Do we really need Solr commit as cronjob?
I am testing Solr FTS on dovecot. Read online that some suggested to run cronjob commit every minute, and optimize once a day. I am using Solr 7.1.0 and I see some configurations: In /etc/default/solr.in.sh: #SOLR_OPTS="$SOLR_OPTS -Dsolr.autoSoftCommit.maxTime=3000" #SOLR_OPTS="$SOLR_OPTS -Dsolr.autoCommit.maxTime=6" Also in solrconfig.xml: ${solr.autoCommit.maxTime:15000} false ${solr.autoSoftCommit.maxTime:-1} So my question is do I still need run cronjob for commit? Do I need uncomment these lines in the solr.in.sh? Does my solrconfig.xml overwrite the setting in solr.in.sh? Thanks for help.
Re: iPhone/iPad IMAP connection bursts causes user+IP exceeded
Update: I have modified mail_max_userip_connections to 400 which made no difference. The end user customer actually had Apple remote into their device and they were impressed that the end user knew their IMAP settings. They tested it and during this connection time, it worked as expected with send and receive of e-mails. After Apple support disconnected from the device, it not longer worked. The reseller I am supporting will ask them today to try something like "BlueMail" which is an app I use on my Samsung S8+ - as it is free in the Apple store and will determine if the Apple issue is with their e-mail app or comms itself from the phone. Will keep you all posted on the outcome. On 30/11/17 08:40, David.M.Clark wrote: Thanks for the reply and suggestion Robert. I have now set mail_max_userip_connections to 400 in 20-imap.conf to see if it makes any difference. Late yesterday the customer tested from his office, an older IOS 9 tablet and he had IMAP working in a matter of minutes, so is certainly an newer software version by Apple issue. On 30/11/17 03:03, Robert Giles wrote: David, I'd say that if you set the mail_max_userip_connections value to a large-ish number (300-400), your users likely won't notice an issue on their iOS 10.x and iOS 11.x devices. It's more of an annoyance in the logs, and occasionally the iOS Mail app will show that it is stuck checking mail for a few minutes (when the new max_userip_connections is reached again, but with a large number, it happens much less frequently). Keep in mind max_userip applies to *authenticated* users, so a true, malicious DoS situation is less likely. And yeah, I'm definitely tired of Apple going off and breaking their software, because the blame always comes back on IT instead of Apple :( Robert On 2017-11-28 at 22:18, David.M.Clark wrote: Robert just got this one today. A customer has phoned who has replaced or updated their Apple 'stuff' (including iPhone 8 just purchased) and the identical settings that work on the older Apple based devices, as well as Outlook based PCs, work fine with IMAP (internal port 143 and external port 10143), but the newer IOS based devices just do not work. iPhone 8 does not let you downgrade to earlier OS either, which is something the customer was thinking of doing. Once again either Apple or Microsoft have 'moved the goal posts' expecting everyone else in the world to be forced to move with them. They are reporting issues on-line also with MS server and Office 365 so will be hoping we have some kind of good result quickly from Apple as this will only get worse as more people update and find their e-mail is 'dead in the water'. On 04/11/17 06:19, Robert Giles wrote: Apologies for bumping Joseph Tam's rather old thread, but I'm wondering if anyone has come up with a workaround/fix for this problem that iOS Mail.app clients (10.3.3, 11.0.3, 11.1?) continue to exhibit? Robert On 10/28/2016 at 03:49 PM, Joseph Tam wrote: I frequently see this from my iPhone/iPad IMAP users: Oct 24 21:30:55 server dovecot: imap-login: Login: user=, ... [... repeated 10 times ...] Oct 24 21:32:54 server dovecot: imap-login: Maximum number of connections from user+IP exceeded (mail_max_userip_connections=12): user= Oct 24 21:32:54 server dovecot: imap(user): Logged out ... [... repeated 11 times ...] These bursts of logins/max/logouts would cycling