Re: [Dovecot] Released 1.0.rc31

2007-04-10 Thread Vincent Bernat
OoO Lors  de la  soirée naissante  du lundi 09  avril 2007,  vers 17:03,
Daniel L. Miller [EMAIL PROTECTED] disait:

 It would be quite convenient to have support for multiple SSL server
 certificates, based on remote IP address.  When a single IMAP server
 supports both LAN clients and WAN clients, at times either or both the
 domain names or server names may vary - and then a single server
 certificate results in some clients receiving SSL warnings.

Did you try AltSubjectName in your certificate ? I didn't find a current
client that fails to recognize this, yet.
-- 
panic(esp: what could it be... I wonder...);
2.2.16 /usr/src/linux/drivers/scsi/esp.c


Re: [Dovecot] /etc/passwd authentication anomalies

2007-04-10 Thread Timo Sirainen

On 9.4.2007, at 22.21, Stewart Dean wrote:

I am using the base AIX Unix authentication with NIS.  There is a  
base /etc/password file (though the passwords are in a funny, IBM- 
peculiar file, /etc/security/passed) of just 18 lines...since NIS  
is in use, the last line is the standard for-anything-you-don't- 
find-here-try NIS indicator:

+::0:0:::

When I start up DC, I get these error massages:

Apr  9 14:44:59 mercury mail:err|error dovecot: auth(default):  
passwd-file /etc/passwd: User root has invalid UID 0
Apr  9 14:44:59 mercury mail:err|error dovecot: auth(default):  
passwd-file /etc/passwd: User kmem has invalid GID 0
Apr  9 14:44:59 mercury mail:err|error dovecot: auth(default):  
passwd-file /etc/passwd: User ipsec has invalid GID 0
Apr  9 14:44:59 mercury mail:err|error dovecot: auth(default):  
passwd-file /etc/passwd: User + has invalid UID 0


So is this intentional that you're using passwd-file instead of  
passwd? passwd-file isn't really meant to be used to read the  
standard /etc/passwd and so it gives these kind of warnings at  
startup. If you're using this as passdb, it'll probably allow user  
+ to log in with an empty password.





PGP.sig
Description: This is a digitally signed message part


Re: [Dovecot] rc31 - deferring operation: binding

2007-04-10 Thread Timo Sirainen

On 10.4.2007, at 4.04, Ben Beuchler wrote:


As I understand it, the new auth_bind code is extremely careful about
flushing all pending operations before attempting to perform the
authentication bind.  If that's the case, any idea why OpenLDAP is
deferring the binding operations so frequently?  So far it hasn't
caused any login problems, but it's quite disconcerting given the
expected behavior described in the Changelog.


Well, I've really no idea. I know it works for many people and I  
couldn't get it to break when stress testing with hundreds of  
connections per second.


Is there anything else in slapd logs? For example I found this with  
google: http://www.openldap.org/lists/openldap-software/200507/ 
msg00063.html




PGP.sig
Description: This is a digitally signed message part


Re: [Dovecot] Dovecot 1.0rc30 message ownership set as root mail

2007-04-10 Thread Timo Sirainen
On Sun, 2007-04-08 at 13:18 -0600, Mel Llaguno wrote:

 I've compiled the latest release candidate of dovecot and I am 
 encountering a strange problem when mail is delivered. I have my 
 installation configured to use Maildir. When messages arrive, they
 are 
 placed in the correct user directory, but the ownership for
 individual 
 messages is set to root and the group set to mail.
..
 -rw---  1 root mail 1805 2007-04-08 13:02 _AqG.VxTGGB.mjolnir:2,

What delivers the mails to maildir? You're not using Dovecot LDA because
Dovecot doesn't create filenames like this. So your problem really has
nothing to do with Dovecot, but rather the configuration of your MTA or
mail delivery agent.





signature.asc
Description: This is a digitally signed message part


Re: [Dovecot] Convert plugin mbox to maildir has no effect

2007-04-10 Thread Timo Sirainen
On Sun, 2007-04-08 at 23:26 +0200, Frank Elsner wrote:
 Apr  8 23:13:36 seymour dovecot: IMAP(migrant): Mailbox conversion: Couldn't 
 create mailbox directory .gnome2_private

Maildir uses . as hierarchy separator, so this filename is invalid.
I'm not sure if convert_skip_broken_mailboxes=yes should just cause
these to be ignored, but for now it doesn't..


signature.asc
Description: This is a digitally signed message part


Re: [Dovecot] Convert plugin mbox to maildir has no effect

2007-04-10 Thread Frank Elsner
On Tue, 10 Apr 2007 17:06:02 +0300 Timo Sirainen wrote:
 On Sun, 2007-04-08 at 23:26 +0200, Frank Elsner wrote:
  Apr  8 23:13:36 seymour dovecot: IMAP(migrant): Mailbox conversion: 
  Couldn't create mailbox directory .gnome2_private
 
 Maildir uses . as hierarchy separator, so this filename is invalid.
 I'm not sure if convert_skip_broken_mailboxes=yes should just cause
 these to be ignored, but for now it doesn't..

