Re: [Dovecot] Dovecot + SASL + allow_nets

2007-12-04 Thread Marc Cuypers 

Noel Jones schreef:

On Dec 3, 2007 7:36 AM, Marc Cuypers [EMAIL PROTECTED] wrote:

Hi,

When using dovecot for authentication of an SASL (postfix) request, i
cannot use the allow_nets parameter.  The IP-address of the requester is
not known in dovecot.

I would like to allow sasl for certain users, others are not allowed to
access via SASL.
Some users can have access to imap and pop3 from certain IP-addresses.

How could i combine this in then dovecot configuration?

--
Best regards,

Marc



You can do this in postfix main.cf using the
smtpd_sasl_exceptions_networks parameter. Normally this parameter
lists networks *not* allowed to use AUTH, but you can exempt certain
hosts by proceeding them with a !.  Note that order matters, here;
exceptions must come before the static:all entry.

For example. to offer AUTH only to 192.0.2.0-192.0.2.255:
# main.cf
smtpd_sasl_exceptions_networks = !192.0.2.0/24 static:all

See also
http://www.postfix.org/postconf.5.html#smtpd_sasl_exceptions_networks
Or for an alternative method:
http://www.postfix.org/postconf.5.html#smtpd_discard_ehlo_keyword_address_maps


OK, thanks,

But it is not user related.  I want some user to be able to SASL, others 
don't.


--
Marc

[Dovecot] 1.1beta 10 hang

2007-12-04 Thread Joe Wong 
Hi Timo,

I have installed 1.1 beta 10 today with squat enabled. When I do uid 
search body something, the imap will sometimes segmentation fault, or 
sometime hang. 

Here is what i found in the log when imap did not hang..

dovecot: Dec 04 17:11:07 Panic: IMAP(joewong99:joew.outblaze.com): file 
squat-uidlist.c: line 178 (uidlist_write_array): assertion failed: ((uid  
~UID_LIST_MASK_RANGE) = prev)
dovecot: Dec 04 17:11:07 Error: IMAP(joewong99:joew.outblaze.com): Raw 
backtrace: imap [0x80ca1f0] - imap [0x80ca0fc] - 
/usr/local/lib/dovecot/imap/lib21_fts_squat_plugin.so [0x11b9a9] - 
/usr/local/lib/dovecot/imap/lib21_fts_squat_plugin.so [0x11ba7a] - 
/usr/local/lib/dovecot/imap/lib21_fts_squat_plugin.so [0x11bb6b] - 
/usr/local/lib/dovecot/imap/lib21_fts_squat_plugin.so(squat_uidlist_build_add_uid+0x2e2)
 
[0x11c0d2] - /usr/local/lib/dovecot/imap/lib21_fts_squat_plugin.so 
[0x11a9cb] - /usr/local/lib/dovecot/imap/lib21_fts_squat_plugin.so 
[0x11acf0] - 
/usr/local/lib/dovecot/imap/lib21_fts_squat_plugin.so(squat_trie_build_more+0x16a)
 
[0x11ae6a] - /usr/local/lib/dovecot/imap/lib21_fts_squat_plugin.so 
[0x117b54] - 
/usr/local/lib/dovecot/imap/lib20_fts_plugin.so(fts_backend_build_more+0x2e) 
[0x1125de] - /usr/local/lib/dovecot/imap/lib20_fts_plugin.so [0x113f3d] 
- imap [0x805d196] - imap [0x805d518] - 
imap(io_loop_handle_timeouts+0x10b) [0x80d0ceb] - 
imap(io_loop_handler_run+0x69) [0x80d1509] - imap(io_loop_run+0x28) 
[0x80d0bc8] - imap(main+0x4cc) [0x8066c4c] -
dovecot: Dec 04 17:11:07 Error: IMAP(joewong99:joew.outblaze.com):  
/lib/libc.so.6(__libc_start_main+0xe0) [0x77df70] - imap [0x8059571]
dovecot: Dec 04 17:11:07 Error: child 32571 (imap) killed with signal 6


--

Re: [Dovecot] Please solve my query

2007-12-04 Thread Uldis Pakuls 
bhagwat swarup wrote:
 hi
 my question is
 Start a POP3 server on rhel5 with a matching criteria
 1) user jack must get mail
 2 Allow your network lw.com
 3)my133.org domain can not access your server

 Thanks And Regards
 Bhagwat Swarup
 NH India Ltd

   
Usual way to configure access to server (in this case - pop3 service) is
setting up firewall rules.
Reverse lookup of connecting IP anyway is useless - user can configure
mail client anywhere in the world. POP3 protocol don't implement any
host based rules like SMTP HELO restrictions.
If you want restrict access  - only one way is allow/deny appropriate
IP/Netblocks. It is firewall job.

