[Dovecot] v2.0.beta4: Couldn't drop privileges: Unknown mail_privileged_group

[Thomas Leuxner]

Hi,

latest HG throws this error:

May  8 06:42:33 spectre dovecot: master: Dovecot v2.0.beta4 (0a35407e6ff4) 
starting up

May  8 06:48:01 spectre dovecot: imap(al...@domain.tld): Error: user 
al...@domain.tld: Couldn't drop privileges: Unknown mail_privileged_group: 5000
May  8 06:48:01 spectre dovecot: imap(al...@domain.tld): Error: Internal error 
occurred. Refer to server log for more information.

Regards
Thomas

Re: [Dovecot] Thunderbird very slow startup, 1.2.11, mbox, postfix local delivery to /var/mail

[Charles Marcus]

On 5/7/2010 5:55 PM, Stan Hoeppner wrote:

According to this page found via Google it's disabled by default:
https://wiki.mozilla.org/Thunderbird:Using_Gloda

The page last update is listed as 7 March 2009.  I'm not sure which version
was current at that time.  But obviously it was disabled by default at one
point.  That may have changed.  I didn't see it in the 3.0.4 release notes.
  I may have manually enabled it long ago, not realizing the possible
repercussions, and then forgot I enabled it.  Like I said, I don't think I
did, but it's possible.


Nope - it is definitely enabled by default - that page is outdated/wrong.

Believe me - there were a lot of complaints about it, mine especially.

Re: [Dovecot] Questions, Issues with 2.0

[Kelsey Cummings]

On Mon, May 03, 2010 at 05:33:12PM -0700, Kelsey Cummings wrote:
> But I'm still curious for any tips or pointers on the other issue
> w/regards adding an exterior maildir into a user's namespace.

Anyone?  (I'll freely admit to missing something obvious...)

I'd rather not accomplish this with symlinks although that wouldn't be a
horrible solution if it was the only easy option.

-- 
Kelsey Cummings - k...@corp.sonic.net  sonic.net, inc.
System Architect  2260 Apollo Way
707.522.1000  Santa Rosa, CA 95407

[Dovecot] sshfs and outlok express imap directory problem.

[ringo tr]

I mountedvpopmail/domains in sshfs.

r...@192.168.239.205:/mnt/disk-b/domains on /mnt/domains type fuse.sshfs 
(rw,nos  uid,nodev,max_read=65536,allow_other)

I used qmail+dovecot+vpopmail+mysql dovecot-2.0.beta4.
I mounted sshfs with vpopmail/domains directory.

my /usr/local/etc/dovecot/conf.d/mail.conf  file 

mmap_disable = yes
dotlock_use_excl = yes
mail_nfs_storage = yes
mail_nfs_index = yes
lock_method = fcntl
first_valid_uid = 89
first_valid_gid = 89

-
Outlook Express with sending mail and receving mail success but mail drop imap 
folder change problem.

cbumail1:~# ls -al /home/vpopmail/domains/yvz.cbu.edu.tr/yavuz/Maildir/
total 72
drwx-- 1 vpopmail vchkpw  4096 2010-05-08 01:00 .
drwx-- 1 vpopmail vchkpw  4096 2010-04-27 21:22 ..
drwx-- 1 vpopmail vchkpw  4096 2010-05-08 01:00 cur
-rw--- 1 vpopmail vchkpw 18432 2010-05-08 01:00 dovecot.index.cache
-rw--- 1 vpopmail vchkpw   968 2010-05-08 01:00 dovecot.index.log
-rw--- 1 vpopmail vchkpw96 2010-05-07 18:20 dovecot.mailbox.log
-rw--- 1 vpopmail vchkpw   328 2010-05-08 01:00 dovecot-uidlist
-rw--- 1 vpopmail vchkpw 8 2010-05-07 22:44 dovecot-uidvalidity
-r--r--r-- 1 vpopmail vchkpw 0 2010-05-07 18:20 dovecot-uidvalidity.4be42fa9
drwx-- 1 vpopmail vchkpw  4096 2010-05-08 01:09 .G&APY-nderilmi&AV8- 
&ANYBHw-eler
drwx-- 1 vpopmail vchkpw  4096 2010-05-08 01:00 new
-rw--- 1 vpopmail vchkpw54 2010-05-07 18:20 subscriptions
drwx-- 1 vpopmail vchkpw  4096 2010-05-07 22:44 .Taslaklar
drwxrwxrwx 1 vpopmail vchkpw  4096 2010-05-08 01:00 tmp
drwx-- 1 vpopmail vchkpw  4096 2010-05-07 22:44 .zako

Outlook Express mail mouse moving drag/drop process and fault message :

SERVERBUG] Internal error occurred. Refer to server log for more information. 
[2010-05-08 01:25:57]

and  /var/log/mail.err output.

