Re: [Dovecot] Mailbox locking problem with iphone and POP3
On Oct 2, 2009, at 9:30 PM, Mark Hedges wrote: Maybe Apple can fix the problem with the iphone client? Hrmm, I have no idea how to report it. Do you know what exactly the "disconnects uncleanly" means? Can you get some tcpdump logs? Either one of these should be fine: a) Send POP3 "QUIT" message packet, drop connection. b) Send TCP disconnect packet (whatever it's called), drop connection. In both cases Dovecot knows that the connection is going away and can unlock the mailbox. But if iPhone simply drops the connection without sending anything, that's a bug..
Re: [Dovecot] Mailbox locking problem with iphone and POP3
On Fri, 2 Oct 2009, Timo Sirainen wrote: > Are you using mbox or maildir? With mbox I guess this is > more or less expected. The solutions I can think of: mbox > a) Switch to maildir. Nope our webmail depends on mbox. > b) Shrink pop3 idle timeout from 10 minutes to one minute > or so. CLIENT_IDLE_TIMEOUT_MSECS in src/pop3/client.c Ergh... maybe i will try this... > c) Implement some kind of unlocking feature so Dovecot > unlocks mbox file after client has been idling for a few > seconds. Seems to me like that would be too much trouble > to be worth it. Maybe Apple can fix the problem with the iphone client? Hrmm, I have no idea how to report it. Mark
Re: [Dovecot] Dovecot LDAP Auth & Usernames with dashes
On Fri, 2009-10-02 at 21:20 +0100, Chris Jones wrote: > We're seeing an issue with LDAP auth when the username contains a - > char. > > We're using 1.0.15 as packaged for Debian Lenny > > Oct 2 12:29:02 silver dovecot: auth(default): LDAP: binding failed > (dn (none)): Protocol error Either your LDAP server doesn't like it, or Dovecot should be escaping '-' characters. What does it log with auth_debug=yes? What LDAP server do you use? If you can compile sources, you could also try adding '-' to IS_LDAP_ESCAPED_CHAR() in src/auth/db-ldap.c signature.asc Description: This is a digitally signed message part
Re: [Dovecot] Mailbox locking problem with iphone and POP3
On Wed, 2009-09-30 at 18:08 -0700, Mark Hedges wrote: > This is an old thread, but I'm having the same problem. > > pop3_lock_session=no > > The iphone checks mail, and disconnects uncleanly. Then > there is a delivery attempt. I have procmail logging on, > and procmail sits there trying to lock the spool file until > the timeout is reached and it overrides the lock. Are you using mbox or maildir? With mbox I guess this is more or less expected. The solutions I can think of: a) Switch to maildir. b) Shrink pop3 idle timeout from 10 minutes to one minute or so. CLIENT_IDLE_TIMEOUT_MSECS in src/pop3/client.c c) Implement some kind of unlocking feature so Dovecot unlocks mbox file after client has been idling for a few seconds. Seems to me like that would be too much trouble to be worth it. signature.asc Description: This is a digitally signed message part
Re: [Dovecot] Mailbox locking problem with iphone and POP3
On Wed, 30 Sep 2009, Mark Hedges wrote: > > The iphone checks mail, and disconnects uncleanly. Then > there is a delivery attempt. I have procmail logging on, > and procmail sits there trying to lock the spool file until > the timeout is reached and it overrides the lock. > > This causes the error "timeout waiting for input from local > during Draining Input" in sendmail, which is a generic error > that means the delivery process or subprocess generated > warning output on stderr. > > (Incidentally does anyone know how to get access to > procmail's stderr output?) > > I've tried a number of different lock combinations. Nothing > seems to help. Mail eventually gets delivered, though, so > it's not a huge deal at the moment. I don't know how it > behaves when the iphone tries to connect again while the box > is still locked. Hi Bill - did you find a solution for this problem? Any idea how we can test this? Or maybe it's not actually a problem, since eventually the locks time out and the mail gets delivered? Mark
[Dovecot] Dovecot LDAP Auth & Usernames with dashes
