit = 500 service_count = 1 } service pop3-login { service_count = 1 } service quota-status { client_limit = 1 executable = quota-status -p postfix inet_listener { port = 12340 } } service quota-warning { executable = script /usr/local/bin/dovecot-quota-warning.sh unix_listener quota-warning { group = vmail mode = 0660 user = vmail } } ssl = required ssl_cert = /etc/pki/tls/certs/iRedMail_CA.pem ssl_key = /etc/pki/tls/private/iRedMail.key userdb { args = /etc/dovecot/dovecot-mysql.conf driver = sql } protocol lda { auth_socket_path = /var/run/dovecot/auth-master lda_mailbox_autocreate = yes log_path = /var/log/sieve.log mail_plugins = quota sieve autocreate postmaster_address = root } protocol imap { imap_client_workarounds = tb-extra-mailbox-sep mail_plugins = quota imap_quota autocreate } protocol pop3 { mail_plugins = quota pop3_client_workarounds = outlook-no-nuls oe-ns-eoh pop3_uidl_format = %08Xu%08Xv } For my postfix/main.cf I have this relevant setting: smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unlisted_recipient, check_policy_service inet:127.0.0.1:, check_policy_service inet:127.0.0.1:10031, check_policy_service inet:127.0.0.1:12340, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
Re: [Dovecot] Dovecot quota with MySQL - username issue
Le 26 déc. 2013 à 10:04, michael a écrit : Hi all, I'm using Dovecot 2.2.8 with quota using a MySQL backend. The Quota plugin is listed for POP3, IMAP and LDA. When it is enabled for LDA, it populates the username field in the MySQL table with e mail addresses. I end up with a mixture of email addresses and usernames, which causes things to not fully work. It *should* be just usernames. the LDA SQL statement is: [...] Can this be fixed? Michael Hello Michael, I'm a bit late on this one... I guess your SELECT should return a quota column, probably something like: CONCAT('dict:user:', mailboxes.username, ':proxy::quotadict') AS quota because your quota definition in dovecot.conf will be filled with the username as known by the service currently making use of it. HTH, Axel
[Dovecot] Dovecot quota with MySQL - username issue
Hi all, I'm using Dovecot 2.2.8 with quota using a MySQL backend. The Quota plugin is listed for POP3, IMAP and LDA. When it is enabled for LDA, it populates the username field in the MySQL table with e mail addresses. I end up with a mixture of email addresses and usernames, which causes things to not fully work. It *should* be just usernames. the LDA SQL statement is: user_query = \ SELECT mailboxes.username, accounts.uid, accounts.uid AS gid, \ concat('/home/',mailboxes.username) AS home, \ (SELECT IF(accounts.new_mail_fmt=1, \ CONCAT('Maildir:',home,'/Maildir'), \ CONCAT('mbox:',home,'/Maildir:INBOX=/var/spool/mail/',mailboxes.username))) AS mail_location \ FROM mailboxes JOIN accounts ON accounts.username=mailboxes.username \ WHERE (mailboxes.email='%u' || \ (mailboxes.email=CONCAT('@','%d') AND (SELECT COUNT(email) FROM mailboxes \ WHERE email='%u') = 0) AND mailboxes.active IS TRUE) It clearly knows the username. Usernames on this system are just names, not full email addresses. The configuration of Quota Dict is: dovecot.conf dict/quotadict = mysql:/etc/dovecot/dovecot-dict-sql.conf ... quota = dict:user::proxy::quotadict dovecot-dict-sql.conf map { pattern = priv/quota/storage table = quota username_field = username value_field = bytes } map { pattern = priv/quota/messages table = quota username_field = username value_field = messages } Can this be fixed? Michael
Re: [Dovecot] quota warning by script fails
Wow, ok, I finally solved this on my own. I just wanted to let anyone know, if one encounters a similar situation: The point was as simple as bad: The script called a command that just hang in my environment :/ With the fixed script, everything is fine ;) kind regards, jimmy Hello! I looked around all online resources I found, but I'm not able to find my failure. So any help would be welcome! The problem arises with an dovecot 2.2.6 on a 9.2 FreeBSD RELEASE in a jailed environment. I have the following config settings regarding quota (which works in general, but just without calling the script): /etc/dovecot/conf.d/90-quota.conf: ... plugin { quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u } service quota-warning { executable = script /usr/sbin/quota-warning.sh unix_listener quota-warning { mode = 0666 } } ... script: -rwxrwxrwx 1 root wheel 580 23 Nov 17:14 /usr/sbin/quota-warning.sh* socket: [root@testfbsd ~]# ll /var/run/dovecot/quota-warning srw-rw-rw- 1 root wheel 0 23 Nov 17:06 /var/run/dovecot/quota-warning= Calling the 'quota-warning.sh' script from the console works: Nov 23 17:00:42 testfbsd dovecot: lda(ad...@testfbsd.x.net): msgid=Ne509YyBcF4pRuYBSyaSfTuUquS9YW@testfbsd: saved mail to INBOX But when I force dovecot to call it with sending to much mails to the server, the following log comes up (which show, that dovecot at least wants to call the script :Debug: quota: Executing warning: quota-warning 95 admin@testfbnet in my understanding): (no further errors or messages about non existing sockets or wrong perms etc. comes up) == /var/log/maillog == Nov 23 18:19:15 testfbsd sm-mta[75486]: STARTTLS=server, relay= mail-wi0-f196.google.com [209.85.212.196], version=TLSv1/SSLv3, verify=NOT, cipher=RC4-SHA, bits=128/128 Nov 23 18:19:15 testfbsd sm-mta[75486]: rANHJEOP075486: from= jtx...@gmail.com, size=288072, class=0, nrcpts=1, msgid=CAJeXgQBj7VvTqKGDTNE-PCXKf28X3fSQ3R=zp+l2cpejvln...@mail.gmail.com, proto=ESMTP, daemon=MTA, relay=mail-wi0-f196.google.com [209.85.212.196] == /var/log/debug.log == Nov 23 18:19:17 testfbsd dovecot: lda: Debug: Loading modules from directory: /usr/iports/lib/dovecot Nov 23 18:19:17 testfbsd dovecot: lda: Debug: Module loaded: /usr/iports/lib/dovecot/lib10_quota_plugin.so Nov 23 18:19:17 testfbsd dovecot: auth: Debug: master in: USER 1 admin@testfbnet service=lda Nov 23 18:19:17 testfbsd dovecot: auth: Debug: passwd-file(admin@testfbnet): lookup: user=admin@testfbnet file=/etc/mail/mailuser Nov 23 18:19:17 testfbsd dovecot: auth: Debug: userdb out: USER 1 admin@testfbnet uid=1000gid=1000 home=/home/admin@testfbnet quota_rule=*:storage=2M Nov 23 18:19:17 testfbsd dovecot: lda: Debug: auth input: admin@testfbnet uid=1000 gid=1000 home=/home/admin@testfbnet quota_rule=*:storage=2M Nov 23 18:19:17 testfbsd dovecot: lda: Debug: Added userdb setting: plugin/quota_rule=*:storage=2M Nov 23 18:19:17 testfbsd dovecot: lda(admin@testfbnet): Debug: Effective uid=1000, gid=1000, home=/home/admin@testfbnet Nov 23 18:19:17 testfbsd dovecot: lda(admin@testfbnet): Debug: Quota root: name=User quota backend=maildir args= Nov 23 18:19:17 testfbsd dovecot: lda(admin@testfbnet): Debug: Quota rule: root=User quota mailbox=* bytes=2097152 messages=0 Nov 23 18:19:17 testfbsd dovecot: lda(admin@testfbnet): Debug: Quota rule: root=User quota mailbox=Trash bytes=+10485760 messages=0 Nov 23 18:19:17 testfbsd dovecot: lda(admin@testfbnet): Debug: Quota rule: root=User quota mailbox=Deleted Messages bytes=+10485760 messages=0 Nov 23 18:19:17 testfbsd dovecot: lda(admin@testfbnet): Debug: Quota warning: bytes=1992294 (95%) messages=0 reverse=no command=quota-warning 95 admin@testfbnet Nov 23 18:19:17 testfbsd dovecot: lda(admin@testfbnet): Debug: Quota warning: bytes=1677721 (80%) messages=0 reverse=no command=quota-warning 80 admin@testfbnet Nov 23 18:19:17 testfbsd dovecot: lda(admin@testfbnet): Debug: Quota warning: bytes=1048576 (50%) messages=0 reverse=no command=quota-warning 50 admin@testfbnet Nov 23 18:19:17 testfbsd dovecot: lda(admin@testfbnet): Debug: Quota grace: root=User quota bytes=209715 (10%) Nov 23 18:19:17 testfbsd dovecot: lda(admin@testfbnet): Debug: Namespace inbox: type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:/home/admin@testfbnet/mail Nov 23 18:19:17 testfbsd dovecot: lda(admin@testfbnet): Debug: maildir++: root=/home/admin@testfbnet/mail, index=, indexpvt=, control=, inbox=/home/admin@testfbnet/mail, alt
