LMPT SSL
Hello, I tryed to eneble TLS connection from postfix to dovecot lmtp. Unfortunely I have problem with certificate, postfix shows, 2015-07-27T12:51:15.025333+02:00 k30 postfix/lmtp[4572]: Untrusted TLS connection established to 192.168.67.30[192.168.67.30]:24: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits) I checked certs by openssl s_client: #openssl s_client -connect localhost:24 -showcerts -starttls smtp -CApath /etc/ssl/certs/ And I gets didn't found starttls in server response, try anyway... depth=0 OU = GT46258006, OU = See www.rapidssl.com/resources/cps (c)15, OU = Domain Control Validated - RapidSSL(R), CN = mail.active24.pl verify error:num=20:unable to get local issuer certificate verify return:1 depth=0 OU = GT46258006, OU = See www.rapidssl.com/resources/cps (c)15, OU = Domain Control Validated - RapidSSL(R), CN = mail.active24.pl verify error:num=27:certificate not trusted verify return:1 depth=0 OU = GT46258006, OU = See www.rapidssl.com/resources/cps (c)15, OU = Domain Control Validated - RapidSSL(R), CN = mail.active24.pl verify error:num=21:unable to verify the first certificate verify return:1 It look likes dovecot lmtp send 3 times the same certificate. I made the same test for imap in the same dovecot instance: #openssl s_client -connect localhost:143 -showcerts -starttls imap -CApath /etc/ssl/certs/ CONNECTED(0003) depth=2 C = US, O = GeoTrust Inc., CN = GeoTrust Global CA verify return:1 depth=1 C = US, O = GeoTrust Inc., CN = RapidSSL SHA256 CA - G3 verify return:1 depth=0 OU = GT46258006, OU = See www.rapidssl.com/resources/cps (c)15, OU = Domain Control Validated - RapidSSL(R), CN = mail.active24.pl verify return:1 For imap it looks ok. Why lmtp shows wrong certs list # dovecot --version 2.2.16 -- Pozdrawiam! / Best regards! -- Piotr Rotter Konsultant IT / IT Consultant === http://www.ACTIVE24.pl - Powerful hosting - surprisingly easy === ul. BarkociĆska 6, 03-543 Warszawa PL Email: b...@active24.pl Tel: +48 222 950 446
Re: LMPT SSL
# 2.2.16: /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.7
# OS: Linux 3.18.9-hardened x86_64 Gentoo Base System release 2.2
auth_mechanisms = plain login digest-md5 cram-md5 ntlm apop
auth_verbose = yes
default_client_limit = 1
default_process_limit = 1000
default_vsz_limit = 512 M
deliver_log_format = from=%f, msgid=%m, psize=%p: %$
disable_plaintext_auth = no
dotlock_use_excl = no
doveadm_password = yjH5KiEpCWAVLHtt
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
login_greeting = Active24 Sp. z o.o.
login_log_format_elements = user=%u method=%m rip=%r lip=%l mpid=%e %k
session=%{session}
login_trusted_networks = 192.168.67.0/27
mail_access_groups = vmail
mail_fsync = always
mail_gid = 502
mail_location = maildir:~/
mail_log_prefix = %s(%u) session=%{session}:
mail_plugins = mail_log notify quota
mail_uid = 502
maildir_very_dirty_syncs = yes
mmap_disable = yes
namespace inbox {
inbox = yes
location =
mailbox Drafts {
auto = subscribe
special_use = \Drafts
}
mailbox Sent {
auto = subscribe
special_use = \Sent
}
mailbox Spam {
auto = subscribe
special_use = \Junk
}
mailbox Trash {
auto = subscribe
special_use = \Trash
}
prefix =
}
passdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
plugin {
autosubscribe = Trash
autosubscribe2 = Spam
autosubscribe3 = Sent
autosubscribe4 = Drafts
mail_log_events = delete undelete expunge copy mailbox_delete
mailbox_rename append append
mail_log_fields = box msgid from size
quota = maildir
quota2 = maildir:user quota
quota_rule = *:storage=10GB
quota_rule2 = *:messages=1
quota_rule3 = Trash:storage=+10M
quota_rule4 = Trash:messages=+100
quota_warning = storage=80%% quota-warning 80 %u
quota_warning2 = storage=90%% quota-warning 90 %u
quota_warning3 = storage=100%% quota-warning 100 %u
sieve_global_path = /etc/dovecot/sieve/default.sieve
}
sendmail_path = /usr/sbin/postfix
service auth {
client_limit = 2
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0666
user = postfix
}
unix_listener auth-userdb {
group = vmail
mode = 0600
user = vmail
}
}
service doveadm {
unix_listener doveadm-server {
mode = 0666
}
}
service imap-login {
process_limit = 4096
process_min_avail = 6
service_count = 1000
}
service imap {
process_limit = 4096
process_min_avail = 6
service_count = 100
}
service lmtp {
inet_listener lmtp {
