Re: [Dovecot] pop3 gives a permission denied error on chdir
On Wednesday 20 May 2009 18:49:25 Steffen Kaiser wrote: Well, there are lots of permission denied problems lately. Are you really absolutely sure that user with uid 5000 may chdir into /home/vmail/example.com/john ?? I mean, make sure su may set uid to the user of UID 5000 (esp. the shell is a real shell, so (as root) # su user -c echo OK displays OK, then do as root # su user -c 'cd /home/vmail/example.com/john echo Dir:$(pwd)' greenchilly:/home/lawgon# su vmail -c echo OK OK greenchilly:/home/lawgon# su vmail -c 'cd /home/vmail/example.com/john echo Dir:$(pwd)' Dir:/home/vmail/example.com/john (and revert what you've did for testing on success) Do run some protection stuff, e.g. SELinux or AppArmor or the like? Dovecot setuid()'s to uid 5000, then chdir()s there. Such stuff may prohibit this. no - and note that I use dovecot for LDA and dovecot as vmail has no problem delivering mail (which means it can read and write in that directory) Or, do you have ACLs enabled in the filesystem? Or do you use a remote filesystem, which permissions probably lie to the client. no - of course this is a VPS on a Gandi xen setup, but I do not see how anything is affected by this Are all files in /home/vmail/example.com/john owned by uid 5000 and r/w? yes No dead sym links, etc.pp? no. -- regards Kenneth Gonsalves Associate NRC-FOSS http://nrcfosshelpline.in/web/
Re: [Dovecot] pop3 gives a permission denied error on chdir
On Thursday 21 May 2009 12:15:12 Kenneth Gonsalves wrote: On Wednesday 20 May 2009 18:49:25 Steffen Kaiser wrote: Well, there are lots of permission denied problems lately. Are you really absolutely sure that user with uid 5000 may chdir into /home/vmail/example.com/john ?? I mean, make sure su may set uid to the user of UID 5000 (esp. the shell is a real shell, so (as root) # su user -c echo OK displays OK, then do as root # su user -c 'cd /home/vmail/example.com/john echo Dir:$(pwd)' greenchilly:/home/lawgon# su vmail -c echo OK OK greenchilly:/home/lawgon# su vmail -c 'cd /home/vmail/example.com/john echo Dir:$(pwd)' Dir:/home/vmail/example.com/john I also did a chmod o+r on /home, /home/vmail, /home/vmail/example.com and /home/vmail/example.com/john still the same error. -- regards Kenneth Gonsalves Associate NRC-FOSS http://nrcfosshelpline.in/web/
Re: [Dovecot] pop3 gives a permission denied error on chdir
On May 21, 2009, at 2:58 AM, Kenneth Gonsalves wrote: greenchilly:/home/lawgon# su vmail -c echo OK OK greenchilly:/home/lawgon# su vmail -c 'cd /home/vmail/example.com/ john echo Dir:$(pwd)' Dir:/home/vmail/example.com/john I also did a chmod o+r on /home, /home/vmail, /home/vmail/ example.com and /home/vmail/example.com/john chdir() wants +x, not +r.
Re: [Dovecot] pop3 gives a permission denied error on chdir
On Thursday 21 May 2009 12:40:00 you wrote: exec strace -f -o /tmp/access.log -etrace=file -p pid_of_dovecot then try to access pop3 when fail occurs send us /tmp/access.log (gzipped) attached -- regards Kenneth Gonsalves Associate NRC-FOSS http://nrcfosshelpline.in/web/ access.log.gz Description: GNU Zip compressed data
Re: [Dovecot] pop3 gives a permission denied error on chdir
On Thursday 21 May 2009 12:50:05 Timo Sirainen wrote: I also did a chmod o+r on /home, /home/vmail, /home/vmail/ example.com and /home/vmail/example.com/john chdir() wants +x, not +r. that doesn't work either -- regards Kenneth Gonsalves Associate NRC-FOSS http://nrcfosshelpline.in/web/
Re: [Dovecot] Migration questions...
pod wrote: Richard Hobbs richard.ho...@crl.toshiba.co.uk writes: 19. Once everything is working perfectly, send an email to the entire company instructing them what to do after the outage and arrange an outage and do the following steps as soon as the outage begins: a. Unplug DMZ switch from firewall to make delivered mail wait at the sender. [...] i. Plug DMZ switch back into firewall and begin monitoring exim logs to check that mail is being delivered. If I'm not misunderstanding the steps between 19.a -- 19.i are going to be done while not network connected? I'd be slightly concerned that these steps may involve anything some that needs to do DNS lookups or the like at which point they may hit long(ish) timeouts or just fail completely. Because the mail servers are in a DMZ, they have their own DNS running locally. Local DNS lookups, therefore, shouldn't be a problem. Good point though, so thank you for that - i ought to adjust my instructions to include installation of the DNS service! lol Thanks again, Richard. -- Richard Hobbs (IT Specialist) Toshiba Research Europe Ltd. - Cambridge Research Laboratory Email: richard.ho...@crl.toshiba.co.uk Web: http://www.toshiba-europe.com/research/ Tel: +44 1223 436999Mobile: +44 7811 803377 smime.p7s Description: S/MIME Cryptographic Signature
Re: [Dovecot] mkdir no permission
I tested Maildir to.