[Dovecot] quota warning by script fails
Hello! I looked around all online resources I found, but I'm not able to find my failure. So any help would be welcome! The problem arises with an dovecot 2.2.6 on a 9.2 FreeBSD RELEASE in a jailed environment. I have the following config settings regarding quota (which works in general, but just without calling the script): /etc/dovecot/conf.d/90-quota.conf: ... plugin { quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u } service quota-warning { executable = script /usr/sbin/quota-warning.sh unix_listener quota-warning { mode = 0666 } } ... script: -rwxrwxrwx 1 root wheel 580 23 Nov 17:14 /usr/sbin/quota-warning.sh* socket: [root@testfbsd ~]# ll /var/run/dovecot/quota-warning srw-rw-rw- 1 root wheel 0 23 Nov 17:06 /var/run/dovecot/quota-warning= Calling the 'quota-warning.sh' script from the console works: Nov 23 17:00:42 testfbsd dovecot: lda(ad...@testfbsd.x.net): msgid=Ne509YyBcF4pRuYBSyaSfTuUquS9YW@testfbsd: saved mail to INBOX But when I force dovecot to call it with sending to much mails to the server, the following log comes up (which show, that dovecot at least wants to call the script :Debug: quota: Executing warning: quota-warning 95 admin@testfbnet in my understanding): (no further errors or messages about non existing sockets or wrong perms etc. comes up) == /var/log/maillog == Nov 23 18:19:15 testfbsd sm-mta[75486]: STARTTLS=server, relay= mail-wi0-f196.google.com [209.85.212.196], version=TLSv1/SSLv3, verify=NOT, cipher=RC4-SHA, bits=128/128 Nov 23 18:19:15 testfbsd sm-mta[75486]: rANHJEOP075486: from= jtx...@gmail.com, size=288072, class=0, nrcpts=1, msgid=CAJeXgQBj7VvTqKGDTNE-PCXKf28X3fSQ3R=zp+l2cpejvln...@mail.gmail.com, proto=ESMTP, daemon=MTA, relay=mail-wi0-f196.google.com [209.85.212.196] == /var/log/debug.log == Nov 23 18:19:17 testfbsd dovecot: lda: Debug: Loading modules from directory: /usr/iports/lib/dovecot Nov 23 18:19:17 testfbsd dovecot: lda: Debug: Module loaded: /usr/iports/lib/dovecot/lib10_quota_plugin.so Nov 23 18:19:17 testfbsd dovecot: auth: Debug: master in: USER 1 admin@testfbnet service=lda Nov 23 18:19:17 testfbsd dovecot: auth: Debug: passwd-file(admin@testfbnet): lookup: user=admin@testfbnet file=/etc/mail/mailuser Nov 23 18:19:17 testfbsd dovecot: auth: Debug: userdb out: USER 1 admin@testfbnet uid=1000gid=1000 home=/home/admin@testfbnet quota_rule=*:storage=2M Nov 23 18:19:17 testfbsd dovecot: lda: Debug: auth input: admin@testfbnet uid=1000 gid=1000 home=/home/admin@testfbnet quota_rule=*:storage=2M Nov 23 18:19:17 testfbsd dovecot: lda: Debug: Added userdb setting: plugin/quota_rule=*:storage=2M Nov 23 18:19:17 testfbsd dovecot: lda(admin@testfbnet): Debug: Effective uid=1000, gid=1000, home=/home/admin@testfbnet Nov 23 18:19:17 testfbsd dovecot: lda(admin@testfbnet): Debug: Quota root: name=User quota backend=maildir args= Nov 23 18:19:17 testfbsd dovecot: lda(admin@testfbnet): Debug: Quota rule: root=User quota mailbox=* bytes=2097152 messages=0 Nov 23 18:19:17 testfbsd dovecot: lda(admin@testfbnet): Debug: Quota rule: root=User quota mailbox=Trash bytes=+10485760 messages=0 Nov 23 18:19:17 testfbsd dovecot: lda(admin@testfbnet): Debug: Quota rule: root=User quota mailbox=Deleted Messages bytes=+10485760 messages=0 Nov 23 18:19:17 testfbsd dovecot: lda(admin@testfbnet): Debug: Quota warning: bytes=1992294 (95%) messages=0 reverse=no command=quota-warning 95 admin@testfbnet Nov 23 18:19:17 testfbsd dovecot: lda(admin@testfbnet): Debug: Quota warning: bytes=1677721 (80%) messages=0 reverse=no command=quota-warning 80 admin@testfbnet Nov 23 18:19:17 testfbsd dovecot: lda(admin@testfbnet): Debug: Quota warning: bytes=1048576 (50%) messages=0 reverse=no command=quota-warning 50 admin@testfbnet Nov 23 18:19:17 testfbsd dovecot: lda(admin@testfbnet): Debug: Quota grace: root=User quota bytes=209715 (10%) Nov 23 18:19:17 testfbsd dovecot: lda(admin@testfbnet): Debug: Namespace inbox: type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:/home/admin@testfbnet/mail Nov 23 18:19:17 testfbsd dovecot: lda(admin@testfbnet): Debug: maildir++: root=/home/admin@testfbnet/mail, index=, indexpvt=, control=, inbox=/home/admin@testfbnet/mail, alt= Nov 23 18:19:17 testfbsd dovecot: lda(admin@testfbnet): Debug: Quota root: name=User quota backend=maildir args= Nov 23 18:19:17 testfbsd dovecot: lda(admin@testfbnet): Debug: Quota warning: bytes=0 (95%) messages=0 reverse=no command=quota-warning 95 raw mail user Nov 23 18:19:17 testfbsd dovecot: lda(admin@testfbnet): Debug: Quota
Re: [Dovecot] Quota question.
Hi Bruce, please follow the Dovecot Mailing List guidelines and post your output of doveconf -n Also have a look in the List Archives. There has been a similar quota question in the last few days. Regards Daniel
Re: [Dovecot] Quota question.
On Wed, 2013-09-11 at 15:05 -0400, Bruce Markey wrote: I think it's something more. Apparently it's not even looking at the database. Not sure what I didn't do. If anyone can point me to a good dovecot / mysql quota how to that would be helpful. Thank you bruce signature.asc Description: This is a digitally signed message part
[Dovecot] Quota question.
I have quotas setup with dovecot. Everything seems to be running fine. Values show up fine in mysql. I set up Roundcube to show quota amounts, this also works. For some reason it's showing the old value, I had upped a quot I assume that dovecot is reporting this wrong since roundcube talks to dovecot for its info. Imap debug info: [11-Sep-2013 15:57:47 +]: [5986] S: A0003 OK List completed. [11-Sep-2013 15:57:47 +]: [5986] C: A0004 GETQUOTAROOT INBOX [11-Sep-2013 15:57:47 +]: [5986] S: * QUOTAROOT INBOX User quota [11-Sep-2013 15:57:47 +]: [5986] S: * QUOTA User quota (STORAGE 81 256000) [11-Sep-2013 15:57:47 +]: [5986] S: A0004 OK Getquotaroot completed. [11-Sep-2013 15:57:47 +]: [5986] C: A0005 LOGOUT I'm not sure where next to look. I made sure I didn't have a hard defaut value set in 90-quota.conf. Thank you Bruce -- Please use PGP, ENCRYPT everything. For information about acquiring a secryption.com account, email me. My public key: https://www.secryption.com/BruceMarkey.asc or https://keyserver.pgp.com
Re: [Dovecot] Quota question.
I think it's something more. Apparently it's not even looking at the database. Not sure what I didn't do. If anyone can point me to a good dovecot / mysql quota how to that would be helpful. Thank you bruce -- Please use PGP, ENCRYPT everything. For information about acquiring a secryption.com account, email me. My public key: https://www.secryption.com/BruceMarkey.asc or https://keyserver.pgp.com
Re: [Dovecot] Quota question.