address = 0.0.0.0
port = 24
ssl = yes
}
process_limit = 100
process_min_avail = 5
user = vmail
}
service pop3-login {
process_limit = 4096
process_min_avail = 6
service_count = 1000
}
service pop3 {
process_limit = 4096
process_min_avail = 6
service_count = 100
}
service quota-warning {
executable = script /opt/bin/quota-warning
unix_listener quota-warning {
mode = 0600
user = vmail
}
user = vmail
}
ssl_ca = /etc/ssl/mail.active24.pl/mail.active24.pl.ca
ssl_cert = /etc/ssl/mail.active24.pl/mail.active24.pl.crt
ssl_key = /etc/ssl/mail.active24.pl/mail.active24.pl.key
ssl_options = no_compression
ssl_prefer_server_ciphers = yes
userdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
verbose_proctitle = yes
protocol lmtp {
mail_plugins = quota sieve
syslog_facility = mail
}
protocol lda {
info_log_path =
log_path =
mail_plugins = sieve quota
syslog_facility = mail
}
protocol imap {
mail_max_userip_connections = 50
mail_plugins = mail_log notify quota imap_quota
}
protocol pop3 {
mail_plugins = mail_log notify quota quota
pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s,
in=%i, out=%o
pop3_save_uidl = yes
}
W dniu 27.07.2015 o 15:03, Steffen Kaiser pisze:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Mon, 27 Jul 2015, Piotr Rotter wrote:
I tryed to eneble TLS connection from postfix to dovecot lmtp.
Unfortunely I have problem with certificate, postfix shows,
post the output of doveconf -n
2015-07-27T12:51:15.025333+02:00 k30 postfix/lmtp[4572]: Untrusted TLS
connection established to 192.168.67.30[192.168.67.30]:24: TLSv1.2
with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
I checked certs by openssl s_client:
#openssl s_client -connect localhost:24 -showcerts -starttls smtp
-CApath /etc/ssl/certs/
And I gets
didn't found starttls in server response, try anyway...
depth=0 OU = GT46258006, OU = See www.rapidssl.com/resources/cps
(c)15, OU = Domain Control Validated - RapidSSL(R), CN = mail.active24.pl
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 OU = GT46258006, OU = See www.rapidssl.com/resources/cps
(c)15, OU = Domain Control Validated - RapidSSL(R), CN = mail.active24.pl
verify error:num=27:certificate not trusted
verify return:1
depth=0 OU = GT46258006, OU = See www.rapidssl.com/resources/cps
(c)15, OU = Domain Control Validated - RapidSSL(R), CN = mail.active24.pl
verify error:num=21:unable to verify
[Dovecot] Auth service panic
Hello, I have dovecot director on one server and today I notice 146 times the same problem. Log below. I try restart dovecot and mysql (auth-db backend) but with no effect. Please help. If any other information is needed I send it. My dovecot version is 2.1.15. 2014-03-26T16:15:28+01:00 r1 dovecot: auth: Fatal: master: service(auth): child 9883 killed with signal 6 (core dumps disabled) 2014-03-26T16:15:43+01:00 r1 dovecot: auth: Panic: file passdb-blocking.c: line 124 (passdb_blocking_lookup_credentials): assertion failed: (auth_stream_is_empty(request-extra_fields) || request-master_user != NULL) 2014-03-26T16:15:43+01:00 r1 dovecot: auth: Error: Raw backtrace: /usr/lib64/dovecot/libdovecot.so.0(+0x4469a) [0x7fdb06e1469a] - /usr/lib64/dovecot/libdovecot.so.0(+0x446de) [0x7fdb06e146de] - /usr/lib64/dovecot/libdovecot.so.0(+0x1c0ea) [0x7fdb06dec0ea] - dovecot/auth [34 wait, 1 passdb, 0 userdb](passdb_blocking_verify_plain+0) [0x41f593] - dovecot/auth [34 wait, 1 passdb, 0 userdb](auth_request_lookup_credentials+0x104) [0x413c41] - dovecot/auth [34 wait, 1 passdb, 0 userdb]() [0x41c202] - dovecot/auth [34 wait, 1 passdb, 0 userdb]() [0x4139e6] - dovecot/auth [34 wait, 1 passdb, 0 userdb](auth_request_lookup_credentials_callback+0x6a) [0x413abb] - dovecot/auth [34 wait, 1 passdb, 0 userdb](passdb_handle_credentials+0x50) [0x41f389] - dovecot/auth [34 wait, 1 passdb, 0 userdb]() [0x41f82e] - dovecot/auth [34 wait, 1 passdb, 0 userdb]() [0x41798f] - /usr/lib64/dovecot/libdovecot.so.0(io_loop_call_io+0x27) [0x7fdb06e1f68c] - /usr/lib64/dovecot/libdovecot.so.0(io_loop_handler_run+0x9e) [0x7fdb06e204ee] - /usr/lib64/dovecot/libdovecot.so.0(io_loop_run+0x27) [0x7fdb06e1f645] - /usr/lib64/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7fdb06e0d348] - dovecot/auth [34 wait, 1 passdb, 0 userdb](main+0x380) [0x41a396] - /lib64/libc.so.6(__libc_start_main+0xfd) [0x7fdb062ced2d] - dovecot/auth [34 wait, 1 passdb, 0 userdb]() [0x40ced9] 2014-03-26T16:15:43+01:00 r1 dovecot: auth: Fatal: master: service(auth): child 18546 killed with signal 6 (core dumps disabled)
