Re: Different users having same home/mail_location?
On 24.9.2017 15:03, Sami Ketola wrote: On 23 Sep 2017, at 23.08, Tapio Sokura <oh2...@iki.fi> wrote: I have this kind of a dual-login setup via PAM for regular system user authentication and it's working ok. I'm just wondering about the dovecot part, whether dovecot will do Unexpected Things if more than one user have the same home and mail_location? If it makes any difference, the users can have separate homes, but the mailbox should be the same for usability. It would break things. Easier is just to owerwrite userid from user2 to user1 after authentication with another passdb. Thanks, overriding the userid seems to be working fine. After getting this to work I realized otp tokens aren't the best for use at the imap layer. The first authentication goes through fine. But on the next imap connections (parallelizing clients and typical webmails) the cached password/otp token has been used already and is rightfully rejected by the backend authentication system. By turning on auth caching in dovecot I jury-rigged this to work (for the duration of the auth cache), but the clean solution would be something else. Anyway I think I'll settle here for now, better than a static password anyway. Thanks for the comments and keep up the good work with Dovecot! Tapio
Re: Different users having same home/mail_location?
Hello Peter, I'm using a virtual users model in dovecot where all the mail is stored under the same OS user account anyway, so file/dir permissions won't be a problem. The system users I was referring to are actually completely separate user accounts at the moment with their own uid/gid (and passwordless sudo between them), but I guess they could use same uid/gid and just have separate entries in passwd/shadow. Anyway at the moment I'm not concerned about getting the authentication part working, but whether there's something in dovecot that will bite my sitting muscles if mail_location is the same for two users. I'm aware of the shared folders functionality mentioned by Marcus and that will probably be my fallback, if sharing a mail_location is not viable. Same mail_location would just be simpler. Tapio On 24.9.2017 0:34, Peter Chiochetti wrote: Hello Tapia, You are going to great lengths :) I assume, that PAM working means, "user" and "otheruser" are the names of system-users with the same uid, home etc? Then I do not see, why dovecot, all defaults and authenticating against PAM won't work out of the box, shouldn't it? Peter Am 2017-09-23 um 22:08 schrieb Tapio Sokura: Hello, Will I be breaking something if I have two users share the same home and/or mail_location (maildir format) in dovecot? Mail will only be delivered to the primary user, the other would be used every now and then to login via imap (webmail). This would be on a CentOS 7 box running dovecot from the packaging system, i.e. dovecot-2.2.10-8.el7 currently. The reason I'd like to do this is to have two ways to login to the same mailbox, one using username + password and the other otherusername + otherpassword + otp-token. Basically this "otherusername" would be for cases where I don't trust the client computer to not have a keylogger etc badness in it, but still need to see my mail. I have this kind of a dual-login setup via PAM for regular system user authentication and it's working ok. I'm just wondering about the dovecot part, whether dovecot will do Unexpected Things if more than one user have the same home and mail_location? If it makes any difference, the users can have separate homes, but the mailbox should be the same for usability. Tapio
Different users having same home/mail_location?
Hello, Will I be breaking something if I have two users share the same home and/or mail_location (maildir format) in dovecot? Mail will only be delivered to the primary user, the other would be used every now and then to login via imap (webmail). This would be on a CentOS 7 box running dovecot from the packaging system, i.e. dovecot-2.2.10-8.el7 currently. The reason I'd like to do this is to have two ways to login to the same mailbox, one using username + password and the other otherusername + otherpassword + otp-token. Basically this "otherusername" would be for cases where I don't trust the client computer to not have a keylogger etc badness in it, but still need to see my mail. I have this kind of a dual-login setup via PAM for regular system user authentication and it's working ok. I'm just wondering about the dovecot part, whether dovecot will do Unexpected Things if more than one user have the same home and mail_location? If it makes any difference, the users can have separate homes, but the mailbox should be the same for usability. Tapio
Re: [Dovecot] Dovecot dies, maybe ntpdate related. I'm new to dovecot
On 25.6.2010 10:53, Xavi Montero wrote: The only change done in the server one week ago has been to install ntpdate, running once per day in cron-daily. In the cron reports, ntpdate reports a time-jump of 9 seconds each Time jumps, especially backwards, are not a good thing on a server. You should really consider changing from ntpdate to for example ntpd that takes care of keeping the clock synchronized, without unnecessarily stepping the clock. You should probably do this even if the actual cause of Dovecot crashing turns out not to be the time jumps. Dovecot typically logs via syslog, so the logs go where your syslog writes them to. Usually something under /var/log. Tapio
Re: [Dovecot] expire-tool and userdb returned mail location