Check if new quota is recognized using 'doveadm quota get -u username' If it does then there is some other issue... It is hard to tell without knowing how it is setup. Thanks VIjay On Thu, Sep 12, 2013 at 12:35 AM, Bruce Markey br...@secryption.com wrote: I think it's something more. Apparently it's not even looking at the database. Not sure what I didn't do. If anyone can point me to a good dovecot / mysql quota how to that would be helpful. Thank you bruce -- Please use PGP, ENCRYPT everything. For information about acquiring a secryption.com account, email me. My public key: https://www.secryption.com/**BruceMarkey.aschttps://www.secryption.com/BruceMarkey.asc or https://keyserver.pgp.com
[Dovecot] Quota to use limits from LDAP and usage from FS
Hi, I'm new to Dovecot (switching from Cyrus). I'm using Dovecot 2.1.7 from Ubuntu 13.04. Maildir data is stored on a Linux ext4 filesystem with quotas. I would like to use mail quota in a way, so that the usage values are taken from the filesystem's quota system by the fs backend, while the per-user limits get read from LDAP. Due to debugging messages, it's my impression that reading the limits from LDAP works quite well when the user process starts, but when IMAP access actually takes place, the fs backend uses the filesystem's soft limits. Can anybody confirm this behavior or is there a way to achieve what I intend? -frank signature.asc Description: Message signed with OpenPGP using GPGMail
[Dovecot] Quota based on LDAP group
Hi I have a setup where my dovecot (2.0, if that makes a difference) authenticates against an LDAP directory. In my scenario, I have two types of users, lets call them normal and privileged. What I need is for the normal user to have a fixed quota, but for the priviledged to have none. (The users do not exist on the underlying system, so I cant do quota based on FS) The issue is that my LDAP is actually an AD, and there is a fair amount of new accounts over the time (in other words, I cannot use LDAP attribute for storing quota, because the AD tools don't understand it, and I would have to add it manually for each new account). The approach I had in mind is using quota based on user group (I do have groups representing both normal and priviledged users), but I cannot find a way to set it up in dovecot. Am I missing something or does dovecot not support LDAP groups as attribute source? thanks Pavel Herrmann
[Dovecot] dovecot-lda - dovecot: quota-warning: Error: lda: Fatal: Unknown argument
Hi, everyone, I'm attempting to configure automated quota warnings for users and have hit a snag. The script I'm using is as follows: - #!/bin/sh PERCENT=$1 MAILBOX=$2 DOMAIN=$3 cat EOF | /usr/lib/dovecot/dovecot-lda -d $USER -o plugin/quota=dict:user::file:/var/vmail/%d/%n/.quotausage From: postmaster@$DOMAIN Subject: Email quota warning - mailbox over $PERCENT% full [...] - When the script is triggered, here's what appears in the log: - Jun 24 11:16:53 host dovecot: quota-warning: Error: lda: Fatal: Unknown argument: plugin/quota=dict:user::noenforcing:file:/var/vmail/%d/%n/.quotausage Jun 24 11:16:53 host dovecot: master: Error: service(quota-warning): child 22415 returned error 64 - If I paste the same on the command line, the message is delivered, as expected: /usr/lib/dovecot/dovecot-lda -d u...@example.com -o plugin/quota=dict:user::noenforcing:file:/var/vmail/%d/%n/.quotausage -p /tmp/test.txt The problem seems to be that the -o switch isn't being interpreted correctly when dovecot-lda is called from within the script. -o is the correct switch, yes? From the manual at http://wiki2.dovecot.org/LDA : -o name=value: Override a setting from dovecot.conf. You can give this parameter multiple times. What am I missing here? Is some shell script escaping or similar required? Thanks for any tips! -Ben
Re: [Dovecot] dovecot-lda - dovecot: quota-warning: Error: lda: Fatal: Unknown argument
On 6/24/2013 11:59 AM, Ben Johnson wrote: Hi, everyone, I'm attempting to configure automated quota warnings for users and have hit a snag. The script I'm using is as follows: - #!/bin/sh PERCENT=$1 MAILBOX=$2 DOMAIN=$3 cat EOF | /usr/lib/dovecot/dovecot-lda -d $USER -o plugin/quota=dict:user::file:/var/vmail/%d/%n/.quotausage From: postmaster@$DOMAIN Subject: Email quota warning - mailbox over $PERCENT% full [...] - When the script is triggered, here's what appears in the log: - Jun 24 11:16:53 host dovecot: quota-warning: Error: lda: Fatal: Unknown argument: plugin/quota=dict:user::noenforcing:file:/var/vmail/%d/%n/.quotausage Jun 24 11:16:53 host dovecot: master: Error: service(quota-warning): child 22415 returned error 64 - If I paste the same on the command line, the message is delivered, as expected: /usr/lib/dovecot/dovecot-lda -d u...@example.com -o plugin/quota=dict:user::noenforcing:file:/var/vmail/%d/%n/.quotausage -p /tmp/test.txt The problem seems to be that the -o switch isn't being interpreted correctly when dovecot-lda is called from within the script. -o is the correct switch, yes? From the manual at http://wiki2.dovecot.org/LDA : -o name=value: Override a setting from dovecot.conf. You can give this parameter multiple times. What am I missing here? Is some shell script escaping or similar required? Thanks for any tips! -Ben I figured it out; I had copy/pasted part of the line cat EOF | /usr/lib/dovecot/dovecot-lda -d $USER -o \ plugin/quota=dict:user::file:/var/vmail/%d/%n/.quotausage from the documentation example and in so doing I neglected to use the correct variable name for the user/mailbox. In the documentation example, the variable is $USER, whereas I had named it $MAILBOX. This was causing the mailbox/user to be evaluated as an empty string (or null). Everything works as expected using the correct variable name. Oops! -Ben
Re: [Dovecot] Quota based on LDAP group
On 24.6.2013, at 16.35, Pavel Herrmann morpheus.i...@gmail.com wrote: I have a setup where my dovecot (2.0, if that makes a difference) authenticates against an LDAP directory. In my scenario, I have two types of users, lets call them normal and privileged. What I need is for the normal user to have a fixed quota, but for the priviledged to have none. (The users do not exist on the underlying system, so I cant do quota based on FS) The issue is that my LDAP is actually an AD, and there is a fair amount of new accounts over the time (in other words, I cannot use LDAP attribute for storing quota, because the AD tools don't understand it, and I would have to add it manually for each new account). The approach I had in mind is using quota based on user group (I do have groups representing both normal and priviledged users), but I cannot find a way to set it up in dovecot. Am I missing something or does dovecot not support LDAP groups as attribute source? Sounds like you need to do two LDAP lookups and merge them. That requires Dovecot v2.2.
Re: [Dovecot] Quota based on LDAP group
On Monday 24 of June 2013 23:01:54 Timo Sirainen wrote: On 24.6.2013, at 16.35, Pavel Herrmann morpheus.i...@gmail.com wrote: I have a setup where my dovecot (2.0, if that makes a difference) authenticates against an LDAP directory. In my scenario, I have two types of users, lets call them normal and privileged. What I need is for the normal user to have a fixed quota, but for the priviledged to have none. (The users do not exist on the underlying system, so I cant do quota based on FS) The issue is that my LDAP is actually an AD, and there is a fair amount of new accounts over the time (in other words, I cannot use LDAP attribute for storing quota, because the AD tools don't understand it, and I would have to add it manually for each new account). The approach I had in mind is using quota based on user group (I do have groups representing both normal and priviledged users), but I cannot find a way to set it up in dovecot. Am I missing something or does dovecot not support LDAP groups as attribute source? Sounds like you need to do two LDAP lookups and merge them. That requires Dovecot v2.2. Sure, I am open to upgrading, if it solves the issue. I would actually need more than 2 requests, as AD supports recursive groups (a group being member of another group), which I do use. One possible issue is that from what I can see on the wiki does not really work with how groups in LDAP usually work. What I would need is the opposite direction - locate a group that has member=myUserDn attribute, look whether it has quota attribute set, if not use the group DN as myUserDn and repeat the search. Granted, AD has a backlink memberOf attribute, but I am still left with recursively looking up whether the group has a quota attribute, and whether it is a member of another group (cyclic membership is not possible AFAIK). Is this possible with Dovecot 2.2? thanks Pavel Herrmann
Re: [Dovecot] Quota based on LDAP group
On 25.6.2013, at 0.05, Pavel Herrmann morpheus.i...@gmail.com wrote: Sounds like you need to do two LDAP lookups and merge them. That requires Dovecot v2.2. Sure, I am open to upgrading, if it solves the issue. I would actually need more than 2 requests, as AD supports recursive groups (a group being member of another group), which I do use. One possible issue is that from what I can see on the wiki does not really work with how groups in LDAP usually work. What I would need is the opposite direction - locate a group that has member=myUserDn attribute, look whether it has quota attribute set, if not use the group DN as myUserDn and repeat the search. Granted, AD has a backlink memberOf attribute, but I am still left with recursively looking up whether the group has a quota attribute, and whether it is a member of another group (cyclic membership is not possible AFAIK). Is this possible with Dovecot 2.2? http://wiki2.dovecot.org/AuthDatabase/LDAP/Userdb - Subqueries and pointers does what you need I think. My head can't really follow LDAP stuff well enough to say for sure.
