client unable to send mail, dovecot-imap errors
Hi, I have an email client that is currently unable to send mail through imap. I am getting a ton of errors in dovecot-imap.log. All of these errors continue to show up, even after purging the dovecot*.* files from the offending folders. This happens to all email accounts on the server. Clearing the cache files doesn't fix, the error appears pretty much immediately after the new cache is generated. == Error: mmap() failed with file path/Maildir/dovecot.index.cache: Invalid argument == These errors are associated with an account unable to send right now. They seem to have only started since the send problem started. == Error: Corrupted transaction log file path/Maildir/dovecot.index.log seq 5: indexid changed 1512100549 -> 1512183737 (sync_offset=0) Error: Index path/Maildir/dovecot.index: Lost log for seq=5 offset=12576: Failed to map file seq=178 offset=40..18446744073709551615 (ret=0) Warning: fscking index file path/Maildir/dovecot.index Error: Fixed index file path/Maildir/dovecot.index: log_file_seq 5 -> 179 IMAP session state is inconsistent, please relogin. in=26 out=1276 == This error is also associated with the offending email client == message repeated 9 times: [ imap(emailaddress): Error: Transaction log path/Maildir/dovecot.index.log: duplicate transaction log sequence (2)] == Some additional info: dovecot: 2.2.22 (fe789d2) Ubuntu Server 16.04 Running on a qemu VM installed on an Unraid 6.3.5 Server 4GB RAM mail folder is located on virtio 9p2000 host passthru fs located on the same physical machine as the VM. Anyone have any ideas? Need additional information? Thanks, Eric
Re: Lua Auth
On Thu, Nov 30, 2017 at 5:26 AM, Stephan Boschwrote: > > > Op 29-11-2017 om 6:17 schreef Aki Tuomi: > >> On November 29, 2017 at 4:37 AM Mark Moseley >>> wrote: >>> >>> >>> Just happened to be surfing the docs and saw this. This is beyond >>> awesome: >>> >>> https://wiki2.dovecot.org/AuthDatabase/Lua >>> >>> Any words of wisdom on using it? I'd be putting a bunch of mysql logic in >>> it. Any horrible gotchas there? When it says 'blocking', should I assume >>> that means that a auth worker process will *not* accept any new auth >>> lookups until both auth_passdb_lookup() and auth_userdb_lookup() have >>> completed (in which I'd be doing several mysql calls)? If that's the >>> case, >>> I assume that the number of auth workers should be bumped up. >>> >>> And is a 2.3 release fairly imminent? >>> >> Hi! >> >> This feature was added very recently, and there is very little >> operational experience on it. As the docs should say, blocking=yes means >> that an auth worker is used, and yes, it will block each auth worker during >> authentication, but what we tried, it should perform rather nicely. >> >> The most important gotcha is to always test your lua code rigorously, >> because there is not much we can do to save you. >> >> It should be present in master branch, so if someone feels like trying it >> out, please let us know if you find any bugs or strangeness. It's not >> present in nightlies yet. >> >> We are planning on releasing 2.3.0 this year. >> > > The Xi package builder has this feature enabled since yesterday. It is > available in the dovecot-lua package; the first Xi package that doesn't > have an official Debian equivalent (yet anyway). > > > I've been playing with Lua auth and so far no issues. I was previously putting together a very ugly MySQL stored procedure. Using Lua would be a lot easier (esp when it comes to returning an arbitrary number of columns). I'd love to see any test Lua code that the dovecot team has been playing around with (and realize it's not remotely production-ready, so don't worry about caveats I did have a couple of questions though: 1) Is the data returned by Lua auth not cacheable? I've got the following settings (and I'm just using Lua in the userdb lookup, not passdb -- passdb is doing a lightweight SQL lookup for username/password): auth_cache_negative_ttl = 1 mins auth_cache_size = 10 M auth_cache_ttl = 10 mins but I notice that every time I auth, it'll redo all the queries in my Lua code. I'd have expected that data to be served out of cache till the 10min TTL is up 2) Is there an appropriate way to return data with spaces in it (or presumably other non-alphanum chars. My quota name had a space in it, which somehow got interpreted as 'yes' , i.e.: imap: Error: Failed to initialize quota: Invalid quota root quota: Unknown quota backend: yes I simply changed the space to an underscore as a workaround, but I'm curious if there's a better way. I tried various quoting without success. Didn't try escaping yet. 3) Can you elaborate on the "auth_request#response_from_template(template)" and "auth_request#var_expand(template)" functions? Specifically how to use them. I'm guessing that I could've used one of them to work around #2 (that it would have done the escaping for me) Thanks!