Hi All, We're seeing an issue with LDAP auth when the username contains a - char. We're using 1.0.15 as packaged for Debian Lenny Oct 2 12:29:02 silver dovecot: auth(default): LDAP: binding failed (dn (none)): Protocol error Oct 2 12:29:03 silver dovecot: imap-login: Aborted login (1 authentication attempts): user=, method=PLAIN, rip=:::127.0.0.1, lip=:::127.0.0.1, secured Setup works perfectly for the other 200 users, none of whom have a - in the username. Any suggestions? -- Chris Jones, SUCS Admin http://sucs.org Dovecot Conf dovecot -n # 1.0.15: /etc/dovecot/dovecot.conf log_timestamp: %Y-%m-%d %H:%M:%S protocols: imap imaps pop3 pop3s listen: [::] ssl_cert_file: /usr/local/sucs-pki/certs/sucs+subCA.crt ssl_key_file: /usr/local/sucs-pki/private/sucs.key disable_plaintext_auth: no login_dir: /var/run/dovecot/login login_executable(default): /usr/lib/dovecot/imap-login login_executable(imap): /usr/lib/dovecot/imap-login login_executable(pop3): /usr/lib/dovecot/pop3-login mail_privileged_group: mail mail_executable(default): /usr/lib/dovecot/imap mail_executable(imap): /usr/lib/dovecot/imap mail_executable(pop3): /usr/lib/dovecot/pop3 mail_plugin_dir(default): /usr/lib/dovecot/modules/imap mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3 pop3_uidl_format(default): pop3_uidl_format(imap): pop3_uidl_format(pop3): %08Xu%08Xv auth default: passdb: driver: pam args: dovecot passdb: driver: ldap args: /etc/dovecot/dovecot-ldap.conf userdb: driver: passwd From /etc/dovecot/dovecot-ldap.conf hosts = localhost auth_bind = yes base = ou=People,dc=sucs,dc=org user_filter = (&(objectClass=posixAccount)(uid=%u))
[Dovecot] OpenBSD and Dovecot (mysql support)
Hello All, I am having difficulties in running dovecot with mysql accounts. The db worked but the config file is hardly something I could do to work properly as it should be, it does even not run saying various errors found in dovecot.conf Has anyone already built dovecot server to run with with a mysql base ? Could it be so that one sends me a conf file that shall work to help me ? Thanks. Jean-François
[Dovecot] sievec fails when last line is a comment without trailing \n
Hi, when switching from Dovecot 1.1 + cmusieve to Dovecot 1.2 + sieve I stumbled upon the following problem: My sieve files, generated with Dovecot 1.1's managesieve, did not compile anymore with sieve's sievec. The error message was: error: end of file before end of hash comment. Looking a bit closer I found that the last line, which was a comment, did not have a trailing newline. Adding a newline fixed the problem. I do not know if Dovecot 1.2's managesieve behaves differently, but the upgrade from cmusieve to sieve In the spirit of "be generous in what you accept but strict in what you send", is it possible for sievec to not throw an error in this case, but simply compile the file. This might help other updates from cmusieve -> sieve as well. Thanks in advance. Peter -- Peter Marschall pe...@adpm.de
Re: [Dovecot] IMAP proxying for ALL users to internal mail server
On Oct 2, 2009, at 11:11 AM, Eric Jon Rostetter wrote: Quoting Timo Sirainen : So if you really want Dovecot to be there, you need to use either SQL (e.g. SQLite) or checkpassword passdb. Others can't just accept all users without explicitly listing all of them. With SQL you could do something like: Why not ldap authentication off the MS AD? I guess that'd work too if proxy has access to AD.
Re: [Dovecot] IMAP proxying for ALL users to internal mail server
Quoting Timo Sirainen : So if you really want Dovecot to be there, you need to use either SQL (e.g. SQLite) or checkpassword passdb. Others can't just accept all users without explicitly listing all of them. With SQL you could do something like: Why not ldap authentication off the MS AD? -- Eric Rostetter The Department of Physics The University of Texas at Austin This message is provided "AS IS" without warranty of any kind, either expressed or implied. Use this message at your own risk.
Re: [Dovecot] Problem with local pine after upgrade to 1.2.5
Hello Pascal, Thanx for the very fast answer, patch works well. Back again in pine :-) Thnx. Ciao, Gerhard -- http://www.wiesinger.com/ On Fri, 2 Oct 2009, Pascal Volk wrote: On 10/02/2009 04:18 PM Gerhard Wiesinger wrote: Hello, I upgraded from dovecot 1.1.17 to 1.2.5. Works well so far with e.g. Thunderbird and SSL. One problem left: pine doesn't work any more with rsh: cat .pinerc (filtered): rsh-path= rsh-command=/usr/sbin/dovecot --exec-mail imap Starting pine: 1.) Opening INBOX 2.) [>SECURITY PROBLEM: insecure server advertised AUTH=PLAIN<] 3.) Afterwards I'm asked for a password: HOST: localhost (INSECURE) ENTER LOGIN NAME [user] : 3.) cancel: [IMAP protocol error: Authentication aborted by client.] Config: no changes at all. Any ideas why this is broken? Have you applied this patch? http://hg.dovecot.org/dovecot-1.2/rev/0f04c7da33f1 Regards, Pascal -- The trapper recommends today: 5e1f1e55.0927...@localdomain.org
