[Dovecot] How to bypass checking of system users by virtual users?
Hi, I have one real domain (abusar.org) and the others are
virtual. So I configured dovecot.conf as the following:
# for abusar.org, real domain
mail_location = mbox:~/.mail/:INBOX=/var/mail/%n
# for the remaining virtual domains
userdb static {
args = uid=17 gid=17 home=/var/spool/virtual/%d/.home/%n
mail=mbox:/var/spool/virtual/%d/home/%n:INBOX=/var/spool/virtual/%d/%n
}
passdb passwd-file {
args = username_format=%n /etc/virtual/%d/passwd
}
***
Everything works perfectly except for the fact that when virtual users
authenticate, dovecot uses the configuration for
real users first and then authenticate succesfully with the virtual
configuration, generating those annoying log error messages:
Oct 3 03:11:40 teleporto dovecot-auth: pam_unix(dovecot:auth): check pass;
user unknown
Oct 3 03:11:40 teleporto dovecot-auth: pam_unix(dovecot:auth): authentication
failure; logname= uid=0 euid=0 tty=dovecot [EMAIL PROTECTED]
rhost=201.6.150.188
Oct 3 03:11:40 teleporto dovecot-auth: pam_unix(dovecot:auth): check pass;
user unknown
Oct 3 03:11:40 teleporto dovecot-auth: pam_unix(dovecot:auth): authentication
failure; logname= uid=0 euid=0 tty=dovecot [EMAIL PROTECTED]
rhost=201.6.150.188
Oct 3 03:11:40 teleporto dovecot-auth: pam_unix(dovecot:auth): check pass;
user unknown
Oct 3 03:11:40 teleporto dovecot-auth: pam_unix(dovecot:auth): authentication
failure; logname= uid=0 euid=0 tty=dovecot [EMAIL PROTECTED]
rhost=201.6.150.188
Oct 3 03:12:00 teleporto dovecot-auth: pam_unix(dovecot:auth): check pass;
user unknown
Oct 3 03:12:00 teleporto dovecot-auth: pam_unix(dovecot:auth): authentication
failure; logname= uid=0 euid=0 tty=dovecot [EMAIL PROTECTED]
rhost=200.204.124.212
This messages happen because dovecot is trying to check virtual
users in the system password file (which just contains real users and
not virtual users).
So is there a way to force it to check virtual users just on
the /etc/virtual/%d/passwd? I mean, if the domain is the real one,
abusar.org, or it doesn't have a domain, it will check in the system
passwords, but if it's some other domain except abusar.org, it should
skip checking system passwords and check directly in the
/etc/virtual/%d/passwd.
I just don't know how to do that.
Any hints? Thank you!
--
Linux 2.6.27-rc8: Rotary Wombat
http://u-br.net
http://www.soninha23.can.br
Re: [Dovecot] Any suggestions for backing up an imap server and whould maildir or dbox be better than mbox?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, Oct 02, 2008 at 08:52:13PM -0400, Eric T wrote: BTW: Dose changing the mailbox format from mbox to Maildir or dbox dose have any advantages? I don't think it makes any difference in this case. It would make a difference if you were to Rsync. Since Rsync is done on a file level; with mbox every new message means that the entire mbox file will need to be copied out. Oh, no. Rsync is smarter than this. If you don't tell it _not_ to do it, it will transfer chunks of files which have changed and modify the target file in-place. How it does recognize what to do is actually worth a read [1]. Note that this algorithm is ideal for files which are (mostly) appended to, like mboxes or log files. [1] http://rsync.samba.org/tech_report/ Regards - -- tomás -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFI5cipBcgs9XrR2kYRAg1bAJ44aTHZenfr3PmAfLZkgXBlrnMNwQCeLKnb USJ2yIxUiUZVw+hVN7zQ0Rs= =y67Y -END PGP SIGNATURE-
Re: [Dovecot] Unknown dict module: mysql
Oct 1 10:52:15 inet2 dovecot: dict: Unknown dict module: mysql Oct 1 10:52:15 inet2 dovecot: dict: Failed to initialize dictionary 'quotadict' Problem seems to be related to dovecot 1.1.3 . 1.1.2 works fine with the same configuration. Am I missing a config change between those versions? Thanks, Oli
Re: [Dovecot] assertion in dovecot imap 1.1.1 to 1.1.3
2008/10/1 Rene Luria [EMAIL PROTECTED]: Dovecot dies with signal 11 (segfault) when doing some commands with a specific message Could you post a backtrace (bt full) of the core file? See: http://dovecot.org/bugreport.html Regards, Diego.