[Dovecot] problem with dovecot lmtp via director
Hello, I have strange problem with delivering mails via dovecot lmtp via director and i have not idea what is wrong. After server restart bigger mails does not delivered. Postfix servers log that: 2013-04-04T19:55:38.919624+02:00 kurier9 postfix/lmtp[16620]: 3ZhWF337X5z89h3: to=piotr.rot...@active24.pl, relay=192.168.67.1[192.168.67.1]:24, delay=1987, delays=1987/0/0/0.04, dsn=4.3.0, status=deferred (host 192.168.67.1[192.168.67.1] said: 451 4.3.0 Temporary internal failure (in reply to end of DATA command)) 2013-04-04T19:58:41.238926+02:00 kurier9 postfix/lmtp[16620]: 3ZhWF337X5z89h3: to=piotr.rot...@active24.pl, relay=192.168.67.1[192.168.67.1]:24, delay=2170, delays=1990/0/0/180, dsn=4.4.2, status=deferred (conversation with 192.168.67.1[192.168.67.1] timed out while sending message body) Director server log something like that: 2013-04-04T20:00:45+02:00 r1 dovecot: lmtp(18447): Disconnect from 192.168.67.24: Temporary internal failure (in DATA) Dovecot servers log that: 2013-04-04T20:03:37.347279+02:00 k1 dovecot: lmtp(9380): Disconnect from 192.168.111.1: Connection closed (in RCPT TO) Please help because I have not idea what is wrong and queue growing up. Best regards Piotr Rotter
Re: [Dovecot] problem with dovecot lmtp via director
W dniu 04.04.2013 20:10, Timo Sirainen pisze:
On Thu, 2013-04-04 at 20:08 +0200, Piotr Rotter wrote:
I have strange problem with delivering mails via dovecot lmtp via
director and i have not idea what is wrong.
What Dovecot version in director and in backend? doveconf -n output from
them? If director is v2.0, upgrade to v2.1 which has several LMTP proxy
fixes.
Hello,
Thanks for super fast respond.
Sorry I forgot paste dovecot configs.
I use v2.1.13 in all servers
Director config:
###
###
dovecot -n
# 2.1.13: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.39-gentoo-r3 x86_64 Gentoo Base System release 2.0.3
auth_mechanisms = plain login digest-md5 cram-md5 ntlm apop
auth_verbose = yes
default_client_limit = 10
default_process_limit = 1
default_vsz_limit = 512 M
deliver_log_format = from=%f, msgid=%m, psize=%p: %$
director_mail_servers = 192.168.111.21 192.168.111.22 192.168.111.23
192.168.111.24 192.168.111.25 192.168.111.26
director_servers = 192.168.67.1
director_user_expire = 30 mins
disable_plaintext_auth = no
lmtp_proxy = yes
login_greeting = Active24 Sp. z o.o.
passdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
plugin {
mail_log_events = delete undelete expunge copy mailbox_delete
mailbox_rename
mail_log_fields = box msgid from size
}
service auth-worker {
user = root
}
service auth {
client_limit = 10
unix_listener auth-userdb {
group = dovecot
mode = 0600
user = dovecot
}
}
service director {
fifo_listener login/proxy-notify {
mode = 0666
}
inet_listener {
port = 9090
}
unix_listener director-userdb {
group = vmail
mode = 0600
user = vmail
}
unix_listener login/director {
mode = 0666
}
}
service imap-login {
client_limit = 1000
executable = imap-login director
process_limit = 1000
service_count = 1000
}
service lmtp {
inet_listener lmtp {
address = 192.168.67.1
port = 24
}
process_limit = 1000
process_min_avail = 5
user = vmail
}
service pop3-login {
client_limit = 1000
executable = pop3-login director
process_limit = 1000
service_count = 1000
}
ssl_ca = /etc/ssl/mail.active24.pl/mail.active24.pl.ca
ssl_cert = /etc/ssl/mail.active24.pl/mail.active24.pl.crt
ssl_key = /etc/ssl/mail.active24.pl/mail.active24.pl.key
userdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
protocol imap {
mail_max_userip_connections = 20
}
protocol lmtp {
auth_socket_path = director-userdb
}
###
###
dovecot servers config:
# 2.1.13: /etc/dovecot/dovecot.conf
# OS: Linux 3.5.2-hardened-r4 x86_64 Gentoo Base System release 2.2
auth_mechanisms = plain login digest-md5 cram-md5 ntlm apop
auth_verbose = yes
default_client_limit = 1
default_process_limit = 1000
default_vsz_limit = 512 M
deliver_log_format = from=%f, msgid=%m, psize=%p: %$
disable_plaintext_auth = no
dotlock_use_excl = no
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
login_greeting = Active24 Sp. z o.o.
