date:20120106

http://dovecot.org/releases/2.0/dovecot-2.0.17.tar.gz
http://dovecot.org/releases/2.0/dovecot-2.0.17.tar.gz.sig

Among other changes:

+ Proxying now supports sending SSL client certificate to server with
  ssl_client_cert/key settings.
+ doveadm dump: Added support for dumping dbox headers/metadata.
- Fixed memory leaks in login processes with SSL connections
- vpopmail support was broken in v2.0.16


___
Dovecot-news mailing list
Dovecot-news@dovecot.org
http://dovecot.org/cgi-bin/mailman/listinfo/dovecot-news

[Dovecot-news] v2.1.rc3 released

http://dovecot.org/releases/2.1/rc/dovecot-2.1.rc3.tar.gz
http://dovecot.org/releases/2.1/rc/dovecot-2.1.rc3.tar.gz.sig

Whops, rc2 was missing a file. I always run make distcheck, which
should catch these, but recently it has always failed due to clang
static checking giving one error that I didn't really want to fix.
Because of that the distcheck didn't finish and didn't check for the
missing file.

So, anyway, I've made clang happy again, and now that I see how bad idea
it is to just ignore the failed distcheck, I won't do that again in
future. :)


___
Dovecot-news mailing list
Dovecot-news@dovecot.org
http://dovecot.org/cgi-bin/mailman/listinfo/dovecot-news

[Dovecot] Deduplication active - but how good does it perform?

2012-01-06 Thread Ralf Hildebrandt

I have deduplication active in my first mdbox: type mailbox, but how
do I find out how well the deduplication works? Is there a way of
finding out how much disk space I saved (if I saved some :) )?

-- 
Ralf Hildebrandt
  Geschäftsbereich IT | Abteilung Netzwerk
  Charité - Universitätsmedizin Berlin
  Campus Benjamin Franklin
  Hindenburgdamm 30 | D-12203 Berlin
  Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
  ralf.hildebra...@charite.de | http://www.charite.de

Re: [Dovecot] Strange error: DIGEST-MD5 mechanism can't be supported with given passdbs

2012-01-06 Thread Nick Rosier

Yubao Liu wrote:
 Hi all,
 
 I have no idea about that message, here is my configuration, what's wrong?

You have 2 passdb entries; 1 with a file and 1 with pam. I'm pretty sure
PAM doesn't support DIGEST-MD5 authentication. Could be the cause of the
problem.

 Debian testing, Dovecot 2.0.15
 
 $ doveconf -n
 # 2.0.15: /etc/dovecot/dovecot.conf
 # OS: Linux 3.1.0-1-686-pae i686 Debian wheezy/sid
 auth_default_realm = corp.example.com
 auth_krb5_keytab = /etc/dovecot.keytab
 auth_master_user_separator = *
 auth_mechanisms = gssapi digest-md5
 auth_realms = corp.example.com
 auth_username_format = %n
 first_valid_gid = 1000
 first_valid_uid = 1000
 mail_location = mdbox:/srv/mail/%u/Mail
 managesieve_notify_capability = mailto
 managesieve_sieve_capability = fileinto reject envelope
 encoded-character vacation subaddress comparator-i;ascii-numeric
 relational regex imap4flags copy include variables body enotify
 environment mailbox date ihave
 passdb {
   args = /etc/dovecot/master-users
   driver = passwd-file
   master = yes
   pass = yes
 }
 passdb {
   driver = pam
 }
 plugin {
   sieve = /srv/mail/%u/.dovecot.sieve
   sieve_dir = /srv/mail/%u/sieve
 }
 protocols =  imap lmtp sieve
 service auth {
   unix_listener auth-client {
 group = Debian-exim
 mode = 0660
   }
 }
 ssl_cert = /etc/ssl/certs/dovecot.pem
 ssl_key = /etc/ssl/private/dovecot.pem
 userdb {
   args = home=/srv/mail/%u
   driver = passwd
 }
 protocol lmtp {
   mail_plugins =  sieve
 }
 protocol lda {
   mail_plugins =  sieve
 }
 
 # cat /etc/dovecot/master-users
 x...@corp.example.com:
 
 The z is obtained by doveadm pw -s digest-md5 -u
 x...@corp.example.com,
 I tried to add prefix {DIGEST-MD5} before the generated hash and/or add
 scheme=DIGEST-MD5 to the passwd-file passdb's args option, both
 don't help.
 
 The error message:
 dovecot: master: Dovecot v2.0.15 starting up (core dumps disabled)
 dovecot: auth: Fatal: DIGEST-MD5 mechanism can't be supported with given
 passdbs
 gold dovecot: master: Error: service(auth): command startup failed,
 throttling
 
 I opened debug auth log,  it showed dovecot read /etc/dovecot/master-users
 and parsed one line, then the error occurred.  Doesn't passwd-file
 passdb support
 digest-md5 password scheme?  If it doesn't support, how do I configure
 digest-md5 auth
 mechanism with digest-md5 password scheme for virtual users?
 
 Regards,
 Yubao Liu
 

Rgds,
N.

Re: [Dovecot] Deduplication active - but how good does it perform?

On 6.1.2012, at 12.09, Ralf Hildebrandt wrote:

 I have deduplication active in my first mdbox: type mailbox, but how
 do I find out how well the deduplication works? Is there a way of
 finding out how much disk space I saved (if I saved some :) )?

You could look at the files in the attachments directory, and see how many 
links they have. Each file has 2 initially. Each additional link has saved you 
size of file bytes of space.

Re: [Dovecot] Possible mdbox corruption

On 5.1.2012, at 2.24, Daniel L. Miller wrote:

 I thought I had cleared out the corruption I had before - perhaps I was 
 mistaken.  What steps should I take to help locate these issues?  Currently 
 using 2.1rc1.  I see the following errors in my logs, including out of memory 
 and message size issues (at 15:30):
..
 Jan  4 05:17:17 bubba dovecot: master: Error: service(indexer-worker): child 
 10896 returned error 83 (Out of memory (vsz_limit=256 MB, you may need to 
 increase it))
 Jan  4 06:17:17 bubba dovecot: indexer-worker(us...@domain.com): Fatal: 
 pool_system_realloc(134217728): Out of memory

The problem is clearly that index-worker's vsz_limit is too low. Increase it 
(or default_vsz_limit).

Re: [Dovecot] Possible mdbox corruption

On 6.1.2012, at 12.55, Timo Sirainen wrote:

 Jan  4 05:17:17 bubba dovecot: master: Error: service(indexer-worker): child 
 10896 returned error 83 (Out of memory (vsz_limit=256 MB, you may need to 
 increase it))
 Jan  4 06:17:17 bubba dovecot: indexer-worker(us...@domain.com): Fatal: 
 pool_system_realloc(134217728): Out of memory
 
 The problem is clearly that index-worker's vsz_limit is too low. Increase it 
 (or default_vsz_limit).

Although the source of the out-of-memory

/usr/local/lib/dovecot/libdovecot.so.0(buffer_write+0x7c) [0x7f0ec1a550ec] - 
/usr/local/lib/dovecot/lib21_fts_solr_plugin.so(+0x3292) [0x7f0ec024f292] - 

is something that shouldn't really be happening. I guess the Solr plugin wastes 
memory unnecessarily, I'll see what I can do about it. But for now just 
increase vsz limit.

Re: [Dovecot] Deduplication active - but how good does it perform?

2012-01-06 Thread Nick Rosier

Ralf Hildebrandt wrote:
 I have deduplication active in my first mdbox: type mailbox, but how
 do I find out how well the deduplication works? Is there a way of
 finding out how much disk space I saved (if I saved some :) )?