Timo Sirainen wrote: On Sat, 2009-12-12 at 13:46 +0200, Tapio Sokura wrote: I'm having problems with expire-tool in Dovecot 1.2.6 not finding the mailboxes. I had Here's a simple way that should work: mail_location = mbox:~/mails:INDEX=~/indexes and then you can also drop the mail field from userdb. I did that and now expire-tool is finding the mailboxes and indexes, but not removing any messages. It updates the timestamps in the expires database table 10 days to the future for folders that have 10 day expiration time. It also seems to cause the addition of a save date (with the timestamp of expire-tool execution) to the first message in a folder it looks at. I did some more digging around with idxview and talking imap to the server. It looks like save dates aren't stored when mail is delivered (via dovecot LDA) or copied to a folder via imap. I got date.save fields to appear into the cache files when I fetched x-savedate via imap as shown on the Plugins/Expire page in the wiki. Those save dates were set to the time the imap fetch was performed, not to the time when the messages were delivered or copied to the folder. Is this the way it should be working? I've had expire listed in dovecot's mail_plugins for pop3, imap and lda protocol sections for several weeks now. Tapio
[Dovecot] expire-tool and userdb returned mail location
Hello, I'm having problems with expire-tool in Dovecot 1.2.6 not finding the mailboxes. I had mail_location = mbox:/var/spool/dovecotmail/%d/%n/mails:INDEX=/var/spool/dovecotmail/%d/%n/indexes in dovecot.conf, but that doesn't work with expire-tool. So I commented that out from dovecot.conf, all the data is in a database anyway. A userdb lookup returns the following for use...@domain: home = /var/spool/dovecotmail/domain/userid/ mail = mbox:/var/spool/dovecotmail/domain/userid/mails:INDEX=/var/spool/dovecotmail/domain/userid/indexes Now when running expire-tool --test, I get this: Error: Namespace '': Mail storage autodetection failed with home=/var/spool/dovecotmail/domain/userid/ Info: User lookup failed: use...@domain When I run expire-tool under strace, I can see that it is indeed looking for the mails in the typical autodetect locations (Maildir, mail, Mail) under user's home directory. So it appers that expire-tool takes the home directory from userdb, but ignores mail location returned by userdb? Tapio
Re: [Dovecot] expire-tool and userdb returned mail location
Charles Marcus wrote: You forgot dovecot -n output... # 1.2.6: /usr/local/dovecot/etc/dovecot.conf # OS: Linux 2.6.18-164.6.1.el5 x86_64 CentOS release 5.4 (Final) base_dir: /var/run/dovecot/ protocols: imap imaps pop3 pop3s managesieve ssl_cert_file: /etc/pki/tls/certs/dovecot.crt ssl_key_file: /etc/pki/tls/private/dovecot.key disable_plaintext_auth: no login_dir: /var/run/dovecot//login login_executable(default): /usr/local/dovecot/libexec/dovecot/imap-login login_executable(imap): /usr/local/dovecot/libexec/dovecot/imap-login login_executable(pop3): /usr/local/dovecot/libexec/dovecot/pop3-login login_executable(managesieve): /usr/local/dovecot/libexec/dovecot/managesieve-login login_process_per_connection: no login_process_size: 128 verbose_proctitle: yes first_valid_uid: 95 last_valid_uid: 95 first_valid_gid: 95 last_valid_gid: 95 mail_uid: dcmail mail_gid: dcmail mbox_write_locks: fcntl mail_executable(default): /usr/local/dovecot/libexec/dovecot/imap mail_executable(imap): /usr/local/dovecot/libexec/dovecot/imap mail_executable(pop3): /usr/local/dovecot/libexec/dovecot/pop3 mail_executable(managesieve): /usr/local/dovecot/libexec/dovecot/managesieve mail_plugins(default): quota imap_quota trash expire mail_plugins(imap): quota imap_quota trash expire mail_plugins(pop3): quota expire mail_plugins(managesieve): mail_plugin_dir(default): /usr/local/dovecot/lib/dovecot/imap mail_plugin_dir(imap): /usr/local/dovecot/lib/dovecot/imap mail_plugin_dir(pop3): /usr/local/dovecot/lib/dovecot/pop3 mail_plugin_dir(managesieve): /usr/local/dovecot/lib/dovecot/managesieve imap_client_workarounds(default): delay-newmail tb-extra-mailbox-sep imap_client_workarounds(imap): delay-newmail tb-extra-mailbox-sep imap_client_workarounds(pop3): imap_client_workarounds(managesieve): pop3_uidl_format(default): %08Xu%08Xv pop3_uidl_format(imap): %08Xu%08Xv pop3_uidl_format(pop3): %08Xv%08Xu pop3_uidl_format(managesieve): %08Xu%08Xv pop3_client_workarounds(default): pop3_client_workarounds(imap): pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh pop3_client_workarounds(managesieve): namespace: type: private separator: / inbox: yes list: yes subscriptions: yes namespace: type: private separator: / prefix: INBOX/ hidden: yes list: no subscriptions: yes lda: postmaster_address: postmas...@domain mail_plugins: sieve quota trash expire auth default: mechanisms: plain login cache_size: 1000 cache_ttl: 3000 cache_negative_ttl: 0 user: dcauth username_format: %Lu passdb: driver: sql args: /usr/local/dovecot/etc/sql.conf userdb: driver: prefetch userdb: driver: sql args: /usr/local/dovecot/etc/sql.conf socket: type: listen client: path: /var/run/dovecot/auth-client mode: 432 user: postfix group: postfix master: path: /var/run/dovecot/auth-master mode: 384 user: dcmail group: dcmail plugin: quota: dict:user::proxy::quotadict quota_rule: *:storage=1000M quota_rule2: Trash:storage=100M trash: /usr/local/dovecot/etc/trash.conf expire: Trash 10 Trash/* 10 Spam 60 expire_dict: proxy::expire sieve: ~/.dovecot.sieve sieve_dir: ~/sieve sieve_after: /usr/local/dovecot/etc/sieve_after.d dict: quotadict: mysql:/usr/local/dovecot/etc/dovecot-dict-quota.conf expire: mysql:/usr/local/dovecot/etc/dovecot-dict-expire.conf
