LMPT SSL
Hello, I tryed to eneble TLS connection from postfix to dovecot lmtp. Unfortunely I have problem with certificate, postfix shows, 2015-07-27T12:51:15.025333+02:00 k30 postfix/lmtp[4572]: Untrusted TLS connection established to 192.168.67.30[192.168.67.30]:24: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits) I checked certs by openssl s_client: #openssl s_client -connect localhost:24 -showcerts -starttls smtp -CApath /etc/ssl/certs/ And I gets didn't found starttls in server response, try anyway... depth=0 OU = GT46258006, OU = See www.rapidssl.com/resources/cps (c)15, OU = Domain Control Validated - RapidSSL(R), CN = mail.active24.pl verify error:num=20:unable to get local issuer certificate verify return:1 depth=0 OU = GT46258006, OU = See www.rapidssl.com/resources/cps (c)15, OU = Domain Control Validated - RapidSSL(R), CN = mail.active24.pl verify error:num=27:certificate not trusted verify return:1 depth=0 OU = GT46258006, OU = See www.rapidssl.com/resources/cps (c)15, OU = Domain Control Validated - RapidSSL(R), CN = mail.active24.pl verify error:num=21:unable to verify the first certificate verify return:1 It look likes dovecot lmtp send 3 times the same certificate. I made the same test for imap in the same dovecot instance: #openssl s_client -connect localhost:143 -showcerts -starttls imap -CApath /etc/ssl/certs/ CONNECTED(0003) depth=2 C = US, O = GeoTrust Inc., CN = GeoTrust Global CA verify return:1 depth=1 C = US, O = GeoTrust Inc., CN = RapidSSL SHA256 CA - G3 verify return:1 depth=0 OU = GT46258006, OU = See www.rapidssl.com/resources/cps (c)15, OU = Domain Control Validated - RapidSSL(R), CN = mail.active24.pl verify return:1 For imap it looks ok. Why lmtp shows wrong certs list # dovecot --version 2.2.16 -- Pozdrawiam! / Best regards! -- Piotr Rotter Konsultant IT / IT Consultant === http://www.ACTIVE24.pl - Powerful hosting - surprisingly easy === ul. BarkociĆska 6, 03-543 Warszawa PL Email: b...@active24.pl Tel: +48 222 950 446
Re: LMPT SSL
# 2.2.16: /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.7 # OS: Linux 3.18.9-hardened x86_64 Gentoo Base System release 2.2 auth_mechanisms = plain login digest-md5 cram-md5 ntlm apop auth_verbose = yes default_client_limit = 1 default_process_limit = 1000 default_vsz_limit = 512 M deliver_log_format = from=%f, msgid=%m, psize=%p: %$ disable_plaintext_auth = no dotlock_use_excl = no doveadm_password = yjH5KiEpCWAVLHtt lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes login_greeting = Active24 Sp. z o.o. login_log_format_elements = user=%u method=%m rip=%r lip=%l mpid=%e %k session=%{session} login_trusted_networks = 192.168.67.0/27 mail_access_groups = vmail mail_fsync = always mail_gid = 502 mail_location = maildir:~/ mail_log_prefix = %s(%u) session=%{session}: mail_plugins = mail_log notify quota mail_uid = 502 maildir_very_dirty_syncs = yes mmap_disable = yes namespace inbox { inbox = yes location = mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Sent { auto = subscribe special_use = \Sent } mailbox Spam { auto = subscribe special_use = \Junk } mailbox Trash { auto = subscribe special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { autosubscribe = Trash autosubscribe2 = Spam autosubscribe3 = Sent autosubscribe4 = Drafts mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename append append mail_log_fields = box msgid from size quota = maildir quota2 = maildir:user quota quota_rule = *:storage=10GB quota_rule2 = *:messages=1 quota_rule3 = Trash:storage=+10M quota_rule4 = Trash:messages=+100 quota_warning = storage=80%% quota-warning 80 %u quota_warning2 = storage=90%% quota-warning 90 %u quota_warning3 = storage=100%% quota-warning 100 %u sieve_global_path = /etc/dovecot/sieve/default.sieve } sendmail_path = /usr/sbin/postfix service auth { client_limit = 2 unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } unix_listener auth-userdb { group = vmail mode = 0600 user = vmail } } service doveadm { unix_listener doveadm-server { mode = 0666 } } service imap-login { process_limit = 4096 process_min_avail = 6 service_count = 1000 } service imap { process_limit = 4096 process_min_avail = 6 service_count = 100 } service lmtp { inet_listener lmtp { address = 0.0.0.0 port = 24 ssl = yes } process_limit = 100 process_min_avail = 