Re: Need to authenticate Outlook and NTLM

[Mark Foley via dovecot]

On Tue, 19 Feb 2019 08:53:13 +0200 Aki Tuomi wrote:
>
> On 19.2.2019 4.48, Mark Foley via dovecot wrote:
> > On Mon, 18 Feb 2019 10:17:16 - Stuart Henderson wrote:
> >> On 2019-02-13, Mark Foley via dovecot  wrote:
> >>> Is it possible that no one on this list is authenticating Outlook with 
> >>> Dovecot and NTLM?
> >> Yes, it's possible, the outdated instructions you found on the wiki
> >> suggests it's an uncommon configiration.
> > Hmmm, really? And yet Windows/Outlook is still the predominant email client 
> > out there
> > (unfortunately). Maybe everyone is going to outlook.com?
> >
> >> No actual answers from me, but it might give you some clues:
> >>
> >>> More on this ...
> >>>
> >>> I short-sheeted ntlm_auth to see what was being passed to it. It is 
> >>> getting as arg1:
> >>>
> >>> --helper-protocol=squid-2.5-ntlmssp
> >>>
> >>> I tried running ntlm_auth at the command line as:
> >>>
> >>> ntlm_auth --username=user --password=password 
> >>> --helper-protocol=squid-2.5-ntlmssp
> >>>
> >>> It did nothing, just hung there. The ntlm_auth man page says:
> >>>
> >>> --helper-protocol=PROTO
> >>>   Operate as a stdio-based helper. Valid helper protocols are:
> >> The squid auth helpers are stdio-based, they run in a loop, reading from
> >> stdin, checking authentication, and return results on stdout. This avoids 
> >> both
> >> passing sensitive data on the command line (visible to ps, at least 
> >> briefly)
> >> and the need to keep forking and initialising a new process.
> >>
> >> So it's normal that it would just sit waiting for input.
> >>
> >> Dovecot is just reusing the same protocol that squid uses.
> > If --username and --password are passed on the command line, what is it 
> > waiting for on stdin?
> > Normally, ntlm_auth, with id and pw passed on the command line prints, 
> > "NT_STATUS_OK: The
> > operation completed successfully. (0x0)" to stdout. There is no further 
> > stdin input needed.
> >
> > Is there a way to disable the --helper-protocol in Dovecot? 
> >
> >>> After more searching I came across this post, 
> >>> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774263
> >>> which, in summary, said that ntlm_auth had to run as root. So, I added 
> >>> the following to my
> >>> dovecot config per that post's suggestion:
> >>>
> >>> service auth {
> >>>   user = root
> >>> }
> >>>
> >>> After restarting and trying again to connect from Outlook I got the 
> >>> message:
> >>>
> >>> auth: Info: ntlm(?,192.168.0.58,): user not 
> >>> authenticated: NT_STATUS_NO_MEMORY
> >> I don't know the full details of how samba/ntlm works, but this seems like
> >> an error coming from the server you're attempting to authenticate against.
> >> I think you should start debugging on the samba side - make sure tools
> >> like wbinfo are working, if not then debug those with samba, then move
> >> on to Dovecot after you have that working.
> > Samba has been running for years (with updates) and everything like wbinfo 
> > works.  Dovecot can
> > authenticate with kerberos/GSSAPI, and other applications can authenticate 
> > with ntlm_auth.  My
> > suspicion here is that the "user not authenticated" problem is perhaps 
> > because dovecot cannot
> > run the auth service as root? The dovecot user is dovenull, so why would it 
> > be permitted to run
> > as root in any case?
> >
> > I think the problem is in invoking ntlm_auth. I tried simply returning zero 
> > from my "fake"
> > ntlm_auth, but that didn't work. Not sure what Dovecot is expecting from 
> > ntlm_auth_helper.
> >
> > --Mark
>
> Hi,
>
> try
>
>
> service auth {
>
>   user = root
>
> }

Aki - yes, I did try that. It was in my original post but has been edited out 
of the email
chain since.

Things I've tried since:

I installed squid -- it wasn't installed before.