on for a few minutes. Googling this problem seems to turn up lots of similar complaints about iOS mail mail clients. e.g. https://discussions.apple.com/thread/2547839?tstart=0 iOS mail readers do not limit connections limit as other mailreaders can. I could increase mail_max_userip_connections, but that just moves the goal posts. Using the new rawlog feature in 2.2.26 (thanks Dovecot team!), I was able to see that these connection bursts are caused by clients doing global searches. The rawlogs show each mailbox being SELECT'd and searched (e.g. From header string): 1477369968.730450 2 ID ("name" "iPad Mail" "version" "13G36" "os" "iOS" "os-version" "9.3.5 (13G36)") 1477369968.781932 3 SELECT {mailbox} 1477369968.961636 4 UID SEARCH RETURN (COUNT) 1:* NOT DELETED 1477369969.006087 5 UID SEARCH RETURN (ALL) 1:* NOT DELETED 1477369969.052701 6 UID SEARCH RETURN (ALL) {search-term} NOT DELETED 1477369974.624153 7 LOGOUT Questions: 1) How does this affect the user? I heard from one user that it makes global searches unusable because his reader just spins its wheel. I'm not sure whether this is impatience or this results in failed searches. 2) Is there a client-side fix (e.g. connection limiting)? Apple appears to be intransigent on addressing this. 3) Will maintaining search indices (e.g. solr) help with this? Maybe the searches are taking too long and the connections pile up waiting for previous searches
Re: My Solr FTS problem
Thanks a lot for the help. You are right about the JSON as the default in solr v7.1.0. I now switched it back to XML and now it works. # doveadm -v index -u fail2...@mydomain.com Inbox doveadm(fail2...@mydomain.com): Info: INBOX: Caching mails seq=1..388 388/388 Gao On 2017-11-30 02:00 PM, Christian Kivalo wrote: solr 7 and dovecot
My Solr FTS problem
I am testing the solr FTS following the guide here: http://things.m31.ch/?p=379 Now I am having problem when I try to test: # doveadm -v index -u fail2...@mydomain.com Inbox doveadm(fail2...@mydomain.com): Error: fts_solr: Invalid XML input at 1:0: not well-formed (invalid token) (near: { "responseHeader":{ "status":0, "QTime":0, "params":{ "q":"box:8864fa1d51ea1d5a7b1296a1aaf8 AND user:fa) doveadm(fail2...@mydomain.com): Error: Mailbox INBOX: Status lookup failed: Internal error occurred. Refer to server log for more information. [2017-11-30 13:05:24] My system is CentOS 7, Dovecot 3.2.4 (installed from source with solr support), Java OpenJDK-1.8.0, Solr v7.1.0. Could some one help me on this please? Here is detailed debug out put: [root@mail ~]# doveadm -vD index -u fail2...@mydomain.com Inbox Debug: Loading modules from directory: /usr/lib64/dovecot Debug: Module loaded: /usr/lib64/dovecot/lib10_quota_plugin.so Debug: Module loaded: /usr/lib64/dovecot/lib20_fts_plugin.so Debug: Module loaded: /usr/lib64/dovecot/lib21_fts_solr_plugin.so Debug: Loading modules from directory: /usr/lib64/dovecot/doveadm Debug: Skipping module doveadm_acl_plugin, because dlopen() failed: /usr/lib64/dovecot/doveadm/lib10_doveadm_acl_plugin.so: undefined symbol: acl_user_module (this is usually intentional, so just ignore this message) Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: /usr/lib64/dovecot/doveadm/lib10_doveadm_expire_plugin.so: undefined symbol: expire_set_deinit (this is usually intentional, so just ignore this message) Debug: Module loaded: /usr/lib64/dovecot/doveadm/lib10_doveadm_quota_plugin.so Debug: Module loaded: /usr/lib64/dovecot/doveadm/lib10_doveadm_sieve_plugin.so Debug: Module loaded: /usr/lib64/dovecot/doveadm/lib20_doveadm_fts_plugin.so Debug: Skipping module doveadm_mail_crypt_plugin, because dlopen() failed: /usr/lib64/dovecot/doveadm/libdoveadm_mail_crypt_plugin.so: undefined symbol: mail_crypt_box_get_pvt_digests (this is usually intentional, so just ignore this message) doveadm(fail2...@mydomain.com): Debug: Added userdb setting: mail=maildir:/home/vmail/mydomain.com/fail2ban/ doveadm(fail2...@mydomain.com): Debug: Added userdb setting: plugin/quota_rule=*:bytes=0 doveadm(fail2...