5 user = vmail } service pop3-login { process_limit = 4096 process_min_avail = 6 service_count = 1000 } service pop3 { process_limit = 4096 process_min_avail = 6 service_count = 100 } service quota-warning { executable = script /opt/bin/quota-warning unix_listener quota-warning { mode = 0600 user = vmail } user = vmail } ssl_ca = /etc/ssl/mail.active24.pl/mail.active24.pl.ca ssl_cert = /etc/ssl/mail.active24.pl/mail.active24.pl.crt ssl_key = /etc/ssl/mail.active24.pl/mail.active24.pl.key ssl_options = no_compression ssl_prefer_server_ciphers = yes userdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } verbose_proctitle = yes protocol lmtp { mail_plugins = quota sieve syslog_facility = mail } protocol lda { info_log_path = log_path = mail_plugins = sieve quota syslog_facility = mail } protocol imap { mail_max_userip_connections = 50 mail_plugins = mail_log notify quota imap_quota } protocol pop3 { mail_plugins = mail_log notify quota quota pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s, in=%i, out=%o pop3_save_uidl = yes } W dniu 27.07.2015 o 15:03, Steffen Kaiser pisze: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 27 Jul 2015, Piotr Rotter wrote: I tryed to eneble TLS connection from postfix to dovecot lmtp. Unfortunely I have problem with certificate, postfix shows, post the output of doveconf -n 2015-07-27T12:51:15.025333+02:00 k30 postfix/lmtp[4572]: Untrusted TLS connection established to 192.168.67.30[192.168.67.30]:24: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits) I checked certs by openssl s_client: #openssl s_client -connect localhost:24 -showcerts -starttls smtp -CApath /etc/ssl/certs/ And I gets didn't found starttls in server response, try anyway... depth=0 OU = GT46258006, OU = See www.rapidssl.com/resources/cps (c)15, OU = Domain Control Validated - RapidSSL(R), CN = mail.active24.pl verify error:num=20:unable to get local issuer certificate verify return:1 depth=0 OU = GT46258006, OU = See www.rapidssl.com/resources/cps (c)15, OU = Domain Control Validated - RapidSSL(R), CN = mail.active24.pl verify error:num=27:certificate not trusted verify return:1 depth=0 OU = GT46258006, OU = See www.rapidssl.com/resources/cps (c)15, OU = Domain Control Validated - RapidSSL(R), CN = mail.active24.pl verify error:num=21:unable to verify
[Dovecot] Auth service panic
Hello, I have dovecot director on one server and today I notice 146 times the same problem. Log below. I try restart dovecot and mysql (auth-db backend) but with no effect. Please help. If any other information is needed I send it. My dovecot version is 2.1.15. 2014-03-26T16:15:28+01:00 r1 dovecot: auth: Fatal: master: service(auth): child 9883 killed with signal 6 (core dumps disabled) 2014-03-26T16:15:43+01:00 r1 dovecot: auth: Panic: file passdb-blocking.c: line 124 (passdb_blocking_lookup_credentials): assertion failed: (auth_stream_is_empty(request-extra_fields) || request-master_user != NULL) 2014-03-26T16:15:43+01:00 r1 dovecot: auth: Error: Raw backtrace: /usr/lib64/dovecot/libdovecot.so.0(+0x4469a) [0x7fdb06e1469a] - /usr/lib64/dovecot/libdovecot.so.0(+0x446de) [0x7fdb06e146de] - /usr/lib64/dovecot/libdovecot.so.0(+0x1c0ea) [0x7fdb06dec0ea] - dovecot/auth [34 wait, 1 passdb, 0 userdb](passdb_blocking_verify_plain+0) [0x41f593] - dovecot/auth [34 wait, 1 passdb, 0 userdb](auth_request_lookup_credentials+0x104) [0x413c41] - dovecot/auth [34 wait, 1 passdb, 0 userdb]() [0x41c202] - dovecot/auth [34 wait, 1 passdb, 0 userdb]() [0x4139e6] - dovecot/auth [34 wait, 1 passdb, 0 userdb](auth_request_lookup_credentials_callback+0x6a) [0x413abb] - dovecot/auth [34 wait, 1 passdb, 0 userdb](passdb_handle_credentials+0x50) [0x41f389] - dovecot/auth [34 wait, 1 passdb, 0 userdb]() [0x41f82e] - dovecot/auth [34 wait, 1 passdb, 0 userdb]() [0x41798f] - /usr/lib64/dovecot/libdovecot.so.0(io_loop_call_io+0x27) [0x7fdb06e1f68c] - /usr/lib64/dovecot/libdovecot.so.0(io_loop_handler_run+0x9e) [0x7fdb06e204ee] - /usr/lib64/dovecot/libdovecot.so.0(io_loop_run+0x27) [0x7fdb06e1f645] - /usr/lib64/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7fdb06e0d348] - dovecot/auth [34 wait, 1 passdb, 0 userdb](main+0x380) [0x41a396] - /lib64/libc.so.6(__libc_start_main+0xfd) [0x7fdb062ced2d] - dovecot/auth [34 wait, 1 passdb, 0 userdb]() [0x40ced9] 2014-03-26T16:15:43+01:00 r1 dovecot: auth: Fatal: master: service(auth): child 18546 killed with signal 6 (core dumps disabled)