Could this behaviour be changed?

I guess it's not a rare case for installations with UW-IMAP and
would make the switch to dovecot much more attractive :-)


Regards, Frank Elsner 



Re: [Dovecot] Convert plugin mbox to maildir has no effect

2007-04-10 Thread Frank Elsner
On Tue, 10 Apr 2007 17:39:14 +0300 Timo Sirainen wrote:
 On Tue, 2007-04-10 at 16:15 +0200, Frank Elsner wrote:
  On Tue, 10 Apr 2007 17:06:02 +0300 Timo Sirainen wrote:
   On Sun, 2007-04-08 at 23:26 +0200, Frank Elsner wrote:
Apr  8 23:13:36 seymour dovecot: IMAP(migrant): Mailbox conversion: 
Couldn't create mailbox directory .gnome2_private
   
   Maildir uses . as hierarchy separator, so this filename is invalid.
   I'm not sure if convert_skip_broken_mailboxes=yes should just cause
   these to be ignored, but for now it doesn't..
  
  Could this behaviour be changed?
 
 Won't do anything to v1.0. Maybe for v1.0.1. Anyway already implemented
 to CVS HEAD (which will become v1.1):

Thanks. I'll give it a try.

  [ ... ]

  | plugin {
  |   convert_mail = mbox:~/:INBOX=/var/mail/%u
  |   convert_skip_broken_mailboxes=yes
  
  
  Currently this doesn't work :-(
 
 You mean it doesn't work because you have these dot-directories? It
 would work if you didn't have them..

Tell this to the .gnome* and similiar people :-)


--Frank



Re: [Dovecot] quota warning - take 2

2007-04-10 Thread Timo Sirainen
On Wed, 2007-04-04 at 17:34 +0200, Nicolas Boullis wrote:
 
  This would make it easy. That code is already written, but it's not
 in
  Dovecot's CVS yet. It would be useful also in dovecot-auth.
 Originally I
  was thinking about using the code to replace the waitpid() calls in
  master, but that change got a bit complex so I forgot about it then.
 
 OK, then I guess I should consider it when I do the porting to current
 CVS HEAD. Right? 

Yea.

 By the way, any documentation I should read about quota
 setups, quota rules, and quota roots for IMAP? When I had a look at
 the
 quota backport for 1.0, I failed to understand how things work
 together...

v1.0's quota code is somewhat kludgy. Quota setup is nothing, forget
that. It's already removed from CVS HEAD. I think the examples in
dovecot-example.conf should help with understanding quota rules and
roots:

  # Quota limits are set using quota_rule parameters, either in here or in
  # userdb. It's also possible to give mailbox-specific limits, for example:
  #   quota_rule = *:storage=1048576
  #   quota_rule2 = Trash:storage=102400
  # User has now 1GB quota, but when saving to Trash mailbox the user gets
  # additional 100MB.
  #
  # Multiple quota roots are also possible, for example:
  #   quota = dict:user::proxy::quota
  #   quota2 = dict:domain:%d:proxy::quota_domain
  #   quota_rule = *:storage=102400
  #   quota2_rule = *:storage=1048576
  # Gives each user their own 100MB quota and one shared 1GB quota within
  # the domain.

 Does this mean it looks good enough for you and you have nothing to
 criticize? Wow!

I was mostly concerned about if the the configuration should be done
like that or somehow differently. But I think it's good now. With CVS
HEAD you'd have to support multiple quota roots though, so:

quota_warning = ..
quota_warning2 = ..
quota2_warning = ..

There are also some minor coding style things to keep it consistent, but
I'll change them when I merge the code. And :2 needs to be removed here,
it's a GCC extension:

+   enum quota_warning_limit_kind storage_limit_kind:2;
+   enum quota_warning_limit_kind count_limit_kind:2;



signature.asc
Description: This is a digitally signed message part


Re: [Dovecot] Connection refused with auth-master after upgrading to Dovecot 1.0 rc 28

2007-04-10 Thread Jason Warner
Timo,

I really want to thank you for taking the time to look at this. I'm a newbie
with a little Linux experience, so I'm in charge of the mail server. It
makes it nice to deal with someone who really knows what they are doing.

 -Original Message-
 From: Timo Sirainen [mailto:[EMAIL PROTECTED]
 Sent: Tuesday, April 10, 2007 8:46 AM
 To: Jason Warner
 Cc: 'Jason Warner'; dovecot@dovecot.org
 Subject: Re: [Dovecot] Connection refused with auth-master after
 upgradingto Dovecot 1.0 rc 28
 
 On Mon, 2007-04-09 at 08:45 -0600, Jason Warner wrote:
 Apr  2 12:56:32 mail deliver([EMAIL PROTECTED]):
 net_connect(/var/run/dovecot/auth-master) failed: Connection
refused
   
Delete this file. Restart Dovecot. Does it get recreated?
   
