Re: [Dovecot] log for each user

[Pascal Volk]

On 08/25/2009 06:57 AM Thomas G. Lau wrote:
> Dear all,
> 
> does anyone did any scripting to log every user activity such as remove 
> message? we got some user keep blaming us about message lost on email 
> server, wondering if any of you did anything about this? Thanks.

Would this plugin be OK for you?
http://wiki.dovecot.org/Plugins/MailLog


Regards,
Pascal
-- 
The trapper recommends today: defaced.0923...@localdomain.org

[Dovecot] log for each user

[Thomas G. Lau]

Dear all,

does anyone did any scripting to log every user activity such as remove 
message? we got some user keep blaming us about message lost on email 
server, wondering if any of you did anything about this? Thanks.

Re: [Dovecot] rawlog not work

[Thomas G. Lau]

Dear all,

nevermind, fixed.

Thomas G. Lau wrote:

Dear all,

I am trying to setup dovecot on centos 5.3, dovecot.rawlog is created 
in user home dir and change to user as owner. But when I try to telnet 
into pop3 and use list command, nothing is logged and dovecot.rawlog 
remain empty. should I run rawlog even on login_executable ? Please 
advice.


dovecot --version
1.2.4


# 1.2.4: /etc/dovecot.conf
# OS: Linux 2.6.18-128.4.1.el5 x86_64 CentOS release 5.3 (Final)
protocols: pop3
login_dir: /var/run/dovecot/login
login_executable: /usr/libexec/dovecot/pop3-login
login_processes_count: 1
mail_debug: yes
mail_executable: /usr/libexec/dovecot/rawlog /usr/libexec/dovecot/pop3
mail_plugin_dir: /usr/lib64/dovecot/pop3
lda:
 postmaster_address: postmas...@example.com
auth default:
 passdb:
   driver: pam
 userdb:
   driver: passwd

[Dovecot] rawlog not work

[Thomas G. Lau]

Dear all,

I am trying to setup dovecot on centos 5.3, dovecot.rawlog is created in 
user home dir and change to user as owner. But when I try to telnet into 
pop3 and use list command, nothing is logged and dovecot.rawlog remain 
empty. should I run rawlog even on login_executable ? Please advice.


dovecot --version
1.2.4


# 1.2.4: /etc/dovecot.conf
# OS: Linux 2.6.18-128.4.1.el5 x86_64 CentOS release 5.3 (Final)
protocols: pop3
login_dir: /var/run/dovecot/login
login_executable: /usr/libexec/dovecot/pop3-login
login_processes_count: 1
mail_debug: yes
mail_executable: /usr/libexec/dovecot/rawlog /usr/libexec/dovecot/pop3
mail_plugin_dir: /usr/lib64/dovecot/pop3
lda:
 postmaster_address: postmas...@example.com
auth default:
 passdb:
   driver: pam
 userdb:
   driver: passwd

Re: [Dovecot] Aborted: Worker is buggy

[David Jonas]

On 8/24/09 , Aug 24, 11:10 AM, Timo Sirainen wrote:

On Thu, 2009-08-20 at 08:03 -0700, David Jonas wrote:
   

Aug 20 05:34:38 kelly dovecot: auth(default): BUG: Worker sent reply
with id 53, expected 54
 

http://hg.dovecot.org/dovecot-1.2/rev/0827941c0e7c fixes it, I think.

   
Applied to 1.2.4. It may be a long time until it happens again since 
I've moved the slow databases, but I'll try to break the old version and 
the patched version and post the results.


Thanks,

David

Re: [Dovecot] Per user namespace

[Adam McDougall]

Timo Sirainen wrote:

On Mon, 2009-08-24 at 11:13 -0600, Ashley M. Kirchner wrote:
  
I'm in the process of upgrading an old server which is running 
uw-imap to a new one running Dovecot.  With the old machine, 
unfortunately, my users had the opportunity to store their e-mails in 
various locations.  For example, some have their mail boxes stored in 
~/mail/[various mbox files], others ALSO have a ~/mail/clients/[various 
mbox files] and yet others simply stored them in their ~/ path (thanks 
to the old IMAP).  Is there a way to create per-user namespaces?  I 
don't want to create a "mail/", "mail/clients/", etc., etc. global name 
space that will end up showing up on everyone's mail client, nor do I 
want to individually change each user's setup (and rewrite their 
.subscriptions file).



I think the best solution would be to just finally standardize
everyone's mailboxes under ~/mail/. It'll probably help you in future..

But yeah, it's possible to create per-user namespaces by returning
namespace_* extra fields from your userdb. There isn't existing
documentation how exactly to do that, but basically you'll just have to
return the same namespace_* fields that exist in NAMESPACE_* environment
variables. You can get a dump of those using post-login script, see
http://wiki.dovecot.org/PostLoginScripting. Alternatively you could just
set up those NAMESPACE_* settings directly in the post-login script by
e.g. reading some file from home dir. But don't let users specify
anything, the process is still running as root at that point and they'll
get root privileges by changing just a few environment settings..

http://wiki.dovecot.org/Plugins/Virtual also gives a simple example how
to return a different inbox=yes namespace for different users.
  
It sounds like a similar issue I had to deal with, I ended up making 
several global
name-spaces equivalent to ~, ~/mail, and ~/Mail but I made the last two 
hidden so
legacy client setups will still work but new clients would not 
automatically find
them.  The only drawback I found was client apparently could not see my 
public
folder namespaces unless they used the ~ namespace (blank prefix in the 
client).

Since so few of my users need public folders I was fine with that.

Re: [Dovecot] Dovecot + DRBD/GFS mailstore

[Romer Ventura]

Last time i checked the free version of DRBD only supports 2 nodes.  
The paid version supports 16 nodes. This however, doesnt mean that  
you cannot use the storage via NFS or SMB/CIFS mount point. Only that  
the DRBD replication will only happen to 2 nodes. If a third node is  
supported on the free version, it would be for quorum only.


They might have changed it since, but i doubt it.

On Aug 24, 2009, at 10:51 AM, Eric Jon Rostetter wrote:


Quoting Guy :


I'm looking at the possibility of running a pair of servers with
Dovecot LDA/imap/pop3 using internal drives with DRBD and GFS (or
other clustered FS) for the mail storage and ext3 for the root drive.


I'm in testing right now with this setup.  Two Dell PE 2900 servers
(quad core @ 2.3 GHz, 8 GB RAM, raid 10 for the GFS+DRBD disk, raid 1
for the ext3 disks).  Running DRBD as a master/master setup.

I added a third node for webmail (Dell PE 2650), but it doesn't do the
DRBD or GFS.  It is there mostly to make a 3-node cluster versus 2- 
node
cluster, to avoid split-brain type situations.  And of course to do  
the

webmail. :)

Using MailScanner as the MTA, dovecot for pop/imap, mailman for  
mailing
lists, Horde/IMP/etc for webmail.   All held together with RHCS on  
CentOS

5.3.

All services run on only one node at a time, with failover...  This  
may
or may not help with GFS lock contention (not for /var/spool/mail,  
since
it is always accessed from both nodes at once, but yes for dovecot  
indexes
since they are only ever accessed on one node at a time, etc).   
This is
probably where performance will really be decided (GFS lock  
contention).


Cluster Status for mailer @ Mon Aug 24 10:27:12 2009
Member Status: Quorate

 Member Name ID   Status
 --   --
 mailer1-hb.localdomain  1 Online, rgmanager
 mailer2-hb.localdomain  2 Online, Local,  
rgmanager

 webmail1-hb.localdomain 3 Online, rgmanager

 Service Name   Owner (Last)   State
 ---    - --   -
 service:Apache mailer1-hb.localdomain started
 service:Dovecotmailer1-hb.localdomain started
 service:MailManmailer2-hb.localdomain started
 service:MailScannermailer2-hb.localdomain started
 service:VIP-MAIL   mailer1-hb.localdomain started
 service:VIP-SMTP   mailer2-hb.localdomain started
 service:WebMailwebmail1-hb.localdomainstarted


Has anyone had experience with a setup like the one I'm suggesting?
What was performance like with Dovecot using GFS?


So far it is early testing.  63 users, but only about 12 of those are
"power users".  The performance has been real good so far, but as I  
say,

not many users yet.

My GFS is sharing the mail log files (via syslog-ng, what would  
otherwise
be /var/log/maillog), the dovecot index files, the /var/spool/mail/  
mbox
spool (yes, I use mbox), and "shared" configuration files for the  
two nodes
(mailman data, MailScanner/Sendmail configs, dovecot config, clamav/ 
spamd

config, procmail config, apache config, ssl certificates, etc).

If interested, I can let you know about performance once I know  
more...



Thanks
Guy


--
Eric Rostetter
The Department of Physics
The University of Texas at Austin

This message is provided "AS IS" without warranty of any kind,
either expressed or implied.  Use this message at your own risk.

Re: [Dovecot] xtreemfs

[Robert Schetterer]

Timo Sirainen schrieb:
> On Mon, 2009-08-24 at 15:38 +0200, Björn Kolbeck wrote:
>> Hi Robert,
>>
>> I am one of the XtreemFS developers. We had some problems with dovecot's
>> index files on XtreemFS due to way FUSE handles inode numbers. We fixed
>> that and the current version in our svn (revision r1100) is now running
>> smoothly with dovecot. We will package a new release next week that
>> includes these fixes.
> 
> Did you also try stress testing the same mailbox on multiple servers
> with my imaptest tool? http://imapwiki.org/ImapTest That's the easiest
> way to break things. :)
> 

Hi Bjoern,
thx for info

-- 
Best Regards

MfG Robert Schetterer

Germany/Munich/Bavaria

Re: [Dovecot] fchown() failed

[Timo Sirainen]

On Wed, 2009-08-19 at 13:18 +0100, Arthur Dent wrote:
> dovecot: Dovecot v1.2.0 starting up (core dumps disabled): 1 Time(s)
> dovecot: IMAP(mark): fchown() failed with file 
> /home/mark/Mail/.imap/INBOX/dovecot.index.log.newlock: Operation not 
> permitted: 1 Time(s)

v1.2.3+ would have given a bit better error message here. Anyway the
issue is that nowadays Dovecot tries to preserve mailbox's permissions
so that shared mailboxes work properly. What permissions do you have in
the actual INBOX file?

My guess is that you have 0660 permissions of /var/mail/$USER so Dovecot
tries to preserve the group. Easiest fix that also makes your system
more secure is to chmod 0600 it.

> As I access my mailbox several times a day (and certainly did yesterday)
> from several different mail clients I am surprised that the error count
> is only 1 for most the above entries. Is this being caused by some sort
> of cron job (logrotate perhaps)?

It happens only when index files are being created/rotated, which
happens automatically "every once in a while".


signature.asc
Description: This is a digitally signed message part

Re: [Dovecot] quota bug

[Timo Sirainen]

On Wed, 2009-08-19 at 09:25 +0300, Amr Shahin wrote:
> Hello
> i use dovecot for our mail server, it's installed on about 8 servers and
> it's doing really good, thanks for the great effort :-)
> however, i have been facing a quota problem recently, dovecot says that some
> users are using for example (700MB) while they are actually using (10MB),
> i solve this by removing *maildirsize *which solves it, is there any fix for
> this bug ?

It's more likely to be a misconfiguration than a bug. So dovecot -n
output could be useful, and like Wouter asked, how do you deliver mails?



signature.asc
Description: This is a digitally signed message part

Re: [Dovecot] Dovecot and LDAP-Quotas

[Timo Sirainen]

On Tue, 2009-08-18 at 00:51 -0700, south africa wrote:

>   userdb:
> driver: ldap
> args: /etc/dovecot-ldap-userdb.conf
> 
> but with no success.

Do you have any other userdbs now? What does dovecot-ldap-userdb.conf
now contain? Is it only quota that's now broken or the logins
completely?

Set auth_debug=yes and log in, what does it say?

> I have another question: Does Dovecot expect a special "field type" for the 
> ldap quota field (for ex. integer)?

No.



signature.asc
Description: This is a digitally signed message part

Re: [Dovecot] Dovecot LDA

[Timo Sirainen]

On Thu, 2009-08-20 at 15:01 +0800, Wouter van der Schagt wrote:
> However, I found that in the vpopmail tables in pw_shell the quota is listed 
> in maildir format. (ie: 1000S) and on the Wiki I read that dovecot can 
> understand this format, however I am not sure how to change the above quota 
> rules so that I get something like:
> 
> plugin {
>   quota = maildir
>   quota_rule = ?:storage=%q
> }

%q doesn't expand in there. Use something like:

auth {
  ..
  userdb vpopmail {
args = quota_template=quota_rule=?:backend=%q
  }
  ..
}



signature.asc
Description: This is a digitally signed message part

Re: [Dovecot] Dovecot LDA

[Timo Sirainen]

On Thu, 2009-08-20 at 13:38 +0800, Wouter van der Schagt wrote:
> > You need to configure Dovecot to create the auth-master socket.
> > http://wiki.dovecot.org/LDA#Virtual_users
> 
> I have it working now, it wasn't working because the parent directory of 
> auth_master didn't exist. I modified the wiki to include that this path has 
> to exist and is not created automatically (ie: /var/run/dovecot).

Umm. Hmm. If that directory doesn't exist, it gives an error message at
Dovecot startup:

auth(default): Error: bind(/var/run/dovecot/auth-master) failed: No such
file or directory

I think you should have had that too? Also the socket should typically
be in Dovecot's base_dir, which is created automatically.



signature.asc
Description: This is a digitally signed message part

Re: [Dovecot] Aborted: Worker is buggy

[Timo Sirainen]

On Thu, 2009-08-20 at 08:03 -0700, David Jonas wrote:
> Aug 20 05:34:38 kelly dovecot: auth(default): BUG: Worker sent reply 
> with id 53, expected 54

http://hg.dovecot.org/dovecot-1.2/rev/0827941c0e7c fixes it, I think.



signature.asc
Description: This is a digitally signed message part

Re: [Dovecot] require SSL certs only for encrypted connections?

[Timo Sirainen]

On Thu, 2009-08-20 at 18:30 -0700, Florin Andrei wrote:
> # 1.1.11: /etc/dovecot/dovecot.conf
..
> Is there a way to require a cert from the iPhone TLS connections on port 
> 993, but do not require it from clients connecting to port 143?

Not that easily.. A few possibilities:

a) Run two different Dovecots with two different config files.

b) Upgrade to v1.2 and use SQL passdb and check %c and %k variables.
http://wiki.dovecot.org/Variables

Hmm. Maybe the setting could have a new "with-ssl" option or something..



signature.asc
Description: This is a digitally signed message part

Re: [Dovecot] libvpopmail.so

[Timo Sirainen]

On Fri, 2009-08-21 at 17:08 +0200, Noris Luigi wrote:
> while loading shared libraries: libvpopmail.so: cannot open shared
> object file: No such file or directory
> 
> I do not undestand if there is a place where can i put libvpopmail.so
> manually, or specify the position of this file becaust the file exist
> and is normally in /home/vpopmail/lib/ and accessible in read from
> all.
> under there is my configuration.

3 possibilities:

a) Use LDFLAGS='-R/home/vpopmail/lib' ./configure .. when configuring
Dovecot. (At least I think that should work, or maybe I'm thinking of
Solaris ld, since I've usually done it only on Solaris.)

b) Add /home/vpopmail/lib/ to /etc/ld.so.conf and run ldconfig.

c) Copy or symlink the libvpopmail.so to some path that already exists
in /etc/ld.so.conf and run ldconfig.



signature.asc
Description: This is a digitally signed message part

Re: [Dovecot] quota-dirsize and mailbox rules

[Timo Sirainen]

On Fri, 2009-08-21 at 16:05 +0300, Thanos Chatziathanassiou wrote:
> I noticed that the dirsize backend for quota didn't support any rules 
> and figured it should be easy enough to add ``ignore'' at least.
> Using mbox storage and only tested with that, but it seems to work as 
> expected for the time being.
> I'm attaching a relatively small patch for quota-dirsize.c against 
> dovecot-1.1.18 just in case anyone's interested.

The only problem with that is that it should be checking the full
mailbox name instead of just the file name. So there are two issues
here:

1. If you're ignoring "foo/bar", your patch currently looks up only to
see if "bar" is ignored.

2. Namespace prefixes need to be used. So for example if you're using
namespace { prefix = INBOX/ } and you see a file "foo", you should look
for rule "INBOX/foo".



signature.asc
Description: This is a digitally signed message part

Re: [Dovecot] expire plugin: columns not uniq

[Timo Sirainen]

On Mon, 2009-08-24 at 13:27 -0400, Timo Sirainen wrote:
> > CREATE TRIGGER mergeexpire BEFORE INSERT ON expires FOR EACH ROW
> > BEGIN 
> > UPDATE expires SET expire_stamp=NEW.expire_stamp 
> > WHERE username = NEW.username AND mailbox = NEW.mailbox; 
> > SELECT raise(ignore) 
> > WHERE (SELECT 1 FROM expires WHERE username = NEW.username AND 
> > mailbox = NEW.mailbox) IS NOT NULL;
> > END;
> > 
> > This seem some kind crudely to me, but it's working.
> 
> That looks correct to me. 

Oh, except there's a small race condition if the first row is being
added at the same time by two processes. That's why the PostgreSQL
trigger is so much more complex. But it should be somewhat rare I
guess..

Unless SQLite has some locks that prevent that? Anyway I was thinking
that two processes run the UPDATE part of the trigger and then both try
to INSERT. One of them succeeds and the other one fails. But the row
gets added anyway and the timestamp is the same anyway, so it probably
doesn't matter all that much, just logs an error.


signature.asc
Description: This is a digitally signed message part

[Dovecot] Failover authentication Ldap

[Michel Bulgado]

Hi List

I use dovecot with LDA deliver, have quotas for my users use postfix as
MTA server. as it could limit or refuse delivery of mail once the user
has exceeded the limit of the quota?


As in my configuration could define multiple LDAP servers?

I have two servers with Active Directory, a PDC and a BDC, but I would
specify both in the same configuration. for when the ldap server 1 has
problems,  authenticating against Ldap 2 .

Thanks

Michel

Re: [Dovecot] expire plugin: columns not uniq

[Timo Sirainen]

On Fri, 2009-08-21 at 17:02 +0300, Nikita Koshikov wrote:
> > Search the Wiki about Postgres and the requirement of a TRIGGER.
> > I guess that sqlite requires something like this.
> 
> Maybe someone family with sqlite will say how to make this trigger better and 
> constrain check field existence before doing UPDATE
> 
> CREATE TRIGGER mergeexpire BEFORE INSERT ON expires FOR EACH ROW
> BEGIN 
>   UPDATE expires SET expire_stamp=NEW.expire_stamp 
>   WHERE username = NEW.username AND mailbox = NEW.mailbox; 
>   SELECT raise(ignore) 
>   WHERE (SELECT 1 FROM expires WHERE username = NEW.username AND 
> mailbox = NEW.mailbox) IS NOT NULL;
> END;
> 
> This seem some kind crudely to me, but it's working.

That looks correct to me. I'll add it to the wiki page. A similar
trigger could be used for dict quota too. So now that SQLite is working,
I'll just start deprecating Berkeley DB support even more strongly.
Thanks. :)



signature.asc
Description: This is a digitally signed message part

Re: [Dovecot] Per user namespace

[Ashley M. Kirchner]

Timo Sirainen wrote:

I think the best solution would be to just finally standardize
everyone's mailboxes under ~/mail/. It'll probably help you in future..
  

   I'm leaning that way, but at the same time dreading it.


http://wiki.dovecot.org/Plugins/Virtual also gives a simple example how
to return a different inbox=yes namespace for different users.
  
   The good thing is that *everyone's* INBOX lives in /var/spool/mail/ 
(it's actually an NFS mount from the mail spooler).  It's the multiple 
mboxes they've created over the years to sort out (and empty out) their 
INBOX and store in their user space.


   Thanks for the suggestions and pointers!

   AMK4

--
W | It's not a bug - it's an undocumented feature.
 +
 Ashley M. Kirchner    .   303.442.6410 x130
 IT Director / SysAdmin / Websmith . 800.441.3873 x130
 Photo Craft Imaging   .  2901 55th Street
 http://www.pcraft.com . .  ..   Boulder, CO 80301, U.S.A. 

Re: [Dovecot] Per user namespace

[Timo Sirainen]

On Mon, 2009-08-24 at 11:13 -0600, Ashley M. Kirchner wrote:
> I'm in the process of upgrading an old server which is running 
> uw-imap to a new one running Dovecot.  With the old machine, 
> unfortunately, my users had the opportunity to store their e-mails in 
> various locations.  For example, some have their mail boxes stored in 
> ~/mail/[various mbox files], others ALSO have a ~/mail/clients/[various 
> mbox files] and yet others simply stored them in their ~/ path (thanks 
> to the old IMAP).  Is there a way to create per-user namespaces?  I 
> don't want to create a "mail/", "mail/clients/", etc., etc. global name 
> space that will end up showing up on everyone's mail client, nor do I 
> want to individually change each user's setup (and rewrite their 
> .subscriptions file).

I think the best solution would be to just finally standardize
everyone's mailboxes under ~/mail/. It'll probably help you in future..

But yeah, it's possible to create per-user namespaces by returning
namespace_* extra fields from your userdb. There isn't existing
documentation how exactly to do that, but basically you'll just have to
return the same namespace_* fields that exist in NAMESPACE_* environment
variables. You can get a dump of those using post-login script, see
http://wiki.dovecot.org/PostLoginScripting. Alternatively you could just
set up those NAMESPACE_* settings directly in the post-login script by
e.g. reading some file from home dir. But don't let users specify
anything, the process is still running as root at that point and they'll
get root privileges by changing just a few environment settings..

http://wiki.dovecot.org/Plugins/Virtual also gives a simple example how
to return a different inbox=yes namespace for different users.


signature.asc
Description: This is a digitally signed message part

[Dovecot] Per user namespace

[Ashley M. Kirchner]

   I'm in the process of upgrading an old server which is running 
uw-imap to a new one running Dovecot.  With the old machine, 
unfortunately, my users had the opportunity to store their e-mails in 
various locations.  For example, some have their mail boxes stored in 
~/mail/[various mbox files], others ALSO have a ~/mail/clients/[various 
mbox files] and yet others simply stored them in their ~/ path (thanks 
to the old IMAP).  Is there a way to create per-user namespaces?  I 
don't want to create a "mail/", "mail/clients/", etc., etc. global name 
space that will end up showing up on everyone's mail client, nor do I 
want to individually change each user's setup (and rewrite their 
.subscriptions file).


   Any solutions here, or am I SOL?

   AMK4

--
W | It's not a bug - it's an undocumented feature.
 +
 Ashley M. Kirchner    .   303.442.6410 x130
 IT Director / SysAdmin / Websmith . 800.441.3873 x130
 Photo Craft Imaging   .  2901 55th Street
 http://www.pcraft.com . .  ..   Boulder, CO 80301, U.S.A. 

Re: [Dovecot] dovecot-auth failed: Not enough space

[Timo Sirainen]

On Mon, 2009-08-24 at 17:36 +0100, S. A. Woltering wrote:
> # /opt/dovecot/sbin/dovecot
> Info: If you have trouble with authentication failures,
> enable auth_debug setting. See http://wiki.dovecot.org/WhyDoesItNotWork
> 
> Not a good start...

That's just an Info message, it's written every time at startup.

> execv(/opt/dovecot/libexec/dovecot/imap-login) failed: Not enough space

login_process_size = 0. I guess I should look into changing these
messages to mention the setting name. It already does that in some
situations..

And I guess you'll have the same problem with mail_process_size too.



signature.asc
Description: This is a digitally signed message part

Re: [Dovecot] dovecot-auth failed: Not enough space

[S. A. Woltering]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Timo Sirainen wrote:
> On Mon, 2009-08-24 at 14:52 +0100, S. A. Woltering wrote:
>> execv(/opt/dovecot/libexec/dovecot/dovecot-auth) failed: Not enough space
> 
> Increase auth_process_size or just set it to 0.
> 

Thanks for this Timo. It gets me a little closer!
Now, I start the daemon as before and I get...

# /opt/dovecot/sbin/dovecot
Info: If you have trouble with authentication failures,
enable auth_debug setting. See http://wiki.dovecot.org/WhyDoesItNotWork

Not a good start...

So I poke about in syslog and find...

Aug 24 17:02:37 bilbo dovecot: Dovecot v1.2.4 starting up
Aug 24 17:02:38 bilbo dovecot: Temporary failure in creating login
processes, slowing down for now
Aug 24 17:02:38 bilbo dovecot: child 23188 (login) returned error 84
(exec() failed)
Aug 24 17:02:38 bilbo dovecot: child 23187 (login) returned error 84
(exec() failed)
Aug 24 17:02:38 bilbo dovecot: Fatal:
execv(/opt/dovecot/libexec/dovecot/imap-login) failed: Not enough space
Aug 24 17:02:38 bilbo  above message repeats 5 times
Aug 24 17:02:38 bilbo dovecot: child 23186 (login) returned error 84
(exec() failed)

Oh no!
Connection via thunderbird client simply stops for the timeout period
and complains that connection to server has timed out.

Processes running on the server are:
# ps -ef | grep dove
root 26261 1  0 17:14:15 ? 0:00 /opt/dovecot/sbin/dovecot
root 26263 26261  0 17:14:15 ? 0:00 dovecot-auth -w
root 26262 26261  0 17:14:15 ? 0:00 dovecot-auth

No IMAP processes at all. :-(

Sorry about the repeated questioning.
A

PS: Yes I do enable auth_debug, but it doesn't tell me anything extra...

- --
Steven-Ashley Woltering, Systems Analyst,
ECMWF, Shinfield Park, Reading, RG2 9AX, UK
Tel.: +44 1189 499473 (internal x2473)
Email: steven.wolter...@ecmwf.int
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.4-svn0 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iD8DBQFKksGkh854NVK99FMRArg8AJ9EGlLzCpH/uGBhaFjGT0TZ2F2qNgCffiE2
kqzXP6y4cJ8zJkZoh4VVvf0=
=eArO
-END PGP SIGNATURE-

Re: [Dovecot] Problem with ldap error logging

[Stefano Fedrigo]

Timo Sirainen wrote:
> On Mon, 2009-08-24 at 11:07 +0200, Stefano Fedrigo wrote:
>> I configured dovecot to authenticate through ldap.  When for some reason the
>> ldap server is not working dovecot writes this message to the system log:
>>
>> dovecot: auth(default): accept(type 1) failed: Too many open files
>>
>> "Too many open files" is caused by an openldap bug.
> 
> Do you know what bug? What does Dovecot log before those errors? I
> haven't had this problem when LDAP server goes down.

Openldap opens many times /lib/libnspr4.so, until hits the max open files
limit.  I suspect the problem is this one:

https://bugzilla.mozilla.org/show_bug.cgi?id=496997

But applying the suggested patch doesn't resolve it.

This patch seems to be the cause:

https://bugzilla.redhat.com/show_bug.cgi?id=502133#c19

The version of dovecot is on Fedora 11, 1.2.3-1.

I see nothing strange in logs before the errors.  I turned on "auth_verbose"
and "auth_debug" options in case it happens again.

>> The serious problem is
>> that dovecot repeats that message a huge number of times, something like 
>> 2
>> times per second, until the ldap daemon starts working or, more likely, no 
>> more
>> disk space remains.
> 
> I guess I could work around it, but then again no one else has had this
> problem.. It'll be fixed in v2.0 in any case.

Of course the main problem is with Openldap, but such a fix could be very
useful to improve system's reliability when using Dovecot.

-- 
  // Stefano Fedrigo - Develer S.r.l.
\X/  http://www.develer.com

Re: [Dovecot] Dovecot + DRBD/GFS mailstore

[Eric Jon Rostetter]

Quoting Guy :


I'm looking at the possibility of running a pair of servers with
Dovecot LDA/imap/pop3 using internal drives with DRBD and GFS (or
other clustered FS) for the mail storage and ext3 for the root drive.


I'm in testing right now with this setup.  Two Dell PE 2900 servers
(quad core @ 2.3 GHz, 8 GB RAM, raid 10 for the GFS+DRBD disk, raid 1
for the ext3 disks).  Running DRBD as a master/master setup.

I added a third node for webmail (Dell PE 2650), but it doesn't do the
DRBD or GFS.  It is there mostly to make a 3-node cluster versus 2-node
cluster, to avoid split-brain type situations.  And of course to do the
webmail. :)

Using MailScanner as the MTA, dovecot for pop/imap, mailman for mailing
lists, Horde/IMP/etc for webmail.   All held together with RHCS on CentOS
5.3.

All services run on only one node at a time, with failover...  This may
or may not help with GFS lock contention (not for /var/spool/mail, since
it is always accessed from both nodes at once, but yes for dovecot indexes
since they are only ever accessed on one node at a time, etc).  This is
probably where performance will really be decided (GFS lock contention).

Cluster Status for mailer @ Mon Aug 24 10:27:12 2009
Member Status: Quorate

 Member Name ID   Status
 --   --
 mailer1-hb.localdomain  1 Online, rgmanager
 mailer2-hb.localdomain  2 Online, Local, rgmanager
 webmail1-hb.localdomain 3 Online, rgmanager

 Service Name   Owner (Last)   State
 ---    - --   -
 service:Apache mailer1-hb.localdomain started
 service:Dovecotmailer1-hb.localdomain started
 service:MailManmailer2-hb.localdomain started
 service:MailScannermailer2-hb.localdomain started
 service:VIP-MAIL   mailer1-hb.localdomain started
 service:VIP-SMTP   mailer2-hb.localdomain started
 service:WebMailwebmail1-hb.localdomainstarted


Has anyone had experience with a setup like the one I'm suggesting?
What was performance like with Dovecot using GFS?


So far it is early testing.  63 users, but only about 12 of those are
"power users".  The performance has been real good so far, but as I say,
not many users yet.

My GFS is sharing the mail log files (via syslog-ng, what would otherwise
be /var/log/maillog), the dovecot index files, the /var/spool/mail/ mbox
spool (yes, I use mbox), and "shared" configuration files for the two nodes
(mailman data, MailScanner/Sendmail configs, dovecot config, clamav/spamd
config, procmail config, apache config, ssl certificates, etc).

If interested, I can let you know about performance once I know more...


Thanks
Guy


--
Eric Rostetter
The Department of Physics
The University of Texas at Austin

This message is provided "AS IS" without warranty of any kind,
either expressed or implied.  Use this message at your own risk.

Re: [Dovecot] Problems with dovecot/sendmail combi.

[Timo Sirainen]

On Fri, 2009-08-21 at 14:57 +0200, Roger wrote:
> Looks like this is working, imapsync now nicely makes the subfolders. But, 
> when I try to log in from the webmail server I got this error:
> IMAP(sannevdh): Error: stat(/var/mail/sannevdh/tmp) failed: Not a directory

So you want mbox as INBOX and Maildir elsewhere?
http://wiki.dovecot.org/Namespaces has example for that.

>   prefix: #mbox/
>   location: maildir:~/Maildir:INBOX=/var/mail/%u

You need to use mbox: prefix and some other path than ~/Maildir.



signature.asc
Description: This is a digitally signed message part

Re: [Dovecot] Problem with ldap error logging

[Timo Sirainen]

On Mon, 2009-08-24 at 11:07 +0200, Stefano Fedrigo wrote:
> I configured dovecot to authenticate through ldap.  When for some reason the
> ldap server is not working dovecot writes this message to the system log:
> 
> dovecot: auth(default): accept(type 1) failed: Too many open files
> 
> "Too many open files" is caused by an openldap bug.

Do you know what bug? What does Dovecot log before those errors? I
haven't had this problem when LDAP server goes down.

> The serious problem is
> that dovecot repeats that message a huge number of times, something like 2
> times per second, until the ldap daemon starts working or, more likely, no 
> more
> disk space remains.

I guess I could work around it, but then again no one else has had this
problem.. It'll be fixed in v2.0 in any case.



signature.asc
Description: This is a digitally signed message part

Re: [Dovecot] dovecot-auth failed: Not enough space

[Timo Sirainen]

On Mon, 2009-08-24 at 14:52 +0100, S. A. Woltering wrote:
> execv(/opt/dovecot/libexec/dovecot/dovecot-auth) failed: Not enough space

Increase auth_process_size or just set it to 0.



signature.asc
Description: This is a digitally signed message part

Re: [Dovecot] sieve vacation response

[Stephan Bosch]

bart wrote:

Jure Pečar wrote:
Currently, you need to add all allowed aliases to the :addresses 
argument of the vacation command. My TODO list contains a new feature 
that lets you extract additional valid aliases directly from a 
dictionary (e.g. an SQL database). It is not at the top of my TODO list 
yet, but since you are not the only one needing this, I'll give it some 
more priority.


Also :addresses ["*"] would be ok, without the need to explicitly list all
addresses.

  

You can circumvent explicitly listing all addresses by doing something
like this:

require ["variables", "envelope", "vacation"];
if envelope :matches "to" "*" {
  set "envto" "${1}";
  vacation
  :addresses ["${envto}"]
  "vacation message here...";
}


Iew, scary things one can do with the variables extension. :) Wouldn't 
surprise me when the specification authors did not consider this in 
their efforts to write the vacation RFC.


Beware that this solution will cause vacation responses to be sent when 
the mailbox is part of a multi-drop alias (an ad-hoc mailinglist). This 
is usually not what you want. When a large group is collectively on 
vacation, an unfortunate sender could receive many useless and redundant 
vacation responses from the implicit recipients. Basically, this means 
that potentially a response is sent for all implicitly delivered messages.


These considerations are also true for the "*" implementation suggested 
above.


Regards,

Stephan.

Re: [Dovecot] xtreemfs

[Timo Sirainen]

On Mon, 2009-08-24 at 15:38 +0200, Björn Kolbeck wrote:
> Hi Robert,
> 
> I am one of the XtreemFS developers. We had some problems with dovecot's
> index files on XtreemFS due to way FUSE handles inode numbers. We fixed
> that and the current version in our svn (revision r1100) is now running
> smoothly with dovecot. We will package a new release next week that
> includes these fixes.

Did you also try stress testing the same mailbox on multiple servers
with my imaptest tool? http://imapwiki.org/ImapTest That's the easiest
way to break things. :)



signature.asc
Description: This is a digitally signed message part

Re: [Dovecot] sieve vacation response

[bart]

Jure Pečar wrote:
>> Currently, you need to add all allowed aliases to the :addresses 
>> argument of the vacation command. My TODO list contains a new feature 
>> that lets you extract additional valid aliases directly from a 
>> dictionary (e.g. an SQL database). It is not at the top of my TODO list 
>> yet, but since you are not the only one needing this, I'll give it some 
>> more priority.
>> 
>
> Also :addresses ["*"] would be ok, without the need to explicitly list all
> addresses.
>
>   
You can circumvent explicitly listing all addresses by doing something
like this:

require ["variables", "envelope", "vacation"];
if envelope :matches "to" "*" {
  set "envto" "${1}";
  vacation
  :addresses ["${envto}"]
  "vacation message here...";
}


regards, bart

Re: [Dovecot] xtreemfs

[Björn Kolbeck]

Hi Robert,

I am one of the XtreemFS developers. We had some problems with dovecot's
index files on XtreemFS due to way FUSE handles inode numbers. We fixed
that and the current version in our svn (revision r1100) is now running
smoothly with dovecot. We will package a new release next week that
includes these fixes.

Best Regards,
Björn


Robert Schetterer wrote:
> Timo Sirainen schrieb:
>> On Fri, 2009-08-14 at 18:08 +0200, Robert Schetterer wrote:
>>> Hi @ll,
>>> has anybody tried this with dovecot yet ?
>>> http://www.xtreemfs.org/
>> 
>> Looks like it uses FUSE, so probably works as well/badly as glusterfs.
>> mail_nfs_*=yes settings probably help if you intend to have multiple
>> servers access the same mailbox at the same time.
>> 
> Thx Timo for fast answer
> perhaps i will give it a chance in a testbed next

Re: [Dovecot] High load with Thunderbird

[Charles Marcus]

On 8/24/2009, Emmanuel Seyman (esey...@edd.fr) wrote:
> I'm using Dovecot 1.0.15 on our internal mail server and I'm seeing
> a high load from one of our users.

Upgrading might help (1.0.15 is old), but there are lots of things that
can cause this.

> This user uses Thunderbird (with the IMAP protocol) and the load
> average of the server goes through the roof every once in a while.
> I'ld like to understand why we're seeing this and whether the blame
> should be put on Thunderbird or on Dovecot.
> 
> Has anyone ever seen this before?

dovecot -n output and logs exhibiting the problem will go a long way to
providing an answer.

Obvious possibility: is the user moving/deleting a large number of
messages at once?

Again, upgrading is highly recommended (1.2.4 is current stable), but
I'd also suggest reading about optimizing at the bottom of this page:

http://wiki.dovecot.org/MailLocation/Maildir

-- 

Best regards,

Charles

[Dovecot] dovecot-auth failed: Not enough space

[S. A. Woltering]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Dear all,

I've been trying to get a Dovecot IMAP service running under HP-UX
11.23, IA64. The system has 6GB of spare space under /var and at least
the same amount of RAM free at the current time.

I've compiled from the latest source (1.2.4), using the following options:

# CC="/opt/aCC/bin/aCC" ./configure --prefix=/opt/dovecot
... usual make && make install

My config file follows at the end.

In essence, every time I attempt to start dovecot
(/opt/dovecot/sbin/dovecot, with no options)

I get the following on the command line:
Warning: Last died with error (see error log for more information): Auth
process died too early - shutting down
Info: If you have trouble with authentication failures,
enable auth_debug setting. See http://wiki.dovecot.org/WhyDoesItNotWork

Looking into /var/adm/syslog/mail.log, the lines associated with this
run read:
Aug 24 14:46:25 bilbo dovecot: Dovecot v1.2.4 starting up
Aug 24 14:46:25 bilbo dovecot: Fatal:
execv(/opt/dovecot/libexec/dovecot/dovecot-auth) failed: Not enough space
Aug 24 14:46:25 bilbo dovecot: Fatal: Auth process died too early -
shutting down


I've switched over to using a static passwd file type auth and I still
get the same error.

Hoping someone has some idea why this is happening...
Thanks,
Ashley






## Dovecot configuration file
##
base_dir = /var/run/dovecot
protocols = imap
listen = *
disable_plaintext_auth = no
shutdown_clients = yes

##
## Logging
##
log_timestamp = "%b %d %H:%M:%S "
syslog_facility = mail

##
## SSL settings
##
#ssl_listen =
ssl = no

##
## Login processes
##
login_dir = /var/run/dovecot/login
login_chroot = yes
login_user = dovecot

##
## Mailbox locations and namespaces
##
mail_location = maildir:/mail%h/Maildir

##
## IMAP specific settings
##
protocol imap {
  login_executable = /opt/dovecot/libexec/dovecot/imap-login
  mail_executable = /opt/dovecot/libexec/dovecot/imap
  #imap_max_line_length = 65536
  mail_max_userip_connections = 10
  #mail_plugins =
  mail_plugin_dir = /opt/dovecot/lib/dovecot/imap
  imap_logout_format = bytes=%i/%o
  #imap_capability =
  #imap_idle_notify_interval = 120
  #imap_id_send =
  #imap_id_log =
  #imap_client_workarounds =
}

##
## Authentication processes
##
auth_executable = /opt/dovecot/libexec/dovecot/dovecot-auth
auth_username_chars =
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@

auth default {
  passdb passwd-file {
args = /opt/dovecot/etc/imap-passwd.txt
  }
}

- --
Steven-Ashley Woltering, Systems Analyst,
ECMWF, Shinfield Park, Reading, RG2 9AX, UK
Tel.: +44 1189 499473 (internal x2473)
Email: steven.wolter...@ecmwf.int
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.4-svn0 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iD8DBQFKkpsnh854NVK99FMRAtVZAJ9nOt/HP1ODSTSMkLPNsPOfRK/EsACghPQ7
aFNOxf4hAKV7NKkiZ/4Z7X8=
=5Ww9
-END PGP SIGNATURE-

[Dovecot] High load with Thunderbird

[Emmanuel Seyman]

Hello, all.

I'm using Dovecot 1.0.15 on our internal mail server and I'm seeing
a high load from one of our users.

This user uses Thunderbird (with the IMAP protocol) and the load
average of the server goes through the roof every once in a while.
I'ld like to understand why we're seeing this and whether the blame
should be put on Thunderbird or on Dovecot.

Has anyone ever seen this before?

Emmanuel

[Dovecot] Automated Debian repository down for server move

[Stephan Bosch]

Hi,

The Debian repositories at xi.rename-it.nl will be physically moved from 
Amsterdam to Enschede. Estimated downtime is 4 hours as per 17:00 
Amsterdam time.


Regards,

Stephan.

Re: [Dovecot] SOT: Removing _extra_ linefeeds from MSOutlook(?) messages

[Steffen Kaiser]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Sat, 22 Aug 2009, Roderick A. Anderson wrote:

Anyone have a suggestion of how to _strip_ multiple line feeds from a 
message?  Is there a sieve method/way?  I don't want to fiddle with all 
the users emails just my own.


Pointers, ideas, clues?


Hmm, you could prepend a filter before you LDA.


Except it would, without lots of fiddling, affect all users.  I'm kind of 
heading towards me and my accounts only.


The filter could be user-aware, but it's not nice, I agree.

===

Can you forward to a local program?
Traditionally, this can be achieved by:

echo '"| /some/script_or_binary args"' >> ~user/.forward

So it would effect just this account.

Bye,

- -- 
Steffen Kaiser

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)

iQEVAwUBSpKAF3WSIuGy1ktrAQKPDQgAm7Ugxr1sgJKFex7nxASk7D41qqC/tjPv
EdQ7/Z8jy7TL35C5RSuuPKS/0k5T0vaA0f8EoSZIjfAHRPVXJpjyKwzs6Ysb7jVF
BdvXJm8f7OlZaFT0UJlRhKQ2+8YO36jPEENhW4n8gCGvCa1TVTqFO9A5zvCRZxB+
7RdBUIi+ue6W9A7jxQ7Ju6zmwIoyzkMmPFmjLw49gA8/2NptaD7jmap9cpuqRNJ4
UDk6QZbjUhCZhFwHpvzoJELfulk5D1xh/RgpLU+kb7ly7+OSmDLbNMwXm+jfiH0m
ngSbRveMcFEIftWlkGWQx3XvX5kIeoS2hpo/mQ80aaWGrLz8Pcjo6Q==
=0d+9
-END PGP SIGNATURE-

[Dovecot] Problem with ldap error logging

[Stefano Fedrigo]

I configured dovecot to authenticate through ldap.  When for some reason the
ldap server is not working dovecot writes this message to the system log:

dovecot: auth(default): accept(type 1) failed: Too many open files

"Too many open files" is caused by an openldap bug.  The serious problem is
that dovecot repeats that message a huge number of times, something like 2
times per second, until the ldap daemon starts working or, more likely, no more
disk space remains.

-- 
  // Stefano Fedrigo - Develer S.r.l.
\X/  http://www.develer.com