Re: [Dovecot] Problem with local pine after upgrade to 1.2.5
On 10/02/2009 04:18 PM Gerhard Wiesinger wrote: > Hello, > > I upgraded from dovecot 1.1.17 to 1.2.5. Works well so far with e.g. > Thunderbird and SSL. > > One problem left: pine doesn't work any more with rsh: > cat .pinerc (filtered): > rsh-path= > rsh-command=/usr/sbin/dovecot --exec-mail imap > > Starting pine: > 1.) Opening INBOX > 2.) [>SECURITY PROBLEM: insecure server advertised AUTH=PLAIN<] > 3.) Afterwards I'm asked for a password: HOST: localhost (INSECURE) > ENTER LOGIN NAME [user] : > 3.) cancel: [IMAP protocol error: Authentication aborted by client.] > > Config: no changes at all. > > Any ideas why this is broken? > Have you applied this patch? http://hg.dovecot.org/dovecot-1.2/rev/0f04c7da33f1 Regards, Pascal -- The trapper recommends today: 5e1f1e55.0927...@localdomain.org
[Dovecot] Problem with local pine after upgrade to 1.2.5
Hello, I upgraded from dovecot 1.1.17 to 1.2.5. Works well so far with e.g. Thunderbird and SSL. One problem left: pine doesn't work any more with rsh: cat .pinerc (filtered): rsh-path= rsh-command=/usr/sbin/dovecot --exec-mail imap Starting pine: 1.) Opening INBOX 2.) [>SECURITY PROBLEM: insecure server advertised AUTH=PLAIN<] 3.) Afterwards I'm asked for a password: HOST: localhost (INSECURE) ENTER LOGIN NAME [user] : 3.) cancel: [IMAP protocol error: Authentication aborted by client.] Config: no changes at all. Any ideas why this is broken? Thnx. Ciao, Gerhard
Re: [Dovecot] Folder Management Dovecot >1.2
Confirmed, that's it! Thanks for the incredibly quick help! Am Freitag, den 02.10.2009, 09:24 -0400 schrieb Timo Sirainen: > On Oct 2, 2009, at 9:04 AM, Carlos Candeias wrote: > > > Oct 02 14:58:19 IMAP(jcci): Error: > > fchown(/candeias/home/jcci/.mail/Maildir/subscriptions.lock, -1, > > 0(root)) failed: Operation not permitted (egid=1003(management), group > > based on /candeias/home/jcci/.mail/Maildir) > > The Maildir permissions are wrong. Either it shouldn't be owned by > group root (but by management), or its mode should be 0700. >
Re: [Dovecot] Dovecot And ThunderBird
On Oct 2, 2009, at 9:08 AM, Михаил Захаренко wrote: Hello All! i`m using Dovecot 1.2.4 and Thunderbird 2.0.0.23 (Ubuntu) Trouble with shared folder and marks. For example: 1. first user set flag "important", other users can see it - all ok. 2. first user unset flag "important", other users see it yet, it`s don`t change. But with asterisk (\Flagged) all OK. Please help find - who are wrong? ThunderBird or dovecot? Most likely Thunderbird. But you could verify that by looking at the IMAP traffic, either in Thunderbird http://wiki.dovecot.org/Debugging/Thunderbird or with Dovecot's rawlog http://wiki.dovecot.org/Debugging/Rawlog
Re: [Dovecot] Folder Management Dovecot >1.2
On Oct 2, 2009, at 9:04 AM, Carlos Candeias wrote: Oct 02 14:58:19 IMAP(jcci): Error: fchown(/candeias/home/jcci/.mail/Maildir/subscriptions.lock, -1, 0(root)) failed: Operation not permitted (egid=1003(management), group based on /candeias/home/jcci/.mail/Maildir) The Maildir permissions are wrong. Either it shouldn't be owned by group root (but by management), or its mode should be 0700.
Re: [Dovecot] Problem with LSUB and public namespace
On Oct 2, 2009, at 9:13 AM, Julien Danjou wrote:
At 1254487668 time_t, Timo Sirainen wrote:
On Oct 2, 2009, at 8:44 AM, Julien Danjou wrote:
. LSUB "" "%"
* LSUB () "." "INBOX"
. OK Lsub completed.
LSUB does not return "public" as namespace :-(
LSUB returns only subscribed mailboxes. Is anything subscribed under
public? dovecot -n output could also be useful.
You may have missed it, but in my telnet example I did:
. subscribe public.Admin
. OK Subscribe completed.
OK, I'll get that bug fixed. Anyway, you could already solve it by
doing something like:
namespace private {
prefix =
list = no
}
i.e. get an empty namespace first where all subscriptions go, then set
subscriptions=no to all other namespaces.