When I delete the file and restart Dovecot it is recreated.
  
   Does this then happen every time when running deliver? Does netstat
   show that dovecot-auth is listening in that path?
 
  When running deliver from the command line, I do not get the error. The
  error only appears when deliver is run from Postfix.
 
 And you gave deliver -d parameter when running from command line? If it
 works from there but not from Postfix, then the problem has something to
 do with how deliver is started. Did you try running as the same user as
 what Postfix runs it with?

When I run deliver with the -d parameter, it does deliver a message to the
intended user. I've tried just about everything I know how to do with the
Dovecot LDA in the master.cf config file for Postfix. Here is the line as it
stands now:

# Dovecot LDA
dovecot   unix  -   n   n   -   -   pipe
  flags=DRhu user=vmail:mail argv=/usr/libexec/dovecot/deliver -d
${recipient}

That line worked just fine up until the update. After some looking, we were
running 1.0 rc 15 so this step up to 28 was quite a move. Fortunately, the
mail server is working with our virtual setup, but our vacation message
setup relied on the sieve portions of the Dovecot LDA. Thanks again for
taking a look at this.

 
  Netstat shows the following when running.
 
  unix  2  [ ACC ] STREAM LISTENING 255526 private/dovecot
  unix  2  [ ACC ] STREAM LISTENING 1176428
  /var/run/dovecot/auth-master
 
 So it should be accepting connections.
 
  It appears that the auth-master is running. How would I check to make
 sure
  that it is listening and responding properly to requests?
 
 There really isn't any other way than to run deliver. auth_debug=yes
 will also log something whenever deliver is run and dovecot-auth sees
 something.




Re: [Dovecot] rc31 - deferring operation: binding

2007-04-10 Thread Ben Beuchler

Is there anything else in slapd logs?


I haven't been able to identify anything of consequence.


For example I found this with google: 
http://www.openldap.org/lists/openldap-software/200507/
msg00063.html


Aye, I saw that as well.  Unfortunately, Howard points out that the
author of that message was mistaken and, as near as I can tell, the
only solution anyone could come up with was to upgrade.  I'm already
running the current stable OpenLDAP.

I'll try to track down more info.

-Ben


Re: [Dovecot] Connection refused with auth-master after upgrading to Dovecot 1.0 rc 28

2007-04-10 Thread Timo Sirainen
On Tue, 2007-04-10 at 09:11 -0600, Jason Warner wrote:

 When I run deliver with the -d parameter, it does deliver a message to
 the
 intended user. I've tried just about everything I know how to do with
 the
 Dovecot LDA in the master.cf config file for Postfix. Here is the line
 as it
 stands now:
 
 # Dovecot LDA
 dovecot   unix  -   n   n   -   -   pipe
   flags=DRhu user=vmail:mail argv=/usr/libexec/dovecot/deliver -d
 ${recipient} 

So what about running deliver as vmail?

sudo su vmail -s /usr/libexec/dovecot/deliver -d [EMAIL PROTECTED]

What OS do you use? Do you use SELinux or anything like that?



signature.asc
Description: This is a digitally signed message part


Re: [Dovecot] Connection refused with auth-master after upgradingto Dovecot 1.0 rc 28

2007-04-10 Thread Jason Warner


 -Original Message-
 From: Timo Sirainen [mailto:[EMAIL PROTECTED]
 Sent: Tuesday, April 10, 2007 9:24 AM
 To: Jason Warner
 Cc: 'Jason Warner'; dovecot@dovecot.org
 Subject: RE: [Dovecot] Connection refused with auth-master after
 upgradingto Dovecot 1.0 rc 28
 
 On Tue, 2007-04-10 at 09:11 -0600, Jason Warner wrote:
 
  When I run deliver with the -d parameter, it does deliver a message to
  the
  intended user. I've tried just about everything I know how to do with
  the
  Dovecot LDA in the master.cf config file for Postfix. Here is the line
  as it
  stands now:
 
  # Dovecot LDA
  dovecot   unix  -   n   n   -   -   pipe
flags=DRhu user=vmail:mail argv=/usr/libexec/dovecot/deliver -d
  ${recipient}
 
 So what about running deliver as vmail?
 
 sudo su vmail -s /usr/libexec/dovecot/deliver -d [EMAIL PROTECTED]
 
 What OS do you use? Do you use SELinux or anything like that?

Sorry, I forgot to mention that when I tried the -d parameter, I was running
as the vmail user and everything went just fine.