Re: [Dovecot] assertion in dovecot imap 1.1.1 to 1.1.3
Hey Diego, Diego Liziero a écrit : 2008/10/1 Rene Luria [EMAIL PROTECTED]: Dovecot dies with signal 11 (segfault) when doing some commands with a specific message Could you post a backtrace (bt full) of the core file? I've done that and at the end found a way to fix the bug this message was a duplicate because of the moderation process see the thread http://www.dovecot.org/list/dovecot/2008-October/034005.html smime.p7s Description: S/MIME Cryptographic Signature
Re: [Dovecot] Any suggestions for backing up an imap server and whould maildir or dbox be better than mbox?
[EMAIL PROTECTED] wrote: Oh, no. Rsync is smarter than this. If you don't tell it _not_ to do it, it will transfer chunks of files which have changed and modify the target file in-place. How it does recognize what to do is actually worth a read [1]. Note that this algorithm is ideal for files which are (mostly) appended to, like mboxes or log files. Ah thanks, I hadn't looked too much into Rsync to see that it does that. Pretty slick. So that being said reverse what I just said, Mbox is better for Rsync then Maildir or Dbox (which would cause Rsync to run longer as it has more files to look at to see if they've changed)
[Dovecot] Importing Microsoft PST into Dovecot Imap
Hi , I think the question has been asked before ... but I need to be adviced on what would be the best way to import microsoft PST's into Dovecot.. ? What software can I use.. can a anyone make any recommendations? even if one has to spend some money on some commecial software.. but it has to work.. so Im looking for someone who has tried from experience as ive tried some freeware or trial software off the internet with little or no success. Thanks and regards... Ilo
Re: [Dovecot] create folder automatically
On Oct 2, 2008, at 11:10 AM, Nicolas Letellier wrote: Le Wed, 01 Oct 2008 12:34:09 -0300, Eduardo M KALINOWSKI [EMAIL PROTECTED] a écrit : From: Nicolas Letellier Indeed, the folder is created with the sieve rule (cf precedent mail). I see this line in my deliver log: Oct 1 10:48:42 trinite deliver([EMAIL PROTECTED]): msgid=[EMAIL PROTECTED]: saved mail to Junk However, when we connect us in the webmail, or download mail with IMAP, the folder is not present. The folder is created, but no line about it is present in subscriptions file. So, the folder is not viewable. If I remember correctly, recently it was added an option to deliver to autosubscribe to created folders. I think it is only available in the git version. How use this feature? I want a sieve rule create the folder automatically, and autoscribe mailbox to it. Add -s parameter to deliver. Works only with v1.1.3. PGP.sig Description: This is a digitally signed message part
Re: [Dovecot] client certs with godaddy ssl cert
On Oct 2, 2008, at 6:59 AM, Harondel J. Sibble wrote: Dovecot does have to trust the signing cert for the clients (i.e. it can't just be looking at some default bundle of commercial CA's) but that's not really connected to its server cert. Yes, I thought so and that is exactly the crux of my problem, how do I get dovecot to trust both cert chains, GoDaddy and my self signed client certs simultaneously? I can't seem to find anything on that specific issue. I can't really answer this question, except to say that Dovecot uses the standard OpenSSL functions to set up all certificates. So if you can find an answer to any server using OpenSSL it's probably applicable to Dovecot as well. I'd guess you just put all the certs to the same file. PGP.sig Description: This is a digitally signed message part
Re: [Dovecot] Importing Microsoft PST into Dovecot Imap
on 10-3-2008 8:16 AM Ilo Lorusso spake the following: Hi , I think the question has been asked before ... but I need to be adviced on what would be the best way to import microsoft PST's into Dovecot.. ? What software can I use.. can a anyone make any recommendations? even if one has to spend some money on some commecial software.. but it has to work.. so Im looking for someone who has tried from experience as ive tried some freeware or trial software off the internet with little or no success. Thanks and regards... Ilo Are the pst's openable by outlook? If so, you can add an IMAP connection to the server and copy them over. -- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don't signature.asc Description: OpenPGP digital signature