Now, with the NTLM mechanism and:

auth_use_winbind = yes
auth_winbind_helper_path = /usr/bin/ntlm_auth

I get:

ntlm_auth reports broken helper: NT_STATUS_UNSUCCESSFUL

This link: https://www.samba.org/samba/docs/current/man-html/ntlm_auth.1.html, 
suggests that I
need to make /var/lib/samba/winbindd_privileged writable by, I assume, dovecot. 
 Which I did. 
The link says this is a directory, but in fact it is a pipe:

> ls -l /var/lib/samba/winbindd_privileged
total 0
srwxrwxrwx 1 root dovecot 0 2019-02-20 00:05 pipe=

That could be an issue? That failed with:

auth: Info: ntlm(?,192.168.0.58,<6Iit7EyCysbAqAA6>): user not authenticated: 
NT_STATUS_NO_MEMORY

I again tried adding the following both with root and dovecot group ownership:

service auth {
user = root
}

That gave the same NT_STATUS_NO_MEMORY error. Per your (Aki) suggestion, I 
tried adding:

default_vsz_limit = 1G

but that made no difference, same NT_STATUS_NO_MEMORY error.

Conclusion thus far: With root.root ownership of 
/var/lib/samba/winbindd_privileged and no
'service auth' directive, I get the "broken helper" error. With either dovecot 
ownership of
that file (pipe) or using the 'service auth' 

Virus scan + removal on a mdbox mail storage

[Christoph Haas via dovecot]

Hi,

I need advice on how virus scan and removal can be done on a _mdbox_  
mail storage?


On a maildir storage the virus scanner (e.g. clamav etc.) can detect  
and remove a email that is infected, since every email and attachment  
are stored in separate files.


But in mdbox the emails and attachments are compressed together in one  
ore more mdbox-files ...


I am anxious to convert my mail storage for virus scanning into  
maildir format, since I don't know if a virus or crypto trojan con be  
activated with this converting action =:-o


Cheers
Christoph.



--
Christoph Haas


binBVUnA8ZNjK.bin
Description: Öffentlicher PGP-Schlüssel


pgpqO_sysrWRV.pgp
Description: Digitale PGP-Signatur

Sieve vnd.dovecot.filter hanging issue

[Scott M. via dovecot]

I am trying to add a signature to all messages and it should be possible via 
vnd.dovecot.filter, the problem is that any script I try to filter through just 
hangs.
I am running on FreeBSD 11.2 and I tried with dovecot 2.2.32 & pigeonhole 
0.4.19 and with dovecot 2.3.2 && pigeonhole 0.5.2. In both cases, the output 
from dovecot is the same:
Feb 19 18:24:22 mx13 dovecot: lda(user1): Debug: sieve: action filter: running 
program: append
Feb 19 18:24:22 mx13 dovecot: lda(user1): Debug: Mailbox stdin: Opened mail 
UID=1 because: mail stream
Feb 19 18:24:22 mx13 dovecot: lda(user1): Debug: waiting for program 
`/usr/local/gtech/sieve/append' to finish after 3 msecs
Feb 19 18:25:22 mx13 dovecot: lda(user1): Debug: program 
`/usr/local/gtech/sieve/append'(55055) execution timed out after 6 
milliseconds: sending TERM signal
Feb 19 18:25:27 mx13 dovecot: lda(user1): Debug: program 
`/usr/local/gtech/sieve/append' (55055) did not die after 5000 milliseconds: 
sending KILL signal
at first I tried using my actual script but since it was failing I switched to 
a simple shell script:
#!/bin/sh
cat /dev/null
echo "hey"
exit 0
I got that idea after reading: 
http://dovecot.2317879.n4.nabble.com/execute-sieve-command-fails-to-notice-script-has-exited-td65316.html#a65319
 
(http://dovecot.2317879.n4.nabble.com/execute-sieve-command-fails-to-notice-script-has-exited-td65316.html#a65319)
The result is unfortunately the same. From what I can gather ( ran it inside 
strace/truss too), dovecot-lda hangs on the output.
Is this accurate ? How can I get this to work ?

Re: Virtual mailbox shows mails that are too old

[Rob Hoelz via dovecot]

Another workaround that worked for me with this is using INDEX=MEMORY in your 
virtual folder setup.