Re: [Dovecot] Problem with LSUB and public namespace
At 1254487668 time_t, Timo Sirainen wrote: > On Oct 2, 2009, at 8:44 AM, Julien Danjou wrote: > > >. LSUB "" "%" > >* LSUB () "." "INBOX" > >. OK Lsub completed. > > > >LSUB does not return "public" as namespace :-( > > LSUB returns only subscribed mailboxes. Is anything subscribed under > public? dovecot -n output could also be useful. You may have missed it, but in my telnet example I did: . subscribe public.Admin . OK Subscribe completed. But anyway, I've a bunch of public.* subscribed, yes, I do confirm. dovecot -n follows: # 1.2.5: /etc/dovecot/dovecot.conf # OS: Linux 2.6.26-2-686 i686 Debian 5.0.2 log_timestamp: %Y-%m-%d %H:%M:%S protocols: imaps ssl_cert_file: /etc/dovecot/imapd.pem ssl_key_file: /etc/dovecot/imapd.pem login_dir: /var/run/dovecot/login login_executable: /usr/lib/dovecot/imap-login mail_privileged_group: mail mbox_write_locks: fcntl dotlock namespace: type: private separator: . prefix: INBOX. inbox: yes list: yes subscriptions: yes namespace: type: public separator: . prefix: public. location: maildir:/home/Maildir-shared:CONTROL=~/Maildir/public:INDEX=~/Maildir/public list: yes subscriptions: yes auth default: passdb: driver: ldap args: /etc/dovecot/dovecot-ldap.conf userdb: driver: ldap args: /etc/dovecot/dovecot-ldap.conf socket: type: listen master: path: /var/run/dovecot/auth-master mode: 432 group: 1001 -- Julien Danjou // ᐰhttp://julien.danjou.info // 9A0D 5FD9 EB42 22F6 8974 C95C A462 B51E C2FE E5CD // Tomorrow I was nothing, yesterday I'll be. signature.asc Description: Digital signature
Re: [Dovecot] Folder Management Dovecot >1.2
Thanks for the super quick reply! Dovecot -n: # 1.2.25: /etc/dovecot/dovecot.conf # OS: Linux 2.6.30-ARCH x86_64 log_path: /var/log/dovecot info_log_path: /var/log/dovecot.info protocols: imap disable_plaintext_auth: no login_dir: /var/run/dovecot/login login_executable: /usr/lib/dovecot/imap-login first_valid_uid: 999 last_valid_uid: last_valid_gid: mail_location: maildir:~/.mail/Maildir mail_full_filesystem_access: yes mmap_disable: yes mail_nfs_storage: yes mail_nfs_index: yes lock_method: dotlock maildir_copy_preserve_filename: yes auth default: passdb: driver: pam userdb: driver: passwd Am Freitag, den 02.10.2009, 21:04 +0800 schrieb Carlos Candeias: > Regardless of the mail client no user can modify, move, delete or > subscribe an imap folder with Dovecot >1.2.1 (meanwhile 1.2.5). Dovecot > apparently have some dotlock problems: > (From dovecot.log) > Oct 02 14:58:19 IMAP(jcci): Error: > fchown(/candeias/home/jcci/.mail/Maildir/subscriptions.lock, -1, > 0(root)) failed: Operation not permitted (egid=1003(management), group > based on /candeias/home/jcci/.mail/Maildir) > Oct 02 14:58:19 IMAP(jcci): Error: file_dotlock_open() failed with > subscription file /candeias/home/jcci/.mail/Maildir/subscriptions: > Operation not permitted > Oct 02 14:58:20 IMAP(jcci): Error: > fchown(/candeias/home/jcci/.mail/Maildir/subscriptions.lock, -1, > 0(root)) failed: Operation not permitted (egid=1003(management), group > based on /candeias/home/jcci/.mail/Maildir) > Oct 02 14:58:20 IMAP(jcci): Error: file_dotlock_open() failed with > subscription file /candeias/home/jcci/.mail/Maildir/subscriptions: > Operation not permitted > Oct 02 14:58:20 IMAP(jcci): Error: > fchown(/candeias/home/jcci/.mail/Maildir/subscriptions.lock, -1, > 0(root)) failed: Operation not permitted (egid=1003(management), group > based on /candeias/home/jcci/.mail/Maildir) > Oct 02 14:58:20 IMAP(jcci): Error: file_dotlock_open() failed with > subscription file /candeias/home/jcci/.mail/Maildir/subscriptions: > Operation not permitted > Oct 02 14:58:21 IMAP(jcci): Error: > fchown(/candeias/home/jcci/.mail/Maildir/subscriptions.lock, -1, > 0(root)) failed: Operation not permitted (egid=1003(management), group > based on /candeias/home/jcci/.mail/Maildir) > Oct 02 14:58:21 IMAP(jcci): Error: file_dotlock_open() failed with > subscription file /candeias/home/jcci/.mail/Maildir/subscriptions: > Operation not permitted > Oct 02 14:58:21 IMAP(jcci): Error: > fchown(/candeias/home/jcci/.mail/Maildir/subscriptions.lock, -1, > 0(root)) failed: Operation not permitted (egid=1003(management), group > based on /candeias/home/jcci/.mail/Maildir) > Oct 02 14:58:21 IMAP(jcci): Error: file_dotlock_open() failed with > subscription file /candeias/home/jcci/.mail/Maildir/subscriptions: > Operation not permitted > > This was an attemt of changing a subscription. > Another weird point: I can create an IMAP folder although it does not > show up in the folder list. But the new folder is in the subscription > list, just marked as unsubscribed and there is no way to change that. > This problem is safely reproducible and I wonder whether I should be > really the only person having this trouble. > I'm using MAILDIR and simple plain test authentification (internal mail > server). > The location is mail_location: maildir:~/.mail/Maildir which means a > subfolder in each user's home directory. > All homes are exported to NFS, but the Dovecot is just on the same > server and thus accesses locally. > Downgrade to version 1.1.17 solves all problems. > Archlinux x86_64, Linux 2.6.30 > It would be really great if somebody could understand the cause and > suggest a solution!
