Re: [Dovecot] Using global und per-user sieve scripts at the same time
Nikolay Shopik schrieb:
> On 26.11.2007 18:57, Matthias Kellermann wrote:
>> Nikolay Shopik schrieb:
>>> You forgot to insert this one, where users sieve files stored.
>>>
>>> plugin {
>>> sieve = /var/mail/store/%u/sieve
>>> }
>>
>> Thanks for your answer Nikolay. But I think this won't do the trick.
>> This setting will override the global setting as well. At the moment I'm
>> using the default location for the sieve scripts in the user's home dir.
>>
>> Matthias
>>
>
> Very strange but in my case global rules still works even if user have
> their own sieve rules. So spam still moved to junk folder ;).
Hmm, so you have an entry like this in your LDA section:
global_script_path = /usr/local/etc/sieve/spam
Where spam is the file with the global sieve rules. Then you have the
following entry in the plugin section:
sieve = /var/mail/store/%u/sieve
Where sieve ist the per-user sieve file, right? Is /var/mail/store the
same location where you save the user's email?
Matthias
Re: [Dovecot] telnet virtual users
jan gestre wrote: -ERR Authentication failed. I've also telnet it using imap to no avail. Is there another way to do this? Well, my first guess would be you haven't enabled plain text passwords on unencrypted links. By default, Dovecot doesn't allow plain text passwords without SSL. Either change the config, or try the "s_client" command from "openssl". -- Curtis Maloney [EMAIL PROTECTED]
Re: [Dovecot] dovecot imap hangs
Charles Marcus wrote: On 11/26/2007, russ ([EMAIL PROTECTED]) wrote: dovecot-1.0-1.2.rc15.el5 This is very old - please upgrade and see if it fixes it... too many fixes between the current version (1.0.7) and 1.0rc15 to even try to mention... I just upgraded to the 1.0.7 rpm from http://atrpms.net/dist/el5/dovecot/ - will see if this helps. Thanks, Russ
Re: [Dovecot] quota rewrite patch
On Mon, 2007-11-12 at 12:04 +0100, Paweł Panek wrote: > #0 0xac4d006a in quota_mailbox_transaction_commit (ctx=0x80f3978, flags=0) > at quota-storage.c:75 > 75 if (qt->tmp_mail != NULL) > (gdb) bt full I uploaded http://dovecot.org/patches/1.0/quota-rewrite-1.0.8.diff which fixes this. I'm not sure if it applies to 1.0.7, but I'll release Dovecot v1.0.8 soon anyway.. signature.asc Description: This is a digitally signed message part
Re: [Dovecot] Dovecots Deliver being to verbose
On Mon, 2007-11-26 at 19:53 +0100, Dominik Schulz wrote: > I've got dovecot 1.0rc15 running on a Debian etch box toegether with deliver > and exim4 backend by a mysql userdb. .. > mail_debug = no Uncomment this line, otherwise deliver still thinks that it's enabled. This has been fixed in newer versions. signature.asc Description: This is a digitally signed message part
Re: [Dovecot] dovecot imap hangs
Yes. I looked all through the log file and saw nothing, which is what makes this so painfully annoying. I guess I have to find a more up to date RPM. Russ Sent from my Verizon Wireless BlackBerry -Original Message- From: Timo Sirainen <[EMAIL PROTECTED]> Date: Tue, 27 Nov 2007 04:52:48 To:russ <[EMAIL PROTECTED]> Cc:dovecot@dovecot.org Subject: Re: [Dovecot] dovecot imap hangs On Mon, 2007-11-26 at 20:12 -0500, russ wrote: > It just happened again and Squirrelmail reported: > > *ERROR: Connection dropped by IMAP server. > > *I see no errors in /var/log/maillog and I get the same timeout > happening in squirrelmail as well as thunderbird. Please help!!! Are you sure errors are logged to /var/log/maillog? See http://wiki.dovecot.org/Logging
[Dovecot] Dovecots Deliver being to verbose
Hi,
I've got dovecot 1.0rc15 running on a Debian etch box toegether with deliver
and exim4 backend by a mysql userdb.
Everythin is working fine, except that deliver is much to verbose. It prints
lots of information, including the password, for every mail delivered to the
syslog.
The problem here is that I don't wan't the password to be printed to a log
somewhere.
How can I turn this off?
Relevant log entrys below.
Best Regards
Dominik
Example from delivers logfile:
deliver([EMAIL PROTECTED]): "2007-11-26 19:37:40 "Info: auth input: [EMAIL
PROTECTED]
deliver([EMAIL PROTECTED]): "2007-11-26 19:37:40 "Info: auth input: [EMAIL
PROTECTED]
deliver([EMAIL PROTECTED]): "2007-11-26 19:37:40 "Info: auth input:
password=password
deliver([EMAIL PROTECTED]): "2007-11-26 19:37:40 "Info: auth input:
home=/home/mail/host.tld/user
deliver([EMAIL PROTECTED]): "2007-11-26 19:37:40 "Info: auth input: uid=8
deliver([EMAIL PROTECTED]): "2007-11-26 19:37:40 "Info: auth input: gid=8
deliver([EMAIL PROTECTED]): "2007-11-26 19:37:40 "Info: Loading modules from
directory: /usr/lib/dovecot/modules/lda
deliver([EMAIL PROTECTED]): "2007-11-26 19:37:40 "Info: Module loaded:
/usr/lib/dovecot/modules/lda/lib90_cmusieve_plugin.so
deliver([EMAIL PROTECTED]): "2007-11-26 19:37:40 "Info: maildir:
data=/home/mail/host.tld/user/Maildir
deliver([EMAIL PROTECTED]): "2007-11-26 19:37:40 "Info: maildir:
root=/home/mail/host.tld/user/Maildir, index=/home/mail/host.tld/user/Maildir,
control=, inbox=
deliver([EMAIL PROTECTED]): "2007-11-26 19:37:40 "Info: cmusieve: Using sieve
path: /home/mail/host.tld/user/.dovecot.sieve
deliver([EMAIL PROTECTED]): "2007-11-26 19:37:42 "Info: msgid=<[EMAIL
PROTECTED]>: saved mail to dovecot
Dovecot.conf w/o comments:
base_dir = /var/run/dovecot/
protocols = imap imaps pop3 pop3s
disable_plaintext_auth = no
shutdown_clients = yes
log_path = /var/log/dovecot.log
log_timestamp = "%Y-%m-%d %H:%M:%S "
ssl_disable = no
ssl_cert_file = /etc/ssl/certs/cert.crt
ssl_key_file = /etc/ssl/certs/key.pem
ssl_parameters_regenerate = 168
ssl_cipher_list = ALL:!LOW
login_dir = /var/run/dovecot/login
login_chroot = yes
login_user = dovecot
login_process_size = 32
login_process_per_connection = yes
login_processes_count = 3
login_max_processes_count = 128
login_max_connections = 256
login_greeting = Mailserver (powered by Dovecot) ready.
mail_location = maildir:/home/mail/%d/%n/Maildir
namespace private {
separator =
prefix =
location =
inbox = yes
}
mail_extra_groups = mail
mail_debug = no
first_valid_uid = 8
last_valid_uid = 8
max_mail_processes = 1024
mail_process_size = 256
mail_max_keyword_length = 50
umask = 0077
mbox_read_locks = fcntl
mbox_write_locks = dotlock fcntl
mbox_dotlock_change_timeout = 120
protocol imap {
imap_max_line_length = 65536
login_greeting_capability = yes
}
protocol pop3 {
pop3_uidl_format = %08Xu%08Xv
}
protocol lda {
postmaster_address = [EMAIL PROTECTED]
mail_plugin_dir = /usr/lib/dovecot/modules/lda
sendmail_path = /usr/lib/sendmail
auth_socket_path = /var/run/dovecot/auth-master
mail_plugins = cmusieve
}
auth_process_size = 256
auth_cache_size = 256
auth_cache_ttl = 3600
auth_username_chars =
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
auth_verbose = no
auth_debug = no
auth_debug_passwords = no
auth default {
mechanisms = plain
passdb pam {
}
passdb sql {
args = /etc/dovecot/dovecot-sql.conf
}
userdb passwd {
}
userdb prefetch {
}
userdb sql {
args = /etc/dovecot/dovecot-sql.conf
}
user = root
socket listen {
master {
path = /var/run/dovecot/auth-master
mode = 0600
}
client {
path = /var/run/dovecot/auth-client
mode = 0600
user = mail
group = mail
}
}
}
dict {
}
plugin {
}
Re: [Dovecot] Mailbox is in inconsistent state
On Mon, 2007-11-26 at 15:54 -0700, Dion Hollenbeck wrote: > At 11:50 AM 11/26/2007, Timo Sirainen wrote: > >On 26.11.2007, at 18.50, Dion Hollenbeck wrote: > > > >>>lip=:::192.168.1.101 > >>>Nov 26 10:26:47 parrot dovecot: POP3(hollen): UIDVALIDITY changed > >>>(1196019076 -> 1196097977) in mbox file /var/mail/hollen > > > >I think there's a problem with mailbox autodetection. If /var/mail/ > >hollen file ever gets deleted, Dovecot fallbacks to using ~/mail/ > >inbox. Set explicitly: > > > >mail_location = mbox:~/mail:INBOX=/var/mail/%u > > > >That hopefully fixes this. > > That did not fix it. Thanks anyway. Oh, now I notice you mentioned you use Pine to access the mailbox directly. That explains the error, since it uses the same headers as Dovecot. But I don't know why Pine would change the UIDVALIDITY, since it should be compatible with how Dovecot uses it.. One solution at least would be to make Pine access the mailbox via IMAP instead of doing it directly. signature.asc Description: This is a digitally signed message part
Re: [Dovecot] telnet virtual users
On Mon, 2007-11-26 at 17:06 -0800, jan gestre wrote: > -ERR Authentication failed. Set auth_debug=yes and look at the logs. Make sure you're looking at the right logs: http://wiki.dovecot.org/Logging signature.asc Description: This is a digitally signed message part
Re: [Dovecot] dovecot imap hangs
On Mon, 2007-11-26 at 20:12 -0500, russ wrote: > It just happened again and Squirrelmail reported: > > *ERROR: Connection dropped by IMAP server. > > *I see no errors in /var/log/maillog and I get the same timeout > happening in squirrelmail as well as thunderbird. Please help!!! Are you sure errors are logged to /var/log/maillog? See http://wiki.dovecot.org/Logging signature.asc Description: This is a digitally signed message part
Re: [Dovecot] dovecot imap hangs
On 11/26/2007, russ ([EMAIL PROTECTED]) wrote: dovecot-1.0-1.2.rc15.el5 This is very old - please upgrade and see if it fixes it... too many fixes between the current version (1.0.7) and 1.0rc15 to even try to mention... -- Best regards, Charles
Re: [Dovecot] dovecot imap hangs
It just happened again and Squirrelmail reported:
*ERROR: Connection dropped by IMAP server.
*I see no errors in /var/log/maillog and I get the same timeout
happening in squirrelmail as well as thunderbird. Please help!!!
Russ
All,
I recently did a fresh install/setup on centos 5 to replace my older
courier-imap and all seemed to go well until today I started to notice
that it simply hangs. I use thunderbird and squirrel mail and after a
while it seems like I"m simply rejected. I'm almost guessing that it
has to do with the session timing out and then dovecot is unwilling or
unable to renew the session. I can't login and there is little or no
information in the logs. I've set up a cron job to restart dovecot
every 5 minutes to deal with this for now.