You could check how much diskspace all the mail uses (or the mail of a
user) and compare it to the quota dovecot reports. But I think you would
need quota's activated for this.

E.g. on my small server used diskquota is 2GB where doveadm quota
reports all users use 3.1GB.

[Dovecot] howto disable indexing on dovecot-lda ?


Hello,
is it possible to disable indexing on dovecot-lda ?

Right now postfix delivers the mail directly to the nfs server without 
any problems. If I switch to dovecot-lda the system crashes do to the 
high I/O and locking.
Indexing on lda is not very useful because the number of of imap logins 
is less than 5% that of incoming mails, so an user could wait for 3 sec 
to get his mail index, but a new mail can't.


Dovecot version  1.2.15
mail_nfs_storage = yes
mail_nfs_index = yes

Than you !

Re: [Dovecot] Possible mdbox corruption

On Fri, 2012-01-06 at 12:57 +0200, Timo Sirainen wrote:
 On 6.1.2012, at 12.55, Timo Sirainen wrote:
 
  Jan  4 05:17:17 bubba dovecot: master: Error: service(indexer-worker): 
  child 10896 returned error 83 (Out of memory (vsz_limit=256 MB, you may 
  need to increase it))
  Jan  4 06:17:17 bubba dovecot: indexer-worker(us...@domain.com): Fatal: 
  pool_system_realloc(134217728): Out of memory
  
  The problem is clearly that index-worker's vsz_limit is too low. Increase 
  it (or default_vsz_limit).
 
 Although the source of the out-of-memory
 
 /usr/local/lib/dovecot/libdovecot.so.0(buffer_write+0x7c) [0x7f0ec1a550ec] - 
 /usr/local/lib/dovecot/lib21_fts_solr_plugin.so(+0x3292) [0x7f0ec024f292] - 
 
 is something that shouldn't really be happening. I guess the Solr plugin 
 wastes memory unnecessarily, I'll see what I can do about it. But for now 
 just increase vsz limit.

I don't see any obvious reason why it would be using a lot of memory,
unless you have a message that has huge (MIME) headers. See if
http://hg.dovecot.org/dovecot-2.1/rev/380b0667e0a5 helps / logs a
warning about it.

Re: [Dovecot] howto disable indexing on dovecot-lda ?

On Fri, 2012-01-06 at 13:07 +0200, Adrian Minta wrote:
 Hello,
 is it possible to disable indexing on dovecot-lda ?

protocol lda {
  mail_location = whatever-you-have-now:INDEX=MEMORY
}

 Right now postfix delivers the mail directly to the nfs server without 
 any problems. If I switch to dovecot-lda the system crashes do to the 
 high I/O and locking.

Disabling indexing won't disable writing to dovecot-uidlist file. So I
don't know if disabling indexes actually helps.

[Dovecot] ACL with IMAP proxying

2012-01-06 Thread Alexis Lelion

Hello,

I'm trying to use ACLs to restrict subscription on public mailboxes, but
I went into trouble.
My setup is made of two servers, and users are shared between them via a
proxy. User authentication is done with LDAP, and credentials aren't
shared between the mailservers. Instead, the proxies are using master
password.
The thing is that when the ACLs are checked, it actually doesn't give
the user login, but the master login, which is useless.
Is there a way to use the first part of destuser as it is done when
fetching info from the userdb?

Any help is appreciated,
Thansk!

Alexis

--

ACL bug logs :

104184 Jan  6 12:09:35 mail02 dovecot: imap(user@domain): Debug: acl: acl
username = proxy
104185 Jan  6 12:09:35 mail02 dovecot: imap(user@domain): Debug: acl: owner
= 0
104186 Jan  6 12:09:35 mail02 dovecot: imap(user@domain): Debug: acl vfile:
Global ACL directory: (none)
104187 Jan  6 12:09:35 mail02 dovecot: imap(user@domain): Debug: Namespace
: type=public, prefix=Shared., sep=., inbox=no,hidden=no, list=yes,
subscriptions=no location=maildir:/var/vmail/domain/Shared

--

Output of dovecot -n

# 2.0.15: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.3 ext3
auth_debug = yes
auth_master_user_separator = *
auth_socket_path = /var/run/dovecot/auth-userdb
auth_verbose = yes
first_valid_uid = 150
lmtp_proxy = yes
login_trusted_networks = mail01.ip
mail_debug = yes
mail_location = maildir:/var/vmail/%d/%n
mail_nfs_storage = yes
mail_plugins = acl
mail_privileged_group = mail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags
copy include variables body enotify environment mailbox date ihave
namespace {
  inbox = yes
  location = maildir:/var/vmail/%d/%n
  prefix =
  separator = .
  type = private
}
namespace {
  location = maildir:/var/vmail/domain/Shared
  prefix = Shared.
  separator = .
  subscriptions = no
  type = public
}
passdb {
  args = /etc/dovecot/master-users
  driver = passwd-file
  master = yes
}
passdb {
  args = /etc/dovecot/dovecot-ldap.conf
  driver = ldap
}
plugin {
  acl = vfile:/etc/dovecot/global-acls:cache_secs=300
  recipient_delimiter = +
  sieve_after = /var/lib/dovecot/sieve/after.d/
  sieve_before = /var/lib/dovecot/sieve/pre.d/
  sieve_dir = /var/vmail/%d/%n/sieve
  sieve_global_path = /var/lib/dovecot/sieve/default.sieve
}
postmaster_address = user@domain
protocols =  imap lmtp sieve
service auth {
  unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0666
user = postfix
  }
  unix_listener auth-userdb {
group = mail
mode = 0600
user = vmail
  }
}
service lmtp {
  inet_listener lmtp {
address = mail02.ip
port = 24
  }
  unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0660
user = postfix
  }
}
ssl = required
ssl_cert = /etc/ssl/mailcert.pem
ssl_key = /etc/ssl/private/mailkey.pem
userdb {
  args = /etc/dovecot/dovecot-sql.conf
  driver = sql
}
verbose_proctitle = yes
protocol doveadm {
  auth_socket_path = director-userdb
}
protocol lda {
  mail_plugins = sieve
}
protocol imap {
  imap_id_send = name
  mail_plugins = acl imap_acl
}
protocol lmtp {
  passdb {
args = /etc/dovecot/dovecot-sql-lmtp.conf
driver = sql
  }
  passdb {
args = /etc/dovecot/dovecot-ldap-lmtp.conf
driver = ldap
  }
}

Re: [Dovecot] ACL with IMAP proxying

On Fri, 2012-01-06 at 12:36 +0100, Alexis Lelion wrote:
 The thing is that when the ACLs are checked, it actually doesn't give
 the user login, but the master login, which is useless.

Yes, this is intentional.

 Is there a way to use the first part of destuser as it is done when
 fetching info from the userdb?

You should be able to work around this with modifying userdb's query:

user_query = select '%n' AS master_user, ...

Re: [Dovecot] howto disable indexing on dovecot-lda ?

2012-01-06 Thread Stan Hoeppner

On 1/6/2012 5:07 AM, Adrian Minta wrote:
 Hello,
 is it possible to disable indexing on dovecot-lda ?
 
 Right now postfix delivers the mail directly to the nfs server without
 any problems. If I switch to dovecot-lda the system crashes do to the
 high I/O and locking.
 Indexing on lda is not very useful because the number of of imap logins
 is less than 5% that of incoming mails, so an user could wait for 3 sec
 to get his mail index, but a new mail can't.

Then why bother with Dovecot LDA w/disabled indexing (the main reason
for using it in the first place) instead of simply sticking with Postfix
Local(8)?

-- 
Stan

Re: [Dovecot] Deduplication active - but how good does it perform?