On Tue, 19 Feb 2019 10:19:56 +0200 (EET)
Aki Tuomi via dovecot  wrote:

> Hi, this is a known issue unfortunately. You can try do doveadm index
> -u victim 'Virtual/*'
> 
> Aki
> On 19 February 2019 09:46 Stefan Hagen via dovecot <
> dovecot@dovecot.org> wrote:
> > 
> > 
> > Hello,
> > 
> > I'm using dovecot on my personal / private email server.
> > I have set up virtual mailboxes in my inbox namespace like this:
> > 
> > namespace inbox {
> > inbox = yes
> > prefix = "Virtual/"
> > separator = /
> > location =
> > "virtual:~/.emails_virtual:LAYOUT=fs:INDEX=dovecot.virtual.index:LISTINDEX=dovecot.virtual.list.index"
> > list = yes subscriptions = yes
> > mailbox {
> > auto = subscribe
> > }
> > }
> > 
> > I had quite some trouble with it at first with UIDs changing all the
> > time, but after adding INDEX and LISTINDEX it started to work just
> > fine.
> > 
> > I've created dovecot_virtual files like this one:
> > $ cat ~/.emails_virtual/2-LastDay/dovecot-virtual
> > *
> > -Trash
> > -Sent
> > -Drafts
> > -Spam
> > -Virtual
> > -Virtual/*
> > all younger 86400
> > 
> > After stopping dovecot and deleting the index files and restarting
> > dovecot, the virtual mailbox shows all mail from the last day - as
> > expected. But after one day, it shows mail from two days. After
> > three, it shows mails from three days.
> > 
> > It looks like dovecot selects emails from the last day, but never
> > cleans out emails that are older, once they have been selected.
> > 
> > My full dovecot -n can be found here:
> > https://codevoid.de/?q=/0/p/dovecot-n.txt
> > 
> > Any ideas about what could be wrong?
> > 
> > Best Regards,
> > Stefan
> > 
> > --
> > Stefan Hagen | (gopher|https)://codevoid.de(/gpg)
> > CBD3 C468 64B4 6517 E8FB B90F B6BC 2EC5 52BE 43BA
> > 
> ---
> Aki Tuomi
> 

freebsd log process problem

[Bane Ivosev via dovecot]

After version 2.2.32 we have an issue that occures randomly a couple 
times per day, log process gets stuck at 100% CPU usage with message


dovecot: log(56027): Warning: Log connection fd 20 listen_fd 20 prefix 
'imap: ' is sending input faster than we can write


It happens with several Dovecot version after 2.2.32 on FreeBSD 10.4 and 
11.2-RELEASE. We tried 2.2.34, 2.3.2, 2.3.4


On the same system version 2.2.32 and earlier works perfectly.

Did anyone experience similar problem?

Fwd: dovecot/lmtp dumps core when proxying to multiple recipients via protocol=smtp

[Piper Andreas via dovecot]

Hello,

is there already any idea on this topic? Do you need additional information?

I would appreciate any input, as my migration scenario depends on this.

With many thanks and best regards,
Andreas

 Weitergeleitete Nachricht 
Betreff: dovecot/lmtp dumps core when proxying to multiple recipients
via protocol=smtp
Datum: Thu, 14 Feb 2019 13:53:07 +0100
Von: Piper Andreas via dovecot 
Antwort an: Piper Andreas 
An: dovecot@dovecot.org

Hello,

when trying to set up a migration scenario from my old mailbox-servers
to my new dovecot-cluster, I get a coredump from dovecot/lmtp when
proxying mail-delivery to more than one recipient on the old mailbox-server.

My setup:

3 director-hosts (Debian stretch) are proxying to a pair of
replicator-hosts and during migration also to the old mailbox-server.
For migration the not-migrated user-addresses are included via a
passwd-file with entries like:

grte...@hrz.uni-marburg.de:::director_tag=hrz protocol=smtp user=grtest1
grte...@hrz.uni-marburg.de:::director_tag=hrz protocol=smtp user=grtest2
...

The director_tag points to the old mailbox-server, with 'protocol=smtp'
SMTP is used for delivery, as the old machine is not capable of LMTP.