We're running Fedora Core 6. I've disabled SELinux on our mail box. There
have been SELinux updates recently. I'm not sure if they would affect our
mail server with SELinux disabled.





[Dovecot] TLS handshake errors, frozen IMAP

2007-04-10 Thread Ben Beuchler

Another new issue has cropped up with my rc1 - rc31 upgrade:

This morning, right around the typical morning email surge, Dovecot
stopped accepting new IMAP connections.  I didn't get a chance to do
much troubleshooting and a restart of Dovecot fixed it.  The only
thing I've been able to find in the logs is a bunch of entries like
this one:

Apr 10 09:11:36 cliff dovecot: imap-login: Disconnected:
rip=150.253.80.90, lip=150.253.10.10, TLS handshake
Apr 10 09:11:36 cliff dovecot: imap-login: Disconnected:
rip=150.253.80.208, lip=150.253.10.10, TLS handshake
Apr 10 09:11:37 cliff dovecot: imap-login: Disconnected:
rip=150.253.91.156, lip=150.253.10.10, TLS handshake

And a few like this:
Apr 10 09:17:48 cliff dovecot: imap-login: Disconnected: Shutting
down: rip=66.93.16.227, lip=150.253.10.10, TLS handshake

Any idea what that might indicate?

-Ben


Re: [Dovecot] Connection refused with auth-master after upgradingto Dovecot 1.0 rc 28

2007-04-10 Thread Timo Sirainen
On Tue, 2007-04-10 at 09:32 -0600, Jason Warner wrote:
 Sorry, I forgot to mention that when I tried the -d parameter, I was
 running
 as the vmail user and everything went just fine.

I'm running out of ideas. strace could be helpful. Run:

strace -o /tmp/deliver.log deliver -d ..

Both as standalone and in Postfix. What's different in the log file?



signature.asc
Description: This is a digitally signed message part


Re: [Dovecot] TLS handshake errors, frozen IMAP

2007-04-10 Thread Timo Sirainen
On Tue, 2007-04-10 at 10:34 -0500, Ben Beuchler wrote:
 Apr 10 09:11:36 cliff dovecot: imap-login: Disconnected:
 rip=150.253.80.90, lip=150.253.10.10, TLS handshake

This means that client started SSL/TLS handshake, but it wasn't
finished. Why that might happen, I don't really know. verbose_ssl=yes
might show something, but just as well might not.

Do you have login_process_per_connection=yes? If so and if it happened
to all connections, there was something wrong with the global state.

Hmm. Do you see something like this in the error log:

Waiting for SSL parameter file



signature.asc
Description: This is a digitally signed message part


Re: [Dovecot] Convert plugin mbox to maildir has no effect

2007-04-10 Thread guenther
On Tue, 2007-04-10 at 17:06 +0300, Timo Sirainen wrote:
 On Sun, 2007-04-08 at 23:26 +0200, Frank Elsner wrote:
  Apr  8 23:13:36 seymour dovecot: IMAP(migrant): Mailbox conversion: 
  Couldn't create mailbox directory .gnome2_private
 
 Maildir uses . as hierarchy separator, so this filename is invalid.
 I'm not sure if convert_skip_broken_mailboxes=yes should just cause
 these to be ignored, but for now it doesn't..

Just spotted the above error message (deleted previous posts already),
and it strikes me as seriously odd.

Dots in mbox file names are usually embedded (as in dovecot.org),
where it makes sense, as opposed to beginning with a dot. Even worse,
this particular name is kind of weird for a mail folder...

However, this name is well known to me:

  [EMAIL PROTECTED] ~]$ ls -ld .gnome2_private
  drwx--  2 guenther users 4096 Jul 21  2005 .gnome2_private/

I'd check where the Maildir data actually is being created and what
files are being attempted to convert. Almost looks like the Maildir dirs
are being created in the users $HOME...

  guenther


-- 
char *t=[EMAIL PROTECTED];
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;il;i++){ i%8? c=1:
(c=*++x); c128  (s+=h); if (!(h=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}



Re: [Dovecot] Dovecot 1.0rc30 message ownership set as root mail

2007-04-10 Thread Mel Llaguno

Thanks for your help. I suspected as much. I use procmail as the LDA.

Mel

Timo Sirainen wrote:

On Sun, 2007-04-08 at 13:18 -0600, Mel Llaguno wrote:

  
I've compiled the latest release candidate of dovecot and I am 
encountering a strange problem when mail is delivered. I have my 
installation configured to use Maildir. When messages arrive, they
are 
placed in the correct user directory, but the ownership for
individual 
messages is set to root and the group set to mail.


..
  

-rw---  1 root mail 1805 2007-04-08 13:02 _AqG.VxTGGB.mjolnir:2,



What delivers the mails to maildir? You're not using Dovecot LDA because
Dovecot doesn't create filenames like this. So your problem really has
nothing to do with Dovecot, but rather the configuration of your MTA or
mail delivery agent.