[Dovecot] Dovecot And ThunderBird
Hello All! i`m using Dovecot 1.2.4 and Thunderbird 2.0.0.23 (Ubuntu) Trouble with shared folder and marks. For example: 1. first user set flag "important", other users can see it - all ok. 2. first user unset flag "important", other users see it yet, it`s don`t change. But with asterisk (\Flagged) all OK. Please help find - who are wrong? ThunderBird or dovecot? my conf: # 1.2.4: /etc/dovecot/dovecot.conf # OS: Linux 2.6.28-hardened-r9 i686 Gentoo Base System release 1.12.11.1 reiserfs log_path: /var/log/dovecot_err.log info_log_path: /var/log/dovecot_info.log protocols: imap pop3 imaps pop3s managesieve ssl_cert_file: /etc/dovecot/ssl/mail.proton-sss.ru.pem ssl_key_file: /etc/dovecot/ssl/mail.proton-sss.ru.key disable_plaintext_auth: no login_dir: /var/run/dovecot/login login_executable(default): /usr/libexec/dovecot/imap-login login_executable(imap): /usr/libexec/dovecot/imap-login login_executable(pop3): /usr/libexec/dovecot/pop3-login login_executable(managesieve): /usr/libexec/dovecot/managesieve-login mail_location: maildir:/home/%u/.maildir mail_executable(default): /usr/libexec/dovecot/imap mail_executable(imap): /usr/libexec/dovecot/imap mail_executable(pop3): /usr/libexec/dovecot/pop3 mail_executable(managesieve): /usr/libexec/dovecot/managesieve mail_plugins(default): acl imap_acl mail_plugins(imap): acl imap_acl mail_plugins(pop3): mail_plugins(managesieve): mail_plugin_dir(default): /usr/lib/dovecot/imap mail_plugin_dir(imap): /usr/lib/dovecot/imap mail_plugin_dir(pop3): /usr/lib/dovecot/pop3 mail_plugin_dir(managesieve): /usr/lib/dovecot/managesieve namespace: type: private separator: / inbox: yes list: yes subscriptions: yes namespace: type: shared separator: / prefix: shared/%%u/ location: maildir:%%h/.maildir/:INDEX=%h/.maildir/shared/%%u list: children lda: postmaster_address: postmas...@example.com mail_plugins: acl mail_plugin_dir: /usr/lib/dovecot/lda auth default: passdb: driver: ldap args: /etc/dovecot/dovecot-ldap.conf userdb: driver: ldap args: /etc/dovecot/dovecot-ldap.conf socket: type: listen client: path: /var/run/dovecot/auth-client mode: 432 group: mail master: path: /var/run/dovecot/auth-master mode: 432 user: mail group: users plugin: acl: vfile acl_shared_dict: file:/var/lib/dovecot/shared-mailboxes sieve: ~/.dovecot.sieve sieve_dir: ~/sieve dict: expire: db:/var/lib/dovecot/expire.db file dovecot-shared in shared maildir presents, and flag \Seen are private. -- С уважением Системный администратор ООО НПП "СПЕЦСТРОЙ-СВЯЗЬ" Захаренко Михаил тел. +78634 311562 доб. 478
Re: [Dovecot] Folder Management Dovecot >1.2
On 10/2/2009, Carlos Candeias (car...@candeias.com) wrote: > Regardless of the mail client no user can modify, move, delete or > subscribe an imap folder with Dovecot >1.2.1 (meanwhile 1.2.5). Dovecot > apparently have some dotlock problems: Dovecot -n output might be instructive... -- Best regards, Charles
[Dovecot] Folder Management Dovecot >1.2
Regardless of the mail client no user can modify, move, delete or subscribe an imap folder with Dovecot >1.2.1 (meanwhile 1.2.5). Dovecot apparently have some dotlock problems: (From dovecot.log) Oct 02 14:58:19 IMAP(jcci): Error: fchown(/candeias/home/jcci/.mail/Maildir/subscriptions.lock, -1, 0(root)) failed: Operation not permitted (egid=1003(management), group based on /candeias/home/jcci/.mail/Maildir) Oct 02 14:58:19 IMAP(jcci): Error: file_dotlock_open() failed with subscription file /candeias/home/jcci/.mail/Maildir/subscriptions: Operation not permitted Oct 02 14:58:20 IMAP(jcci): Error: fchown(/candeias/home/jcci/.mail/Maildir/subscriptions.lock, -1, 0(root)) failed: Operation not permitted (egid=1003(management), group based on /candeias/home/jcci/.mail/Maildir) Oct 02 14:58:20 IMAP(jcci): Error: file_dotlock_open() failed with subscription file /candeias/home/jcci/.mail/Maildir/subscriptions: Operation not permitted Oct 02 14:58:20 IMAP(jcci): Error: fchown(/candeias/home/jcci/.mail/Maildir/subscriptions.lock, -1, 0(root)) failed: Operation not permitted (egid=1003(management), group based on /candeias/home/jcci/.mail/Maildir) Oct 02 14:58:20 IMAP(jcci): Error: file_dotlock_open() failed with subscription file /candeias/home/jcci/.mail/Maildir/subscriptions: Operation not permitted Oct 02 14:58:21 IMAP(jcci): Error: fchown(/candeias/home/jcci/.mail/Maildir/subscriptions.lock, -1, 0(root)) failed: Operation not permitted (egid=1003(management), group based on /candeias/home/jcci/.mail/Maildir) Oct 02 14:58:21 IMAP(jcci): Error: file_dotlock_open() failed with subscription file /candeias/home/jcci/.mail/Maildir/subscriptions: Operation not permitted Oct 02 14:58:21 IMAP(jcci): Error: fchown(/candeias/home/jcci/.mail/Maildir/subscriptions.lock, -1, 0(root)) failed: Operation not permitted (egid=1003(management), group based on /candeias/home/jcci/.mail/Maildir) Oct 02 14:58:21 IMAP(jcci): Error: file_dotlock_open() failed with subscription file /candeias/home/jcci/.mail/Maildir/subscriptions: Operation not permitted This was an attemt of changing a subscription. Another weird point: I can create an IMAP folder although it does not show up in the folder list. But the new folder is in the subscription list, just marked as unsubscribed and there is no way to change that. This problem is safely reproducible and I wonder whether I should be really the only person having this trouble. I'm using MAILDIR and simple plain test authentification (internal mail server). The location is mail_location: maildir:~/.mail/Maildir which means a subfolder in each user's home directory. All homes are exported to NFS, but the Dovecot is just on the same server and thus accesses locally. Downgrade to version 1.1.17 solves all problems. Archlinux x86_64, Linux 2.6.30 It would be really great if somebody could understand the cause and suggest a solution!
