disable sieve replication with dsync
Hi, I think I got dsync working for mail, but I'm getting these errors: Error: sieve: file storage: mkdir_parents_chgrp(/usr/local/etc/mail/mandelberg.org/david/sieve/tmp) failed: Read-only file system I'm managing sieve files externally, and I don't want any part of dovecot writing to them. Is there any way to configure dsync to not replicate them? I looked at doveadm-sync(1) to see about adding a flag to replication_dsync_parameters, but the closest thing I see is -x for excluding mailboxes. Or maybe -o? Is there a way to specify a nested setting to -o, so I could do something like `plugin { sieve = }` for dsync?
Re: dsync error: Received unexpected input d != N
Op 02-11-2021 om 22:43 schreef David Mandelberg: Hi, I'm trying to set up replication with dsync, and I'm getting errors like this: I figured it out :) dsync-local(da...@mandelberg.org)<...>: Error: dsync(...): Received unexpected input d != N To debug this, I changed dsync_remote_cmd to a script with these contents: #!/bin/sh tee /tmp/tmp.MsfWIQCvNk/outbound.log | nc.openbsd -U /run/dovecot/dovecot-replication-client | tee /tmp/tmp.MsfWIQCvNk/inbound.log Then looking at the inbound.log file, the lines that seemed to be causing the "d != N" errors looked like this: dsync-remote(da...@mandelberg.org)<...>: Error: dsync(local): Remote dsync doesn't use compatible protocol I had written a wrapper script in python that did this: username = sys.stdin.readline().rstrip('\n') os.execvp('doveadm', ('doveadm', 'dsync-server', '-u', username)) Apparently sys.stdin.readline() reads more than just the one line from stdin, so it was consuming the VERSION line. The actual issue was totally my fault for the wrapper script, but is there any chance dovecot could log the "Remote dsync doesn't use compatible protocol" lines instead of (or in addition to) sending them to the other end? That would have saved some debugging effort.
dsync error: Received unexpected input d != N
Hi, I'm trying to set up replication with dsync, and I'm getting errors like this: dsync-local(da...@mandelberg.org)<...>: Error: dsync(...): Received unexpected input d != N I tried the `doveadm -D sync` command from https://doc.dovecot.org/configuration_manual/replication/#administration and its output looked like: ... dsync-local(da...@mandelberg.org)<...>: Debug: brain M: Locking done by remote (local hostname=..., remote hostname=...) dsync-local(da...@mandelberg.org)<...>: Debug: brain M: Local mailbox tree: ... [line above repeated many times for different mailboxes] dsync-local(da...@mandelberg.org)<...>: Error: dsync(...): Received unexpected input d != N dsync-local(da...@mandelberg.org)<...>: Error: dsync(...): Received unexpected input d != N dsync-local(da...@mandelberg.org)<...>: Debug: auth-master: conn unix:/run/dovecot/auth-userdb (pid=47097,uid=0): Disconnected: Connection closed (fd=8) I'm a bit stuck. Does anybody have any ideas what's going on? The output of `doveconf -n` is attached. # 2.3.13 (89f716dc2): /etc/dovecot/dovecot.conf # Pigeonhole version 0.5.13 (cdd19fe3) # OS: Linux 5.10.0-9-amd64 x86_64 Debian 11.1 ext4 # Hostname: mail-storage-bbf78862.virgo.mandelberg.org auth_username_chars = +-.0123456789@ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz dsync_remote_cmd = nc.openbsd -U /run/dovecot/dovecot-replication-client lda_mailbox_autosubscribe = yes mail_gid = vmail mail_home = /var/cache/mail/%{domain}/%{username}/dovecot-home mail_location = maildir:/var/local/mail/persistent/mail/%{domain}/%{username}/Maildir mail_plugins = listescape notify replication mail_uid = vmail namespace inbox { inbox = yes location = mailbox Archive { special_use = \Archive } mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / } passdb { args = /etc/dovecot/conf.d/10-passwd.passdb driver = passwd-file } plugin { mail_replica = remoteprefix:f...