  




[Dovecot] Dovecot Assertion on mail server with POP3 and LDAP authentication

2007-04-10 Thread Tim Alberts
Running two Fedora 6 systems with all the latest updates as of a week 
ago.  One system is the mail server (sendmail, dovecot), the other is 
the master (open)LDAP server with the mail server running a slave LDAP 
instance.


The problem I'm having is the client pop3 users are frequently being 
told their passwords aren't correct by their email clients (Outlook, 
Eudora).  They try again, a couple times and eventually it works.  I've 
seen it on my own account and when I test their accounts, occasionally 
it just doesn't take the password.  I've only had this trouble since I 
implemented the LDAP authentication.


Checking through the server maillog, I see the following entry:

Apr  4 08:44:38 msi2 dovecot: auth(default): dovecot-auth: 
../../../libraries/liblber/io.c:491: ber_get_next: Assertion 
`ber-ber_buf == ((void *)0)' failed.
Apr  4 08:44:38 msi2 dovecot: auth(default): 
pam(secretuser,192.168.0.200): Child process died
Apr  4 08:44:38 msi2 dovecot: auth(default): PAM: Child 14564 died with 
signal 6
Apr  4 08:44:38 msi2 dovecot: pop3-login: Aborted login: 
user=secretuser, method=PLAIN, rip=192.168.0.200, lip=192.168.0.11



This seems to point out that dovecot is the problem, but again, I didn't 
have this trouble until I implemented the LDAP authentication.  So my 
question is, anyone know a solution?  If not, anyone got a suggestion of 
where I should look for more clues or support?  Or any suggestions at all?


Thanks for any help.


Following is the dovecot version and configuration

[EMAIL PROTECTED] ~]# dovecot --version
1.0.rc15
[EMAIL PROTECTED] ~]# dovecot -n
# /etc/dovecot.conf
protocols: pop3
listen:
login_dir: /var/run/dovecot/login
login_executable: /usr/libexec/dovecot/pop3-login
mail_executable: /usr/libexec/dovecot/pop3
mail_plugin_dir: /usr/lib/dovecot/pop3
pop3_client_workarounds: outlook-no-nuls oe-ns-eoh
auth default:
 passdb:
   driver: pam
 userdb:
   driver: passwd
[EMAIL PROTECTED] ~]#



Re: [Dovecot] Dovecot Assertion on mail server with POP3 and LDAP authentication

2007-04-10 Thread Timo Sirainen

On 10.4.2007, at 19.48, Tim Alberts wrote:

Apr  4 08:44:38 msi2 dovecot: auth(default): dovecot-auth: ../../../ 
libraries/liblber/io.c:491: ber_get_next: Assertion `ber-ber_buf  
== ((void *)0)' failed.
Apr  4 08:44:38 msi2 dovecot: auth(default): pam(secretuser, 
192.168.0.200): Child process died

..

 passdb:
   driver: pam
 userdb:
   driver: passwd


So you're using pam_ldap and nss_ldap. See http://wiki.dovecot.org/ 
AuthDatabase/Passwd


So I'd suggest upgrading.



PGP.sig
Description: This is a digitally signed message part


[Dovecot] Dovecot deliver agent - dovecot.conf permissions

2007-04-10 Thread Daniel L. Miller
I started playing with deliver, and saw a permission error in the logs 
for dovecot.conf.  Under my distro install, /etc/dovecot.conf was 
installed owner/group root, with only user rw rights.  I added other 
read privileges and deliver is happy - is this necessary?


--
Daniel



Re: [Dovecot] Connection refused with auth-master afterupgradingto Dovecot 1.0 rc 28

2007-04-10 Thread Timo Sirainen

On 10.4.2007, at 19.30, Jason Warner wrote:


 write(6, [EMAIL PROTECTED]..., 55) = 55

..

write(6, [EMAIL PROTECTED]..., 54) = 54


Your original error was: net_connect(/var/run/dovecot/auth-master)  
failed: Connection refused. However here both of them were  
successfully connected to, and this shows that the authentication  
handshake was successfully sent. So I think it wrote a different  
error message to Dovecot's logs this time.




PGP.sig
Description: This is a digitally signed message part


Re: [Dovecot] Connection refused with auth-master afterupgradingto Dovecot 1.0 rc 28

2007-04-10 Thread Jason Warner
 On 10.4.2007, at 19.30, Jason Warner wrote:
 
   write(6, [EMAIL PROTECTED]..., 55) = 55
 ..
  write(6, [EMAIL PROTECTED]..., 54) = 54
 
 Your original error was: net_connect(/var/run/dovecot/auth-master)
 failed: Connection refused. However here both of them were
 successfully connected to, and this shows that the authentication
 handshake was successfully sent. So I think it wrote a different
 error message to Dovecot's logs this time.