Re: [Dovecot] Quota based on LDAP group
Hi On Tuesday 25 of June 2013 00:13:05 Timo Sirainen wrote: On 25.6.2013, at 0.05, Pavel Herrmann morpheus.i...@gmail.com wrote: Sounds like you need to do two LDAP lookups and merge them. That requires Dovecot v2.2. Sure, I am open to upgrading, if it solves the issue. I would actually need more than 2 requests, as AD supports recursive groups (a group being member of another group), which I do use. One possible issue is that from what I can see on the wiki does not really work with how groups in LDAP usually work. What I would need is the opposite direction - locate a group that has member=myUserDn attribute, look whether it has quota attribute set, if not use the group DN as myUserDn and repeat the search. Granted, AD has a backlink memberOf attribute, but I am still left with recursively looking up whether the group has a quota attribute, and whether it is a member of another group (cyclic membership is not possible AFAIK). Is this possible with Dovecot 2.2? http://wiki2.dovecot.org/AuthDatabase/LDAP/Userdb - Subqueries and pointers does what you need I think. My head can't really follow LDAP stuff well enough to say for sure. Yeah, I figured that one out. the thing I dont see is how I set this up to work recursively (until the quota attribute is found). What I need is something similar to postfix special_result_attribute and leaf_result_attribute options (with the exception that I need to select one/closest of the attributes found, whereas postfix gets them all) thanks Pavel Herrmann
Re: [Dovecot] quota-status not working in distributed environment
On 14.6.2013, at 9.15, Benoit Panizzon benoit.paniz...@imp.ch wrote: Is there a way to get quota-status to also use the proxy feature to request the quota information from the correct machine? Looks like this is a missing feature. I first thought quota-status would go through doveadm protocol, which would make this work via doveadm proxying, but looks like it doesn't. Perhaps it optionally should. Btw, the quota-status just return DUNNO or 'Quota Full'. Is there a similar easy way to check the ammount of quota used? I could then update that information in the database and use it to, for example find abandoned mailboxes. doveadm quota get command can be used to ask for the user's current quota. You can ask the same via TCP protocol as well: http://wiki2.dovecot.org/Design/DoveadmProtocol
Re: [Dovecot] quota-status not working in distributed environment
Hi Ben thank you for your reply. The quota-status protocol is just the ordinary Postfix policy delegation protocol, documented in Postfix's SMTPD_POLICY_README. I would have thought that if you give 'service quota-status' an inet_listener you could have the Postfix policy check the quota on several machines over the network, though of course the policy protocol has absolutely no security so you may not want to do that. Well security is not such an issue as the mailservers are in a lan where access from outside (to prevent direct access to LMTP and other ports) is restricted anyway. So yes, they could connect that policy port from each other. But doing three connects (or even more if we add more servers) for each incomming email could cause scaling issues or performance issues if one server becomes laggy for some reason. I read about the policy protocol. It's quite simple (compared with sendmail milter). I will directly connect to the policy service on the correct machine from wihtin the milter. The milter has to do a database query anyway so I get the mailbox hostname in the same query. So I can do a IO::Socket::INET connect to the right machine which knows the quota of that recipient. Btw, the quota-status just return DUNNO or 'Quota Full'. Is there a similar easy way to check the ammount of quota used? I could then update that information in the database and use it to, for example find abandoned mailboxes. Kind regards Benoit Panizzon -- I m p r o W a r e A G- __ Zurlindenstrasse 29 Tel +41 61 826 93 07 CH-4133 PrattelnFax +41 61 826 93 02 Schweiz Web http://www.imp.ch __
Re: [Dovecot] quota-status not working in distributed environment
At 8AM +0200 on 14/06/13 you (Benoit Panizzon) wrote: It's quite simple (compared with sendmail milter). I will directly connect to the policy service on the correct machine from wihtin the milter. The milter has to do a database query anyway so I get the mailbox hostname in the same query. So I can do a IO::Socket::INET connect to the right machine which knows the quota of that recipient. Btw, the quota-status just return DUNNO or 'Quota Full'. Is there a similar easy way to check the ammount of quota used? I could then update that information in the database and use it to, for example find abandoned mailboxes. Not as far as I know, but if you're talking to a database anyway why not get Dovecot to store its quota information in the database directly (see wiki2/Quota/Dict)? That way you don't need to talk to Dovecot at all. Ben
[Dovecot] quota-status not working in distributed environment
Hello List Quick overview of our set-up: Postfix / Dovecot (2.2.2.1) / MySQL Cluster on (at the moment) three Servers to create a HA environment where you could easily add additional servers as the demand or load grows. Circular dovecot replication is used so each server uses another one as replication partner and allowing one server to fail. Dovecot Proxy Feature being used, so we can use round-robin DNS and each server can forward the connecting user to the correct 'master' for his mailbox. So far, everything works as expected. Now we want to reject emails to 'full' mailboxes during SMTP to prevent backscatter and use the quota-status policy service from within postfix. That works fine, if the mailbox or it's replica is present on the machine where quota-status is called, but it fails if it's run on a machine where neither the mailbox or the replica is present. In our case, we get a correct SMTP 550 'Mailbox Full' Reject in two cases and a LMTP generated bounce in the later case. Also `doveadm quota get -u u...@example.com` return the correct quota if run on the two machines which have the mailbox and it's copy locale, but return 0% used if run on the other machine. Is there a way to get quota-status to also use the proxy feature to request the quota information from the correct machine? Or is the postfix policy daemon call to the quota-status socket documented somewhere (it must be, but where?) so we could implement it from within the Milter? (we use the sendmail Milter API from postfix to filter spam and viruses, do sender/recipient rewriting, forward bounce matching, rate limmiting, login/IP statistics to block botnets abusing phished addresses and legal intercept stuff anyway) Kind regards Benoit Panizzon -- I m p r o W a r e A G- __ Zurlindenstrasse 29 Tel +41 61 826 93 07 CH-4133 PrattelnFax +41 61 826 93 02 Schweiz Web http://www.imp.ch __
Re: [Dovecot] quota-status not working in distributed environment
At 12PM +0200 on 13/06/13 you (Benoit Panizzon) wrote: Or is the postfix policy daemon call to the quota-status socket documented somewhere (it must be, but where?) so we could implement it from within the Milter? (we use the sendmail Milter API from postfix to filter spam and viruses, do sender/recipient rewriting, forward bounce matching, rate limmiting, login/IP statistics to block botnets abusing phished addresses and legal intercept stuff anyway) The quota-status protocol is just the ordinary Postfix policy delegation protocol, documented in Postfix's SMTPD_POLICY_README. I would have thought that if you give 'service quota-status' an inet_listener you could have the Postfix policy check the quota on several machines over the network, though of course the policy protocol has absolutely no security so you may not want to do that. Ben
[Dovecot] quota with imapc
Dear dovecot team, I have set up my mail system with a mail gateway connecting to mail server using imapc. Now I need my web mail client to show up the quota info. I enabled quota plugins in dovecot.conf. The problem is since all mails reside in the server, the web mail which is in mail gateway always shows the quota as 0. Is there any way the plugin will get quota info from the mail server? I am attaching my conf ## Dovecot configuration file in mail_uid = imapproxy mail_gid = imapproxy mail_home = /home/imapproxy/%u mail_location = imapc:~/imapc protocols = imap ## ## imapc settings ## imapc_host = mailserver.example.com imapc_port = 143 imapc_ssl = starttls imapc_ssl_ca_dir = /etc/postfix/certs ## ## auth settings ## auth_mechanisms = plain login passdb { driver = imap args = host=mailserver.example.com ssl=starttls ssl_ca_dir=/etc/postfix/certs default_fields = userdb_imapc_user=%u userdb_imapc_password=%w ssl=starttls } userdb { driver = prefetch } mail_plugins = $mail_plugins quota plugin { quota = maildir:User quota quota_rule = *:storage=200M } protocol imap { # Space separated list of plugins to load (default is global mail_plugins). mail_plugins = $mail_plugins imap_quota } ## ## SSL settings ## ssl = required disable_plaintext_auth = yes #verbose_ssl = yes ssl_cert = /etc/postfix/certs/public_cert.pem ssl_key = /etc/postfix/certs/private_key.pem ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL Greetings. -- View this message in context: http://dovecot.2317879.n4.nabble.com/quota-with-imapc-tp42280.html Sent from the Dovecot mailing list archive at Nabble.com.
Re: [Dovecot] quota with imapc
Ok... Thanks for the response. Waiting to see it soon :) -- View this message in context: http://dovecot.2317879.n4.nabble.com/quota-with-imapc-tp42280p42285.html Sent from the Dovecot mailing list archive at Nabble.com.
Re: [Dovecot] Quota not working with dict proxy
On Wed, May 15, 2013 9:15 pm, Daniel Parthey wrote: map { pattern = priv/quota/storage # dictionary for storage bytes table = quota # table where to write storage count username_field = username # username of whom storage should be counted value_field = bytes # number of bytes in user mailbox } map { pattern = priv/quota/messages # dictionary for message count table = quota # table where to write email count username_field = username # username whose emails should be counted value_field = messages# number of messages in user mailbox } Regards Daniel I think more correctly, value_field is the name of the field in the db. The 'storage' dictionary will always contain bytes,and the 'messages' dictionary will always store the number of messages into the db field named by the 'value_field' parameter. I would guess that if you changed the pattern to 'shared/quota/messages' then you could set the shared quota as well.
Re: [Dovecot] quota and dict
On 3.5.2013, at 8.04, Jeff Gustafson ncjeff...@zimage.com wrote: Shouldn't I be able to use a dictionary proxy to attach any custom program to a quota dict socket? plugin { quota = dict:User quota::proxy:/tmp/test-socket } This tells quota plugin to connect to /tmp/test-socket and talk dict protocol to it. Neither one create a socket in /tmp. No, your external program needs to create the socket.