mail_access_groups = vmail
mail_fsync = always
mail_gid = 502
mail_location = maildir:~/
mail_nfs_index = yes
mail_nfs_storage = yes
mail_plugins = mail_log notify quota
mail_uid = 502
mmap_disable = yes
passdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
plugin {
autocreate = Trash
autocreate2 = Spam
autocreate3 = Sent
autocreate4 = Drafts
autosubscribe = Trash
autosubscribe2 = Spam
autosubscribe3 = Sent
autosubscribe4 = Drafts
mail_log_events = delete undelete expunge copy mailbox_delete
mailbox_rename
mail_log_fields = box msgid from size
quota = maildir
quota2 = maildir:user quota
quota_rule = *:storage=10GB
quota_rule2 = *:messages=1
quota_rule3 = Trash:storage=+10M
quota_rule4 = Trash:messages=+100
quota_warning = storage=80%% quota-warning 80 %u
quota_warning2 = storage=90%% quota-warning 90 %u
quota_warning3 = storage=100%% quota-warning 100 %u
sieve_global_path = /etc/dovecot/sieve/default.sieve
}
sendmail_path = /usr/sbin/postfix
service auth {
client_limit = 12000
unix_listener auth-userdb {
group = vmail
mode = 0600
user = vmail
}
}
service imap-login {
process_limit = 1024
process_min_avail = 6
service_count = 100
}
service imap {
process_limit = 4096
process_min_avail = 6
service_count = 100
}
service lmtp {
inet_listener lmtp {
address = 0.0.0.0
port = 24
}
process_limit = 100
process_min_avail = 6
user = vmail
}
service pop3-login {
process_limit = 1024
process_min_avail = 6
service_count = 100
}
service pop3 {
process_limit = 4096
process_min_avail = 6
service_count = 100
}
service quota-warning {
executable = script /opt/bin/quota-warning
Re: [Dovecot] problem with dovecot lmtp via director
W dniu 04.04.2013 20:18, Piotr Rotter pisze:
W dniu 04.04.2013 20:10, Timo Sirainen pisze:
On Thu, 2013-04-04 at 20:08 +0200, Piotr Rotter wrote:
I have strange problem with delivering mails via dovecot lmtp via
director and i have not idea what is wrong.
What Dovecot version in director and in backend? doveconf -n output from
them? If director is v2.0, upgrade to v2.1 which has several LMTP proxy
fixes.
Hello,
Thanks for super fast respond.
Sorry I forgot paste dovecot configs.
I use v2.1.13 in all servers
Director config:
###
###
dovecot -n
# 2.1.13: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.39-gentoo-r3 x86_64 Gentoo Base System release 2.0.3
auth_mechanisms = plain login digest-md5 cram-md5 ntlm apop
auth_verbose = yes
default_client_limit = 10
default_process_limit = 1
default_vsz_limit = 512 M
deliver_log_format = from=%f, msgid=%m, psize=%p: %$
director_mail_servers = 192.168.111.21 192.168.111.22 192.168.111.23
192.168.111.24 192.168.111.25 192.168.111.26
director_servers = 192.168.67.1
director_user_expire = 30 mins
disable_plaintext_auth = no
lmtp_proxy = yes
login_greeting = Active24 Sp. z o.o.
passdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
plugin {
mail_log_events = delete undelete expunge copy mailbox_delete
mailbox_rename
mail_log_fields = box msgid from size
}
service auth-worker {
user = root
}
service auth {
client_limit = 10
unix_listener auth-userdb {
group = dovecot
mode = 0600
user = dovecot
}
}
service director {
fifo_listener login/proxy-notify {
mode = 0666
}
inet_listener {
port = 9090
}
unix_listener director-userdb {
group = vmail
mode = 0600
user = vmail
}
unix_listener login/director {
mode = 0666
}
}
service imap-login {
client_limit = 1000
executable = imap-login director
process_limit = 1000
service_count = 1000
}
service lmtp {
inet_listener lmtp {
address = 192.168.67.1
port = 24
}
process_limit = 1000
process_min_avail = 5
user = vmail
}
service pop3-login {
client_limit = 1000
executable = pop3-login director
process_limit = 1000
service_count = 1000
}
ssl_ca = /etc/ssl/mail.active24.pl/mail.active24.pl.ca
ssl_cert = /etc/ssl/mail.active24.pl/mail.active24.pl.crt
ssl_key = /etc/ssl/mail.active24.pl/mail.active24.pl.key
userdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
protocol imap {
mail_max_userip_connections = 20
}
protocol lmtp {
auth_socket_path = director-userdb
}
###
###
dovecot servers config:
# 2.1.13: /etc/dovecot/dovecot.conf
# OS: Linux 3.5.2-hardened-r4 x86_64 Gentoo Base System release 2.2
auth_mechanisms = plain login digest-md5 cram-md5 ntlm apop
auth_verbose = yes
default_client_limit = 1
default_process_limit = 1000
default_vsz_limit = 512 M
deliver_log_format = from=%f, msgid=%m, psize=%p: %$
disable_plaintext_auth = no
dotlock_use_excl = no
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
login_greeting = Active24 Sp. z o.o.