iPhone no longer authenticating
I've switched a user to being an active directory user. That user's email client authorizes just fine with dovecot using GSSAPI. However, now his iPhone won't authorize. In the dovecot log file I get: Dec 01 14:27:28 auth: Debug: client in: AUTH1 PLAIN service=imap secured session=q4n3W0xfggBiZj9slip=98.102.63.107 rip=98.102.63.108 lport=993 rport=49538 resp=AG1wcmVzcwBEaW5va3JvbndhbGw0NQ== (previous base64 data may contain sensitive data) Dec 01 14:27:32 auth-worker(5988): Debug: shadow(mpress,98.102.xx.yyy): lookup Dec 01 14:27:32 auth-worker(5988): Info: shadow(mpress,98.102.xx.yyy): unknown user (given password: ***) Dec 01 14:27:34 auth: Debug: client passdb out: FAIL1 user=mpress Dec 01 14:27:34 imap-login: Info: Aborted login (auth failed, 1 attempts in 6 secs): user=, method=PLAIN, rip=98.102.xx.yyy, lip=98.102.63.107, TLS, session= Dec 01 14:27:34 imap-login: Debug: SSL alert: close notify [98.102.xx.yyy] This same user will authenticate OK from his local domain workstation: Dec 01 14:28:52 auth: Debug: master userdb out: USER1948516353 mpress system_groups_user=HPRS\mpress uid=10005gid=1 home=/home/HPRS/mpress auth_token=ce3050035718ed0996af698400c4de1be453ec06 auth_user=mpress@HPRS.LOCAL Dec 01 14:28:52 imap-login: Info: Login: user=, method=GSSAPI, rip=192.168.0.54, lip=192.168.0.2, mpid=9755, TLS, session=<6MT1YExftwDAqAA2> I'm pretty sure the reason has to do with Active Directory authenication locally, but of course his iPhone is not a member of the domain, and he is no longer in /etc/passwd/shadow. So, what is the best way to get the iPhone to authenticate? Here's my current config: > doveconf -n # 2.2.15: /usr/local/etc/dovecot/dovecot.conf # OS: Linux 4.4.88 x86_64 Slackware 14.2 auth_debug = yes auth_debug_passwords = yes auth_gssapi_hostname = $ALL auth_krb5_keytab = /etc/dovecot/dovecot.keytab auth_mechanisms = plain login gssapi auth_use_winbind = yes auth_username_format = %n auth_verbose = yes auth_verbose_passwords = plain disable_plaintext_auth = no info_log_path = /var/log/dovecot_info mail_location = maildir:~/Maildir passdb { driver = shadow } protocols = imap ssl_cert =
Re: Dovecot lmtp doesn't log
* Tomislav Perisic2017.12.01 15:30: > Does anyone have a working configuration regarding this that they don't > have a problem with LMTP logging? If yes could you please send me your > config and dovecot version to compare. 2.2.devel (904765b05): # doveconf deliver_log_format syslog_facility deliver_log_format = msgid=%m, time=%{delivery_time}ms, status=%$ syslog_facility = local1 rsyslog.conf: local1.*-/var/log/dovecot/dovecot.log local1.info -/var/log/dovecot/dovecot.info local1.warn -/var/log/dovecot/dovecot.warn local1.err/var/log/dovecot/dovecot.err if ($syslogfacility-text=='local1') and ($programname=='dovecot') and\ ($msg contains 'lmtp') and ($msg contains 'stored mail into mailbox')\ then -/var/log/dovecot/dovecot.lmtp signature.asc Description: PGP signature
Re: Dovecot lmtp doesn't log
Hi, Thanks for replying. initially logging was done via syslog, and the custom log file for mail.* facility was /var/log/maillog. Everything was logged normally (dovecot login logouts, sieve scripts, extra debugging lines) but nothing regarding LMTP. I would receive the email in my inbox but I wouldnt be able to see anything in the logs regarding this. After that i turned off syslog and used the direct dovecot logging to a separate file. Again, it was logging everything except of LMTP (mail debug is turned on). Does anyone have a working configuration regarding this that they don't have a problem with LMTP logging? If yes could you please send me your config and dovecot version to compare. Or if anyone has any other ideas. Thank you. On Thu, Nov 30, 2017 at 2:34 PM, Stephan Boschwrote: > > > Op 25-11-2017 om 13:00 schreef Tomislav Perisic: > >> Does anyone have any idea regarding this? >> >> On 17 Nov 2017 11:36, "Tomislav Perisic" wrote: >> >> Hi, >> >> We have 2 servers, server A and server B. >> >> Server A has: >> >> Postfix >> dovecot-2.2.33.2-1.el6.x86_64 >> >> Server B has: >> >> dovecot-2.2.33.2-1.el6.x86_64 >> dovecot-pigeonhole-2.2.33.2-1.el6.x86_64 >> >> Server A receives email on postfix, dovecot then takes that email from >> postfix and proxies it to Server B Dovecot. Dovecot on Server B takes the >> proxied email and delivers it with lmtp to the user inboxes. >> >> The problem is that the dovecot on server B Doesn't log anything regarding >> the emails that are being delivered to the mailbox via