Re: [Dovecot] quota-related crash for doveadm dsync operation
On 29.4.2013, at 10.43, Emmanuel Dreyfus m...@netbsd.org wrote: I understand the crash below is caused by filesystem quota. I just report it because perhaps it could have a more graceful failure. Apr 29 09:39:17 danceny dovecot: dsync-local(jdoe): Error: Mailbox Sent: Saving failed: Not enough disk space Apr 29 09:39:17 danceny syslogd[165]: last message repeated 4 times Apr 29 09:39:17 danceny dovecot: doveadm: Error: dsync-remote(jdoe): Error: Cached message size smaller than expected (35111 40830) Apr 29 09:39:17 danceny dovecot: doveadm: Error: dsync-remote(jdoe): Error: Corrupted index cache file /mail/indexes/jdoe/.imap/Sent/dovecot.index.cache: Broken physical size for mail UID 976 Apr 29 09:39:17 danceny dovecot: doveadm: Error: dsync-remote(jdoe): Error: dsync(local): read(/home/pct/jdoe/mail/Sent) failed: Invalid argument Apr 29 09:39:17 danceny dovecot: dsync-local(jdoe): Error: dsync(r...@volanges.net.espci.fr): read() failed: Broken pipe Apr 29 09:39:17 danceny dovecot: dsync-local(jdoe): Panic: file mail-storage.c: line 1830 (mailbox_transaction_commit_get_changes): assertion failed: (ret 0 || seq_range_count(changes_r-saved_uids) == save_count || array_count(changes_r-saved_uids) == 0) Apr 29 09:39:17 danceny dovecot: dsync-local(jdoe): Fatal: master: service(doveadm): child 23443 killed with signal 6 (core not dumped - set service doveadm { drop_priv_before_exec=yes }) Fixed the crash: http://hg.dovecot.org/dovecot-2.2/rev/1d6f42853492 Also fixed a few other mbox issues. But I see that there are still others left when running dsync+mbox. I'll try to get them fixed, but mbox isn't very high priority format..
Re: [Dovecot] Quota not working with dict proxy
Are you using the same SQL table email for user lookup and quota/storage accounting? Try to use two different tables for user and quota database, because the quota accounting might have deleted an entry from the user table while it only tried to delete a row from the quota table. Regards Daniel Daniel, Per your suggestion, I created a new table, quote_usage, and changed the config files to look at it instead. Things appear to be working now. Thank you very much for your guidance. Is there any documentation that goes into more detail regarding the 'map' settings, what they mean, etc., of which you are aware? I was rather hoping to avoid digging through the code just to satisfy my curiosity. Thanks again. Chris
Re: [Dovecot] Quota not working with dict proxy
Chris Richards wrote: Is there any documentation that goes into more detail regarding the 'map' settings, what they mean, etc., of which you are aware? hoping to avoid digging through the code just to satisfy my curiosity. I couldn't find much in the docs: http://wiki.dovecot.org/Quota/Dict So here's some documentation, please correct me if I'm wrong: map { pattern = priv/quota/storage # dictionary for storage bytes table = quota # table where to write storage count username_field = username # username of whom storage should be counted value_field = bytes # number of bytes in user mailbox } map { pattern = priv/quota/messages # dictionary for message count table = quota # table where to write email count username_field = username # username whose emails should be counted value_field = messages# number of messages in user mailbox } Regards Daniel -- https://plus.google.com/103021802792276734820
Re: [Dovecot] Quota not working with dict proxy
Chris Richards wrote: Attempting to recalc quota on one account using command: doveadm -f tab quota recalc -u user@domain returns with nothing, and when I repeat 'quota get' command, it says: doveadm(user@domain): Fatal: User doesn't exist Indeed, looking in the database shows the account in question was actually DELETED! Obviously, I've got something messed here, but I don't know what. dovecot-dict-sql.conf.ext: connect = host=localhost dbname=maildb user=dbuser password=dbpass map { pattern = priv/quota/storage table = email username_field = address value_field = quota_bytes } map { pattern = priv/quota/messages table = email username_field = address value_field = quota_messages } Are you using the same SQL table email for user lookup and quota/storage accounting? Try to use two different tables for user and quota database, because the quota accounting might have deleted an entry from the user table while it only tried to delete a row from the quota table. Regards Daniel -- https://plus.google.com/103021802792276734820
Re: [Dovecot] Quota not working with dict proxy
On Mon, May 13, 2013 5:55 pm, Daniel Parthey wrote: Are you using the same SQL table email for user lookup and quota/storage accounting? Try to use two different tables for user and quota database, because the quota accounting might have deleted an entry from the user table while it only tried to delete a row from the quota table. Regards Daniel I am using the same table for both user lookkup and quota accounting. I'll try creating another table for the lookup and quota accounting, but I find it disconcerting that it would be deleting entries from the database at all when all I asked it to do was recalc the quota. One wouldn't think that 'update an entry with the correct information' would equate to 'delete this row and recreate it'. Chris
[Dovecot] Quota not working with dict proxy
Hello all, I'm sure this has been covered somewhere before, but my googlefu is not up to the challenge. Basically, I'm trying to configure quota plugin to use a dictionary service (specifically proxy with mysql) so that I can store the quota usage in a database and use that information in a lookup for postfix to reject mail if over quota. I'm doing this because postfix+avamis+dovecot setup with amavis re-injecting into postfix results in mail being effectively accepted before dovecot lmtp knows if mailbox is full. I'm currently using quota maildir: quota = maildir:User quota and this works; doveadm -Df tab quota get -u 'user@domain' Quota name TypeValue Limit % User quota STORAGE 55388 204800 27 User quota MESSAGE 4883- 0 When I use quota dict: quota = dict:User quota:%u:proxy::quota I get this: doveadm -f tab quota get -u user@domain Quota name TypeValue Limit % User quota STORAGE 0 204800 0 User quota MESSAGE 0 - 0 So far so good. But manually setting database entry to values retrieved above with maildir quota results in this: Quota name TypeValue Limit % User quota STORAGE 54 204800 0 User quota MESSAGE 4883- 0 I'm guessing this is returning values in KB, so that makes sense, I guess. Attempting to recalc quota on one account using command: doveadm -f tab quota recalc -u user@domain returns with nothing, and when I repeat 'quota get' command, it says: doveadm(user@domain): Fatal: User doesn't exist Errwhat?! Indeed, looking in the database shows the account in question was actually DELETED! Obviously, I've got something messed here, but I don't know what. I need some guidance here. Dovecot version is 2.1.12 Here is my config: # 2.1.12: /etc/dovecot/dovecot.conf # OS: Linux 3.7.5-hardened-r1 x86_64 Gentoo Base System release 2.1 ext4 auth_master_user_separator = * auth_mechanisms = plain login auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ auth_verbose_passwords = plain default_process_limit = 200 dict { quota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext } disable_plaintext_auth = no login_greeting = Awaiting command... mail_location = maildir:/home/vmail/%d/%n/Maildir mail_plugins = quota mail_privileged_group = 100 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox Sent Messages { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = INBOX. separator = . type = private } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { expire = Trash 7 expire2 = Trash/* 7 expire3 = Spam 7 quota = dict:User quota:%u:proxy::quota quota_rule = *:storage=200M quota_warning = storage=99%% quota-warning 99 %n %d quota_warning2 = storage=95%% quota-warning 95 %n %d quota_warning3 = storage=80%% quota-warning 80 %n %d quota_warning4 = -storage=95%% quota-warning 'less than 95' %n %d sieve = ~/.dovecot.sieve sieve_default = /home/vmail/dovecot/sieve/default.sieve sieve_dir = ~/sieve sieve_global_dir = /home/vmail/dovecot/sieve } protocols = imap pop3 sieve lmtp service auth-worker { user = $default_internal_user } service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } unix_listener auth-userdb { group = dovecot mode = 0666 user = dovecot } user = $default_internal_user } service dict { unix_listener dict { mode = 0600 user = vmail } } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } service quota-warning { executable = script /etc/dovecot/quota-warning.sh unix_listener quota-warning { user = vmail } user = dovecot } ssl_cert = /etc/ssl/dovecot/server.pem ssl_key = /etc/ssl/dovecot/server.key userdb { driver = prefetch } userdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } protocol lmtp { mail_plugins = sieve quota postmaster_address = postmaster@domain } protocol lda { mail_plugins = quota sieve quota } protocol imap { mail_max_userip_connections = 20 mail_plugins = quota quota imap_quota } protocol pop3 { mail_plugins = quota quota } From dovecot-dict-sql.conf.ext: connect = host=localhost dbname=maildb user=dbuser password=dbpass # CREATE TABLE quota ( # username varchar(100) not null, # bytes bigint not null default 0, # messages integer not null default 0, # primary key (username) # ); map { pattern
Re: [Dovecot] Quota not working with dict proxy
On Sun, May 12, 2013 12:24 pm, Chris Richards wrote: Hello all, I'm sure this has been covered somewhere before, but my googlefu is not up to the challenge. More info; this is the debug output from the doveadm command: doveadm -Df tab quota recalc -u 'user@domain' doveadm(root): Debug: Loading modules from directory: /usr/lib64/dovecot doveadm(root): Debug: Module loaded: usr/lib64/dovecot/lib10_quota_plugin.so doveadm(root): Debug: Loading modules from directory: /usr/lib64/dovecot/doveadm doveadm(root): Debug: Skipping module doveadm_acl_plugin, because dlopen() failed: /usr/lib64/dovecot/doveadm/lib10_doveadm_acl_plugin.so: undefined symbol: acl_user_module (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: /usr/lib64/dovecot/doveadm/lib10_doveadm_expire_plugin.so: undefined symbol: expire_set_deinit (this is usually intentional, so just ignore this message) doveadm(root): Debug: Module loaded: /usr/lib64/dovecot/doveadm/lib10_doveadm_quota_plugin.so doveadm(root): Debug: Skipping module doveadm_zlib_plugin, because dlopen() failed: /usr/lib64/dovecot/doveadm/lib10_doveadm_zlib_plugin.so: undefined symbol: i_stream_create_deflate (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib64/dovecot/doveadm/lib20_ doveadm_fts_plugin.so: undefined symbol: fts_backend_rescan (this is usually intentional, so just ignore this message) doveadm(user@domain): Debug: auth input: user@domain home=/home/vmail/domains/domain/user/ mail=maildir:/home/vmail/domains/domain/user/Maildir/ uid=1004 gid=100 quota_rule=*:storage=200M doveadm(user@domain): Debug: Added userdb setting: mail=maildir:/home/vmail/domains/domain/user/Maildir/ doveadm(user@domain): Debug: Added userdb setting: plugin/quota_rule=*:storage=200M doveadm(user@domain): Debug: Effective uid=1004, gid=100, home=/home/vmail/domains/domain/user/ doveadm(user@domain): Debug: Quota root: name=User quota backend=dict args=user@domain:proxy::quota doveadm(user@domain): Debug: Quota rule: root=User quota mailbox=* bytes=209715200 messages=0 doveadm(user@domain): Debug: Quota warning: bytes=207618048 (99%) messages=0 reverse=no command=quota-warning 99 user domain doveadm(user@domain): Debug: Quota warning: bytes=199229440 (95%) messages=0 reverse=no command=quota-warning 95 user domain doveadm(user@domain): Debug: Quota warning: bytes=167772160 (80%) messages=0 reverse=no command=quota-warning 80 user domain doveadm(user@domain): Debug: Quota warning: bytes=199229440 (95%) messages=0 reverse=yes command=quota-warning 'less than 95' user domain doveadm(user@domain): Debug: dict quota: user=user@domain, uri=proxy::quota, noenforcing=0 doveadm(user@domain): Debug: Namespace inbox: type=private, prefix=INBOX., sep=., inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:/home/vmail/domains/domain/user/Maildir/ doveadm(user@domain): Debug: maildir++: root=/home/vmail/domains/domain/user/Maildir, index=, control=, inbox=/home/vmail/domains/domain/user/Maildir, alt= I don't see anything here that would explain why it is deleting my user account, but I can tell you with certainty that this command is doing SOMETHING that is resulting in the deletion of my account.