The setup works fine for imap-proxying and for mail-delivery to single
recipients. But if a mail is addressed to more than one recipient, lmtp
produces a coredump after delivering to all recipients.

The error-message in the log is:

Feb 14 12:15:05 vhrzxxx dovecot[63861]: lmtp(64663): Connect from 127.0.0.1
Feb 14 12:15:05 vhrzxxx dovecot[63861]: lmtp(64663):
206UIrlNZVyX/AAAGwthQA: Sent message to  at 137.248.xxx.yyy:25:
250 2.0.0 x1EBF5Ro016092 Message accepted for delivery (1/2 at 79 ms)
Feb 14 12:15:05 vhrzxxx dovecot[63861]: lmtp(64663):
206UIrlNZVyX/AAAGwthQA: Sent message to  at 137.248.xxx.yyy:25:
250 2.0.0 x1EBF5Ro016092 Message accepted for delivery (2/2 at 79 ms)
Feb 14 12:15:05 vhrzxxx dovecot[63861]: lmtp(64663): Fatal: master:
service(lmtp): child 64663 killed with signal 11 (core dumped)

The backtrace from the coredump is:

Reading symbols from /usr/lib/dovecot/lmtp...(no debugging symbols
found)...done.
[New LWP 64663]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Core was generated by `dovecot/lmtp'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x7f347fc7a2c0 in ?? () from /usr/lib/dovecot/libdovecot.so.0
(gdb) bt full
#0  0x7f347fc7a2c0 in ?? () from /usr/lib/dovecot/libdovecot.so.0
No symbol table info available.
#1  0x7f347fc77d73 in smtp_client_command_fail_reply () from
/usr/lib/dovecot/libdovecot.so.0
No symbol table info available.
#2  0x7f347fc77fbe in smtp_client_commands_list_fail_reply () from
/usr/lib/dovecot/libdovecot.so.0
No symbol table info available.
#3  0x7f347fc7c8dc in smtp_client_connection_disconnect () from
/usr/lib/dovecot/libdovecot.so.0
No symbol table info available.
#4  0x7f347fc7cf19 in smtp_client_connection_unref () from
/usr/lib/dovecot/libdovecot.so.0
No symbol table info available.
#5  0x7f347fc7e35d in ?? () from /usr/lib/dovecot/libdovecot.so.0
No symbol table info available.
#6  0x7f347fd1f5d5 in io_loop_call_io () from
/usr/lib/dovecot/libdovecot.so.0
No symbol table info available.
#7  0x7f347fd20fd9 in io_loop_handler_run_internal () from
/usr/lib/dovecot/libdovecot.so.0
No symbol table info available.
#8  0x7f347fd1f6e6 in io_loop_handler_run () from
/usr/lib/dovecot/libdovecot.so.0
No symbol table info available.
#9  0x7f347fd1f8f8 in io_loop_run () from
/usr/lib/dovecot/libdovecot.so.0
No symbol table info available.
#10 0x7f347fc93d43 in master_service_run () from
/usr/lib/dovecot/libdovecot.so.0
No symbol table info available.
#11 0x5613fcbc1f70 in main ()
No symbol table info available.
(gdb)

doveconf -n gives:

# 2.3.4.1 (3c0b8769e): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.4 (60b0f48d)
# OS: Linux 4.9.0-8-amd64 x86_64 Debian 9.7
# Hostname: vhrzxxx.HRZ.Uni-Marburg.DE
auth_cache_negative_ttl = 0
auth_cache_size = 10 M
auth_master_user_separator = *
auth_worker_max_count = 1024
base_dir = /var/run/dovecot/
default_vsz_limit = 1 G
director_mail_servers = 172.25.1.93 172.25.1.95 137.248.xxx.yyy@hrz
137.248.xxx.zzz@staff 137.248.aaa.bbb@students
director_servers = 172.25.1.42:9090 172.25.1.41:9090 172.25.1.92:9090
director_username_hash = %Ln@%Ld
doveadm_password = # hidden, use -P to show it
doveadm_port = 12345
imap_max_line_length = 640 k
lmtp_proxy = yes
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date index ihave duplicate mime foreverypart extracttext
passdb {
  args = /etc/dovecot.deny
  deny = yes
  driver = passwd-file
}
passdb {
  args = /etc/dovecot/private/passwd.masterusers
  driver 