@mydomain.com): Debug: Effective uid=5000, gid=5000, home=/home/vmail/mydomain.com/fail2ban/ doveadm(fail2...@mydomain.com): Debug: Quota root: name=User quota backend=maildir args= doveadm(fail2...@mydomain.com): Debug: Quota rule: root=User quota mailbox=* bytes=0 messages=0 doveadm(fail2...@mydomain.com): Debug: Quota rule: root=User quota mailbox=Trash bytes=+104857600 messages=0 doveadm(fail2...@mydomain.com): Debug: Quota warning: bytes=0 (90%) messages=0 reverse=no command=quota-warning 90 fail2...@mydomain.com mydomain.com doveadm(fail2...@mydomain.com): Debug: Quota warning: bytes=0 (80%) messages=0 reverse=no command=quota-warning 80 fail2...@mydomain.com mydomain.com doveadm(fail2...@mydomain.com): Debug: Quota grace: root=User quota bytes=0 (10%) doveadm(fail2...@mydomain.com): Debug: Namespace inbox: type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:/home/vmail/mydomain.com/fail2ban/ doveadm(fail2...@mydomain.com): Debug: maildir++: root=/home/vmail/mydomain.com/fail2ban, index=, indexpvt=, control=, inbox=/home/vmail/mydomain.com/fail2ban, alt= doveadm(fail2...@mydomain.com): Debug: quota: quota_over_flag check: quota_over_script unset - skipping doveadm(fail2...@mydomain.com): Debug: INBOX: Mailbox opened because: index doveadm(fail2...@mydomain.com): Debug: http-client: host 127.0.0.1: Host created doveadm(fail2...@mydomain.com): Debug: http-client: peer 127.0.0.1:8983: Peer created doveadm(fail2...@mydomain.com): Debug: http-client: queue http://127.0.0.1:8983: Setting up connection to 127.0.0.1:8983 (1 requests pending) doveadm(fail2...@mydomain.com): Debug: http-client: peer 127.0.0.1:8983: Linked queue http://127.0.0.1:8983 (1 queues linked) doveadm(fail2...@mydomain.com): Debug: http-client: queue http://127.0.0.1:8983: Started new connection to 127.0.0.1:8983 doveadm(fail2...@mydomain.com): Debug: http-client: request [Req1: GET http://127.0.0.1:8983/solr/dovecot/select?fl=uid=1=uid+desc=box:8864fa1d51ea1d5a7b1296a1aaf8+AND+user:fail2...@mydomain.com]: Submitted doveadm(fail2...@mydomain.com): Debug: http-client: Waiting for 1 requests to finish doveadm(fail2...@mydomain.com): Debug: http-client: peer 127.0.0.1:8983: Creating 1 new connections to handle requests (already 0 usable, connecting to 0, closing 0) doveadm(fail2...@mydomain.com): Debug: http-client: peer 127.0.0.1:8983: Making new connection 1 of 1 doveadm(fail2...@mydomain.com): Debug: http-client: conn 127.0.0.1:8983 [0]: HTTP connection created (1 parallel connections exist) doveadm(fail2...@mydomain.com): Debug: http-client: conn 127.0.0.1:8983 [0]: Connected
Re: Unable to build sieve plugin
Am 30. November 2017 18:20:58 MEZ schrieb Mark Foley: >I'm wanting to experiment with sieve processing for the first time. >Having some trouble getting >started. I googled to page, https://wiki2.dovecot.org/Pigeonhole/Sieve, >went to the "Download >and Installation" link, then the "Pigeonhole download page" link and >downloaded >dovecot-2.2-pigeonhole-0.4.21.tar.gz (I have Dovecot version 2.2.15). I >untarred, ran >./configure (which appeared to run OK), then `make` and got the >following erro: > >make[4]: Entering directory >'/user/util/src/dovecot/dovecot-2.2-pigeonhole-0.4.21/src/lib-sieve/util' >/bin/sh ../../../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H >-I. -I../../.. -I/usr/local/include/dovecot >-DMODULEDIR=\""/usr/local/lib/dovecot"\" -std=gnu99 -g -O2 -Wall -W >-Wmissing-prototypes -Wmissing-declarations -Wpointer-arith >-Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime >-Wstrict-aliasing=2 -I../../.. -MT edit-mail.lo -MD -MP -MF >.deps/edit-mail.Tpo -c -o edit-mail.lo edit-mail.c >libtool: compile: gcc -DHAVE_CONFIG_H -I. -I../../.. >-I/usr/local/include/dovecot -DMODULEDIR=\"/usr/local/lib/dovecot\" >-std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations >-Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast >-fno-builtin-strftime -Wstrict-aliasing=2 -I../../.. -MT edit-mail.lo >-MD -MP -MF .deps/edit-mail.Tpo -c edit-mail.c -fPIC -DPIC -o >.libs/edit-mail.o >edit-mail.c: In function 'edit_mail_get_special': >edit-mail.c:1592:8: error: 'MAIL_FETCH_STORAGE_ID' undeclared (first >use in this function) > case MAIL_FETCH_STORAGE_ID: >^ >edit-mail.c:1592:8: note: each undeclared identifier is reported only >once for each function it appears in > >This was followed by several more errors and the make failed. > >What did I do wrong? You need the current dovecot version for the current Pigeonhole version. For dovecot 2.2.15 you probably need to go back to pigeonhole 0.4.7 or even 0.4.5 to get it to compile without errors, see the release notes on the mailing list. >--Mark -- Christian Kivalo