I'm new to dovecot, what sort of info should I send to you guys?
I'm using centos 5, qmail-ldap and Maildir for my mail format.
OpenLDAP: slapd 2.3.27
dovecot-1.0-1.2.rc15.el5
my /etc/dovecot.conf
===
mail_location = maildir:%h
namespace private {
prefix = INBOX.
inbox = yes
}
mail_debug = yes
maildir_copy_with_hardlinks = yes
auth default {
mechanisms = plain
passdb ldap {
# Path for LDAP configuration file, see doc/dovecot-ldap.conf for
example
args = /etc/dovecot-ldap.conf
}
userdb ldap {
args = /etc/dovecot-ldap.conf
}
}
===
my dovecot-ldap.conf
===
# This file is opened as root, so it should be owned by root and mode
0600.
#
# NOTE: If you're not using authentication binds, you'll need to give
# dovecot-auth read access to userPassword field in the LDAP server.
# With OpenLDAP this is done by modifying /etc/ldap/slapd.conf. There
should
# already be something like this:
# access to attribute=userPassword
#by dn="" read # add this
#by anonymous auth
#by self write
#by * none
# Space separated list of LDAP hosts to use. host:port is allowed too.
hosts =127.0.0.1:389
# LDAP URIs to use. You can use this instead of hosts list. Note that
this
# setting isn't supported by all LDAP libraries.
#uris =
# Distinguished Name - the username used to login to the LDAP server
#dn = dn=cn=Manager,dc=cttechhosting,dc=net
dnpass=secret
# Password for LDAP server
#dnpass =
# Use SASL binding instead of the simple binding. Note that this changes
# ldap_version automatically to be 3 if it's lower. Also note that
SASL binds
# and auth_bind=yes don't work together.
#sasl_bind = no
# SASL mechanism name to use.
#sasl_mech =
# SASL realm to use.
#sasl_realm =
# SASL authorization ID, ie. the dnpass is for this "master user", but
the
# dn is still the logged in user. Normally you want to keep this empty.
#sasl_authz_id =
# Use authentication binding for verifying password's validity. This
works by
# logging into LDAP server using the username and password given by
client.
# The pass_filter is used to find the DN for the user. Note that the
pass_attrs
# is still used, only the password field is ignored in it. Before
doing any
# search, the binding is switched back to the default DN.
auth_bind = yes
# If authentication binding is used, you can save one LDAP request per
login
# if users' DN can be specified with a common template. The template
can use
# the standard %variables (see user_filter). Note that you can't
# use any pass_attrs if you use this setting.
#
# If you use this setting, it's a good idea to use a different
# dovecot-ldap.conf for userdb (it can even be a symlink, just as long
as the
# filename is different in userdb's args). That way one connection is
used only
# for LDAP binds and another connection is used for user lookups.
Otherwise
# the binding is changed to the default DN before each user lookup.
#
# For example:
# auth_bind_userdn = cn=%u,ou=people,o=org
#
auth_bind_userdn = uid=%u,ou=accounts,dc=cttechhosting,dc=net
# LDAP protocol version to use. Likely 2 or 3.
#ldap_version = 2
ldap_version=3
# LDAP base. %variables can be used here.
base = ou=accounts,dc=cttechhosting,dc=net
# Dereference: never, searching, finding, always
#deref = never
# Search scope: base, onelevel, subtree
#scope = subtree
# User attributes are given in LDAP-name=dovecot-internal-name list. The
# internal names are:
# uid - System UID
# gid - System GID
# home - Home directory
# mail - Mail location
#
# There are also other special fields which can be returned, see
# http://wiki.dovecot.org/UserDatabase/ExtraFields
user_attrs =
mailMessageStore=home,qmailUID=uid,qmailGID=gid,mailMessageStore=mail
# Filter for user lookup. Some variables can be used (see
# http://wiki.dovecot.org/Variables for full list):
# %u - username
# %n - user part in [EMAIL PROTECTED], same as %u if there's no domain
# %d - domain part in [EMAIL PROTECTED], empty if user there's no domain
user_filter = (&(objectClass=qmailUser)(uid=%u))
# Password checking attributes:
# user: Virtual user name ([EMAIL PROTECTED]), if you wish to change the
#
[Dovecot] telnet virtual users
Hi Guys, I've installed postfix + dovecot + postfixadmin + mysql in my CentOS 4.5 box and I would like to test it using telnet however I can't telnet it using the following syntax: $ telnet localhost pop3 Trying 127.0.0.1... Connected to localhost.localdomain (127.0.0.1). Escape character is '^]'. +OK Dovecot ready. user [EMAIL PROTECTED] pass password -ERR Authentication failed. I've also telnet it using imap to no avail. Is there another way to do this? TIA
Re: [Dovecot] Embracing .99
Joe Allesi -X (joallesi - Coyote Creek Consulting at Cisco) wrote: high-profile applications. However, does anyone know of a sane method to use maildir on RHEL 4.x without switching over to Postfix? Use Dovecot 1.0x and the default Exim that ships with RHEL4, it all works smooth as glass. As mentioned the only thing you lose support for is Dovecot, and additionally Exim has great per-user filtering capabilities which negate the need to even use procmail. fwiw, -te -- Troy Engel | Systems Engineer Fluid, Inc | http://www.fluid.com
[Dovecot] dovecot imap hangs
All,
I recently did a fresh install/setup on centos 5 to replace my older
courier-imap and all seemed to go well until today I started to notice
that it simply hangs. I use thunderbird and squirrel mail and after a
while it seems like I"m simply rejected. I'm almost guessing that it has
to do with the session timing out and then dovecot is unwilling or
unable to renew the session. I can't login and there is little or no
information in the logs. I've set up a cron job to restart dovecot every
5 minutes to deal with this for now.
I'm new to dovecot, what sort of info should I send to you guys?
I'm using centos 5, qmail-ldap and Maildir for my mail format.
OpenLDAP: slapd 2.3.27
dovecot-1.0-1.2.rc15.el5
my /etc/dovecot.conf
===
mail_location = maildir:%h
namespace private {
prefix = INBOX.
inbox = yes
}
mail_debug = yes
maildir_copy_with_hardlinks = yes
auth default {
mechanisms = plain
passdb ldap {
# Path for LDAP configuration file, see doc/dovecot-ldap.conf for
example
args = /etc/dovecot-ldap.conf
}
userdb ldap {
args = /etc/dovecot-ldap.conf
}
}
===
my dovecot-ldap.conf
===
# This file is opened as root, so it should be owned by root and mode 0600.
#
# NOTE: If you're not using authentication binds, you'll need to give
# dovecot-auth read access to userPassword field in the LDAP server.
# With OpenLDAP this is done by modifying /etc/ldap/slapd.conf. There should
# already be something like this:
# access to attribute=userPassword
#by dn="" read # add this
#by anonymous auth
#by self write
#by * none
# Space separated list of LDAP hosts to use. host:port is allowed too.
hosts =127.0.0.1:389
# LDAP URIs to use. You can use this instead of hosts list. Note that this
# setting isn't supported by all LDAP libraries.
#uris =
# Distinguished Name - the username used to login to the LDAP server
#dn =
dn=cn=Manager,dc=cttechhosting,dc=net
dnpass=secret
# Password for LDAP server
#dnpass =
# Use SASL binding instead of the simple binding. Note that this changes
# ldap_version automatically to be 3 if it's lower. Also note that SASL binds
# and auth_bind=yes don't work together.
#sasl_bind = no
# SASL mechanism name to use.
#sasl_mech =
# SASL realm to use.
#sasl_realm =
# SASL authorization ID, ie. the dnpass is for this "master user", but the
# dn is still the logged in user. Normally you want to keep this empty.
#sasl_authz_id =
# Use authentication binding for verifying password's validity. This works by
# logging into LDAP server using the username and password given by client.
# The pass_filter is used to find the DN for the user. Note that the pass_attrs
# is still used, only the password field is ignored in it. Before doing any
# search, the binding is switched back to the default DN.
auth_bind = yes
# If authentication binding is used, you can save one LDAP request per login
# if users' DN can be specified with a common template. The template can use
# the standard %variables (see user_filter). Note that you can't
# use any pass_attrs if you use this setting.
#
# If you use this setting, it's a good idea to use a different
# dovecot-ldap.conf for userdb (it can even be a symlink, just as long as the
# filename is different in userdb's args). That way one connection is used only
# for LDAP binds and another connection is used for user lookups. Otherwise
# the binding is changed to the default DN before each user lookup.
#
# For example:
# auth_bind_userdn = cn=%u,ou=people,o=org
#
auth_bind_userdn = uid=%u,ou=accounts,dc=cttechhosting,dc=net
# LDAP protocol version to use. Likely 2 or 3.
#ldap_version = 2
ldap_version=3
# LDAP base. %variables can be used here.
base = ou=accounts,dc=cttechhosting,dc=net
# Dereference: never, searching, finding, always
#deref = never
# Search scope: base, onelevel, subtree
#scope = subtree
# User attributes are given in LDAP-name=dovecot-internal-name list. The
# internal names are:
# uid - System UID
# gid - System GID
# home - Home directory
# mail - Mail location
#
# There are also other special fields which can be returned, see
# http://wiki.dovecot.org/UserDatabase/ExtraFields
user_attrs =
mailMessageStore=home,qmailUID=uid,qmailGID=gid,mailMessageStore=mail
# Filter for user lookup. Some variables can be used (see
# http://wiki.dovecot.org/Variables for full list):
# %u - username
# %n - user part in [EMAIL PROTECTED], same as %u if there's no domain
# %d - domain part in [EMAIL PROTECTED], empty if user there's no domain
user_filter = (&(objectClass=qmailUser)(uid=%u))
# Password checking attributes:
# user: Virtual user name ([EMAIL PROTECTED]), if you wish to change the
#user-given username to something else
# password: Password, may optionally start with {type}, eg. {crypt}
# There are also other special fields which can be returned, see
# http://wiki.dovecot.org/PasswordDatabase/ExtraFields
pass_attrs =
Re: [Dovecot] Mailbox is in inconsistent state
At 11:50 AM 11/26/2007, Timo Sirainen wrote: On 26.11.2007, at 18.50, Dion Hollenbeck wrote: lip=:::192.168.1.101 Nov 26 10:26:47 parrot dovecot: POP3(hollen): UIDVALIDITY changed (1196019076 -> 1196097977) in mbox file /var/mail/hollen I think there's a problem with mailbox autodetection. If /var/mail/ hollen file ever gets deleted, Dovecot fallbacks to using ~/mail/ inbox. Set explicitly: mail_location = mbox:~/mail:INBOX=/var/mail/%u That hopefully fixes this. That did not fix it. Thanks anyway. dion -- Dion Hollenbeck Email: [EMAIL PROTECTED]Home Page: http://www.woodsprite.com Brewing Page: http://hbd.org/hollen Toys: 98 4Runner, 86 4x4 PU
Re: [Dovecot] Embracing .99
on 11/26/2007 2:19 PM Joe Allesi -X (joallesi - Coyote Creek Consulting at Cisco) spake the following: We're stuck on RHEL 4.x, so we're currently working on a plan to live in harmony with .99 for another year or so. With that said, the plan is below. Let me know if you have any other recommendations. [ ]Convert to high-performance mode vice high-security to reduce overall resource usage. [ ]Implement iptables throttling for new connections to prevent denials of service. [ ]Covert from mbox to maildir to help reduce the likelihood of corruption that lead to mailbox outages. As our overall individual mailbox usage is low, maildir seems to be a good option as mbox corruption has severely impacted a few of our high-profile applications. However, does anyone know of a sane method to use maildir on RHEL 4.x without switching over to Postfix? Thanks! You are not necessarily stuck with .99. You can upgrade dovecot and you only lose support on Dovecot issues. You can use maildir easily with sendmail also, as procmail in 4x supports it. You just have to create a procmailrc in /etc like below; http://linuxmafia.com/faq/Mail/procmail-maildir.html -- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don't
[Dovecot] Embracing .99
We're stuck on RHEL 4.x, so we're currently working on a plan to live in harmony with .99 for another year or so. With that said, the plan is below. Let me know if you have any other recommendations. [ ]Convert to high-performance mode vice high-security to reduce overall resource usage. [ ]Implement iptables throttling for new connections to prevent denials of service. [ ]Covert from mbox to maildir to help reduce the likelihood of corruption that lead to mailbox outages. As our overall individual mailbox usage is low, maildir seems to be a good option as mbox corruption has severely impacted a few of our high-profile applications. However, does anyone know of a sane method to use maildir on RHEL 4.x without switching over to Postfix? Thanks!
