[Dovecot] failed: Cannot allocate memory
Hi when I try to index messages using squat on a 26'000 emails mailbox I get the below errors at the point dovecot says "* OK Mailbox indexing finished". 2010-01-30 08:12:50 sleipnir local7.err dovecot IMAP(s...@dom.com): read(/var/tmp/dovecot/spam/indexes/.INBOX_score20/dovecot.index.search.uids) failed: Cannot allocate memory 2010-01-30 08:12:50 sleipnir local7.err dovecot IMAP(s...@dom.com): mremap_anon(44609536) failed: Invalid argument 2010-01-30 08:12:50 sleipnir local7.err dovecot IMAP(s...@dom.com): read(/var/tmp/dovecot/spam/indexes/.INBOX_score20/dovecot.index.search.uids) failed: Invalid argument 2010-01-30 08:17:32 sleipnir local7.err dovecot IMAP(s...@dom.com): munmap_anon() failed: Invalid argument This is the configuration I use for squat: fts = squat fts_squat = partial=4 full=10 Dovecot version is 1.2.10, patched with sieve. Thanks for any answers, best, Philippp
Re: [Dovecot] Anyone successfully setup Continous Backup of mailboxes using rsync ?
Le Thu, 28 Jan 2010 13:07:32 +0500, CoolAtt NNA a écrit : > Am working on continous backup of mailboxes using rsync(for e.g by running > rsync every 2 min) > Things gets more complicated when users create Subfolders in INBOX , SENT , > etc.. > If anyone among you did that plz guide & advise. I'm going to share what I've did. This is not rocket science but enough for my SOHO needs. Each user mail boxes are stored in ~HOME/mail/ # cat /opt/crontab-scripts/rsync-local-email-backup.sh [...] for i in /home/*/mail/ rsync -a --delete $i ${PATHTOSAFEPLACE}/$(date +%u)/${i}/ RETURNCODE=$? [...] done [...] In clear, each day, I copy all mailboxes to a different (date +%u -> 0 to 6) safe sub-directory. I admit, it's very simple but enough for my needs and certainly could be improved.. Best regards, -- LMJ "May the source be with you my young padawan" http://sites.google.com/site/imatruelinuxmasterjedi/
[Dovecot] Authentication failure (password mismatch?)
I setup dovecot on my laptop to practice on. I was following some of the information on this page: https://help.ubuntu.com/community/PostfixVirtualMailBoxClamSmtpHowto#Testing Your Setup I created the in this format: user:{plain}pass:1000:1000::/home/user::userdb_mail=maildir:~/Maildir for userdb passwd-file. I used smart for the user and wade for the password (its just for testing) and then attempted to log into the system. Im getting these errors: auth-worker(default): pam(smart,127.0.1.1): lookup service=dovecot auth-worker(default): pam(smart,127.0.1.1): #1/1 style=1 msg=Password; auth-worker(default): pam(smart,127.0.1.1): pam_authenticate() failed: Authentication failure( password mismatch?) auth-worker(default): passwd-file /etc/dovecot/passwd.dovecot: Read 1 users auth-worker(default): passwd-file(smart,127.0.1.1): lookup: user=smart file=/etc/dovecot/passwd.dovecot Its reading the file but the password is incorrect. Im not understanding that part. Wade Smart -- Registered Linux User: #480675 Registered Linux Machine: #408606 Linux since June 2005
Re: [Dovecot] How do I make dovecot not use sslv2 for pop?
Timo Sirainen wrote: So I guess what happens is that OpenSSL advertises that it supports SSLv2. But then the ssl_cipher_list's !SSLv2 doesn't let the SSLv2 handshake actually go through. So it's not really possible to use SSLv2. You can verify this with: openssl s_client -ssl2 -connect localhost:995 CONNECTED(0003) depth=0 /C=US/ST=California/L=Mountain View/O=Out of the Box Computing/CN=ootbcomp.com verify error:num=18:self signed certificate verify return:1 depth=0 /C=US/ST=California/L=Mountain View/O=Out of the Box Computing/CN=ootbcomp.com verify return:1 10171:error:1406D0B8:SSL routines:GET_SERVER_HELLO:no cipher list:s2_clnt.c:450: So you're saying that because the last line shows the cipher list stopping it, then the security problems with sslv2 can't bite me? Patrick
Re: [Dovecot] Want to have some users with Maildir, some with mbox
http://wiki.dovecot.org/Migration/MailFormat shows a bunch of scripts, one of them claims to preserve UIDs. Does anyone here have direct successful experience with this? I only asked about this because a comment on that same page says, "None of the solutions described below preserve the message UIDs." (Some of my users have > 1 GB of email, so any UID disruption would likely be seriously annoying to them.)
Re: [Dovecot] Want to have some users with Maildir, some with mbox
On 30.1.2010, at 1.39, WJCarpenter wrote: > So, what is the answer for pre-2.0 folks who want to do mbox->Maildir > conversion? I have not yet found a script that claims to preserve UIDs. Is > there one that people use? http://wiki.dovecot.org/Migration/MailFormat shows a bunch of scripts, one of them claims to preserve UIDs.
Re: [Dovecot] Want to have some users with Maildir, some with mbox
BTW. Are you also using a script that preserves IMAP UIDs? Otherwise IMAP clients will re-download all the mail. Does the "convert" plugin preserve the UIDs? The wiki implies that it doesn't, but I thought maybe since it's implemented as a plugin that maybe it does (or that maybe the caution is about converting to/from dovecot and some other server). It doesn't. In v2.0 dsync does. In v2.0 convert plugin has been removed. So, what is the answer for pre-2.0 folks who want to do mbox->Maildir conversion? I have not yet found a script that claims to preserve UIDs. Is there one that people use?
Re: [Dovecot] Want to have some users with Maildir, some with mbox
On 30.1.2010, at 0.26, WJCarpenter wrote: > >> BTW. Are you also using a script that preserves IMAP UIDs? Otherwise IMAP >> clients will re-download all the mail. > > Does the "convert" plugin preserve the UIDs? The wiki implies that it > doesn't, but I thought maybe since it's implemented as a plugin that maybe it > does (or that maybe the caution is about converting to/from dovecot and some > other server). It doesn't. In v2.0 dsync does. In v2.0 convert plugin has been removed.
