[Dovecot-news] Released Sieve v0.1.3 and ManageSieve v0.11.3 for Dovecot v1.2.beta1
Hello Dovecot users, It has been about two months since the last release of the new Sieve implementation and the ManageSieve service for Dovecot v1.2. Therefore, this release contains quite a few changes. It adds new sieve features like the enotify extension and multiscript support. Also, quite a few (user-reported) bugs were fixed since the last release. Changelog Sieve v0.1.3: * Adapted to changes in Dovecot, making this release dependent on Dovecot = 1.2.beta1 * Made mail address comparison fully case-insensitive. This is particularly noticeable for the :addresses argument of the vacation command. + Finished enotify extension. Currently, only the mailto notification method is implemented. All still needs to be tested thoroughly. + Implemented multiscript support. It is now possible to execute multiple Sieve scripts sequentially. Administrator-controlled scripts can be executed before and after the user's script. Still needs to be tested thoroughly. + Implemented support for configuring the available Sieve extensions. + Made the subaddress extension (partially) configurable using the sieve_subaddress_sep setting, which allows specifying a (multi-charater) separator other than '+'. + Compiler now warns about invalid header field names used for the header and address tests. + Vacation extension now properly generates a References header for the response message. + Added testing of basic result execution to the test suite. Also added support for testing the outgoing messages produced by the Sieve interpreter. + Included execution of the actual result in the sieve-test command line tool. The undocumented sieve-exec tool that existed for this is now removed as planned. + Added support for the now obsolete 'imapflags' extension for backwards compatibility with CMUSieve. This also implements the mark/unmark commands. - Fixed bugs in the regex extension: 1) if an optional match value did not in fact match, subsequent match values would get unexpected indexes. 2) fixed segfault bug occuring when regex is freed. - Fixed bug in the use of the :from agrument for the vacation command. If this address included a phrase part, the response would not be a valid RFC822 message. - Plugged a theoretical security hole occuring when a directory is opened as a Sieve binary. - Cleaned up and fixed various log messages. - Fixed bug in the outgoing address verification. Addresses ending in ',' were erroneously accepted. Changelog ManageSieve v0.11.3: * Changed the SASL service name from managesieve into sieve as required in the protocol specification. Don't forget to adjust your configuration if your authentication mechanism depends on this service name. * Adapted to changes in Dovecot, making this release dependent on Dovecot = v1.2.beta1. * Adapted to changes in the new Sieve implementation, making this release dependent on Dovecot Sieve = v0.1.3 if used. The old cmusieve plugin is still supported. + Implemented making the SIEVE and NOTIFY capability fully dynamic, meaning that the sieve_extensions setting that was introduced for the new Sieve plugin properly affects the ManageSieve daemon as well. + Added support for the CHECKSCRIPT command. In terms of the supported commands, the ManageSieve daemon now complies with protocol VERSION 1.0 as listed in the CAPABILITY response. - Fixed maximum permissions for uploaded scripts; was 0777. This was shielded however by the default umask (not documented to be configurable), so the actual permissions would never have been 0777. - Fixed a segfault bug in the authentication time-out. Bug report and trace provided by Wolfgang Friebel. - Fixed handling of ~/ in use of mail-data for script location. - Fixed small problems in the login proxy support. The following files are released: Sieve: http://www.rename-it.nl/dovecot/1.2/dovecot-1.2-sieve-0.1.3.tar.gz http://www.rename-it.nl/dovecot/1.2/dovecot-1.2-sieve-0.1.3.tar.gz.sig ManageSieve package: http://www.rename-it.nl/dovecot/1.2/dovecot-1.2-managesieve-0.11.3.tar.gz http://www.rename-it.nl/dovecot/1.2/dovecot-1.2-managesieve-0.11.3.tar.gz.sig ManageSieve patch: http://www.rename-it.nl/dovecot/1.2/dovecot-1.2.beta1-managesieve-0.11.3.diff.gz http://www.rename-it.nl/dovecot/1.2/dovecot-1.2.beta1-managesieve-0.11.3.diff.gz.sig Have fun testing the new releases and don't hesitate to notify me when there are problems. Regards, -- Stephan Bosch step...@rename-it.nl ___ Dovecot-news mailing list Dovecot-news@dovecot.org http://dovecot.org/cgi-bin/mailman/listinfo/dovecot-news
[Dovecot] (Somewhat urgent) Problem with maildir++ quota
Hi.
I have an strange problem with dovecot's maildir quota and postfix.
I've tested quota and it works fine but sometimes there are users that
having their Maildir/ empty, they trigger the quota exceeded message
when someone sends email to them.
Some config / version info:
### Versions:
ii dovecot-common 1:1.0.10-1ubuntu5.1
ii dovecot-imapd 1:1.0.10-1ubuntu5.1
ii dovecot-pop3d 1:1.0.10-1ubuntu5.1
### From dovecot.conf:
(...)
# SQL database doc/wiki/AuthDatabase.SQL.txt
userdb sql {
# Path for SQL configuration file
args = /etc/dovecot/dovecot-mysql.conf
}
(...)
dict {
#quota = mysql:/etc/dovecot-dict-quota.conf
}
(...)
plugin {
quota = maildir:storage=51200
}
### dovecot-mysql.conf (splitted to be readable):
user_query = SELECT maildir, 5000 AS uid, 5000 AS gid,
concat('maildir:storage=', floor(quota/1024)) AS quota FROM
mailbox WHERE username = '%u' AND active = '1'
### Database mailbox record example:
| pru...@domain.com | Password | prueba|
domain.com/prueba/
| 5120 | domain.com | 2009-02-02 10:01:24 | 2009-02-02 10:07:46
| 1 |
The symptons: users are working nicely, and quota works (If I create a
new user and set it a quota of, say, 1MB, I can send him msgs until
Maildir reachs 1MB, after that I get quota exceeded messages). But
sometimes there are users with the Maildir empty that can't receive
messages and trigger the quota exceeded warning. Users always download
messages by POP.
Removing maildirsize file in their folder fixes the problem. Also
fixes it changing the quota to any value (maildirsize is then removed
and recreated after a new message arrives for the user).
Sometime that I don't know if it's strange is that I don't see
removing messages in the maildirsize file after user downloads
messages. I mean that I can't see -1 lines in maildirsizes:
# cat prueba/maildirsize
5120S
0 0
615 1
1540 1
11446 1
46085 1
2623 1
21218 1
2815301 1
15110 1
21289 1
18330 1
(and so).
Any idea of what's going on? Shouldn't appear MSGSIZE-1 lines in
maildirsize file to restore space in Maildir after POP RETRs?
Currently I'm fixing the problem with a regular:
# find /home/vmail/vhosts -name maildirsize -exec rm {} \;
But there must exist a better solution (or maybe my config is wrong).
Thanks a lot for any help.
--
Santiago Romero
Re: [Dovecot] (Somewhat urgent) Problem with maildir++ quota
Hi. I found a mail_plugin directive under pop and imap sections in dovecot.conf. Must the quota plugin be referenced there? :? -- Santiago Romero
[Dovecot] Corrupted index cache file
Hello I got this error yesterday dovecot: Feb 11 16:07:27 Error: IMAP(dumontj): FETCH for mailbox Sent UID 7139 got too little data: 2 vs 11160 dovecot: Feb 11 16:07:27 Error: IMAP(dumontj): Corrupted index cache file /user/dumontj/.imap/Sent/dovecot.index.cache: Broken virtual size for mail UID 7139 Does remove the cache will cure the problem ? Thanks
Re: [Dovecot] (Somewhat urgent) Problem with maildir++ quota
Santiago Romero wrote: Hi. Hello. I found a mail_plugin directive under pop and imap sections in dovecot.conf. Must the quota plugin be referenced there? :? Yes, and you may also need to enforce the quota usage in the delivering process of your mail software or use deliver LDA plugin for that define de quota plugin in the LDA section. Regards -- ++ | Juan C. Blanco | || | Centro de Calculo | | | Facultad de Informatica U.P.M. | E-mail: jcbla...@fi.upm.es | | Campus de Montegancedo | | | Boadilla del Monte | Tel.:(+34) 91 336 7466 | | 28660 MADRID (Spain) | Fax :(+34) 91 336 6913 | ++
Re: [Dovecot] (Somewhat urgent) Problem with maildir++ quota
Yes, and you may also need to enforce the quota usage in the delivering process of your mail software or use deliver LDA plugin for that define de quota plugin in the LDA section. I already had that (that's why quota exceeded messages where being triggered). I thought that enabling the plugin there was enough and pop/imap would use it also, but I was wrong :) Thanks for your answers. -- Santiago Romero
[Dovecot] sendmail smtp auth using client socket
Hi list
I searched the net, but could not find something related.