Re: [Dovecot] Timeout waiting for handshake from auth server
Timo Sirainen wrote: On Oct 2, 2009, at 7:14 AM, Frank Bonnet wrote: the machine is Debian etch 64 bits dovecot 1.2.5 has been compiled on the machine it run NIS client to a YPLDAPD server .. Oct 02 12:15:27 auth(default): Error: do_ypcall: clnt_call: RPC: Timed out Oct 02 12:15:33 pop3-login: Error: Timeout waiting for handshake from auth server. my pid=16755, input bytes=0 Oct 02 12:15:46 auth(default): Error: YPBINDPROC_DOMAIN: Domain not bound Oct 02 12:15:46 pop3-login: Error: Timeout waiting for handshake from auth server. my pid=16760, input bytes=0 Sounds like your YPLDAPD is responding too slowly. It might help if you add blocking=yes to userdb (and passdb?) args. You're using pam/passwd I guess? OK I'll try this , thank you very much
Re: [Dovecot] IMAP proxying for ALL users to internal mail server
On Oct 2, 2009, at 8:47 AM, Vitaliy Vladimirovich wrote: That still doesn't answer my question. It doesn't sound like you need IMAP proxying. It sounds like you just need TCP connection forwarding. Your true. TCP connection forwarding I can do fith PF, but I think IMAP proxying more secure. The only thing that could make it more secure is if you trust that Dovecot is more secure before login than Exchange is. Could be true of course. :) So if you really want Dovecot to be there, you need to use either SQL (e.g. SQLite) or checkpassword passdb. Others can't just accept all users without explicitly listing all of them. With SQL you could do something like: password_query = select '%u' as user, 'y' as nopasword, 'y' as proxy, '1.2.3.4' as host
Re: [Dovecot] IMAP proxying for ALL users to internal mail server
--- Original Message --- From: Timo Sirainen To: Vitaliy Vladimirovich Date: 2 october, 15:42:40 Subject: Re: [Dovecot] IMAP proxying for ALL users to internal mail server On Oct 2, 2009, at 8:39 AM, Vitaliy Vladimirovich wrote: >> How must I adjust Dovecot for proxying all users from the >> Internet to the internal Exchange Mail Server? > > To only a single Exchange server? Why would you need Dovecot proxy at > all there? Just use whatever dummy TCP proxy. > Yes, to only single. > I am trying to configure SMTP AUTH (Postfix+Dovecot SAS with > Active Directory users account) and IMAP proxying to Exchange. > So now my problem is in IMAP proxying. > SMTP auth separately works fine. That still doesn't answer my question. It doesn't sound like you need IMAP proxying. It sounds like you just need TCP connection forwarding. Your true. TCP connection forwarding I can do fith PF, but I think IMAP proxying more secure.
Re: [Dovecot] Problem with LSUB and public namespace
On Oct 2, 2009, at 8:44 AM, Julien Danjou wrote: . LSUB "" "%" * LSUB () "." "INBOX" . OK Lsub completed. LSUB does not return "public" as namespace :-( LSUB returns only subscribed mailboxes. Is anything subscribed under public? dovecot -n output could also be useful.
Re: [Dovecot] IMAP proxying for ALL users to internal mail server
On 10/2/2009, Vitaliy Vladimirovich (artem...@ukr.net) wrote: >> Is this even a supported configuration? I've never heard of anyone doing >> this. > Why not? From dovecot WIKI: > > The destination servers don't need to be running Dovecot, I stand corrected... I've never used the proxy feature, so had never read the wiki on it... Good to know though... thx... -- Best regards, Charles
[Dovecot] Problem with LSUB and public namespace
Hi,
I'd like to know if the following is normal. I've a setup with 2
namespace (private/public) where each user can use subscriptions.
This problem is triggered by claws-mail, which uses LSUB to get
subscribed mailboxes:
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
AUTH=PLAIN] Dovecot ready.
. login user password
. namespace
* NAMESPACE (("INBOX." ".")) NIL (("public." "."))
. OK Namespace completed.
. subscribe public.Admin
. OK Subscribe completed.
. LSUB "" "%"
* LSUB () "." "INBOX"
. OK Lsub completed.
LSUB does not return "public" as namespace :-(
Is this a bug in dovecot, a bug in Claws mail, or a misconfiguration of my
dovecot server?
I can provide more info if needed.
Cheers,
--
Julien Danjou
// ᐰhttp://julien.danjou.info
// 9A0D 5FD9 EB42 22F6 8974 C95C A462 B51E C2FE E5CD
// There is nothing under this line.
signature.asc
Description: Digital signature
Re: [Dovecot] IMAP proxying for ALL users to internal mail server
On Oct 2, 2009, at 8:39 AM, Vitaliy Vladimirovich wrote: How must I adjust Dovecot for proxying all users from the Internet to the internal Exchange Mail Server? To only a single Exchange server? Why would you need Dovecot proxy at all there? Just use whatever dummy TCP proxy. Yes, to only single. I am trying to configure SMTP AUTH (Postfix+Dovecot SAS with Active Directory users account) and IMAP proxying to Exchange. So now my problem is in IMAP proxying. SMTP auth separately works fine. That still doesn't answer my question. It doesn't sound like you need IMAP proxying. It sounds like you just need TCP connection forwarding.
Re: [Dovecot] IMAP proxying for ALL users to internal mail server
--- Original Message --- From: Timo Sirainen To: "Vitaliy Vladimirovich" Date: 2 october, 15:25:19 Subject: Re: [Dovecot] IMAP proxying for ALL users to internal mail server On Oct 2, 2009, at 8:14 AM, Vitaliy Vladimirovich wrote: > How must I adjust Dovecot for proxying all users from the > Internet to the internal Exchange Mail Server? To only a single Exchange server? Why would you need Dovecot proxy at all there? Just use whatever dummy TCP proxy. Yes, to only single. I am trying to configure SMTP AUTH (Postfix+Dovecot SAS with Active Directory users account) and IMAP proxying to Exchange. So now my problem is in IMAP proxying. SMTP auth separately works fine.
Re: [Dovecot] Timeout waiting for handshake from auth server
On Oct 2, 2009, at 7:14 AM, Frank Bonnet wrote: the machine is Debian etch 64 bits dovecot 1.2.5 has been compiled on the machine it run NIS client to a YPLDAPD server .. Oct 02 12:15:27 auth(default): Error: do_ypcall: clnt_call: RPC: Timed out Oct 02 12:15:33 pop3-login: Error: Timeout waiting for handshake from auth server. my pid=16755, input bytes=0 Oct 02 12:15:46 auth(default): Error: YPBINDPROC_DOMAIN: Domain not bound Oct 02 12:15:46 pop3-login: Error: Timeout waiting for handshake from auth server. my pid=16760, input bytes=0 Sounds like your YPLDAPD is responding too slowly. It might help if you add blocking=yes to userdb (and passdb?) args. You're using pam/ passwd I guess?
Re: [Dovecot] IMAP proxying for ALL users to internal mail server
On Oct 2, 2009, at 8:14 AM, Vitaliy Vladimirovich wrote: How must I adjust Dovecot for proxying all users from the Internet to the internal Exchange Mail Server? To only a single Exchange server? Why would you need Dovecot proxy at all there? Just use whatever dummy TCP proxy.
Re: [Dovecot] IMAP proxying for ALL users to internal mail server
--- Original Message --- From: Charles Marcus To: Vitaliy Vladimirovich Date: 2 october, 15:20:18 Subject: Re: [Dovecot] IMAP proxying for ALL users to internal mail server On 10/2/2009 8:14 AM, Vitaliy Vladimirovich wrote: > How must I adjust Dovecot for proxying all users from the Internet to > the internal Exchange Mail Server? Is this even a supported configuration? I've never heard of anyone doing this. Why not? From dovecot WIKI: The destination servers don't need to be running Dovecot, but you should make sure that the Dovecot proxy doesn't advertise more capabilities than the destination server can handle. For IMAP you can do this by changing imap_capability setting. For POP3 you'll have to modify Dovecot's sources for now ( src/pop3/capability.h). v1.2.rc4+ automatically sends updated untagged CAPABILITY reply if it detects that the remote server has different capabilities than what it already advertised to the client. Note that some clients simply ignore the updated CAPABILITY reply. Dovecot proxy is intended to act as a proxy between multiple *dovecot* servers... But, I'll be interested to hear Timos response, if this might actually work... -- Best regards, Charles
Re: [Dovecot] IMAP proxying for ALL users to internal mail server
On 10/2/2009 8:14 AM, Vitaliy Vladimirovich wrote: > How must I adjust Dovecot for proxying all users from the Internet to > the internal Exchange Mail Server? Is this even a supported configuration? I've never heard of anyone doing this. Dovecot proxy is intended to act as a proxy between multiple *dovecot* servers... But, I'll be interested to hear Timos response, if this might actually work... -- Best regards, Charles
[Dovecot] IMAP proxying for ALL users to internal mail server
Hi!
How must I adjust Dovecot for proxying all users from the Internet to the
internal Exchange Mail Server?