2012-01-06 Thread Charles Marcus


On 2012-01-06 5:54 AM, Timo Sirainen t...@iki.fi wrote:

On 6.1.2012, at 12.09, Ralf Hildebrandt wrote:

I have deduplication active in my first mdbox: type mailbox, but how
do I find out how well the deduplication works? Is there a way of
finding out how much disk space I saved (if I saved some :) )?



You could look at the files in the attachments directory, and see how
many links they have. Each file has 2 initially. Each additional link
has saved yousize of file  bytes of space.


Maybe there could be a doveadm command for this? That would be really 
useful for some kind of stats applications... especially for promoting 
its use in environments where large attachments are common...


--

Best regards,

Charles

Re: [Dovecot] Deduplication active - but how good does it perform?

2012-01-06 Thread Charles Marcus


On 2012-01-06 6:58 AM, Charles Marcus cmar...@media-brokers.com wrote:

On 2012-01-06 5:54 AM, Timo Sirainen t...@iki.fi wrote:

On 6.1.2012, at 12.09, Ralf Hildebrandt wrote:

I have deduplication active in my first mdbox: type mailbox, but how
do I find out how well the deduplication works? Is there a way of
finding out how much disk space I saved (if I saved some :) )?



You could look at the files in the attachments directory, and see how
many links they have. Each file has 2 initially. Each additional link
has saved yousize of file bytes of space.


Maybe there could be a doveadm command for this?


Incidentally, I use rsnapshot (which is simply a wrapper script for 
rsync) for my disk based backups. It uses hard links so that you can 
have hourly/daily/weekly/monthly (or whatever naming scheme you want) 
snapshots of your backups, but each snapshot simply contains hardlinks 
to the previous snapshots, so you can literally have hundreds of 
snapshots that only consume a little more space that one single whole 
snapshot.


Anyway, rsnapshot has to leverage the du command to determine the amount 
of disk space each snapshot uses (when considered as a 
separate/standalone snapshot), or how much *actual* space each snapshot 
consumes (ie, only the files that are *not* hardlinked against a 
previous backup)...


Maybe this could be a starting point for how to do this...

http://rsnapshot.org/rsnapshot.html#usage

and scroll down to the rsnapshot du command...

--

Best regards,

Charles

Re: [Dovecot] ACL with IMAP proxying

2012-01-06 Thread Alexis Lelion

Hi Timo,

Thanks for your prompt answer, I wasn't expecting an answer that soon ;-)
I just tried your workaround, and actually, master_user is properly set to
the username, but then is overriden with the proxy login again :

Jan  6 13:14:19 mail01 dovecot: imap: Debug: Added userdb setting:
mail=maildir:/var/vmail/domain/user
Jan  6 13:14:19 mail01 dovecot: imap: Debug: Added userdb setting:
plugin/quota=dirsize:storage=0
Jan  6 13:14:19 mail01 dovecot: imap: Debug: Added userdb setting:
plugin/master_user=user
Jan  6 13:14:19 mail01 dovecot: imap: Debug: Added userdb setting:
plugin/master_user=proxy

Is there any other flag I can set to avoid this? (Something like Y for the
password)?

Alexis

On Fri, Jan 6, 2012 at 12:48 PM, Timo Sirainen t...@iki.fi wrote:

 On Fri, 2012-01-06 at 12:36 +0100, Alexis Lelion wrote:
  The thing is that when the ACLs are checked, it actually doesn't give
  the user login, but the master login, which is useless.

 Yes, this is intentional.

  Is there a way to use the first part of destuser as it is done when
  fetching info from the userdb?

 You should be able to work around this with modifying userdb's query:

 user_query = select '%n' AS master_user, ...

Re: [Dovecot] doveadm + dsync merging

On Thu, 2011-12-29 at 15:19 +0100, Pascal Volk wrote:
  b) Don't have the dsync prefix:
 
  dsync mirror - doveadm mirror
  dsync backup - doveadm backup
  dsync server - doveadm dsync-server (could be hidden from the doveadm 
  commands list)

I did this now, with mirror - sync.

 I'd prefer doveadm commands with the dsync prefix. (a)) Because:
 
   * doveadm already has other 'command groups' like mailbox, director …
   * that's the way to avoid command clashes (w/o hiding anything)

There are already many mail related commands that don't have any prefix.
For example I think doveadm import and doveadm backup are quite
related. Also dsync is perhaps more about the internal implementation,
so in future it's possible that sync/backup works some other way..

Re: [Dovecot] ACL with IMAP proxying

On Fri, 2012-01-06 at 13:22 +0100, Alexis Lelion wrote:

 Thanks for your prompt answer, I wasn't expecting an answer that soon ;-)
 I just tried your workaround, and actually, master_user is properly set to
 the username, but then is overriden with the proxy login again :
 
 Jan  6 13:14:19 mail01 dovecot: imap: Debug: Added userdb setting:
 mail=maildir:/var/vmail/domain/user
 Jan  6 13:14:19 mail01 dovecot: imap: Debug: Added userdb setting:
 plugin/quota=dirsize:storage=0
 Jan  6 13:14:19 mail01 dovecot: imap: Debug: Added userdb setting:
 plugin/master_user=user
 Jan  6 13:14:19 mail01 dovecot: imap: Debug: Added userdb setting:
 plugin/master_user=proxy

I thought it would have been the other way around.. See if
http://hg.dovecot.org/dovecot-2.0/raw-rev/684381041dc4 helps?

 Is there any other flag I can set to avoid this? (Something like Y for the
 password)?

Nope.

Re: [Dovecot] ACL with IMAP proxying

Another possibility: http://wiki2.dovecot.org/PostLoginScripting

and set MASTER_USER environment.

On Fri, 2012-01-06 at 13:55 +0100, Alexis Lelion wrote:
 Thanks Timo.
 I'm actually using a packaged version of Dovecot 2.0 from Debian, so I
 can't apply the patch easily right now.
 I'll try do build dovecot this weekend and see if it solves the issue.
 
 Cheers
 
 Alexis
 
 On Fri, Jan 6, 2012 at 1:30 PM, Timo Sirainen t...@iki.fi wrote:
 
  On Fri, 2012-01-06 at 13:22 +0100, Alexis Lelion wrote:
 
   Thanks for your prompt answer, I wasn't expecting an answer that soon ;-)
   I just tried your workaround, and actually, master_user is properly set
  to
   the username, but then is overriden with the proxy login again :
  
   Jan  6 13:14:19 mail01 dovecot: imap: Debug: Added userdb setting:
   mail=maildir:/var/vmail/domain/user
   Jan  6 13:14:19 mail01 dovecot: imap: Debug: Added userdb setting:
   plugin/quota=dirsize:storage=0
   Jan  6 13:14:19 mail01 dovecot: imap: Debug: Added userdb setting:
   plugin/master_user=user
   Jan  6 13:14:19 mail01 dovecot: imap: Debug: Added userdb setting:
   plugin/master_user=proxy
 
  I thought it would have been the other way around.. See if
  http://hg.dovecot.org/dovecot-2.0/raw-rev/684381041dc4 helps?
 
   Is there any other flag I can set to avoid this? (Something like Y for
  the
   password)?
 
  Nope.

Re: [Dovecot] howto disable indexing on dovecot-lda ?


On 01/06/12 13:39, Timo Sirainen wrote:

On Fri, 2012-01-06 at 13:07 +0200, Adrian Minta wrote:

Hello,
is it possible to disable indexing on dovecot-lda ?

protocol lda {
   mail_location = whatever-you-have-now:INDEX=MEMORY
}


Right now postfix delivers the mail directly to the nfs server without
any problems. If I switch to dovecot-lda the system crashes do to the
high I/O and locking.

Disabling indexing won't disable writing to dovecot-uidlist file. So I
don't know if disabling indexes actually helps.