Is it possible to export the client socket to sendmail for smtp auth?
What would be the sendmail.mc configuration for this?
#client {
# The client socket is generally safe to export to everyone. Typical use
# is to export it to your SMTP server so it can do SMTP AUTH lookups
# using it.
#path = /var/spool/postfix/private/auth
#mode = 0660
#user = postfix
#group = postfix
#}
It can also be the other way round: can Dovecot use Cyrus SASL for
user authentication?
I need to use sendmail, ip based solutions like pop-before-smtp or
poprelay are not an option.
Thanks, Mike
Re: [Dovecot] v1.2.beta1 released
Timo Sirainen t...@iki.fi writes: On Wed, 2009-02-11 at 11:00 +0100, Sascha Wilde wrote: Could we by any chance get the latest small changes/enhancements: - 'c' and 'd' in setacl Yes, this will definitely be included. This is very good news. - Displaying the actual user name instead of meta name owner on getacl output (see Bernhards patch in the IMAP ACLs and global ACLs in v1.2 thread) That patch appears to be also changing owners to user=x? This is indeed quite possible -- I haven't seen it happen in my tests though... As Bernhard wrote him self on the patch: we are not sure it is the right solution -- actually he is pretty sure it isn't ... ;-) I wouldn't mind a patch that showed them to clients as user=x, but I don't want them to change when something else gets changed. For us[0] changing what is shown to the client is sufficient. Actually on a second thought I agree with you, that keeping the special owner keyword internally is preferable. Also I'm not entirely sure how it should be handled when user=x ACL is changed. Should it remove the owner? Should it change the owner instead? This is a good point. IMO there are only a couple of possibilities: - we could define that only the server-administrator is allowed to change owner acls by means of setting global acls or manually editing the dovecot-acl files. Rational: Users shouldn't be able to change the owners acls, to prevent them from shooting there own foots. In this case changing the acl for the user which maps to owner would be silently ignored. - cyrus imapd actually tries[1] to implement a variant of this possibility in that it does not allow to remove the 'a' right from the owner: s setacl INBOX/foo 1...@burlywood1.rgb lrswipkxtecd s OK Completed g getacl INBOX/foo * ACL INBOX/foo 1...@burlywood1.rgb lrswipkxtecda g OK Completed s setacl INBOX/foo 1...@burlywood1.rgb lrs s OK Completed g getacl INBOX/foo * ACL INBOX/foo 1...@burlywood1.rgb lrskxca I think this is worth considering. - Allow everything allowed by the actual ACLs, so every user having a(dmin) rights is free to change all ACLs even if it leads to folders where no user has the right to change it any more. Rational: unix philosophy, obey to user demands and don't be nuisance, shooting ones own foot is a basic freedom... ;-) I think the owner ACLs are usually in global ACL files, so it's probably not possible to remove or change it, only add a new user=x. I think that it would be best to always map the owners user name to the keyword owner and vice versa between the IMAP front end and the acl back end. This way user=x where x is the owners user name should never appear in an dovecot-acl file. So it boils down to the question if the individual acl-files should take precedence over the global one -- without having checked I assume this decision already has been made. cheers sascha [0] Actually IMNSHO this subject is not only relevant to us: - The acl aware clients I know of don't recognize the special meaning of owner. - This makes perfect sense, as there is no specified way to decide if the string owner in an IMAP ACL reply denotes an user actually named owner or is an special keyword denoting the user owning the folder. - Finally, even if an client would recognize owner as an special keyword, it wouldn't be able to figure out who the owner actual is. Which makes the information of rather low use. [1] I just tested some scenarios and it turned out they messed up on the details, so that one can actually end up with an folder which no user has admin rights one and the output of myrights and getacl is inconsistent -- quite funny! -- Sascha Wilde OpenPGP key: 4BB86568 http://www.intevation.de/~wilde/ http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabrück; AG Osnabrück, HR B 18998 Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner pgp8luaDoKtPO.pgp Description: PGP signature
Re: [Dovecot] v1.2: Can't subscribe to shared user folder
Timo Sirainen t...@iki.fi writes: On Wed, 2009-02-11 at 11:04 +0100, Sascha Wilde wrote: a003 subscribe user/b...@example.com/foobar a003 NO Unknown subscription namespace. What kind of namespace configuration do you have? This sounds like your shared namespace has subscriptions=no, but you don't have a namespace with empty prefix that has subscriptions=yes. You are right we added a prefix to the primary private namespace recently, adding subscriptions=yes to the shared namespace definition solves it. I should have had a look at the current config before complaining -- sorry for the noise. :( cheers sascha -- Sascha Wilde OpenPGP key: 4BB86568 http://www.intevation.de/~wilde/ http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabrück; AG Osnabrück, HR B 18998 Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner pgp32k423ARhJ.pgp Description: PGP signature
Re: [Dovecot] IMAP ACLs and global ACLs in v1.2
Robert Schetterer rob...@schetterer.org writes: Sascha Wilde schrieb: Robert Schetterer rob...@schetterer.org writes: Bernhard Herzog schrieb: On 15.01.2009, Sascha Wilde wrote: But should it just internally convert owner to username when replying? From our experience this would be a very good idea. Many clients recognize the username and handle those ACLs differently in there UI (for example they don't offer them for editing). But they don't understand owner. To work around this, we created a patch that tries to avoid the owner ACL entries. [...] i dont think you should mess around what clients think where should this end , the technical right and most clear description is owner, username can be very wide interpreted and may lead to technical problems in reading imap-acl i.e from horde imp or other mail clients later, as far i remember owner is use i.e in exchange too I'm not quite sure if we are talking about the same thing. This is about the reply to the getacl command in the imap protocol (in opposite to the output in the clients UI). i was talking about imap getacl, which answers owner Me too. [...] I don't know about exchange, but most clients don't know about dovecots special meaning of owner but simply consider it an ordinary user name. do you mean clients as humans or mail clients? Mail clients == software speaking IMAP aware of the IMAP ACL extension. [...] whatever what i mean was leave the code to standarts I agree, and we do. Problem is, while not prohibited by the standard keywords like owner are not defined by the standard. Even worse: there is no way in IMAP ACL to distinct such special keywords from actual user names. Please see the first footnote in my latest mail in the thread v1.2.beta1 released Message-ID: s7wskmj26vr@intevation.de for more details. cheers sascha -- Sascha Wilde OpenPGP key: 4BB86568 http://www.intevation.de/~wilde/ http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabrück; AG Osnabrück, HR B 18998 Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner pgpRll302cpqS.pgp Description: PGP signature
[Dovecot] mbox snarf plugin + idle
I'm having a problem with mbox snarf not looking at /var/spool/mail/ when in idle mode thus never giving me a RECENT line even though there are new messages in /var/spool/mail/ . Here are the imap commands to reproduce the problem: 1 login userid password 2 select inbox 3 idle When I run select inbox it does see my messages in /var/spool/mail/ and moves them over fine. When I truss the process, I see it only running stat calls on my mbox- snarf file. To get new messages I issue DONE, CLOSE, and SELECT INBOX. I'm not sure why it is reporting alpha5 two lines below. I did an hg pull just the other day and see 1.2.beta1 in the output of hg tags. # /usr/ladmin2/sbin/dovecot -n # 1.2.alpha5: /usr/ladmin2/etc/dovecot.conf Warning: fd limit 2000 is lower than what Dovecot can use under full load (more than 4224). Either grow the limit or change login_max_processes_count and max_mail_processes settings # OS: AIX 3 0001112AD300 syslog_facility: local0 protocols: imap listen: *: ssl: no disable_plaintext_auth: no login_dir: /usr/ladmin2/var/run/dovecot/login login_executable: /usr/ladmin2/libexec/dovecot/imap-login login_greeting: Dovecot ready. login_processes_count: 30 max_mail_processes: 4096 mail_location: mbox:%h/new:INBOX=/var/spool/mail/14/%u mmap_disable: yes dotlock_use_excl: no mbox_write_locks: fcntl mbox_lazy_writes: no mail_plugins: mbox_snarf imap_client_workarounds: delay-newmail auth default: mechanisms: plain gssapi krb5_keytab: /etc/krb5/dovecot.keytab gssapi_hostname: $ALL verbose: yes debug: yes passdb: driver: pam userdb: driver: passwd plugin: mbox_snarf: /gpfs/inbox/14/%u Thanks, Jonathan smime.p7s Description: S/MIME cryptographic signature
[Dovecot] Mapping usernames
Greets,
We're using Dovecot 1.0.7 (which comes with CentOS 5.x).