[Dovecot] quota and dict
I have a question about using dict and quotas. I want dovecot to send quota queries to a custom dict server over a socket. I'm doing this because I can't do group quotas based on domain since a customer can have each of their users associated with different domains under a single account. I need to lookup the account ID and group based on that. I'm worried putting everything in mysql will cause way too many writes and lower the performance of our mysql cluster. I have having a little trouble connecting all the dots in the config file. In the userdb example, there is an 'args' parameter that allows a file to specify a uri. I don't see how to do that for dict. I only see file, mysql, and postgresql. Shouldn't I be able to use a dictionary proxy to attach any custom program to a quota dict socket? Tell the quota plug to proxy quota which then points to a socket: plugin { quota = dict:User quota::proxy::quota } dict { quota = proxy:/tmp/test-socket } or should it be: plugin { quota = dict:User quota::proxy:/tmp/test-socket } Neither one create a socket in /tmp. It seems like this should be possible, but I don't see an obvious way to do it. ...Jeff
[Dovecot] quota-related crash for doveadm dsync operation
Hi I understand the crash below is caused by filesystem quota. I just report it because perhaps it could have a more graceful failure. Apr 29 09:39:17 danceny dovecot: dsync-local(jdoe): Error: Mailbox Sent: Saving failed: Not enough disk space Apr 29 09:39:17 danceny syslogd[165]: last message repeated 4 times Apr 29 09:39:17 danceny dovecot: doveadm: Error: dsync-remote(jdoe): Error: Cached message size smaller than expected (35111 40830) Apr 29 09:39:17 danceny dovecot: doveadm: Error: dsync-remote(jdoe): Error: Corrupted index cache file /mail/indexes/jdoe/.imap/Sent/dovecot.index.cache: Broken physical size for mail UID 976 Apr 29 09:39:17 danceny dovecot: doveadm: Error: dsync-remote(jdoe): Error: dsync(local): read(/home/pct/jdoe/mail/Sent) failed: Invalid argument Apr 29 09:39:17 danceny dovecot: dsync-local(jdoe): Error: dsync(r...@volanges.net.espci.fr): read() failed: Broken pipe Apr 29 09:39:17 danceny dovecot: dsync-local(jdoe): Panic: file mail-storage.c: line 1830 (mailbox_transaction_commit_get_changes): assertion failed: (ret 0 || seq_range_count(changes_r-saved_uids) == save_count || array_count(changes_r-saved_uids) == 0) Apr 29 09:39:17 danceny dovecot: dsync-local(jdoe): Fatal: master: service(doveadm): child 23443 killed with signal 6 (core not dumped - set service doveadm { drop_priv_before_exec=yes }) -- Emmanuel Dreyfus m...@netbsd.org
Re: [Dovecot] [Dovecot-de] Dovecot Quota via policy service abfragen
Hallo Waffenmeister! Ralf Hildebrandt ralf.hildebra...@charite.de wrote: Apr 7 14:07:52 delta postfix/qmgr[19078]: 1D8921B31260: from=anme...@anup.de, size=1492149, nrcpt=1 (queue active) Apr 7 14:07:53 delta postfix/pipe[19091]: 1D8921B31260: to=mi...@anup.de, relay=dovecot, delay=2542, delays=2542/0.01/0/0.29, dsn=4.3.0, status=deferred (temporary failure) Ich sehe hier nur einen Fehler vom transport dovecot. plugin { quota = maildir:User quota quota_grace = 10%% quota_rule = *:storage=500MB quota_rule2 = Trash:storage=+10%% quota_status_success = DUNNO quota_status_nouser = DUNNO quota_status_overquota = 552 5.2.2 Mailbox is full / Mailbox ist voll Lass mal das quota_status_overquota feld weg. Habe ich jetzt neben quota_grace = 10%% auch rausgenommen. Apr 7 19:38:35 delta postfix/smtpd[23037]: connect from p54B32BC9.dip.t-dialin.net[84.179.43.201] Apr 7 19:38:36 delta postfix/smtpd[23037]: setting up TLS connection from p54B32BC9.dip.t-dialin.net[84.179.43.201] Apr 7 19:38:36 delta postfix/smtpd[23037]: TLS connection established from p54B32BC9.dip.t-dialin.net[84.179.43.201]: TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits) Apr 7 19:38:37 delta postfix/smtpd[23037]: NOQUEUE: client=p54B32BC9.dip.t-dialin.net[84.179.43.201], sasl_method=CRAM-MD5, sasl_username=anme...@anup.de Apr 7 19:39:01 delta postfix/smtpd[23139]: connect from localhost[127.0.0.1] Apr 7 19:39:01 delta postfix/smtpd[23139]: 9C1BA1B30FB0: client=localhost[127.0.0.1] Apr 7 19:39:01 delta postfix/cleanup[23142]: 9C1BA1B30FB0: message-id=20130407193818.62d8c328@itxnew.bitcorner.intern Apr 7 19:39:01 delta postfix/qmgr[22234]: 9C1BA1B30FB0: from=anme...@anup.de, size=1492149, nrcpt=1 (queue active) Apr 7 19:39:01 delta postfix/smtpd[23139]: disconnect from localhost[127.0.0.1] Apr 7 19:39:02 delta postfix/smtpd[23037]: disconnect from p54B32BC9.dip.t-dialin.net[84.179.43.201] Apr 7 19:39:02 delta postfix/pipe[23143]: 9C1BA1B30FB0: to=mi...@anup.de, relay=dovecot, delay=0.56, delays=0.33/0/0/0.23, dsn=4.3.0, status=deferred (temporary failure) Also ich vermisse das reject-warning von postfix und es hat auch nicht den Anschein, dass postfix den Status der Quota bei dovecot über port 12340 abfrägt. Naja, vielleicht steht es an der falschen Stelle in den Restrictions! Das muss passieren BEVOR irgendwas ein OK zurückgibt. Ich habe warn_if_reject check_policy_service inet:127.0.0.1:12340 ziemlich am Anfang der recipient_restrictions gesetzt nachdem ich den check am Ende hatte noch nach postgrey. smtpd_recipient_restrictions = check_sender_access hash:/etc/postfix/access_sender, permit_mynetworks, permit_sasl_authenticated, reject_invalid_helo_hostname, reject_unlisted_recipient, warn_if_reject check_policy_service inet:127.0.0.1:12340 reject_unknown_sender_domain, check_sender_access pcre:/etc/postfix/umlaute.pcre, check_recipient_access pcre:/etc/postfix/umlaute.pcre, reject_unauth_destination, reject_rbl_client bl.spamcop.net, reject_rbl_client zen.spamhaus.org, check_client_access cidr:/etc/postfix/client.cidr, check_policy_service inet:127.0.0.1:10023 Andreas
Re: [Dovecot] [Dovecot-de] Dovecot Quota via policy service abfragen
Ralf Hildebrandt ralf.hildebra...@charite.de wrote: * Andreas Meyer anme...@anup.de: Habe ich jetzt neben quota_grace = 10%% auch rausgenommen. Gut. Apr 7 19:38:35 delta postfix/smtpd[23037]: connect from p54B32BC9.dip.t-dialin.net[84.179.43.201] Apr 7 19:38:36 delta postfix/smtpd[23037]: setting up TLS connection from p54B32BC9.dip.t-dialin.net[84.179.43.201] Apr 7 19:38:36 delta postfix/smtpd[23037]: TLS connection established from p54B32BC9.dip.t-dialin.net[84.179.43.201]: TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits) Apr 7 19:38:37 delta postfix/smtpd[23037]: NOQUEUE: client=p54B32BC9.dip.t-dialin.net[84.179.43.201], sasl_method=CRAM-MD5, sasl_username=anme...@anup.de Apr 7 19:39:01 delta postfix/smtpd[23139]: connect from localhost[127.0.0.1] Apr 7 19:39:01 delta postfix/smtpd[23139]: 9C1BA1B30FB0: client=localhost[127.0.0.1] Apr 7 19:39:01 delta postfix/cleanup[23142]: 9C1BA1B30FB0: message-id=20130407193818.62d8c328@itxnew.bitcorner.intern Apr 7 19:39:01 delta postfix/qmgr[22234]: 9C1BA1B30FB0: from=anme...@anup.de, size=1492149, nrcpt=1 (queue active) Apr 7 19:39:01 delta postfix/smtpd[23139]: disconnect from localhost[127.0.0.1] Apr 7 19:39:02 delta postfix/smtpd[23037]: disconnect from p54B32BC9.dip.t-dialin.net[84.179.43.201] Apr 7 19:39:02 delta postfix/pipe[23143]: 9C1BA1B30FB0: to=mi...