Re: [Dovecot] Want to have some users with Maildir, some with mbox
BTW. Are you also using a script that preserves IMAP UIDs? Otherwise IMAP clients will re-download all the mail. Does the "convert" plugin preserve the UIDs? The wiki implies that it doesn't, but I thought maybe since it's implemented as a plugin that maybe it does (or that maybe the caution is about converting to/from dovecot and some other server).
Re: [Dovecot] Not understanding namespaces
On Fri, 2010-01-29 at 16:18 -0500, Stewart Dean wrote: > > Timo Sirainen wrote: > > Maybe your main confusion comes from Thunderbird's settings. It has almost > > nothing to do with Dovecot's namespaces. > Golly! > > > The namespace configuration in TB is mostly a workaround for some servers. > > > > I guess you've read http://wiki.dovecot.org/Namespaces? > > > Again and again until I have a flat spot on my forehead from banging my > head against the wall. What's there is perfectly understandable as far > as it goes, but I'm having trouble with the larger context, things like: > - How does a user (or client automagic) select or access among multiple > namespaces? Typically clients are stupid and they don't understand namespaces at all. So Dovecot's namespaces are made to be pretty much transparent to clients. So for example if you had namespaces: 1) prefix = "" 2) prefix = "foo/" 3) prefix = "bar/" All all of them had list=yes, then the mailboxes in 2) namespace would simply show up as children of "foo" mailbox. And 3) namespace would show up as children of "bar". Client wouldn't even know that they're in different namespaces. > - Can they select more than one namespace, can they select from a > hierachy, ex, could I have a mbox namespace first and if it's not found, > fall down the hierarchy to a Maildir namespace In theory, yes, but in practice you shouldn't think of it that way. Just think of namespaces as a way to tell Dovecot to access mails from more than one location. Or in migration cases maybe to create aliases to other namespaces for clients with "bad" namespace settings. Also in any case INBOX must always point to a single mailbox in a single namespace. There can be only one namespace in dovecot.conf with inbox=yes. signature.asc Description: This is a digitally signed message part
Re: [Dovecot] Dovecot SSL issues
Quoting Tom Hendrikx : * Trying protocol imap/ssl, Port 993: If you use imap/ssl/novalidate-cert it will ignore the mismatch. From what I understand, it doesn't like the certificate. The cerificate is fine, just a hostname mismatch as Tom Hendrikx said. This error is harmless, but you could setup dovecot to listen for both ssl and non-ssl connections, and setup your webmail to use the non-ssl connection: ssl over localhost is probably a waste of cpu cycles. True. Or add /novalidate-cert, which would remove the error, but still consume the cycles. The novalidate-cert would also ignore any self-signed certificate warnings... -- Eric Rostetter The Department of Physics The University of Texas at Austin Go Longhorns!
Re: [Dovecot] Want to have some users with Maildir, some with mbox
On Fri, 2010-01-29 at 16:04 -0500, Stewart Dean wrote: > Questions: > 1) What does explicitly specifying MAIL this way override? The > dovecot.conf mail_location variable? Yes. > 2) My mail_location var is defined as: > > mail_location: mbox:~/mail:INBOX=/var/spool/mail/%u:INDEX=/var/dcindx/%u > > and my prospective maildir INBOX and mail folder root is to be > ~/Maildir. So would I change the above to: Yes. > > if [ -d $HOME/Maildir ]; then > > export MAIL=maildir:$HOME/Maildir:INDEX=/var/dcindx/$USER > > else > > export MAIL=mbox:$HOME/mail:INBOX=/var/spool/mail/$USER: > > INDEX=/var/dcindx/$USER > > fi Although the "else" part is unnecessary, since it's the default anyway. > Question 3: When converting existing users from mbox to maildir, should > I delete the index contents? They'll be created into different directories. mbox is in .imap/ dirs, while Maildir doesn't use it. So you can delete the .imap/ dirs afterwards from wasting space. BTW. Are you also using a script that preserves IMAP UIDs? Otherwise IMAP clients will re-download all the mail. signature.asc Description: This is a digitally signed message part
Re: [Dovecot] Not understanding namespaces
Timo Sirainen wrote: Maybe your main confusion comes from Thunderbird's settings. It has almost nothing to do with Dovecot's namespaces. Golly! The namespace configuration in TB is mostly a workaround for some servers. I guess you've read http://wiki.dovecot.org/Namespaces? Again and again until I have a flat spot on my forehead from banging my head against the wall. What's there is perfectly understandable as far as it goes, but I'm having trouble with the larger context, things like: - How does a user (or client automagic) select or access among multiple namespaces? - Can they select more than one namespace, can they select from a hierachy, ex, could I have a mbox namespace first and if it's not found, fall down the hierarchy to a Maildir namespace -- Users have been complaining that their password is broken, so... We now offer Grade 5 & 10 Industrial Strength passwords of high-tensile strength alloy steel and titanium.. -- Stewart Dean, Unix System Admin, Bard College, New York 12504 sd...@bard.edu voice: 845-758-7475, fax: 845-758-7035
[Dovecot] Want to have some users with Maildir, some with mbox