Point 1 and 2 i don't know the programms.
Point 3: its 1000.
But you help me to another idea. I forgot that nothing works in my
homedir. no ftp, no apache (i had my website there) etc. The other
problems didn't bother me but now i remember.
Is there a possibility to delete the homedir and make it new? Or will
i have the same problems again when i save the data in there?
Do the other errors of dovecot refer to this error or are there other
problems.
I test your suggest, i think it should work, because it is not in
homedir.
Am 20.05.2009 um 19:10 schrieb Timo Sirainen:
That's strange. Dovecot anyway used access() system call to verify
that
the directory isn't writable. Some possibilities:
1. Did you enable SELinux / AppArmor or something similar that
prevents
Dovecot from accessing home directories?
2. Some filesystem ACL was set to the home directory that prevents
writes? I don't really know anything about ACLs..
3. Are there multiple annaleins? Check with ls -ldn /home/annalein
that
it's 1000.
I guess the last possibility is that Dovecot's check is just buggy.
You
could get a strace output to see what Dovecot is really doing and send
it to me. You can do this by changing in dovecot.conf:
protocol pop3 {
..
mail_location = /usr/bin/strace -o /tmp/dovecot.log /usr/lib/
dovecot/pop3
}
On Wed, 2009-05-20 at 11:19 +0200, Anna Obertacke wrote:
Hi,
that is not the problem
drwxr-x--x 20 annalein annalein 12288 2009-05-18 19:05
annalein
/home/annalein is writable by annalein.
Am 19.05.2009 um 21:46 schrieb Timo Sirainen:
On Tue, 2009-05-19 at 11:07 +0200, Anna Obertacke wrote:
May 19 10:00:38 ubuntu dovecot: POP3(annalein):
mkdir(/home/annalein/Maildir/cur) failed: Permission denied
(euid=1000(annalein) egid=1000(annalein) missing +w perm: /home/
annalein)
It says /home/annalein isn't writable by annalein user. I'd
guess /home/annalein is no longer owned by annalein?
[Dovecot] crypt() failure is possible
dovecot 1.1.15 in src/auth/password-scheme.c
contains:
static bool
crypt_verify(const char *plaintext, const char *user ATTR_UNUSED,
const unsigned char *raw_password, size_t size)
{
const char *password;
if (size == 0) {
/* the default mycrypt() handler would return match */
return FALSE;
}
password = t_strndup(raw_password, size);
return strcmp(mycrypt(plaintext, password), password) == 0;
}
but according to man page crypt() can fail and NULL is returned then. On other
hand glibc info page is silent about such failure.
The thing is that I'm seeing crypt() failure here with new glibc 2.10.1 built
with nss backend for crypt(), so it would be good to handle such case.
(crypt failure was due to improper nss packaging but it could also happen if
somehow nss file becomes corrupted)
--
Arkadiusz MiĆkiewiczPLD/Linux Team
arekm / maven.plhttp://ftp.pld-linux.org/
Re: [Dovecot] Authenticating with /etc/passwd
On 5/20/2009, June Qiu (qlj...@yahoo.com) wrote: dovecot -n: Warning: fd limit 256 is lower than what Dovecot can use under full load (more than 768). Either grow the limit or change login_max_processes_count and max_mail_processes settings # OS: SunOS 5.10 sun4u info_log_path: /var/log/dovecot.log Is the missing version line a copy/paste error? Or did the warning obscure it somehow? -- Best regards, Charles
[Dovecot] How to run Dovecot as IMAP Proxy?