I'm afraid that I've tampered with stuff so much on this server that things
have changed from when I originally posted. 

Apr 10 10:12:14 mail postfix/smtpd[562]: A7F1B168734:
client=mail.domain.com[127.0.0.1]
Apr 10 10:12:14 mail postfix/cleanup[496]: A7F1B168734:
message-id=[EMAIL PROTECTED]
Apr 10 10:12:14 mail postfix/qmgr[452]: A7F1B168734: from=[EMAIL PROTECTED],
size=2600, nrcpt=1 (queue active)
Apr 10 10:12:14 mail postfix/smtp[464]: E4B351686E4: to=[EMAIL PROTECTED],
relay=127.0.0.1[127.0.0.1]:10024, delay=7, delays=0.22/0/0.01/6.8,
dsn=2.6.0, status=sent (250 2.6.0 Ok, id=31657-06, from MTA: 250 2.0.0 Ok:
queued as A7F1B168734)
Apr 10 10:12:15 mail dovecot: auth(default): file auth-request.c: line 474
(auth_request_lookup_credentials_callback): assertion failed:
(request-state == AUTH_REQUEST_STATE_PASSDB)
Apr 10 10:12:15 mail dovecot: auth(default): Raw backtrace: dovecot-auth
[0x806bb91] - dovecot-auth [0x806baac] - dovecot-auth [0x80552ce] -
dovecot-auth [0x805f2bd] - dovecot-auth [0x805f684] - dovecot-auth
[0x805906b] - dovecot-auth(io_loop_handler_run+0x110) [0x806ef30] -
dovecot-auth(io_loop_run+0x1c) [0x806e27c] - dovecot-auth(main+0x2fe)
[0x805a51e] - /lib/libc.so.6(__libc_start_main+0xdc) [0x673f2c] -
dovecot-auth {0x8050ba1]
Apr 10 10:12:15 mail dovecot: child 31532 (auth) killed with signal 6
Apr 10 10:12:15 mail postfix/pipe[563]: A7F1B168734: to=[EMAIL PROTECTED],
relay=dovecot, delay=0.75, delays=0.24/0.06/0/0.45, dsn=4.3.0,
status=deferred (temporary failure)

This looks like the auth fails due to some error, but I'm not sure what.

Apr 10 10:13:55 mail postfix/qmgr[864]: A7F1B168734: from=[EMAIL PROTECTED],
size=2600, nrcpt=1 (queue active)
Apr 10 10:13:55 mail postfix/pipe[890]: A7F1B168734: to=[EMAIL PROTECTED],
relay=dovecot, delay=101, delays=101/0.02/0/0.11, dsn=2.0.0, status=sent
(delivered via dovecot service)
Apr 10 10:13:55 mail postfix/qmgr[864]: A7F1B168734: removed

At this point, it looks like there was a retry and the dovecot service
delivers the mail, but the mail disappears into thin air. The problem is
that I have a ton of mail flooding the server and errors are overwritten
before I can take a look at them. I wasn't even able to compare the same
mail being sent in the delivery logs because by the time I stopped the
logging more mail had come into the system.




Re: [Dovecot] Dovecot Assertion on mail server with POP3 and LDAP authentication

2007-04-10 Thread Tim Alberts

Timo Sirainen wrote:

On 10.4.2007, at 19.48, Tim Alberts wrote:

Apr  4 08:44:38 msi2 dovecot: auth(default): dovecot-auth: 
../../../libraries/liblber/io.c:491: ber_get_next: Assertion 
`ber-ber_buf == ((void *)0)' failed.
Apr  4 08:44:38 msi2 dovecot: auth(default): 
pam(secretuser,192.168.0.200): Child process died

..

 passdb:
   driver: pam
 userdb:
   driver: passwd


So you're using pam_ldap and nss_ldap. See 
http://wiki.dovecot.org/AuthDatabase/Passwd


So I'd suggest upgrading.



Thank you for the quick response.  It doesn't look like the problem I'm 
having though?  I don't have problems with people getting other peoples 
email.  I have problems with the Assertion errors that I mentioned.


I do see that Fedora has updated packages available for Fedora so I'll 
upgrade and see what happens.





[Dovecot] get userlogin for shell script

2007-04-10 Thread Dirk Schleicher

Hello,

how can I get some information if a user is connect to the dovecot imap?
I like to build a script what asked if there is a connect. If yes the 
loop until no connect an then stop dovecot.


How can I do this?