Re: Migrate mail data from Dovecot to Dovecot

[Odhiambo Washington via dovecot]

On Tue, 19 Feb 2019 at 11:39, Aki Tuomi  wrote:

>
> > On 19 February 2019 10:38 Odhiambo Washington via dovecot <
> dovecot@dovecot.org> wrote:
> >
> >
> > I have built a new server (FreeBSD-12) running dovecot-2.3.4.
> > My old server (FreeBSD-9.3) is running dovecot-2.3.4 as well.
> > The configurations are 1:1 identical.
> > The are about 250 users on this server, all virtual. They are mostly
> POP3 users, but they do "leave a copy of message on the server"
> > for set various number of days.
> >
> > Now, to migrate the mail data, can I simply rsync the mail directories
> between the old and the new server? Would that create a pitfall??
> >
> > What is the recommended method?
> >
> > --
> >
> > Best regards,
> > Odhiambo WASHINGTON,
> > Nairobi,KE
> > +254 7 3200 0004/+254 7 2274 3223
> > "Oh, the cruft.",grep ^[^#] :-)
>
> If you are using maildir, rsync should work.
>
>
Thank you.

rsync it is.


-- 
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft.", grep ^[^#] :-)

Re: Migrate mail data from Dovecot to Dovecot

[Aki Tuomi via dovecot]

> On 19 February 2019 10:38 Odhiambo Washington via dovecot 
>  wrote:
> 
> 
> I have built a new server (FreeBSD-12) running dovecot-2.3.4.
> My old server (FreeBSD-9.3) is running dovecot-2.3.4 as well.
> The configurations are 1:1 identical.
> The are about 250 users on this server, all virtual. They are mostly POP3 
> users, but they do "leave a copy of message on the server"
> for set various number of days.
> 
> Now, to migrate the mail data, can I simply rsync the mail directories 
> between the old and the new server? Would that create a pitfall??
> 
> What is the recommended method?
> 
> -- 
> 
> Best regards,
> Odhiambo WASHINGTON,
> Nairobi,KE
> +254 7 3200 0004/+254 7 2274 3223
> "Oh, the cruft.",grep ^[^#] :-)

If you are using maildir, rsync should work.

AKi

Migrate mail data from Dovecot to Dovecot

[Odhiambo Washington via dovecot]

I have built a new server (FreeBSD-12) running dovecot-2.3.4.
My old server (FreeBSD-9.3) is running dovecot-2.3.4 as well.
The configurations are 1:1 identical.
The are about 250 users on this server, all virtual. They are mostly POP3
users, but they do "leave a copy of message on the server"
for set various number of days.

Now, to migrate the mail data, can I simply rsync the mail directories
between the old and the new server? Would that create a pitfall??

What is the recommended method?

-- 
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft.", grep ^[^#] :-)

Re: flags not synced correctly with dovecot sync (dsync)

[Marc Weustink via dovecot]

Dan Christensen via dovecot wrote:

I should add that these problems arise frequently in practice, even if
changes are only being made on a single machine, e.g. laptop1.  Flag
changes on laptop1 propagate to server, but then are reverted on server
when laptop2 syncs with server, and then are reverted on laptop1 when it
syncs again with server.  If I redo the flag changes on laptop1, the
process just repeats and they are removed again.

Suggestions for debugging are very welcome, as currently syncing is
much too unreliable for me to continue using it.

Dan


I (and others) have the same issue.

A quote from Stephan Bosch on 20-1-2019:


We're working on it. We have reproduced the problem without difficulty and 
isolated the commit that caused it.


Tracking internally as DOP-842.

Regards,

Stephan. 



Marc




On Feb 16, 2019, Dan Christensen via dovecot  wrote:


I'm running dovecot 2.3.4.1 from https://repo.dovecot.org/ on Ubuntu
18.04 on three machines that I'll call server, laptop1 and laptop2.

Both laptop1 and laptop2 run dovecot sync against server to keep local
copies of my imap folders.  Even when I initially had only two machines,
laptop1 and server, I occasionally noticed that flags were lost, usually
custom flags used by Gnus, but I couldn't reliably reproduce the
problem.