May  8 01:25:57 cbumail1 dovecot: imap(ya...@yvz.cbu.edu.tr): 
link(/home/vpopmail/domains/yvz.cbu.edu.tr/yavuz/Maildir/cur/1273050327.14629.cbumail1,S=1385:2,S,
 
/home/vpopmail/domains/yvz.cbu.edu.tr/yavuz/Maildir/.zako/tmp/1273050327.14629.cbumail1,S=1385)
 failed: Function not implemented


please help ?






  
_
Windows Live Hotmail: Arkadaşlarınız Facebook'taki güncellemelerinizi doğrudan 
Hotmail®'den alır.
http://www.microsoft.com/windows/windowslive/see-it-in-action/social-network-basics.aspx?ocid=PID23461::T:WLMTAGL:ON:WL:tr-tr:SI_SB_4:092009

Re: [Dovecot] Thunderbird very slow startup, 1.2.11, mbox, postfix local delivery to /var/mail

[Stan Hoeppner]

Charles Marcus put forth on 5/7/2010 2:32 PM:
> On 2010-05-07 2:55 PM, Stan Hoeppner wrote:
>> I did quite a bit more searching, and though I found nothing
>> specifically linking GLODA to my issues, I disabled it, along with
>> some likely minor other things.  For some reason it was enabled by
>> default on my system even though the mozilla docs say it comes
>> disabled by default.
> 
> Not sure where you read that, but as far as I know, it has always been
> enabled by default. In fact there are a couple of bugs about this that
> I've been very vocal on complaining about this dumb decision of theirs.
> 
> Enabling GLODA, forcing all IMAP folders to offline mode (I have 16+
> IMAP accounts, and I was *furious* when I learned they stomped on all of
> my settings like that) *and* enabling Sync all messages for *all* IMAP
> accounts by default were extraordinarily arrogant and dumb decisions, in
> my opinion (and I had no qualms with telling them so).
> 
> As far as I know, they have not changed this in any of the 3.0.x builds,
> and said as much in the open bugs...

According to this page found via Google it's disabled by default:
https://wiki.mozilla.org/Thunderbird:Using_Gloda

The page last update is listed as 7 March 2009.  I'm not sure which version
was current at that time.  But obviously it was disabled by default at one
point.  That may have changed.  I didn't see it in the 3.0.4 release notes.
 I may have manually enabled it long ago, not realizing the possible
repercussions, and then forgot I enabled it.  Like I said, I don't think I
did, but it's possible.

-- 
Stan

Re: [Dovecot] wrong config file?

[Dennis Guhl]

On Fri, May 07, 2010 at 12:34:11PM -0400, Phil Howard wrote:
> On Fri, May 7, 2010 at 11:43, Dennis Guhl  wrote:
> 
> > Ubuntu is using dovecot-postfix.conf as the working config file if you
> > install the package 'dovecot-postfix' from the Ubuntu server team. But
> > if you install the seperate packages 'dovecot-[common|imapd|pop3d]'
> > dovecot.conf will be used.
> >
> 
> This is what I have installed:

[..]

> So, dovecot-postfix is intended as an alternative for all the others?

I don't use Ubuntu, but Debian. I think dovecot-postfix might be a
pseudo-package to omit installing all single packages but one which
'contains' everything.

> > And it might be, that your master.cf does not call dovecot deliver
> > with '-c /etc/dovecot/dovecot-postfix.conf' as part of argv=.
> >
> 
> Thanks, I'll have to check that, too.  I did not know it also needed to be
> in master.cf.  I have a reference in main.cf but it doesn't have args.
> 
> smtpd_sasl_type = dovecot
> smtpd_sasl_path = private/dovecot-auth
> mailbox_command = /usr/lib/dovecot/deliver

You can also give the full command here instead a transport name
defined in the master.cf. And you append all parameters directly
behind the command.