mail_access_groups = vmail
mail_fsync = always
mail_gid = 502
mail_location = maildir:~/
mail_nfs_index = yes
mail_nfs_storage = yes
mail_plugins = mail_log notify quota
mail_uid = 502
mmap_disable = yes
passdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
plugin {
autocreate = Trash
autocreate2 = Spam
autocreate3 = Sent
autocreate4 = Drafts
autosubscribe = Trash
autosubscribe2 = Spam
autosubscribe3 = Sent
autosubscribe4 = Drafts
mail_log_events = delete undelete expunge copy mailbox_delete
mailbox_rename
mail_log_fields = box msgid from size
quota = maildir
quota2 = maildir:user quota
quota_rule = *:storage=10GB
quota_rule2 = *:messages=1
quota_rule3 = Trash:storage=+10M
quota_rule4 = Trash:messages=+100
quota_warning = storage=80%% quota-warning 80 %u
quota_warning2 = storage=90%% quota-warning 90 %u
quota_warning3 = storage=100%% quota-warning 100 %u
sieve_global_path = /etc/dovecot/sieve/default.sieve
}
sendmail_path = /usr/sbin/postfix
service auth {
client_limit = 12000
unix_listener auth-userdb {
group = vmail
mode = 0600
user = vmail
}
}
service imap-login {
process_limit = 1024
process_min_avail = 6
service_count = 100
}
service imap {
process_limit = 4096
process_min_avail = 6
service_count = 100
}
service lmtp {
inet_listener lmtp {
address = 0.0.0.0
port = 24
}
process_limit = 100
process_min_avail = 6
user = vmail
}
service pop3-login {
process_limit = 1024
process_min_avail = 6
service_count = 100
}
service pop3 {
process_limit
Re: [Dovecot] how to talk with doveadmin unix socket
W dniu 28.02.2013 08:03, Nikita Koshikov pisze:
On Thu, Feb 28, 2013 at 1:53 AM, Piotr Rotter piotr.rot...@active24.plwrote:
Hello,
I would like to get mailbox quota by doveadm unix socket
(/var/run/dovecor/doveadm-**server). I get from strace syntax of
comunication:
write(9,
VERSION\t1\t0\nUSER\t1\tpiotr**.rot...@active24.pltpiotr.rot...@active24.pl
\tservice=**doveadm\n, 60) = 60
read(9, VERSION\t1\t1\nSPID\t20805\n**, 8192) = 23
read(9, USER\t1\tpiotr.rotter@**active24.pl tpiotr.rot...@active24.pl
\temail=piotr.**rot...@active24.pl piotr.rot...@active24.pl\tclear=**
7T33z456\thome=/vm/08/A/active**24.pl/piotr.rotter/\tuid=502\**
tgid=502\tquota_rule=*:**storage=2097152000B\tquota_**
rule2=*:messages=5\nhttp://active24.pl/piotr.rotter/%5Ctuid=502%5Ctgid=502%5Ctquota_rule=*:storage=2097152000B%5Ctquota_rule2=*:messages=5%5Cn,
8169) = 196
and I wrote super simple client in php:
?php
$sock = stream_socket_client('unix:///**var/run/dovecot/doveadm-**server',
$errno, $errstr);
fwrite($sock,
VERSION\t1\t0\nUSER\t1\tpiotr**.rot...@active24.pltpiotr.rot...@active24.pl
\tservice=**doveadm\n);
echo fread($sock, 4096).\n;
echo fread($sock, 4096).\n;
fclose($sock);
?
But i get only + sign and line in errorlog as below:
2013-02-28T00:39:56.377437+01:**00 kurier9 dovecot: doveadm: Error:
doveadm client not compatible with this server (mixed old and new binaries?)
I would be very grateful for your help with this problem, what I doing
wrong.
My current dovecot version is 2.1.13
Here is my example on perl
socket(TSOCK, PF_UNIX, SOCK_STREAM,0);
connect(TSOCK, sockaddr_un($conf{quota_socket}));
if ($? != 0) {
#error here
}
#After connect on socket, dovecot returns + or -. Just a simple
check for data.
if (defined(my $answer = TSOCK)) {
print TSOCK VERSION\tdoveadm-server\t1\t0\n;
print TSOCK PLAIN\t$conf{'doveadm_password'}\n;
TSOCK-flush;
#'+' here
$answer=TSOCK;
print TSOCK \t$local_part\@$domain\tquota get\n;
TSOCK-flush;
my $quota_data = TSOCK;
#+ if everything is OK
$answer = TSOCK;
close TSOCK;
}
Don't forget to set doveadm_password= in dovecot config(clearttext) and you
must encode password in base64 for using in a script (after PLAIN command).