Now that I have two laptops syncing against the server, the problem has
gotten worse and I figured out a way to reproduce it:

- on server: create new IMAP folder test, and put two read messages in it
- on laptop1:  doveadm sync -u user -l 10 -m test -f user@server
- on laptop2:  doveadm sync -u user -l 10 -m test -f user@server

At this point, all three machines show the two messages M1 and M2
as being read.

- on laptop1: mark message M1 unread
- on laptop2: mark message M2 unread
- on laptop1:  doveadm sync -u user -l 10 -m test -f user@server
   Both laptop1 and server have M1 unread, M2 read, as expected.
- on laptop2:  doveadm sync -u user -l 10 -m test -f user@server
   Now laptop2 and server have M1 *read*, M2 unread.
- on laptop1:  doveadm sync -u user -l 10 -m test -f user@server
   Now laptop1 and the server have both M1 and M2 *read*.
- on laptop2:  doveadm sync -u user -l 10 -m test -f user@server
   Now laptop2 has both read as well.

The two lines that say "*read*" are wrong in my opinion.  dsync
propagated a read mark to an unread message, even though that message
was marked unread more recently than it was marked read.

I usually use stateful sync, and get many related problems.
I just did a test in which M1 and M2 started out read, and I
started with empty files named dstate.test on laptop1 and laptop2.
Then I did the above procedure, using the command

doveadm sync -u user -l 10 -m test -s "`cat dstate.test`" user@server > 
dstate.test

At the end, laptop2 and server had both messages unread (which is good),
but laptop1 had only M1 unread, and repeated runs of the sync command
did not correct this.  So the stateful sync failed to detect a change.

Are these bugs in dovecot?  Is there more information that I can
provide?  The output of doveconf -n on one machine is below, and
the others are almost identical.

Thanks for any help!

Dan

# 2.3.4.1 (3c0b8769e): /etc/dovecot/dovecot.conf
# OS: Linux 4.15.0-45-generic x86_64 Ubuntu 18.04.1 LTS
# Hostname: laptop2
auth_mechanisms = plain login
listen = 127.0.0.1
mail_index_log2_max_age = 10 days
mail_index_log_rotate_min_age = 1 days
mail_index_log_rotate_min_size = 300 k
mail_location = maildir:~/Maildir
namespace inbox {
   inbox = yes
   location =
   mailbox Drafts {
 special_use = \Drafts
   }
   mailbox Junk {
 special_use = \Junk
   }
   mailbox Sent {
 special_use = \Sent
   }
   mailbox "Sent Messages" {
 special_use = \Sent
   }
   mailbox Trash {
 special_use = \Trash
   }
   prefix =
}
passdb {
   args = scheme=CRYPT username_format=%u /etc/dovecot/users
   driver = passwd-file
}
protocols = imap
service imap-login {
   inet_listener imap {
 address = *
 port = 143
   }
   inet_listener imaps {
 address = *
 port = 943
 ssl = yes
   }
}
service imap {
   process_limit = 25
}
ssl_cert = 

Re: Using SHA256/512 for SQL based password

[Marc Weustink via dovecot]

Aki Tuomi via dovecot wrote:


On 17.2.2019 10.46, Aki Tuomi via dovecot wrote:


On 17 February 2019 at 10:38 Odhiambo Washington via dovecot < 
dovecot@dovecot.org > wrote:



On Sun, 17 Feb 2019 at 11:34, Marc Weustink via dovecot < 
dovecot@dovecot.org >

wrote:


Jean-Daniel Dupas via dovecot wrote:
>
>
>> Le 13 févr. 2019 à 14:54, Robert Moskowitz via dovecot
>> < dovecot@dovecot.org  dovecot@dovecot.org >> a écrit :

>>
>>
>>

>>> ARGON2 support is added in dovecot v2.3. It also needs to be 
enabled
>>> when compiling dovecot, so varying from packagers it might or 
not be
>>> available. The CRYPT ones are available if crypt(3) supports 
them. In