Unable to build sieve plugin
I'm wanting to experiment with sieve processing for the first time. Having some trouble getting started. I googled to page, https://wiki2.dovecot.org/Pigeonhole/Sieve, went to the "Download and Installation" link, then the "Pigeonhole download page" link and downloaded dovecot-2.2-pigeonhole-0.4.21.tar.gz (I have Dovecot version 2.2.15). I untarred, ran ./configure (which appeared to run OK), then `make` and got the following erro: make[4]: Entering directory '/user/util/src/dovecot/dovecot-2.2-pigeonhole-0.4.21/src/lib-sieve/util' /bin/sh ../../../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -I../../.. -I/usr/local/include/dovecot -DMODULEDIR=\""/usr/local/lib/dovecot"\" -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -I../../.. -MT edit-mail.lo -MD -MP -MF .deps/edit-mail.Tpo -c -o edit-mail.lo edit-mail.c libtool: compile: gcc -DHAVE_CONFIG_H -I. -I../../.. -I/usr/local/include/dovecot -DMODULEDIR=\"/usr/local/lib/dovecot\" -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -I../../.. -MT edit-mail.lo -MD -MP -MF .deps/edit-mail.Tpo -c edit-mail.c -fPIC -DPIC -o .libs/edit-mail.o edit-mail.c: In function 'edit_mail_get_special': edit-mail.c:1592:8: error: 'MAIL_FETCH_STORAGE_ID' undeclared (first use in this function) case MAIL_FETCH_STORAGE_ID: ^ edit-mail.c:1592:8: note: each undeclared identifier is reported only once for each function it appears in This was followed by several more errors and the make failed. What did I do wrong? --Mark
Re: Sieve can't move messages in a public namespace
Hello all, finally I upgraded to dovecot 2.2.10 (that comes with CentOS 7.4). But the problem is still there! Why sieve can't move a message in a public namespace complaining about "Mailbox does not exists"? None of you ever try? Some of you have a working setup? I attach "dovecot -n" output. The sieve script is: require ["fileinto", "envelope", "mailbox"]; if header :contains ["From"] "a...@address.com" { fileinto "Cond-UFF_FORNITORI/CONTABILITA/Ricevuta"; } The error: error: msgid=<5df93e60-676c-f6bb-68b8-c17fe7493...@address.com>: failed to store into mailbox 'Cond-UFF_FORNITORI/CONTABILITA/Ricevuta': Mailbox doesn't exist: Cond-UFF_FORNITORI/CONTABILITA/Ricevuta Il 04/07/2017 10:34, Stephan Bosch ha scritto: Op 7/4/2017 om 8:44 AM schreef Paolo: Il 30/06/2017 10:46, Paolo ha scritto: Hello, my dovecot version is 2.1.17 I've configured some public namespaces (config attached). When a mail arrives at a certain mail address, that mail is handled by dovecot lmtp server and a sieve script is executed that shuold move the message in one of the namespaces. This is the script: require "fileinto"; if header :contains "From""exam...@example.com" { fileinto "Cond-UFF_FORNITORI/CONTABILITA/Inviata"; } else { fileinto "Cond-UFF_FORNITORI/CONTABILITA/Ricevuta"; } The problem is that the sieve script fails with the error: sieve: info: started log at Jun 27 12:42:28. error: msgid=: failed to store into mailbox 'Cond-UFF_FORNITORI/CONTABILITA/Ricevuta': Mailbox doesn't exist: Cond-UFF_FORNITORI/CONTABILITA/Ricevuta. I double checked config, dovecot documentation, sieve documentation, ACL, filesystem paths, filesystem permissions, etc. etc. I'm pretty sure it's all right. So why isn't sieve working? Thanks if you bother to answer & Cheers Paolo Nobody has clues? Your version is very old. Can you try upgrading first? Regards, Stephan. # 2.2.10: /etc/dovecot/dovecot.conf # OS: Linux 3.10.0-693.5.2.el7.x86_64 