Uldis

Re: [Dovecot] imap process consuming 100% CPU (Dovecot 1.0.3)

2007-12-04 Thread Timo Sirainen 
On Wed, 2007-11-28 at 08:09 -0700, Jackie Hunt wrote:
  Problem was that it was reading a 50MB mail in 12kB blocks, and Dovecot
  wasn't handling that very well. Fixed:
  
  http://hg.dovecot.org/dovecot-1.0/rev/0fba164c6ba6
  http://hg.dovecot.org/dovecot-1.0/rev/edd95f9c6ba4
 
 That's awesome!  Thanks so much Timo, you always come through!  
 I'll install the fixes ASAP.

Actually that didn't fix it completely for mbox. This should really fix
it: http://hg.dovecot.org/dovecot-1.0/rev/212777918121



signature.asc
Description: This is a digitally signed message part

Re: [Dovecot] LIST problem with Dovecot1.1beta10

2007-12-04 Thread Dean Brooks 
On Tue, Dec 04, 2007 at 03:43:44PM +0200, Timo Sirainen wrote:
 On Mon, 2007-12-03 at 16:11 -0500, Dean Brooks wrote:
  a003 list  Trash*
  * LIST (\NoInferiors \UnMarked) / Trash
  a003 OK List completed.

 Works here:
 
 x list  Trash
 * LIST (\NoInferiors \Marked) / Trash
 x OK List completed.
 
 Show me your dovecot -n output?

The output of dovecot -n follows.  I confirmed that the problem is
definitely different behavior than the old version we were running,
although I'm confused how you couldn't be able to reproduce it.

Well, I'm sure others will run into it if it's a configuration-specific
thing, so it's probably worth checking into.  I'll see if I can
figure it out by twiddling with some settings. 

base_dir: /var/run/dovecot/
protocols: imap
listen: 192.107.41.70
ssl_disable: yes
disable_plaintext_auth: no
login_dir: /var/run/dovecot//login
login_executable: /usr/local/adm/dovecot/libexec/dovecot/imap-login
login_user: daemon
login_log_format_elements: user=%u ip=%r
first_valid_uid: 100
last_valid_uid: 128000
mail_extra_groups: mail
mail_location: mbox:%h/Mail:INBOX=/var/mail/%u:INDEX=/mail/indexes/local/%u
mmap_disable: yes
mail_nfs_storage: yes
mail_nfs_index: yes
mbox_write_locks: fcntl
mail_plugins: quota imap_quota
auth default:
  mechanisms: plain login
  passdb:
driver: shadow
  userdb:
driver: passwd
plugin:
  quota: fs

--
Dean Brooks
[EMAIL PROTECTED]

Re: [Dovecot] LIST problem with Dovecot1.1beta10

2007-12-04 Thread Dean Brooks 
On Tue, Dec 04, 2007 at 03:43:44PM +0200, Timo Sirainen wrote:
 On Mon, 2007-12-03 at 16:11 -0500, Dean Brooks wrote:
  a003 list  Trash*
  * LIST (\NoInferiors \UnMarked) / Trash
  a003 OK List completed.
 
 Works here:
 
 x list  Trash
 * LIST (\NoInferiors \Marked) / Trash
 x OK List completed.
 
 Show me your dovecot -n output?

Well, I confirmed that doing a specific LIST on INBOX works properly:

x list  INBOX
* LIST (\NoInferiors \UnMarked) / INBOX
x OK List completed.

However, no matter what configuration changes I make, Dovecot refuses
to list a filesystem mailbox unless you specify a wildcard:

x list  Sent
x OK List completed.

x list  Sent*
* LIST (\NoInferiors \UnMarked) / Sent
x OK List completed.

Were there any changes to the filesystem listing code?  We're on NFS
filesystem if it makes any difference.

This problem practically makes Dovecot unusable.

I've been trying to trace the code on this, but I'm having a hard time
narrowing down what function is actually excluding individual files
from the list.