Re: [Dovecot] Dovecot + Cygwin
> ./dovecot-auth.exe $ dovecot -n # 1.0.7: /etc/dovecot.conf log_path: /var/log/dovecot.log ssl_disable: yes disable_plaintext_auth: no login_dir: /var/run/dovecot/login login_executable: /usr/libexec/dovecot/imap-login login_user: Administrator login_chroot: no login_process_size: 0 mail_location: maildir:~/Maildir mail_process_size: 0 auth default: executable: /home/Administrator/d.sh user: Administrator verbose: yes debug: yes process_size: 0 passdb: driver: passwd-file args: /etc/passwd.dovecot userdb: driver: passwd [EMAIL PROTECTED] ~ $ dovecot-auth.exe dovecot-auth: Fatal: You'll need to add at least one userdb
Re: [Dovecot] v1.1.beta9 released
On 26.11.2007, at 20.36, [EMAIL PROTECTED] wrote: build errors. solaris 9, sparc, sun studio 9 and 12. source='base64.c' object='base64.o' libtool=no \ DEPDIR=.deps depmode=none /bin/bash ../../depcomp \ cc -DHAVE_CONFIG_H -I. -I. -I../..-I/opt/SUNWconn/crypto/include -xjobs=4 -c base64.c "base64.c", line 96: syntax error before or at: ) Right, doesn't compile with non-gcc. This fixes it: http://hg.dovecot.org/dovecot/rev/ff884d70197b PGP.sig Description: This is a digitally signed message part
Re: [Dovecot] Mailbox is in inconsistent state
On 26.11.2007, at 18.50, Dion Hollenbeck wrote: lip=:::192.168.1.101 Nov 26 10:26:47 parrot dovecot: POP3(hollen): UIDVALIDITY changed (1196019076 -> 1196097977) in mbox file /var/mail/hollen I think there's a problem with mailbox autodetection. If /var/mail/ hollen file ever gets deleted, Dovecot fallbacks to using ~/mail/ inbox. Set explicitly: mail_location = mbox:~/mail:INBOX=/var/mail/%u That hopefully fixes this. PGP.sig Description: This is a digitally signed message part
Re: [Dovecot] v1.1.beta9 released
> http://dovecot.org/releases/1.1/beta/dovecot-1.1.beta9.tar.gz > http://dovecot.org/releases/1.1/beta/dovecot-1.1.beta9.tar.gz.sig > > Some changes since beta8: > > - This release should work perfectly with NFS attribute cache enabled. > - Fixes to handling what should be written to cache file and when > - Some index handling optimizations > - IMAP LIST: dbox and cydir can now return children state > > Beta9 will most likely have a rewritten Squat indexer. More about that > the next mail. > > build errors. solaris 9, sparc, sun studio 9 and 12. source='base64.c' object='base64.o' libtool=no \ DEPDIR=.deps depmode=none /bin/bash ../../depcomp \ cc -DHAVE_CONFIG_H -I. -I. -I../..-I/opt/SUNWconn/crypto/include -xjobs=4 -c base64.c "base64.c", line 96: syntax error before or at: ) "base64.c", line 105: syntax error before or at: ) "base64.c", line 107: "break" outside loop or switch "base64.c", line 108: cannot recover from previous errors cc: acomp failed for base64.c *** Error code 2 make: Fatal error: Command failed for target `base64.o'
Re: [Dovecot] Mailbox is in inconsistent state
At 06:28 AM 11/26/2007, Timo Sirainen wrote: On Tue, 2007-11-20 at 17:30 -0700, Dion Hollenbeck wrote: > 3 - On windoze, with Eurora, check for new mail, "ERR Mailbox is in > inconsistent state, please relogin" There should be something in log files. > I also tried looking at the log, but it appears to be a binary > (located in /home//mail/.imap/INBOX/dovecot.index.log) not > a readable text file. You're looking into wrong place. :) See http://wiki.dovecot.org/Logging Here is the actual log entries when the failure happens: Nov 26 10:26:47 parrot dovecot: pop3-login: Login: user=, method=PLAIN, rip=:::192.168.1.104, lip=:::192.168.1.101 Nov 26 10:26:47 parrot dovecot: POP3(hollen): UIDVALIDITY changed (1196019076 -> 1196097977) in mbox file /var/mail/hollen Nov 26 10:26:47 parrot dovecot: POP3(hollen): Disconnected: Mailbox is in inconsistent state. top=0/0, retr=0/0, del=0/0, size=0 Nov 26 10:26:47 parrot dovecot: POP3(hollen): Couldn't init INBOX: Can't sync mailbox: Messages keep getting expunged Nov 26 10:26:49 parrot dovecot: pop3-login: Login: user=, method=PLAIN, rip=:::192.168.1.104, lip=:::192.168.1.101 Nov 26 10:26:53 parrot dovecot: POP3(hollen): Disconnected: Logged out top=0/0, retr=7/28936, del=7/7, size=28817 Previous info for context: Running on Fedora 7, error happening on both Dovecot 1.05, and now that I upgraded to 1.07, same thing occurs. dovecot -n # 1.0.7: /etc/dovecot.conf login_dir: /var/run/dovecot/login login_executable(default): /usr/libexec/dovecot/imap-login login_executable(imap): /usr/libexec/dovecot/imap-login login_executable(pop3): /usr/libexec/dovecot/pop3-login mail_executable(default): /usr/libexec/dovecot/imap mail_executable(imap): /usr/libexec/dovecot/imap mail_executable(pop3): /usr/libexec/dovecot/pop3 mail_plugin_dir(default): /usr/lib/dovecot/imap mail_plugin_dir(imap): /usr/lib/dovecot/imap mail_plugin_dir(pop3): /usr/lib/dovecot/pop3 auth default: passdb: driver: pam userdb: driver: passwd thanks, dion -- Dion Hollenbeck Email: [EMAIL PROTECTED]Home Page: http://www.woodsprite.com Brewing Page: http://hbd.org/hollen Toys: 98 4Runner, 86 4x4 PU
Re: [Dovecot] File locking problems and duplicate emails with the snarf plugin
Timo Sirainen wrote: > On Wed, 2007-11-21 at 20:29 +, Adrian Barker wrote: >> Two weeks ago we switched all our IMAP users (around 25,000) from the >> Washington IMAP server to Dovecot, and since then there have been >> several occasions when reading new email just hangs, and duplicate >> emails appear. We are using the 'snarf' plugin to copy new email to the >> inbox, and it looks as though the problems are caused by file locking. > > How do you deliver mails to the mboxes? If not using Dovecot's deliver, > the mbox locking order could be different between them and they'd > deadlock. mbox_read/write_locks settings affect this. > >> We have been using the Washington IMAP server for a number of years >> without any file locking problems, so the underlying file locking >> mechanism is robust. > > Did UW-IMAP really use fcntl locks with mboxes? Could it be that it just > didn't, and now the problem is with fcntl locking in general? > We use Exim to deliver the email, which uses both fcntl and lock files. We cannot use the Dovecot deliver process, as we have a mixture of Unix, POP and IMAP clients. We used the default file locking for Dovecot, but on Friday turned off the use of lock files (after running various file locking tests) and now just use fcntl. This seems to have improved the performance substantially. We will know in a day or two whether the problem is completely solved. -- Adrian Barker Internet Technology Section Information Systems University College London, Gower Street, London WC1E 6BT External phone: +44 20 7679 5140, Fax (+44) 20 7388 5406 Internal phone: x 25140 Email: [EMAIL PROTECTED]
Re: [Dovecot] Dovecot + Cygwin
On 26.11.2007, at 18.28, Ronny wrote: even client_process_exec() do not comes to "LPE7" the file output is created! So it seems execv() runs the process but then stops and do not return! That's why I thought that the problem could be that running dovecot- auth.exe calls some library's init function which causes it to exit. You could try running directly: ./dovecot-auth.exe echo $? Does it fail with the same error 53? By the way, to you use gdb/ddd? Does it work for you? Do you use any special debug level? Sure I use gdb in Linux, but if you mean in Cygwin I haven't used Cygwin for years. What do you mean by debug level? PGP.sig Description: This is a digitally signed message part
Re: [Dovecot] Dovecot + Cygwin
> This only means that it sees that auth process died, so master process
> shuts down. Put something similar to src/auth/main.c instead to see if
> it gets executed.
>
I put i_info as the first statement in auth/main.c!
This do not appear at the log, so the auth process is not executed!?!?
As far as i see this is for executing the auth process:
void client_process_exec(const char *cmd, const char *title)
{
i_info("LPE6");
execv(executable, (char **)argv);
i_info("LPE7");
}
Log output is only "LPE6", so it comes to the point where it should be
executed, but does not do it!
BUT!!!:
i set auth_executable = /home/Administrator/d.sh
d.sh is
#!/bin/sh
echo "running" > /home/Administrator/output
exit 0
even client_process_exec() do not comes to "LPE7" the file output is
created! So it seems execv() runs the process but then stops and do not
return!
log:
dovecot: Nov 25 23:36:48 Info: Dovecot v1.0.7 starting up
dovecot: Nov 25 23:36:48 Info: LPE6
dovecot: Nov 25 23:36:50 Info: DIE 2
dovecot: Nov 25 23:36:50 Info: VOR ausgabe des died to early
dovecot: Nov 25 23:36:50 Error: Auth process died too early - shutting down
By the way, to you use gdb/ddd? Does it work for you? Do you use any
special debug level?
cheers
Ronny
Re: [Dovecot] Using global und per-user sieve scripts at the same time
On 26.11.2007 18:57, Matthias Kellermann wrote:
Nikolay Shopik schrieb:
You forgot to insert this one, where users sieve files stored.
plugin {
sieve = /var/mail/store/%u/sieve
}
Thanks for your answer Nikolay. But I think this won't do the trick.
This setting will override the global setting as well. At the moment I'm
using the default location for the sieve scripts in the user's home dir.
Matthias
Very strange but in my case global rules still works even if user have
their own sieve rules. So spam still moved to junk folder ;).