x86_64 CentOS Linux release 7.4.1708 (Core) xfs auth_gssapi_hostname = $ALL auth_krb5_keytab = /etc/dovecot/dovecot.keytab auth_mechanisms = gssapi plain default_process_limit = 300 disable_plaintext_auth = no hostname = mail.fcr.re.it mail_debug = yes mail_gid = vmail mail_location = sdbox:/home/vmail/mailboxes/%n/dbox:ALT=/mnt/dovecot-altstorage/%n mail_max_userip_connections = 15 mail_plugins = acl listescape mail_shared_explicit_inbox = yes mail_uid = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace { location = maildir:/home/vmail/mailboxes/Condivise/UFF_FORNITORI-maildir:INDEX=~/Cond-indexes/.UFF_FORNITORI:CONTROL=~/Cond-control/.UFF_FORNITORI prefix = Cond-UFF_FORNITORI/ separator = / subscriptions = no type = public } namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / type = private } passdb { args = /etc/dovecot/FCR-dovecot-ldap.conf.ext driver = ldap } plugin { acl = vfile acl_shared_dict = file:/home/vmail/mailboxes/shared-mailboxes.db sieve = ~/.dovecot.sieve sieve_before = /etc/dovecot/sieve-pre sieve_max_redirects = 8 } postmaster_address = postmas...@fcr.re.it service auth { client_limit = 1300 unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } } service imap-login { process_min_avail = 10 } service imap { vsz_limit = 256 M } service lmtp { executable = lmtp -L process_min_avail = 5 } ssl = required ssl_cert =
Re: Username character disallowed by auth_username_chars: 0x13
Hi, On Wed, Nov 29, 2017 at 12:18 AM, Aki Tuomiwrote: > >> On November 29, 2017 at 5:58 AM Alex wrote: >> >> >> Hi, I'm receiving the following messages in my mail logs that I >> haven't seen before: >> >> Nov 28 22:45:31 bwipropemail dovecot: auth: login(?,179.210.41.21): >> Username character disallowed by auth_username_chars: 0x13 (username: >> AB?) >> Nov 28 22:45:31 bwipropemail dovecot: auth: login(?,179.210.41.21): >> Username character disallowed by auth_username_chars: 0x13 (username: >> AB?) >> >> There's thousands of them, from hundreds of different IP addresses. I >> suspect it's an exploit attempt, but does anyone know which? >> >> I've added a fail2ban entry, but I'd also like to make sure my dovecot >> is not vulnerable. This is on a fc25 system with all updates. > > 0x13 is carriage return, so it could just be a mistake in the spam robots > code. It turned out there was a carriage return in the GCOS field of one of the users in the password file, and for every dovecot login there was an entry similar to the above in the logs.
Re: Detect port number of SASL AUTH request?
Op 16-11-2017 om 2:07 schreef MRob: Hi, this is partly Postfix related, but I want to know if there could be way to distinguish port of the SASL AUTH request to segregate user services. Currently I use unix listener for dovecot sasl auth, but could change to inet_listener. Only way I can think is to have different SASL AUTH services for each master.cf entry where its needed. But is it possible for Dovecot to have more than one SASL AUTH services with different configuration setup? It would be nicer if there was a way for Postfix to tell Dovecot about the port the client connected on. Or maybe it can be done with a SASL realm? I'm not sure how? Any help please? I am not sure I understand the question completely. The Dovecot SASL auth protocol allows setting various auxiliary fields: https://github.com/dovecot/core/blob/release-2.2.33/src/auth/auth-request.c#L370 (Which, apparently, aren't all documented: https://wiki2.dovecot.org/Design/AuthProtocol) The service connection ports are among those fields. So, at least an authentication client (e.g. Postfix) could pass the ip:port to Dovecot. I don't know whether Postfix sets one of these port values at this time. And even then, there's the question of whether the port value can be used as a selector in some dynamic configuration. The local {...} configuration sections can as far as I know only be used with IPs and not with ports or IP:ports. Maybe you could do some magic in variable substitutions, e.g. use it in the passdb/userdb database lookup. Regards, Stephan.