This is my config files (most important):
dovecot.conf
protocol imap {
#listen = *:10143
ssl_listen = 194.0.148.10:993
auth default {
mechanisms = plain login
passdb passwd-file {
args = /usr/local/etc/dovecot-%Ls.conf
}
}
dovecot-imap.conf
testma...@example.org::0:0proxy host=10.0.10.3 port=143 nopassword
With this configurations all works fine, but if I trying change
dovecot-imap.conf as below
�...@%d::0:0proxy host=10.0.10.3 port=143 nopassword
I get an error:
Oct 2 15:10:58 relay dovecot: auth(default): client in: AUTH 1 PLAIN
service=imap secured lip=199.10.149.10 rip=199.10.149.3 lport=993
rport=28316 resp=
Oct 2 15:10:58 relay dovecot: auth(default):
passwd-file(testma...@example.org,199.10.149.3): lookup:
user=testma...@example.org file=/usr/local/etc/dovecot-imap.conf
Oct 2 15:10:58 relay dovecot: auth(default):
passwd-file(testma...@example.org,199.10.149.3): unknown user
Oct 2 15:10:59 relay dovecot: auth(default): new auth connection: pid=62532
Oct 2 15:11:00 relay dovecot: auth(default): client out: FAIL 1
user=testma...@example.org
Any ideas??
Re: [Dovecot] Disconnected: Too many invalid IMAP commands
ahh just found this in my spam folder.. maybe it has good judgement On Sun, 2009-09-20 at 21:22 -0500, Eric Jon Rostetter wrote: > Quoting Noel Butler : > > >> No... Really, I've got lots of machines on older distros (3+ years) > >> that are just plain stable and just plain work. > >> > > > > until they are owned. > > Not a one has been owned yet. And why would they be since there famous last words, the last idiot to give me this rot was unemployed 30 seconds later, i dont tolerate incompetent lazy fools
[Dovecot] Timeout waiting for handshake from auth server
Hello I have that kind of messages in dovecot.log anyone has those troubles ? the machine is Debian etch 64 bits dovecot 1.2.5 has been compiled on the machine it run NIS client to a YPLDAPD server thank you Oct 02 12:15:27 auth(default): Error: do_ypcall: clnt_call: RPC: Timed out Oct 02 12:15:33 pop3-login: Error: Timeout waiting for handshake from auth server. my pid=16755, input bytes=0 Oct 02 12:15:46 auth(default): Error: YPBINDPROC_DOMAIN: Domain not bound Oct 02 12:15:46 pop3-login: Error: Timeout waiting for handshake from auth server. my pid=16760, input bytes=0 Oct 02 12:15:51 imap-login: Error: Timeout waiting for handshake from auth server. my pid=16761, input bytes=0 Oct 02 12:15:51 imap-login: Error: Timeout waiting for handshake from auth server. my pid=16762, input bytes=0
Re: [Dovecot] Password and special caracter
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 1 Oct 2009, Patrick Domack wrote: I tested using the password: te...@#$%^&*é Can you use ldapsearch from the mail server successfully, e.g.: ldapsearch -x -D DOMAIN\\user -W objectclass=\* dn ?? - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBSsWwq3WSIuGy1ktrAQJMKwf/eTomEun/f5kD/HMBZLNCNzRzzOmziFW6 Y7ut11Tf5mkNWqK+D6q0kwW7YaIJp4xvr6vJPrumxVPF9Czbsgpcp8FRyx0h7afJ GC9IECrTAfrCRwNIAXX7+usnCLQszWMwFpRWDHJg0JXmce+gmNCT3oD9IyBhM+xT n3JV62r3YfR066B/AiQTYOX5fBhVUI2OR2cKr2CGJBv8D/5AMHH0mFe7M/9KIu2l o6l1Qjf8FT9rZLnOQv2+VDyLt8RyngJtUlfNt1tGN7f6i6i9Opx0cFG8uYUJzbFu 2Yo1xNQXjr1M9Omi9cDbAfuWB9RtGDALjf/ngUCo4vp66Cl6q3sLRg== =WD3i -END PGP SIGNATURE-
Re: [Dovecot] Password and special caracter
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 1 Oct 2009, Patrick Domack wrote: I tested using the password: te...@#$%^&*é This password works for me in Dovecot v1.2.0 with OpenLDAP backend and auth_bind=yes. Can you sniff the connection to the AD, if the password is sent to the LDAP server and if it is encoded in UTF-8? Bye, - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBSsWwPXWSIuGy1ktrAQKBdQgAjS7oCZYSAmwvzZ++SEebGeivs1LiJIHB N8bjZuu3JB2l/+ZSjXKGxcaP3Jakkupi/NhG5a1Rwpzb0r2zxKViZeUjU9iy3PxE PZLE18hlUmIQ7YO3cTtg25ReMOvNLWzTtooXI7h3cvkJZ46vY200iUgLQ6Zh514i LnbObwJYHUIkGlHOufxqF6PRYJ8/ZDF/q5jxuqiRL4IzvKaqG3PqWCNTG7cm8nRm v1aqCUxZsJ7Q0R4/q/EAe6pYYHKN/liS/nnrrOXHK5CoeDs+2ijkY7PdlzqYQ15Y tb7sJb4THqESnQ9/2zJTUO+JvRabfWYho7GbxShNWLjp7tSNm08Zsw== =PxqG -END PGP SIGNATURE-