[Dovecot] problem with dovecot lmtp via director
Hello, I have strange problem with delivering mails via dovecot lmtp via director and i have not idea what is wrong. After server restart bigger mails does not delivered. Postfix servers log that: 2013-04-04T19:55:38.919624+02:00 kurier9 postfix/lmtp[16620]: 3ZhWF337X5z89h3: to=piotr.rot...@active24.pl, relay=192.168.67.1[192.168.67.1]:24, delay=1987, delays=1987/0/0/0.04, dsn=4.3.0, status=deferred (host 192.168.67.1[192.168.67.1] said: 451 4.3.0 Temporary internal failure (in reply to end of DATA command)) 2013-04-04T19:58:41.238926+02:00 kurier9 postfix/lmtp[16620]: 3ZhWF337X5z89h3: to=piotr.rot...@active24.pl, relay=192.168.67.1[192.168.67.1]:24, delay=2170, delays=1990/0/0/180, dsn=4.4.2, status=deferred (conversation with 192.168.67.1[192.168.67.1] timed out while sending message body) Director server log something like that: 2013-04-04T20:00:45+02:00 r1 dovecot: lmtp(18447): Disconnect from 192.168.67.24: Temporary internal failure (in DATA) Dovecot servers log that: 2013-04-04T20:03:37.347279+02:00 k1 dovecot: lmtp(9380): Disconnect from 192.168.111.1: Connection closed (in RCPT TO) Please help because I have not idea what is wrong and queue growing up. Best regards Piotr Rotter
Re: [Dovecot] problem with dovecot lmtp via director
W dniu 04.04.2013 20:10, Timo Sirainen pisze: On Thu, 2013-04-04 at 20:08 +0200, Piotr Rotter wrote: I have strange problem with delivering mails via dovecot lmtp via director and i have not idea what is wrong. What Dovecot version in director and in backend? doveconf -n output from them? If director is v2.0, upgrade to v2.1 which has several LMTP proxy fixes. Hello, Thanks for super fast respond. Sorry I forgot paste dovecot configs. I use v2.1.13 in all servers Director config: ### ### dovecot -n # 2.1.13: /etc/dovecot/dovecot.conf # OS: Linux 2.6.39-gentoo-r3 x86_64 Gentoo Base System release 2.0.3 auth_mechanisms = plain login digest-md5 cram-md5 ntlm apop auth_verbose = yes default_client_limit = 10 default_process_limit = 1 default_vsz_limit = 512 M deliver_log_format = from=%f, msgid=%m, psize=%p: %$ director_mail_servers = 192.168.111.21 192.168.111.22 192.168.111.23 192.168.111.24 192.168.111.25 192.168.111.26 director_servers = 192.168.67.1 director_user_expire = 30 mins disable_plaintext_auth = no lmtp_proxy = yes login_greeting = Active24 Sp. z o.o. passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = box msgid from size } service auth-worker { user = root } service auth { client_limit = 10 unix_listener auth-userdb { group = dovecot mode = 0600 user = dovecot } } service director { fifo_listener login/proxy-notify { mode = 0666 } inet_listener { port = 9090 } unix_listener director-userdb { group = vmail mode = 0600 user = vmail } unix_listener login/director { mode = 0666 } } service imap-login { client_limit = 1000 executable = imap-login director process_limit = 1000 service_count = 1000 } service lmtp { inet_listener lmtp { address = 192.168.67.1 port = 24 } process_limit = 1000 process_min_avail = 5 user = vmail } service pop3-login { client_limit = 1000 executable = pop3-login director process_limit = 1000 service_count = 1000 } ssl_ca = /etc/ssl/mail.active24.pl/mail.active24.pl.ca ssl_cert = /etc/ssl/mail.active24.pl/mail.active24.pl.crt ssl_key = /etc/ssl/mail.active24.pl/mail.active24.pl.key userdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } protocol imap { mail_max_userip_connections = 20 } protocol lmtp { auth_socket_path = director-userdb } ### ### dovecot servers config: # 2.1.13: /etc/dovecot/dovecot.conf # OS: Linux 3.5.2-hardened-r4 x86_64 Gentoo Base System release 2.2 auth_mechanisms = plain login digest-md5 cram-md5 ntlm apop auth_verbose = yes default_client_limit = 1 default_process_limit = 1000 default_vsz_limit = 512 M deliver_log_format = from=%f, msgid=%m, psize=%p: %$ disable_plaintext_auth = no dotlock_use_excl = no lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes login_greeting = Active24 Sp. z o.o. mail_access_groups = vmail mail_fsync = always mail_gid = 502 mail_location = maildir:~/ mail_nfs_index = yes mail_nfs_storage = yes mail_plugins = mail_log notify