Re: FreeBSD / dovecot 2.2.27 / libwrap
It works ! It was THAT easy ! Can you suggest how to replace the hair I pulled out ? :-) On 2016-12-29 5:27 PM, Larry Rosenman wrote: login_access_sockets = tcpwrap service tcpwrap { unix_listener login/tcpwrap { group = $default_login_user mode = 0600 user = $default_login_user } } On Thu, Dec 29, 2016 at 7:21 PM, Jim Pazarena wrote: I have compiled dovecot2 for FreeBSD with the tcpwrap option. A tcpwrap binary gets built and resides in the FreeBSD directory /usr/local/libexec/dovecot an examination of the compiled options (using the FreeBSD pkg install dovecot2) confirms: LIBWRAP : on yet, when I adjust dovecot.conf with: login_access_sockets = tcpwrap I get the following logged error message: 20161229 17:02:49 imap-login: Error: connect(tcpwrap) failed: No such file or directory Is there any way to turn up some super logging so that I can find just what dovecot feels is the failure ? Or, does anyone have an idea how to figure this out? What little hair I have is rapidly getting pulled out in frustration! Thank you. -- Jim Pazarena dove...@paz.bz -- Jim Pazarena dove...@paz.bz
FreeBSD / dovecot 2.2.27 / libwrap
I have compiled dovecot2 for FreeBSD with the tcpwrap option. A tcpwrap binary gets built and resides in the FreeBSD directory /usr/local/libexec/dovecot an examination of the compiled options (using the FreeBSD pkg install dovecot2) confirms: LIBWRAP : on yet, when I adjust dovecot.conf with: login_access_sockets = tcpwrap I get the following logged error message: 20161229 17:02:49 imap-login: Error: connect(tcpwrap) failed: No such file or directory Is there any way to turn up some super logging so that I can find just what dovecot feels is the failure ? Or, does anyone have an idea how to figure this out? What little hair I have is rapidly getting pulled out in frustration! Thank you. -- Jim Pazarena dove...@paz.bz
dovecot / tcp-wrappers / FBSD 10.3
Can anyone share the proper config to get wrappers working in dovecot on FreeBSD? The dovecot examples do not seem to work, and I thought perhaps FBSD needs slightly different configs. I've compiled with: -DHAVE_LIBWRAP which I presume is the first step. The example for dovecot.conf in uncommenting: login_access_sockets = tcpwrap merely causes a log error of "imap-login: Error: connect(tcpwrap) failed: No such file or directory" Suggestions/Direction much appreciated.
file/folder perms permissions
Forgive me if I am blind, but I cannot find default folder permissions. For the home directories, with the sub of mail: and deeper, I see some files with 660, some with 600, some folders with 770 some with 660 I am a bit confused. I manually messed with some files, and my MUA complained about permissions. So I got that mess fixed, and in doing so I noticed the seemingly contradictory permissions. Thanks!
Fwd: Re: IP drop list
On 2015-03-02 2:02 AM, Jochen Bern wrote: On 03/01/2015 08:53 AM, Jim Pazarena wrote: I wonder if there is an easy way to provide dovecot a flat text file of ipv4 #'s which should be ignored or dropped? I have accumulated 45,000+ IPs which routinely try dictionary and 12345678 password attempts. The file is too big to create firewall drops [...] The inherent assumption here is that dovecot, using a "flat file", will be able to process the block list more effectively than the firewall, which is a tool written for the *purpose* but supposedly unable to even *try* due to the list's size. That sounds ... counterintuitive. I am the original poster and just came back to this thread. When the first couple replies were "fail2ban" I lost interest. The reason I contemplated a flat text scan by dovecot is because, for the most part, my dovecot is low volume. So even if parsing a flat text file is less 'efficient' than a firewall insertion, it WOULD serve to defeat dictionary attacks rather readily. I already have a routine which scans my dovecot logs for goofy attacks such as dictionary or 12345 attempts. And since the attacks are pop/IMAP only, that is the only avenue which I wanted to defeat. This question garnered lots and lots of responses and I appreciate them all and read them all. And out of all the responses I think I will pursue the ipset routine. It seems easy enough and can act at the firewall level. The DNS RBL would be cool. I am also cognizant that 45,000 SHOULD have a TTL. However, these were IPs attempting to fetch email with obviously hacker type passwords. If, later, a given IP is re-assigned to a 'legitimate' person, they would still be able to send an email to me ' postmaster@ ' asking about an inability to fetch email. But parsing the flat text file would STILL be my preference. I'll look at the source and see if I can figure out where to inject such code. Like I said, my dovecot is low volume, so a fraction of a second at connection time is low impact. Considering that the flat text file may hang around in the memory cache it could even be less impact than low.
IP drop list
I wonder if there is an easy way to provide dovecot a flat text file of ipv4 #'s which should be ignored or dropped? I have accumulated 45,000+ IPs which routinely try dictionary and 12345678 password attempts. The file is too big to create firewall drops, and I don't want to compile with wrappers *if* dovecot has an easy ability to do this. If dovecot could parse a flat text file of IPs and drop connections it would sure put a dent in these attempts. Thanks.