Re: Plugin 'sieve_imapsieve' not found
Thank you very much, the solution was so simple. Am 30.11.2017 um 14:32 schrieb Felix Zielcke: Am Donnerstag, den 30.11.2017, 13:47 +0100 schrieb Christopher Satchell: Hello, when Dovecot launches (and pretty much at any action afterwards) it always throws following error: managesieve: Fatal: Plugin 'sieve_imapsieve' not found from directory /usr/lib/dovecot/modules/sieve config: Error: managesieve-login: dump-capability process returned 89 dovecot-sieve and dovecot-managesieved are both installed and the only plugin in the mentioned folder is `lib90_sieve_extprograms_plugin.so`. `doveconf -n` output: # 2.2.22 (fe789d2): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.13 (7b14904) Hi Christopher, IMAPSieve extension was added with Pigeonhole 0.4.14 Regards, Felix
Re: Dovecot lmtp doesn't log
Op 25-11-2017 om 13:00 schreef Tomislav Perisic: Does anyone have any idea regarding this? On 17 Nov 2017 11:36, "Tomislav Perisic"wrote: Hi, We have 2 servers, server A and server B. Server A has: Postfix dovecot-2.2.33.2-1.el6.x86_64 Server B has: dovecot-2.2.33.2-1.el6.x86_64 dovecot-pigeonhole-2.2.33.2-1.el6.x86_64 Server A receives email on postfix, dovecot then takes that email from postfix and proxies it to Server B Dovecot. Dovecot on Server B takes the proxied email and delivers it with lmtp to the user inboxes. The problem is that the dovecot on server B Doesn't log anything regarding the emails that are being delivered to the mailbox via lmtp. Dovecot on server A logs everything perfectly regarding the proxy, so my assumption is that there is an issue with Dovecot lmtp logging. We changed the logging from syslog directly to a file and we noticed the same problem, missing log entries. We also tried turning on verbose logging and it didn't help. Are you sure you're looking in the right place? You can find out where logs are written using `doveadm log find`. Especially with mail_debug enabled, you should see a lot of log messages for an LMTP delivery. Regards, Stephan. Server B: Red Hat 6.7 x86_64 rpm -qa | grep dove dovecot-2.2.33.2-1.el6.x86_64 dovecot-pigeonhole-2.2.33.2-1.el6.x86_64 doveconf -n # 2.2.33.2: /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.21 auth_cache_negative_ttl = 0 auth_debug = yes auth_debug_passwords = yes auth_verbose = yes listen = * mail_debug = yes mail_gid = mail mail_location = maildir:~/Maildir mail_plugins = " quota zlib" mail_uid = vmail managesieve_notify_capability = mailto namespace inbox { inbox = yes location = mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Sent { auto = subscribe special_use = \Sent } mailbox Spam { auto = subscribe special_use = \Junk } mailbox Trash { auto = subscribe special_use = \Trash } mailbox Virus { auto = subscribe } plugin { quota = maildir:User quota sieve_extensions = +editheader sieve_max_actions = 32 sieve_max_redirects = 4 sieve_max_script_size = 1M sieve_quota_max_scripts = 0 sieve_trace_debug = yes sieve_trace_level = matching sieve_vacation_dont_check_recipient = yes sieve_vacation_send_from_recipient = yes sieve_vacation_use_original_recipient = yes zlib_save = gz zlib_save_level = 6 } protocols = imap pop3 lmtp sieve service auth { unix_listener auth-userdb { group = mail mode = 0666 user = vmail } } service lmtp { inet_listener lmtp { port = xx } } service managesieve-login { inet_listener sieve { port = xx } service_count = 1 } protocol lmtp { mail_plugins = " quota zlib sieve mail_log notify" } protocol imap { mail_plugins = " quota zlib imap_quota imap_zlib" } protocol sieve { managesieve_implementation_string = dovecot managesieve_logout_format = bytes ( in=%i : out=%o ) managesieve_max_line_length = 65536 managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave }
Re: Plugin 'sieve_imapsieve' not found
Am Donnerstag, den 30.11.2017, 13:47 +0100 schrieb Christopher Satchell: > Hello, > > when Dovecot launches (and pretty much at any action afterwards) it > always throws following error: > > > managesieve: Fatal: Plugin 'sieve_imapsieve' not found from > > directory > > /usr/lib/dovecot/modules/sieve > > config: Error: managesieve-login: dump-capability process returned > > 89 > > dovecot-sieve and dovecot-managesieved are both installed and the > only > plugin in the mentioned folder is > `lib90_sieve_extprograms_plugin.so`. > > `doveconf -n` output: > > # 2.2.22 (fe789d2): /etc/dovecot/dovecot.conf > # Pigeonhole version 0.4.13 (7b14904) Hi Christopher, IMAPSieve extension was added with Pigeonhole 0.4.14 Regards, Felix
Re: Plugin 'sieve_imapsieve' not found
Op 30-11-2017 om 13:47 schreef Christopher Satchell: Hello, when Dovecot launches (and pretty much at any action afterwards) it always throws following error: | managesieve: Fatal: Plugin 'sieve_imapsieve' not found from directory /usr/lib/dovecot/modules/sieve | config: Error: managesieve-login: dump-capability process returned 89 dovecot-sieve and dovecot-managesieved are both installed and the only plugin in the mentioned folder is `lib90_sieve_extprograms_plugin.so`. plugin { sieve_plugins = sieve_imapsieve sieve_extprograms } There's your problem. Your Dovecot is too old to have imapsieve support, so that plugin is not installed. Why do you have it enabled then? Regards, Stephan. `doveconf -n` output: # 2.2.22 (fe789d2): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.13 (7b14904) managesieve(username): Fatal: Plugin 'sieve_imapsieve' not found from directory /usr/lib/dovecot/modules/sieve doveconf: Error: managesieve-login: dump-capability process returned 89 # OS: Linux 4.4.0-101-generic x86_64 Ubuntu 16.04.3 LTS auth_mechanisms = plain login mail_gid = vmail mail_home = /var/vmail/mailboxes/%d/%n mail_location = maildir:~/mail:LAYOUT=fs mail_privileged_group = vmail mail_uid = vmail namespace inbox { inbox = yes location = mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Sent { auto = subscribe special_use = \Sent } mailbox Spam { auto = subscribe special_use = \Junk } mailbox Trash { auto = subscribe special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } plugin { imapsieve_mailbox1_before = file:/var/vmail/sieve/global/learn-spam.sieve imapsieve_mailbox1_causes = COPY imapsieve_mailbox1_name = Spam imapsieve_mailbox2_before = file:/var/vmail/sieve/global/learn-ham.sieve imapsieve_mailbox2_causes = COPY imapsieve_mailbox2_from = Spam imapsieve_mailbox2_name = * quota = maildir:User quota quota_exceeded_message = Benutzer %u hat das Speichervolumen überschritten. / User %u has exhausted allowed storage space. sieve = file:/var/vmail/sieve/%d/%n/scripts;active=/var/vmail/sieve/%d/%n/active-script.sieve sieve_before = /var/vmail/sieve/global/spam-global.sieve sieve_global_extensions = +vnd.dovecot.pipe sieve_pipe_bin_dir = /usr/bin sieve_plugins = sieve_imapsieve sieve_extprograms } protocols = imap lmtp sieve service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-userdb { group = vmail mode = 0660 user = vmail } } service imap-login { inet_listener imap { port = 143 } } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0660 user = postfix } user = vmail } service managesieve-login { inet_listener sieve { port = 4190 } } ssl = required ssl_cert = ssl_cipher_list = EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA256:EECDH:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!IDEA:!ECDSA:kEDH:CAMELLIA128-SHA:AES128-SHA ssl_dh_parameters_length = 2048 ssl_key =