quota mail_uid = 502 mmap_disable = yes passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { autocreate = Trash autocreate2 = Spam autocreate3 = Sent autocreate4 = Drafts autosubscribe = Trash autosubscribe2 = Spam autosubscribe3 = Sent autosubscribe4 = Drafts mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = box msgid from size quota = maildir quota2 = maildir:user quota quota_rule = *:storage=10GB quota_rule2 = *:messages=1 quota_rule3 = Trash:storage=+10M quota_rule4 = Trash:messages=+100 quota_warning = storage=80%% quota-warning 80 %u quota_warning2 = storage=90%% quota-warning 90 %u quota_warning3 = storage=100%% quota-warning 100 %u sieve_global_path = /etc/dovecot/sieve/default.sieve } sendmail_path = /usr/sbin/postfix service auth { client_limit = 12000 unix_listener auth-userdb { group = vmail mode = 0600 user = vmail } } service imap-login { process_limit = 1024 process_min_avail = 6 service_count = 100 } service imap { process_limit = 4096 process_min_avail = 6 service_count = 100 } service lmtp { inet_listener lmtp { address = 0.0.0.0 port = 24 } process_limit = 100 process_min_avail = 6 user = vmail } service pop3-login { process_limit = 1024 process_min_avail = 6 service_count = 100 } service pop3 { process_limit = 4096 process_min_avail = 6 service_count = 100 } service quota-warning { executable = script /opt/bin/quota-warning
Re: [Dovecot] problem with dovecot lmtp via director
W dniu 04.04.2013 20:18, Piotr Rotter pisze: W dniu 04.04.2013 20:10, Timo Sirainen pisze: On Thu, 2013-04-04 at 20:08 +0200, Piotr Rotter wrote: I have strange problem with delivering mails via dovecot lmtp via director and i have not idea what is wrong. What Dovecot version in director and in backend? doveconf -n output from them? If director is v2.0, upgrade to v2.1 which has several LMTP proxy fixes. Hello, Thanks for super fast respond. Sorry I forgot paste dovecot configs. I use v2.1.13 in all servers Director config: ### ### dovecot -n # 2.1.13: /etc/dovecot/dovecot.conf # OS: Linux 2.6.39-gentoo-r3 x86_64 Gentoo Base System release 2.0.3 auth_mechanisms = plain login digest-md5 cram-md5 ntlm apop auth_verbose = yes default_client_limit = 10 default_process_limit = 1 default_vsz_limit = 512 M deliver_log_format = from=%f, msgid=%m, psize=%p: %$ director_mail_servers = 192.168.111.21 192.168.111.22 192.168.111.23 192.168.111.24 192.168.111.25 192.168.111.26 director_servers = 192.168.67.1 director_user_expire = 30 mins disable_plaintext_auth = no lmtp_proxy = yes login_greeting = Active24 Sp. z o.o. passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = box msgid from size } service auth-worker { user = root } service auth { client_limit = 10 unix_listener auth-userdb { group = dovecot mode = 0600 user = dovecot } } service director { fifo_listener login/proxy-notify { mode = 0666 } inet_listener { port = 9090 } unix_listener director-userdb { group = vmail mode = 0600 user = vmail } unix_listener login/director { mode = 0666 } } service imap-login { client_limit = 1000 executable = imap-login director process_limit = 1000 service_count = 1000 } service lmtp { inet_listener lmtp { address = 192.168.67.1 port = 24 } process_limit = 1000 process_min_avail = 5 user = vmail } service pop3-login { client_limit = 1000 executable = pop3-login director process_limit = 1000 service_count = 1000 } ssl_ca = /etc/ssl/mail.active24.pl/mail.active24.pl.ca ssl_cert = /etc/ssl/mail.active24.pl/mail.active24.pl.crt ssl_key = /etc/ssl/mail.active24.pl/mail.active24.pl.key userdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } protocol imap { mail_max_userip_connections = 20 } protocol lmtp { auth_socket_path = director-userdb } ### ### dovecot servers config: # 2.1.13: /etc/dovecot/dovecot.conf # OS: Linux 3.5.2-hardened-r4 x86_64 Gentoo Base System release 2.2 auth_mechanisms = plain login digest-md5 cram-md5 ntlm apop auth_verbose = yes default_client_limit = 1 default_process_limit = 1000 default_vsz_limit = 512 M deliver_log_format = from=%f, msgid=%m, psize=%p: %$ disable_plaintext_auth = no dotlock_use_excl = no lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes login_greeting = Active24 Sp. z o.o. mail_access_groups = vmail mail_fsync = always mail_gid = 502 mail_location = maildir:~/ mail_nfs_index = yes mail_nfs_storage = yes mail_plugins = mail_log notify quota mail_uid = 502 mmap_disable = yes passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { autocreate = Trash autocreate2 = Spam autocreate3 = Sent autocreate4 = Drafts autosubscribe = Trash autosubscribe2 = Spam autosubscribe3 = Sent autosubscribe4 = Drafts mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = box msgid from size quota = maildir quota2 = maildir:user quota quota_rule = *:storage=10GB quota_rule2 = *:messages=1 quota_rule3 = Trash:storage=+10M quota_rule4 = Trash:messages=+100 quota_warning = storage=80%% quota-warning 80 %u quota_warning2 = storage=90%% quota-warning 90 %u quota_warning3 = storage=100%% quota-warning 100 %u sieve_global_path = /etc/dovecot/sieve/default.sieve } sendmail_path = /usr/sbin/postfix service auth { client_limit = 12000 unix_listener auth-userdb { group = vmail mode = 0600 user = vmail } } service imap-login { process_limit = 1024 process_min_avail = 6 service_count = 100 } service imap { process_limit = 4096 process_min_avail = 6 service_count = 100 } service lmtp { inet_listener lmtp { address = 0.0.0.0 port = 24 } process_limit = 100 process_min_avail = 6 user = vmail } service pop3-login { process_limit = 1024 process_min_avail = 6 service_count = 100 } service pop3 { process_limit
Re: [Dovecot] how to talk with doveadmin unix socket
W dniu 28.02.2013 08:03, Nikita Koshikov pisze: On Thu, Feb 28, 2013 at 1:53 AM, Piotr Rotter piotr.rot...@active24.plwrote: Hello, I would like to get mailbox quota by doveadm unix socket (/var/run/dovecor/doveadm-**server). I get from strace syntax of comunication: write(9, VERSION\t1\t0\nUSER\t1\tpiotr**.rot...@active24.pltpiotr.rot...@active24.pl \tservice=**doveadm\n, 60) = 60 read(9, VERSION\t1\t1\nSPID\t20805\n**, 8192) = 23 read(9, USER\t1\tpiotr.rotter@**active24.pl tpiotr.rot...@active24.pl \temail=piotr.**rot...@active24.pl piotr.rot...@active24.pl\tclear=** 7T33z456\thome=/vm/08/A/active**24.pl/piotr.rotter/\tuid=502\** tgid=502\tquota_rule=*:**storage=2097152000B\tquota_** rule2=*:messages=5\nhttp://active24.pl/piotr.rotter/%5Ctuid=502%5Ctgid=502%5Ctquota_rule=*:storage=2097152000B%5Ctquota_rule2=*:messages=5%5Cn, 8169) = 196 and I wrote super simple client in php: ?php $sock = stream_socket_client('unix:///**var/run/dovecot/doveadm-**server', $errno, $errstr); fwrite($sock, VERSION\t1\t0\nUSER\t1\tpiotr**.rot...@active24.pltpiotr.rot...@active24.pl \tservice=**doveadm\n); echo fread($sock, 4096).\n; echo fread($sock, 4096).\n; fclose($sock); ? But i get only + sign and line in errorlog as below: 2013-02-28T00:39:56.377437+01:**00 kurier9 dovecot: doveadm: Error: doveadm client not compatible with this server (mixed old and new binaries?) I would be very grateful for your help with this problem, what I doing wrong. My current dovecot version is 2.1.13 Here is my example on perl socket(TSOCK, PF_UNIX, SOCK_STREAM,0); connect(TSOCK, sockaddr_un($conf{quota_socket})); if ($? != 0) { #error here } #After connect on socket, dovecot returns + or -. Just a simple check for data. if (defined(my $answer = TSOCK)) { print TSOCK VERSION\tdoveadm-server\t1\t0\n; print TSOCK PLAIN\t$conf{'doveadm_password'}\n; TSOCK-flush; #'+' here $answer=TSOCK; print TSOCK \t$local_part\@$domain\tquota get\n; TSOCK-flush; my $quota_data = TSOCK; #+ if everything is OK $answer = TSOCK; close TSOCK; } Don't forget to set doveadm_password= in dovecot config(clearttext) and you must encode password in base64 for using in a script (after PLAIN command). PS dovecot version 2.1.15 here. Hi, Thank You for example but I still don't know what I doing wrong. I set that in master.cf service doveadm { unix_listener doveadm-server { mode = 0666 } } doveadm_password=foobar My script now look like that: $DOVEADM_PASS = base64_encode('foobar'); $sock = stream_socket_client('unix:///var/run/dovecot/doveadm-server', $errno, $errstr); echo fread($sock, 4096).\n; fwrite($sock, VERSION\tdoveadm-server\t1\t0\n); fwrite($sock, PLAIN\t$DOVEADM_PASS\n); fflush($sock); echo fread($sock, 4096).\n; fwrite($sock, \tpiotr.rot...@active24.pl\tquota get\n); fflush($sock); echo fread($sock, 4096).\n; fclose($sock); I get two times - and that in logs dovecot: doveadm: Error: doveadm client didn't authenticate as 'doveadm' Please give me any tip.