>>> dovecot v2.3 we have added bcrypt support regardless of crypt(3)
support.
>>
>> CentOS7 is on dovecot 2.2.36:
>>
>> # doveadm pw -s ARGON2-CRYPT -p secret
>> Fatal: Unknown scheme: ARGON2-CRYPT
>> # doveadm pw -s ARGON2 -p secret
>> Fatal: Unknown scheme: ARGON2
>>
>> I tend to stay with the distro's rpms and not take on building and
>> maintaining myself.
>
And for the record, the hash names are ARGON2I and ARGON2ID (see 
doveadm

pw -l )
With dovecot from the dovecot.org < http://dovecot.org> repo:
# doveadm pw -s ARGON2I -p secret
{ARGON2I}$argon2i$v=19$m=32768,t=4,p=1$bt96TSr3nVrho2SRhnNP0A$h7LYiqkw/4s6d1d+0Xpe+VUE3aISPnkYq/R7QqPRntk 


Also from dovecot.org < http://dovecot.org> repo:
doveadm pw -s ARGON2I -p secret
Fatal: Unknown scheme: ARGON2I

Marc


It works for me over here:

[wash@waridi ~]#/opt/dovecot2.3/bin/doveadm pw -s ARGON2I -p secret
{ARGON2I}$argon2i$v=19$m=32768,t=4,p=1$9pggnQBea9F3h3O31HoJEA$0zZZgwEuMRVZ3Mc/v6ckpalzVRVCr+GLBWnb8OrgsxU 




--
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft.", grep ^[^#] :-)


I'll check next week if and why argon is missing from ce packages.
---
Aki Tuomi


Marc,

ARGON2 is supported only on Debian Stretch and Ubuntu 18 for dovecot, 
due to libsodium.


Ah, thanks for the clarification. Still running Ubuntu 16 here.

Marc

Re: Virtual mailbox shows mails that are too old

[Aki Tuomi via dovecot]

 
 
  
   Hi, this is a known issue unfortunately. You can try do doveadm index -u victim 'Virtual/*'
  
  
   
  
  
   Aki
  
  
   
On 19 February 2019 09:46 Stefan Hagen via dovecot <
dovecot@dovecot.org> wrote:
   
   

   
   

   
   
Hello,
   
   

   
   
I'm using dovecot on my personal / private email server.
   
   
I have set up virtual mailboxes in my inbox namespace like this:
   
   

   
   
namespace inbox {
   
   
inbox = yes
   
   
prefix = "Virtual/"
   
   
separator = /
   
   
location = "virtual:~/.emails_virtual:LAYOUT=fs:INDEX=dovecot.virtual.index:LISTINDEX=dovecot.virtual.list.index"
   
   
list = yes
   
   
subscriptions = yes
   
   
mailbox {
   
   
auto = subscribe
   
   
}
   
   
}
   
   

   
   
I had quite some trouble with it at first with UIDs changing all the
   
   
time, but after adding INDEX and LISTINDEX it started to work just fine.
   
   

   
   
I've created dovecot_virtual files like this one:
   
   
$ cat ~/.emails_virtual/2-LastDay/dovecot-virtual
   
   
*
   
   
-Trash
   
   
-Sent
   
   
-Drafts
   
   
-Spam
   
   
-Virtual
   
   
-Virtual/*
   
   
all younger 86400
   
   

   
   
After stopping dovecot and deleting the index files and restarting
   
   
dovecot, the virtual mailbox shows all mail from the last day - as
   
   
expected. But after one day, it shows mail from two days. After three,
   
   
it shows mails from three days.
   
   

   
   
It looks like dovecot selects emails from the last day, but never cleans
   
   
out emails that are older, once they have been selected.
   
   

   
   
My full dovecot -n can be found here:
   
   
https://codevoid.de/?q=/0/p/dovecot-n.txt
   
   

   
   
Any ideas about what could be wrong?
   
   

   
   
Best Regards,
   
   
Stefan
   
   

   
   
--
   
   
Stefan Hagen | (gopher|https)://codevoid.de(/gpg)
   
   
CBD3 C468 64B4 6517 E8FB B90F B6BC 2EC5 52BE 43BA
   
  
  
   
  
  
   ---
   Aki Tuomi