I don't have mail_location under protocol lda:

protocol lda {
  # Address to use when sending rejection mails.
  postmaster_address = postmaster@xxx
  sendmail_path = /usr/lib/sendmail
  auth_socket_path = /var/run/dovecot/auth-master
  mail_plugins = quota
  syslog_facility = mail
}

The mail_location is present only global. What to do then ?

Re: [Dovecot] howto disable indexing on dovecot-lda ?


On 01/06/12 13:50, Stan Hoeppner wrote:

On 1/6/2012 5:07 AM, Adrian Minta wrote:

Hello,
is it possible to disable indexing on dovecot-lda ?

Right now postfix delivers the mail directly to the nfs server without
any problems. If I switch to dovecot-lda the system crashes do to the
high I/O and locking.
Indexing on lda is not very useful because the number of of imap logins
is less than 5% that of incoming mails, so an user could wait for 3 sec
to get his mail index, but a new mail can't.

Then why bother with Dovecot LDA w/disabled indexing (the main reason
for using it in the first place) instead of simply sticking with Postfix
Local(8)?



Because of sieve and quota support. Another possible advantage will be 
the support for hashed mailbox directories.

Re: [Dovecot] howto disable indexing on dovecot-lda ?

On Fri, 2012-01-06 at 15:01 +0200, Adrian Minta wrote:
  protocol lda {
 mail_location = whatever-you-have-now:INDEX=MEMORY
  }
 
 I don't have mail_location under protocol lda:

Just add it there.

Re: [Dovecot] ACL with IMAP proxying

2012-01-06 Thread Alexis Lelion

It worked!
Thanks a lot for your help and have a wonderful day!

On Fri, Jan 6, 2012 at 1:57 PM, Timo Sirainen t...@iki.fi wrote:

 Another possibility: http://wiki2.dovecot.org/PostLoginScripting

 and set MASTER_USER environment.

 On Fri, 2012-01-06 at 13:55 +0100, Alexis Lelion wrote:
  Thanks Timo.
  I'm actually using a packaged version of Dovecot 2.0 from Debian, so I
  can't apply the patch easily right now.
  I'll try do build dovecot this weekend and see if it solves the issue.
 
  Cheers
 
  Alexis
 
  On Fri, Jan 6, 2012 at 1:30 PM, Timo Sirainen t...@iki.fi wrote:
 
   On Fri, 2012-01-06 at 13:22 +0100, Alexis Lelion wrote:
  
Thanks for your prompt answer, I wasn't expecting an answer that
 soon ;-)
I just tried your workaround, and actually, master_user is properly
 set
   to
the username, but then is overriden with the proxy login again :
   
Jan  6 13:14:19 mail01 dovecot: imap: Debug: Added userdb setting:
mail=maildir:/var/vmail/domain/user
Jan  6 13:14:19 mail01 dovecot: imap: Debug: Added userdb setting:
plugin/quota=dirsize:storage=0
Jan  6 13:14:19 mail01 dovecot: imap: Debug: Added userdb setting:
plugin/master_user=user
Jan  6 13:14:19 mail01 dovecot: imap: Debug: Added userdb setting:
plugin/master_user=proxy
  
   I thought it would have been the other way around.. See if
   http://hg.dovecot.org/dovecot-2.0/raw-rev/684381041dc4 helps?
  
Is there any other flag I can set to avoid this? (Something like Y
 for
   the
password)?
  
   Nope.

Re: [Dovecot] howto disable indexing on dovecot-lda ?


On 01/06/12 15:08, Timo Sirainen wrote:

On Fri, 2012-01-06 at 15:01 +0200, Adrian Minta wrote:

protocol lda {
mail_location = whatever-you-have-now:INDEX=MEMORY
}


I don't have mail_location under protocol lda:

Just add it there.



Thank you !
Dovecot didn't complain after restart and the dovecot -a reports it 
correctly:


lda:
  postmaster_address: postmaster@xxx
  sendmail_path: /usr/lib/sendmail
  auth_socket_path: /var/run/dovecot/auth-master
  mail_plugins: quota
  syslog_facility: mail
  mail_location: maildir:/var/virtual/%d/%u:INDEX=MEMORY

I will do a test with this.

Re: [Dovecot] Strange error: DIGEST-MD5 mechanism can't be supported with given passdbs


On 01/06/2012 06:52 PM, Nick Rosier wrote:

Yubao Liu wrote:

Hi all,

I have no idea about that message, here is my configuration, what's wrong?

You have 2 passdb entries; 1 with a file and 1 with pam. I'm pretty sure
PAM doesn't support DIGEST-MD5 authentication. Could be the cause of the
problem.


Thanks, that does be the cause.

http://hg.dovecot.org/dovecot-2.0/file/684381041dc4/src/auth/auth.c
   121 static bool auth_passdb_list_have_lookup_credentials(struct auth 
*auth)

   122 {
   123 struct auth_passdb *passdb;
   124
   125 for (passdb = auth-passdbs; passdb != NULL; passdb = 
passdb-next) {

   126 if (passdb-passdb-iface.lookup_credentials != NULL)
   127 return TRUE;
   128 }
   129 return FALSE;
   130 }

I don't know why this function doesn't check auth-masterdbs, if I
insert these lines after line 128, that error goes away, and dovecot's
imap-login process happily does DIGEST-MD5 authentication [1].
In my configuration, masterdbs contains passdb passwd-file,
passdbs contains  passdb pam.

for (passdb = auth-masterdbs; passdb != NULL; passdb = passdb-next) {
if (passdb-passdb-iface.lookup_credentials != NULL)
   return TRUE;
}


[1] But the authentication for user*master always fails, I realized 
master users

can't login as other users by DIGEST-MD5 or CRAM-MD5 auth mechanisms
because these authentication mechanisms use user*master as username
in hash algorithm, not just master.

Regards,
Yubao Liu


Debian testing, Dovecot 2.0.15

$ doveconf -n
# 2.0.15: /etc/dovecot/dovecot.conf
# OS: Linux 3.1.0-1-686-pae i686 Debian wheezy/sid
auth_default_realm = corp.example.com
auth_krb5_keytab = /etc/dovecot.keytab
auth_master_user_separator = *
auth_mechanisms = gssapi digest-md5
auth_realms = corp.example.com
auth_username_format = %n
first_valid_gid = 1000
first_valid_uid = 1000
mail_location = mdbox:/srv/mail/%u/Mail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date ihave
passdb {
   args = /etc/dovecot/master-users
   driver = passwd-file
   master = yes
   pass = yes
}
passdb {
   driver = pam
}
plugin {
   sieve = /srv/mail/%u/.dovecot.sieve
   sieve_dir = /srv/mail/%u/sieve
}
protocols =  imap lmtp sieve
service auth {
   unix_listener auth-client {
 group = Debian-exim
 mode = 0660
   }
}
ssl_cert =/etc/ssl/certs/dovecot.pem
ssl_key =/etc/ssl/private/dovecot.pem
userdb {
   args = home=/srv/mail/%u
   driver = passwd
}
protocol lmtp {
   mail_plugins =  sieve
}
protocol lda {
   mail_plugins =  sieve
}

# cat /etc/dovecot/master-users
x...@corp.example.com:

The z is obtained by doveadm pw -s digest-md5 -u
x...@corp.example.com,
I tried to add prefix {DIGEST-MD5} before the generated hash and/or add
scheme=DIGEST-MD5 to the passwd-file passdb's args option, both
don't help.