Hi All, I have migrated from uw-imap to Dovecot for POP3 IMAP service. I run webmail using squirrelmail. When running uw-imap I used to run up.imapproxyd on the webmail server for faster responses. After migrating to Dovecot, I find that up.imapproxyd does not work well with dovecot. I tried to use dovecot as IMAP PRoxy server as per the document http://wiki.dovecot.org/PasswordDatabase/ExtraFields/Proxy I don't understand Databases and don't want to install mysql etc for a simple thing like IMAP PRoxy. My question is can Dovecot be run as a IMAP PRoxy without the hassle of setting up mysql etc? I use /etc/passwd for auth on the actual dovecot server running IMAP POP3. Thanks V S Rao
Re: [Dovecot] Authenticating with /etc/passwd
it is as displayed --- On Thu, 5/21/09, Charles Marcus cmar...@media-brokers.com wrote: From: Charles Marcus cmar...@media-brokers.com Subject: Re: [Dovecot] Authenticating with /etc/passwd To: June Qiu qlj...@yahoo.com Cc: dovecot@dovecot.org Date: Thursday, May 21, 2009, 6:39 PM On 5/20/2009, June Qiu (qlj...@yahoo.com) wrote: dovecot -n: Warning: fd limit 256 is lower than what Dovecot can use under full load (more than 768). Either grow the limit or change login_max_processes_count and max_mail_processes settings # OS: SunOS 5.10 sun4u info_log_path: /var/log/dovecot.log Is the missing version line a copy/paste error? Or did the warning obscure it somehow? -- Best regards, Charles
Re: [Dovecot] Authenticating with /etc/passwd
On 5/21/2009 10:11 AM, June Qiu wrote: it is as displayed So there's some weird dovecot -n bug that doesn't show the dovecot version if the 'Warning: fd limit...' warning is output? --- On Thu, 5/21/09, Charles Marcus cmar...@media-brokers.com wrote: From: Charles Marcus cmar...@media-brokers.com Subject: Re: [Dovecot] Authenticating with /etc/passwd To: June Qiu qlj...@yahoo.com Cc: dovecot@dovecot.org Date: Thursday, May 21, 2009, 6:39 PM On 5/20/2009, June Qiu (qlj...@yahoo.com) wrote: dovecot -n: Warning: fd limit 256 is lower than what Dovecot can use under full load (more than 768). Either grow the limit or change login_max_processes_count and max_mail_processes settings # OS: SunOS 5.10 sun4u info_log_path: /var/log/dovecot.log Is the missing version line a copy/paste error? Or did the warning obscure it somehow? -- Best regards, Charles
Re: [Dovecot] crypt() failure is possible
On Thu, 2009-05-21 at 11:29 +0200, Arkadiusz Miskiewicz wrote: but according to man page crypt() can fail and NULL is returned then. On other hand glibc info page is silent about such failure. The thing is that I'm seeing crypt() failure here with new glibc 2.10.1 built with nss backend for crypt(), so it would be good to handle such case. OK: http://hg.dovecot.org/dovecot-1.1/rev/255af68d5957 signature.asc Description: This is a digitally signed message part
Re: [Dovecot] How to run Dovecot as IMAP Proxy?
On Thu, 2009-05-21 at 05:21 -0700, V S Rao wrote: Hi All, I have migrated from uw-imap to Dovecot for POP3 IMAP service. I run webmail using squirrelmail. When running uw-imap I used to run up.imapproxyd on the webmail server for faster responses. After migrating to Dovecot, I find that up.imapproxyd does not work well with dovecot. Why not? I don't understand Databases and don't want to install mysql etc for a simple thing like IMAP PRoxy. Do you just want it to proxy everyone to a single destination or to different servers based on username? If you want everyone to the same destination, why do you even want to use a proxy? My question is can Dovecot be run as a IMAP PRoxy without the hassle of setting up mysql etc? I use /etc/passwd for auth on the actual dovecot server running IMAP POP3. Using checkpassword or SQLite would probably be the easiest solution. Or generation of a passwd-file, but you'd have to keep it updated if users change. signature.asc Description: This is a digitally signed message part
Re: [Dovecot] IMAP Get Savedate plugin
On Thu, 2009-05-21 at 04:54 +, Alaa Ibrahim wrote:
I'm trying to put it in a plugin, but when I call
imap_fetch_handlers_register(), it works
but all other fetch handlers get removed, my init is
Oh, that's because my code looks like:
struct imap_fetch_context *imap_fetch_init(struct client_command_context *cmd)
..
if (fetch_handlers == NULL) {
imap_fetch_handlers_register(imap_fetch_default_handlers,
N_ELEMENTS(imap_fetch_default_handlers));
}
So imap_fetch_init() would have to be called before you register
anything. I guess you could work around it by building a fake cmd struct
and calling it, but kind of ugly. :)
Anyway, fixed in v1.2+:
http://hg.dovecot.org/dovecot-1.2/rev/106e4e3dccbc
signature.asc
Description: This is a digitally signed message part
Re: [Dovecot] How to run Dovecot as IMAP Proxy?
Hi Timo,
Thanks for the response. Apologize, but my responses are going to be a bit
lengthy.
I have migrated from uw-imap to Dovecot for POP3 IMAP service. I run
webmail using squirrelmail. When running uw-imap I used to run
up.imapproxyd on the webmail server for faster responses. After
migrating to Dovecot, I find that up.imapproxyd does not work well
with dovecot.
Why not?
Here are my observations. I have around 6000+ mailboxes and roughly the same
number of users. Earlier the mail server (running sendmail + uw-imap for POP3
IMAP) would have around 80 pop3 connections (peak) and around 300 IMAP
connections, concurrent.
(ps -aef | grep imap | wc -l or ps -aef | grep pop3 | wc -l). There have been
cases where I have observed upto 500 concurrent IMAP sessions.
The IMAP connections are from a webmail server running Apache with
Squirrelmail. The observation was that response was slow so based on the
suggestion on Squirrelmail for performance improvement we have installed
up-imapproxyd on the squirrelmail machine. There was a significant improvement
in the response times for the users, because of caching.