Thanks

Dirk


Re: [Dovecot] Connection refused with auth-master afterupgradingto Dovecot 1.0 rc 28

2007-04-10 Thread Jason Warner


 -Original Message-
 From: Timo Sirainen [mailto:[EMAIL PROTECTED]
 Sent: Tuesday, April 10, 2007 11:45 AM
 To: Dovecot Mailing List
 Cc: Jason Warner; 'Jason Warner'
 Subject: Re: [Dovecot] Connection refused with auth-master
 afterupgradingto Dovecot 1.0 rc 28
 
 On 10.4.2007, at 20.35, Timo Sirainen wrote:
 
  On 10.4.2007, at 20.22, Jason Warner wrote:
 
  Apr 10 10:12:15 mail dovecot: auth(default): file auth-request.c:
  line 474
  (auth_request_lookup_credentials_callback): assertion failed:
  (request-state == AUTH_REQUEST_STATE_PASSDB)
 
  Oh. So the connection refused happens because dovecot-auth crashes.
  Now this is beginning to make sense. The easiest way to fix this is
  to add allow_all_users to userdb static's args. I'll try to figure
  out why this crash is happening.

Adding allow_all_users to my userdb static args gets rid of the previous
error message, but now the logs contain this message:

Apr 10 11:48:28 mail deliver([EMAIL PROTECTED]): setgid(999) failed: Operation
not permitted
Apr 10 11:48:28 mail postfix/pipe[17576]: 95FC916872D: to=[EMAIL PROTECTED],
relay=dovecot, delay=0.31, delays=0.26/0.02/0/0.02, dsn=2.0.0, status=sent
(delivered via dovecot service)

999 is the gid of my vmail user.

 
 Do you have core file in Dovecot's base_dir (/var/run/dovecot/ or /
 usr/local/var/run/dovecot/ probably)? If so, could you do:
 
 gdb /path/to/dovecot-auth /path/to/core
 bt full
 fr 4
 p *request
 
 (I think fr 4 is correct to give a usable output for p *request, if
 it just says No symbol try with different fr numbers. It's anyway
 the one that bt full shows auth_request_lookup_credentials_callback()
 being in)
 

I couldn't find a core dump file in the base_dir (/var/run/dovecot). Is
there a way to force a core dump?





Re: [Dovecot] Connection refused with auth-master afterupgradingto Dovecot 1.0 rc 28

2007-04-10 Thread Timo Sirainen

On 10.4.2007, at 21.33, Jason Warner wrote:

I still didn't get a core dump in /var/run/dovecot. Should I be  
looking
somewhere else? That is the directory that the base_dir variable is  
set to

in my dovecot.conf file.


Well, another way would be to attach gdb directly into dovecot-auth  
while it's still running:


gdb attach `pidof dovecot-auth`
cont
(wait for crash)
bt full
fr 4
p *request

Anyway I should be able to figure out the assert by looking at the  
code too. Just a bit more difficult, since a couple of minutes wasn't  
enough. :)


I tried this with both the allow_all_users set and without it set.  
That was

the fix though. By adding allow_all_users to my userdb static args,
everything is running just fine.


Only problem with that is that it doesn't know if the user exists or  
not. So depending on how you've set up permissions, it's possible  
that it delivers mails to unknown users as well, creating the  
directories if needed..


PGP.sig
Description: This is a digitally signed message part


Re: [Dovecot] Connection refused with auth-master afterupgradingto Dovecot 1.0 rc 28

2007-04-10 Thread Jason Warner
 On 10.4.2007, at 21.33, Jason Warner wrote:
 
  I still didn't get a core dump in /var/run/dovecot. Should I be
  looking
  somewhere else? That is the directory that the base_dir variable is
  set to
  in my dovecot.conf file.
 
 Well, another way would be to attach gdb directly into dovecot-auth
 while it's still running:
 
 gdb attach `pidof dovecot-auth`
 cont
 (wait for crash)
 bt full
 fr 4
 p *request
 
 Anyway I should be able to figure out the assert by looking at the
 code too. Just a bit more difficult, since a couple of minutes wasn't
 enough. :)

Here's the best I could do:

(gdb) bt full
#0  0x004b9402 in __kernel_vsyscall ()
No symbol table info available.
#1  0x00686d40 in raise () from /lib/libc.so.6
No symbol table info available.
#2  0x00688591 in abort () from /lib/libc.so.6
No symbol table info available.
#3  0x0806bb9a in i_error ()
No symbol table info available.
#4  0x0806baac in i_panic ()
No symbol table info available.
#5  0x080552ce in auth_request_lookup_credentials_callback ()
No symbol table info available.
#6  0x0805f2bd in passdb_cache_init ()
No symbol table info available.
#7  0x0805f684 in passdb_cache_init ()
No symbol table info available.
#8  0x0805906b in db_ldap_connect ()
No symbol table info available.
#9  0x0806ef30 in io_loop_handler_run ()
No symbol table info available.
#10 0x0806e27c in io_loop_run ()
No symbol table info available.
#11 0x0805a51e in main ()
No symbol table info available.