Re: Autoreplies are not sent
El 30 nov. 2017 4:02 a.m., "Steffen Kaiser"escribió: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 29 Nov 2017, Sergio Belkin wrote: Now, I'd want to every mail was sent to support-...@example.com it triggers > an autoreply vacation style. > > So, I've wrote and compiled a sieve filter, something like that and put in > op1@example.local sieve folder. > > But it fails complaining like that: > nov 29 15:55:39 muteriver.example.local dovecot[12549]: lmtp(12675, > op1@example.local): CqNdF6sCH1qDMQAAcSFsIQ: sieve: msgid=< > ded22f3d-f1e3-157e-0667-ca73d851d...@example.com>: discarding vacation > response for implicitly delivered message; no known (envelope) recipient > address found in message headers (recipient= , and > additional `:addresses' are specified) > your MTA does not pass the envelope sender to Dovecot. Do you use LMTP or LDA to deliver the messages? - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWh+tI8QnQQNheMxiAQLi4AgAuTja/RGggap3E/EmqoDt42FNfPV/Tx+i wYC/IoM9KG+IZE4YcVVQW15EMt3CYNWf8VFU4ln45yAPuE/QidZLBdV5P0Ob9CLn uh7o02fc4RHQsmLeDNL3A9NpNTJR/Tj013fW2ZFvEA4hNU7f7IM07j28xZMWLI0Z ToRXWptFmw4SYKuK3utPlE2D3H7kqxskY/736qEoW97p6KFzAre36BH1ANe25/dD SygYJNEuh5B1VsKZg/NJjTpPbZwLCsqoP0lOW/tCG/SyPO991jPM1vzuI2A5r9fk OsxjYnb4xnufiu3Xe0EUkFee3fen9EAQ1LZdDHaueKva3TQmPLb4ow== =2Ex/ -END PGP SIGNATURE- Steffen, Thanks, I use lmtp. Greets.
Re: dovecot - 2 Faktor Auth
On 30.11.2017 12:33, Hajo Locke wrote: > Hallo Liste, > > hat sich schon mal jemand mit 2 Faktor Auth für dovecot beschäftigt? > Es geht dabei nicht nur um die Absicherung einer Weboberfläche sondern > direkt die Absicherung der Standard pop/imap Verbindungen des Clients. > Wir machen das auth bisher über MySQL. Rein technisch würde das > gehen, da man die Password-Query beliebig anpassen und auch mit > allow_nets arbeiten kann. Es wäre eher die Herausforderung für den > Client den 2. Faktor zu erfüllen und seine IP freizuschalten. Man > müsste dann ja Clients wie Thunderbird veranlassen irgendwie die > Challenge des 2. Faktors anzuzeigen und zu erfüllen. Vermutlich kann > man das nur mit speziellen Clients z.B. einer eigenen App machen. > Hat jemand in dem Bereich Erfahrung und kann diese teilen? > > Danke, > Hajo Hi! This is an english speaking list. Please send your question in english. Aki
dovecot - 2 Faktor Auth
Hallo Liste, hat sich schon mal jemand mit 2 Faktor Auth für dovecot beschäftigt? Es geht dabei nicht nur um die Absicherung einer Weboberfläche sondern direkt die Absicherung der Standard pop/imap Verbindungen des Clients. Wir machen das auth bisher über MySQL. Rein technisch würde das gehen, da man die Password-Query beliebig anpassen und auch mit allow_nets arbeiten kann. Es wäre eher die Herausforderung für den Client den 2. Faktor zu erfüllen und seine IP freizuschalten. Man müsste dann ja Clients wie Thunderbird veranlassen irgendwie die Challenge des 2. Faktors anzuzeigen und zu erfüllen. Vermutlich kann man das nur mit speziellen Clients z.B. einer eigenen App machen. Hat jemand in dem Bereich Erfahrung und kann diese teilen? Danke, Hajo
Re: ManageSieve: authenticate "EXTERNAL" not behaving correctly
Stephan Bosch wrote: Op 28-10-2017 om 17:18 schreef Stephan Bosch: Op 10/26/2017 om 1:32 PM schreef Marc Weustink: ... Will get back on this later. This was actually a Dovecot problem. Merged yesterday: https://github.com/dovecot/core/commit/451698c60d7b3a763742c8e99503ab30596036f0 https://github.com/dovecot/core/commit/e4b72bd73bfffda7906faa248eab31f936cfc6fa https://github.com/dovecot/core/commit/ad3e5fb08578161731085cfc025659753d2682cb https://github.com/dovecot/core/commit/981f260cfa17a22faf4ff047e479e63cad01aa65 Great, Thanks. Marc