Re: [Dovecot] Using global und per-user sieve scripts at the same time
Nikolay Shopik schrieb:
> You forgot to insert this one, where users sieve files stored.
>
> plugin {
> sieve = /var/mail/store/%u/sieve
> }
Thanks for your answer Nikolay. But I think this won't do the trick.
This setting will override the global setting as well. At the moment I'm
using the default location for the sieve scripts in the user's home dir.
Matthias
Re: [Dovecot] Using global und per-user sieve scripts at the same time
Timo Sirainen schrieb: > On Mon, 2007-11-26 at 14:50 +0100, Matthias Kellermann wrote: >> If a user creates his own .dovecot.sieve file the global script will not >> work anymore. >> >> How can I enable global and local per-user sieve scripts at once? Is >> this possible? > > Unfortunately not. Sieve plugin v1.1 (requires Dovecot v1.1) supports > include extension, so in per-user scripts they could include the global > script. It should probably be somewhat easy to do this including > automatically. It's Dovecot 1.07 on FreeBSD. So there is no include option. So I will write a little script which will copy a template sieve file in each users home directory on/after creation. > (Actually I'm hoping to offload Sieve development to Stephan Bosch and > his completely rewritten Sieve code. I don't know when it's going to be > in a usable state though. And I hope the code's existence wasn't a > secret.. :) Is that sieve implementation better than the current one (fork of Cyrus sieve implementation if I remember correctly)? Matthias
Re: [Dovecot] Some dovecot conf parameters
Timo Sirainen wrote: Would you like to tell why? I'm always interested of why people are switching away from Cyrus. :) Were is a lot of people do so before me? Funny. :-) At our system cyrus was before me, and im really don`t like it and don`t want to learn it. Im tired of it "IO system error" then im try to reconstruct they maildir`s. Im tired of it index errors. And im really don`t like what he uses it it own maildir... Im think what most of it error`s can be fixed. Im try to but failed. And all our old mail system is work bad... im make it now from beginning. As im know, the best open and free pop3\imap daemons is a cyrus and dovecot. :-) So im decided to try it, and im really like it. :-) Waiting for 1.1 > Those are fields that Dovecot looks up from LDAP and uses for its internal purposes. Thank you for explanation! user_attrs then.. Well, if you're using virtual users with a single UID and GID you may not need to use userdb ldap at all. Look at http://wiki.dovecot.org/UserDatabase/Static instead. Auth, verify and deliver does by Exim. Im will test a dovecot deliver soon any way... We a using LDAP as a one and only DB for all in one(mail auth, address book, jabber auth and so on). :-) So it is really... mhh... comfortable for us. :-) -- Best regards, Proskurin Kirill
Re: [Dovecot] Enhanced Kerberos support
Timo Sirainen <[EMAIL PROTECTED]> writes: >> SSH recently added this enhancement to address this common need: >> >> GSSAPIStrictAcceptorCheck >> Determines whether to be strict about the identity of the >> GSSAPI acceptor a client authenticates >> against. If “yes” then the client must authenticate against >> the host service on the current hostname. >> If “no” then the client may authenticate against any service >> key stored in the machine’s default >> store. This facility is provided to assist with operation on >> multi homed machines. The default is >> “yes”. Note that this option applies only to protocol version >> 2 GSSAPI connections, and setting it >> to “no” may only work with recent Kerberos GSSAPI libraries. > > Somehow this doesn't sound a very good idea. This says "the host service on the current hostname", and I interpret this as the principal "host/[EMAIL PROTECTED]", where $hostname is the value returned by gethostname(3)/hostname(1). There is no DNS involved in this at all. The alternative is to accept authentication to any principal either of the form "host/[EMAIL PROTECTED]", as long as that key is stored in the machine's keytab. None of this involves DNS lookups. >> I've heard that other daemons support multi-names by instead of using >> gethostname(), obtain the hostname of the >> interface that the request came in on. > > I guess this would mean a PTR DNS lookup for the local IP? I've wanted > to avoid DNS lookups in Dovecot so far, but proxying would also want to > use them.. Yes, you could do this, allowing authentication to various names, depending on the interface. But I would think it's better to have an option to either a) just allow the name that's configured as hostname, or b) allow any host/ key that's in the keytab. I don't see that it's useful from a security viewpoint to refuse authentication that's done to host/foo when the request is received on an interface that has an IP address that doesn't map to foo. Actually, I'd say that it isn't meaningful, for TCP at least, to talk about the interface on which a request was received, and even for UDP packets can arrive on arbitrary interfaces due to routing changes, and generally these have no security consequences. > I guess blocking DNS lookups for local IPs should be pretty safe and > fast. Why? If the local DNS responder is hosed, it will be messy. But this is much less scary than lookups on random addresses. What problem are we trying to solve? The problem I can see is that if a server is known by two names, clients may attempt to authenticate to both of those names, and that should work (assuming both names have service keys present in the keytab). Are people trying to run some inside/outside split mailserver that's both inside and outside a firewall?
Re: [Dovecot] Ldap Proxy
Ok. I got it to work. I changed this: pass_attrs = uid=user,cn=proxy,BCMailDovecotProxyHost=host,gidNumber=nologin,uidNumber=nodelay By adding nologin and nodelay it seems to work. Also, I have to have each map to a unique ldap field or it won't like that. (If people have less than 4 entries in their ldap entry it may actually be a problem then. haha) The static fields would be really nice, Once redhat decides to put 1.1 in their repository it will wind up on the machine. Until then, this way seems to work. Thanks for your help. Harrison Metzger On Nov 26, 2007 8:50 AM, Harrison Metzger <[EMAIL PROTECTED]> wrote: > I changed it so that proxy would be populated by an existing ldap > attribute. Here are what my logs show now: > > Nov 26 08:42:01 holiday dovecot: auth(default): client in: AUTH 1 > PLAIN service=POP3 secured lip= 127.0.0.1 rip=127.0.0.1 > resp=AGFwcGxlc2VqAHRhYmxl > Nov 26 08:42:01 holiday dovecot: auth(default): ldap(applesej,127.0.0.1 ): > bind search: base=dc=beloit,dc=edu > filter=(&(objectClass=BCMailAccount)(BCMailEnable=true)(BCMailDovecotEnable=true)(uid=applesej)) > Nov 26 08:42:01 holiday dovecot: auth(default): ldap(applesej, 127.0.0.1): > result: uid(user)=applesej cn(proxy)=John Applesead > BCMailDovecotProxyHost(host)=144.89.40.1 > Nov 26 08:42:01 holiday dovecot: auth(default): ldap(applesej, 127.0.0.1): > bind: dn=uid=applesej,ou=People,dc=beloit,dc=edu > Nov 26 08:42:01 holiday dovecot: auth(default): client out: OK 1 > user=applesej proxy host=144.89.40.1pass=xx > Nov 26 08:42:01 holiday dovecot: auth(default): master in: REQUEST > 1 212091 > Nov 26 08:42:01 holiday dovecot: auth(default): Master request 21209.1 not > found > Nov 26 08:42:01 holiday dovecot: auth(default): master out: NOTFOUND1 > Nov 26 08:42:01 holiday dovecot: pop3-login: Internal login failure: > user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured > > I know this user can proxy because when I set it up to do it by > passwd-file it works. > > On Nov 26, 2007 8:07 AM, Timo Sirainen <[EMAIL PROTECTED]> wrote: > > > On Mon, 2007-11-26 at 07:46 -0600, Harrison Metzger wrote: > > > pass search: base=dc=beloit,dc=edu scope=subtree > > > > > filter=(&(objectClass=BCMailAccount)(BCMailEnable=true)(BCMailDovecotEnable=true)(uid=applesej)) > > > > > fields=uid,proxy,nologin,nodelay,BCMailDovecotProxyHost > > > Nov 26 07:40:56 holiday dovecot: auth(default): ldap(applesej, > > 127.0.0.1): > > > result: uid(user)=applesej BCMailDovecotProxyHost(host)= 144.89.40.1 > > > > It looks for "proxy" field, but it doesn't get proxy field on return. So > > I guess it doesn't exist in LDAP? If you want to proxy all users, you > > could use for example uid=proxy in pass_attrs. > > > > >
Re: [Dovecot] Ldap Proxy
I changed it so that proxy would be populated by an existing ldap attribute. Here are what my logs show now: Nov 26 08:42:01 holiday dovecot: auth(default): client in: AUTH 1 PLAIN service=POP3 secured lip=127.0.0.1 rip=127.0.0.1 resp=AGFwcGxlc2VqAHRhYmxl Nov 26 08:42:01 holiday dovecot: auth(default): ldap(applesej,127.0.0.1): bind search: base=dc=beloit,dc=edu filter=(&(objectClass=BCMailAccount)(BCMailEnable=true)(BCMailDovecotEnable=true)(uid=applesej)) Nov 26 08:42:01 holiday dovecot: auth(default): ldap(applesej,127.0.0.1): result: uid(user)=applesej cn(proxy)=John Applesead BCMailDovecotProxyHost(host)=144.89.40.1 Nov 26 08:42:01 holiday dovecot: auth(default): ldap(applesej,127.0.0.1): bind: dn=uid=applesej,ou=People,dc=beloit,dc=edu Nov 26 08:42:01 holiday dovecot: auth(default): client out: OK 1 user=applesej proxy host=144.89.40.1pass=xx Nov 26 08:42:01 holiday dovecot: auth(default): master in: REQUEST 1 212091 Nov 26 08:42:01 holiday dovecot: auth(default): Master request 21209.1 not found Nov 26 08:42:01 holiday dovecot: auth(default): master out: NOTFOUND1 Nov 26 08:42:01 holiday dovecot: pop3-login: Internal login failure: user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured I know this user can proxy because when I set it up to do it by passwd-file it works. On Nov 26, 2007 8:07 AM, Timo Sirainen <[EMAIL PROTECTED]> wrote: > On Mon, 2007-11-26 at 07:46 -0600, Harrison Metzger wrote: > > pass search: base=dc=beloit,dc=edu scope=subtree > > > filter=(&(objectClass=BCMailAccount)(BCMailEnable=true)(BCMailDovecotEnable=true)(uid=applesej)) > > fields=uid,proxy,nologin,nodelay,BCMailDovecotProxyHost > > Nov 26 07:40:56 holiday dovecot: auth(default): ldap(applesej,127.0.0.1 > ): > > result: uid(user)=applesej BCMailDovecotProxyHost(host)=144.89.40.1 > > It looks for "proxy" field, but it doesn't get proxy field on return. So > I guess it doesn't exist in LDAP? If you want to proxy all users, you > could use for example uid=proxy in pass_attrs. > >
Re: [Dovecot] Variable krb5 cache location
On Sun, 2007-11-25 at 20:24 +0100, Roland Hopferwieser wrote:
> First I want to thank you for this great software.
> Second, I think it could be a good idea to give the user the chance to
> change the location for the kerberos V cache, so there is no potentially
> conflict with other processes. With external refreshment of the krb5
> cache, I use the cache also for authentication against the LDAP server
> with the gssapi.
> Please find attached a little diff file to dovecot 1.0.7.
Looks ok, but I hate to add new settings to dovecot.conf nowadays since
there are already too many. Also then there would be two
Kerberos-related settings that simply set environment variables. I'm
beginning to think that maybe something more generic is needed, such as:
auth default {
..
environment {
krb5_ktname = ..
krb5ccname = ...
who_knows_what_else_in_future = ..