After that I encountered some strange problems of POP3 timing out for users
(earlier I did post that problem in this forum). I opened a ticket with Redhat
and naturally they refused to support me with uw-imap running. So switched to
Dovecot 0.99.x (I run the server on RHEL 4.0 and that is the max version
supported by Redhat for that version). Ever since I did that POP3 works fine
but now webmail is almost not available to the users. People usually get
connection dropped by IMAP server. However the IMAP server seems to work
fine. Checked through manual telnet ip.address.of.mailserver 143 also
through other client such as outlook Thunderbird.
I noticed that while the number of established connections for the webmail to
mail server was shown as around 40 to 50 on the mail server, the same is shown
as around 700 on webmail server.
{ netstat -an | grep :143 | grep ESTABLISHED | wc -l }.
imapproxyd is configured to listen on port 9143 on the localhost and
communicates to the mail server on std port 143. What was really bizzare is
that when I check for the number of connections on port 9143 it shows around
8000!
netstat -an | grep :9143 | grep ESTABLISHED | wc -l
So I disabled the imapproxyd on the webmail now at least the 50 connections
are consistent. However the response is extremely slow and so was contemplating
on the idea of trying out using another IMAP Proxy server and hence the
question.
I don't understand Databases and don't want to install mysql etc for a
simple thing like IMAP PRoxy.
Do you just want it to proxy everyone to a single destination or to
different servers based on username? If you want everyone to the same
destination, why do you even want to use a proxy?
I want to proxy all user to the same server. The idea being as explained above
benefit from caching.
My question is can Dovecot be run as a IMAP PRoxy without the hassle
of setting up mysql etc? I use /etc/passwd for auth on the actual
dovecot server running IMAP POP3.
Using checkpassword or SQLite would probably be the easiest solution. Or
generation of a passwd-file, but you'd have to keep it updated if users
change.
If I used a passwd file on the webmail machine, running dovecot as a Proxy how
would I configure dovecot on the webmail server? It has to accept connections
from the squirrelmail and talk to the mailserver. I can do a rsync of the
passwd file from the mail server to the webmail server using a small script
whenever the file changes on the mail server.
Of course the fundamental question from your response, I guess is, without a
proxy why is the webmail slow?
If proxy is not my problem, can you pls throw some light on why I am facing
performance issues on my webmail alone?
Thanks and Regards
V S Rao
Re: [Dovecot] How to run Dovecot as IMAP Proxy?
On Thu, 2009-05-21 at 11:10 -0700, V S Rao wrote: So switched to Dovecot 0.99.x (I run the server on RHEL 4.0 and that is the max version supported by Redhat for that version). Oh, no.. I had had hoped people would have stopped running v0.99 by now :) That's probably the cause of all your problems. Also did you plan on using it for proxying? I don't think 0.99 supports proxying. With v1.0+ your webmail would probably work just fine without even proxying. signature.asc Description: This is a digitally signed message part
Re: [Dovecot] How to run Dovecot as IMAP Proxy?
V S Rao wrote: Hi Timo, Thanks for the response. Apologize, but my responses are going to be a bit lengthy. I have migrated from uw-imap to Dovecot for POP3 IMAP service. I run webmail using squirrelmail. When running uw-imap I used to run up.imapproxyd on the webmail server for faster responses. After migrating to Dovecot, I find that up.imapproxyd does not work well with dovecot. Why not? Here are my observations. I have around 6000+ mailboxes and roughly the same number of users. Earlier the mail server (running sendmail + uw-imap for POP3 IMAP) would have around 80 pop3 connections (peak) and around 300 IMAP connections, concurrent. (ps -aef | grep imap | wc -l or ps -aef | grep pop3 | wc -l). There have been cases where I have observed upto 500 concurrent IMAP sessions. The IMAP connections are from a webmail server running Apache with Squirrelmail. The observation was that response was slow so based on the suggestion on Squirrelmail for performance improvement we have installed up-imapproxyd on the squirrelmail machine. There was a significant improvement in the response times for the users, because of caching. After that I encountered some strange problems of POP3 timing out for users (earlier I did post that problem in this forum). I opened a ticket with Redhat and naturally they refused to support me with uw-imap running. So switched to Dovecot 0.99.x (I run the server on RHEL 4.0 and that is the max version supported by Redhat for that version). Ever since I did that POP3 works fine but now webmail is almost not available to the users. People usually get connection dropped by IMAP server. However the IMAP server seems to work fine. Checked through manual telnet ip.address.of.mailserver 143 also through other client such as outlook Thunderbird. I realize you're using 0.99 because it's supported by RedHat, but in reality it's absolutely ancient history. There have been far too many performance enhancements/fixes between then and now to even begin to list. ~Seth
Re: [Dovecot] How to run Dovecot as IMAP Proxy?