Re: [Dovecot] how to talk with doveadmin unix socket
W dniu 01.03.2013 23:14, Piotr Rotter pisze: W dniu 28.02.2013 08:03, Nikita Koshikov pisze: On Thu, Feb 28, 2013 at 1:53 AM, Piotr Rotter piotr.rot...@active24.plwrote: Hello, I would like to get mailbox quota by doveadm unix socket (/var/run/dovecor/doveadm-**server). I get from strace syntax of comunication: write(9, VERSION\t1\t0\nUSER\t1\tpiotr**.rot...@active24.pltpiotr.rot...@active24.pl \tservice=**doveadm\n, 60) = 60 read(9, VERSION\t1\t1\nSPID\t20805\n**, 8192) = 23 read(9, USER\t1\tpiotr.rotter@**active24.pl tpiotr.rot...@active24.pl \temail=piotr.**rot...@active24.pl piotr.rot...@active24.pl\tclear=** 7T33z456\thome=/vm/08/A/active**24.pl/piotr.rotter/\tuid=502\** tgid=502\tquota_rule=*:**storage=2097152000B\tquota_** rule2=*:messages=5\nhttp://active24.pl/piotr.rotter/%5Ctuid=502%5Ctgid=502%5Ctquota_rule=*:storage=2097152000B%5Ctquota_rule2=*:messages=5%5Cn, 8169) = 196 and I wrote super simple client in php: ?php $sock = stream_socket_client('unix:///**var/run/dovecot/doveadm-**server', $errno, $errstr); fwrite($sock, VERSION\t1\t0\nUSER\t1\tpiotr**.rot...@active24.pltpiotr.rot...@active24.pl \tservice=**doveadm\n); echo fread($sock, 4096).\n; echo fread($sock, 4096).\n; fclose($sock); ? But i get only + sign and line in errorlog as below: 2013-02-28T00:39:56.377437+01:**00 kurier9 dovecot: doveadm: Error: doveadm client not compatible with this server (mixed old and new binaries?) I would be very grateful for your help with this problem, what I doing wrong. My current dovecot version is 2.1.13 Here is my example on perl socket(TSOCK, PF_UNIX, SOCK_STREAM,0); connect(TSOCK, sockaddr_un($conf{quota_socket})); if ($? != 0) { #error here } #After connect on socket, dovecot returns + or -. Just a simple check for data. if (defined(my $answer = TSOCK)) { print TSOCK VERSION\tdoveadm-server\t1\t0\n; print TSOCK PLAIN\t$conf{'doveadm_password'}\n; TSOCK-flush; #'+' here $answer=TSOCK; print TSOCK \t$local_part\@$domain\tquota get\n; TSOCK-flush; my $quota_data = TSOCK; #+ if everything is OK $answer = TSOCK; close TSOCK; } Don't forget to set doveadm_password= in dovecot config(clearttext) and you must encode password in base64 for using in a script (after PLAIN command). PS dovecot version 2.1.15 here. Hi, Thank You for example but I still don't know what I doing wrong. I set that in master.cf service doveadm { unix_listener doveadm-server { mode = 0666 } } doveadm_password=foobar My script now look like that: $DOVEADM_PASS = base64_encode('foobar'); $sock = stream_socket_client('unix:///var/run/dovecot/doveadm-server', $errno, $errstr); echo fread($sock, 4096).\n; fwrite($sock, VERSION\tdoveadm-server\t1\t0\n); fwrite($sock, PLAIN\t$DOVEADM_PASS\n); fflush($sock); echo fread($sock, 4096).\n; fwrite($sock, \tpiotr.rot...@active24.pl\tquota get\n); fflush($sock); echo fread($sock, 4096).\n; fclose($sock); I get two times - and that in logs dovecot: doveadm: Error: doveadm client didn't authenticate as 'doveadm' Please give me any tip. Hi, I solve this, I found this code 266 if (size 10 || data[0] != '\0' || 267 memcmp(data+1, doveadm, 7) != 0 || data[8] != '\0') { 268 i_error(doveadm client didn't authenticate as 'doveadm'); 269 return -1; 270 } This mean that I don't understood that PLAIN is PLAIN and nothing else. That is solution: $DOVEADM_PASS = base64_encode(\0doveadm\0foobar); Thank You for help again.