I have successfully configured dovecot to change a username from a...@123.com
to realname1_abc for a machine which only has a single domain (using
auth_username_format=realname1_%Ln).
However, I'm pulling my hair out trying to get dovecot to handle multiple
domains (the machine has existing /etc/passwd /etc/shadow and
/etc/mail/virtusertable users). On an older machine, I simply hacked the
source code to perform a berkeley DB lookup in /etc/mail/virtusertable.db for
the realname[a-z0-9]_xx. This time round, though, I'm trying to do this
cleanly.
I've been reading the docs/wiki/etc but I now can't see the forest for the
trees. This is what I've got so far:
In /etc/dovecot.conf:
...
auth default {
userdb passwd-file {
args = /etc/dovecot.passwd
}
passdb passwd-file {
args = /etc/shadow
#args = /etc/dovecot.passwd
}
}
/etc/dovecot.passwd contains:
realnamea_abc:{PLAIN-MD5}$1$Vjkfhaa::userdb_user=...@123.com
I've been fiddling around blindly with all kinds of settings in userdb {}
above, but I always get the error:
passwd-file(a...@123.com,:::127.0.0.1): unknown user, amongst others.
In a nutshell, I want to allow a user to login with a...@123.com, this name
must be mapped to a real system user (eg, using /etc/dovecot.passwd), then
authenticated against /etc/shadow or the MD5 password in /etc/dovecot.passwd
I would appreciate any kind of pointers or advise here. It would have been
nice if vpopmail allowed me to call an external perl script where I could
perform the username mapping, but alas, this is not possible.
Thanks
Henry
-BEGIN PGP PUBLIC KEY BLOCK-
Version: GnuPG v1.4.5 (GNU/Linux)
mOIESXlwDRECAOycneJPOwSkETRkjJZdArag8V2rKOR2IUwlDOydIZXv/ITDlWDU
dookzEdWh7Ektf1Jlh+YbPNEGoPpQunL8O8AoJbWmNkpoX7jP0Sw/5rDN2eKGHR7
Af9mxTqQ/j3C5LkrTRo9iCTt1TxoqPi6R/w0KkIAuTXBq6j+vIFJcOFgABlMQoXs
V2crh1BUCmXVsV1puRJsLWKbAf4uL0V+N8WF4rvWHmJiYjgDn6exv3XHS0F6NhRz
n1KVnV0XDWMDq/B/tmj4L2JYxEzWzeNulC5yQBOdx/dLU12XtCNIZW5yeSAoemVu
LmNvLnphKSA8aGVucnlAemVuLmNvLnphPohgBBMRAgAgBQJJeXANAhsjBgsJCAcD
AgQVAggDBBYCAwECHgECF4AACgkQCHhhdg2iQafVGACdEMtEuUGIW2XJyn9Fig7n
sX4qzb4An0PGStBZvAP2qtzYP3SGlzsllzLjuI0ESXlwDRACAMsi4nl8/Yar2m9F
ex4dFDgWylLgScQrEhhb2xN0Upcglm60nHQD7c1rP+63Iu+lU0eWvyr8o3JTCN4y
PpoGMOMAAwUCAIUnLDMW/tz+qsYaOPyoh7HdAYqcrvVar7t+eKpihNBqfP4CT2Py
aRVMN6cSJj9NKZDW6b0QQSCGgN7PpzrLqf6ISQQYEQIACQUCSXlwDQIbDAAKCRAI
eGF2DaJBpxeiAJ9cNiuaftSoWke75RT1pn7qoibFfgCdHl6BgP9f450/oziDwaMM
w49UeHQ=
=qgmL
-END PGP PUBLIC KEY BLOCK-
Re: [Dovecot] pop3_lock_session question
On Wed, 4 Feb 2009, Timo Sirainen wrote: Implemented for v1.2, probably apply to v1.1 also: http://hg.dovecot.org/dovecot-1.2/rev/6f29380ba3a0 http://hg.dovecot.org/dovecot-1.2/rev/ea9a186d64f9 I mean it will probably work. I'm trying to get v1.1 to a deep feature freeze. Do you think this pop3 lock issue could be applied to 1.1? This is the only remaining problem that we have with 1.1 and the mbox format. Everything else is working flawlessly. Thanks for considering it. Rob
Re: [Dovecot] dbox redesign
Hi Timo I have a few comments. Please just disregard them if I have misunderstood your design. Regarding your storage plan I find it very important that users can be stored in different locations because: 1. Discount users could be placed on cheap storage while others are offered premium service on expensive hardware 2. It's easy to scale if you just add another LUN from your SAN or mount from NAS 3. In order to avoing huge directories you can put users into subdirs with each subdir containing only say 1000 users each All this is very easy to achieve in 1.1 because you can return individual storage dirs for indexes and data from the user db. I'm not sure from reading your post whether this will still be possible but I believe it’s a very important thing. Regarding 7. I very much for all the self healing you describe. There is nothing worse than huge complex systems that fail just because of some minor error that could easily be fixed without manual intervention. But also I'm a little worried in this regard. Maildir is so robust that nothing can really go wrong. But here you have index files and data files located in different places. Imagine the index file being on one NFS mount whilst the data resides on another. Or if the administrator is purposely loading a different index file or data file from a backup. Worst case scenario is that the self healing takes a manual operation for a failure and breaks something. It should be very resilient to temporarily losing access to all files in this operation (could happen very often on NFS mounts). Also I imagine the self-healing going into loops if it doesn't understand what’s going on. If the data changes dues to manual intervention or par of the file system can be accessed you could imagine the self healing process trying again and again to fix something that isn't its job to fix. In that case it would be better if it just skipped the apparent failures. Timo wrote: I'm also wondering if it's better for each mailbox to have its separate dovecot.index.cache file or if there should be one cache file for the map index. I think you should consider more files as the general choice (not only regarding cache files). Imagine many dovecot servers accessing the same storage simultaneously. I figure it would be a lot easier if they weren’t all trying to read/update one essential file at the same time (with only one file, load can’t be spread across multiple mounts and everything goes down if the mount with the essential file is inaccessible). If there is serious data corruption and you have only one file then all operations are paused while the self healing is trying to figure out what went wrong (and what happens if different servers decide to do self-healing on this one file at the same time?). With one file per maildir only a small portion of the users are affected, the load is spread and really bad file corruption doesn’t break everything for thousands of users. Other than that I’m just really glad that dbox is progressing. I consider it the feature. Dbox is the email administrator’s wet dream. I’m already dreaming of completely avoiding the scalability issues of large Maildirs (which is the biggest challenge today in my opinion) and reducing the IO. Buying more IO is an order of magnitude more expensive than getting more RAM or CPU power (and dovecot barely needs any RAM and CPU anyway). Best wishes, Mikkel
Re: [Dovecot] dbox redesign
I would add that having fewer, larger files should make backups much more feasible. There's a certain amount of overhead for each file operation (especially for us GFS people!) and reducing the number of files will reduce that overhead. Right now our backups (done via rsync) take a pretty scary amount of time, only to get worse as the size of the mailstore (currently 200G) grows. Personally I'm pretty excited about dbox. Allen Timo Sirainen wrote: On Wed, 2009-02-11 at 14:32 -0800, Seth Mattinen wrote: Timo Sirainen wrote: This is about how to implement multiple msgs/file dbox format. The current v1.1's one msg/file design would stay pretty much the same and it would be compatible with this new design. Out of curiosity, what's the advantage to going to multiple messages per file? Wouldn't this have the same problems as mbox? Multiple per file, not everything in one file. As long as the file size is set right, it's probably faster than one per file. We'll see :) -- Allen Belletti al...@isye.gatech.edu 404-894-6221 Phone Industrial and Systems Engineering404-385-2988 Fax Georgia Institute of Technology
Re: [Dovecot] dbox redesign