@anup.de, relay=dovecot, delay=0.56, delays=0.33/0/0/0.23, dsn=4.3.0, status=deferred (temporary failure) Na dann sind deine Restrictions falsch und die Mail wird OK'ed bevor der Policy Server gefragt wird. Ich habe warn_if_reject check_policy_service inet:127.0.0.1:12340 ziemlich am Anfang der recipient_restrictions gesetzt nachdem ich den check am Ende hatte noch nach postgrey. smtpd_recipient_restrictions = --- hier einbauen --- ist ja nur zum Test check_sender_access hash:/etc/postfix/access_sender, permit_mynetworks, permit_sasl_authenticated, reject_invalid_helo_hostname, reject_unlisted_recipient, warn_if_reject check_policy_service inet:127.0.0.1:12340 reject_unknown_sender_domain, check_sender_access pcre:/etc/postfix/umlaute.pcre, check_recipient_access pcre:/etc/postfix/umlaute.pcre, reject_unauth_destination, reject_rbl_client bl.spamcop.net, reject_rbl_client zen.spamhaus.org, check_client_access cidr:/etc/postfix/client.cidr, check_policy_service inet:127.0.0.1:10023 That did the trick! The order of the recipient_restricitons was wrong. Apr 7 20:24:55 delta postfix/smtpd[23806]: connect from p54B32BC9.dip.t-dialin.net[84.179.43.201] Apr 7 20:24:55 delta postfix/smtpd[23806]: setting up TLS connection from p54B32BC9.dip.t-dialin.net[84.179.43.201] Apr 7 20:24:56 delta postfix/smtpd[23806]: TLS connection established from p54B32BC9.dip.t-dialin.net[84.179.43.201]: TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits) Apr 7 20:24:56 delta postfix/smtpd[23806]: NOQUEUE: reject: RCPT from p54B32BC9.dip.t-dialin.net[84.179.43.201]: 552 5.2.2 mi...@anup.de: Recipient address rejected: Quota exceeded (mailbox for user is full); from=anme...@anup.de to=mi...@anup.de proto=ESMTP helo=itxnew.bitcorner.intern Apr 7 20:24:56 delta postfix/smtpd[23806]: lost connection after RCPT from p54B32BC9.dip.t-dialin.net[84.179.43.201] Apr 7 20:24:56 delta postfix/smtpd[23806]: disconnect from p54B32BC9.dip.t-dialin.net[84.179.43.201] The MUA does not get rid of the mail, when it would exceed the quota. But now the next problem. I cannot send this mail and get the following with smtpd_recipient_restrictions = check_policy_service inet:127.0.0.1:12340 check_sender_access hash:/etc/postfix/access_sender, permit_mynetworks, permit_sasl_authenticated, Apr 7 20:31:43 delta postfix/smtpd[23820]: connect from p54B32BC9.dip.t-dialin.net[84.179.43.201] Apr 7 20:31:44 delta postfix/smtpd[23820]: setting up TLS connection from p54B32BC9.dip.t-dialin.net[84.179.43.201] Apr 7 20:31:45 delta postfix/smtpd[23820]: TLS connection established from p54B32BC9.dip.t-dialin.net[84.179.43.201]: TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits) Apr 7 20:31:46 delta postfix/smtpd[23820]: warning: problem talking to server 127.0.0.1:12340: Success Apr 7 20:31:46 delta postfix/smtpd[23820]: NOQUEUE: reject: RCPT from p54B32BC9.dip.t-dialin.net[84.179.43.201]: 451 4.3.5 Server configuration problem; from=anme...@anup.de to=dove...@listen.jpberlin.de proto=ESMTP helo=itxnew.bitcorner.intern Apr 7 20:31:46 delta postfix/smtpd[23820]: lost connection after RCPT from p54B32BC9.dip.t-dialin.net[84.179.43.201] Apr 7 20:31:46 delta postfix/smtpd[23820]: disconnect from p54B32BC9.dip.t-dialin.net[84.179.43.201] the mail is not sent out. I deactivated the check to get sent mail sent. Andreas
[Dovecot] Quota Problems with LMTP in HG 62a930eb22b5
Since updating to the latest HG these errors occur. Nothing else changed in the config: $ dovecot --version 2.2.beta1 (62a930eb22b5) == /var/log/dovecot/dovecot.log == Feb 18 09:47:32 spectre dovecot: lmtp(14340): Connect from local Feb 18 09:47:32 spectre dovecot: lmtp(14340, t...@leuxner.net): Error: mkdir_parents(/var/vmail/domains/leuxner.net/tlx/mdbox) failed: File exists Feb 18 09:47:32 spectre dovecot: lmtp(14340, t...@leuxner.net): Error: mkdir_parents(/var/vmail/domains/leuxner.net/tlx/mdbox) failed: File exists Feb 18 09:47:32 spectre dovecot: lmtp(14340, t...@leuxner.net): Error: dict quota: Quota update failed, it's now desynced $ doveconf -n # 2.2.beta1 (62a930eb22b5): /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-0.bpo.4-amd64 x86_64 Debian 6.0.6 auth_cache_size = 16 k auth_verbose = yes mail_location = mdbox:~/mdbox mail_plugins = acl quota stats mailbox_list_index = yes namespace { list = yes location = mdbox:/var/vmail/public:INDEXPVT=~/mdbox/public prefix = Public/ separator = / subscriptions = no type = public } namespace inbox { hidden = no inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox Sent Messages { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / type = private } passdb { args = username_format=%u /var/vmail/auth.d/%d/passwd driver = passwd-file } plugin { acl = vfile:/var/vmail/conf.d/%d/acls:cache_secs=300 mail_log_events = expunge mailbox_delete quota = dict:user::file:%h/mdbox/dovecot-quota quota_rule = *:storage=1GB quota_rule2 = Trash:storage=+10%% sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_global_dir = /var/vmail/conf.d/%d/sieve stats_refresh = 30s stats_track_cmds = yes } protocols = imap lmtp quota_full_tempfail = yes service auth-worker { unix_listener auth-worker { user = doveauth } user = doveauth } service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } user = doveauth } service imap-login { inet_listener imap { address = 1.2.3.4 port = 143 } inet_listener imaps { port = 0 } } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0660 user = postfix } } service stats { fifo_listener stats-mail { mode = 0600 user = vmail } } ssl_ca = /etc/ssl/certs/SSL123_CA_Bundle.pem ssl_cert = /etc/ssl/certs/host_domain_tld.crt ssl_key = /etc/ssl/private/host_domain_tld.key syslog_facility = local1 userdb { args = username_format=%u /var/vmail/auth.d/%d/passwd driver = passwd-file } verbose_proctitle = yes protocol lmtp { mail_plugins = acl quota stats sieve } protocol imap { mail_max_userip_connections = 20 mail_plugins = acl quota stats mail_log notify imap_acl imap_quota imap_stats } signature.asc Description: Digital signature
Re: [Dovecot] Quota Problems with LMTP in HG 62a930eb22b5
* Thomas Leuxner t...@leuxner.net 2013.02.18 09:58: Since updating to the latest HG these errors occur. Nothing else changed in the config: $ dovecot --version 2.2.beta1 (62a930eb22b5) == /var/log/dovecot/dovecot.log == Feb 18 09:47:32 spectre dovecot: lmtp(14340): Connect from local Feb 18 09:47:32 spectre dovecot: lmtp(14340, t...@leuxner.net): Error: mkdir_parents(/var/vmail/domains/leuxner.net/tlx/mdbox) failed: File exists Feb 18 09:47:32 spectre dovecot: lmtp(14340, t...@leuxner.net): Error: mkdir_parents(/var/vmail/domains/leuxner.net/tlx/mdbox) failed: File exists Feb 18 09:47:32 spectre dovecot: lmtp(14340, t...@leuxner.net): Error: dict quota: Quota update failed, it's now desynced Seems there's more to the latest changes as a mail that has to be saved temporarily also breaks LMTP: Feb 18 13:00:32 spectre postfix/qmgr[21702]: 3Z8hWT6jxszFV: from=subscripti...@lists.juno.co.uk, size=460096, nrcpt=1 (queue active) == /var/log/dovecot/dovecot.log == Feb 18 13:00:32 spectre dovecot: lmtp(15093): Connect from local Feb 18 13:00:33 spectre dovecot: lmtp(15093): Error: Temp file creation to /tmp/dovecot.lmtp.�/usr/lib/dovecot/lmtp.15093. failed: No such file or directory Feb 18 13:00:33 spectre dovecot: lmtp(15093): Disconnect from local: Temporary internal failure (in DATA) signature.asc Description: Digital signature
Re: [Dovecot] Quota Problems with LMTP in HG 62a930eb22b5