Want to have some users with Maildir, some with mbox, as I migrate from mbox format to maildir over the space of a month. After everyone is converted to maildir, I'll change the mail_location in dovecot.conf. During the interim, can I use the Custom mailbox location script (at the bottom of the Mail Location DC Wiki page)? if [ -d $HOME/.maildir ]; then export MAIL=maildir:$HOME/.maildir else export MAIL=mbox:$HOME/mail:INBOX=/var/mail/$USER fi Questions: 1) What does explicitly specifying MAIL this way override? The dovecot.conf mail_location variable? 2) My mail_location var is defined as: mail_location: mbox:~/mail:INBOX=/var/spool/mail/%u:INDEX=/var/dcindx/%u and my prospective maildir INBOX and mail folder root is to be ~/Maildir. So would I change the above to: if [ -d $HOME/Maildir ]; then export MAIL=maildir:$HOME/Maildir:INDEX=/var/dcindx/$USER else export MAIL=mbox:$HOME/mail:INBOX=/var/spool/mail/$USER: INDEX=/var/dcindx/$USER fi Question 3: When converting existing users from mbox to maildir, should I delete the index contents? Thanks in advance! dovecot -n output # 1.2.8: /usr/local/etc/dovecot.conf # OS: AIX 3 0001378F4C00 listen: *:143 ssl_listen: *:993 disable_plaintext_auth: no verbose_ssl: yes login_dir: /var/run/dovecot/login login_executable: /usr/local/libexec/dovecot/imap-login login_processes_count: 12 login_max_processes_count: 774 max_mail_processes: 1280 mail_max_userip_connections: 12 verbose_proctitle: yes first_valid_uid: 200 mail_location: mbox:~/mail:INBOX=/var/spool/mail/%u:INDEX=/var/dcindx/%u mbox_write_locks: fcntl mbox_dirty_syncs: no lda: postmaster_address: postmas...@example.com auth default: passdb: driver: pam userdb: driver: passwd -- Once upon a time, the Internet was a friendly, neighbors-helping-neighbors small town, and no one locked their doors. Now it's like an apartment in Bed-Stuy: you need three heavy duty pick-proof locks, one of those braces that goes from the lock to the floor, and bars on the windows Stewart Dean, Unix System Admin, Bard College, New York 12504 sd...@bard.edu voice: 845-758-7475, fax: 845-758-7035
Re: [Dovecot] Not understanding namespaces
On 29.1.2010, at 22.25, Stewart Dean wrote: > - Is it that you can define multiple namespaces in dovecot.conf and then > specify which of these you use in the TBird server settings? > - What is the syntax of the TBird namespace specification? Maybe your main confusion comes from Thunderbird's settings. It has almost nothing to do with Dovecot's namespaces. The namespace configuration in TB is mostly a workaround for some servers. I guess you've read http://wiki.dovecot.org/Namespaces?
[Dovecot] Not understanding namespaces
I have been diligently reading about namespace in the DC doc and what I can find in Google. Like the blind men and the elephant, I see the nature of some individual bits of namespace, some syntax and the overall purpose (overriding defaults and providing extensions), but I don't see the whole thing and how it is used. I am looking to do some maildir testing in what is a mbox default system, so I thought to employ namespace to do so. I see that namespace(s) can be defined in dovecot.conf and I see that it can be defined in TBird (under ServerSettings, Advanced Account Settings), but it isn't clear to me how they are made to work together. Some questions: - Is it that you can define multiple namespaces in dovecot.conf and then specify which of these you use in the TBird server settings? - What is the syntax of the TBird namespace specification? -- Once upon a time, the Internet was a friendly, neighbors-helping-neighbors small town, and no one locked their doors. Now it's like an apartment in Bed-Stuy: you need three heavy duty pick-proof locks, one of those braces that goes from the lock to the floor, and bars on the windows Stewart Dean, Unix System Admin, Bard College, New York 12504 sd...@bard.edu voice: 845-758-7475, fax: 845-758-7035
Re: [Dovecot] sieve script
Lampa wrote: 2010-01-29T19:52:15.876551+01:00 hermes dovecot: deliver(u...@domain.tld): sieve: main_script: line 6: number of redirect actions exceeds policy limit 2010-01-29T19:52:15.881478+01:00 hermes dovecot: deliver(centrumrea...@remax-czech.cz): sieve: execution of script /home/mail/domain.tld/user/.dovecot.sieve failed, but implicit keep was successful plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_max_redirects = 20 sieve_global_path = /home/mail/.dovecot.global.sieve sieve_global_dir = /home/mail/sieve } using dovecot 1.2.9 on debain This feature is first included in Pigeonhole Sieve 0.1.14. You need debian package version > 1:1.2.9-2, which is not yet in testing or backports. Regards, Stephan.
Re: [Dovecot] sieve script
2010-01-29T19:52:15.876551+01:00 hermes dovecot: deliver(u...@domain.tld): sieve: main_script: line 6: number of redirect actions exceeds policy limit 2010-01-29T19:52:15.881478+01:00 hermes dovecot: deliver(centrumrea...@remax-czech.cz): sieve: execution of script /home/mail/domain.tld/user/.dovecot.sieve failed, but implicit keep was successful plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_max_redirects = 20 sieve_global_path = /home/mail/.dovecot.global.sieve sieve_global_dir = /home/mail/sieve } using dovecot 1.2.9 on debain 2010/1/29 Stephan Bosch : > Lampa wrote: >> >> Hello, >> >> after qmail migration need convert some .procmailrc scripts. Found >> converter procmail -> sieve, but i'm not sure of quality of >> conversion. >> >> My script: >> --- >> if header :contains "from" ["u...@domain1.tld", "us...@domain2.tld", >> "us...@domain3.tld"] { >> redirect "f...@bar.tld"; >> redirect "f...@bar.tld"; >> >> redirect "fo...