On Thu, 2009-02-12 at 11:29 +0100, Mikkel wrote: Hi Timo I have a few comments. Please just disregard them if I have misunderstood your design. Regarding your storage plan I find it very important that users can be stored in different locations because: This you misunderstood. The mails of a single user are stored in one dbox directory, not all users. Regarding 7. I very much for all the self healing you describe. There is nothing worse than huge complex systems that fail just because of some minor error that could easily be fixed without manual intervention. But also I'm a little worried in this regard. Maildir is so robust that nothing can really go wrong. Yes. If you don't care that much about performance Maildir is going to be more reliable, especially when recovering from filesystem corruption. It should be very resilient to temporarily losing access to all files in this operation (could happen very often on NFS mounts). I/O errors and such are treated differently than corrupted/missing files. So as long as reading gives an error it doesn't try to repair anything. Also I imagine the self-healing going into loops if it doesn't understand what’s going on. If the data changes dues to manual intervention or par of the file system can be accessed you could imagine the self healing process trying again and again to fix something that isn't its job to fix. In that case it would be better if it just skipped the apparent failures. I'm not really sure what you're thinking about here. Assuming there aren't bugs in the fixup code, it should be able to fix things. If someone manually goes and breaks things again, then sure it fixes them again later, but there's really no automatic looping. Also Dovecot already does index file fixing if it notices corruption, so this won't be all that much different. If there is serious data corruption and you have only one file then all operations are paused while the self healing is trying to figure out what went wrong There will be multiple files even per user, but yes, if corruption is noticed then the user is blocked until the corruption is fixed. (and what happens if different servers decide to do self-healing on this one file at the same time?). The same as if two processes in one server decide to self-heal: Locking prevents it from happening. signature.asc Description: This is a digitally signed message part
Re: [Dovecot] Corrupted index cache file
On Thu, 2009-02-12 at 09:31 +0100, Frank Bonnet wrote: Hello I got this error yesterday dovecot: Feb 11 16:07:27 Error: IMAP(dumontj): FETCH for mailbox Sent UID 7139 got too little data: 2 vs 11160 dovecot: Feb 11 16:07:27 Error: IMAP(dumontj): Corrupted index cache file /user/dumontj/.imap/Sent/dovecot.index.cache: Broken virtual size for mail UID 7139 This still seems to be happening sometimes with mbox. If you ever figure out a way to reproduce it I'd like to know. Does remove the cache will cure the problem ? It should cure the problem itself automatically. Didn't it? signature.asc Description: This is a digitally signed message part
Re: [Dovecot] Can't remove folder (no thunderbird issue)
On Thu, 2009-02-12 at 10:34 +0100, Jan Niggemann wrote: I used Thunderbird to create a folder and called it test/ (yes, with a slash). Now, in both, Thunderbird and Mulberry, I'm unable to delete that folder (that contains neither messages nor subfolders). Mulberry doesn't give an error message, and in Thunderbird I can't find an option to remove this folder (no matter if subscribed or not). Try talking IMAP directly. Then you'll know exactly what's happening. Either start with: telnet imap.server.org 143 Or: openssl s_client -connect imap.server.org:993 Then start giving commands: a login username password b delete test c unsubscribe test d list * e lsub * (include the a..e tags at the beginning) If it's still not gone with those commands, show what replies b..e give? signature.asc Description: This is a digitally signed message part
Re: [Dovecot] pop3_lock_session question
On 2/12/2009, Rob Mangiafico (rm...@lexiconn.com) wrote: I mean it will probably work. I'm trying to get v1.1 to a deep feature freeze. Do you think this pop3 lock issue could be applied to 1.1? I think above he said 'not officially, but that you could apply the patch yourself'. Best bet would be to upgrade to 1.2 if you want official support for it... -- Best regards, Charles
Re: [Dovecot] Mapping usernames
On Thu, 2009-02-12 at 15:26 +0200, Henry wrote:
/etc/dovecot.passwd contains:
realnamea_abc:{PLAIN-MD5}$1$Vjkfhaa::userdb_user=...@123.com
I've been fiddling around blindly with all kinds of settings in userdb {}
above, but I always get the error:
passwd-file(a...@123.com,:::127.0.0.1): unknown user, amongst others.
In a nutshell, I want to allow a user to login with a...@123.com, this name
must be mapped to a real system user (eg, using /etc/dovecot.passwd), then
authenticated against /etc/shadow or the MD5 password in /etc/dovecot.passwd
Then you're doing it the wrong way. Should be:
a...@123.com::user=realnamea_abc
signature.asc
Description: This is a digitally signed message part
Re: [Dovecot] Corrupted index cache file
On 2/12/2009 3:31 AM, Frank Bonnet wrote: dovecot: Feb 11 16:07:27 Error: IMAP(dumontj): FETCH for mailbox Sent UID 7139 got too little data: 2 vs 11160 dovecot: Feb 11 16:07:27 Error: IMAP(dumontj): Corrupted index cache file /user/dumontj/.imap/Sent/dovecot.index.cache: Broken virtual size for mail UID 7139 Does remove the cache will cure the problem ? Version? There have been lots of mbox fixes in recent versions... -- Best regards, Charles
Re: [Dovecot] sendmail smtp auth using client socket
On Thu, 2009-02-12 at 10:40 +0100, EQX wrote: Hi list I searched the net, but could not find something related. Is it possible to export the client socket to sendmail for smtp auth? Not currently. They speak different protocols. Would be nice to have that feature some day, but I'm not planning to write support for it anytime soon. It can also be the other way round: can Dovecot use Cyrus SASL for user authentication? No. signature.asc Description: This is a digitally signed message part
Re: [Dovecot] sendmail smtp auth using client socket
EQX wrote:
Hi list
I searched the net, but could not find something related.
Is it possible to export the client socket to sendmail for smtp auth?
What would be the sendmail.mc configuration for this?
#client {
# The client socket is generally safe to export to everyone.
Typical use
# is to export it to your SMTP server so it can do SMTP AUTH lookups
# using it.
#path = /var/spool/postfix/private/auth
#mode = 0660
#user = postfix
#group = postfix
#}
It can also be the other way round: can Dovecot use Cyrus SASL for user
authentication?
Through pam, if you set MECH=pam in sasl config.
http://wiki.dovecot.org/PasswordDatabase/PAM
Ken
I need to use sendmail, ip based solutions like pop-before-smtp or
poprelay are not an option.
Thanks, Mike
Re: [Dovecot] sendmail smtp auth using client socket
Ken A wrote: Through pam, if you set MECH=pam in sasl config. http://wiki.dovecot.org/PasswordDatabase/PAM uh.. nevermind. got the cart before the horse there. need more coffee.. Ken
Re: [Dovecot] sendmail smtp auth using client socket [LDAP auth]
EQX e...@gmx.net wrote:
Hi list
I searched the net, but could not find something related.
Is it possible to export the client socket to sendmail for smtp auth?
What would be the sendmail.mc configuration for this?
#client {
# The client socket is generally safe to export to everyone. Typical use
# is to export it to your SMTP server so it can do SMTP AUTH lookups
# using it.
#path = /var/spool/postfix/private/auth
#mode = 0660
#user = postfix
#group = postfix
#}
It can also be the other way round: can Dovecot use Cyrus SASL for
user authentication?
I need to use sendmail, ip based solutions like pop-before-smtp or
poprelay are not an option.
Have you considered using LDAP based authentication in dovecot and
sendmail?
--
[plen: Andrew] Andrzej Adam Filip : a...@onet.eu
Packages should build-depend on what they should build-depend.
-- Santiago Vila on debian-devel
Re: [Dovecot] Mapping usernames
On Thu 12/02/09 18:36 , Timo Sirainen t...@iki.fi sent:
a...@123.com:.
...:user=realnamea_abc
Thanks Timo,
Unfortunately this is still not working. Any further comments would be
appreciated.
I've tried it two ways:-
ATTEMPT 1
/etc/dovecot.conf:
auth default {
userdb passwd-file {
args = /etc/dovecot.passwd
}
passdb passwd-file {
args = scheme=plain-md5 username_format=%u /etc/dovecot.passwd
}
}
/etc/dovecot.passwd:
b...@vh1.com:$1$Vh6a...::userdb_user=vh1_bob
Error:
auth(default): passwd-file(b...@vh1.com,:::127.0.0.1): no passwd file:
scheme=plain-md5 username_format=...@vh1.com /etc/dovecot.passwd
ATTEMPT 2
/etc/dovecot.conf:
auth default {
userdb passwd-file {
args = /etc/dovecot.passwd
}
passdb passwd-file {
args = /etc/dovecot.passwd
}
}
/etc/dovecot.passwd:
b...@vh1.com:{PLAIN-MD5}$1$Vh6a...::userdb_user=vh1_bob
Error:
auth(default): passwd-file(b...@vh1.com,:::127.0.0.1): unknown user
I'm missing something obvious, I'm sure of it.
Any pointers appreciated.