The error message:
dovecot: master: Dovecot v2.0.15 starting up (core dumps disabled)
dovecot: auth: Fatal: DIGEST-MD5 mechanism can't be supported with given
passdbs
gold dovecot: master: Error: service(auth): command startup failed,
throttling

I opened debug auth log,  it showed dovecot read /etc/dovecot/master-users
and parsed one line, then the error occurred.  Doesn't passwd-file
passdb support
digest-md5 password scheme?  If it doesn't support, how do I configure
digest-md5 auth
mechanism with digest-md5 password scheme for virtual users?

Regards,
Yubao Liu


Rgds,
N.

Re: [Dovecot] v2.1.rc2 released

2012-01-06 Thread Luigi Rosa

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Timo Sirainen said the following on 06/01/12 17:42:
 http://dovecot.org/releases/2.1/rc/dovecot-2.1.rc2.tar.gz

Making all in doveadm
make[3]: Entering directory `/usr/src/dovecot-2.1.rc2/src/doveadm'
Making all in dsync
make[4]: Entering directory `/usr/src/dovecot-2.1.rc2/src/doveadm/dsync'
gcc -DHAVE_CONFIG_H -I. -I../../..  -I../../../src/lib -I../../../src/lib-test
- -I../../../src/lib-settings -I../../../src/lib-master -I../../../src/lib-mail
- -I../../../src/lib-imap -I../../../src/lib-index -I../../../src/lib-storage
- -I../../../src/doveadm   -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes
- -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2
- -Wbad-function-cast -Wstrict-aliasing=2 -I/usr/kerberos/include-MT
doveadm-dsync.o -MD -MP -MF .deps/doveadm-dsync.Tpo -c -o doveadm-dsync.o
doveadm-dsync.c
doveadm-dsync.c:17:27: error: doveadm-dsync.h: No such file or directory
doveadm-dsync.c:386: warning: no previous prototype for ‘doveadm_dsync_main’
make[4]: *** [doveadm-dsync.o] Error 1
make[4]: Leaving directory `/usr/src/dovecot-2.1.rc2/src/doveadm/dsync'
make[3]: *** [all-recursive] Error 1
make[3]: Leaving directory `/usr/src/dovecot-2.1.rc2/src/doveadm'
make[2]: *** [all-recursive] Error 1
make[2]: Leaving directory `/usr/src/dovecot-2.1.rc2/src'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/usr/src/dovecot-2.1.rc2'
make: *** [all] Error 2


In fact the file doveadm-dsync.h is not in the tarball



Ciao,
luigi

- -- 
/
+--[Luigi Rosa]--
\

Non cercare di vincere mai un gatto in testardaggine.
--Robert A. Heinlein
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk8HK68ACgkQ3kWu7Tfl6ZRCkgCgwUGMxj12NBI3p8FO0W2AIBwW
uSAAn3YuEAtm5ulsvWaPuPeylK2e/Vpc
=kzD0
-END PGP SIGNATURE-

Re: [Dovecot] Strange error: DIGEST-MD5 mechanism can't be supported with given passdbs


On 01/07/2012 12:44 AM, Timo Sirainen wrote:

On Sat, 2012-01-07 at 00:15 +0800, Yubao Liu wrote:


I don't know why this function doesn't check auth-masterdbs, if I
insert these lines after line 128, that error goes away, and dovecot's
imap-login process happily does DIGEST-MD5 authentication [1].
In my configuration, masterdbs contains passdb passwd-file,
passdbs contains  passdb pam.

So .. you want DIGEST-MD5 authentication for the master users, but not
for anyone else? I hadn't really thought anyone would want that..


I hope users use GSSAPI authentication from native MUA, but RoundCube
webmail doesn't support that, so that I have to use DIGEST-MD5/CRAM-MD5/
PLAIN/LOGIN for authentication between RoundCube and Dovecot, and
let RoundCube login as master user for normal user.

I really don't like to transfer password as plain text, so I prefer 
DIGEST-MD5

and CRAM-MD5 for both auth mechanisms and password schemes. My
last email is partially wrong,  DIGEST-MD5 can't be used for master users
because 'real_user*master_user' is used to calculate digest in IMAP client,
this can't be consistent with digest in passdb because only 'master_user'
is used to calculate digest.

But CRAM-MD5 doesn't use user name to calculate digest,  I just tried it 
successfully

with my rude patch to src/auth/auth.c in my previous email:-)

# doveadm pw -s CRAM-MD5 -u webmail
(use 123456 as passwd)
# cat  /etc/dovecot/master-users
webmail:{CRAM-MD5}dd59f669267e9bb13d42a1ba57c972c5b13a4b2ae457c9ada8035dc7d8bae41b
^D

$ gsasl --imap imap.corp.example.com --verbose -m CRAM-MD5 -a 
'dieken*webm...@corp.example.com' -p 123456

Trying `gold.corp.example.com'...
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE 
IDLE STARTTLS LOGINDISABLED AUTH=GSSAPI AUTH=DIGEST-MD5 AUTH=CRAM-MD5] 
Dovecot ready.

. CAPABILITY
* CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE 
STARTTLS LOGINDISABLED AUTH=GSSAPI AUTH=DIGEST-MD5 AUTH=CRAM-MD5

. OK Pre-login capabilities listed, post-login capabilities have more.
. STARTTLS
. OK Begin TLS negotiation now.
. CAPABILITY
* CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE 
AUTH=GSSAPI AUTH=DIGEST-MD5 AUTH=CRAM-MD5

. OK Pre-login capabilities listed, post-login capabilities have more.
. AUTHENTICATE CRAM-MD5
+ PDM1OTIzODgxNjgyNzUxMjUuMTMyNTg3MDQwMkBnb2xkPg==
ZGlla2VuKndlYm1haWxAY29ycC5leGFtcGxlLmNvbSBkYjRlZWJlMTUwZGZjZjg5NTVkODZhNDBlMGJiZmQzNA==
* CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE 
SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT 
CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC 
ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS

Client authentication finished (server trusted)...
Enter application data (EOF to finish):

It's also OK to use -a 'dieken*webmail' instead of -a 
'dieken*webm...@corp.example.com'.


# doveconf -n
# 2.0.15: /etc/dovecot/dovecot.conf
# OS: Linux 3.1.0-1-686-pae i686 Debian wheezy/sid
auth_debug = yes
auth_debug_passwords = yes
auth_default_realm = corp.example.com
auth_krb5_keytab = /etc/dovecot.keytab
auth_master_user_separator = *
auth_mechanisms = gssapi digest-md5 cram-md5
auth_realms = corp.example.com
auth_username_format = %n
auth_verbose = yes
auth_verbose_passwords = plain
first_valid_gid = 1000
first_valid_uid = 1000
mail_debug = yes
mail_location = mdbox:/srv/mail/%u/Mail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope 
encoded-character vacation subaddress comparator-i;ascii-numeric 
relational regex imap4flags copy include variables body enotify 
environment mailbox date ihave

passdb {
  args = /etc/dovecot/master-users
  driver = passwd-file
  master = yes
}
passdb {
  driver = pam
}
plugin {
  sieve = /srv/mail/%u/.dovecot.sieve
  sieve_dir = /srv/mail/%u/sieve
}
protocols =  imap lmtp sieve
service auth {
  unix_listener auth-client {
group = Debian-exim
mode = 0660
  }
}
ssl_cert = /etc/ssl/certs/dovecot.pem
ssl_key = /etc/ssl/private/dovecot.pem
userdb {
  args = home=/srv/mail/%u
  driver = passwd
}
verbose_ssl = yes
protocol lmtp {
  mail_plugins =  sieve
}
protocol lda {
  mail_plugins =  sieve
}


Regards,
Yubao Liu

Re: [Dovecot] Possible mdbox corruption

2012-01-06 Thread Daniel L. Miller


On 1/6/2012 2:57 AM, Timo Sirainen wrote:

On 6.1.2012, at 12.55, Timo Sirainen wrote:


Jan  4 05:17:17 bubba dovecot: master: Error: service(indexer-worker): child 
10896 returned error 83 (Out of memory (vsz_limit=256 MB, you may need to 
increase it))
Jan  4 06:17:17 bubba dovecot: indexer-worker(us...@domain.com): Fatal: 
pool_system_realloc(134217728): Out of memory

The problem is clearly that index-worker's vsz_limit is too low. Increase it 
(or default_vsz_limit).

