[Dovecot] Convert to DBox
I am thinking of trying out dbox format. I am currently using maildir. Is it possible for me to switch just one user account to dbox while keeping all of my other users on maildir? If so, how would I go about doing that? Here is a copy of my dovecot -n: # 1.2.5: /usr/local/etc/dovecot.conf # OS: Linux 2.6.30-1-amd64 x86_64 Debian squeeze/sid ext3 base_dir: /var/run/dovecot/ protocols: imap imaps pop3 pop3s ssl_cert_file: /etc/ssl/certs/stikman-godaddy.crt ssl_key_file: /etc/ssl/private/stikman-godaddy.key disable_plaintext_auth: no login_dir: /var/run/dovecot//login login_executable(default): /usr/local/libexec/dovecot/imap-login login_executable(imap): /usr/local/libexec/dovecot/imap-login login_executable(pop3): /usr/local/libexec/dovecot/pop3-login mail_location: maildir:/home/vmail/%u mail_executable(default): /usr/local/libexec/dovecot/imap mail_executable(imap): /usr/local/libexec/dovecot/imap mail_executable(pop3): /usr/local/libexec/dovecot/pop3 mail_plugin_dir(default): /usr/local/lib/dovecot/imap mail_plugin_dir(imap): /usr/local/lib/dovecot/imap mail_plugin_dir(pop3): /usr/local/lib/dovecot/pop3 lda: postmaster_address: postmas...@stikman.com mail_plugins: cmusieve sendmail_path: /usr/sbin/sendmail auth_socket_path: /var/run/dovecot/auth-master auth default: mechanisms: plain login username_format: %Lu passdb: driver: pam userdb: driver: passwd args: uid=vmail gid=vmail home=/home/vmail/%u socket: type: listen master: path: /var/run/dovecot/auth-master mode: 384 user: vmail group: vmail plugin: sieve: sieve Thanks, Jeff
[Dovecot] dbox: maildir migration
I'm trying to clean up the code for Dovecot v2.0 and I just keep coming back to the same thought: Is having the super-fast maildir -> single-dbox migration really actually a good idea? Some problems with it: 1. Makes the code more complex.. And I've already fixed many bugs related to that, maybe not all. 2. Having some mails in maildir format and others in dbox format isn't really good in long term. The super-fast migration was mainly meant to be used as a quick and easy way to start using dbox and then slowly convert maildir files to dbox files. 3. There's currently no way to actually convert the migrated maildir files to dbox format. And I'm not really sure how such a tool would even be used. "doveadm -u dbox convert-old-maildir-files" run one user at a time?.. Maybe a better alternative would be to simply do a proper full migration to dbox format, a few users at a time so disk I/O wouldn't explode? dsync especially could be helpful here. convert plugin could be replaced with a dsync plugin and then a migration could be done with: 1. Run a "pre-migration" dsync for n users (not absolutely required, but a good idea to avoid login delays). 2. Enable dsync plugin for the users (or this could be enabled always). 3. Switch users to dbox format. 4. Run a "post-migration" dsync for the users. If any user logged in before the post-migration was finished, the dsync plugin would finish the migration for that user. 5. Goto 1 with another set of users, repeat until finished with all users. signature.asc Description: This is a digitally signed message part
Re: [Dovecot] Problem with dict-quota, deliver killed by delivery attempt
On Tue, 29 Sep 2009, Timo Sirainen wrote: On Tue, 2009-09-29 at 16:50 +0200, Jacek Osiecki wrote: I can't get quota lda plugin working... When I enable quota plugin, the emails (delivered by exim + dovecot-lda) are instantly rejected: Yeah, there is a bug in 1.2.5 if you're using non-Maildir++ quota. This patch fixes it: http://hg.dovecot.org/dovecot-1.2/rev/3132464fbe9c All right, that fixes the problem :) Thanks! However, now I have to find out how to actually configure quota... ;) [...] Although I would have expected signal 11, not 9. I think grsecurity + pax kills it with "9": Sep 29 16:18:06 hotel kernel: [1725147.527548] PAX: From 127.0.0.1: execution attempt in: , - Sep 29 16:18:06 hotel kernel: [1725147.527657] PAX: terminating task: /usr/lib64/dovecot/orig-deliver(orig-deliver):1858, uid/euid: 79/79, PC: (null), SP: 7dd3bfce7748 Sep 29 16:18:06 hotel kernel: [1725147.527765] PAX: bytes at PC: ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? Best regards, -- Jacek Osiecki jos...@ceti.pl GG:3828944 I don't want something I need. I want something I want.
Re: [Dovecot] getmail and Dovecot LDA deliver
Robert Schetterer wrote: > > no problem, but i think > getmail should place emails without running > external mta to in virtual users maildirs > there may be problems with permissions and home paths for virtuals users > but getmail setup should be enough flexi to manage this > > perhaps you read again > http://pyropus.ca/software/getmail/configuration.html#destination-maildir > http://pyropus.ca/software/getmail/getmailrc-examples > and ask on their list > > -- > Best Regards > > MfG Robert Schetterer > > Germany/Munich/Bavaria > > After a long time running (fine) with sendmail I finally found out the problem. 30cm in front of the computer If I give the argument like that type = MDA_external path = /usr/syno/mailstation/libexec/dovecot/deliver arguments = ("-d","virtualu...@domain.net",) then it works like charm :-) Thanks for the links (the 2nd one had the solution) tobi -- View this message in context: http://www.nabble.com/getmail-and-Dovecot-LDA-deliver-tp24896318p25665899.html Sent from the Dovecot mailing list archive at Nabble.com.
Re: [Dovecot] Subject Alternativee Names
On 9/28/2009 12:41 PM, Edgar Fuß wrote: >> There is a way to add 'alternate names' > Subject Altenative Names. >> but I don't think TBird (or most other Clients) will recognize them. > The only client I know of NOT suporting subjectAltName is plain old pine. Cool... thanks! I'll give it a try then soon... -- Best regards, Charles
Re: [Dovecot] Problem with dict-quota, deliver killed by delivery attempt
On Tue, 2009-09-29 at 11:50 -0400, Mario Antonio wrote: > Does 1.2.5 have problems with maildir quota and imap quota? No. signature.asc Description: This is a digitally signed message part
Re: [Dovecot] Problem with dict-quota, deliver killed by delivery attempt
Timo Sirainen wrote: On Tue, 2009-09-29 at 16:50 +0200, Jacek Osiecki wrote: I can't get quota lda plugin working... When I enable quota plugin, the emails (delivered by exim + dovecot-lda) are instantly rejected: Yeah, there is a bug in 1.2.5 if you're using non-Maildir++ quota. This patch fixes it: http://hg.dovecot.org/dovecot-1.2/rev/3132464fbe9c 2009-09-29 16:36:12 1MsdoI-aJ-2L ** ja...@my-domain.pl R=mysql_localuser T=dovecot_delivery: Child process of dovecot_delivery transport (running command "/usr/lib64/dovecot/deliver -d $local_p...@$domain -f $sender_address -a $original_local_p...@$original_domain") was terminated by signal 9 (Killed) Although I would have expected signal 11, not 9. Does 1.2.5 have problems with maildir quota and imap quota? My plugin settings: quota = maildir:User quota quota_rule = *:storage=2G And in Imap: protocol imap { mail_plugins = quota imap_quota acl } M.A.
Re: [Dovecot] Capability COMPRESS implemented?
Timo Sirainen wrote: On Thu, 2009-06-25 at 21:49 +0100, Ed W wrote: Timo normally chimes in pretty fast on these types of questions - Any chance of a yay/nay on the COMPRESS option Timo? Maybe. I'm kind of busy with other stuff though.. Understood Please take it as a +1 interested here. I guess you don't take external paid work now... Yeah, not for next half a year at least. Anyway, it would basically need istream and ostream implementations for zlib. istream implementation kind of already exists in zlib plugin, except it's using gz*() functions instead of doing everything in memory. So: - create zlib istream using zlib's deflate*() functions (I think?) and which takes another istream as input - convert zlib plugin to use that stream instead - implement zlib ostream - create yet another proxy to login processes. Probably some day I should combine all of them to one that only proxies i/ostreams. Although implementing SSL i/ostreams could be a bit difficult. OK, so I gave the developers of profimail (a rather neat imap client for Nokia symbian phones, decent idle support, etc) a nudge about the recent thread here on compression support and they tell me that they have no knobs or bells to influence the SSL implementation under symbian, so apparently no SSL compression is available on symbian (boo). However, I also pointed out the COMPRESS rfc and 6 hours later they sent me a new build with COMPRESS support! It's tested against cyrus and fastmail in particular I promised Timo some notes on zlib implementation many months back - this was about to get me off my chair until I noticed there is an excellent starting guide on the zlib site: http://www.zlib.net/zlib_how.html So essentially an in-memory compressor is extremely simple: - Start with deflateInit to get some in memory data structures working (pseudo object based library...) - The datastructure has pointers to an input buffer and an output buffer plus separate counters of bytes remaining in each - Call deflate (or inflate) as many times as you need. The library will return result codes so you know whether you run out of input or output space. - Alter/flush your buffers as appropriate and keep calling deflate until you are done - Obviously at some point you have fed in all your input and no more is waiting, so you need to flush down the compressor to get any remaining bytes out of it. Call deflate with the flush param (hopefully it's clear that you can feed a load of bytes into a compressor and get absolutely nothing out of the other end, basically if the algorithm has a good prediction going - the flush just says to clear down and assume no more to come for the time being - flush as little as you can though) - Finally at some point we need to close the stream, so call deflateEnd to achieve this Does this help? It would appear that the whole DEFLATE RFC is really designed just to turn on a wholesale compressed tunnel of data once you see the correct incantation, so this would appear to belong somewhere in the output layer near wherever dovecot writes to it's socket? Thanks for listening Ed W
Re: [Dovecot] Problem with dict-quota, deliver killed by delivery attempt
On Tue, 2009-09-29 at 16:50 +0200, Jacek Osiecki wrote: > I can't get quota lda plugin working... > When I enable quota plugin, the emails (delivered by exim + dovecot-lda) are > instantly rejected: Yeah, there is a bug in 1.2.5 if you're using non-Maildir++ quota. This patch fixes it: http://hg.dovecot.org/dovecot-1.2/rev/3132464fbe9c > 2009-09-29 16:36:12 1MsdoI-aJ-2L ** ja...@my-domain.pl R=mysql_localuser > T=dovecot_delivery: Child process of dovecot_delivery transport (running > command "/usr/lib64/dovecot/deliver -d $local_p...@$domain -f > $sender_address -a $original_local_p...@$original_domain") was terminated by > signal 9 (Killed) Although I would have expected signal 11, not 9. signature.asc Description: This is a digitally signed message part
[Dovecot] Problem with dict-quota, deliver killed by delivery attempt
Hi, I can't get quota lda plugin working... When I enable quota plugin, the emails (delivered by exim + dovecot-lda) are instantly rejected: 2009-09-29 16:36:12 1MsdoI-aJ-2L ** ja...@my-domain.pl R=mysql_localuser T=dovecot_delivery: Child process of dovecot_delivery transport (running command "/usr/lib64/dovecot/deliver -d $local_p...@$domain -f $sender_address -a $original_local_p...@$original_domain") was terminated by signal 9 (Killed) I have checked, that neither restart of dovecot nor delivery attempt tries to read the quotadict file (/etc/dovecot/dovecot-dict-quota.conf) - the atime is unchanged. I even tried to strace deliver: strace deliver -d ja...@my-server.pl -f jos...@another-server.pl -a ja...@my-server.pl [...] and it dies like this: munmap(0x7f99011d7000, 4096)= 0 stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=2679, ...}) = 0 stat("/var/mail/sieve/my-server.pl/ja...@my-server.pl.sieve", 0x79c66dd61140) = -1 ENOENT (No such file or directory) stat("/var/mail/mail/my-server.pl/jacek", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/var/mail/mail/my-server.pl/jacek/tmp", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/var/mail/mail/my-server.pl/jacek", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/var/mail/mail/my-server.pl/jacek/dovecot-shared", 0x79c66dd61080) = -1 ENOENT (No such file or directory) stat("/var/mail/mail/my-server.pl/jacek", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/var/mail/mail/my-server.pl/jacek", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 time(NULL) = 1254235039 mmap(NULL, 200704, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f990119c000 access("/var/mail/mail/my-server.pl/jacek/cur", W_OK) = 0 open("/var/mail/mail/my-server.pl/jacek/dovecot.index.log", O_RDWR) = 8 fstat(8, {st_mode=S_IFREG|0600, st_size=420, ...}) = 0 pread(8, "\1\2(\0<\23\302J\2\0\0\0\1\0\0\0\0\0\0\0<\23\302J\0\0\0\0\0\0\0\0"..., 40, 0) = 40 stat("/var/mail/mail/my-server.pl/jacek/dovecot.index.log.2", 0x79c66dd61130) = -1 ENOENT (No such file or directory) open("/var/mail/mail/my-server.pl/jacek/dovecot.index", O_RDWR) = -1 ENOENT (No such file or directory) stat("/var/mail/mail/my-server.pl/jacek/dovecot.index.log", {st_mode=S_IFREG|0600, st_size=420, ...}) = 0 fstat(8, {st_mode=S_IFREG|0600, st_size=420, ...}) = 0 pread(8, "\200\200\200\...@\0\0\20\377\377\377\377\0\0\0\0$\0\0\0\0\0\0\0\1\0\7\0mail"..., 1024, 40) = 380 pread(8, "", 1024, 420) = 0 brk(0x731000) = 0x731000 fstat(0, {st_mode=S_IFREG|0644, st_size=4, ...}) = 0 +++ killed by SIGKILL +++ I have completely no idea what is wrong - could anybody help? Here is my dovecot -n output: # 1.2.5: /etc/dovecot/dovecot.conf Warning: fd limit 1024 is lower than what Dovecot can use under full load (more than 1408). Either grow the limit or change login_max_processes_count and max_mail_processes settings # OS: Linux 2.6.30.5-grsec x86_64 ext3 base_dir: /var/run/dovecot/ log_path: /var/log/dovecot.log info_log_path: /var/log/dovecot.info.log protocols: pop3 pop3s imap imaps managesieve listen(default): 127.0.0.1:143 listen(imap): 127.0.0.1:143 listen(pop3): *:110 listen(managesieve): 127.0.0.1:2000 ssl_listen: * ssl_cert_file: /etc/ssl/server.crt ssl_key_file: /etc/ssl/server.key disable_plaintext_auth: no login_dir: /var/run/dovecot//login login_executable(default): /usr/lib64/dovecot/imap-login login_executable(imap): /usr/lib64/dovecot/imap-login login_executable(pop3): /usr/lib64/dovecot/pop3-login login_executable(managesieve): /usr/lib64/dovecot/managesieve-login max_mail_processes: 1024 first_valid_uid: 79 last_valid_uid: 79 first_valid_gid: 79 last_valid_gid: 79 mail_location: maildir:/var/mail/mail/%d/%u maildir_copy_with_hardlinks: no mbox_lazy_writes: no mail_executable(default): /usr/lib64/dovecot/imap mail_executable(imap): /usr/lib64/dovecot/imap mail_executable(pop3): /usr/lib64/dovecot/pop3 mail_executable(managesieve): /usr/lib64/dovecot/managesieve mail_plugins(default): autocreate quota imap_quota mail_plugins(imap): autocreate quota imap_quota mail_plugins(pop3): quota mail_plugins(managesieve): mail_plugin_dir(default): /usr/lib64/dovecot/plugins/imap mail_plugin_dir(imap): /usr/lib64/dovecot/plugins/imap mail_plugin_dir(pop3): /usr/lib64/dovecot/plugins/pop3 mail_plugin_dir(managesieve): /usr/lib64/dovecot/managesieve imap_client_workarounds(default): outlook-idle imap_client_workarounds(imap): outlook-idle imap_client_workarounds(pop3): imap_client_workarounds(managesieve): pop3_uidl_format(default): %08Xu%08Xv pop3_uidl_format(imap): %08Xu%08Xv pop3_uidl_format(pop3): %v.%u pop3_uidl_format(managesieve): %08Xu%08Xv lda: postmaster_address: postmas...@my-server.pl hostname: my-server.pl mail_plugins: sieve quota mail_plugin_dir: /usr/lib64/dovecot/plugins/lda sendmail_path: /usr/lib/sendmail auth_socket_path: /var/run/dovecot/auth-master auth d
Re: [Dovecot] Managesieve and Proxy
Hi Oliver, is it possible to use the dovecot proxy feature for the mangaesieve server also ? Yes, it works.
Re: [Dovecot] Curious Dovecot strangeness
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Timo Sirainen wrote: > On Mon, 2009-09-28 at 14:31 +0100, S. A. Woltering wrote: >> The problems we see are sporadic thunderbird error messages of the kind >> "cannot save message to Sent folder" and for some users with large-ish >> numbers of mail folders one or two of their folders are appearing empty. > > Hmm. So .. Do you see anything different in log files around that time? > For example: > > imap-login: Info: Maximum number of connections from user+IP exceeded > (mail_max_userip_connections): user=, method=PLAIN, rip=127.0.0.1, > lip=127.0.0.1, secured > > or: > > dovecot: Error: Maximum number of mail processes exceeded (see > max_mail_processes setting) > > or anything else with "Error:" or "Fatal:" prefix? > >> log_path: /var/adm/dovecot.log >> info_log_path: /var/adm/dovecot.log > > I'd put these to different files. It's then easy to see if there have > been any errors, because only errors will be written to log_path. Good call. I'll try this and get back to you as soon as I see any results. Thanks, SAW - -- Steven-Ashley Woltering, MBCS, Systems Analyst, ECMWF, Shinfield Park, Reading, RG2 9AX, UK Tel.: +44 1189 499473 (internal x2473) Email: steven.wolter...@ecmwf.int -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.4-svn0 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iD8DBQFKwfE3h854NVK99FMRAoh6AJ9QSqQeZF+fn5tsu5zaKsU3dqA+AACfVZ0b Ez10oW7mawgmFjAVvyk61io= =hFUb -END PGP SIGNATURE-
Re: [Dovecot] compressed IMAP traffic
On Sep 29, 2009, at 6:57 AM, Timo Sirainen wrote: So I guess if client is using SSLv23_client_method() instead of SSLv3_client_method() or TLSv1_client_method() it doesn't work. Also Thunderbird uses Network Security Services library instead of OpenSSL, so it might not support compression at all. Wonder if attached patch would enable compression on any client? It's probably not really the right way to do it, because it breaks at least openssl s_client unless -tls1 or -ssl3 or -no_ssl2 is given. Looks like UW-IMAP uses SSLv23_server_method() on imaps/pop3s port, while TLSv1_server_method() is used for STARTTLS. I think I'll do the same in Dovecot v2.0 in an case. diff Description: Binary data
Re: [Dovecot] compressed IMAP traffic
On Sep 29, 2009, at 6:33 AM, Leonardo Rodrigues wrote: with ssl3 and tls1 i can connect and see the zlib compression being enabled. Interesting. - openssl s_client -ssl2 fails, because SSLv2 is disabled - openssl s_client doesn't enable compression - openssl s_client -tls1 or -ssl3 enables compression So I guess if client is using SSLv23_client_method() instead of SSLv3_client_method() or TLSv1_client_method() it doesn't work. Also Thunderbird uses Network Security Services library instead of OpenSSL, so it might not support compression at all.
Re: [Dovecot] compressed IMAP traffic
well . here for me, with 'openssl s_client', i cant even connect when using -ssl2: [r...@correio ~]# openssl s_client -connect localhost:993 -ssl2 [ ... ] 27110:error:1406D0B8:SSL routines:GET_SERVER_HELLO:no cipher list:s2_clnt.c:450: [r...@correio ~]# but that's probably because i have on dovecot.conf: ssl_cipher_list = ALL:!LOW:!SSLv2 with ssl3 and tls1 i can connect and see the zlib compression being enabled. SSL-Session: Protocol : SSLv3 Cipher: DHE-RSA-AES256-SHA [ . ] Compression: 1 (zlib compression) SSL-Session: Protocol : TLSv1 Cipher: DHE-RSA-AES256-SHA [ . ] Compression: 1 (zlib compression) Thunderbird has the options to enable/disable each cipher of ssl2/ssl3/tls1 as well as disable them completly too. Here in my Thunderbird 2.0.0.23, SSLv2 is disabled, and this is certainly the default configs, as i never tweaked this. http://img43.imageshack.us/img43/7937/thunderbirdssl2.jpg logging from dovecot shows clearly that i'm using TLSv1 to connect ... it also shows that TLSv1 connections from thunderbird do not use compression, and connections from gnutls-cli correctly enables that thunderbird 2.0.0.23 Sep 29 07:12:02 correio dovecot: imap-login: Login: user=, method=PLAIN, rip=189.114.xx.xx, lip=200.140.xx.xx, TLS, TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits) gnutls-cli Sep 28 18:36:54 correio dovecot: imap-login: Login: user=, method=PLAIN, rip=189.11.xx.xx, lip=200.140.xx.xx, TLS, TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits) zlib compression wireshack confirms i'm using TLSv1 and also shows Thunderbird is announcing no compression is supported. http://img33.imageshack.us/img33/9011/wiresharktlsv1.jpg so . despite the known fact that SSLv2 cant be used if compression is wanted, using SSLv3 and TLSv1 apparently does not automatically guarantees that . Patrick Domack escreveu: More testing, seems all my imap clients attempt to use ssl2 first, and from the openssl mailing list: Oops, should've made this clearer. It is only clients than need to avoid the old SSLv2 compatible methods and only use SSLv3/TLSv1. Nothing needs to be done to a server. http://www.mail-archive.com/openssl-us...@openssl.org/msg49926.html This is confirmed using openssl s_client -connect host:993 (-ssl3|-tls1|-ssl2) I don't see any way around this globally, unless each program has a config option to disable ssl2. -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
[Dovecot] Error (IMHO) with --with-doc option
Hi, I was trying to create complete rpm package for my system, containing dovecot 1.2.5 intregrated with dovecot-sieve and dovecot-managesieve. Finally I succeeded and it works great, but I found something that might be treated as wrong behaviour... When you run ./configure --with-docs=no, Makefile does not build docs anymore, but... installs them anyway :) It caused some troubles because rpmbuild complained about documents moved to /usr/share/doc/dovecot I have created a small patch that fixes this - hope it doesn't introduce any mess: diff -Nur 2/Makefile.in 1/Makefile.in --- 2/Makefile.in 2009-09-29 00:17:22.0 +0200 +++ 1/Makefile.in 2009-09-29 00:17:38.0 +0200 @@ -75,7 +75,7 @@ distclean-recursive maintainer-clean-recursive ETAGS = etags CTAGS = ctags -DIST_SUBDIRS = src doc +DIST_SUBDIRS = $(SUBDIRS) DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) distdir = $(PACKAGE)-$(VERSION) top_distdir = $(distdir) Best regards, -- Jacek Osiecki jos...@ceti.pl GG:3828944 I don't want something I need. I want something I want.
Re: [Dovecot] ManageSieve patch for 1.2.5?
On Tue, 22 Sep 2009, Edgar Fuß wrote: http://dovecot.org/releases/1.2/dovecot-1.2.5.tar.gz Does the ManageSieve patch for 1.2.4 work with 1.2.5? Works for me - although I have reedited it to match perfectly to the sources (but it doesn't make any actual difference). Best regards, -- Jacek Osiecki jos...@ceti.pl GG:3828944 I don't want something I need. I want something I want.