--
Dean Brooks
[EMAIL PROTECTED]

Re: [Dovecot] LIST problem with Dovecot1.1beta10

2007-12-04 Thread Timo Sirainen 
On Tue, 2007-12-04 at 12:12 -0500, Dean Brooks wrote:
 However, no matter what configuration changes I make, Dovecot refuses
 to list a filesystem mailbox unless you specify a wildcard:
 
 x list  Sent
 x OK List completed.
 
 x list  Sent*
 * LIST (\NoInferiors \UnMarked) / Sent
 x OK List completed.
 
 Were there any changes to the filesystem listing code?  We're on NFS
 filesystem if it makes any difference.

That might explain it, but I can't think of any change that could have
broken this.

 I've been trying to trace the code on this, but I'm having a hard time
 narrowing down what function is actually excluding individual files
 from the list.

src/lib-storage/list/mailbox-list-fs-iter.c has most of the code
(list_file() probably the most interesting function) and
src/lib-storage/index/mbox/mbox-storage.c has
mbox_list_iter_is_mailbox().


signature.asc
Description: This is a digitally signed message part

Re: [Dovecot] Mails get lost - RHEL 5.1 - dovecot-1.0-1.2.rc15.el5

2007-12-04 Thread Nikolay Shopik 

On 04.12.2007 19:35, Götz Reinicke wrote:

Hi,

we do have a Voiceboxserver which forward recorded avi messages to the
mailserver account of users. I'v tested it for my account 10 minutes ago
 and everything works.

Some users don't get the messages shown up in there mailclient while the
logs show a delivery of that mail.

May be some mail caches are messed up?

We use Thunderbird 2 and the users concerned use imap.

Where may I look or what may I check?

Thanks for your help!

Regards

Götz
  
So you sure it was delivered, seen this on dovecot.info log? If you are 
using maildir you may check if file delivered and exist.

Re: [Dovecot] imap process consuming 100% CPU (Dovecot 1.0.3)

2007-12-04 Thread Dave McGuire 

On Dec 4, 2007, at 9:09 AM, Stewart Dean wrote:
I found this interesting...Finland has just come out tops again in  
the latest PISA evaluation of secondary school student science  
prowess as it has been for some years.  The US, no surprise, comes  
out in the middle as Joe and Jill SixPack think that achievement in  
anything much less math and science (they're hard!) is for geeks.

http://news.bbc.co.uk/1/hi/education/4073753.stm
http://en.wikipedia.org/wiki/ 
Programme_for_International_Student_Assessment

Must be those long winters where there's nothing to do but study :)


  Oh, don't get me started.  I'm so sick of the BudLight-swilling,  
NASCAR-watching, WalMart-loving morons that I'm about ready to go  
find a deserted island somewhere.


 -Dave

--
Dave McGuire
Port Charlotte, FL
Farewell Ophelia, 9/22/1991 - 7/25/2007

Re: [Dovecot] Variable krb5 cache location

2007-12-04 Thread pod 
 TS == Timo Sirainen [EMAIL PROTECTED] writes:

TS I'm beginning to think that maybe something more generic is
TS needed, such as:

TS auth default {
TS   ..
TS   environment {
TS krb5_ktname = ..
TS krb5ccname = ...
TS who_knows_what_else_in_future = ..
TS   }
TS }

TS I think LDAP library also can accept settings from environment.

TS Anyone on mailing list have better ideas?

I'm certainly not going to claim this is a better idea.

Instead of explicitly setting the environment vars from dovecot.conf how
about instead have a mechanism for listing those vars that are acceptable
to pass through from the invoking environment.

Re: [Dovecot] SIGSEGV login process

2007-12-04 Thread Maxim Lougovsky 


On Fri, 30 Nov 2007 16:01:23 +0300, Maxim Lougovsky [EMAIL PROTECTED] wrote:
 
 
 On Fri, 30 Nov 2007 14:47:24 +0200, Timo Sirainen [EMAIL PROTECTED] wrote:
 On Fri, 2007-11-30 at 10:19 +0300, Maxim Lougovsky wrote:
 got it:
 ..
 #0  0x08054096 in auth_client_request_continue (request=0x0,
 data_base64=0x808806b ns1 NAMESPACE) at auth-server-request.c:377
 377 auth-server-request.c: No such file or directory.
 in auth-server-request.c

 So the client sent ns1 NAMESPACE command before Dovecot had finished
 handling login. I guess this crash was with 1.0.7? I think there's a
 very good chance that 1.0.8 has fixed this.
 
 10X. i will try it and report about results.

Seems to be problem with 1.0.8 build solved. Thank you.