Re: [Dovecot] client certs with godaddy ssl cert
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, Oct 03, 2008 at 07:18:46PM +0300, Timo Sirainen wrote: On Oct 2, 2008, at 6:59 AM, Harondel J. Sibble wrote: Dovecot does have to trust the signing cert for the clients (i.e. it can't just be looking at some default bundle of commercial CA's) but that's not really connected to its server cert. Yes, I thought so and that is exactly the crux of my problem, how do I get dovecot to trust both cert chains, GoDaddy and my self signed client certs simultaneously? I can't seem to find anything on that specific issue. [...] I'd guess you just put all the certs to the same file. Yes, that's how it is supposed to work. In whatever file you keep your root certificates, you just concatenate them all (and the CRLs, the Certificate Revocation Lists). The Dovecot Wiki confirms that [1] [1] http://wiki.dovecot.org/SSL/DovecotConfiguration#head-c61be71adc5d146a3acea0a608e528e110ccac5e Regards - -- tomás -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFI5lduBcgs9XrR2kYRAg0JAJ0Tqz9ZjSpLA8xsbSDecmbBEEuH4wCeKUaV yqhu+5X3Sb+OA0jvTTRHlYk= =nX1o -END PGP SIGNATURE-
[Dovecot] Feature wish: Virtual POP3 folder with IMAP
Hallo, is it possible to implement a flat folder view for POP3 users? The problem is that POP3 only knows one folder: INBOX. Now, if a user logs in via POP3, he won't see messages that live outside the INBOX folder - this could be e.g. a *SPAM*-flagged message moved to another folder via Sieve/LDA/other mechanism. What about adding a feature `pop3_remap_folders` to virtually place *all* messages spread across different folders inside INBOX, only for the POP3 session, and without impact on the actual folder structure as seen thru IMAP? I see some issues though: - How would SENT and TRASH be handled? These special folders shouldn't be part of the game. - What happens if the POP3 client deletes a message, which is the default behavior of Outlook and friends? Proposed logic: really delete message if not logged in via IMAP since ($filemtime_of_message - $user_configurable_amount_of_seconds), else gracefully ignore client's delete request. This *could* become a problem if quotas are enabled, but then again it should be the admin's decision to offer this feature to his users. - Message IDs: Would the above Delete-only-if workaround confuse some mail clients and make them download the same messages over and over? - Perhaps another way: create a separate POP3 directory inside the mailbox, only used by dovecot-pop3. Inside reside symlinks to the actual messages spread across different IMAP folders, which can safely be deleted by a POP3 client and also following the real-delete logic described above. The benefit of such a virtual folder remapping would be great for systems also using webmail and/or Sieve. Regards, James -- [EMAIL PROTECTED]
[Dovecot] Test environment question
I have V1.1 running on a test server that NFS mounts mbox-formatted inbox and home folder dirs. I have eliminated the profile listing for connection to the V1.0 production servers so that can't start up and corrupt the synch of the test servers indices I am seeing posix_fallocate and file_set_size errmsgs in the mail syslog, but see a pattern: 1) They only happen with the /var/spool/mail inbox NOT with any of the /home folders and appear to be happening every 10 minutes from the time I started DC (9AM, 10/1/98) until 11AM, 10/2...and then ceased The every ten minute message sets looked like this: Oct 1 22:30:31 egg mail:err|error dovecot: IMAP(sdean): posix_fallocate() failed: Resource temporarily unavailable Oct 1 22:30:31 egg mail:err|error dovecot: IMAP(sdean): file_set_size() failed with mbox file /var/spool/mail/sdean: Resource temporarily unavailable