Also have a look here:
http://www.postfix.org/postconf.5.html#mailbox_command

Dennis

Re: [Dovecot] CRYPT scheme and 8 character limit

[Phil Howard]

On Fri, May 7, 2010 at 15:11, Pascal Volk <
user+dove...@localhost.localdomain.org
> wrote:

> On 05/07/2010 08:16 PM Phil Howard wrote:
> > I've decided that having users supply cleartext passwords for me to
> encrypt
> > and encode is a bad idea, anyway.  So maybe I won't need dovecotpw.  The
> > idea is that users supply an already-encrypted password.  Most of the
> users
> > can fetch their login password from /etc/shadow on their own computer.
> >
> > Wiki page http://wiki.dovecot.org/Authentication/PasswordSchemesindicates
> > that scheme name CRYPT is the one that uses the libc crypt() function.
>  But
> > it also says it uses no more than 8 characters.  Then there is MD5-CRYPT.
> > But that doesn't call crypt(), I presume.  No limit on password size is
> > indicated.  But this at least looks like SOME of the encrypted passwords
> I
> > have.
> >
> > Other passwords I have have ids indicating SHA-256 and SHA-512.  Here is
> an
> > example from /etc/shadow that encrypted the clear password
> > "dovecotandpostfix" (in case it is necessary to test it):
> >
> >
> $6$IwZzpjjj$p1VrkxQmgmTED8iQnQrV3sVEZpBmw2N8oD1ykOguXB5tf8aahICesX0TF6.VMThIW2QFs1buHjT3eDtnaAFhF1
> >
> > The big question is, what scheme name should I use for these passwords?
>  I
> > can, of course, consider the id (6 in the above example, suggesting
> SHA-512)
> > if there is one (so far all are like this).  But the other consideration
> is
> > most of the passwords are longer than 8, some longer than 12, characters.
> > So apparently CRYPT can't be used in those cases (so I can't have the
> > automatic identification of crypt() to detect the scheme).
> >
> > What scheme would I use for the various passwords?  What scheme would be
> > used for the above example for starters?  What if the id is 5 or 1 (the
> ones
> > documented for the crypt() call)?
> >
>
> {CRYPT}, for SHA-256 and SHA-512. If your {,g}libc supports it, Dovecot
> can use it.
>

OK, I looked in the source code and I cannot find any 8 character limit.  So
I'm now guessing that the documentation was really referring to the legacy
algorithm in crypt(), instead of the CRYPT scheme interface to it in
Dovecot.

[Dovecot] Dovecot version mismatch - after restart

[edeis]

Getting the followng error when managesieve is enabled. Any other post I've
read says this problem is because the service hasn't restarted after
upgrade. I've restarted dovecot & postfix many times, reboot machine too.
Still get the error. Racking my brains on this!!

May  7 13:21:19 drizzle dovecot: dovecot: Created login processes
successfully, unstalling
May  7 13:21:20 drizzle dovecot: managesieve-login: Fatal: Dovecot version
mismatch: Master is v1.2.11, login is v1.2.10 (if you don't care, set
version_ignore=yes)
May  7 13:21:20 drizzle dovecot: dovecot: Temporary failure in creating
login processes, slowing down for now
May  7 13:21:20 drizzle dovecot: managesieve-login: Fatal: Dovecot version
mismatch: Master is v1.2.11, login is v1.2.10 (if you don't care, set
version_ignore=yes)

Running CentOS5.4.
Installed Packages from atrpms
dovecot.x86_64   1:1.2.11-3_108.el5 
  
installed
dovecot-managesieve.x86_64   0.11.11-0_4.el5
  
installed
dovecot-sieve.x86_64 1:0.1.15-4.el5 
  
installed 

Here's my dovecot settings:

[r...@drizzle /]# dovecot -n
# 1.2.11: /etc/dovecot.conf
# OS: Linux 2.6.18-164.15.1.el5.028stab068.9 x86_64 CentOS release 5.4
(Final)
protocols: imap imaps pop3 pop3s managesieve
ssl_cert_file: /etc/ssl/certs/mydomain.com.crt
ssl_key_file: /etc/ssl/certs/mydomain.com.key
login_dir: /var/run/dovecot/login
login_executable(default): /usr/libexec/dovecot/imap-login
login_executable(imap): /usr/libexec/dovecot/imap-login
login_executable(pop3): /usr/libexec/dovecot/pop3-login
login_executable(managesieve): /usr/libexec/dovecot/managesieve-login
mail_privileged_group: mail
mail_location: maildir:%h
mail_debug: yes
mail_executable(default): /usr/libexec/dovecot/imap
mail_executable(imap): /usr/libexec/dovecot/imap
mail_executable(pop3): /usr/libexec/dovecot/pop3
mail_executable(managesieve): /usr/libexec/dovecot/managesieve
mail_plugin_dir(default): /usr/lib64/dovecot/imap
mail_plugin_dir(imap): /usr/lib64/dovecot/imap
mail_plugin_dir(pop3): /usr/lib64/dovecot/pop3
mail_plugin_dir(managesieve): /usr/lib64/dovecot/managesieve
namespace:
  type: private
  prefix: INBOX.
  inbox: yes
  list: yes
  subscriptions: yes
lda:
  postmaster_address: m...@mydomain.com
auth default:
  mechanisms: plain login
  passdb:
driver: checkpassword
args: /var/www/ispcp/engine/ispcp-dovecot-mngr
  userdb:
driver: sql
args: /etc/dovecot/dovecot-sql-domain.conf
  userdb:
driver: sql
args: /etc/dovecot/dovecot-sql-aliasdomain.conf
  userdb:
driver: sql
args: /etc/dovecot/dovecot-sql-subdomain.conf
  socket:
type: listen
client:
  path: /var/spool/postfix/private/auth
  mode: 432
  user: postfix
  group: postfix
master:
  path: /var/run/dovecot/auth-master
  mode: 432
  user: vmail
  group: mail
plugin:
  sieve: /etc/dovecot/sieve/dovecot.sieve
[r...@drizzle /]# 

-- 
View this message in context: 
http://old.nabble.com/Dovecot-version-mismatch---after-restart-tp28491245p28491245.html
Sent from the Dovecot mailing list archive at Nabble.com.

Re: [Dovecot] CRYPT scheme and 8 character limit

[Phil Howard]

On Fri, May 7, 2010 at 15:11, Pascal Volk <
user+dove...@localhost.localdomain.org
> wrote:

> On 05/07/2010 08:16 PM Phil Howard wrote:
> > I've decided that having users supply cleartext passwords for me to
> encrypt
> > and encode is a bad idea, anyway.  So maybe I won't need dovecotpw.  The
> > idea is that users supply an already-encrypted password.  Most of the
> users
> > can fetch their login password from /etc/shadow on their own computer.
> >
> > Wiki page http://wiki.dovecot.org/Authentication/PasswordSchemesindicates
> > that scheme name CRYPT is the one that uses the libc crypt() function.
>  But
> > it also says it uses no more than 8 characters.  Then there is MD5-CRYPT.
> > But that doesn't call crypt(), I presume.  No limit on password size is
> > indicated.  But this at least looks like SOME of the encrypted passwords
> I
> > have.
> >
> > Other passwords I have have ids indicating SHA-256 and SHA-512.  Here is
> an
> > example from /etc/shadow that encrypted the clear password
> > "dovecotandpostfix" (in case it is necessary to test it):
> >
> >
> $6$IwZzpjjj$p1VrkxQmgmTED8iQnQrV3sVEZpBmw2N8oD1ykOguXB5tf8aahICesX0TF6.VMThIW2QFs1buHjT3eDtnaAFhF1
> >
> > The big question is, what scheme name should I use for these passwords?
>  I
> > can, of course, consider the id (6 in the above example, suggesting
> SHA-512)
> > if there is one (so far all are like this).  But the other consideration
> is
> > most of the passwords are longer than 8, some longer than 12, characters.
> > So apparently CRYPT can't be used in those cases (so I can't have the
> > automatic identification of crypt() to detect the scheme).
> >
> > What scheme would I use for the various passwords?  What scheme would be
> > used for the above example for starters?  What if the id is 5 or 1 (the
> ones
> > documented for the crypt() call)?
> >
>
> {CRYPT}, for SHA-256 and SHA-512. If your {,g}libc supports it, Dovecot
> can use it.
>

Is there another scheme name for it I can use that will still do those
without the 8 character limit?  I want the users to use their full passwords
even with this scheme (or at least one like it).  I know crypt() doesn't
have an 8 character limit, so a scheme that doesn't have such a limit, and
uses crypt(), I would think should work.