Thanks
-BEGIN PGP PUBLIC KEY BLOCK-
Version: GnuPG v1.4.5 (GNU/Linux)
mOIESXlwDRECAOycneJPOwSkETRkjJZdArag8V2rKOR2IUwlDOydIZXv/ITDlWDU
dookzEdWh7Ektf1Jlh+YbPNEGoPpQunL8O8AoJbWmNkpoX7jP0Sw/5rDN2eKGHR7
Af9mxTqQ/j3C5LkrTRo9iCTt1TxoqPi6R/w0KkIAuTXBq6j+vIFJcOFgABlMQoXs
V2crh1BUCmXVsV1puRJsLWKbAf4uL0V+N8WF4rvWHmJiYjgDn6exv3XHS0F6NhRz
n1KVnV0XDWMDq/B/tmj4L2JYxEzWzeNulC5yQBOdx/dLU12XtCNIZW5yeSAoemVu
LmNvLnphKSA8aGVucnlAemVuLmNvLnphPohgBBMRAgAgBQJJeXANAhsjBgsJCAcD
AgQVAggDBBYCAwECHgECF4AACgkQCHhhdg2iQafVGACdEMtEuUGIW2XJyn9Fig7n
sX4qzb4An0PGStBZvAP2qtzYP3SGlzsllzLjuI0ESXlwDRACAMsi4nl8/Yar2m9F
ex4dFDgWylLgScQrEhhb2xN0Upcglm60nHQD7c1rP+63Iu+lU0eWvyr8o3JTCN4y
PpoGMOMAAwUCAIUnLDMW/tz+qsYaOPyoh7HdAYqcrvVar7t+eKpihNBqfP4CT2Py
aRVMN6cSJj9NKZDW6b0QQSCGgN7PpzrLqf6ISQQYEQIACQUCSXlwDQIbDAAKCRAI
eGF2DaJBpxeiAJ9cNiuaftSoWke75RT1pn7qoibFfgCdHl6BgP9f450/oziDwaMM
w49UeHQ=
=qgmL
-END PGP PUBLIC KEY BLOCK-
Re: [Dovecot] great disappearing email mystery
on 2-12-2009 2:10 AM Aiko Barz spake the following: On Wed, Feb 11, 2009 at 05:27:02PM -0500, dhottin...@harrisonburg.k12.va.us wrote: Have there been any issues with dovecot and using outlook express (imap) as an email client? I have had a couple of users come up with random missing emails. Im trying to figure out if it is user error, or something wacky in my mailserver. I cant find anything telling in maillog files or my messages. Dovecot version is 1.0.3. Its ok to reply to me, I get list messages digest. The IMAP implementation of Outlook 2003 for example is not so nice. You must first figure out, if the email is missing within Outlook or if it is missing on the server too. For example: If the mailbox is greater than 2GB, Outlook 2003 crashes and corrupts its PST file. No more mails show up. A regular crash of Outlook may also corrupt its PST file. The effect is the same. Mails may dissapear within the client. So, if the missing mail is still on the server, run SCANPST.EXE. If it does not help, recreate the Outlook profile. If the mail is missing on the server, look close at their trash folder. ;) So long, Aiko Outlook does not store IMAP mail in its PST. PST's are only used for the local storage. Outlook does not crash if your IMAP mail folders are larger than 2 GB, although its IMAP implementation is pretty bad. -- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don't signature.asc Description: OpenPGP digital signature
Re: [Dovecot] Can't remove folder (no thunderbird issue)
on 2-12-2009 1:34 AM Jan Niggemann spake the following: Hi, first of all: yes, I already dug the internet but didn't find a solution - that's why I'm asking you. My provider uses dovecot, although I can't tell you more about the version - sorry. Mail is stored in mbox format. My trouble: I was unable to create subfolders and googled a bit. A proposed solution was to append a slash at the end of the folder name. I used Thunderbird to create a folder and called it test/ (yes, with a slash). Now, in both, Thunderbird and Mulberry, I'm unable to delete that folder (that contains neither messages nor subfolders). Mulberry doesn't give an error message, and in Thunderbird I can't find an option to remove this folder (no matter if subscribed or not). My provider uses roundcube as a webmail interface. Trying to delete the folder there seems to work OK, but after refreshing the folder-view it re-appears. I have no (ssh|telnet|...) access to the server, so I can't remove the folder using the shell.. Do I have other options than calling support? Thank you already jan The problem is with mbox in general. Mbox can only contain messages, and since your deleted items (trash) is also mbox, you can't delete a folder into it. In thunderbird you have to go to the properties for that server connection, go to server settings, click advanced, and clear the checkbox on Server supports folders that contain sub-folders and messages. -- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don't signature.asc Description: OpenPGP digital signature
Re: [Dovecot] great disappearing email mystery
On Thu, 12 Feb 2009, Scott Silva wrote: Outlook does not store IMAP mail in its PST. PST's are only used for the local storage. Outlook does not crash if your IMAP mail folders are larger than 2 GB, although its IMAP implementation is pretty bad. Outlook DOES store some kind of cache of IMAP mail in a PST. And that PST is always located in the Local Settings directory, regardless of your system-wide default location of PSTs. I don't know what happens when this cache PST reaches its 2GB limit... Related: I sometimes have people complaining that some emails don't show up in Outlook (2003) but are listen on webmail (Squirrel). Typically, users have 'hide messages marked for deletion' set. Changing that to show all messages makes the 'missing' mails visible, but they are then not marked for deletion. (Running the etch-backports 1.0.15 version of dovecot-imapd currently) This looks like it's an Outlook problem, but if a workaround at dovecot's side would help, I would be very happy. Regards, Maarten
Re: [Dovecot] Can't remove folder (no thunderbird issue)
On Feb 12 2009, Scott Silva wrote: The problem is with mbox in general. Mbox can only contain messages, and since your deleted items (trash) is also mbox, you can't delete a folder into it. In thunderbird you have to go to the properties for that server connection, go to server settings, click advanced, and clear the checkbox on Server supports folders that contain sub-folders and messages. It's a consequence of mbox, but the problem is with Thunderbird's persistent interface mis-features in the name of configurabiilty. -- Brian Hayden Minnesota Supercomputing Institute University of Minnesota
Re: [Dovecot] great disappearing email mystery
on 2-12-2009 10:35 AM Maarten Bezemer spake the following: On Thu, 12 Feb 2009, Scott Silva wrote: Outlook does not store IMAP mail in its PST. PST's are only used for the local storage. Outlook does not crash if your IMAP mail folders are larger than 2 GB, although its IMAP implementation is pretty bad. Outlook DOES store some kind of cache of IMAP mail in a PST. And that PST is always located in the Local Settings directory, regardless of your system-wide default location of PSTs. I don't know what happens when this cache PST reaches its 2GB limit... It would take a LOT of messages to cache 2 GB of headers. Related: I sometimes have people complaining that some emails don't show up in Outlook (2003) but are listen on webmail (Squirrel). Typically, users have 'hide messages marked for deletion' set. Changing that to show all messages makes the 'missing' mails visible, but they are then not marked for deletion. Outlook also clashes on the POP3 side if the user has their check for messages frequency too low. I think it trips over itself and locks up. Only a full restart of outlook or sometimes a reboot of the PC will make it start again. I don't let users have their check frequency any less than 10 minutes, although repeatedly hitting the Send/Receive button will also lock it up. This is also an Outlook problem, along with users that think e-mail is an instant messaging application. Outlook was designed as an Exchange client. Everything else was added as an afterthought. Thunderbird with Lightning works better than Outlook, but not a lot better. (Running the etch-backports 1.0.15 version of dovecot-imapd currently) 1.1 seems to be slightly better with Outlook, or at least my Outlook users haven't been complaining as much. They could be resolved to the fact that it just doesn't work very well. You won't find it in any Debian repo that I know of. This looks like it's an Outlook problem, but if a workaround at dovecot's side would help, I would be very happy. Do you have outlook-idle set in the config file for pop3 and IMAP? Regards, Maarten -- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don't signature.asc Description: OpenPGP digital signature
[Dovecot] delivering to folder based on recipient_delimiter?