Oct 1 22:40:31 egg mail:err|error dovecot: IMAP(sdean): posix_fallocate() failed: Resource temporarily unavailable Oct 1 22:40:31 egg mail:err|error dovecot: IMAP(sdean): file_set_size() failed with mbox file /var/spool/mail/sdean: Resource temporarily unavailable Oct 1 22:50:31 egg mail:err|error dovecot: IMAP(sdean): posix_fallocate() failed: Resource temporarily unavailable 2) My Thunderbird client's server settings are set to check for mail every 10 minutes AND I don't access the mail overnight, so it this must be causing it! I did check the crontabs on both my test and production servers and they had nothing with this time periodicity 3) However, then there was the following: a) If I used webmail, which accessed the production server and got the indices on my test server out of sync, I got this error message from in the mail syslog on my test server: Oct 3 12:20:23 egg mail:err|error dovecot: IMAP(sdean): mbox sync: UID inserted in the middle of mailbox /var/spool/mail/sdean (648818 648046, seq=1153, idx_ msgs=1187) Which is what one would expect...once the V1.1 code is on production server that won't happen anymore, so that's OK and can be ignored b) I seem to end up having leftover imap session on the test server. Around 1PM today, I was unable to get mail and saw these messages in the test server's mail syslog: Oct 3 12:44:58 egg mail:info dovecot: imap-login: Maximum number of connections from user+IP exceeded: user=sdean, method=PLAIN, rip=10.20.10.169, lip=192.24 6.229.31 Turns out I had 10+ sessions, one back from yesterday, so I killed them all and could get mail, but...about six minutes later, I had the two posix_fallocate and file_set_size errmsgs again after not having any for a day. So something about new connections maybe causes this? Any ideas why: a) I am having leftover IMAP sessions on my test server? This doesn't happen on my production DC V1.0 server b) Ditto on the the posix_fallocate and file_set_size errmsgs which also aren't found on my production server's mail syslog. ? I do realize that these seem to be related to Tbird, but they don't happen with V1.0 I have attached my original note with its copies of the dovecot -n output for both machines ---BeginMessage--- My production DC machine owns the mail filesystems and is running DC V1.0.15 and mbox folder format. I am looking to test V1.1.3 on another machine, which NFS mounts the mail filesystems, but has its own local index FS. I have made this test environment my default connection in TBird, and it seems to work just fine. Also, I have made sure that my TBird client isn't connecting to the production server (it has multiple accounts but I have turned off the cehck for mail when starting and check for new mail every N minutes functions, and then check the ps table to make sure there are no imap connections) However, I'm seeing two errmsgs in the maillog on the test machine: Sep 22 11:54:13 egg mail:err|error dovecot: IMAP(sdean): posix_fallocate() faile d: Protocol not available Sep 22 11:54:13 egg mail:err|error dovecot: IMAP(sdean): file_set_size() failed with mbox file /var/spool/mail/sdean: Protocol not available which appear to happen AFTER mail arrives at the production serverit seems to happen on my test server the next time my client goes to access mail AFTER mail has arrived at the production server. Subsequent client requests of the test server execute without error until AFTER the next time mail arrives at and my inbox is updated with it. Again, if I hadn't looked at the logs, I wouldn't know there was a problem...I can see my new mail just fine from the test server. The questions: Is this anything I should be concerned about? Is this a bug or a legit problem coming from my improper use of two servers against the same data. FWIW, I am using fcntl for both mbox read and write locks. procmail in the MDA on the production server, and its locking hierarchy dotlock,fcntl, which Timo previously approved. Thanks! Production dovecot -n output: # 1.0.15: /usr/local/etc/dovecot.conf listen:
Re: [Dovecot] Importing Microsoft PST into Dovecot Imap