[Dovecot] password encryption
I have just come to the realization that password encryption using the crypt function in linux, ONLY USES THE FIRST 8 CHARS. I have written routines using crypt allowing 16+ chars, and find that anything past 8 is ignored. Wow. Is there a way around this that can be used in dovecot, as well as encryption routines for an email front end? (not system users). It's the integration with dovecot which is the most important.
Re: [Dovecot] IMAP vs. POP3
On 2011-04-28 10:31 AM, Matt wrote: Does IMAP create much additional system load vs. POP3? I would say it adds considerable load to the server. The beauty is that multiple computers can synchronize all mail folders INCLUDING the Outbox/Sent folder to the common archive, which becomes the mail server itself. Is see little advantage if a single computer is involved other than using the mail server as a backup. Even with a single computer however, if one uses (also) a webmail client such as roundcube etc, then IMAP once again permits synchronizing between the webmail and the single computer. In an environment such as mine, 2 laptops, a desktop, and at times, webmail, it is a necessity. These days (also) mobile mail such as on an iPhone is handier with IMAP. Weigh all this against more drive space required, and more resources such as extra processes running on the server.
[Dovecot] dovecot genesis v2.0.X ~ FreeBSD
On 2010-10-18 9:47 AM, Jim Pazarena wrote: V2 of dovecot has had the following releases (to recap) 2.0.0 2010-08-16 2.0.1 2010-08-24 2.0.2 2010-09-08 2.0.3 2010-09-17 2.0.4 2010-09-26 2.0.5 2010-10-01 2.0.6 2010-10-25 2.0.7 2010-11-12 FreeBSD added dovecot2 to the ports recently (finally) Thank-you, & yay!
Re: [Dovecot] dovecot genesis v2.0.X
On 10/18/2010 2:12 PM, Jerry wrote: Five updates in something like 63 days is certainly not encouraging. I am sure that Timo is doing the best he can; however, unless you had some over whelming need to update, and I would really like to know what this is, I would recommend waiting. By the way, I am also using FreeBSD-8.1/amd64. Until Dovecot can go a few months without a patch being issued, I think I'll wait. I certainly don't need any clients waking me up at 3 o'clock in the morning. Mail folders containing both messages and sub-folders is what I/my clients desire. http://wiki2.dovecot.org/MboxChildFolders?highlight=%28folder%29 with mbox.
[Dovecot] dovecot genesis v2.0.X
V2 of dovecot has had the following releases (to recap) 2.0.0 2010-08-16 2.0.1 2010-08-24 2.0.2 2010-09-08 2.0.3 2010-09-17 2.0.4 2010-09-26 2.0.5 2010-10-01 I am on FreeBSD, and the port committers want to wait till dovecot V2 "stabilizes" prior to adding it to the FreeBSD ports base. So, my question is, respectfully, is dovecot V2.0.5 stable enough for prime-time on a busy ISP mail server? I'll install it myself independent of the FreeBSD ports tree if so. Thanks,
[Dovecot] mbox vs maildir
I've had clients 'request' nested folders, and it would seem that maildir is designed with that ability while with mbox it is difficult and.or impossible to implement (nested can be achieved; but not nested AND populated in each nest level). My question is, is one format 'better' than the other? It would take a fair bit of time to convert my system to maildir and I would want to feel comfortable that this would be a true 'upgrade' in abilities, rather than simply a change to accommodate nested folders. Thanks,
Re: [Dovecot] Failed IMAP Login Attempts in Logs
On Tue, 5 Jan 2010 11:09:07 -0500, Carlos Williams wrote: > I had a user telling me that they can't login to the Postfix email > server via Webmail (RoundCube) and I decided to see if I could locate > this issue in the logs and understand if the user was simply using a > wrong password credential and or something more serious. More than > likely the person is just using a wrong password but in search of this > on my logs, I don't understand why Dovecot doesn't log failed login > attempts. > > Is there a log level or something I am not searching for that will > allow me to see failed or invalid logins for Dovecot (IMAP)? # In case of password mismatches, log the passwords and used scheme so the # problem can be debugged. Enabling this also enables auth_debug. #auth_debug_passwords = no auth_debug_passwords = yes
[Dovecot] nested folders
using both thunderbird and roundcube with dovecot IMAP, I can create all the folders I desire, but cannot create subfolders; I also cannot delete a folder once created. I get a very un-informative error message from each. Is there a special setting required to permit sub-folder creation? folder deletion? I've got 770 mail:mail virtual_user_home 770 mail:mail mail_sub-directory 770 mail:mail .imap 660 mail:mail .subscriptions 700 mail:mail Drafts 700 mail:mail INBOX 700 mail:mail Junk 700 mail:mail Sent 700 mail:mail Trash Suggestions would be appreciated. Thanks!