@mail-storage-acadbae1.fornax.mandelberg.org sieve = file:/usr/local/etc/mail/%{domain}/%{username}/sieve;active=/var/cache/mail/%{domain}/%{username}/active.sieve;bindir=/var/cache/mail/%{domain}/%{username}/sieve sieve_before = file:/etc/dovecot/sieve-before sieve_filter_bin_dir = /etc/dovecot/sieve-filter-bin sieve_filter_exec_timeout = 540s sieve_global_extensions = +vnd.dovecot.filter sieve_plugins = sieve_extprograms sieve_user_log = /var/local/mail/persistent/mail/%{domain}/%{username}/sieve.log } postmaster_address = postmaster@%{hostname} protocols = " imap lmtp" service aggregator { fifo_listener replication-notify-fifo { user = vmail } unix_listener replication-notify { user = vmail } } service auth-worker { user = $default_internal_user } service auth { unix_listener auth-userdb { group = vmail mode = 0660 } } service imap-login { inet_listener imaps { port = 993 ssl = yes } } service lmtp { unix_listener lmtp { group = stunnel4 mode = 0660 } user = vmail } service replicator { process_min_avail = 1 unix_listener replicator-doveadm { mode = 0600 user = vmail } } service stats { unix_listener stats-writer { mode = 0666 } } ssl = required ssl_cert =
Re: writing Maildir subscriptions file outside of dovecot
Op 07-10-2021 om 02:33 schreef Aki Tuomi: On 06/10/2021 22:52 David Mandelberg wrote: Hi, Is it safe to write to the Maildir subscriptions file directly? I'm trying to figure out a way to make sure the subscriptions match the actual folders exactly. I know how to subscribe to existing mailboxes with `doveadm mailbox list` and `doveadm mailbox subscribe`, but the latter seems to only accept mailboxes on the command line, and any local user can see the command line of any other user's commands. Also, that doesn't handle unsubscribing from non-existent mailboxes. I think unsubscribing from any mailboxes listed in `doveadm mailbox list -s` but not in `doveadm mailbox list` would work, but it has the same issue of mailboxes on the command line. It looks like I could do what I want with something like this command, but I'm not sure if it's safe to write directly to the subscriptions file: { echo INBOX; ls -1A | grep '^\.' | cut -c 2-; } > subscriptions (I was also thinking about using `doveadm mailbox list` to write the subscriptions file directly, but it looks like they use different separators and encodings.) You could also use the doveadm HTTP API to handle subscription changes? It should be safe to modify that file though, especially if the user is not logged in. That API looks easy to use, thanks for the pointer! Though I'd rather not add credentials for it, and I don't see an easy way to make HTTP requests over a unix socket in Python. Oh well. I also realized that if/when I set up dsync replication, writing directly to a file could get complicated. Maybe I'll just make a cron job to compare `doveadm mailbox list` and `doveadm mailbox list -s`, and send an email if there's any difference.
writing Maildir subscriptions file outside of dovecot
Hi, Is it safe to write to the Maildir subscriptions file directly? I'm trying to figure out a way to make sure the subscriptions match the actual folders exactly. I know how to subscribe to existing mailboxes with `doveadm mailbox list` and `doveadm mailbox subscribe`, but the latter seems to only accept mailboxes on the command line, and any local user can see the command line of any other user's commands. Also, that doesn't handle unsubscribing from non-existent mailboxes. I think unsubscribing from any mailboxes listed in `doveadm mailbox list -s` but not in `doveadm mailbox list` would work, but it has the same issue of mailboxes on the command line. It looks like I could do what I want with something like this command, but I'm not sure if it's safe to write directly to the subscriptions file: { echo INBOX; ls -1A | grep '^\.' | cut -c 2-; } > subscriptions (I was also thinking about using `doveadm mailbox list` to write the subscriptions file directly, but it looks like they use different separators and encodings.)