Although the source of the out-of-memory

/usr/local/lib/dovecot/libdovecot.so.0(buffer_write+0x7c) [0x7f0ec1a550ec] -  
/usr/local/lib/dovecot/lib21_fts_solr_plugin.so(+0x3292) [0x7f0ec024f292] -

is something that shouldn't really be happening. I guess the Solr plugin wastes 
memory unnecessarily, I'll see what I can do about it. But for now just 
increase vsz limit.

I set default_vsz_limit = 1024M.  Those errors appear gone - but I do 
have messages like:


Jan  6 09:22:42 bubba dovecot: indexer-worker(us...@domain.com): Error: 
fts_solr: Indexing failed: 400 Illegal character ((CTRL-CHAR, code 18))  
at [row,col {unknown-source}]: [482765,16]

Jan  6 09:22:42 bubba dovecot: indexer-worker: Error:

Google seems to indicate that Solr cannot handle invalid characters - 
and that it is the responsibility of the calling program to strip out 
such.  A quick search shows me a both an individual character comparison 
in Java and a regex used for the purpose.  Is there any illegal 
character protection in the Dovecot Solr plugin?


--
Daniel

Re: [Dovecot] Possible mdbox corruption

On 6.1.2012, at 19.30, Daniel L. Miller wrote:

 Jan  6 09:22:42 bubba dovecot: indexer-worker(us...@domain.com): Error: 
 fts_solr: Indexing failed: 400 Illegal character ((CTRL-CHAR, code 18))  at 
 [row,col {unknown-source}]: [482765,16]
 Jan  6 09:22:42 bubba dovecot: indexer-worker: Error:
 
 Google seems to indicate that Solr cannot handle invalid characters - and 
 that it is the responsibility of the calling program to strip out such.  A 
 quick search shows me a both an individual character comparison in Java and a 
 regex used for the purpose.  Is there any illegal character protection in 
 the Dovecot Solr plugin?

Yes, there is. So I'm not really sure what it's complaining about. Are you 
using the solr or solr_old backend?

Re: [Dovecot] Strange error: DIGEST-MD5 mechanism can't be supported with given passdbs


On 01/07/2012 12:44 AM, Timo Sirainen wrote:

On Sat, 2012-01-07 at 00:15 +0800, Yubao Liu wrote:


I don't know why this function doesn't check auth-masterdbs, if I
insert these lines after line 128, that error goes away, and dovecot's
imap-login process happily does DIGEST-MD5 authentication [1].
In my configuration, masterdbs contains passdb passwd-file,
passdbs contains  passdb pam.

So .. you want DIGEST-MD5 authentication for the master users, but not
for anyone else? I hadn't really thought anyone would want that..


Is there any special reason that master passdb isn't taken into
account in src/auth/auth.c:auth_passdb_list_have_lookup_credentials() ?
I feel master passdb is also a kind of passdb.

http://wiki2.dovecot.org/PasswordDatabase

 You can use multiple databases, so if the password doesn't match
 in the first database, Dovecot checks the next one. This can be useful
 if you want to easily support having both virtual users and also local
 system users (see Authentication/MultipleDatabases 
http://wiki2.dovecot.org/Authentication/MultipleDatabases).


This is exactly my use case, I use Kerberos for system users,
I'm curious why master passdb isn't used to check 
have_lookup_credentials ability.


http://wiki2.dovecot.org/Authentication/MultipleDatabases
 Currently the fallback works only with the PLAIN authentication 
mechanism.


I hope this limitation can be relaxed.

Regards,
Yubao Liu

Re: [Dovecot] Strange error: DIGEST-MD5 mechanism can't be supported with given passdbs

On 6.1.2012, at 19.45, Yubao Liu wrote:

 On 01/07/2012 12:44 AM, Timo Sirainen wrote:
 On Sat, 2012-01-07 at 00:15 +0800, Yubao Liu wrote:
 
 I don't know why this function doesn't check auth-masterdbs, if I
 insert these lines after line 128, that error goes away, and dovecot's
 imap-login process happily does DIGEST-MD5 authentication [1].
 In my configuration, masterdbs contains passdb passwd-file,
 passdbs contains  passdb pam.
 So .. you want DIGEST-MD5 authentication for the master users, but not
 for anyone else? I hadn't really thought anyone would want that..
 
 Is there any special reason that master passdb isn't taken into
 account in src/auth/auth.c:auth_passdb_list_have_lookup_credentials() ?
 I feel master passdb is also a kind of passdb.

I guess it could be changed. It wasn't done intentionally that way.

 This is exactly my use case, I use Kerberos for system users,
 I'm curious why master passdb isn't used to check have_lookup_credentials 
 ability

 http://wiki2.dovecot.org/Authentication/MultipleDatabases
  Currently the fallback works only with the PLAIN authentication mechanism.
 
 I hope this limitation can be relaxed.

It might already be .. I don't remember. In any case you have only PAM passdb, 
so it shouldn't matter. GSSAPI isn't a passdb.

[Dovecot] v2.1.rc3 released

http://dovecot.org/releases/2.1/rc/dovecot-2.1.rc3.tar.gz
http://dovecot.org/releases/2.1/rc/dovecot-2.1.rc3.tar.gz.sig

Whops, rc2 was missing a file. I always run make distcheck, which
should catch these, but recently it has always failed due to clang
static checking giving one error that I didn't really want to fix.
Because of that the distcheck didn't finish and didn't check for the
missing file.

So, anyway, I've made clang happy again, and now that I see how bad idea
it is to just ignore the failed distcheck, I won't do that again in
future. :)

[Dovecot] change initial permissions on creation of mail folder

2012-01-06 Thread mailinglist

Installed dovcot from Debian .deb file. Creating a new account for 
system users sets permission for user-only. Where to change initial 
permissions on creation of mail folder and other subdirectories.


Installed dovecot using apt-get install dovecot-imapd dovecot-pop3d. 
Any time when I create a new account in my mail client for a system 
user, Dovecot tries to create ~/mail/.imap/INBOX. The permissions for 
mail and .imap are set to 0700. By this permissions INBOX can not be 
created leading to an error message in log files. When I manualy change 
the permissions to 0770, INBOX is created

Re: [Dovecot] v2.1.rc2 released

2012-01-06 Thread The Doctor

On Fri, Jan 06, 2012 at 06:42:07PM +0200, Timo Sirainen wrote:
 http://dovecot.org/releases/2.1/rc/dovecot-2.1.rc2.tar.gz
 http://dovecot.org/releases/2.1/rc/dovecot-2.1.rc2.tar.gz.sig
 
 Lots of fixes since rc1. Some of the changes were larger than I wanted
 at RC stage, but they had to be done now.. Hopefully it's all over now,
 and we can have v2.1.0 soon. :)
 
 Some of the more important changes:
 
   * dsync was merged into doveadm. There is still dsync symlink
 pointing to doveadm, which you can use the old way for now.
 The preferred ways to run dsync are doveadm sync (for old dsync
 mirror) and doveadm backup.
 