lmtp. >> >> Dovecot on server A logs everything perfectly regarding the proxy, so my >> assumption is that there is an issue with Dovecot lmtp logging. We changed >> the logging from syslog directly to a file and we noticed the same >> problem, >> missing log entries. >> >> We also tried turning on verbose logging and it didn't help. >> > > Are you sure you're looking in the right place? > > You can find out where logs are written using `doveadm log find`. > > Especially with mail_debug enabled, you should see a lot of log messages > for an LMTP delivery. > > Regards, > > Stephan. > > > >> Server B: >> >> Red Hat 6.7 x86_64 >> >> rpm -qa | grep dove >> dovecot-2.2.33.2-1.el6.x86_64 >> dovecot-pigeonhole-2.2.33.2-1.el6.x86_64 >> >> doveconf -n >> >> # 2.2.33.2: /etc/dovecot/dovecot.conf >> # Pigeonhole version 0.4.21 >> auth_cache_negative_ttl = 0 >> auth_debug = yes >> auth_debug_passwords = yes >> auth_verbose = yes >> listen = * >> mail_debug = yes >> mail_gid = mail >> mail_location = maildir:~/Maildir >> mail_plugins = " quota zlib" >> mail_uid = vmail >> managesieve_notify_capability = mailto >> >> namespace inbox { >>inbox = yes >>location = >>mailbox Drafts { >> auto = subscribe >> special_use = \Drafts >>} >>mailbox Sent { >> auto = subscribe >> special_use = \Sent >>} >>mailbox Spam { >> auto = subscribe >> special_use = \Junk >>} >>mailbox Trash { >> auto = subscribe >> special_use = \Trash >>} >>mailbox Virus { >> auto = subscribe >>} >> >> plugin { >>quota = maildir:User quota >>sieve_extensions = +editheader >>sieve_max_actions = 32 >>sieve_max_redirects = 4 >>sieve_max_script_size = 1M >>sieve_quota_max_scripts = 0 >>sieve_trace_debug = yes >>sieve_trace_level = matching >>sieve_vacation_dont_check_recipient = yes >>sieve_vacation_send_from_recipient = yes >>sieve_vacation_use_original_recipient = yes >>zlib_save = gz >>zlib_save_level = 6 >> } >> protocols = imap pop3 lmtp sieve >> service auth { >>unix_listener auth-userdb { >> group = mail >> mode = 0666 >> user = vmail >>} >> } >> service lmtp { >>inet_listener lmtp { >> port = xx >>} >> } >> service managesieve-login { >>inet_listener sieve { >> port = xx >>} >>service_count = 1 >> } >> >> protocol lmtp { >>mail_plugins = " quota zlib sieve mail_log notify" >> } >> protocol imap { >>mail_plugins = " quota zlib imap_quota imap_zlib" >> } >> protocol sieve { >>managesieve_implementation_string = dovecot >>managesieve_logout_format = bytes ( in=%i : out=%o ) >>managesieve_max_line_length = 65536 >>managesieve_sieve_capability = fileinto reject envelope >> encoded-character >> vacation subaddress comparator-i;ascii-numeric relational regex imap4flags >> copy include variables body enotify environment mailbox date ihave >> } >> > >
Re: Autoreplies are not sent
2017-11-30 9:28 GMT-03:00 Sergio Belkin: > > > El 30 nov. 2017 4:02 a.m., "Steffen Kaiser" > escribió: > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > > On Wed, 29 Nov 2017, Sergio Belkin wrote: > > Now, I'd want to every mail was sent to support-...@example.com it >> triggers >> an autoreply vacation style. >> >> So, I've wrote and compiled a sieve filter, something like that and put in >> op1@example.local sieve folder. >> >> But it fails complaining like that: >> nov 29 15:55:39 muteriver.example.local dovecot[12549]: lmtp(12675, >> op1@example.local): CqNdF6sCH1qDMQAAcSFsIQ: sieve: msgid=< >> ded22f3d-f1e3-157e-0667-ca73d851d...@example.com>: discarding vacation >> response for implicitly delivered message; no known (envelope) recipient >> address found in message headers (recipient= , and >> additional `:addresses' are specified) >> > > your MTA does not pass the envelope sender to Dovecot. Do you use LMTP or > LDA to deliver the messages? > > - -- Steffen Kaiser > -BEGIN PGP SIGNATURE- > Version: GnuPG v1 > > iQEVAwUBWh+tI8QnQQNheMxiAQLi4AgAuTja/RGggap3E/EmqoDt42FNfPV/Tx+i > wYC/IoM9KG+IZE4YcVVQW15EMt3CYNWf8VFU4ln45yAPuE/QidZLBdV5P0Ob9CLn > uh7o02fc4RHQsmLeDNL3A9NpNTJR/Tj013fW2ZFvEA4hNU7f7IM07j28xZMWLI0Z > ToRXWptFmw4SYKuK3utPlE2D3H7kqxskY/736qEoW97p6KFzAre36BH1ANe25/dD > SygYJNEuh5B1VsKZg/NJjTpPbZwLCsqoP0lOW/tCG/SyPO991jPM1vzuI2A5r9fk > OsxjYnb4xnufiu3Xe0EUkFee3fen9EAQ1LZdDHaueKva3TQmPLb4ow== > =2Ex/ > -END PGP SIGNATURE- > > Steffen, Thanks, I use lmtp. > Greets. > I know by now that it's somewhat OT, but please could you give a clue to set postfix to pass the envelope? I have enable_original_recipient = yes in postfix, but it does not work either... Thanks in advance! -- -- Sergio Belkin LPIC-2 Certified - http://www.lpi.org