PS
dovecot version 2.1.15 here.
Hi,
Thank You for example but I still don't know what I doing wrong.
I set that in master.cf
service doveadm {
unix_listener doveadm-server {
mode = 0666
}
}
doveadm_password=foobar
My script now look like that:
$DOVEADM_PASS = base64_encode('foobar');
$sock = stream_socket_client('unix:///var/run/dovecot/doveadm-server',
$errno, $errstr);
echo fread($sock, 4096).\n;
fwrite($sock, VERSION\tdoveadm-server\t1\t0\n);
fwrite($sock, PLAIN\t$DOVEADM_PASS\n);
fflush($sock);
echo fread($sock, 4096).\n;
fwrite($sock, \tpiotr.rot...@active24.pl\tquota get\n);
fflush($sock);
echo fread($sock, 4096).\n;
fclose($sock);
I get two times - and that in logs
dovecot: doveadm: Error: doveadm client didn't authenticate as 'doveadm'
Please give me any tip.
Re: [Dovecot] how to talk with doveadmin unix socket
W dniu 01.03.2013 23:14, Piotr Rotter pisze:
W dniu 28.02.2013 08:03, Nikita Koshikov pisze:
On Thu, Feb 28, 2013 at 1:53 AM, Piotr Rotter
piotr.rot...@active24.plwrote:
Hello,
I would like to get mailbox quota by doveadm unix socket
(/var/run/dovecor/doveadm-**server). I get from strace syntax of
comunication:
write(9,
VERSION\t1\t0\nUSER\t1\tpiotr**.rot...@active24.pltpiotr.rot...@active24.pl
\tservice=**doveadm\n, 60) = 60
read(9, VERSION\t1\t1\nSPID\t20805\n**, 8192) = 23
read(9, USER\t1\tpiotr.rotter@**active24.pl tpiotr.rot...@active24.pl
\temail=piotr.**rot...@active24.pl piotr.rot...@active24.pl\tclear=**
7T33z456\thome=/vm/08/A/active**24.pl/piotr.rotter/\tuid=502\**
tgid=502\tquota_rule=*:**storage=2097152000B\tquota_**
rule2=*:messages=5\nhttp://active24.pl/piotr.rotter/%5Ctuid=502%5Ctgid=502%5Ctquota_rule=*:storage=2097152000B%5Ctquota_rule2=*:messages=5%5Cn,
8169) = 196
and I wrote super simple client in php:
?php
$sock =
stream_socket_client('unix:///**var/run/dovecot/doveadm-**server',
$errno, $errstr);
fwrite($sock,
VERSION\t1\t0\nUSER\t1\tpiotr**.rot...@active24.pltpiotr.rot...@active24.pl
\tservice=**doveadm\n);
echo fread($sock, 4096).\n;
echo fread($sock, 4096).\n;
fclose($sock);
?
But i get only + sign and line in errorlog as below:
2013-02-28T00:39:56.377437+01:**00 kurier9 dovecot: doveadm: Error:
doveadm client not compatible with this server (mixed old and new
binaries?)
I would be very grateful for your help with this problem, what I doing
wrong.
My current dovecot version is 2.1.13
Here is my example on perl
socket(TSOCK, PF_UNIX, SOCK_STREAM,0);
connect(TSOCK, sockaddr_un($conf{quota_socket}));
if ($? != 0) {
#error here
}
#After connect on socket, dovecot returns + or -. Just a
simple
check for data.
if (defined(my $answer = TSOCK)) {
print TSOCK VERSION\tdoveadm-server\t1\t0\n;
print TSOCK PLAIN\t$conf{'doveadm_password'}\n;
TSOCK-flush;
#'+' here
$answer=TSOCK;
print TSOCK \t$local_part\@$domain\tquota get\n;
TSOCK-flush;
my $quota_data = TSOCK;
#+ if everything is OK
$answer = TSOCK;
close TSOCK;
}
Don't forget to set doveadm_password= in dovecot config(clearttext)
and you
must encode password in base64 for using in a script (after PLAIN
command).
PS
dovecot version 2.1.15 here.
Hi,
Thank You for example but I still don't know what I doing wrong.
I set that in master.cf
service doveadm {
unix_listener doveadm-server {
mode = 0666
}
}
doveadm_password=foobar
My script now look like that:
$DOVEADM_PASS = base64_encode('foobar');
$sock = stream_socket_client('unix:///var/run/dovecot/doveadm-server',
$errno, $errstr);
echo fread($sock, 4096).\n;
fwrite($sock, VERSION\tdoveadm-server\t1\t0\n);
fwrite($sock, PLAIN\t$DOVEADM_PASS\n);
fflush($sock);
echo fread($sock, 4096).\n;
fwrite($sock, \tpiotr.rot...@active24.pl\tquota get\n);
fflush($sock);
echo fread($sock, 4096).\n;
fclose($sock);
I get two times - and that in logs
dovecot: doveadm: Error: doveadm client didn't authenticate as 'doveadm'
Please give me any tip.