   + IMAP SPECIAL-USE extension to describe mailboxes
   + Added mailbox {} sections, which deprecate autocreate plugin
   + lib-fs: Added mode parameter to posix backend to specify mode
 for created files/dirs (for mail_attachment_dir).
   + inet_listener names are now used to figure out what type the socket
 is when useful. For example naming service auth { inet_listener } to
 auth-client vs. auth-userdb has different behavior.
   + Added pop3c (= POP3 client) storage backend.
   - LMTP proxying code was simplified, hopefully fixing its problems.
   - dsync: Don't remove user's subscriptions for subscriptions=no
 namespaces.
 


Suggestion:

Get rid of the --as-needed ld flag.  This is a show stopper for me.

Also,

Making all in doveadm
Making all in dsync
gcc -DHAVE_CONFIG_H -I. -I../../..  -I../../../src/lib  -I../../../src/lib-test 
 -I../../../src/lib-settings  -I../../../src/lib-master  
-I../../../src/lib-mail  -I../../../src/lib-imap  -I../../../src/lib-index  
-I../../../src/lib-storage  -I../../../src/doveadm-std=gnu99 -g -O2 -Wall 
-W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith 
-Wchar-subscripts -Wformat=2 -Wbad-function-cast -I/usr/contrib/include -MT 
doveadm-dsync.o -MD -MP -MF .deps/doveadm-dsync.Tpo -c -o doveadm-dsync.o 
doveadm-dsync.c
doveadm-dsync.c:17:27: doveadm-dsync.h: No such file or directory
doveadm-dsync.c:386: warning: no previous prototype for `doveadm_dsync_main'
*** Error code 1

Stop.
*** Error code 1

Stop.
*** Error code 1

Stop.
*** Error code 1

Stop.
*** Error code 1 


Looks like rc3 needed .

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God, Queen and country! Never Satan President Republic! Beware AntiChrist 
rising! 
https://www.fullyfollow.me/rootnl2k
Merry Christmas 2011 and Happy New Year 2012 !

Re: [Dovecot] v2.1.rc2 released

2012-01-06 Thread The Doctor

On Fri, Jan 06, 2012 at 01:12:56PM -0700, The Doctor wrote:
 On Fri, Jan 06, 2012 at 06:42:07PM +0200, Timo Sirainen wrote:
  http://dovecot.org/releases/2.1/rc/dovecot-2.1.rc2.tar.gz
  http://dovecot.org/releases/2.1/rc/dovecot-2.1.rc2.tar.gz.sig
  
  Lots of fixes since rc1. Some of the changes were larger than I wanted
  at RC stage, but they had to be done now.. Hopefully it's all over now,
  and we can have v2.1.0 soon. :)
  
  Some of the more important changes:
  
  * dsync was merged into doveadm. There is still dsync symlink
pointing to doveadm, which you can use the old way for now.
The preferred ways to run dsync are doveadm sync (for old dsync
mirror) and doveadm backup.
  
  + IMAP SPECIAL-USE extension to describe mailboxes
  + Added mailbox {} sections, which deprecate autocreate plugin
  + lib-fs: Added mode parameter to posix backend to specify mode
for created files/dirs (for mail_attachment_dir).
  + inet_listener names are now used to figure out what type the socket
is when useful. For example naming service auth { inet_listener } to
auth-client vs. auth-userdb has different behavior.
  + Added pop3c (= POP3 client) storage backend.
  - LMTP proxying code was simplified, hopefully fixing its problems.
  - dsync: Don't remove user's subscriptions for subscriptions=no
namespaces.
  
 
 
 Suggestion:
 
 Get rid of the --as-needed ld flag.  This is a show stopper for me.
 
 Also,
 
 Making all in doveadm
 Making all in dsync
 gcc -DHAVE_CONFIG_H -I. -I../../..  -I../../../src/lib  
 -I../../../src/lib-test  -I../../../src/lib-settings  
 -I../../../src/lib-master  -I../../../src/lib-mail  -I../../../src/lib-imap  
 -I../../../src/lib-index  -I../../../src/lib-storage  -I../../../src/doveadm  
   -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations 
 -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast 
 -I/usr/contrib/include -MT doveadm-dsync.o -MD -MP -MF 
 .deps/doveadm-dsync.Tpo -c -o doveadm-dsync.o doveadm-dsync.c
 doveadm-dsync.c:17:27: doveadm-dsync.h: No such file or directory
 doveadm-dsync.c:386: warning: no previous prototype for `doveadm_dsync_main'
 *** Error code 1
 
 Stop.
 *** Error code 1
 
 Stop.
 *** Error code 1
 
 Stop.
 *** Error code 1
 
 Stop.
 *** Error code 1 
 
 
 Looks like rc3 needed .


Just noted your rc3 notice.

Can you get an rc4 going where the above 2 mentions are fixed?
 
 -- 
 Member - Liberal InternationalThis is doc...@nl2k.ab.ca Ici 
 doc...@nl2k.ab.ca
 God, Queen and country! Never Satan President Republic! Beware AntiChrist 
 rising! 
 https://www.fullyfollow.me/rootnl2k
 Merry Christmas 2011 and Happy New Year 2012 !

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God, Queen and country! Never Satan President Republic! Beware AntiChrist 
rising! 
https://www.fullyfollow.me/rootnl2k
Merry Christmas 2011 and Happy New Year 2012 !

Re: [Dovecot] v2.1.rc2 released

On 6.1.2012, at 22.19, The Doctor wrote:

 doveadm-dsync.c:17:27: doveadm-dsync.h: No such file or directory
 doveadm-dsync.c:386: warning: no previous prototype for `doveadm_dsync_main'
 *** Error code 1
 Looks like rc3 needed .
 
 
 Just noted your rc3 notice.
 
 Can you get an rc4 going where the above 2 mentions are fixed?

rc3 fixes these.

Re: [Dovecot] Possible mdbox corruption

2012-01-06 Thread Daniel L. Miller


On 1/6/2012 9:36 AM, Timo Sirainen wrote:

On 6.1.2012, at 19.30, Daniel L. Miller wrote:


Jan  6 09:22:42 bubba dovecot: indexer-worker(us...@domain.com): Error: 
fts_solr: Indexing failed: 400 Illegal character ((CTRL-CHAR, code 18))  at 
[row,col {unknown-source}]: [482765,16]
Jan  6 09:22:42 bubba dovecot: indexer-worker: Error:

Google seems to indicate that Solr cannot handle invalid characters - and that it is 
the responsibility of the calling program to strip out such.  A quick search shows me a both an 
individual character comparison in Java and a regex used for the purpose.  Is there any 
illegal character protection in the Dovecot Solr plugin?

Yes, there is. So I'm not really sure what it's complaining about. Are you using the 
solr or solr_old backend?



Solr.

plugin {
  fts = solr
  fts_solr = url=http://localhost:8983/solr/
}

--
Daniel

[Dovecot] failed: Too many levels of symbolic links

2012-01-06 Thread David Egbert


All,
My dovecot install works great except for one error I keep seeing this 
in my logs.  The folder has 7138 messages in it.  I am informed the user 
they needed to reduce the number of messages in the folder and believe 
this will fix the problem.  My question is about where the problem 
lies.  Is the problem related to an internal limit with Dovecot v2.0.15 
or with my Debian (3.1.0-1-amd64)?


Thanks
---
dovecot: imap(xx...@x.com): Error: 
readdir(///X/X/XXX/XXX/XXX) 
failed: Too many levels of symbolic links


David Egbert
Paperclip Systems, LLC

---
This message, its contents, and attachments are confidential and are only 
authorized for the intended recipient.  Disclosure, re-distribution, or use of 
said information is strictly prohibited, and may be excluded from disclosure by 
applicable law.  If you are not the intended recipient, or their intermediary, 
please notify the sender and delete this message.