@bar.tld"; >> } else { >> keep; >> } >> --- >> >> Converter script: >> --- >> require ["fileinto","regex","envelope","vacation"]; >> >> if envelope :comparator "i;octet" :contains >> "From.*(u...@domain1.tld|us...@domain2.tld|us...@domain3.tld)" "" { >> redirect "f...@bar.tld f...@bar.tld fo...@bar.tld"; >> } >> >> if true { >> fileinto "$DEFAULT"; >> } > > This not Sieve. There is no envelope part "From.*(... " and redirect only > accepts one address. > >> --- >> >> Converter script is cannot be compiled. But it used other style envelope. >> > The converter's script does not make much sense, although I can see what it > is trying to do. > >> So what is difference between envelope and header ? > > The header test matches against headers of the message itself. The envelope > test matches against the SMTP envelope. > >> And there are some limits for redirect ? > > Check the 'Configurable Limits' section of the INSTALL file (wiki needs to > be updated): > > http://hg.rename-it.nl/dovecot-1.2-sieve/file/0.1.15/INSTALL > > So, you can configure sieve_max_redirects according to your needs. > > Regards, > > Stephan. > -- Lampa
Re: [Dovecot] dovecot auth feature request
On January 29, 2010 7:11:59 PM +0200 Timo Sirainen wrote: On Fri, 2010-01-29 at 12:01 -0500, Frank Cusack wrote: when i try to run dovecot for SASL support only, with literally just this configuration: protocols = none ssl = no I suppose you didn't mean to include "ssl=no" above? yes, sorry. that is the working config. I guess the reason I'm telling you this is because I don't really want to add something to v1.2 that'll just go away in v2.0. pretty trivial to just include that line in the config so no worries. -frank
Re: [Dovecot] mdbox, dsync
On Jan 29, 2010, at 11:59 AM, Frank Cusack wrote: Anyway, let's hope it doesn't now corru. d...@...x>. LOST CARRIER huh? soda -> keyboard -- Dave McGuire Port Charlotte, FL
Re: [Dovecot] dovecot auth feature request
On Fri, 2010-01-29 at 12:01 -0500, Frank Cusack wrote: > when i try to run dovecot for SASL support only, with literally just > this configuration: > > protocols = none > ssl = no I suppose you didn't mean to include "ssl=no" above? > Error: ssl_cert_file: Can't use /etc/ssl/certs/dovecot.pem: No such file or > directory > > Since, in this configuration, SSL doesn't have meaning, dovecot shouldn't > be looking for any cert file. Easily fixed with "ssl = no" but that > shouldn't be required. This is actually even worse currently in v2.0, because I haven't figured out a way to solve it nicely. There you can have: ssl = no ssl_cert = signature.asc Description: This is a digitally signed message part
Re: [Dovecot] mdbox, dsync
On Fri, 2010-01-29 at 11:59 -0500, Frank Cusack wrote: > On January 29, 2010 6:53:10 PM +0200 Timo Sirainen wrote: > > Anyway, let's hope it doesn't now corru. d...@...x>. > LOST CARRIER I wonder if they even offer Internet over phone lines nowadays in Finland .. :) signature.asc Description: This is a digitally signed message part
[Dovecot] dovecot auth feature request
when i try to run dovecot for SASL support only, with literally just this configuration: protocols = none ssl = no auth default { mechanisms = plain login passdb passwd-file { args = /etc/dovecot/passwd } socket listen { client { path = /var/spool/postfix/private/auth mode = 0660 } } } I get this: Error: ssl_cert_file: Can't use /etc/ssl/certs/dovecot.pem: No such file or directory Since, in this configuration, SSL doesn't have meaning, dovecot shouldn't be looking for any cert file. Easily fixed with "ssl = no" but that shouldn't be required. -frank
Re: [Dovecot] mdbox, dsync
On January 29, 2010 6:53:10 PM +0200 Timo Sirainen wrote: Anyway, let's hope it doesn't now corru. d...@...x>. LOST CARRIER huh?
[Dovecot] mdbox, dsync
I finally migrated my mails from mbox format to mdbox format using dsync: 1. Stop dovecot, wait a few seconds for processes to die 2. dsync convert mdbox:~/mdbox 3. Change mail_location to mdbox:~/mdbox 4. Check that no new mails arrived during conversion (alternatively I could have just run dsync again, but I decided not to test my luck) 5. Start dovecot After fixing a pretty bad bug in dsync and a couple of other unrelated bugs, everything seemed to work correctly and transparently. UIDs and everything was preserved as expected. I think I even feel my mail clients being faster than with mbox :) ~% du --exclude=.imap -bsh mail-old-mbox 707Mmail-old-mbox ~% du -bsh mdbox/* 27M mdbox/mailboxes 704Mmdbox/storage The reason why I'm giving -b is because without it, mdbox was a lot larger than mbox (734 MB vs. 710 MB). I guess this is because zfs internally decided to waste some space for the files. ~/mdbox/storage% ls -lS -rw--- 1 tss tss 13602413 2010-01-29 18:05 m.68 -rw--- 1 tss tss 10487382 2010-01-29 18:06 m.209 -rw--- 1 tss tss 7749964 2010-01-29 18:06 m.270 -rw--- 1 tss tss 7493010 2010-01-29 18:05 m.69 .. -rw--- 1 tss tss 2097246 2010-01-29 18:06 m.175 -rw--- 1 tss tss 2097213 2010-01-29 18:06 m.151 -rw--- 1 tss tss 2097173 2010-01-29 18:06 m.197 -rw--- 1 tss tss 2097163 2010-01-29 18:05 m.89 -rw--- 1 tss tss 1307164 2010-01-29 18:33 m.296 Total of 296 files. The reason why there are a few large files is because their last mail is huge. I guess in future mdbox should try to avoid doing that if it knows the mail's size beforehand. Actually I thought it already tried to do that.. Anyway, let's hope it doesn't now corrupt all my mails. signature.asc Description: This is a digitally signed message part
Re: [Dovecot] Does anyone know a good Dovecot hoster in europe?