}
}
I think LDAP library also can accept settings from environment.
Anyone on mailing list have better ideas?
signature.asc
Description: This is a digitally signed message part
Re: [Dovecot] upgrade from version 1.0.3 to version 1.0.7
Quoting Timo Sirainen <[EMAIL PROTECTED]>: On Mon, 2007-11-26 at 09:32 -0500, [EMAIL PROTECTED] wrote: Nov 26 09:28:10 mail dovecot: IMAP(someuser): open(/var/mail/.temp.mail.harrisonburg.k12.va.us.23157.22aab3df3f835fed) failed: Permission denied Nov 26 09:28:10 mail dovecot: IMAP(someuser): file_lock_dotlock() failed with mbox file /var/mail/someuser: Permission denied. Typical workaround to this is to set mail_extra_groups = mail. Alternative is to change /var/mail directory to be world writable (and with sticky bit). That seems to have done it. I saw this in the wiki I think. Sorry to bother you with a problem that is already documented. Is there any other tweaks or settings that I should know about? ddh -- Dwayne Hottinger Network Administrator Harrisonburg City Public Schools "rarely do people communicate, they just take turns talking"
Re: [Dovecot] Enhanced Kerberos support
Hi Timo, Richard, On Mon, 2007-11-26 at 15:54 +0200, Timo Sirainen wrote: > On Tue, 2007-11-13 at 14:16 -0800, Richard A Nelson wrote: > > SSH recently added this enhancement to address this common need: > > > > GSSAPIStrictAcceptorCheck > > Determines whether to be strict about the identity of the > > GSSAPI acceptor a client authenticates > > against. If “yes” then the client must authenticate against > > the host service on the current hostname. > > If “no” then the client may authenticate against any service > > key stored in the machine’s default > > store. This facility is provided to assist with operation on > > multi homed machines. The default is > > “yes”. Note that this option applies only to protocol > > version 2 GSSAPI connections, and setting it > > to “no” may only work with recent Kerberos GSSAPI libraries. > Somehow this doesn't sound a very good idea. I'm a bit curious as to why you would want to be strict about this - is this serving multiple realms? > > I've heard that other daemons support multi-names by instead of using > > gethostname(), obtain the hostname of the > > interface that the request came in on. > I guess this would mean a PTR DNS lookup for the local IP? I've wanted > to avoid DNS lookups in Dovecot so far, but proxying would also want to > use them.. Perhaps we can just do this in case the option equivalent to GSSAPIStrictAcceptorCheck is enabled or perhaps some other option to enable gssapi multi-homing? > I guess blocking DNS lookups for local IPs should be pretty safe and > fast. Perhaps a new %D variable modifier, so you could do > auth_gssapi_hostname = %Dl. Since these shouldn't be used for remote > lookups, Dovecot could also cache them (with upper limit 100 or > something). Yeah, that would make sense I think. Cheers, Jelmer -- Jelmer Vernooij <[EMAIL PROTECTED]> - http://samba.org/~jelmer/ signature.asc Description: This is a digitally signed message part
Re: [Dovecot] upgrade from version 1.0.3 to version 1.0.7
On Mon, 2007-11-26 at 09:32 -0500, [EMAIL PROTECTED] wrote: > Nov 26 09:28:10 mail dovecot: IMAP(someuser): > open(/var/mail/.temp.mail.harrisonburg.k12.va.us.23157.22aab3df3f835fed) > failed: Permission denied > Nov 26 09:28:10 mail dovecot: IMAP(someuser): file_lock_dotlock() > failed with mbox file /var/mail/someuser: Permission denied. Typical workaround to this is to set mail_extra_groups = mail. Alternative is to change /var/mail directory to be world writable (and with sticky bit). signature.asc Description: This is a digitally signed message part
Re: [Dovecot] upgrade from version 1.0.3 to version 1.0.7
I went from uw-imap to dovecot some months ago and necessary changes to the .mailboxlist to .subscriptions. Is there a different format for version 1.0.7? No. There should be no changes between 1.0.3 and 1.0.7 that could cause this. So I don't think the problem is with the version number change, but something else. Setting mail_debug=yes (and maybe auth_debug=yes) and looking at logs would show what Dovecot is really using as home directory and mail location. Have done. When initially logging in, Messages show (using horde/imp). After reading first message I get a no messages message. This is in my logfiles for each user: Nov 26 09:28:10 mail dovecot: IMAP(someuser): mbox: data=/home/someuser/:INBOX=/var/mail/someuser Nov 26 09:28:10 mail dovecot: IMAP(someuser): mbox: root=/home/someuser, index=/home/someuser, inbox=/var/mail/someuser Nov 26 09:28:10 mail dovecot: IMAP(someuser): open(/var/mail/.temp.mail.harrisonburg.k12.va.us.23157.22aab3df3f835fed) failed: Permission denied Nov 26 09:28:10 mail dovecot: IMAP(someuser): file_lock_dotlock() failed with mbox file /var/mail/someuser: Permission denied. Now the only difference other than the version I can see is the new version built with ssl. Which I would like to use. thanks, ddh -- Dwayne Hottinger Network Administrator Harrisonburg City Public Schools "rarely do people communicate, they just take turns talking"
Re: [Dovecot] upgrade from version 1.0.3 to version 1.0.7
On Mon, 2007-11-26 at 09:17 -0500, [EMAIL PROTECTED] wrote: > Im working on upgrading to dovecot-1.0.7 from version 1.0.3 which I > installed using yum. I backed up my init.d stuff so everything still > works. However, when I shutdown my old dovecot version and start the > new, I get an empty mailbox when logging into mail. My current config > for dovecot.conf on version 1.0.3 has this for my mailbox > location:mail_location = mbox:~/:INBOX=/var/mail/%u > > I went from uw-imap to dovecot some months ago and necessary changes > to the .mailboxlist to .subscriptions. Is there a different format > for version 1.0.7? No. There should be no changes between 1.0.3 and 1.0.7 that could cause this. So I don't think the problem is with the version number change, but something else. Setting mail_debug=yes (and maybe auth_debug=yes) and looking at logs would show what Dovecot is really using as home directory and mail location. signature.asc Description: This is a digitally signed message part
Re: [Dovecot] v1.1.beta9 released
On Mon, 2007-11-26 at 06:20 -0800, Jeff Grossman wrote: > Timo Sirainen wrote: > > http://dovecot.org/releases/1.1/beta/dovecot-1.1.beta9.tar.gz > > http://dovecot.org/releases/1.1/beta/dovecot-1.1.beta9.tar.gz.sig > > > > Some changes since beta8: > > > > - This release should work perfectly with NFS attribute cache enabled. > > - Fixes to handling what should be written to cache file and when > > - Some index handling optimizations > > - IMAP LIST: dbox and cydir can now return children state > > > > Beta9 will most likely have a rewritten Squat indexer. More about that > > the next mail. > > > > > FYI, the above link does not work. It is at the following link: > > http://dovecot.org/releases/1.1/dovecot-1.1.beta9.tar.gz Whops, moved to beta/ now. signature.asc Description: This is a digitally signed message part
Re: [Dovecot] v1.1.beta9 released
Timo Sirainen wrote: http://dovecot.org/releases/1.1/beta/dovecot-1.1.beta9.tar.gz http://dovecot.org/releases/1.1/beta/dovecot-1.1.beta9.tar.gz.sig Some changes since beta8: - This release should work perfectly with NFS attribute cache enabled. - Fixes to handling what should be written to cache file and when - Some index handling optimizations - IMAP LIST: dbox and cydir can now return children state Beta9 will most likely have a rewritten Squat indexer. More about that the next mail. FYI, the above link does not work. It is at the following link: http://dovecot.org/releases/1.1/dovecot-1.1.beta9.tar.gz Jeff
[Dovecot] upgrade from version 1.0.3 to version 1.0.7
Im working on upgrading to dovecot-1.0.7 from version 1.0.3 which I installed using yum. I backed up my init.d stuff so everything still works. However, when I shutdown my old dovecot version and start the new, I get an empty mailbox when logging into mail. My current config for dovecot.conf on version 1.0.3 has this for my mailbox location:mail_location = mbox:~/:INBOX=/var/mail/%u I went from uw-imap to dovecot some months ago and necessary changes to the .mailboxlist to .subscriptions. Is there a different format for version 1.0.7? -- Dwayne Hottinger Network Administrator Harrisonburg City Public Schools "rarely do people communicate, they just take turns talking"
Re: [Dovecot] Using global und per-user sieve scripts at the same time
On Mon, 2007-11-26 at 14:50 +0100, Matthias Kellermann wrote: > If a user creates his own .dovecot.sieve file the global script will not > work anymore. > > How can I enable global and local per-user sieve scripts at once? Is > this possible? Unfortunately not. Sieve plugin v1.1 (requires Dovecot v1.1) supports include extension, so in per-user scripts they could include the global script. It should probably be somewhat easy to do this including automatically. (Actually I'm hoping to offload Sieve development to Stephan Bosch and his completely rewritten Sieve code. I don't know when it's going to be in a usable state though. And I hope the code's existence wasn't a secret.. :) signature.asc Description: This is a digitally signed message part
Re: [Dovecot] Ldap Proxy
On Mon, 2007-11-26 at 07:46 -0600, Harrison Metzger wrote: > pass search: base=dc=beloit,dc=edu scope=subtree > filter=(&(objectClass=BCMailAccount)(BCMailEnable=true)(BCMailDovecotEnable=true)(uid=applesej)) > fields=uid,proxy,nologin,nodelay,BCMailDovecotProxyHost > Nov 26 07:40:56 holiday dovecot: auth(default): ldap(applesej,127.0.0.1): > result: uid(user)=applesej BCMailDovecotProxyHost(host)=144.89.40.1 It looks for "proxy" field, but it doesn't get proxy field on return. So I guess it doesn't exist in LDAP? If you want to proxy all users, you could use for example uid=proxy in pass_attrs. signature.asc Description: This is a digitally signed message part
Re: [Dovecot] SIGSEGV login process
On Mon, 26 Nov 2007 15:59:38 +0200, Timo Sirainen <[EMAIL PROTECTED]> wrote: > On Mon, 2007-11-26 at 16:51 +0300, Maxim Lougovsky wrote: >> Hmm, really strange. now bt shown other function rather previous: > .. >> mail# gdb ./work/dovecot-1.0.7/src/imap-login/imap-login >> /tmp/imap-login.core > .. >> warning: exec file is newer than core file. > > The core file needs to used against the exact same binary that produced > it. Otherwise the backtrace is corrupted. So you'd have to install the > imap-login and get a new core file.. ok.