Re: sieve: active= doesn't seem to use bindir=
Op 05-10-2021 om 15:03 schreef dove...@ptld.com: It looks like dovecot is trying to save the compiled active script to the same directory as the source file, instead of to bindir. Am I missing something? sieve = file:/usr/local/etc/mail/%{domain}/%{username}/sieve; active=/usr/local/etc/mail/%{domain}/%{username}/sieve/.active.sieve; bindir=/var/cache/mail/%{domain}/%{username}/sieve Active= tells where to save the complied active script. In the above config it is being told to save to /usr/local/etc/mail/%{domain}/%{username}/sieve/.active.sieve; I thought active was where to read the active source script from? I'm not using managesieve, so I wouldn't expect dovecot to try writing to that file. I don't see anything in https://doc.dovecot.org/configuration_manual/sieve/configuration/ about active pointing at a compiled file, just stuff about it pointing at a source file. Which is the same directory as the scripts set with file: /usr/local/etc/mail/%{domain}/%{username}/sieve If you want the compiled to save in same path as bindir then change active to match active=/var/cache/mail/%{domain}/%{username}/sieve/.active.sieve; Yup, I did that and it worked, but it doesn't seem to match the documentation. It's also slightly (but only slightly) annoying to have to write to the cache dir from my configuration management system, instead of writing to the source dir.
sieve: active= doesn't seem to use bindir=
Hi, I'm trying to set up dovecot to read sieve source files from a read-only directory, and save compiled binaries to a separate directory with the bindir option. That worked when I pointed the sieve option at a single file, but I just changed it to point at a directory and added the active= option, also pointing at a symlink in a read-only directory. It looks like dovecot is trying to save the compiled active script to the same directory as the source file, instead of to bindir. Am I missing something? $ doveconf -n # 2.3.13 (89f716dc2): /etc/dovecot/dovecot.conf # Pigeonhole version 0.5.13 (cdd19fe3) # OS: Linux 5.10.0-8-amd64 x86_64 Debian 11.0 ext4 ... plugin { sieve = file:/usr/local/etc/mail/%{domain}/%{username}/sieve;active=/usr/local/etc/mail/%{domain}/%{username}/sieve/.active.sieve;bindir=/var/cache/mail/%{domain}/%{username}/sieve sieve_before = file:/etc/dovecot/sieve-before sieve_filter_bin_dir = /etc/dovecot/sieve-filter-bin sieve_filter_exec_timeout = 30s sieve_global_extensions = +vnd.dovecot.filter sieve_plugins = sieve_extprograms sieve_user_log = /var/local/mail/persistent/mail/%{domain}/%{username}/sieve.log } ... Relevant logs: lmtp(da...@mandelberg.org)<90751>: Error: open(/usr/local/etc/mail/mandelberg.org/david/sieve/.active.svbin.mail-storage-bbf78862.90751.be1286bb0bf97ee9) failed: Read-only file system lmtp(da...@mandelberg.org)<90751>: Error: sieve: binary /usr/local/etc/mail/mandelberg.org/david/sieve/.active.svbin: save: failed to create temporary file: open(/usr/local/etc/mail/mandelberg.org/david/sieve/.active.svbin.) failed: Read-only file system
\Noselect isn't set on namespace prefix mailbox that can't be selected
Hi, I tried using Nextcloud's Mail app to access my dovecot server (version: 2.2.27 (c0f36b0)), and got an error. The relevant imap log is: C: 3 LIST () "" (*) RETURN (SPECIAL-USE) ... S: * LIST () "/" Archives ... C: 6 STATUS Archives (MESSAGES) S: 6 NO Mailbox isn't selectable (0.000 + 0.000 secs). >> Command 6 took 0.0014 seconds. C: 7 LOGOUT S: * BYE Logging out S: 7 OK Logout completed (0.000 + 0.000 secs). >> Command 7 took 0.0021 seconds. And the relevant part of my dovecot config: namespace archives { disabled = no hidden = no ignore_on_failure = no inbox = no list = yes location = mbox:~/.mbox-archives order = 0 prefix = Archives/ separator = / subscriptions = yes type = private } Since ~/.mbox-archives is a directory, not a regular file, I'd expect dovecot to set the \Noselect attribute on the Archives folder. Is there something I'm missing? I tried using special_use, but that didn't accept \Noselect as an option.