It looks like a stack trace, but the p *request just gives No symbol table
info available for all 11 integers.

 
  I tried this with both the allow_all_users set and without it set.
  That was
  the fix though. By adding allow_all_users to my userdb static args,
  everything is running just fine.
 
 Only problem with that is that it doesn't know if the user exists or
 not. So depending on how you've set up permissions, it's possible
 that it delivers mails to unknown users as well, creating the
 directories if needed..

That is a problem. I'll go back to Postfix's virtual delivery method until I
don't have to use the allow_all_users flag.




[Dovecot] error creating subfolders

2007-04-10 Thread John Harper
I'm running rc31 and I've come across a weird little error in creating
subfolders that's only apparent in a specific situation. I recently
moved our entire campus from UW to dovecot, and as part of that
migration, and following the wiki, I have some namespaces:
##default namespace
namespace private {
separator = /
prefix = 
inbox = yes
}
#for backwards compatibility:
namespace private {
separator = /
prefix = mail/
hidden = yes
}
namespace private {
 separator = /
 prefix = ~/mail/
 hidden = yes   
}

which absorb the typical configuration previously used wherein the
email client had the imap server folder set to mail/ or similar, and
which still remains on most clients. All of this works perfectly fine,
and all users see their mail folders properly. Currently everyone is
still in mbox format, and as far as I can tell, users can also create
email folders without problems (ie single files in the file system
containing messages).

But one user discovered that it does not work to create folder
containers (ie directories in the filesystem) that would contain other
email folders, no matter how one appended / or checked the right box
(or having me add the tb-extra-mailbox-sep client workaround --
they're using Thunderbird). Their client config still had mail/ as the
server imap directory, and when I cleared that out, then everything
worked perfectly.

So it's a bit weird that everything works fine with the namespaces,
except the one operation of creating the subfolder.

John Harper
-
Systems Manager
Information and Instructional Technology Services
University of Toronto Scarborough
[EMAIL PROTECTED]




[Dovecot] Having a problem with mbox/inbox

2007-04-10 Thread Nick Le Mouton
Hi,

I've just installed dovecot on a RHEL 4 server. I'm using postfix as my MTA.

Everything seems to work well when I have a home dir for the user, but I
don't like to clutter up my /home/ dir with dirs for users that will never
use them (other than mail).

Is there no way to just use /var/mail/user (I think in mbox format?). I have
no interest at this time of using IMAP, this is purely for POP3.

Thanks
Nick



Re: [Dovecot] rc31 - deferring operation: binding

2007-04-10 Thread Ben Beuchler

The really frustrating thing, of course, is that I really have no
proof whatsoever that the occasional auth failures (all authentication
attempts hang until Dovecot is restarted) have anything to do with the


Sorry; cut myself off.

The really frustrating thing, of course, is that I really have no
proof whatsoever that the occasional auth failures (all authentication
attempts hang until Dovecot is restarted) have anything to do with the
deferred binding issue.

-Ben


[Dovecot] WebmAdmin for DoveCot

2007-04-10 Thread Azher Amin

Hi,

I am using Dovecot with Sendmail in my environment. So far I am doing 
manual operations like adding new users, aliases, setting quota etc.


Is there any WebAdmin interface that works with 'Dovecot and Sendmail' 
and can help in above tasks, plz suggest.


Regards
-Azher

--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.



Re: [Dovecot] WebmAdmin for DoveCot

2007-04-10 Thread Ken Anderson

Azher Amin wrote:

Hi,

I am using Dovecot with Sendmail in my environment. So far I am doing 
manual operations like adding new users, aliases, setting quota etc.


Is there any WebAdmin interface that works with 'Dovecot and Sendmail' 
and can help in above tasks, plz suggest.


You might get most of the way with Webmin, but most systems differ so 
that you'd probably be happier if you 'rolled your own' out of the 
available peices: pam, saslauthd, pam-mysql, mysql, postgres, ldap, and 
your favorite programming/scripting languages.

Ken Anderson
Pacific.Net




Regards
-Azher





Re: [Dovecot] rc31 - deferring operation: binding

2007-04-10 Thread Troy Engel

Ben Beuchler wrote:


I installed a virgin install of OpenLDAP 2.3.32 directly on the mail
server, copied over my LDAP database, pointed Dovecot at it, and
started it up.  I immediately started getting the same log entries:


Some ideas from the peanut gallery here -- if you run 'ldd 
dovecot-auth', what openldap library is it linked into? Have you tried 
compiling dovecot against this new 2.3.32 openldap install?



cliff:~ root# egrep -v '(^$|^#)' /opt/dovecot/etc/dovecot-ldap.conf
ldap_version = 3


Have you tried binding as version 2, just to see what happens?

-te

--
Troy Engel | Systems Engineer
Fluid Inc. | http://www.fluid.com