I'm currently running postfix + dovecot, with virtual users In postfix I have set recipient_delimiter = + so that postfix accepts mail for u...@example.com, user+...@example.com, and user+s...@example.com all deliver to inbox. what I would like is to have email directed to user+...@example.com delivered to the IMAP folder foo (and, in the context of amavisd, have amavis configured for recipient_delimited, and add addr_extension_spam_maps add +spam to each mail identified as spam, and thus the mail would go to the spam folder on delivery. The postfix guys say I should be able to do this. can someone point me to how to implement this with dovecot? (as I don't see how to even start). Thx Rick Rick Steeves http://www.sinister.net The journey is the destination
Re: [Dovecot] delivering to folder based on recipient_delimiter?
dove...@corwyn.net wrote: I'm currently running postfix + dovecot, with virtual users In postfix I have set recipient_delimiter = + so that postfix accepts mail for u...@example.com, user+...@example.com, and user+s...@example.com all deliver to inbox. what I would like is to have email directed to user+...@example.com delivered to the IMAP folder foo (and, in the context of amavisd, have amavis configured for recipient_delimited, and add addr_extension_spam_maps add +spam to each mail identified as spam, and thus the mail would go to the spam folder on delivery. The postfix guys say I should be able to do this. can someone point me to how to implement this with dovecot? (as I don't see how to even start). I use Sieve to do this. There's probably other ways, too. http://wiki.dovecot.org/LDA ~Seth
Re: [Dovecot] Can't remove folder (no thunderbird issue)
On Thu, 2009-02-12 at 11:37 -0800, Scott Silva wrote: The problem is with mbox in general. Mbox can only contain messages, and since your deleted items (trash) is also mbox, you can't delete a folder into it. In thunderbird you have to go to the properties for that server connection, go to server settings, click advanced, and clear the checkbox on Server supports folders that contain sub-folders and messages. It's a consequence of mbox, but the problem is with Thunderbird's persistent interface mis-features in the name of configurabiilty. I'm not sure if it is proper, but you would think that the IMAP server should be able to give something in the capabilities dialog that lets a client know this. Client is able to figure out that. Or maybe it does, and Thunderbird doesn't pay attention. Yeah. It's been in bugzilla for almost 4 years now: https://bugzilla.mozilla.org/show_bug.cgi?id=284933 signature.asc Description: This is a digitally signed message part
Re: [Dovecot] pop3_lock_session question
On Thu, 12 Feb 2009, Charles Marcus wrote: On 2/12/2009, Rob Mangiafico (rm...@lexiconn.com) wrote: I mean it will probably work. I'm trying to get v1.1 to a deep feature freeze. Do you think this pop3 lock issue could be applied to 1.1? I think above he said 'not officially, but that you could apply the patch yourself'. Best bet would be to upgrade to 1.2 if you want official support for it... ok, thanks. Has anyone tried patching against 1.1.11? Any patch file for it? We just spent a few months transitioning from uw imap to dovecot 1.1, so we would rather not jump into 1.2 at the moment. Thanks. Rob
Re: [Dovecot] delivering to folder based on recipient_delimiter?
what I would like is to have email directed to user+...@example.com
delivered to the IMAP folder foo
mailbox_command = /usr/libexec/dovecot/deliver -n -e -m ${EXTENSION}
Re: [Dovecot] libsieve problems / wishes
Steffen Kaiser wrote: On Tue, 3 Feb 2009, Stephan Bosch wrote: only if your clients do not use the obsolete mark/unmark commands. Could you confirm this for me? Horde and all my users manually wrote Sieve scripts use addflag / removeflag only. It seems that some people use (their own) Avelsieve, no mark either. I never noticed the mark command myself ... . Maybe you offer a compile-time option to put the load of no 100% conformance to imapflags on the admin? I would take it :) Ok, I finished implementing the 'imapflags' variant of the imap4flags extension. It turned out to be relatively easy to provide support for the obsolete mark/unmark commands, so I added those as well. Note that the imapflags extension is not available to the users by default: it needs to be enabled explicitly using the sieve_extensions setting (as explained in the INSTALL file). Completely solving your vacation :addresses problem will have to wait until after today's/tomorrow's new release. I did however adjust the case-sensitivity of address comparisons to match mail software consensus. Regards, -- Stephan Bosch step...@rename-it.nl
Re: [Dovecot] pop3_lock_session question
On 2/12/2009, Rob Mangiafico (rm...@lexiconn.com) wrote: ok, thanks. Has anyone tried patching against 1.1.11? Any patch file for it? We just spent a few months transitioning from uw imap to dovecot 1.1, so we would rather not jump into 1.2 at the moment. Thanks. I really don't think upgrading from 1.1 to 1.2 will be an issue... not even in the same galaxy as migrating from uw-imap to dovecot. Should be invisible. -- Best regards, Charles
Re: [Dovecot] delivering to folder based on recipient_delimiter?
Thank you; that took me to http://wiki.dovecot.org/LDA/Postfix which pretty much straight up fixed what I wanted it to. At 02:38 PM 2/12/2009, you wrote: dove...@corwyn.net wrote: I'm currently running postfix + dovecot, with virtual users In postfix I have set recipient_delimiter = + so that postfix accepts mail for u...@example.com, user+...@example.com, and user+s...@example.com all deliver to inbox. what I would like is to have email directed to user+...@example.com delivered to the IMAP folder foo (and, in the context of amavisd, have amavis configured for recipient_delimited, and add addr_extension_spam_maps add +spam to each mail identified as spam, and thus the mail would go to the spam folder on delivery. The postfix guys say I should be able to do this. can someone point me to how to implement this with dovecot? (as I don't see how to even start). I use Sieve to do this. There's probably other ways, too. http://wiki.dovecot.org/LDA ~Seth
[Dovecot] Released Sieve v0.1.3 and ManageSieve v0.11.3 for Dovecot v1.2.beta1
Hello Dovecot users, It has been about two months since the last release of the new Sieve implementation and the ManageSieve service for Dovecot v1.2. Therefore, this release contains quite a few changes. It adds new sieve features like the enotify extension and multiscript support. Also, quite a few (user-reported) bugs were fixed since the last release. Changelog Sieve v0.1.3: * Adapted to changes in Dovecot, making this release dependent on Dovecot = 1.2.beta1 * Made mail address comparison fully case-insensitive. This is particularly noticeable for the :addresses argument of the vacation command. + Finished enotify extension. Currently, only the mailto notification method is implemented. All still needs to be tested thoroughly. + Implemented multiscript support. It is now possible to execute multiple Sieve scripts sequentially. Administrator-controlled scripts can be executed before and after the user's script. Still needs to be tested thoroughly. + Implemented support for configuring the available Sieve extensions. + Made the subaddress extension (partially) configurable using the sieve_subaddress_sep setting, which allows specifying a (multi-charater) separator other than '+'. + Compiler now warns about invalid header field names used for the header and address tests. + Vacation extension now properly generates a References header for the response message. + Added testing of basic result execution to the test suite. Also added support for testing the outgoing messages produced by the Sieve interpreter. + Included execution of the actual result in the sieve-test command line tool. The undocumented sieve-exec tool that existed for this is now removed as planned. + Added support for the now obsolete 'imapflags' extension for backwards compatibility with CMUSieve. This also implements the mark/unmark commands. - Fixed bugs in the regex extension: 1) if an optional match value did not in fact match, subsequent match values would get unexpected indexes. 2) fixed segfault bug occuring when regex is freed. - Fixed bug in the use of the :from agrument for the vacation command. If this address included a phrase part, the response would not be a valid RFC822 message. - Plugged a theoretical security hole occuring when a directory is opened as a Sieve binary. - Cleaned up and fixed various log messages. - Fixed bug in the outgoing address verification. Addresses ending in ',' were erroneously accepted. Changelog ManageSieve v0.11.3: * Changed the SASL service name from managesieve into sieve as required in the protocol specification. Don't forget to adjust your configuration if your authentication mechanism depends on this service name. * Adapted to changes in Dovecot, making this release dependent on Dovecot = v1.2.beta1. * Adapted to changes in the new Sieve implementation, making this release dependent on Dovecot Sieve = v0.1.3 if used. The old cmusieve plugin is still supported. + Implemented making the SIEVE and NOTIFY capability fully dynamic, meaning that the sieve_extensions setting that was introduced for the new Sieve plugin properly affects the ManageSieve daemon as well. + Added support for the CHECKSCRIPT command. In terms of the supported commands, the ManageSieve daemon now complies with protocol VERSION 1.0 as listed in the CAPABILITY response. - Fixed maximum permissions for uploaded scripts; was 0777. This was shielded however by the default umask (not documented to be configurable), so the actual permissions would never have been 0777. - Fixed a segfault bug in the authentication time-out. Bug report and trace provided by Wolfgang Friebel. - Fixed handling of ~/ in use of mail-data for script location. - Fixed small problems in the login proxy support. The following files are released: Sieve: http://www.rename-it.nl/dovecot/1.2/dovecot-1.2-sieve-0.1.3.tar.gz http://www.rename-it.nl/dovecot/1.2/dovecot-1.2-sieve-0.1.3.tar.gz.sig ManageSieve package: http://www.rename-it.nl/dovecot/1.2/dovecot-1.2-managesieve-0.11.3.tar.gz http://www.rename-it.nl/dovecot/1.2/dovecot-1.2-managesieve-0.11.3.tar.gz.sig ManageSieve patch: http://www.rename-it.nl/dovecot/1.2/dovecot-1.2.beta1-managesieve-0.11.3.diff.gz http://www.rename-it.nl/dovecot/1.2/dovecot-1.2.beta1-managesieve-0.11.3.diff.gz.sig Have fun testing the new releases and don't hesitate to notify me when there are problems. Regards, -- Stephan Bosch step...@rename-it.nl
[Dovecot] file name missing component in error message
Hi, we occasionally see this error message from maildir_mail_set_cache_corrupted(): Maildir filename has wrong W value: %s/%s but the path it prints is missing a component, specifically, the new/cur/tmp component. For example: /Volumes/Spool/user/maildir/12345.M123P123.example.com should be /Volumes/Spool/user/maildir/cur/12345.M123P123.example.com This is using dovecot-1.1.10. Now I just have to figure out why the file is corrupted in the first place.