on 5-21-2009 11:33 AM Seth Mattinen spake the following: V S Rao wrote: Hi Timo, Thanks for the response. Apologize, but my responses are going to be a bit lengthy. I have migrated from uw-imap to Dovecot for POP3 IMAP service. I run webmail using squirrelmail. When running uw-imap I used to run up.imapproxyd on the webmail server for faster responses. After migrating to Dovecot, I find that up.imapproxyd does not work well with dovecot. Why not? Here are my observations. I have around 6000+ mailboxes and roughly the same number of users. Earlier the mail server (running sendmail + uw-imap for POP3 IMAP) would have around 80 pop3 connections (peak) and around 300 IMAP connections, concurrent. (ps -aef | grep imap | wc -l or ps -aef | grep pop3 | wc -l). There have been cases where I have observed upto 500 concurrent IMAP sessions. The IMAP connections are from a webmail server running Apache with Squirrelmail. The observation was that response was slow so based on the suggestion on Squirrelmail for performance improvement we have installed up-imapproxyd on the squirrelmail machine. There was a significant improvement in the response times for the users, because of caching. After that I encountered some strange problems of POP3 timing out for users (earlier I did post that problem in this forum). I opened a ticket with Redhat and naturally they refused to support me with uw-imap running. So switched to Dovecot 0.99.x (I run the server on RHEL 4.0 and that is the max version supported by Redhat for that version). Ever since I did that POP3 works fine but now webmail is almost not available to the users. People usually get connection dropped by IMAP server. However the IMAP server seems to work fine. Checked through manual telnet ip.address.of.mailserver 143 also through other client such as outlook Thunderbird. I realize you're using 0.99 because it's supported by RedHat, but in reality it's absolutely ancient history. There have been far too many performance enhancements/fixes between then and now to even begin to list. ~Seth Besides, he didn't go to RedHat for support anyway. He came here. And here says start with at least the latest 1.0 version, or maybe even 1.1. You can get it from atrpms.net if you want an rpm. signature.asc Description: OpenPGP digital signature
Re: [Dovecot] How to run Dovecot as IMAP Proxy?
Scott Silva wrote: on 5-21-2009 11:33 AM Seth Mattinen spake the following: V S Rao wrote: Hi Timo, Thanks for the response. Apologize, but my responses are going to be a bit lengthy. I have migrated from uw-imap to Dovecot for POP3 IMAP service. I run webmail using squirrelmail. When running uw-imap I used to run up.imapproxyd on the webmail server for faster responses. After migrating to Dovecot, I find that up.imapproxyd does not work well with dovecot. Why not? Here are my observations. I have around 6000+ mailboxes and roughly the same number of users. Earlier the mail server (running sendmail + uw-imap for POP3 IMAP) would have around 80 pop3 connections (peak) and around 300 IMAP connections, concurrent. (ps -aef | grep imap | wc -l or ps -aef | grep pop3 | wc -l). There have been cases where I have observed upto 500 concurrent IMAP sessions. The IMAP connections are from a webmail server running Apache with Squirrelmail. The observation was that response was slow so based on the suggestion on Squirrelmail for performance improvement we have installed up-imapproxyd on the squirrelmail machine. There was a significant improvement in the response times for the users, because of caching. After that I encountered some strange problems of POP3 timing out for users (earlier I did post that problem in this forum). I opened a ticket with Redhat and naturally they refused to support me with uw-imap running. So switched to Dovecot 0.99.x (I run the server on RHEL 4.0 and that is the max version supported by Redhat for that version). Ever since I did that POP3 works fine but now webmail is almost not available to the users. People usually get connection dropped by IMAP server. However the IMAP server seems to work fine. Checked through manual telnet ip.address.of.mailserver 143 also through other client such as outlook Thunderbird. I realize you're using 0.99 because it's supported by RedHat, but in reality it's absolutely ancient history. There have been far too many performance enhancements/fixes between then and now to even begin to list. ~Seth Besides, he didn't go to RedHat for support anyway. He came here. And here says start with at least the latest 1.0 version, or maybe even 1.1. You can get it from atrpms.net if you want an rpm. Yes, that too. My point was not to judge Dovecot's performance based on a 0.99 version. ;) I've successfully used several versions of dovecot 1.1.x with imapproxyd and IMAP-only webmail clients. ~Seth
Re: [Dovecot] How to run Dovecot as IMAP Proxy?
On Thu, 2009-05-21 at 11:47 -0700, Seth Mattinen wrote: Yes, that too. My point was not to judge Dovecot's performance based on a 0.99 version. ;) I've successfully used several versions of dovecot 1.1.x with imapproxyd and IMAP-only webmail clients. Do you have any numbers about how much faster it works with imapproxyd vs. without? signature.asc Description: This is a digitally signed message part
Re: [Dovecot] How to run Dovecot as IMAP Proxy?
Timo Sirainen wrote: On Thu, 2009-05-21 at 11:47 -0700, Seth Mattinen wrote: Yes, that too. My point was not to judge Dovecot's performance based on a 0.99 version. ;) I've successfully used several versions of dovecot 1.1.x with imapproxyd and IMAP-only webmail clients. Do you have any numbers about how much faster it works with imapproxyd vs. without? I've never run it without. I just did it because I'd rather collapse the 10 distinct logins a typical webmail client will make for every click into a single login. ~Seth
Re: [Dovecot] How to run Dovecot as IMAP Proxy?