Hi,
I solve this, I found this code
266 if (size 10 || data[0] != '\0' ||
267 memcmp(data+1, doveadm, 7) != 0 || data[8] != '\0') {
268 i_error(doveadm client didn't authenticate as 'doveadm');
269 return -1;
270 }
This mean that I don't understood that PLAIN is PLAIN and nothing else.
That is solution:
$DOVEADM_PASS = base64_encode(\0doveadm\0foobar);
Thank You for help again.
Re: [Dovecot] how to talk with doveadmin unix socket
W dniu 28.02.2013 12:15, Charles Marcus pisze:
On 2013-02-27 6:53 PM, Piotr Rotter piotr.rot...@active24.pl wrote:
2013-02-28T00:39:56.377437+01:00 kurier9 dovecot: doveadm: Error:
doveadm client not compatible with this server (mixed old and new
binaries?)
Are you sure you don't have more than one version of dovecot on this
system?
doveconf -n output?
I don't think so:
# doveconf -n
# 2.1.13: /etc/dovecot/dovecot.conf
# OS: Linux 3.7.1-hardened-r2 x86_64 Gentoo Base System release 2.1
auth_mechanisms = plain login digest-md5 cram-md5 ntlm apop
auth_verbose = yes
default_client_limit = 1
default_process_limit = 1000
default_vsz_limit = 512 M
deliver_log_format = from=%f, msgid=%m, psize=%p: %$
disable_plaintext_auth = no
dotlock_use_excl = no
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
login_greeting = Active24 Sp. z o.o.
mail_access_groups = vmail
mail_fsync = always
mail_gid = 502
mail_location = maildir:~/
mail_nfs_index = yes
mail_nfs_storage = yes
mail_plugins = mail_log notify quota
mail_uid = 502
mmap_disable = yes
passdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
plugin {
autocreate = Trash
autocreate2 = Spam
autocreate3 = Sent
autocreate4 = Drafts
autosubscribe = Trash
autosubscribe2 = Spam
autosubscribe3 = Sent
autosubscribe4 = Drafts
mail_log_events = delete undelete expunge copy mailbox_delete
mailbox_rename
mail_log_fields = box msgid from size
quota = maildir
quota2 = maildir:user quota
quota_rule = *:storage=10GB
quota_rule2 = *:messages=1
quota_rule3 = Trash:storage=+10M
quota_rule4 = Trash:messages=+100
sieve_global_path = /etc/dovecot/sieve/default.sieve
}
sendmail_path = /usr/sbin/postfix
service auth {
client_limit = 1
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0666
user = postfix
}
unix_listener auth-userdb {
group = vmail
mode = 0600
user = vmail
}
}
service imap-login {
process_limit = 1000
process_min_avail = 5
}
service imap {
process_limit = 1024
}
service lmtp {
inet_listener lmtp {
address = 0.0.0.0
port = 24
}
process_limit = 100
process_min_avail = 5
user = vmail
}
service pop3-login {
process_limit = 1000
process_min_avail = 5
}
service pop3 {
process_limit = 1024
}
ssl_ca = /etc/ssl/mail.active24.pl/mail.active24.pl.ca
ssl_cert = /etc/ssl/mail.active24.pl/mail.active24.pl.crt
ssl_key = /etc/ssl/mail.active24.pl/mail.active24.pl.key
userdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
protocol lmtp {
mail_plugins = quota sieve
syslog_facility = mail
}
protocol lda {
info_log_path =
log_path =
mail_plugins = sieve quota
syslog_facility = mail
}
protocol imap {
mail_plugins = mail_log notify quota autocreate imap_quota
}
protocol pop3 {
mail_plugins = mail_log notify quota quota
pop3_save_uidl = yes
}
[Dovecot] how to talk with doveadmin unix socket
Hello,
I would like to get mailbox quota by doveadm unix socket
(/var/run/dovecor/doveadm-server). I get from strace syntax of comunication:
write(9,
VERSION\t1\t0\nUSER\t1\tpiotr.rot...@active24.pl\tservice=doveadm\n,
60) = 60
read(9, VERSION\t1\t1\nSPID\t20805\n, 8192) = 23
read(9,
USER\t1\tpiotr.rot...@active24.pl\temail=piotr.rot...@active24.pl\tclear=7T33z456\thome=/vm/08/A/active24.pl/piotr.rotter/\tuid=502\tgid=502\tquota_rule=*:storage=2097152000B\tquota_rule2=*:messages=5\n,
8169) = 196
and I wrote super simple client in php:
?php
$sock = stream_socket_client('unix:///var/run/dovecot/doveadm-server',
$errno, $errstr);
fwrite($sock,
VERSION\t1\t0\nUSER\t1\tpiotr.rot...@active24.pl\tservice=doveadm\n);
echo fread($sock, 4096).\n;
echo fread($sock, 4096).\n;
fclose($sock);
?