Re: [Dovecot] Corrupted index cache file
On Thu, Feb 12, 2009 at 5:39 PM, Charles Marcus cmar...@media-brokers.com wrote: On 2/12/2009 3:31 AM, Frank Bonnet wrote: dovecot: Feb 11 16:07:27 Error: IMAP(dumontj): FETCH for mailbox Sent UID 7139 got too little data: 2 vs 11160 dovecot: Feb 11 16:07:27 Error: IMAP(dumontj): Corrupted index cache file /user/dumontj/.imap/Sent/dovecot.index.cache: Broken virtual size for mail UID 7139 Does remove the cache will cure the problem ? Version? There have been lots of mbox fixes in recent versions... I'm still getting this error in the 1.1.x hg tree (using a post 1.1.11 snapshot taken 6 days ago), happy to see I'm not the only one. It's really _rare_ and difficult to reproduce. Usually, it happens when a thunderbird user tells dovecot to store a mail with multipart mime attachments in a mbox folder (mostly Sent or Trash folder). When this error appears, the last mail attachment is actually truncated. Filesystem here is ext3 on a two node drbd active/passive cluster (Centos 5.2) Regards, Diego.
Re: [Dovecot] Corrupted index cache file
On Fri, 2009-02-13 at 00:10 +0100, Diego Liziero wrote: dovecot: Feb 11 16:07:27 Error: IMAP(dumontj): FETCH for mailbox Sent UID 7139 got too little data: 2 vs 11160 .. It's really _rare_ and difficult to reproduce. Usually, it happens when a thunderbird user tells dovecot to store a mail with multipart mime attachments in a mbox folder (mostly Sent or Trash folder). When this error appears, the last mail attachment is actually truncated. Any idea if the saved data simply isn't written / is truncated, instead of the following message overwriting it? i.e. has this happened to the last message in the mbox file (with uid = next_uid-1 to make sure the last message wasn't actually expunged)? signature.asc Description: This is a digitally signed message part
Re: [Dovecot] file name missing component in error message
On Thu, 2009-02-12 at 17:05 -0600, Mike Abbott wrote: Hi, we occasionally see this error message from maildir_mail_set_cache_corrupted(): Maildir filename has wrong W value: %s/%s but the path it prints is missing a component, specifically, the new/cur/tmp component. For example: /Volumes/Spool/user/maildir/12345.M123P123.example.com should be /Volumes/Spool/user/maildir/cur/12345.M123P123.example.com Fixed: http://hg.dovecot.org/dovecot-1.1/rev/c08c602ca0dc Now I just have to figure out why the file is corrupted in the first place. Are you using deliver? signature.asc Description: This is a digitally signed message part
Re: [Dovecot] great disappearing email mystery
on 2-12-2009 3:31 PM Maarten Bezemer spake the following: On Thu, 12 Feb 2009, Scott Silva wrote: on 2-12-2009 10:35 AM Maarten Bezemer spake the following: Outlook DOES store some kind of cache of IMAP mail in a PST. And that PST is always located in the Local Settings directory, regardless of your system-wide default location of PSTs. I don't know what happens when this cache PST reaches its 2GB limit... It would take a LOT of messages to cache 2 GB of headers. I've seen users with about 1GB worth of Maildir folders and some 800MB of IMAP cache PST. So it might not be headers only in there... (Running the etch-backports 1.0.15 version of dovecot-imapd currently) 1.1 seems to be slightly better with Outlook, or at least my Outlook users haven't been complaining as much. They could be resolved to the fact that it just doesn't work very well. You won't find it in any Debian repo that I know of. I can see 1.1.9-1 in Experimental, but nog even in Unstable yet. So I'm not ready to try it on production machines. The 'missing mail' in the 'hide messages marked for deletion' setting seems to be persistent. Closing Outlook for the night and then restarting it in the morning still doesn't show the messages although they still are there on the server and also visible normally in webmail. (Using imap all the way, I don't recall if I mentioned that explicitly). Strangest thing about this is that it only seems to happen when an email is read first through webmail. Not always, only just once every few weeks. Possible something in the headers or flags triggers some weirdness in Outlook, making it believe the message is marked for deletion. Do you have outlook-idle set in the config file for pop3 and IMAP? Not using pop3 at all, but outlook-idle is set for the imap protocol. Regards, Maarten I just found this; http://pubs.logicalexpressions.com/pub0009/LPMArticle.asp?ID=736 I guess Outlook 2003 introduced a newer version of the PST files that has a 20GB (twenty GB ) limit, but they have to be created with 2003, and they are not backward compatible. -- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don't signature.asc Description: OpenPGP digital signature
Re: [Dovecot] CentOS 5 ... again
On Tue, 10 Feb 2009 18:02:23 +0100 Angel Marin an...@anmar.eu.org wrote: Scott Silva wrote: on 2-9-2009 8:07 PM Linux Advocate spake the following: guys , i m new to centos. i have learned to use yum and the priority plugin. Does the atrpm repo provide the most up to date version of dovecot? i have the following repos configured -epel and rpm forge besides thestandard base,updates,addons,extras repos. Atrpms is the most up to date version I have found so far, and it looks like it is recently up to 1.1.11. They also have the 1.0 branch if you need it. I usually leave it disabled and only enable it with the yum --enablerepo=atrpms update dovecot command when I want to update dovecot. It seems a little too cutting edge for my tastes on a server. Others are OK with it being enabled, so YMMV. If you only want to pull dovecot from atrpms, add a includepkgs option to the repo definition[1] and leave it enabled. You'll see dovecot updates just like any other package without having to use the whole repo: [atrpms] name=Red Hat Enterprise $releasever - $basearch - ATrpms baseurl=http://dl.atrpms.net/el$releasever-$basearch/atrpms/stable gpgcheck=1 gpgkey=http://ATrpms.net/RPM-GPG-KEY.atrpms enabled=1 includepkgs=dovecot* [atrpms-testing] name=Red Hat Enterprise $releasever - $basearch - ATrpms-testing baseurl=http://dl.atrpms.net/el$releasever-$basearch/atrpms/testing gpgcheck=1 gpgkey=http://ATrpms.net/RPM-GPG-KEY.atrpms enabled=1 includepkgs=dovecot* [1] http://atrpms.net/install.html Better use specific package names, speeds up 'yum check-update' (etc. pp.) quite a bit. And something like Nagios won't bite you, because there was some timeout due to the filtering. -jhz
Re: [Dovecot] great disappearing email mystery
On Thu, 12 Feb 2009, Scott Silva wrote: I just found this; http://pubs.logicalexpressions.com/pub0009/LPMArticle.asp?ID=736 I guess Outlook 2003 introduced a newer version of the PST files that has a 20GB (twenty GB ) limit, but they have to be created with 2003, and they are not backward compatible. True, for anything but IMAP. IMAP in Outlook2003 is still forced to be non-unicode in old-style PST's. (Which indeed does screw up when receiving mails in Russian unicode charset.. rather badly.) Starting from Outlook2007 you can use unicode PST's for IMAP connections. I'm seriously considering doing some evaluation of the Bynari Insight connector, which could make my life somewhat easier. Problem is that Dovecot is not officially supported, and it has some notes about email virus scanners having to be disabled for it to work properly. (And of course the licensing / activation issue which makes it less practical for setups that have intermittent internet connections.) Is there anyone here who has experience with this? [yes, I think I'll start a fresh thread about that..] Regards, Maarten
[Dovecot] Bynari Insight connector
Hi, Since IMAP support in Outlook is 'somewhat broken', and Bynari has some promising specifications on their website, I might want to try their product. Does anyone here have any experience with their software? Would you recommend it? Or maybe point me at alternatives? (If there are any.. aside from ditching Outlook of course :-P ) Regards, Maarten Bezemer
Re: [Dovecot] great disappearing email mystery
on 2-12-2009 3:48 PM Maarten Bezemer spake the following: On Thu, 12 Feb 2009, Scott Silva wrote: I just found this; http://pubs.logicalexpressions.com/pub0009/LPMArticle.asp?ID=736 I guess Outlook 2003 introduced a newer version of the PST files that has a 20GB (twenty GB ) limit, but they have to be created with 2003, and they are not backward compatible. True, for anything but IMAP. IMAP in Outlook2003 is still forced to be non-unicode in old-style PST's. (Which indeed does screw up when receiving mails in Russian unicode charset.. rather badly.) Starting from Outlook2007 you can use unicode PST's for IMAP connections. I'm seriously considering doing some evaluation of the Bynari Insight connector, which could make my life somewhat easier. Problem is that Dovecot is not officially supported, and it has some notes about email virus scanners having to be disabled for it to work properly. (And of course the licensing / activation issue which makes it less practical for setups that have intermittent internet connections.) Is there anyone here who has experience with this? [yes, I think I'll start a fresh thread about that..] Regards, Maarten If you HAVE to use Outlook, it only shines with Exchange. Everything else about outlook is just not great. -- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don't signature.asc Description: OpenPGP digital signature
Re: [Dovecot] great disappearing email mystery
Words by Maarten Bezemer [Fri, Feb 13, 2009 at 12:31:28AM +0100]: On Thu, 12 Feb 2009, Scott Silva wrote: on 2-12-2009 10:35 AM Maarten Bezemer spake the following: It would take a LOT of messages to cache 2 GB of headers. I've seen users with about 1GB worth of Maildir folders and some 800MB of IMAP cache PST. So it might not be headers only in there... We have users with 40GB used :) -- Jose Celestino | http://japc.uncovering.org/files/japc-pgpkey.asc One man’s theology is another man’s belly laugh. -- Robert A. Heinlein
Re: [Dovecot] quota - implement via dovecot or postfix? which is easier ?