Re: [Dovecot] Thunderbird very slow startup, 1.2.11, mbox, postfix local delivery to /var/mail

[Charles Marcus]

On 2010-05-07 2:55 PM, Stan Hoeppner wrote:
> I did quite a bit more searching, and though I found nothing
> specifically linking GLODA to my issues, I disabled it, along with
> some likely minor other things.  For some reason it was enabled by
> default on my system even though the mozilla docs say it comes
> disabled by default.

Not sure where you read that, but as far as I know, it has always been
enabled by default. In fact there are a couple of bugs about this that
I've been very vocal on complaining about this dumb decision of theirs.

Enabling GLODA, forcing all IMAP folders to offline mode (I have 16+
IMAP accounts, and I was *furious* when I learned they stomped on all of
my settings like that) *and* enabling Sync all messages for *all* IMAP
accounts by default were extraordinarily arrogant and dumb decisions, in
my opinion (and I had no qualms with telling them so).

As far as I know, they have not changed this in any of the 3.0.x builds,
and said as much in the open bugs...

Re: [Dovecot] CRYPT scheme and 8 character limit

[Pascal Volk]

On 05/07/2010 08:16 PM Phil Howard wrote:
> I've decided that having users supply cleartext passwords for me to encrypt
> and encode is a bad idea, anyway.  So maybe I won't need dovecotpw.  The
> idea is that users supply an already-encrypted password.  Most of the users
> can fetch their login password from /etc/shadow on their own computer.
> 
> Wiki page http://wiki.dovecot.org/Authentication/PasswordSchemes indicates
> that scheme name CRYPT is the one that uses the libc crypt() function.  But
> it also says it uses no more than 8 characters.  Then there is MD5-CRYPT.
> But that doesn't call crypt(), I presume.  No limit on password size is
> indicated.  But this at least looks like SOME of the encrypted passwords I
> have.
> 
> Other passwords I have have ids indicating SHA-256 and SHA-512.  Here is an
> example from /etc/shadow that encrypted the clear password
> "dovecotandpostfix" (in case it is necessary to test it):
> 
> $6$IwZzpjjj$p1VrkxQmgmTED8iQnQrV3sVEZpBmw2N8oD1ykOguXB5tf8aahICesX0TF6.VMThIW2QFs1buHjT3eDtnaAFhF1
> 
> The big question is, what scheme name should I use for these passwords?  I
> can, of course, consider the id (6 in the above example, suggesting SHA-512)
> if there is one (so far all are like this).  But the other consideration is
> most of the passwords are longer than 8, some longer than 12, characters.
> So apparently CRYPT can't be used in those cases (so I can't have the
> automatic identification of crypt() to detect the scheme).
> 
> What scheme would I use for the various passwords?  What scheme would be
> used for the above example for starters?  What if the id is 5 or 1 (the ones
> documented for the crypt() call)?
> 

{CRYPT}, for SHA-256 and SHA-512. If your {,g}libc supports it, Dovecot
can use it.


Regards,
Pascal
-- 
The trapper recommends today: fabaceae.1012...@localdomain.org

Re: [Dovecot] Mbox corruption - Inbox beginning with 'FFrom' or 'FrFrom'

[Erik Kratzenberg]

On 04/29/10 13:52, Timo Sirainen wrote:

On Wed, 2010-04-28 at 10:46 -0400, Erik Kratzenberg wrote:

 -Dovecot.log : Mar 29 11:00:06 Error: POP3(user_login):

  >  > Couldn't init INBOX: Mailbox isn't a valid mbox
  >  >  -The mailbox start with either 'FFrom or 'FrFrom'
  >
We're having the same issues on our servers here and it
oddly started at exactly the same time (March 20th or so)
with no changes made by us.


How often do they happen? If it really is related to time, the only
thing I can think of is that daylight saving time changed, which
increased/decreased some timestamp string and broke some length
calculation..


It's happening several times a day, sometimes to the same mailbox.  I'm 
not sure if that's a reflection of how busy the mailbox is or not.  It's 
difficult to say how many mailboxes we have being accessed via POP3 
since it only seems to affect those, so I can't give you a percentage.



We've upgraded to the latest Dovecot 1.2.11 and are using
Dovecot 'deliver' exclusively.  Tried setting
fsync_disable=no, but the problem persists.