Re: [Dovecot] how to talk with doveadmin unix socket
W dniu 28.02.2013 12:15, Charles Marcus pisze: On 2013-02-27 6:53 PM, Piotr Rotter piotr.rot...@active24.pl wrote: 2013-02-28T00:39:56.377437+01:00 kurier9 dovecot: doveadm: Error: doveadm client not compatible with this server (mixed old and new binaries?) Are you sure you don't have more than one version of dovecot on this system? doveconf -n output? I don't think so: # doveconf -n # 2.1.13: /etc/dovecot/dovecot.conf # OS: Linux 3.7.1-hardened-r2 x86_64 Gentoo Base System release 2.1 auth_mechanisms = plain login digest-md5 cram-md5 ntlm apop auth_verbose = yes default_client_limit = 1 default_process_limit = 1000 default_vsz_limit = 512 M deliver_log_format = from=%f, msgid=%m, psize=%p: %$ disable_plaintext_auth = no dotlock_use_excl = no lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes login_greeting = Active24 Sp. z o.o. mail_access_groups = vmail mail_fsync = always mail_gid = 502 mail_location = maildir:~/ mail_nfs_index = yes mail_nfs_storage = yes mail_plugins = mail_log notify quota mail_uid = 502 mmap_disable = yes passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { autocreate = Trash autocreate2 = Spam autocreate3 = Sent autocreate4 = Drafts autosubscribe = Trash autosubscribe2 = Spam autosubscribe3 = Sent autosubscribe4 = Drafts mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = box msgid from size quota = maildir quota2 = maildir:user quota quota_rule = *:storage=10GB quota_rule2 = *:messages=1 quota_rule3 = Trash:storage=+10M quota_rule4 = Trash:messages=+100 sieve_global_path = /etc/dovecot/sieve/default.sieve } sendmail_path = /usr/sbin/postfix service auth { client_limit = 1 unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } unix_listener auth-userdb { group = vmail mode = 0600 user = vmail } } service imap-login { process_limit = 1000 process_min_avail = 5 } service imap { process_limit = 1024 } service lmtp { inet_listener lmtp { address = 0.0.0.0 port = 24 } process_limit = 100 process_min_avail = 5 user = vmail } service pop3-login { process_limit = 1000 process_min_avail = 5 } service pop3 { process_limit = 1024 } ssl_ca = /etc/ssl/mail.active24.pl/mail.active24.pl.ca ssl_cert = /etc/ssl/mail.active24.pl/mail.active24.pl.crt ssl_key = /etc/ssl/mail.active24.pl/mail.active24.pl.key userdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } protocol lmtp { mail_plugins = quota sieve syslog_facility = mail } protocol lda { info_log_path = log_path = mail_plugins = sieve quota syslog_facility = mail } protocol imap { mail_plugins = mail_log notify quota autocreate imap_quota } protocol pop3 { mail_plugins = mail_log notify quota quota pop3_save_uidl = yes }
[Dovecot] how to talk with doveadmin unix socket
Hello, I would like to get mailbox quota by doveadm unix socket (/var/run/dovecor/doveadm-server). I get from strace syntax of comunication: write(9, VERSION\t1\t0\nUSER\t1\tpiotr.rot...@active24.pl\tservice=doveadm\n, 60) = 60 read(9, VERSION\t1\t1\nSPID\t20805\n, 8192) = 23 read(9, USER\t1\tpiotr.rot...@active24.pl\temail=piotr.rot...@active24.pl\tclear=7T33z456\thome=/vm/08/A/active24.pl/piotr.rotter/\tuid=502\tgid=502\tquota_rule=*:storage=2097152000B\tquota_rule2=*:messages=5\n, 8169) = 196 and I wrote super simple client in php: ?php $sock = stream_socket_client('unix:///var/run/dovecot/doveadm-server', $errno, $errstr); fwrite($sock, VERSION\t1\t0\nUSER\t1\tpiotr.rot...@active24.pl\tservice=doveadm\n); echo fread($sock, 4096).\n; echo fread($sock, 4096).\n; fclose($sock); ? But i get only + sign and line in errorlog as below: 2013-02-28T00:39:56.377437+01:00 kurier9 dovecot: doveadm: Error: doveadm client not compatible with this server (mixed old and new binaries?) I would be very grateful for your help with this problem, what I doing wrong. My current dovecot version is 2.1.13
Re: [Dovecot] dovecot-uidlist crashing and re retriving messages by pop3 clients
Thank you for your assistant. Broken uidlist errors appears more than 10 time less frequently then in the past and still reduce. I have question about director and no plain text auth methods. Now I have tricky query in director configuration. password_query = SELECT clear AS password, 'Y' as proxy, '%u' AS destuser, clear AS pass FROM postfix_users WHERE email = '%u' Is there some method to make it better. Master password is a bit dangerous ( man in the middle ). Is director can relay no plain text authorization with out checking. I have one more question, which is not concerned subject above. Is there any chance to set dovecot to be policy demon for postfix to check mailbox quota before mail are checking by (amavis, spamassassin, clamav) and before it is sending by lmtp. I think that it could reduce load.