On Mon, 2013-02-18 at 13:24 +0100, Thomas Leuxner wrote: * Thomas Leuxner t...@leuxner.net 2013.02.18 09:58: Since updating to the latest HG these errors occur. Nothing else changed in the config: $ dovecot --version 2.2.beta1 (62a930eb22b5) == /var/log/dovecot/dovecot.log == Feb 18 09:47:32 spectre dovecot: lmtp(14340): Connect from local Feb 18 09:47:32 spectre dovecot: lmtp(14340, t...@leuxner.net): Error: mkdir_parents(/var/vmail/domains/leuxner.net/tlx/mdbox) failed: File exists Feb 18 09:47:32 spectre dovecot: lmtp(14340, t...@leuxner.net): Error: mkdir_parents(/var/vmail/domains/leuxner.net/tlx/mdbox) failed: File exists Feb 18 09:47:32 spectre dovecot: lmtp(14340, t...@leuxner.net): Error: dict quota: Quota update failed, it's now desynced Not sure about these. Are they fixed now? Feb 18 13:00:33 spectre dovecot: lmtp(15093): Error: Temp file creation to /tmp/dovecot.lmtp.�/usr/lib/dovecot/lmtp.15093. failed: No such file or directory This is definitely fixed. I was worried about the environment getting cleared when coding it, but it appeared to work and looks like I didn't test well enough.
Re: [Dovecot] Quota Problems with LMTP in HG 62a930eb22b5
* Timo Sirainen t...@iki.fi 2013.02.18 14:18: == /var/log/dovecot/dovecot.log == Feb 18 09:47:32 spectre dovecot: lmtp(14340): Connect from local Feb 18 09:47:32 spectre dovecot: lmtp(14340, t...@leuxner.net): Error: mkdir_parents(/var/vmail/domains/leuxner.net/tlx/mdbox) failed: File exists Feb 18 09:47:32 spectre dovecot: lmtp(14340, t...@leuxner.net): Error: mkdir_parents(/var/vmail/domains/leuxner.net/tlx/mdbox) failed: File exists Feb 18 09:47:32 spectre dovecot: lmtp(14340, t...@leuxner.net): Error: dict quota: Quota update failed, it's now desynced Not sure about these. Are they fixed now? Feb 18 13:00:33 spectre dovecot: lmtp(15093): Error: Temp file creation to /tmp/dovecot.lmtp.�/usr/lib/dovecot/lmtp.15093. failed: No such file or directory This is definitely fixed. I was worried about the environment getting cleared when coding it, but it appeared to work and looks like I didn't test well enough. Both seem to be fixed with 2.2.beta1 (3ca7e0eaaf4b). Thanks Timo. signature.asc Description: Digital signature
[Dovecot] quota recalc does not work
Hi I upgraded dovecot from 2.0 to 2.1 , and now i face the quota recalc problem. All settings are keep in mysql Before , after a change in mailbox.quota field, i run doveadm quota recalc and all was ok , but now that command doesn't do anything. After i change a quota for a user , i have to restart dovecot to get the new quota , or do a doveadm reload instead of recalc. And the doveadm quota recalc -A give me back a lot of doveadm(username): Info: User no longer exists, skipping Any thoughts ? # 2.1.10: /usr/dovecot21/etc/dovecot/dovecot.conf # OS: Linux 2.6.35.4 i686 auth_cache_negative_ttl = 1 secs auth_cache_size = 2 M auth_failure_delay = 4 secs auth_mechanisms = plain login digest-md5 cram-md5 auth_worker_max_count = 100 base_dir = /var/run/dovecot/ default_client_limit = 4096 default_internal_user = vmail default_login_user = nobody default_process_limit = 256 deliver_log_format = mail delivery from=%f subject=%s msgid=%m: %$ dict { acl = mysql:/usr/dovecot21/etc/dovecot/dovecot-dict-sql.conf.ext } disable_plaintext_auth = no first_valid_uid = 1 lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes listen = * mail_location = maildir:~/Maildir mail_plugins = quota acl trash notify mail_log managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace { hidden = no list = children location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u prefix = shared/%%u/ separator = / subscriptions = no type = shared } namespace inbox { inbox = yes list = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox Sent Messages { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / subscriptions = yes type = private } passdb { args = /usr/dovecot21/etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { acl = vfile acl_shared_dict = proxy::acl autocreate = Trash autocreate2 = Drafts autocreate3 = Sent autosubscribe = Trash autosubscribe2 = Drafts autosubscribe3 = INBOX autosubscribe4 = Sent mail_log_events = delete mailbox_delete mailbox_rename mail_log_fields = box subject from msgid size quota = maildir:User quota quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=95%% quota-warning 90 %u quota_warning3 = storage=85%% quota-warning 85 %u sieve = ~/.dovecot.sieve sieve_dir = ~/sieve trash = /usr/dovecot21/etc/dovecot/dovecot-trash.conf.ext } postmaster_address = postmas...@dacris.net protocols = imap quota_full_tempfail = yes rejection_subject = Rejected: %s: %r service auth { unix_listener auth-client { mode = 0666 user = vmail } unix_listener auth-userdb { mode = 0666 user = vmail } } service dict { unix_listener dict { user = vmail } } service imap-login { process_min_avail = 4 } service imap-postlogin { executable = script-login /bin/imap.sh unix_listener imap-postlogin { mode = 01232 } } service imap { executable = imap imap-postlogin process_limit = 1024 vsz_limit = 1 G } service quota-warning { executable = script /bin/quota_warning.sh unix_listener quota-warning { user = vmail } user = vmail } ssl_cert = /etc/ssl/certs/dovecot.pem ssl_key = /etc/ssl/private/dovecot.pem userdb { args = /usr/dovecot21/etc/dovecot/dovecot-sql.conf.ext driver = sql } protocol lda { mail_plugins = quota acl trash notify mail_log sieve autocreate } protocol imap { imap_client_workarounds = delay-newmail mail_max_userip_connections = 20 mail_plugins = quota acl trash notify mail_log imap_quota imap_acl } dovecot-sql.conf.ext: password_query = SELECT password FROM mailbox WHERE \ username = '%Ln' AND domain = '%Ld' AND \ active = '1' user_query = SELECT CONCAT('/srv/vmail/',mailbox.domain,'/%Ln') AS 'home' ,'98' AS 'uid', '98' AS 'gid' , \ CONCAT('*:storage=', mailbox.quota,'M') AS quota_rule ,Trash:storage=+50M AS quota_rule2 FROM mailbox WHERE \ mailbox.username = '%Ln' AND mailbox.domain = '%Ld' AND \ mailbox.active = '1' iterate_query = SELECT username AS user , domain FROM mailbox WHERE active = '1' attachment: adrian_stoica.vcf
Re: [Dovecot] Quota
Hi, If connecting from the policy service, can I use Dovecot master password to get quota over IMAP? Yes, I think a master user login should work as if the user has logged in. If you store quota in a database, the policy service could query the database. thanks a lot for your information. I have written a policy service in python for Postfix that can check over quota in Dovecot. Using IMAPS and the master user to check quota. If someone is interested, I can send a copy off list. -Christian Rößner -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich
[Dovecot] Quota
Hi, is it possible to ask Dovecot for a users quota by talking to the Dovecot server over TCP? I know about doveadm quota -u user, but I would like to know, if I can query for that over a network connection (on the Postfix ML they suggested writing a policy service that checks quota. Postfix is not always on the same server as Dovecot is). Does the LMTP protocol give that information somehow? I am not so familiar with LMTP. Or some Unix-Socket to query that could also be configured as inet_listener? Thanks in advance -Christian Rößner -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich