Re: [Dovecot] Dovecot and LDAP-Quotas
Hi Timo, thank you for your reply. I take the configuration from http://www.linuxmail.info/postfix-dovecot-ldap-centos-5/ especially the dovecot-configuration for passdb and userdb. As you mentioned in your reply I added the userdb ldap with a symbolic link on the original dovecot-ldap.conf: userdb: driver: ldap args: /etc/dovecot-ldap-userdb.conf but with no success. Any hints? I have another question: Does Dovecot expect a special field type for the ldap quota field (for ex. integer)? Greetings Paul --- t...@iki.fi wrote: From: Timo Sirainen t...@iki.fi To: southafr...@thedoghousemail.com Cc: dovecot@dovecot.org Subject: Re: [Dovecot] Dovecot and LDAP-Quotas Date: Mon, 17 Aug 2009 12:02:15 -0400 On Mon, 2009-08-17 at 08:59 -0700, south africa wrote: user_attrs = msRADIUSFramedIPAddress=quota_rule=*:storage=%$k This requires using userdb ldap. userdb: driver: passwd userdb: driver: static args: uid=500 gid=500 home=/home/vmail/%Lu allow_all_users=yes But you're using only passwd and static. (And you probably don't really want to use userdb passwd anyway.) _ Get your FREE TheDoghouseMail email address at http://www.thedoghousemail.com
Re: [Dovecot] Public namespaces with global ACLs 1.2+
Am 16.08.2009 um 02:43 schrieb Timo Sirainen: This should help: http://hg.dovecot.org/dovecot-1.2/rev/956d2f962e97 Tested fine with 1.2.4 and 'dovecot-acl' in public root. Thanks.
Re: [Dovecot] Gotchas in switching from one server to another without impacting users?
Quoting Gary Chodos gcho...@gmail.com: On Fri, Aug 14, 2009 at 5:17 PM, Sahil Tandonsa...@tandon.net wrote: On Fri, 14 Aug 2009, Timo Sirainen wrote: On Aug 14, 2009, at 12:36 AM, Gary Chodos wrote: We have to replace one mail store (foo.example.org) with another (bar.example.org). I rsync'd the maildirs from foo to bar today and the plan is to hold all delivery (in the SMTP server) on foo over the weekend, rsync again (this time it should be much faster since the large xfer already occurred today), then flush the SMTP queue on foo towards bar, direct all new deliveries to bar.example.org. Users currently access their IMAP mailboxes via imap.example.org. I plan to just 'flip the switch' at DNS so imap.example.org points to bar.example.org (instead of foo.example.org) so users don't have to change anything on their end and should not even notice this change. And I guess you also thought about the DNS cache TTLs? The OP should also consider killing dovecot during the rsync (similar to what another member of this list suggested). Then restart with a new configuration that proxies incoming IMAP connections towards the new server in case some clients still hit the old server before full DNS propagation. To make the proxy feature work I had to allow plaintext auth on 143 from old - new server. I use firewall rules to prohibit anyone except the old server from accessing the new one on port 143. Does this pose a security issue? Is there something else I should do to prevent security holes? I wasn't really paying attn to this thread, but I just did this. I used ZFS snapshots this time, last time I used rsync. Both my boxes were behind load balancers, so it was a simple IP change there and seemless for the end-users. I also upgraded to Dovecot 1.2. No so seamless was - For some reason, users who use AVG email scanning with Outlook are no longer able to POP mail. The download 'freezes'. I redirected POP from Dovecot to qmail-pop3d, had users change the fqdn of the mail server, I wiped out existing mailboxes, I had users try to add brand new mailboxes, I changed the pop3_uidl_format - but nothing worked. The only solution was to disable AVGs email scanning. Just a heads up - something is amiss. Rick
[Dovecot] alias does not work
Hi, Thank you to everyone who helped me get near the goal. Remains a problem is that aliases don't work. The problem is that in the configuration of alternc, the mails are seen as aliases in the form user_domain.tld. In a second time, a match is made to see if an real alias exists. postmap -q t...@lists.test.net mysql:/etc/postfix/mydomain.cf test-owner_lists.collectifs.net postmap -q test-owner_lists.test.net mysql:/etc/postfix/myalias.cf | /var/lib/mailman/mail/mailman owner test With my configuration, this second part doesn't work. Perhaps the simplest is to ask to deliver the mail to user_domain.tld except of u...@domain.tld in master.cf ? Thanks Denis # main.cf virtual_alias_maps =proxy:mysql:/etc/postfix/myalias.cf, hash:/etc/aliases virtual_mailbox_domains = mysql:/etc/postfix/mydomain.cf virtual_mailbox_maps = proxy:mysql:/etc/postfix/myvirtual.cf virtual_transport = dovecot dovecot_destination_recipient_limit = 1 # master.cf dovecot unix - n n - - pipe flags=DRhu user=www-data:www-data argv=/usr/lib/dovecot/deliver -d $(recipient)
[Dovecot] question Thunderbird acl shared namespace
Hi Timo,
i have shared namespace
namespace shared {
separator = /
prefix = shared/%%d/%%u/
location = maildir:/usr/local/virtual/%d/%%u/:INDEX=~/shared/%%d/%%u/
subscriptions = no
list = children
inbox = no
}
acls are working as expected
no problem here
but if i look acl rights with thunderbird to another users shared folder
it reports it as domain not as user
like this
this folder is shared by domain ... you have bla bla rights
if i use
prefix = shared/%%u/
tb reports
this folder is shared by user ... you have bla bla rights
checked it via telnet looks right here with
prefix = shared/%%d/%%u/
list *
* LIST (\HasNoChildren) / Templates
* LIST (\HasNoChildren) / Sent
* LIST (\HasChildren) / Drafts
* LIST (\HasNoChildren) / Drafts/
* LIST (\HasNoChildren) / Test
* LIST (\HasChildren) / INBOX
* LIST (\HasNoChildren) / INBOX/
* LIST (\HasNoChildren) / Junk
* LIST (\HasNoChildren) / Trash
* LIST (\Noselect \HasChildren) /
shared/schetterer.com/mon...@schetterer.com
* LIST (\HasNoChildren) /
shared/schetterer.com/mon...@schetterer.com/Trash
* LIST (\HasNoChildren) /
shared/schetterer.com/mon...@schetterer.com/INBOX
7 OK List completed.
8 getacl shared/schetterer.com/mon...@schetterer.com/INBOX
* ACL shared/schetterer.com/mon...@schetterer.com/INBOX r
rob...@schetterer.com akxeilprwtscd
8 OK Getacl completed.
is this a known thunderbird problem
is there a workaround with dovecot known ?
or did i wrong tests via telnet ?
--
Best Regards
MfG Robert Schetterer
Germany/Munich/Bavaria
[Dovecot] Restoring backup?
I have understood correctly when thinking that all I need to do in order to restore mails, is to just copy the old maildir folder to the location where mail_location is pointing to and dovecot will find all the mails and display the old mails? Regards, BTJ -- --- Bjørn T Johansen b...@havleik.no --- Someone wrote: I understand that if you play a Windows CD backwards you hear strange Satanic messages To which someone replied: It's even worse than that; play it forwards and it installs Windows ---
Re: [Dovecot] Restoring backup?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Bjørn T Johansen said the following on 18/08/09 21:44: I have understood correctly when thinking that all I need to do in order to restore mails, is to just copy the old maildir folder to the location where mail_location is pointing to and dovecot will find all the mails and display the old mails? That's exactly what I do when I restore emails. Note that some mail clients need to restart in order to be aware of the restored mails. Ciao, luigi - -- / +--[Luigi Rosa]-- \ God runs electromagnetics by wave theory on Monday, Wednesday, and Friday, and the Devil runs them by quantum theory on Tuesday, Thursday, and Saturday. --William Bragg -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkqLCa4ACgkQ3kWu7Tfl6ZQ49ACfTpkzCaRmqOX8RVOujT4cZteu 0m0An3PWzCby4nxPJIJoosC1lT/kT5cT =s2BO -END PGP SIGNATURE-
Re: [Dovecot] Restoring backup?
On 8/18/2009, Bjørn T Johansen (b...@havleik.no) wrote: I have understood correctly when thinking that all I need to do in order to restore mails, is to just copy the old maildir folder to the location where mail_location is pointing to and dovecot will find all the mails and display the old mails? That should be it... Also be sure they have the correct permissions (depends on your setup)... -- Best regards, Charles
[Dovecot] dovecot auth is case insensitive, but fs is sensitive :)
others have found this problem ? this possible bug can be used by user in that way that one password login can use 2 maildirs in filesystem effitively give them all space qoutas and lost of other goodies so to speak: f...@example.com with a password can login with f...@example.com and f...@example.com add more chars to get more mailbox :/ confirms ? i found the problem when i had horde installed dovecot 1.1.7 -- xpoint # 1.1.7: /etc/dovecot/dovecot.conf # OS: Linux 2.6.30-gentoo-r5 x86_64 Gentoo Base System release 1.12.11.1 ext3 base_dir: /var/run/dovecot/ protocols: pop3 imap managesieve pop3s imaps ssl_listen: * ssl_ca_file: /etc/ssl/certs/ca-certificates.crt ssl_cert_file: /etc/ssl/private/home_server.pem ssl_key_file: /etc/ssl/private/home_privatekey.pem ssl_cipher_list: ALL:!LOW disable_plaintext_auth: no login_dir: /var/run/dovecot/login login_executable(default): /usr/libexec/dovecot/imap-login login_executable(imap): /usr/libexec/dovecot/imap-login login_executable(pop3): /usr/libexec/dovecot/pop3-login login_executable(managesieve): /usr/libexec/dovecot/managesieve-login login_greeting_capability(default): yes login_greeting_capability(imap): yes login_greeting_capability(pop3): no login_greeting_capability(managesieve): no login_processes_count: 2 login_max_processes_count: 10 first_valid_uid: 125 last_valid_uid: 125 first_valid_gid: 125 last_valid_gid: 125 mail_location: maildir:/home/vmail/%d/%u/.maildir mail_executable(default): /usr/libexec/dovecot/imap mail_executable(imap): /usr/libexec/dovecot/imap mail_executable(pop3): /usr/libexec/dovecot/pop3 mail_executable(managesieve): /usr/libexec/dovecot/managesieve mail_plugins(default): quota imap_quota mail_plugins(imap): quota imap_quota mail_plugins(pop3): quota mail_plugins(managesieve): mail_plugin_dir(default): /usr/lib/dovecot/imap mail_plugin_dir(imap): /usr/lib/dovecot/imap mail_plugin_dir(pop3): /usr/lib/dovecot/pop3 mail_plugin_dir(managesieve): /usr/lib64/dovecot/managesieve imap_client_workarounds(default): outlook-idle imap_client_workarounds(imap): outlook-idle imap_client_workarounds(pop3): imap_client_workarounds(managesieve): pop3_lock_session(default): no pop3_lock_session(imap): no pop3_lock_session(pop3): yes pop3_lock_session(managesieve): no pop3_client_workarounds(default): pop3_client_workarounds(imap): pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh pop3_client_workarounds(managesieve): sieve_storage(default): sieve_storage(imap): sieve_storage(pop3): sieve_storage(managesieve): /home/vmail/%d/%u/.sieve sieve(default): sieve(imap): sieve(pop3): sieve(managesieve): /home/vmail/%d/%u/.dovecot.sieve namespace: type: private inbox: yes list: yes subscriptions: yes auth default: mechanisms: plain login worker_max_count: 4 passdb: driver: sql args: /etc/dovecot/dovecot-sql.conf userdb: driver: sql args: /etc/dovecot/dovecot-sql.conf socket: type: listen client: path: /var/spool/postfix/private/auth mode: 432 user: postfix group: postfix master: path: /var/run/dovecot/auth-master mode: 438
Re: [Dovecot] dovecot auth is case insensitive, but fs is sensitive :)
On Aug 19, 2009, at 1:37 AM, Benny Pedersen wrote: others have found this problem ? Dovecot auth isn't case-insensitive. But MySQL is, and I guess you're using it? There are several different ways around it.