On Fri, 2010-01-29 at 11:47 +0100, Johannes wrote: > Since dovecot seems to get a fair amount of funding > from finnish companies I thought there should be a good > hoster among them. Actually it doesn't. It used to get some, but that was years ago. I'm not aware of any European Dovecot hosting providers, except a few ISPs and I'd guess they offer it only to their customers. In US there's Rackspace though. signature.asc Description: This is a digitally signed message part
Re: [Dovecot] maildir on zfs
On January 29, 2010 1:19:33 AM -0500 Charles Sprickman wrote: Anyhow, if I find more places to run ZFS in production and it seems stable enough, I'd like to try getting it running on my big mailserver at some point. Backing up from UFS to ZFS using rsync is fine, but ZFS send/recv looks like a far more interesting backup solution. Not for archival backups though. The zfs send stream is not guaranteed to be compatible with any other version of zfs than the one on the machine that generated it. Meaning if you have an archived send stream from 3 years ago and are trying to restore it onto a newer OS version, it might not work. Of course you can archive the filesystem itself, if you are backing up to disk (that's what I do). Future versions of zfs ARE guaranteed to be able to read older zfs filesystems. But if you are saving the send stream onto tape or DVD or other media like that, as a stream, to restore it you MIGHT need an OS with the same version of zfs on it. zfs has already been through several versions, but I don't know what the compatibility of send streams between the versions are. OK, we're really OT now! :) -frank
Re: [Dovecot] sieve script
Lampa wrote: Hello, after qmail migration need convert some .procmailrc scripts. Found converter procmail -> sieve, but i'm not sure of quality of conversion. My script: --- if header :contains "from" ["u...@domain1.tld", "us...@domain2.tld", "us...@domain3.tld"] { redirect "f...@bar.tld"; redirect "f...@bar.tld"; redirect "fo...@bar.tld"; } else { keep; } --- Converter script: --- require ["fileinto","regex","envelope","vacation"]; if envelope :comparator "i;octet" :contains "From.*(u...@domain1.tld|us...@domain2.tld|us...@domain3.tld)" "" { redirect "f...@bar.tld f...@bar.tld fo...@bar.tld"; } if true { fileinto "$DEFAULT"; } This not Sieve. There is no envelope part "From.*(... " and redirect only accepts one address. --- Converter script is cannot be compiled. But it used other style envelope. The converter's script does not make much sense, although I can see what it is trying to do. So what is difference between envelope and header ? The header test matches against headers of the message itself. The envelope test matches against the SMTP envelope. And there are some limits for redirect ? Check the 'Configurable Limits' section of the INSTALL file (wiki needs to be updated): http://hg.rename-it.nl/dovecot-1.2-sieve/file/0.1.15/INSTALL So, you can configure sieve_max_redirects according to your needs. Regards, Stephan.
Re: [Dovecot] sieve script
2010/1/29 Steffen Kaiser : >> My script: >> --- >> if header :contains "from" ["u...@domain1.tld", "us...@domain2.tld", >> "us...@domain3.tld"] { >> redirect "f...@bar.tld"; >> redirect "f...@bar.tld"; >> >> redirect "fo...@bar.tld"; >> } else { >> keep; >> } > > either add "stop;" after redirects or remove the else branch, because after > the redirects you'll have the implict "keep", as far as I know. Ok, thank you. >> require ["fileinto","regex","envelope","vacation"]; >> >> if envelope :comparator "i;octet" :contains >> "From.*(u...@domain1.tld|us...@domain2.tld|us...@domain3.tld)" "" { > > I would expect: > "From" "(user )" { > > http://ietfreport.isoc.org/rfc/rfc5228.txt > sec 5.4 That is why can't be compiled. >> redirect "f...@bar.tld f...@bar.tld fo...@bar.tld"; > > The RFC uses singular with the "redirect" argument, hence, I suppose, it is > implementor-defined, whether or not the space-delimited recipients will > work. No it's not working: .dovecot: line 3: error: specified redirect address f...@bar.tld f...@bar.tld fo...@bar.tld' is invalid: address ends in invalid characters. .dovecot: error: validation failed. >> if true { >> fileinto "$DEFAULT"; > > There is no $DEFAULT, IMHO. > >> Converter script is cannot be compiled. But it used other style envelope. > > What's the error? line 5: error: specified envelope part 'From.*(u...@domain1.tld|us...@domain2.tld|us...@domain3.tld...' is not supported by the envelope test. Syntax problem. >> So what is difference between envelope and header ? > > "header" compares the values in the mail itself, e.g. "From", "To", but > "Subject", "X-Scanned", too. > "envelope" compares values of the SMTP-phase commands, "From" corresponds to > the "MAIL FROM" SMTP command and "To" to the "Rcpt to" command. The > availability of those envelope information differs among the MTAs, some do > not provide "MAIL FROM" at all, some do provide all "RCPT TO"s, some only > the "RCPT TO" of the particular recipient, some only if there is exactly one > recipient. > > Therefore the RFC states that implemenations SHOULD have "envelope". It is > no requirement. Thank you. -- Lampa
Re: [Dovecot] Master user and proxying
> [ID 583609 > mail.info] auth(default): passdb(pierre,127.0.0.1,master): Master user > logging in as acco...@test.fr*pierre sounds like your proxy tries to login to destination as acco...@test.fr*pierre*pierre . Which of those two sql statements did u use for this log? "'%u*pierre' as destuser" or "'%u' as destuser" ? What does the other setting tell you in the destination log?
Re: [Dovecot] sieve script
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 29 Jan 2010, Lampa wrote: My script: --- if header :contains "from" ["u...@domain1.tld", "us...@domain2.tld", "us...@domain3.tld"] { redirect "f...@bar.tld"; redirect "f...@bar.tld"; redirect "fo...@bar.tld"; } else { keep; } either add "stop;" after redirects or remove the else branch, because after the redirects you'll have the implict "keep", as far as I know. require ["fileinto","regex","envelope","vacation"]; if envelope :comparator "i;octet" :contains "From.*(u...@domain1.tld|us...@domain2.tld|us...@domain3.tld)" "" { I would expect: "From" "(user )" { http://ietfreport.isoc.org/rfc/rfc5228.txt sec 5.4 redirect "f...@bar.tld f...@bar.tld fo...@bar.tld"; The RFC uses singular with the "redirect" argument, hence, I suppose, it is implementor-defined, whether or not the space-delimited recipients will work. if true { fileinto "$DEFAULT"; There is no $DEFAULT, IMHO. Converter script is cannot be compiled. But it used other style envelope. What's the error? So what is difference between envelope and header ? "header" compares the values in the mail itself, e.g. "From", "To", but "Subject", "X-Scanned", too. "envelope" compares values of the SMTP-phase commands, "From" corresponds to the "MAIL FROM" SMTP command and "To" to the "Rcpt to" command. The availability of those envelope information differs among the MTAs, some do not provide "MAIL FROM" at all, some do provide all "RCPT TO"s, some only the "RCPT TO" of the particular recipient, some only if there is exactly one recipient. Therefore the RFC states that implemenations SHOULD have "envelope". It is no requirement. Regards, - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBS2Lx6b+Vh58GPL/cAQL5zwgAwnm7iOhl2rgdnw8a3lVCP0j9nnLW/rKF IJ4GNbgCUyr+fLdixYL8TJt0kxq5pvjdviW/wII96Phqaom0iQi/GCC0fg0aKSqJ SXsDP12nfcgENsg8DgXNBMtPVzSUHMRL04EDB9Jox+P1ulxhsKVholKHVwObdbew BoEt04YmRtvWNJYF1rNM6fDxIV9FeA1w9FMeO6XSsWbY2jHY42NdJAtQibL36DbO KyCDH207Ykzc+GZi0n8jeJGyIC1ZvH+DT0pXVE1jj1gslOjsBKDLrJ+jIJfMDJfZ HEYPXxxkvTR/QQn1OBJKlOGYGO2d67/roqIYbArsIcxr6KRDJ95vNw== =FLGC -END PGP SIGNATURE-
Re: [Dovecot] How do I make dovecot not use sslv2 for pop?