Thanks for the many responses and views. I have taken RH support for my mail server only and so have to ensure they support me. So am going with their recommended version which is 0.99.x. Now on the webmail I have migrated to RHEL 5.3 and the dovecot being used there is 1.0.7.x. So that should support proxying, right? BTW, originally I did not go to Redhat. I moved from uw-imap to Dovecot 1.1.14 on the mail server for POP3. The problem of POP3 timeouts continued and I could not find any reason why POP3 was timing out when 400+ concurrent IMAP sessions were working fine. Moreover other network services such as SMTP, Telnet, SSH etc were working fine. Had the box installed behind a IPS box to see if there were any DoS attacks, but had to rule that out. As a last resort, paid RH for support and they made me downgrade Dovecot from 1.1.14 to 0.99.x. Surprisingly the moment I downgraded dovecot, the problem shifted to IMAP remained ever since. So naturally they told me uw-imap was the problem and made me move to Dovecot 0.99.x for IMAP as well, but no improvement. But the surprising thing, as I mentioned in my original post, IMAP works fine on command line, with clients such as Outlook, THunderbird etc., but Webmail is very slow that its almost not available. BTW webmail was also running on RHEL 4.0. Seeing that the problem existed in webmail alone I upgraded webmail to RHEL 5.3 with all the latest RH supported packages on a new hardware. Any ideas to help me debug this issue would be of great help as I am stuck on this issue for almost a month now. Oh, btw regarding stats, I don't have a measure, but when webmail was working the login was well within 5 seconds. Now it takes forever (more than a min) or timeouts most of the time. Even after login, any request such as opening a mail or changing to a mail folder was well within 5 seconds. Now again it takes forever or timeouts most of the time. Thanks and Regards V S Rao - Original Message - From: Timo Sirainen t...@iki.fi To: Dovecot Mailing List dovecot@dovecot.org Sent: Friday, May 22, 2009 12:32:24 AM GMT +05:30 Chennai, Kolkata, Mumbai, New Delhi Subject: Re: [Dovecot] How to run Dovecot as IMAP Proxy? On Thu, 2009-05-21 at 11:47 -0700, Seth Mattinen wrote: Yes, that too. My point was not to judge Dovecot's performance based on a 0.99 version. ;) I've successfully used several versions of dovecot 1.1.x with imapproxyd and IMAP-only webmail clients. Do you have any numbers about how much faster it works with imapproxyd vs. without?
Re: [Dovecot] How to run Dovecot as IMAP Proxy?
On Thu, 2009-05-21 at 14:08 -0700, V S Rao wrote: Now on the webmail I have migrated to RHEL 5.3 and the dovecot being used there is 1.0.7.x. So that should support proxying, right? Yes, but I forgot this before: Dovecot's proxying doesn't do any connection caching. So there's no benefit in using it in front of a webmail. signature.asc Description: This is a digitally signed message part
Re: [Dovecot] How to run Dovecot as IMAP Proxy?
V S Rao wrote: Thanks for the many responses and views. I have taken RH support for my mail server only and so have to ensure they support me. So am going with their recommended version which is 0.99.x. Now on the webmail I have migrated to RHEL 5.3 and the dovecot being used there is 1.0.7.x. So that should support proxying, right? BTW, originally I did not go to Redhat. I moved from uw-imap to Dovecot 1.1.14 on the mail server for POP3. The problem of POP3 timeouts continued and I could not find any reason why POP3 was timing out when 400+ concurrent IMAP sessions were working fine. Moreover other network services such as SMTP, Telnet, SSH etc were working fine. Had the box installed behind a IPS box to see if there were any DoS attacks, but had to rule that out. As a last resort, paid RH for support and they made me downgrade Dovecot from 1.1.14 to 0.99.x. Surprisingly the moment I downgraded dovecot, the problem shifted to IMAP remained ever since. So naturally they told me uw-imap was the problem and made me move to Dovecot 0.99.x for IMAP as well, but no improvement. But the surprising thing, as I mentioned in my original post, IMAP works fine on command line, with clients such as Outlook, THunderbird etc., but Webmail is very slow that its almost not available. BTW webmail was also running on RHEL 4.0. Seeing that the problem existed in webmail alone I upgraded webmail to RHEL 5.3 with all the latest RH supported packages on a new hardware. Any ideas to help me debug this issue would be of great help as I am stuck on this issue for almost a month now. Oh, btw regarding stats, I don't have a measure, but when webmail was working the login was well within 5 seconds. Now it takes forever (more than a min) or timeouts most of the time. Even after login, any request such as opening a mail or changing to a mail folder was well within 5 seconds. Now again it takes forever or timeouts most of the time. Use imapproxyd (UP-ImapProxy) if you want a caching proxy for webmail. It specifically deals with the webmail constantly logging in issue. From the Debian man page: ImapProxy was written to compensate for webmail clients that are unable to maintain persistent connections to an IMAP server. Most webmail clients need to log in to an IMAP server for nearly every single transaction; This behaviour can cause tragic performance problems on the IMAP server. ImapProxy tries to deal with this problem by leaving server connections open for a short time after a webmail client logs out. When the webmail client connects again, ImapProxy will determine if there is a cached connection available and reuse it if possible. Dovecot proxy quite simply won't do what it looks like you want to do, and is irrelevant on your webmail server. ~Seth
Re: [Dovecot] How to run Dovecot as IMAP Proxy?