Re: [Dovecot] basic understanding of imap in dovecot
Timo Sirainen wrote: On Wed, 2009-12-23 at 10:44 -0800, dove...@paz.bz wrote: My MTA (exim) delivers email to: /mail/user dovecot, sucks that mail from /mail/user TO /home/user/mail/ No, it doesn't suck any email (by default anyway). I suppose my question is, is there a way to have dovecot empty/parse the original exim mailbox so that the customer email isn't sitting in two spots, Dovecot should be using the mailbox directly without copying it. So you've misunderstood something, but without more information I can't really guess what it is. You are sure a patient person !! I tested my setup, and confirmed that dovecot isn't doing the things which I suspected it was doing. What is 'causing' this odd behavior is my use of Thunderbird MUA. I created a new 'imap' account on Thunderbird, and started copying the email from the old POP account into my Thunderbird 'IMAP' account. It appears that it is Thunderbird which is uploading the email BACK to the mail server as I copy it from the POP to the IMAP account within it. Not sure if this is the 'correct' behavior for an MUA -- uploading back to the server, but that IS why the home/user/mail directory is getting populated... from Thunderbird uploads. Can anyone point me at a tutorial on the 'abilities' of IMAP? Jim
Re: [Dovecot] commercial help
Timo Sirainen wrote: On Nov 27, 2009, at 1:18 AM, Jim Pazarena wrote: I am on FreeBSD with Dovecot 1.2.4 I need to have both POP3 & IMAP working to replace vm-pop3d (which was POP3 only). Local users are: mbox:/home/%u/mail/:INBOX=/mail/%u with password in /etc/passwd .. Virtual users (which vm-pop3d handled readily) are mbox:/home/VIRTUAL/%d/%u:INBOX/mail/VIRTUAL/%d/%u with password in /exim/etc/VIRTUAL/%d/passwd Probably would be easiest if you just got rid of system users and had everyone use virtual users to access their mails.. But if you want to do it like this, you probably need to do something like: this is a lot easier! Is there a way to have dovecot 'tack on' a default @domain.name if the user submits a username only? for example, if the user submits "joe" (instead of j...@qcislands.net), dovecot tries /home/VIRTUAL//joe/mail/VIRTUAL//joe I would like a 'default' of /home/VIRTUAL/qcislands.net/joe etc thanks!
[Dovecot] commercial help
Contact info * Author: Timo Sirainen, t...@iki.fi <mailto:t...@iki.fi>. * Please use the Dovecot mailing list <http://www.dovecot.org/mailinglists.html> for questions about Dovecot. You don't have to subscribe to it. * Depending on your needs, commercial support may be available. Send a mail if you're interested. according to the above (from the dovecot.org webpage), "commercial support may be available". After spending the better part of today trying unsuccessfully, I am ready to "Send a mail if you're interested". But I do not know WHO to send it to. Likely Timo, but I do not want to be presumptuous. I am on FreeBSD with Dovecot 1.2.4 I need to have both POP3 & IMAP working to replace vm-pop3d (which was POP3 only). Local users are: mbox:/home/%u/mail/:INBOX=/mail/%u with password in /etc/passwd Virtual users (which vm-pop3d handled readily) are mbox:/home/VIRTUAL/%d/%u:INBOX/mail/VIRTUAL/%d/%u with password in /exim/etc/VIRTUAL/%d/passwd It is worth it to me to pay a knowledgeable person to create the correct conf file to make this happen. Who should I contact? Thanks, Jim Pazarena
[Dovecot] system & virtual setup
No one replied to my original email, and I was hoping if I re-phrase my question I can get an answer. I would like dovecot to provide system email (located at /mail/%u with system password and /home/%u) and also virtual email (/u/mail/VIRTUAL/%d/%u with password found at /u/exim/etc/VIRTUAL/%d/passwd). NO home space, but I would consider /home/%d/%u This I think has something to do with namespace, but the docs are too vague for me to understand. Can anyone help me out? I would very much appreciate it. I would even consider PAYING someone to set me straight. I am looking to migrate away from vm-pop3d. initially with POP3 and ultimately into IMAP. Thanks!
[Dovecot] setting up both system password users AND virtual users
I'm afraid that I am a rookie at dovecot, and cannot seem to figure the configuration for a dual system & virtual setup. For now I am using POP3 ---only--- I've got the "system" working, but cannot figure out how to add the virtual system. The docs aren't quite clear enough for me to understand. The wiki example for dynamic passwd-file locations shows: mail_location = maildir:/home/%d/%n/Maildir userdb passwd-file etc etc I am using mbox, not maildir, AND I've already used mail_location for my system accounts with the following line: mail_location = mbox:~/mail/:INBOX=/mail/%u In the case of my virtual users, the mail is stored in INBOX=/mail/VIRTUAL/%d/%u and the password file is stored in /exim/etc/VIRTUAL/%d/passwd would someone kindly help me with this? thanks!