You could try mbox_lazy_writes=no and mbox_dirty_syncs=no, although
disabling lazy writing makes the performance worse. Let me know if those
fix it..


Unfortunately, these didn't help.  We definitely did notice some locking 
issues with those turned off though so we turned them back on once we 
were sure they didn't help with the corruption.


We also noticed some other storage and assertion errors around the same 
time the corruption occurs which may or may not be related:


---
Mar 28 11:24:20 dovecot: POP3(u...@home.com): Disconnected:
Storage error during logout. top=0/0, retr=0/0, del=1/35, size=1167453

Mar 26 14:49:36 dovecot: Panic: POP3(u...@home.com):
file mbox-sync.c: line 1314 (mbox_sync_handle_eof_updates): assertion
failed: (offset == 0|| offset > 31)

Mar 24 15:21:59 dovecot: POP3(u...@home.com): Cached
message offset 2 is invalid for mbox file
/usr/boxes/mailbox
Mar 24 15:21:59 dovecot: POP3(u...@home.com):
Disconnected: Storage error during logout. top=0/0,
retr=0/0, del=1/232, size=10622872
---

I'm not sure if "mail_debug=yes" will give us any additional info, but 
I'm turning that on now.


Thanks,
Erik

Re: [Dovecot] Thunderbird very slow startup, 1.2.11, mbox, postfix local delivery to /var/mail

[Stan Hoeppner]

Charles Marcus put forth on 5/7/2010 11:58 AM:
> On 2010-05-07 11:44 AM, Stan Hoeppner wrote:
>> That said, I've made a number of about:config changes in Firefox, which,
>> IIRC, shares config info with TB.  However, the about:config changes I've
>> made to FF are all http tweaks, such as pipelining, etc, which shouldn't
>> affect TB.
> 
> Actually, I seem to recall reading something somewhere that they can/do...
> 
> You might try reverting those and restarting and see if it makes any
> difference...
> 
>> I do have the TB CompactHeader and Enigmail plugins installed,
>> but I wouldn't think these would cause this slow header download issue, as
>> they deal with display.  AFAIK they aren't in play during new message header
>> downloads.
> 
> I have them both installed too, so if they are the cause, it would be in
> combination with something else specific to your installation.
> 
> Sorry, I'm out of ideas... hope you can get it sorted...

I did quite a bit more searching, and though I found nothing specifically
linking GLODA to my issues, I disabled it, along with some likely minor
other things.  For some reason it was enabled by default on my system even
though the mozilla docs say it comes disabled by default.  Maybe because I
was an upgrade instead of a fresh install?  Anyway...

I built a fresh TB account profile under a different windows user login
(took longer than I'd have liked) and the performance I used to know was
fully restored.  It was pulling the headers from my 11,000+ message imap
folders in less than 10 seconds with this fresh profile.

So, I logged back in under my normal account (I had disabled GLODA before
logoff) and I moved the .msf files, the sqlite file, and some other index
related stuff to a temp folder.  Since I'd moved my rules file nothing got
sorted when I fired up TB, but the download of new message headers was
faster than I've seen in a long while.  I still need to perform an
"overnight" test to see if it's speedy with 100+ new messages.

So, preliminarily, it would seem that GLODA and its 50MB+ Sqlite file were
mostly to blame.  I should have dug deeper into TB before ever bringing this
up here.  Until today I didn't even realize GLODA was enabled...

I'll post more when I have info on the use case that prompted this thread.

-- 
Stan

[Dovecot] CRYPT scheme and 8 character limit

[Phil Howard]

I've decided that having users supply cleartext passwords for me to encrypt
and encode is a bad idea, anyway.  So maybe I won't need dovecotpw.  The
idea is that users supply an already-encrypted password.  Most of the users
can fetch their login password from /etc/shadow on their own computer.

Wiki page http://wiki.dovecot.org/Authentication/PasswordSchemes indicates
that scheme name CRYPT is the one that uses the libc crypt() function.  But
it also says it uses no more than 8 characters.  Then there is MD5-CRYPT.
But that doesn't call crypt(), I presume.  No limit on password size is
indicated.  But this at least looks like SOME of the encrypted passwords I
have.

Other passwords I have have ids indicating SHA-256 and SHA-512.  Here is an
example from /etc/shadow that encrypted the clear password
"dovecotandpostfix" (in case it is necessary to test it):

$6$IwZzpjjj$p1VrkxQmgmTED8iQnQrV3sVEZpBmw2N8oD1ykOguXB5tf8aahICesX0TF6.VMThIW2QFs1buHjT3eDtnaAFhF1

The big question is, what scheme name should I use for these passwords?  I
can, of course, consider the id (6 in the above example, suggesting SHA-512)
if there is one (so far all are like this).  But the other consideration is
most of the passwords are longer than 8, some longer than 12, characters.
So apparently CRYPT can't be used in those cases (so I can't have the
automatic identification of crypt() to detect the scheme).

What scheme would I use for the various passwords?  What scheme would be
used for the above example for starters?  What if the id is 5 or 1 (the ones
documented for the crypt() call)?

Re: [Dovecot] Thunderbird very slow startup, 1.2.11, mbox, postfix local delivery to /var/mail

[Charles Marcus]

On 2010-05-07 11:44 AM, Stan Hoeppner wrote:
> That said, I've made a number of about:config changes in Firefox, which,
> IIRC, shares config info with TB.  However, the about:config changes I've
> made to FF are all http tweaks, such as pipelining, etc, which shouldn't
> affect TB.

Actually, I seem to recall reading something somewhere that they can/do...

You might try reverting those and restarting and see if it makes any
difference...

> I do have the TB CompactHeader and Enigmail plugins installed,
> but I wouldn't think these would cause this slow header download issue, as
> they deal with display.  AFAIK they aren't in play during new message header
> downloads.

I have them both installed too, so if they are the cause, it would be in
combination with something else specific to your installation.

Sorry, I'm out of ideas... hope you can get it sorted...

Re: [Dovecot] wrong config file?

[Phil Howard]

On Fri, May 7, 2010 at 11:43, Dennis Guhl  wrote:

> Ubuntu is using dovecot-postfix.conf as the working config file if you
> install the package 'dovecot-postfix' from the Ubuntu server team. But
> if you install the seperate packages 'dovecot-[common|imapd|pop3d]'
> dovecot.conf will be used.
>

This is what I have installed:

marconi/root/x0 /root 96# dpkg -l | egrep 'dovecot|postfix'
ii  dovecot-antispam  1.1+20090218.git.g28075fa-2   a
Dovecot plugin that helps train spam filte
ii  dovecot-common1:1.1.11-0ubuntu11
secure mail server that supports mbox and ma
ii  dovecot-dev   1:1.1.11-0ubuntu11
header files for the dovecot mail server
ii  dovecot-imapd 1:1.1.11-0ubuntu11
secure IMAP server that supports mbox and ma
ii  dovecot-pop3d 1:1.1.11-0ubuntu11
secure POP3 server that supports mbox and ma
ii  dovecot-postfix   1:1.1.11-0ubuntu11full
mail server stack provided by Ubuntu se
ii  postfix   2.6.5-3
High-performance mail transport agent
ii  postfix-cdb   2.6.5-3   CDB
map support for Postfix
ii  postfix-doc   2.6.5-3
Documentation for Postfix
ii  postfix-pcre  2.6.5-3   PCRE
map support for Postfix
ii  postfix-pgsql 2.6.5-3
PostgreSQL map support for Postfix
marconi/root/x0 /root 97#

So, dovecot-postfix is intended as an alternative for all the others?


> And it might be, that your master.cf does not call dovecot deliver
> with '-c /etc/dovecot/dovecot-postfix.conf' as part of argv=.
>

Thanks, I'll have to check that, too.  I did not know it also needed to be
in master.cf.  I have a reference in main.cf but it doesn't have args.

smtpd_sasl_type = dovecot
smtpd_sasl_path = private/dovecot-auth
mailbox_command = /usr/lib/dovecot/deliver

Re: [Dovecot] Thunderbird very slow startup, 1.2.11, mbox, postfix local delivery to /var/mail

[Stan Hoeppner]

Charles Marcus put forth on 5/7/2010 9:28 AM:
> On 2010-05-07 8:00 AM, Stan Hoeppner wrote:

>> It seems TB then spins at 100% CPU for 60+ seconds saying 
>> "Downloading header x of 300". When it hits ~300, then there is
>> finally network activity as TB seems to sort the messages into the
>> proper IMAP folders, which is lightning quick compared to
>> "downloading message headers".
> 
> The only other thing I can think of is some kind of AV on the local
> computer, but it seems like that would affect OE too - unless you had
> configured it to not scan OE connections...