On 29/01/2010 6:56 PM, Timo Sirainen wrote: On 29.1.2010, at 9.23, Andreas Schulze wrote: From: Timo Sirainen Subject: Re: [Dovecot] How do I make dovecot not use sslv2 for pop? Message-ID:<1264724551.22202.139.ca...@hurina> Anyway.. I guess I should do something about this. Not really sure what, though. Timo, you can simply stop supporting SSLv2. Nobody really needs security known to be insecure. Yeah. I'm actually more wondering about SSLv3+TLSv1 vs. TLSv1. Apparently disabling SSLv3 isn't a good idea yet? But still, maybe there should be a configuration option for that.. Or maybe not. The only SSLv3 connections my server is receiving are from a Blackberry server (hosted, not enterprise). I would be quite happy to disable that and insist folk get iPhones instead ... but the bosses may be unhappy. I don't have anything ancient like Outlook Express connecting to me - older versions of that probably have a similar problem to Internet Explorer 6. However should at least cope with SSLv3. Blackberry server is connecting as: "SSLv3 with cipher AES128-SHA (128/128 bits)" (%k in dovecot login_log_format_elements) Rob.
Re: [Dovecot] Anyone successfully setup Continous Backup of mailboxes using rsync ?
On 29.01.2010 08:59, Timo Sirainen wrote: On 29.1.2010, at 7.57, Luigi Rosa wrote: Timo Sirainen said the following on 29/01/10 06:48: The main potential problem with that is that if a message's flag is changed, the filename changes so it's now stored twice in the backup server. So when restoring mails, be sure not to restore duplicates. Using a different dedicated directory for restored messages could lead to the same problem? If you didn't give --delete parameter to rsync, there could be duplicates, yes. Dovecot just logs about them and gives new UIDs to them, so you'll end up having duplicate mails. I suppose some day I should just change it to log a warning, but delete if the files are otherwise identical. Using rsync will have the flags issue and others to be dealt with; lvm (or any other kind) of snapshot and rdiff-backup gives you a consistent snapshot, as well as the option of saving a lot of space and time as only changes gets backed up. As a bonus you can also restore anything to a given point in time, either induvidual messages or whole folders or even the whole mailbox. -A
Re: [Dovecot] Courier-to-Dovecot-migration: Outlook downloads all Mails again
El 29/01/10 07:22, Werner escribió: > >> If so, Outlook 2000 won't download all messages again if we do the migration >> because >> POP3/SMTP-Server remains the same. Can anybody confirm this? > > Hi again, > > Found on the dovecot-Website: > > "Some clients re-download all mails if you change the hostname in the client > configuration. Be aware of this when testing." > > Is this also relevant for Outlook 2000 ? > > Thanks, > Werner > > > Correct. -- Julio C. Ortega Coordinador Técnico y del Equipo de Infraestructura ONUVA | Integración de Sistemas http://www.onuva.com signature.asc Description: OpenPGP digital signature
Re: [Dovecot] Courier-to-Dovecot-migration: Outlook downloads all Mails again
> If so, Outlook 2000 won't download all messages again if we do the migration > because > POP3/SMTP-Server remains the same. Can anybody confirm this? Hi again, Found on the dovecot-Website: "Some clients re-download all mails if you change the hostname in the client configuration. Be aware of this when testing." Is this also relevant for Outlook 2000 ? Thanks, Werner
[Dovecot] Master user and proxying
Hello list, Still need your help configuring proxy infrastructure. Today, I really struggle configuring master passwords forwarding. What I want: master user can connect to any other account, on proxy. Could please somebody help me, I read both articles about this on wiki, but still can't connect :( What I did: on proxy: auth_master_user_separator=* passdb sql { args = /usr/local/dovecot/etc/dovecot-master.conf master = yes pass = yes } -- dovecot-master.conf: (...) default_pass_scheme = CRYPT password_query = SELECT password FROM master_users WHERE username= '%u' AND status = 'ok' -- on destination server: auth_master_user_separator=* passdb sql { args = /usr/local/etc/dovecot-master.conf master = yes pass = yes } default_pass_scheme = CRYPT password_query = SELECT password FROM master_users WHERE username= '%u' AND status = 'ok' I also tried on proxy: password_query = SELECT NULL AS password, host, 'Y' AS nologin, 'Y' AS nodelay, 'Y' AS nopassword, 'Y' AS proxy,'%u' as user ,'%u*pierre' as destuser, '123' as pass FROM proxy WHERE domain = '%d' instead of password_query = SELECT NULL AS password, host, 'Y' AS nologin, 'Y' AS nodelay, 'Y' AS nopassword, 'Y' AS proxy,'%u' as user FROM proxy WHERE domain = '%d' it did not work :( LOGS: on destination server: [ID 583609 mail.info] auth(default): cache(pierre,127.0.0.1,master): expired [ID 583609 mail.info] auth-worker(default): sql(pierre,127.0.0.1): query: SELECT password FROM master_users WHERE username= 'pierre' AND status = 'ok' [ID 583609 mail.info] auth(default): passdb(pierre,127.0.0.1,master): Master user logging in as acco...@test.fr*pierre [ID 583609 mail.info] auth(default): cache(acco...@test.fr*pierre,127.0.0.1): miss [ID 583609 mail.info] auth-worker(default): sql(acco...@test.fr*pierre,127.0.0.1): query: SELECT CONCAT(pw_name, '@', pw_domain) AS user, pw_passwd AS password FROM vpopmail WHERE pw_name = 'julien' AND pw_domain = 'demarey.fr*pierre' [ID 583609 mail.info] auth-worker(default): sql(acco...@test.fr*pierre,127.0.0.1): unknown user [ID 583609 mail.info] auth(default): new auth connection: pid=8162 [ID 583609 mail.info] auth(default): client out: FAIL 1 user=acco...@test.fr*pierre authz on proxy: auth(default): client in: AUTH 2 PLAIN service=imap secured lip=127.0.0.1 rip=127.0.0.1 lport=143 rport=39978 resp= auth(default): cache(pierre,127.0.0.1,master): hit: user=pierre auth(default): passdb(pierre,127.0.0.1,master): Master user logging in as acco...@test.fr auth(default): cache(acco...@test.fr,127.0.0.1): miss auth-worker(default): sql(acco...@test.fr,127.0.0.1): query: SELECT NULL AS password, host, 'Y' AS nologin, 'Y' AS nodelay, 'Y' AS nopassword, 'Y' AS proxy,'acco...@test.fr' as user ,'acco...@test.fr*pierre' as destuser, '123' as pass FROM proxy WHERE domain = 'demarey.fr' auth(default): client out: OK 2 user=acco...@test.fr host=10.0.44.20 nologin proxy destuser=acco...@test.fr*pierre pass= master=pierre imap-login: proxy(acco...@test.fr): Login failed to 10.0.44.20:143/acco...@test.fr*pierre (master pierre): [AUTHORIZATIONFAILED] Authorization failed [ID 583609 mail.info] imap-login: Disconnected (auth failed, 1 attempts): user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured both use dovecot version 1.2.9
Re: [Dovecot] Dovecot SSL issues
Spyros Tsiolis wrote: > * Trying protocol imap/ssl, Port 993: > > ERROR - The server returned the following error message: > > SECURITY PROBLEM: insecure server advertised AUTH=PLAINCertificate > failure for localhost: self signed certificate: > /C=GR/ST=Kerkyra/L=Kerkyra/O=The Company Name/OU=IMAP > > server/CN=webmail.thecompanyname.gr/emailaddress=postmas...@webmail.thecompanyname.gr > > From what I understand, it doesn't like the certificate. > However, I've followed a howto document step-by-step and did what > is documented. The webmail connects to server 'localhost', but the SSL certificate that is presented, does not contain hostname 'localhost', but 'webmail.thecompanyname.gr'. This error is harmless, but you could setup dovecot to listen for both ssl and non-ssl connections, and setup your webmail to use the non-ssl connection: ssl over localhost is probably a waste of cpu cycles. > Now, if I click on "Get Mail" button on top of the TB window, I get a > pop-up window with the following message : > > -- > Server : > Location : :993 > Certificate Status : > This site attempts to identify itself with invalid information. > > Wrong Site : > Certificate belongs to a different site, which could indicate an > identity theft. This is the same issue as above: you instruct the client to connect to host '1.2.3.4', but the SSL certificate does not contain '1.2.3.4', but 'webmail.thecompanyname.gr'. TB tells you about this. The name in the certificate (CN) must match the hostname that is used to connect to by the client. When you tell your client to connect to 'imap.thecompanyname.gr', use a certificate that contains 'imap.thecompanyname.gr' as the CN. > > Unknown Identity : > Certificate is not trusted, because it hasn't been verified by a > recognized authority. > -- You use a self-segned certificate, and not one that is bought from a 'trusted' certificate authority. > -- > You cannot log in to because you have enabled > secure authentication and this serer does not support it. > To log in, turn off secure authentication for this account. > -- Try to unset "CHECK_ON : Use secure authentication" in thunderbird. This has no use since you are already sending your password over ssl. -- Regards, Tom
[Dovecot] sieve script
Hello, after qmail migration need convert some .procmailrc scripts. Found converter procmail -> sieve, but i'm not sure of quality of conversion. My script: --- if header :contains "from" ["u...@domain1.tld", "us...@domain2.tld", "us...@domain3.tld"] { redirect "f...@bar.tld"; redirect "f...@bar.tld"; redirect "fo...@bar.tld"; } else { keep; } --- Converter script: --- require ["fileinto","regex","envelope","vacation"]; if envelope :comparator "i;octet" :contains "From.*(u...@domain1.tld|us...@domain2.tld|us...@domain3.tld)" "" { redirect "f...@bar.tld f...@bar.tld fo...@bar.tld"; } if true { fileinto "$DEFAULT"; } --- Converter script is cannot be compiled. But it used other style envelope. So what is difference between envelope and header ? And there are some limits for redirect ? Thank you. -- Lampa
[Dovecot] Dovecot SSL issues
Hello all, successfully managed to make dovecot work with horde (http://www.horde.org) and another MTA (SMTP/POP3). I have this nagging issue with dovecot though (I suspect - it's dovecot and not the rest of the packages, please read on): There is this special page one goes, that check if everything is ok with all the relevant software running along Horde. It's a php file called "test.php". Now, this file shows almost everything that happens in the box. Here's a transcript of what shows when it comes to dovecot and SSL : --- * Trying protocol imap/ssl, Port 993: ERROR - The server returned the following error message: SECURITY PROBLEM: insecure server advertised AUTH=PLAINCertificate failure for localhost: self signed certificate: /C=GR/ST=Kerkyra/L=Kerkyra/O=The Company Name/OU=IMAP server/CN=webmail.thecompanyname.gr/emailaddress=postmas...@webmail.thecompanyname.gr --- From what I understand, it doesn't like the certificate. However, I've followed a howto document step-by-step and did what is documented. Does anyone have any pointers on how to make secure imap for dovecot ? E.G. on ThunderBird, the settings are the following : Tools -> Account Settings -> Server Settings : Server Name : (the server or its ip address) Username : (the username) Port : (I've manually entered "993", because by default goes to "143") Security Settings -> Connection Security : SSL/TLS (again manually entered) CHECK_ON : Use secure authentication Now, if I click on "Get Mail" button on top of the TB window, I get a pop-up window with the following message : -- Server : Location : :993 Certificate Status : This site attempts to identify itself with invalid information. Wrong Site : Certificate belongs to a different site, which could indicate an identity theft. Unknown Identity : Certificate is not trusted, because it hasn't been verified by a recognized authority. -- After that, the users accepts the above by pressing ok twice. However, there's a third pop-up window with a message shown below : -- You cannot log in to because you have enabled secure authentication and this serer does not support it. To log in, turn off secure authentication for this account. -- Any help would be appreciated.. Thank you all for your patience, S. Tsiolis
[Dovecot] Courier-to-Dovecot-migration: Outlook downloads all Mails again
Hi everybody, I'm currently playing through the migration from Courier to dovecot. I've converted the User's Maildir with 'courier-dovecot-migrate.pl'. Outlook 2003 is configured to access the Mailbox via POP3, the option "Leave a copy of messages on the server" is activated. But: after the migration Outlook 2000 redownloads all mails again :-( Could it be, that Outlook 2000 "thinks" (after changing the POP3/SMTP-Server in the Outlook configuration pointing to my testsystem) this is a new system and starts to download the messages again? If so, Outlook 2000 won't download all messages again if we do the migration because POP3/SMTP-Server remains the same. Can anybody confirm this? We do not experience this issue with Thunderbird for example. Thank you, Werner
[Dovecot] Does anyone know a good Dovecot hoster in europe?
Hi, though I am not sure this is the right place to ask, but I just try. I am looking for a better e-mail hoster providing me with a dovecot server (I don't want to do all the admin stuff and backup myself, if possible). I already googled a bit, searched the archives and had a look at dovecot.org but could not find an answer to this question. Since dovecot seems to get a fair amount of funding from finnish companies I thought there should be a good hoster among them. Any hints? Thanks Johannes
Re: [Dovecot] Anyone successfully setup Continous Backup of mailboxes using rsync ?
I tried the "--fuzzy --delete-after" options. It works fine when the files are renamed. But the prob is that when a mail is deleted it gets deleted from the backup server as well. Is there a way to prevent deletion when using these options? Thanks CoolAtt > To: dovecot@dovecot.org > From: s...@dod.no > Date: Fri, 29 Jan 2010 08:58:27 +0100 > Subject: Re: [Dovecot] Anyone successfully setup Continous Backup of > mailboxes using rsync ? > > > Timo Sirainen : > > > The main potential problem with that is that if a message's flag is > > changed, the filename changes so it's now stored twice in the backup > > server. So when restoring mails, be sure not to restore duplicates. > > I use the --fuzzy flag to handle the renaming issue. Here's my crontab > entry on the machine holding the backup: > 0 * * * * rsync --archive --fuzzy --delete-after imapserver:Maildir . > > As you can see I only sync once an hour. I don't have enough email > traffic to justify doing it continously. > > The --delete-after is so rsync won't delete files that have been removed > on the source, before figuring out that a file has been renamed and not > been deleted. > > _ Hotmail: Trusted email with Microsoft’s powerful SPAM protection. https://signup.live.com/signup.aspx?id=60969
Re: [Dovecot] Anyone successfully setup Continous Backup of mailboxes using rsync ?
For email email am having the email duplication issue when am doing the backup. Am having multiple copies of a mail file on the backup server. Does it mean that if I use "--fuzzy --delete-after" only the most recent mailfile will be on the backup server ?? e.g On LIVE server : my-file:2,S On BACKUP server : my-file:2,S + my-file:2, + my-file:2,SF "my-file:2,S" is the current file. So on the backup only "my-file:2,S" must exist. Will it solve the prob ?? > To: dovecot@dovecot.org > From: s...@dod.no > Date: Fri, 29 Jan 2010 08:58:27 +0100 > Subject: Re: [Dovecot] Anyone successfully setup Continous Backup of > mailboxes using rsync ? > > > Timo Sirainen : > > > The main potential problem with that is that if a message's flag is > > changed, the filename changes so it's now stored twice in the backup > > server. So when restoring mails, be sure not to restore duplicates. > > I use the --fuzzy flag to handle the renaming issue. Here's my crontab > entry on the machine holding the backup: > 0 * * * * rsync --archive --fuzzy --delete-after imapserver:Maildir . > > As you can see I only sync once an hour. I don't have enough email > traffic to justify doing it continously. > > The --delete-after is so rsync won't delete files that have been removed > on the source, before figuring out that a file has been renamed and not > been deleted. > > _ Hotmail: Powerful Free email with security by Microsoft. https://signup.live.com/signup.aspx?id=60969
Re: [Dovecot] Anyone successfully setup Continous Backup of mailboxes using rsync ?
On Fri, Jan 29, 2010 at 10:21:39AM +0500, CoolAtt NNA wrote: > > > Hi Alex, > > I mirror the mailboxes as follows: > > rsync -avt --log-file=$log_file /home/vmail/ 10.0.0.x:/home/vmail > I run it in a script for e,g every 1 min. If running this from cron every minute, make sure to use a lockfile or something to make sure you don't end up with multiple rsync jobs running at the same time... Geert -- Geert Hendrickx -=- g...@telenet.be -=- PGP: 0xC4BB9E9F This e-mail was composed using 100% recycled spam messages!
Re: [Dovecot] Anyone successfully setup Continous Backup of mailboxes using rsync ?
> Timo Sirainen : > The main potential problem with that is that if a message's flag is > changed, the filename changes so it's now stored twice in the backup > server. So when restoring mails, be sure not to restore duplicates. I use the --fuzzy flag to handle the renaming issue. Here's my crontab entry on the machine holding the backup: 0 * * * * rsync --archive --fuzzy --delete-after imapserver:Maildir . As you can see I only sync once an hour. I don't have enough email traffic to justify doing it continously. The --delete-after is so rsync won't delete files that have been removed on the source, before figuring out that a file has been renamed and not been deleted.