Re: [Dovecot] Some dovecot conf parameters
On Mon, 2007-11-26 at 16:52 +0300, Proskurin Kirill wrote: > Im working now on migration from cyrus to dovecot(v1.07). Would you like to tell why? I'm always interested of why people are switching away from Cyrus. :) > user_attrs = mail > #,homeDirectory > user_filter = (&(objectClass=qmailUser)(mail=%u)) > pass_attrs = mail,userPassword=password > pass_filter = (&(objectClass=qmailUser)(mail=%u)) > > What does this parameters mean? Im understand what mean a *_filter, but > im do not understand a *_attrs. > Yes, im read a http://wiki.dovecot.org/AuthDatabase/LDAP > and http://wiki.dovecot.org/PasswordDatabase/ExtraFields > > But don`t understand it. :-( Those are fields that Dovecot looks up from LDAP and uses for its internal purposes. If you're using auth_bind=yes, pass_attrs only needs to return "user" field. In your case you're using "mail" for that, so you need to tell Dovecot that it's the same as "user": pass_attrs = mail=user,userPassword=password It might not be necessary though. But that makes sure that if mail=%u matching is case-insensitive, Dovecot uses the username with the exact same casing as it's in LDAP. user_attrs then.. Well, if you're using virtual users with a single UID and GID you may not need to use userdb ldap at all. Look at http://wiki.dovecot.org/UserDatabase/Static instead. http://wiki.dovecot.org/UserDatabase anyway explains the user_attrs fields. signature.asc Description: This is a digitally signed message part
Re: [Dovecot] SIGSEGV login process
On Mon, 2007-11-26 at 16:51 +0300, Maxim Lougovsky wrote: > Hmm, really strange. now bt shown other function rather previous: .. > mail# gdb ./work/dovecot-1.0.7/src/imap-login/imap-login > /tmp/imap-login.core .. > warning: exec file is newer than core file. The core file needs to used against the exact same binary that produced it. Otherwise the backtrace is corrupted. So you'd have to install the imap-login and get a new core file.. signature.asc Description: This is a digitally signed message part
Re: [Dovecot] NFS lock tester
No errors on Solaris 10 either (Solaris 10 NFS clients and Solaris 10 NFS server with ZFS backing store). - Peter Timo Sirainen wrote: > On Thu, 2007-11-15 at 04:32 +0200, Timo Sirainen wrote: >> Anyone who has NFS, could you test: http://dovecot.org/tmp/locktest.c > > (did a minor update to that in case someone already got it) > >> What I'd like to know is what OS you use on your NFS clients, what NFS >> server you use and what errors does it give (errors being those "link() >> succeeded/failed, but .." messages). > > Linux doesn't seem to give any errors. So I guess it really is a bug and > not a general problem. > signature.asc Description: OpenPGP digital signature
Re: [Dovecot] Enhanced Kerberos support
On Tue, 2007-11-13 at 14:16 -0800, Richard A Nelson wrote: > The recent addition of auth_gssapi_hostname is a welcome addition, but a > little more is needed > for multi-homed (or multi-domained) sites. I haven't implemented Dovecot's GSSAPI code and my GSSAPI/Kerberos knowledge is pretty limited. I guess some day I should find out more about it. So, Cc'd Jelmer in case he has some comments/ideas. > SSH recently added this enhancement to address this common need: > > GSSAPIStrictAcceptorCheck > Determines whether to be strict about the identity of the > GSSAPI acceptor a client authenticates > against. If “yes” then the client must authenticate against the > host service on the current hostname. > If “no” then the client may authenticate against any service > key stored in the machine’s default > store. This facility is provided to assist with operation on > multi homed machines. The default is > “yes”. Note that this option applies only to protocol version > 2 GSSAPI connections, and setting it > to “no” may only work with recent Kerberos GSSAPI libraries. Somehow this doesn't sound a very good idea. > I've heard that other daemons support multi-names by instead of using > gethostname(), obtain the hostname of the > interface that the request came in on. I guess this would mean a PTR DNS lookup for the local IP? I've wanted to avoid DNS lookups in Dovecot so far, but proxying would also want to use them.. I guess blocking DNS lookups for local IPs should be pretty safe and fast. Perhaps a new %D variable modifier, so you could do auth_gssapi_hostname = %Dl. Since these shouldn't be used for remote lookups, Dovecot could also cache them (with upper limit 100 or something). signature.asc Description: This is a digitally signed message part
[Dovecot] Some dovecot conf parameters
Hello all! First of all - sorry for my english. :-) Im working now on migration from cyrus to dovecot(v1.07). Everything work`s fine for now, but some parameters at dovecot conf a mystical for me. :-) dovecot-ldap.conf: user_attrs = mail #,homeDirectory user_filter = (&(objectClass=qmailUser)(mail=%u)) pass_attrs = mail,userPassword=password pass_filter = (&(objectClass=qmailUser)(mail=%u)) What does this parameters mean? Im understand what mean a *_filter, but im do not understand a *_attrs. Yes, im read a http://wiki.dovecot.org/AuthDatabase/LDAP and http://wiki.dovecot.org/PasswordDatabase/ExtraFields But don`t understand it. :-( Ask you for help, or just say what im read this wiki again and again. --- Best regards, Proskurin Kirill
Re: [Dovecot] SIGSEGV login process
On Mon, 26 Nov 2007 16:35:46 +0300, Maxim Lougovsky <[EMAIL PROTECTED]> wrote: > > > On Mon, 26 Nov 2007 15:22:29 +0200, Timo Sirainen <[EMAIL PROTECTED]> wrote: >> On Mon, 2007-11-26 at 16:13 +0300, Maxim Lougovsky wrote: >>> i have installed exim with self delivery (not dovecot LDA) and just >> install >>> from port mail/dovecot-sieve and have these crashes. >>> e.g. finally case is: >>> >>> 1) install exim with Maildir delivery >>> 2) install dovecot >>> 3) start both of them >>> 4) install mail/dovecot-sieve >>> 5) not touch anything, just wait high load (LA~10..20) >> >> So the high load is the point I guess. >> >>> 6) login processes begins randomly crashes >>> >>> did you still need debug core+bt? >> >> It would help a lot. Otherwise it'll probably take me quite a lot of >> time to reproduce it, if I'm able to do it at all (it could be that some >> clients do something special that causes it). > > ok, i soon send to list backtrace. Thank you Hmm, really strange. now bt shown other function rather previous: mail# gdb ./work/dovecot-1.0.7/src/imap-login/imap-login /tmp/imap-login.core GNU gdb 6.1.1 [FreeBSD] Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-marcel-freebsd"... warning: exec file is newer than core file. Core was generated by `imap-login'. Program terminated with signal 11, Segmentation fault. #0 0x08051e2d in imap_parser_read_arg (parser=0x0) at imap-parser.c:518 518 data = i_stream_get_data(parser->input, &data_size); (gdb) bt #0 0x08051e2d in imap_parser_read_arg (parser=0x0) at imap-parser.c:518 #1 0x0804b8db in client_unref (client=0x806ea00) at client.c:536 #2 0x080562ec in fd_debug_verify_leaks (first_fd=134705600, last_fd=134598854) at fd-close-on-exec.c:56 #3 0x0805599d in i_error (format=0x80771c0 "") at failures.c:210 #4 0x0804d963 in login_proxy_free (proxy=0x1) at login-proxy.c:207 #5 0x0804a6a6 in _start () #6 0x0001 in ?? () (gdb)
Re: [Dovecot] Using global und per-user sieve scripts at the same time
On 26.11.2007 16:50, Matthias Kellermann wrote:
Hi list,
I'm trying to get a global sieve mailfilter with per-user sieve scripts
to work.
At the "lda"-section in the dovecot.conf file I have:
global_script_path = /usr/local/etc/sieve/spam
/usr/local/etc/sieve/spam:
require "fileinto";
if header :contains ["Subject"] ["***Spam***"] {
fileinto "Spam";
stop;
}
which will work fine delivering Spam Mails in a Spam dir for every user.
If a user creates his own .dovecot.sieve file the global script will not
work anymore.
How can I enable global and local per-user sieve scripts at once? Is
this possible? Do you know any workaround so all users will have the
same (Spam-)sieve filters beside there own (global templates or so)?
Matthias
You forgot to insert this one, where users sieve files stored.
plugin {
sieve = /var/mail/store/%u/sieve
}
[Dovecot] Using global und per-user sieve scripts at the same time
Hi list,
I'm trying to get a global sieve mailfilter with per-user sieve scripts
to work.
At the "lda"-section in the dovecot.conf file I have:
global_script_path = /usr/local/etc/sieve/spam
/usr/local/etc/sieve/spam:
require "fileinto";
if header :contains ["Subject"] ["***Spam***"] {
fileinto "Spam";
stop;
}
which will work fine delivering Spam Mails in a Spam dir for every user.
If a user creates his own .dovecot.sieve file the global script will not
work anymore.
How can I enable global and local per-user sieve scripts at once? Is
this possible? Do you know any workaround so all users will have the
same (Spam-)sieve filters beside there own (global templates or so)?
Matthias
Re: [Dovecot] Ldap Proxy
I turned auth_bind off by commenting it out. Here is what my logs show: Nov 26 07:40:56 holiday dovecot: auth(default): client in: AUTH 1 PLAIN service=POP3 secured lip=127.0.0.1 rip=127.0.0.1 resp=AGFwcGxlc2VqAHRhYmxl Nov 26 07:40:56 holiday dovecot: auth(default): ldap(applesej,127.0.0.1): pass search: base=dc=beloit,dc=edu scope=subtree filter=(&(objectClass=BCMailAccount)(BCMailEnable=true)(BCMailDovecotEnable=true)(uid=applesej)) fields=uid,proxy,nologin,nodelay,BCMailDovecotProxyHost Nov 26 07:40:56 holiday dovecot: auth(default): ldap(applesej,127.0.0.1): result: uid(user)=applesej BCMailDovecotProxyHost(host)=144.89.40.1 Nov 26 07:40:56 holiday dovecot: auth(default): ldap(applesej,127.0.0.1): No password in reply Nov 26 07:40:57 holiday dovecot: auth(default): client out: FAIL 1 user=applesejtemphost=144.89.40.1 Nov 26 07:40:59 holiday dovecot: pop3-login: Aborted login: user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured When auth_bind = yes, it simply allows the user to login and reads from their local mailbox. Harrison Metzger On Nov 26, 2007 7:33 AM, Timo Sirainen <[EMAIL PROTECTED]> wrote: > On Tue, 2007-11-20 at 21:08 -0600, Harrison Metzger wrote: > > Hello > > > > I'm trying to do an ldap proxy but it is not working, it just continues > to > > access the user's mailbox. I was able to do a proxy with a user in a > > "passwd-file", but not ldap directory. Here is part my "args" file on > the > > passdb ldap stanza: > > > > auth_bind = yes > > I'm not sure if this affects it. It shouldn't, but you could try if it > works without. > > > pass_attrs = uid=user,proxy,BCMailDovecotProxyHost=host > > This looks ok. > > > I've turned on auth_verbose, debug, etc and still can't figure out why > it > > wont proxy. Ive tried adding user_attrs (the same as the pass attrs). > I've > > even just put nologin in the pass_attrs but the user is still able to > login, > > its like that field is not being processed. > > What do the logs show with auth_debug=yes? > >
Re: [Dovecot] Small typo
On Mon, 2007-11-12 at 11:49 +0530, Abhijit Hoskeri wrote: > On Sat, Nov 10, 2007 at 07:56:43PM +0200, Timo Sirainen wrote: > > i_fatal() exits the process. You probably want to use i_error() instead. > > > > Thanks a lot. I have fixed this. I have two more questions: > > * How do I know whether the userdb/passdb is running with blocking=yes > or not? There's a global "bool worker" variable. If it's TRUE, you're running in auth worker process (blocking=yes is set), otherwise not. But not all passdbs support blocking=yes at all. > * What are your plans on putting something like this in the Dovecot > trunk/HEAD, along with your dont-proxy-on-ips-i-listen-on patch you had > posted some time back? I don't much like the idea of maintaining my > own version of Dovecot! The dont-proxy-my-own-ips patch is already committed, but it only fixes the infinite looping and not letting user log in normally (I think?). These aren't very high on my TODO list right now, so I don't really have plans.. signature.asc Description: This is a digitally signed message part
Re: [Dovecot] SIGSEGV login process
On Mon, 26 Nov 2007 15:22:29 +0200, Timo Sirainen <[EMAIL PROTECTED]> wrote: > On Mon, 2007-11-26 at 16:13 +0300, Maxim Lougovsky wrote: >> i have installed exim with self delivery (not dovecot LDA) and just > install >> from port mail/dovecot-sieve and have these crashes. >> e.g. finally case is: >> >> 1) install exim with Maildir delivery >> 2) install dovecot >> 3) start both of them >> 4) install mail/dovecot-sieve >> 5) not touch anything, just wait high load (LA~10..20) > > So the high load is the point I guess. > >> 6) login processes begins randomly crashes >> >> did you still need debug core+bt? > > It would help a lot. Otherwise it'll probably take me quite a lot of > time to reproduce it, if I'm able to do it at all (it could be that some > clients do something special that causes it). ok, i soon send to list backtrace. Thank you
Re: [Dovecot] Ldap Proxy
On Tue, 2007-11-20 at 21:08 -0600, Harrison Metzger wrote: > Hello > > I'm trying to do an ldap proxy but it is not working, it just continues to > access the user's mailbox. I was able to do a proxy with a user in a > "passwd-file", but not ldap directory. Here is part my "args" file on the > passdb ldap stanza: > > auth_bind = yes I'm not sure if this affects it. It shouldn't, but you could try if it works without. > pass_attrs = uid=user,proxy,BCMailDovecotProxyHost=host This looks ok. > I've turned on auth_verbose, debug, etc and still can't figure out why it > wont proxy. Ive tried adding user_attrs (the same as the pass attrs). I've > even just put nologin in the pass_attrs but the user is still able to login, > its like that field is not being processed. What do the logs show with auth_debug=yes? signature.asc Description: This is a digitally signed message part
Re: [Dovecot] Dovecot + Cygwin
On Wed, 2007-11-21 at 03:13 +0100, Ronny wrote:
> > If that worked, try adding exit(0); as the first statement in
> > src/auth/main.c's main() function to see if it returns 53 before or
> > after it reaches that far.