But i get only + sign and line in errorlog as below:
2013-02-28T00:39:56.377437+01:00 kurier9 dovecot: doveadm: Error:
doveadm client not compatible with this server (mixed old and new binaries?)
I would be very grateful for your help with this problem, what I doing
wrong.
My current dovecot version is 2.1.13
Re: [Dovecot] dovecot-uidlist crashing and re retriving messages by pop3 clients
Thank you for your assistant. Broken uidlist errors appears more than 10 time less frequently then in the past and still reduce. I have question about director and no plain text auth methods. Now I have tricky query in director configuration. password_query = SELECT clear AS password, 'Y' as proxy, '%u' AS destuser, clear AS pass FROM postfix_users WHERE email = '%u' Is there some method to make it better. Master password is a bit dangerous ( man in the middle ). Is director can relay no plain text authorization with out checking. I have one more question, which is not concerned subject above. Is there any chance to set dovecot to be policy demon for postfix to check mailbox quota before mail are checking by (amavis, spamassassin, clamav) and before it is sending by lmtp. I think that it could reduce load.
[Dovecot] dovecot-uidlist crashing and re retriving messages by pop3 clients
Hello, I have issue with dovecot (v. 2.1.13)configuration after implementation dovecot-lda (I used maildrop earlier). Now i have 9 servers with storage by NFS v3. My problem is frequently dovecot-uidlist crashing. 2013-02-13T13:34:02.447969+01:00 k1 dovecot: imap(u...@domain.com): Error: Broken file /path_to_mailbox/dovecot-uidlist line 3170: Invalid data: 2013-02-13T13:34:34.527715+01:00 k1 dovecot: pop3(u...@domain.com): Error: Broken file /path_to_mailbox/dovecot-uidlist line 367: Invalid data: It happens few time in minute for diferent users and has effect to re retriving messages by pop3 clients. This my NFS mount options: (rw,tcp,vers=3,actimeo=0) 10-mail.conf options: mmap_disable = yes dotlock_use_excl = yes mail_fsync=always mail_nfs_storage = yes mail_nfs_index = yes lock_method = dotlock I do not know what I did wrong and how solve this issue. Maybe NFS v4 or fcntl locks or migration to pop3_uidl_format = %g will by solution. Please some hint. Please any help for solve this issue and sorry my english.
Re: [Dovecot] dovecot-uidlist crashing and re retriving messages by pop3 clients
I configure director temporary in some tricky way because I have to
serve md5 and ntlm authentication method and I do not want reconfigure
pop/imap servers.
Can you confirm I done all ok becouse I have that issue:
# doveadm director map
doveadm(root): Error: User listing returned failure
doveadm(root): Error: user listing failed
user
mail server ip expire
time
unknown
192.168.111.24
2013-02-14 00:57:34
unknown
192.168.111.21
2013-02-14 00:57:46
yet everything else works ok
My password_query:
password_query = SELECT clear AS password, 'Y' as proxy, '%u' AS
destuser, clear AS pass FROM postfix_users WHERE email = '%u'
My director server config (dovecot -n):
# dovecot -n
# 2.1.13: /etc/dovecot/dovecot.conf
# OS: Linux 3.7.1-hardened-r2 x86_64 Gentoo Base System release 2.1
auth_mechanisms = plain login digest-md5 cram-md5 ntlm apop
auth_verbose = yes
default_client_limit = 1
default_process_limit = 1
default_vsz_limit = 512 M
deliver_log_format = from=%f, msgid=%m, psize=%p: %$
director_mail_servers = 192.168.111.21 192.168.111.22 192.168.111.23
192.168.111.24 192.168.111.25 192.168.111.26
director_servers = 195.78.67.29
director_user_expire = 2 hours
disable_plaintext_auth = no
passdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
plugin {
mail_log_events = delete undelete expunge copy mailbox_delete
mailbox_rename
mail_log_fields = box msgid from size
}
protocols = imap pop3
service auth {
client_limit = 1
unix_listener auth-userdb {
group = vmail
mode = 0600
user = vmail
}
}
service director {
inet_listener {
port = 9090
}
unix_listener login/director {
mode = 0666
}
}
service imap-login {
executable = imap-login director
}
service pop3-login {
executable = pop3-login director
}
ssl_ca = /etc/ssl/dovecot.ca
ssl_cert = /etc/ssl/dovecot.crt
ssl_key = /etc/ssl/dovecot.key
Re: [Dovecot] dovecot-uidlist crashing and re retriving messages by pop3 clients
I apologize for asking a question too fast without checking , I forgot look at logs. Of course missing iterate_query iterate_query = SELECT email AS user FROM postfix_users