You can also use pimpstat to monitor the effectiveness of imapproxy. We had imapproxy running running in front of squirrelmail for a post.office IMAP server (based on uw-imap). We eventually went into the code for imapproxy and tweaked some of the SELECT caching and even tweaked some of the squirrelmail imap code a bit to be more efficient with the proxy. Now we are using Dovecot without imapproxy in front of squirrelmail and there are no problems. -Original Message- From: dovecot-bounces+jkrejci=usinternet@dovecot.org [mailto:dovecot-bounces+jkrejci=usinternet@dovecot.org] On Behalf Of Seth Mattinen Sent: Thursday, May 21, 2009 4:36 PM To: V S Rao Cc: Dovecot Mailing List Subject: Re: [Dovecot] How to run Dovecot as IMAP Proxy? V S Rao wrote: Thanks for the many responses and views. I have taken RH support for my mail server only and so have to ensure they support me. So am going with their recommended version which is 0.99.x. Now on the webmail I have migrated to RHEL 5.3 and the dovecot being used there is 1.0.7.x. So that should support proxying, right? BTW, originally I did not go to Redhat. I moved from uw-imap to Dovecot 1.1.14 on the mail server for POP3. The problem of POP3 timeouts continued and I could not find any reason why POP3 was timing out when 400+ concurrent IMAP sessions were working fine. Moreover other network services such as SMTP, Telnet, SSH etc were working fine. Had the box installed behind a IPS box to see if there were any DoS attacks, but had to rule that out. As a last resort, paid RH for support and they made me downgrade Dovecot from 1.1.14 to 0.99.x. Surprisingly the moment I downgraded dovecot, the problem shifted to IMAP remained ever since. So naturally they told me uw-imap was the problem and made me move to Dovecot 0.99.x for IMAP as well, but no improvement. But the surprising thing, as I mentioned in my original post, IMAP works fine on command line, with clients such as Outlook, THunderbird etc., but Webmail is very slow that its almost not available. BTW webmail was also running on RHEL 4.0. Seeing that the problem existed in webmail alone I upgraded webmail to RHEL 5.3 with all the latest RH supported packages on a new hardware. Any ideas to help me debug this issue would be of great help as I am stuck on this issue for almost a month now. Oh, btw regarding stats, I don't have a measure, but when webmail was working the login was well within 5 seconds. Now it takes forever (more than a min) or timeouts most of the time. Even after login, any request such as opening a mail or changing to a mail folder was well within 5 seconds. Now again it takes forever or timeouts most of the time. Use imapproxyd (UP-ImapProxy) if you want a caching proxy for webmail. It specifically deals with the webmail constantly logging in issue. From the Debian man page: ImapProxy was written to compensate for webmail clients that are unable to maintain persistent connections to an IMAP server. Most webmail clients need to log in to an IMAP server for nearly every single transaction; This behaviour can cause tragic performance problems on the IMAP server. ImapProxy tries to deal with this problem by leaving server connections open for a short time after a webmail client logs out. When the webmail client connects again, ImapProxy will determine if there is a cached connection available and reuse it if possible. Dovecot proxy quite simply won't do what it looks like you want to do, and is irrelevant on your webmail server. ~Seth
[Dovecot] Expire Plug-in stopped
Good evening, While working with Dovecot 1.2rc4 on Fedora 10, I have been trying to get the Expire plug-in to auto delete messages for us. When I run the plug-in with the test flag, I receive the following message: /usr/local/sbin/dovecot --exec-mail ext /usr/local/libexec/dovecot/expire-tool --test Info: a...@example.com/Trash: stop, expire time in future: 1242953758 All messages were deleted before the expire plug-in was added. I understand that dovecot will only expire messages after they have been in the trash or junk longer then the time in dovecot.conf. So I have let this fail since Monday, but continue to receive the same error. A quick grep for expire from my Dovecot logs doesn't show any output. Also, when I look up this error on google, I see other peaple who's output shows a real date (not 1242953758), how do I know when this date is? Thanks -Matt # 1.2.rc4: /usr/local/etc/dovecot.conf # OS: Linux 2.6.27.21-170.2.56.fc10.i686 i686 Fedora release 10 (Cambridge) ext3 listen: *:143 ssl_listen: *:993 ssl_cert_file: /etc/postfix/SSL/mail.mattrude.com.cert ssl_key_file: /etc/postfix/SSL/mail.mattrude.com.key login_dir: /usr/local/var/run/dovecot/login login_executable: /usr/local/libexec/dovecot/imap-login login_user: postfix mail_location: maildir:/var/spool/virtualmailboxes/%d/%u/:INDEX=/var/spool/virtualmailboxes/.Index/%d/%u/ mail_plugins: autocreate expire quota imap_quota zlib trash auth default: mechanisms: plain login cram-md5 cache_size: 128 cache_ttl: 600 passdb: driver: sql args: /etc/dovecot-mysql.conf userdb: driver: sql args: /etc/dovecot-mysql.conf socket: type: listen client: path: /var/spool/postfix/private/auth mode: 432 user: postfix group: postfix master: path: /var/run/dovecot/auth-master mode: 384 user: virtualmail group: virtualmail plugin: autocreate: Drafts autocreate2: Sent autocreate3: Trash autocreate4: Junk autocreate5: Junk.IsSpam autocreate6: Junk.IsNotSpam autocreate7: Save autosubscribe: Drafts autosubscribe2: Sent autosubscribe3: Trash autosubscribe4: Junk autosubscribe5: Junk.IsSpam autosubscribe6: Junk.IsNotSpam autosubscribe7: Save auth_socket_path: /var/run/dovecot/auth-master expire: Trash 1 Junk 3 expire_dict: proxy::expire quota: maildir:User quota quota_rule: *:storage=10M quota_rule2: Trash:storage=10%% quota_rule3: Junk:storage=20%% sieve: /var/spool/virtualmailboxes/%d/%u/dovecot.sieve sieve_storage: = /var/spool/virtualmailboxes/%d/%u/ trash: /etc/dovecot-trash.conf dict: expire: db:/var/spool/imap/expire.db signature.asc Description: OpenPGP digital signature
Re: [Dovecot] Authenticating with /etc/passwd
Apologies for the confusion.. But I finally got what you meant. Yes, the version exists, but was omitted in the extract of the email. --- On Thu, 5/21/09, Charles Marcus cmar...@media-brokers.com wrote: From: Charles Marcus cmar...@media-brokers.com Subject: Re: [Dovecot] Authenticating with /etc/passwd To: dovecot@dovecot.org Date: Thursday, May 21, 2009, 10:17 PM On 5/21/2009 10:11 AM, June Qiu wrote: it is as displayed So there's some weird dovecot -n bug that doesn't show the dovecot version if the 'Warning: fd limit...' warning is output? --- On Thu, 5/21/09, Charles Marcus cmar...@media-brokers.com wrote: From: Charles Marcus cmar...@media-brokers.com Subject: Re: [Dovecot] Authenticating with /etc/passwd To: June Qiu qlj...@yahoo.com Cc: dovecot@dovecot.org Date: Thursday, May 21, 2009, 6:39 PM On 5/20/2009, June Qiu (qlj...@yahoo.com) wrote: dovecot -n: Warning: fd limit 256 is lower than what Dovecot can use under full load (more than 768). Either grow the limit or change login_max_processes_count and max_mail_processes settings # OS: SunOS 5.10 sun4u info_log_path: /var/log/dovecot.log Is the missing version line a copy/paste error? Or did the warning obscure it somehow? -- Best regards, Charles
Re: [Dovecot] How to run Dovecot as IMAP Proxy?
So I guess I will take the problem to imapproxy group and find out if I can get a clue to the issue I am facing. BTW, just to confirm once again, are there any known issues with Dovecot imapproxyd? Because I find it strange that there should be around 8000 established connections between Squirrelmail and imapproxyd around 400 connections between imapproxyd and Dovecot while on the mail server I see only a couple of connections (typically around 40). Or is it some configuration in Dovecot which is causing this kind of behavior, as I did not notice this while running uw-imap. Regards V S Rao
Re: [Dovecot] How to run Dovecot as IMAP Proxy?
On Thu, 2009-05-21 at 21:26 -0700, V S Rao wrote: BTW, just to confirm once again, are there any known issues with Dovecot imapproxyd? Because I find it strange that there should be around 8000 established connections between Squirrelmail and imapproxyd around 400 connections between imapproxyd and Dovecot while on the mail server I see only a couple of connections (typically around 40). Or is it some configuration in Dovecot which is causing this kind of behavior, as I did not notice this while running uw-imap. missed your OP post here (anti spam must have ate it, i think because of very-long-lines) but I read the archives, do you mean up-imapproxy from http://www.imapproxy.org ? none, I've been using those them together for a very long time. I suspect from reading the archives you don't mean it since it doesnt use any user databases, perhaps you need to have a look at it. If you are using it. then you need to first make sure you are using current version, and not some 10 year old version included in a debian or redhat install. suggest using up-imapproxy-1.2.7rc2.tar.gz thats been very stable for some time and I think Dave will be issuing a stable 1.7.2 in the near future, we use it on production boxes without a single glitch, but if your pedantic or have company politics that forbid RC/Betas, 1.2.6 will still do the job fine.