> >
>
> I put some information output to the code (i do not have a debbuger
> running yet ;-) )
>
> static void auth_process_input(void *context)
> {
.
> ...
>
> switch (i_stream_read(process->input)) {
> ...
> case -1:
> /* disconnected */
> i_info("DIE 2");
> auth_process_destroy(process);
> return;
This only means that it sees that auth process died, so master process
shuts down. Put something similar to src/auth/main.c instead to see if
it gets executed.
signature.asc
Description: This is a digitally signed message part
Re: [Dovecot] Mailbox is in inconsistent state
On Tue, 2007-11-20 at 17:30 -0700, Dion Hollenbeck wrote: > 3 - On windoze, with Eurora, check for new mail, "ERR Mailbox is in > inconsistent state, please relogin" There should be something in log files. > I also tried looking at the log, but it appears to be a binary > (located in /home//mail/.imap/INBOX/dovecot.index.log) not > a readable text file. You're looking into wrong place. :) See http://wiki.dovecot.org/Logging signature.asc Description: This is a digitally signed message part
Re: [Dovecot] squat plugin
On Wed, 2007-11-21 at 00:46 +0800, Joe Wong wrote: > I have installed 1.1 beta 8 with fts-squat enabled. I have added the > plugin section in dovecot.conf. How can I actually make use of the > full text index? Just use SEARCH TEXT or SEARCH BODY command and Dovecot indexes the mailbox and then uses the indexes later automatically. i.e. do nothing special. :) signature.asc Description: This is a digitally signed message part
Re: [Dovecot] Wanting to seperate MTA and Imap
On Fri, 2007-11-23 at 10:02 +0200, Brent Clark wrote: > Current my set up is that the MTA and Dovecot (maildir) is on the same > machine. Ive been asked to seperate the services from the same machine > (too would like to add a secondary MTA - but thats future ideas). > > I read the documentation on NFS, but from other sites i have read. > Most say this is NOT the best solution. > > My question is, how do some of the fellow dovecot users,or other > companys, e.g. google etc, pull this off. One possibility would be a LMTP server. http://pll.sf.net/ has been used successfully at least. signature.asc Description: This is a digitally signed message part
Re: [Dovecot] SIGSEGV login process
On Mon, 2007-11-26 at 16:13 +0300, Maxim Lougovsky wrote: > i have installed exim with self delivery (not dovecot LDA) and just install > from port mail/dovecot-sieve and have these crashes. > e.g. finally case is: > > 1) install exim with Maildir delivery > 2) install dovecot > 3) start both of them > 4) install mail/dovecot-sieve > 5) not touch anything, just wait high load (LA~10..20) So the high load is the point I guess. > 6) login processes begins randomly crashes > > did you still need debug core+bt? It would help a lot. Otherwise it'll probably take me quite a lot of time to reproduce it, if I'm able to do it at all (it could be that some clients do something special that causes it). signature.asc Description: This is a digitally signed message part
Re: [Dovecot] libwrap-ing IMAP and POP logins
On Wed, 2007-11-21 at 16:38 +0100, Edgar Fuß wrote: > Just to know: is there simply no interest in libwrap-ing dovecot or is > there a better way to do it or is my patch considered inadequate? I also wrote libwrap patch a few years ago: http://dovecot.org/patches/1.0/tcp-wrappers.patch The problem is that it doesn't work when login process is chrooted, so I thought there's no point in including support for it. I was thinking about adding support for this in Dovecot v2.0 using some kind of a separate non-chrooted daemon. signature.asc Description: This is a digitally signed message part
Re: [Dovecot] Wanting to seperate MTA and Imap
Brent Clark wrote: I read the documentation on NFS, but from other sites i have read. Most say this is NOT the best solution. I use NFS, as do quite a number of people - it may not be the best solution, but there are few others for realising shared storage at all sensibly. Most of the cluster filesystems I've tested have not performed well, and I'm guessing you don't have access to a quality SAN to make this sensible. Have you tested Redhat's GFS? If yes, how it behave with Dovecot imap/lda? Pawel
Re: [Dovecot] SIGSEGV login process
On Mon, 26 Nov 2007 15:04:06 +0200, Timo Sirainen <[EMAIL PROTECTED]> wrote: > On Thu, 2007-11-22 at 21:16 +0300, Maxim wrote: >> #0 0x08051e2d in auth_client_request_continue () >> (gdb) bt >> #0 0x08051e2d in auth_client_request_continue () >> #1 0x0804b8db in client_auth_input () >> #2 0x080562ec in io_loop_handler_run () >> #3 0x0805599d in io_loop_run () >> #4 0x0804d963 in main () >> (gdb) >> >> or what anything info should i provide? > > Any chance of getting the backtrace with debug symbols enabled? If you > compile from sources, they're in the binaries by default. > > Also it sometimes helps backtraces if optimizations are disabled. You > can do this with: > > CFLAGS=-g ./configure i found problem. i have installed exim with self delivery (not dovecot LDA) and just install from port mail/dovecot-sieve and have these crashes. e.g. finally case is: 1) install exim with Maildir delivery 2) install dovecot 3) start both of them 4) install mail/dovecot-sieve 5) not touch anything, just wait high load (LA~10..20) 6) login processes begins randomly crashes did you still need debug core+bt?
Re: [Dovecot] File locking problems and duplicate emails with the snarf plugin
On Wed, 2007-11-21 at 20:29 +, Adrian Barker wrote: > > Two weeks ago we switched all our IMAP users (around 25,000) from the > Washington IMAP server to Dovecot, and since then there have been > several occasions when reading new email just hangs, and duplicate > emails appear. We are using the 'snarf' plugin to copy new email to the > inbox, and it looks as though the problems are caused by file locking. How do you deliver mails to the mboxes? If not using Dovecot's deliver, the mbox locking order could be different between them and they'd deadlock. mbox_read/write_locks settings affect this. > We have been using the Washington IMAP server for a number of years > without any file locking problems, so the underlying file locking > mechanism is robust. Did UW-IMAP really use fcntl locks with mboxes? Could it be that it just didn't, and now the problem is with fcntl locking in general? signature.asc Description: This is a digitally signed message part
Re: [Dovecot] Sieve regex never matches
Hi Timo, >> Both scripts compile fine, but their regex never match. Has anyone >> an idea why? I'm using Dovecot 1.0.0 on Debian Etch stable. > > So I guess you also use Debian-compiled Sieve plugin? It's possible that > it doesn't have regex support compiled in. I'm not sure if it gives any > errors or if it just silently ignores it.. No, no errors, so regex support was compiled in. The regex just never matched/always returned false. I've installed version 1.0.5 from the Debian testing branch yesterday evening, and now it works, so the problem has already been fixed. Frank
Re: [Dovecot] passdb ldap static values
On Wed, 2007-11-21 at 15:09 -0600, Harrison Metzger wrote:
> Hello,
>
> In the pass_attrs field one can map ldap attributes to dovecot attributes.
> I'm wondering if I can map both ldap attribuets and static attributes to a
> dovecot value in the same passdb section.
It's possible with v1.1, but not with v1.0.
> Also, I can't seem to find what other values (if any) can belong in the:
> passdb ldap {
> args = /path/filename
> }
> stanza. Are there any other options I can put in that stanza, I can't seem
> to find any on the wiki.
You can't put anything else there.
signature.asc
Description: This is a digitally signed message part
Re: [Dovecot] Disconnected: Mailbox is in inconsistent state, please relogin
On Fri, 2007-11-23 at 03:24 -0800, Kleyton M. wrote: > Nov 23 09:00:43 golf dovecot: IMAP(everli): Maildir > /home/everli/Maildir sync: UID < next_uid (89 < 90, file = > msg.BAwd:2,) I don't understand your language, but I do understand this error message. You've configured Procmail to deliver mails using MH format. See http://wiki.dovecot.org/MailboxFormat/Maildir#procmail signature.asc Description: This is a digitally signed message part
Re: [Dovecot] SIGSEGV login process
On Thu, 2007-11-22 at 21:16 +0300, Maxim wrote: > #0 0x08051e2d in auth_client_request_continue () > (gdb) bt > #0 0x08051e2d in auth_client_request_continue () > #1 0x0804b8db in client_auth_input () > #2 0x080562ec in io_loop_handler_run () > #3 0x0805599d in io_loop_run () > #4 0x0804d963 in main () > (gdb) > > or what anything info should i provide? Any chance of getting the backtrace with debug symbols enabled? If you compile from sources, they're in the binaries by default. Also it sometimes helps backtraces if optimizations are disabled. You can do this with: CFLAGS=-g ./configure signature.asc Description: This is a digitally signed message part
Re: [Dovecot] Sieve regex never matches
On Sun, 2007-11-25 at 00:01 +0100, [EMAIL PROTECTED] wrote: > Both scripts compile fine, but their regex never match. Has anyone > an idea why? I'm using Dovecot 1.0.0 on Debian Etch stable. So I guess you also use Debian-compiled Sieve plugin? It's possible that it doesn't have regex support compiled in. I'm not sure if it gives any errors or if it just silently ignores it.. signature.asc Description: This is a digitally signed message part
Re: [Dovecot] Questions about deliver log files
On Sun, 2007-11-25 at 00:03 +0100, [EMAIL PROTECTED] wrote:
> I tried to recreate it with deliver by using the variables %h and
> %d/%n, but they are not interpreted when the log file is accessed
> ("Can't open log file /var/vmail/%d/%n/deliver.log: No such file
> or directory"). And there seems to be no way to include a date in
> the file name (but maybe I could use logrotate for that).
v2.0 will have better support for these kind of things, but for now you
could use a dynamically generated config file. Before running deliver
you'd create a config for it using perl or whatever where the log_path
is set like you want it.