[Dovecot] dovecot-uidlist crashing and re retriving messages by pop3 clients
Hello, I have issue with dovecot (v. 2.1.13)configuration after implementation dovecot-lda (I used maildrop earlier). Now i have 9 servers with storage by NFS v3. My problem is frequently dovecot-uidlist crashing. 2013-02-13T13:34:02.447969+01:00 k1 dovecot: imap(u...@domain.com): Error: Broken file /path_to_mailbox/dovecot-uidlist line 3170: Invalid data: 2013-02-13T13:34:34.527715+01:00 k1 dovecot: pop3(u...@domain.com): Error: Broken file /path_to_mailbox/dovecot-uidlist line 367: Invalid data: It happens few time in minute for diferent users and has effect to re retriving messages by pop3 clients. This my NFS mount options: (rw,tcp,vers=3,actimeo=0) 10-mail.conf options: mmap_disable = yes dotlock_use_excl = yes mail_fsync=always mail_nfs_storage = yes mail_nfs_index = yes lock_method = dotlock I do not know what I did wrong and how solve this issue. Maybe NFS v4 or fcntl locks or migration to pop3_uidl_format = %g will by solution. Please some hint. Please any help for solve this issue and sorry my english.
Re: [Dovecot] dovecot-uidlist crashing and re retriving messages by pop3 clients
I configure director temporary in some tricky way because I have to serve md5 and ntlm authentication method and I do not want reconfigure pop/imap servers. Can you confirm I done all ok becouse I have that issue: # doveadm director map doveadm(root): Error: User listing returned failure doveadm(root): Error: user listing failed user mail server ip expire time unknown 192.168.111.24 2013-02-14 00:57:34 unknown 192.168.111.21 2013-02-14 00:57:46 yet everything else works ok My password_query: password_query = SELECT clear AS password, 'Y' as proxy, '%u' AS destuser, clear AS pass FROM postfix_users WHERE email = '%u' My director server config (dovecot -n): # dovecot -n # 2.1.13: /etc/dovecot/dovecot.conf # OS: Linux 3.7.1-hardened-r2 x86_64 Gentoo Base System release 2.1 auth_mechanisms = plain login digest-md5 cram-md5 ntlm apop auth_verbose = yes default_client_limit = 1 default_process_limit = 1 default_vsz_limit = 512 M deliver_log_format = from=%f, msgid=%m, psize=%p: %$ director_mail_servers = 192.168.111.21 192.168.111.22 192.168.111.23 192.168.111.24 192.168.111.25 192.168.111.26 director_servers = 195.78.67.29 director_user_expire = 2 hours disable_plaintext_auth = no passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = box msgid from size } protocols = imap pop3 service auth { client_limit = 1 unix_listener auth-userdb { group = vmail mode = 0600 user = vmail } } service director { inet_listener { port = 9090 } unix_listener login/director { mode = 0666 } } service imap-login { executable = imap-login director } service pop3-login { executable = pop3-login director } ssl_ca = /etc/ssl/dovecot.ca ssl_cert = /etc/ssl/dovecot.crt ssl_key = /etc/ssl/dovecot.key
Re: [Dovecot] dovecot-uidlist crashing and re retriving messages by pop3 clients
I apologize for asking a question too fast without checking , I forgot look at logs. Of course missing iterate_query iterate_query = SELECT email AS user FROM postfix_users