Scott Silva wrote, On 2/10/09 11:34 AM: on 2-9-2009 7:53 PM Linux Advocate spake the following: B. Am i right in concluding that its easier and better in the long run to implement and enforce quotas thru dovecot instead of postfix? If you enforce quota with postfix only, the quota effects mail deliveries via SMTP only, but not when IMAP users upload stuff. Steffen, this i did not know. My understanding was that imap only reads what is stored, its is postfix and the LDA that actually writes to the mail box. Regards, marco But with IMAP you can move messages in and out from other clients local stores, or from other servers entirely by drag and drop. It also should be noted that many clients do this automatically with routine use, so users might not even understand that they are adding messages to their IMAP server, they might just know that they have Sent and Drafts folders.
Re: [Dovecot] file name missing component in error message
Fixed: http://hg.dovecot.org/dovecot-1.1/rev/c08c602ca0dc Cool, thanks. Are you using deliver? Yup. The corrupted files actually contain dot-lock data (pid:hostname) followed by a bunch of nulls. For instance, a mail file with an S=3368 flag in the file name contains 12345:mail.example.com (22 bytes) followed by 3346 nulls. I'm unfamiliar with how dovecot uses dot-lock files; is this more likely to be dovecot's fault or a disk corruption?
Re: [Dovecot] file name missing component in error message
On Thu, 2009-02-12 at 18:12 -0600, Mike Abbott wrote: Are you using deliver? Yup. The corrupted files actually contain dot-lock data (pid:hostname) followed by a bunch of nulls. For instance, a mail file with an S=3368 flag in the file name contains 12345:mail.example.com (22 bytes) followed by 3346 nulls. I'm unfamiliar with how dovecot uses dot-lock files; is this more likely to be dovecot's fault or a disk corruption? Sounds more like disk corruption. Mail files start empty and pid:host is never written to them at any point. signature.asc Description: This is a digitally signed message part
Re: [Dovecot] libsieve problems / wishes
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 12 Feb 2009, Stephan Bosch wrote: enabled explicitly using the sieve_extensions setting (as explained in the INSTALL file). OK, I'll see into it. Completely solving your vacation :addresses problem will have to wait until after today's/tomorrow's new release. I did however adjust the case-sensitivity of address comparisons to match mail software consensus. I was busy with other stuff, therefore I didn't responded to: Are you trying to solve the situation where one user can have many (domain-)aliases on the local server? This could be solved (for the most part) by adding the user's local aliases using some sort of background configuration, e.g. returned from a userdb lookup. This avoids the need for each user to specify all its local aliases explicitly. Then, only externally forwarded mail addresses need to be specified explicitly in :addresses by the user, but those addresses should be no concern for the local Sieve administrator. My problem is that our domain can be written in 157 variants. Most of them are pretty unused and they could be ignored, but there are still about 16 in practical use. I have no problem to enumerate all possible domains, but it would break the real world, if I'd automatically add all variants to :addresses (as hinted by the RFC), because about half of the users respond to a subset of variants only and use other variants for official mailing lists etc.pp. They want to select just some addresses. On the other hand, there are users, who do not want to use such fine grained control, and organisational roles claimed to be so important that any writing must trigger vacation. That's why I don't want to enforce all writing variants for the users, but must offer both, and the catch-all setting as easy as possible. Thanks, - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBSZUld3WSIuGy1ktrAQIdEgf/XPmg2lTv+whrXe5otwLTWsbtqOI+y2qC 0wTMB6fXqTDtCAjqGdI6jNenFVV8NTOT3OustkR7M1QrskLuECg+yILiFBC6aXz9 AQwD0hDW4/EeHXU2tsK+X8+wi66QJPlr9cakcNsx3MlYP0VDjrVK37edGmB8uf7H 2GrD2hidYDsqBKs+yuy3uFT9KwBOeSiKZP0x0X0T16tUbSPJ4HxageHSF4sba+5L BXWc7plQ8f8VOhV9T1R8eB0aOp0gSyuaGiI7Gm+HzHSWOBtxmqMOxlcj+EWzr6ds q6QxknCISQRM02vNSX3/1aGNLCH4osipxEx5qFGqHDn/Xgon8MMZhg== =BvgI -END PGP SIGNATURE-
Re: [Dovecot] Mapping usernames [RESOLVED]
Resolved. For others, this is the simple solution which works for me:
/etc/dovecot.conf:
auth default {
userdb passwd-file {
args = /etc/passwd
}
passdb passwd-file {
args = scheme=MD5-CRYPT /etc/dovecot.passwd
}
}
/etc/dovecot.passwd:
b...@vhost.com:$1$yAOjs09l$...::userdb_user=vabc_bob
(the encrypted password $1$yAOjs09l$... comes from /etc/shadow)
/etc/passwd:
vabc_bob:x:20838:2362:bob:/home/mailusers/vabc_bob:/sbin/nologin
abc could also be the domain (vhost), but this might be too large for
really long domain names. So we rather use a short unique prefix for each
domain.
Cheers
Henry
-BEGIN PGP PUBLIC KEY BLOCK-
Version: GnuPG v1.4.5 (GNU/Linux)
mOIESXlwDRECAOycneJPOwSkETRkjJZdArag8V2rKOR2IUwlDOydIZXv/ITDlWDU
dookzEdWh7Ektf1Jlh+YbPNEGoPpQunL8O8AoJbWmNkpoX7jP0Sw/5rDN2eKGHR7
Af9mxTqQ/j3C5LkrTRo9iCTt1TxoqPi6R/w0KkIAuTXBq6j+vIFJcOFgABlMQoXs
V2crh1BUCmXVsV1puRJsLWKbAf4uL0V+N8WF4rvWHmJiYjgDn6exv3XHS0F6NhRz
n1KVnV0XDWMDq/B/tmj4L2JYxEzWzeNulC5yQBOdx/dLU12XtCNIZW5yeSAoemVu
LmNvLnphKSA8aGVucnlAemVuLmNvLnphPohgBBMRAgAgBQJJeXANAhsjBgsJCAcD
AgQVAggDBBYCAwECHgECF4AACgkQCHhhdg2iQafVGACdEMtEuUGIW2XJyn9Fig7n
sX4qzb4An0PGStBZvAP2qtzYP3SGlzsllzLjuI0ESXlwDRACAMsi4nl8/Yar2m9F
ex4dFDgWylLgScQrEhhb2xN0Upcglm60nHQD7c1rP+63Iu+lU0eWvyr8o3JTCN4y
PpoGMOMAAwUCAIUnLDMW/tz+qsYaOPyoh7HdAYqcrvVar7t+eKpihNBqfP4CT2Py
aRVMN6cSJj9NKZDW6b0QQSCGgN7PpzrLqf6ISQQYEQIACQUCSXlwDQIbDAAKCRAI
eGF2DaJBpxeiAJ9cNiuaftSoWke75RT1pn7qoibFfgCdHl6BgP9f450/oziDwaMM
w49UeHQ=
=qgmL
-END PGP PUBLIC KEY BLOCK-