> Currently deliver only logs the message id. A user would never
> ask for this (especially if he asks where certain mails were
> stored/discarded), he would ask for the sender's name/email or
> subject. Is the contents of the log file configurable?
Unfortunately not. I added this to my TODO now. It wouldn't be difficult
to modify deliver's sources for this though.
signature.asc
Description: This is a digitally signed message part
Re: [Dovecot] imap process killed with signal 11
On Sun, 2007-11-25 at 13:39 +, Daniel wrote: > Using the latest cvs from HEAD, I'm experiencing problems after sending > a message and the client is trying upload the message to the > appropriate (Sent/Queue) folder. I get only one error in dovecot.log: > dovecot: Nov 25 14:21:31 Error: child 19554 (imap) killed with signal 11 Could you get gdb backtrace from this crash? Otherwise I can't really do anything about it. See http://dovecot.org/bugreport.html signature.asc Description: This is a digitally signed message part
Re: [Dovecot] recalculation of maildir Quota
On Fri, 2007-11-23 at 18:47 +0100, Ingo Rogalsky wrote: > This solves the issue. Thanks. Nevertheless I'm going to disable the > quota plugin because of the long recalculation time and imap clients not > usable during this. > > But one more question: Would it be possible to disable the recalculation This would be easy by modifying the quota plugin. > and do this with a nightly cronjob, which scans all mail accounts? This would be specific to your installation, but I guess it wouldn't be too difficult to write such a script.. Anyway I won't try it. :) signature.asc Description: This is a digitally signed message part
Re: [Dovecot] migrating from mbox to maildir
On Sun, 2007-11-25 at 22:56 -0600, Kyle Wheeler wrote: > On Saturday, November 24 at 10:13 PM, quoth mouss: > >> If for some reason you are completely stuck with 0.99.x, then yes, > >> changing to Maildir format is pretty easy, and there are plenty of > >> conversion scripts out there in the world. Just ask Google. Keep in mind > >> if the real problem is some bug in Centos that prevents Dovecot from > >> using locks, then the Maildir conversion may not help much, because > >> Maildir (in Dovecot) uses locks as well. > > > >why lock? > > To quote the Dovecot wiki > (http://wiki.dovecot.org/MailboxFormat/Maildir): > > Although maildir was designed to be lockless, Dovecot locks the > maildir while doing modifications to it or while looking for new > messages in it. This is required because otherwise Dovecot might > temporarily see mails incorrectly deleted, which would cause > trouble. Basically the problem is that if one process modifies the > maildir (eg. a rename() to change a message's flag), another > process in the middle of listing files at the same time could skip > a file. The skipping happens because readdir() system call doesn't > guarantee that all the files are returned if the directory is > modified between the calls to it. This problem exists with all the > commonly used filesystems. OSX with HFS+ seems to be an exception actually. Also it would be possible to use inotify to avoid skipping files. Also Dovecot uses dotlock files, not fcntl locks, to do the maildir locking. Originally this was both because of NFS and because new dovecot-uidlist was written to the dovecot-uidlist.lock file and rename()d over. This isn't done anymore, so NFS is the only reason why dotlocks are used. I guess v2.0 could use lock_method setting to figure out if it should use fcntl/flock instead. signature.asc Description: This is a digitally signed message part
Re: [Dovecot] overquota message
On Mon, 2007-11-26 at 10:40 +0100, Emiliano Gabrielli (aka AlberT) wrote: > is it possible to customize the overquota message ? > I'd like very much if it was possible to use the %d in the postmaster mail > address Hmm. Sounds like this could be useful. Maybe if postmaster_address ends with "@" (like "postmaster@") it would take the domain from the destination user's address. Or do MTAs have better idea of what it could be and it could be passed as a parameter? > (and overquota message) too v1.1 supports this. With v1.0 you'd have to modify sources. signature.asc Description: This is a digitally signed message part
Re: [Dovecot] dovecot with ldap and allow_nets
On Fri, 2007-11-23 at 16:12 +0100, Marc Cuypers wrote: > Some of the mail users may only login from the LAN, while others can > login from the LAN and the internet. > > I've read about allow_nets but i can't find very much info when dovecot > is used with ldap. Can someone give me a direction (url, configuration > file, ...). You'll have to store the allow_nets field to LDAP using some name and tell Dovecot to use it in pass_attrs. On LDAP side you probably need some special schema (don't ask me about that) or you need to use some other existing field for that purpose. pass_attrs anyway goes something like: pass_attrs = uid=user,userPassword=password,someField=allow_nets signature.asc Description: This is a digitally signed message part
[Dovecot] Squat full text search indexer redesign
I was writing this to beta9 announcement, but it grew so huge that I guess a separate mail is better. :) I've spent quite a lot of time this last week redesigning/rewriting Squat indexer. I think the redesign is good enough now that I'll just replace the existing squat with this new one in next release. I don't think many people are using the old squat, and there are also some bugs in it that cause some searches not to find anything (haven't tried to fix it). The old Squat indexes about 3MB/s on my machine while the new one indexes 8MB/s. Or it's actually 10MB/s, but at the end of indexing it does a compression step that merges all fragmented UID lists. That drops the index size something like 5-10%, but it's pretty slow because it has to go through all the fragmented lists. It could probably be optimized to be a lot faster, but I think I'll forget about it for now. Besides being faster there are other improvements in it: - Old squat could answer only 4 character long substring searches. New squat can answer 1..n characters long substring searches, where n can be configurable. The larger the n, the larger the index size. For example 4..10 index sizes are about 35% -> 46% -> 53% -> 59% -> 63% -> 67% -> 70% of the mailbox size (with 32MB of Dovecot mailing list archives). With both old and new squat if the search keyword is longer than n, Dovecot looks up the list of all possible n char long combinations of the word, gets a list of their common UIDs and then reads those mails to verify that the word is really found from them. - New squat can also be configured to index longer words for non-substring searches. This allows it to give a definite list of UIDs where the word is found, so Dovecot doesn't have to open those mails to verify it. However it can't give a definite list of UIDs where the substring isn't found. So it still has to do the n-char-combination lookup described above, and for those returned UIDs which aren't also in the definite-UIDs list Dovecot still has to read them to check if the substring is found or not. This could be skipped for non-standard X-FAST-TEXT and X-FAST-BODY searches which don't try to search substrings. Adding 255 char long non-substring searches to 4 char long substring searches grows the index about 7% (35%->42% for 32MB, 28%->36% for 200MB, 27%->33% for 1,4GB). Unfortunately it also grows memory usage pretty much. For a 200MB mailbox heap usage grows from 34MB to 163MB. For 1,4GB lkml mailbox heap usage grows from 80MB to 700MB. So I'm not sure if this should be enabled by default until something can be done about the memory usage. - The current list of indexed characters are: A-Z, 0-9, @.-+#$%_& and all 8bit chars. When trying to search for non-indexed characters Dovecot has to split the search word. For example "a,b" would search "a" and "b", combine the results and then open those mails to see where it really exists. The same thing happens with "a b". If the search word doesn't contain any indexable characters, Dovecot has to read all mails. This indexable character list could be changed runtime, so if a user keeps searching for some non-indexed character, it could be added to indexed characters and the index be rebuilt. - To be able to give definite replies for BODY searches squat has to keep track of whether a word was found from body or header. This also optimizes HEADER searches because then Dovecot has to search only those mails that have the word in their headers, instead of the mails that have it in either header or body. Unfortunately this makes the indexes somewhat larger again (22%->28% for 200MB), but I think this should be done by default. The header+body is stored by storing UID 1=message 1 header, UID 2=message 1 body, UID 3=message 2 header, etc. I haven't yet tried how well the UID lists could be compressed if could support only-header or only-body ranges. For example now if word is found from all headers but from no bodies, it stores the UID list as 1,3,5,7,etc, while it could be stored as simple "only bodies, 1:7". I guess the UID list compression could use all kinds of other algorithms as well. Currently it supports only the whole list being either a bitmask or UID range. A long UID list might compress better as a bitmask +range combination. UID lists take most of the Squat space, so even small improvements can give huge benefits. If you're interested in trying, you can download the current test code and modify uidlist_write_array() for writing and node_uidlist_get_at_offset() for reading. http://dovecot.org/tmp/test.c http://dovecot.org/tmp/test-uidlist.c Place to src/plugins/fts-squat/, run with ./test some-mbox-file Another somewhat different idea to substring indexing (suggested to me by someone else) would be to index the messages' words normally like most indexers do, and then use Squat indexes for those words. So for example when searching for "ord" it first looks up all words that contain "ord" substring in them. Then it loo
[Dovecot] v1.1.beta9 released
http://dovecot.org/releases/1.1/beta/dovecot-1.1.beta9.tar.gz http://dovecot.org/releases/1.1/beta/dovecot-1.1.beta9.tar.gz.sig Some changes since beta8: - This release should work perfectly with NFS attribute cache enabled. - Fixes to handling what should be written to cache file and when - Some index handling optimizations - IMAP LIST: dbox and cydir can now return children state Beta9 will most likely have a rewritten Squat indexer. More about that the next mail. signature.asc Description: This is a digitally signed message part
Re: [Dovecot] dovecot with ldap and allow_nets
On 11/26/2007, Marc Cuypers ([EMAIL PROTECTED]) wrote: I'll try to compile dovecot 1.0.7 on a test machine (debian etch), and test again. I forgot the best reason - improvements (sometimes major) in performance and behavior... its just 'better'... :) -- Best regards, Charles
[Dovecot] overquota message
Hi, is it possible to customize the overquota message ? I'd like very much if it was possible to use the %d in the postmaster mail address (and overquota message) too ... in virtual domain environment it is very likely .. thanks in advance --
Re: [Dovecot] dovecot with ldap and allow_nets
Charles Marcus schreef: On 11/25/2007, Marc Cuypers ([EMAIL PROTECTED]) wrote: Charles Marcus wrote: On 11/23/2007, Marc Cuypers ([EMAIL PROTECTED]) wrote: # dovecot --version 1.0.rc15 Extremely old... Upgrade... Does your reply mean that allow_nets didn't work with version 1.0. Not necessarily - it means its so old that I (and most likely more than a few others) don't want to hassle with checking to see what possible problems/bugs it had that are fixed in current releases. Unlike myself, Timo could I'm sure answer a lot of question like this off the top of his head, but I'm also sure even he gets irritated by people who come here asking for help when they are running an ancient version. In other words, as with all free software - the more current version, you are running, the easier it will be to get support... You are probably right. I'll try to compile dovecot 1.0.7 on a test machine (debian etch), and test again. -- Marc