Hi, On Fri, 3 Oct 2008, Ilo Lorusso wrote: I think the question has been asked before ... but I need to be adviced on what would be the best way to import microsoft PST's into Dovecot.. ? Since you have some money to spend, I'd recommend aid4mail. You can play around with the free trial version first (max 50 msg per mailbox, and annoying message counters in converted emails), and see if it suits your needs. I never tried converting FROM pst files, but it worked like a charm when converting TO pst files (from Pegasus Mail which had been used as pop3 client for many many years). It uses the MAPI interface from Outlook or maybe even from OE, so you do need to have that installed on the windows computer doing the conversions. (See the FAQ about that to be sure) I've used it to convert some tens of users, and in total about 25.000 messages. It even did the folder and subfolder stuff correctly. When converting from PST's to Dovecot, you probably want to convert to Maildir immediately (to keep the folder structures intact - mbox doesn't allow both folders and messages in a folder!). If that conversion has some problems, try converting to mbox first and then use mb2md orso to convert to maildir. Of course, you could also add an IMAP account to the existing Outlook install and dragdrop the stuff from the PST to the IMAP account, but that really is a PITA. Especially if you've got a fair number of users to migrate. With Aid4mail this still requires you to work your way through each individual user's PST, but you don't need to do anything special. Just select source and destination types, and wait for it to complete. It may even be scriptable, but I never looked into that. (It was just too easy to just point and click a few times instead of figuring out how to script it) HTH, Maarten
Re: [Dovecot] Feature wish: Virtual POP3 folder with IMAP
James wrote: is it possible to implement a flat folder view for POP3 users? No. If you need folder, use IMAP. If you need Sieve, use IMAP. If you need Sent or Spam folders, use IMAP. POP3 is limited and it is neither possible nor useful to simulate IMAP behavoir with POP3. That's the reason why IMAP was invented. Heiko Heiko Schlichting Freie Universität Berlin [EMAIL PROTECTED] Zentraleinrichtung für Datenverarbeitung (ZEDAT) Telefon +49 30 838-54327 Fabeckstraße 32 Telefax +49 30 838454327 14195 Berlin
Re: [Dovecot] Feature wish: Virtual POP3 folder with IMAP
Guten Morgen Heiko, I think you misunderstood. I'm not after a way of simulating IMAP via POP3, which would certainly violate RFCs. I'm looking for a way to make *all* messages accessible to a POP3 client, regardless a message is inside the INBOX folder or not. To illustrate: IMAP/Webmail view: # Current POP3 # Intended # implementation#POP3 view: - INBOX folder# # + message a # + message a # + message a + message b # + message b # + message b - Spam folder # # + message c + message c # # + message d - Work folder # # + message d # # - SENT folder # # + message e # # Message e isn't part of the POP3 view as the SENT and the TRASH folders are special. So it would boil down to a virtual folder view a POP3 client gets. Is that possible? Maybe I didn't correctly chose some technical terms :-) James Heiko wrote: James wrote: is it possible to implement a flat folder view for POP3 users? No. If you need folder, use IMAP. If you need Sieve, use IMAP. If you need Sent or Spam folders, use IMAP. POP3 is limited and it is neither possible nor useful to simulate IMAP behavoir with POP3. That's the reason why IMAP was invented. Heiko Heiko Schlichting Freie Universität Berlin [EMAIL PROTECTED] Zentraleinrichtung für Datenverarbeitung (ZEDAT) Telefon +49 30 838-54327 Fabeckstraße 32 Telefax +49 30 838454327 14195 Berlin
[Dovecot] index matter
Hi, I have a question about the following explanation; IndexFiles.txt -- If index files are missing, Dovecot creates them automatically when the mailbox is opened. -- Are they made based on which information? Thanks. Yoko -- Enjoy MLB with MAJOR.JP! Ichiro, Matsuzaka, Matsui, and more! http://pr.mail.yahoo.co.jp/mlb/