Re: [Dovecot] failed: Too many levels of symbolic links

On 6.1.2012, at 22.44, David Egbert wrote:

 dovecot: imap(xx...@x.com): Error: 
 readdir(///X/X/XXX/XXX/XXX) failed: 
 Too many levels of symbolic links

You have a symlink loop. Either a symlink that points to itself or one of the 
parent directories.

Re: [Dovecot] 2.1.rc1 (056934abd2ef): virtual plugin mailbox search pattern

2012-01-06 Thread e-frog


ON 23.12.2011 18:33, wrote e-frog:

Hello Timo,

With dovecot 2.1.rc1 (056934abd2ef) there seems to be something wrong
with virtual plugin mailbox search patterns.

I'm using a virtual mailbox 'unread' with the following dovecot-virtual
file

$ cat dovecot-virtual
*
unseen

For testing propose I created the following folders with each containing
one unread message

INBOX, INBOX/level1 and INBOX/level1/level2

2.1.rc1 (056934abd2ef)

1 LIST  *
* LIST (\HasChildren) / INBOX
* LIST (\HasChildren) / INBOX/level1
* LIST (\HasNoChildren) / INBOX/level1/level2
* LIST (\HasChildren) / virtual
* LIST (\HasNoChildren) / virtual/unread
1 OK List completed.
2 STATUS INBOX (UNSEEN)
* STATUS INBOX (UNSEEN 1)
2 OK Status completed.
3 STATUS INBOX/level1 (UNSEEN)
* STATUS INBOX/level1 (UNSEEN 1)
3 OK Status completed.
4 STATUS INBOX/level1/level2 (UNSEEN)
* STATUS INBOX/level1/level2 (UNSEEN 1)
4 OK Status completed.
5 STATUS virtual/unread (UNSEEN)
* STATUS virtual/unread (UNSEEN 1)
5 OK Status completed.

Result: virtual/unread shows only 1 unseen message. Further tests showed
it's the one from INBOX. The mails from the deeper levels are not found.

Downgrading to 2.0.16 restores the correct behavior:

1 LIST  *
* LIST (\HasChildren) / INBOX
* LIST (\HasChildren) / INBOX/level1
* LIST (\HasNoChildren) / INBOX/level1/level2
* LIST (\HasChildren) / virtual
* LIST (\HasNoChildren) / virtual/unread
1 OK List completed.
2 STATUS INBOX (UNSEEN)
* STATUS INBOX (UNSEEN 1)
2 OK Status completed.
3 STATUS INBOX/level1 (UNSEEN)
* STATUS INBOX/level1 (UNSEEN 1)
3 OK Status completed.
4 STATUS INBOX/level1/level2 (UNSEEN)
* STATUS INBOX/level1/level2 (UNSEEN 1)
4 OK Status completed.
5 STATUS virtual/unread (UNSEEN)
* STATUS virtual/unread (UNSEEN 3)
5 OK Status completed.

Result: virtual/unread shows 3 unseen messages as it should

The namespace configuration is as following

namespace {
hidden = no
inbox = yes
list = yes
location =
prefix =
separator = /
subscriptions = yes
type = private
}
namespace {
location = virtual:~/virtual
prefix = virtual/
separator = /
subscriptions = no
type = private
}

I've also tried this with location = virtual:~/virtual:LAYOUT=maildir++
leading to the same result.

Thanks,
e-frog


Just tested this on 2.1.rc3 and this still doesn't work like in v2.0. It 
seems like the search stops at the first hierarchy separator. Is there 
anything in addition I can do to help fix this issue?


Thanks,
e-frog

Re: [Dovecot] failed: Too many levels of symbolic links

2012-01-06 Thread David Egbert


On 1/6/2012 2:16 PM, Timo Sirainen wrote:

On 6.1.2012, at 22.44, David Egbert wrote:


dovecot: imap(xx...@x.com): Error: 
readdir(///X/X/XXX/XXX/XXX) failed: Too 
many levels of symbolic links

You have a symlink loop. Either a symlink that points to itself or one of the 
parent directories.

I thought that might have been the case, but I checked and there are no 
symlinks in that directory, or any of the directories above it in the 
path.  All of the directories and files were created by dovecot.  I 
didn't notice this in the logs until recently.  The files are stored on 
an NFS Raid if that makes any difference.


---
David Egbert

Re: [Dovecot] failed: Too many levels of symbolic links

On 6.1.2012, at 23.41, David Egbert wrote:

 On 1/6/2012 2:16 PM, Timo Sirainen wrote:
 On 6.1.2012, at 22.44, David Egbert wrote:
 
 dovecot: imap(xx...@x.com): Error: 
 readdir(///X/X/XXX/XXX/XXX) failed: 
 Too many levels of symbolic links
 You have a symlink loop. Either a symlink that points to itself or one of 
 the parent directories.
 
 I thought that might have been the case, but I checked and there are no 
 symlinks in that directory, or any of the directories above it in the path.  
 All of the directories and files were created by dovecot.  I didn't notice 
 this in the logs until recently.  The files are stored on an NFS Raid if that 
 makes any difference.

Well, then.. You have a bit too many Xes in there for me to guess which 
readdir() is the one failing. I guess it's /new or /cur for a Maildir?

Anyway, readdir() is failing with ELOOP. Does it always fail with Too many 
levels of symbolic links or is it sometimes different? This sounds like a bug 
in Linux NFS client code. You can reproduce this always with this one user's 
Maildir? Can you do ls in the directory?

Re: [Dovecot] failed: Too many levels of symbolic links

2012-01-06 Thread David Egbert

On 1/6/2012 2:51 PM, Timo Sirainen wrote:

On 6.1.2012, at 23.41, David Egbert wrote:

On 1/6/2012 2:16 PM, Timo Sirainen wrote:

On 6.1.2012, at 22.44, David Egbert wrote:

dovecot: imap(xx...@x.com): Error:
readdir(///X/X/XXX/XXX/XXX) failed: Too
many levels of symbolic links

You have a symlink loop. Either a symlink that points to itself or one of the
parent directories.

I thought that might have been the case, but I checked and there are no
symlinks in that directory, or any of the directories above it in the path.
All of the directories and files were created by dovecot. I didn't notice this
in the logs until recently. The files are stored on an NFS Raid if that makes
any difference.

Well, then.. You have a bit too many Xes in there for me to guess which
readdir() is the one failing. I guess it's /new or /cur for a Maildir?

Anyway, readdir() is failing with ELOOP. Does it always fail with Too many levels of symbolic
links or is it sometimes different? This sounds like a bug in Linux NFS client code. You can
reproduce this always with this one user's Maildir? Can you do ls in the directory?

Sorry about the X's... it is a client directory. We support many
domains and their privacy is paramount. You are correct it is in the
/cur directory. I can LS all of directories without problems. This
user has 10+Gb in his mail box spread across 352 subscribed folders. As
for the logs it is always the directory, always the same error.

David Egbert

Re: [Dovecot] failed: Too many levels of symbolic links

On 7.1.2012, at 0.10, David Egbert wrote:

 Anyway, readdir() is failing with ELOOP. Does it always fail with Too many 
 levels of symbolic links or is it sometimes different? This sounds like a 
 bug in Linux NFS client code. You can reproduce this always with this one 
 user's Maildir? Can you do ls in the directory?
 
 Sorry about the X's...  it is a client directory.  We support many domains 
 and their privacy is paramount.   You are correct it is in the /cur 
 directory.  I can LS all of directories without problems.  This user has 
 10+Gb in his mail box spread across 352 subscribed folders.  As for the logs 
 it is always the directory, always the same error.

Try the attached test program. Run it as: ./readdir /path/to/Maildir/cur

Does it also give non-zero error?



readdir.c
Description: Binary data

Re: [Dovecot] Strange error: DIGEST-MD5 mechanism can't be supported with given passdbs