I don't use any A/V plugin in TB, and TB is what is using 100% CPU while
downloading the new message headers.  All other processes are at 0% CPU.
The only other non Windows processes running all the time are the Sun Java
Quick starter and Java update scheduler.

>> I don't recall having this performance issue with dovecot 1.0.15.  Just in
>> case it's something I nurfed in my dovecot config, here's my dovecot -n
>> output.
> 
> It would be good if you could confirm this, but, I think that if its a
> config issue, its more likely a TB config issue (especially since OE
> seems to not have a problem) - too bad TB doesn't have a way to dump the
> config changes like dovecot/postfix...

Yeah, that would be nice.  The config editor does highlight all user defined
settings in bold though.

> Did you make any manual config changes to TB using about:config or
> applying manual changes to user.js?

The only TB change I recall making via about:config was to disable
condstore.  Since updating to 1.2.11, which fixes condstore support, I
reenabled it.

That said, I've made a number of about:config changes in Firefox, which,
IIRC, shares config info with TB.  However, the about:config changes I've
made to FF are all http tweaks, such as pipelining, etc, which shouldn't
affect TB.  I do have the TB CompactHeader and Enigmail plugins installed,
but I wouldn't think these would cause this slow header download issue, as
they deal with display.  AFAIK they aren't in play during new message header
downloads.

-- 
Stan

Re: [Dovecot] wrong config file?

[Dennis Guhl]

On Fri, May 07, 2010 at 10:59:45AM -0400, Phil Howard wrote:
> The sample provided config file (the one I started with by editing it)
> included the following text:
> 
> # -- WARNING ---
> >
> > # If there's a file /etc/dovecot/dovecot-postfix.conf, which is part of
> > # dovecot-postfix package, it will be used instead of dovecot.conf.
> >
> > # Keep in mind that, if that file exist, none of the changes in
> > # /etc/dovecot/dovecot.conf will have effect on dovecot's configuration.
> > # In that case you should customize /etc/dovecot/dovecot-postfix.conf.
> >
> > # -- WARNING ---
> >
> 
> So I expected it would use that by default.  It seems to not be doing so.
> Does this mean I have to modify the startup scripts to add the -c option to
> force the use of this config file?  Or should I just put all my configs in
> the default "/etc/dovecot/dovecot.conf" file?
> 
> When doing "dovecot -n" it became apparent that my configs were not being
> used.  But "dovecot -c /etc/dovecot/dovecot-postfix.conf -n" was doing it.
> Any idea why it's not behaving as those comments described?

Ubuntu is using dovecot-postfix.conf as the working config file if you
install the package 'dovecot-postfix' from the Ubuntu server team. But
if you install the seperate packages 'dovecot-[common|imapd|pop3d]'
dovecot.conf will be used.

And it might be, that your master.cf does not call dovecot deliver
with '-c /etc/dovecot/dovecot-postfix.conf' as part of argv=.

Dennis

Re: [Dovecot] Requiring STARTTLS only on some networks

[Phil Howard]

On Fri, May 7, 2010 at 11:07, Pascal Volk <
user+dove...@localhost.localdomain.org
> wrote:

> On 05/07/2010 04:35 PM Phil Howard wrote:
>
> > Do you know if the remote address gets passed from Postfix on to Dovecot
> > through the authentication connection (when Dovecot is doing the
> > authentication for Postfix mail submission) so that these same remote
> rules
> > apply?
>
> Hm, doesn't look so, as if Postfix would forward this info (remote host)
> to Dovecot. Even when I connect from a 'disable_plaintext_auth = no
> network' to Postfix (2.6.5), Postfix offers:
> 250-STARTTLS
> 250-AUTH DIGEST-MD5 CRAM-MD5
>
> But the SSL/TLS state should be forwarded from Postfix to Dovecot:
> http://www.mail-archive.com/postfix-us...@postfix.org/msg10590.html
>

Then I guess I will need to still run a separate always-SSL/TLS submission
port (e.g. 587).  I can easily restrict which ports can be reached by which
address ranges on the firewall.  But I can't (on the firewall) force use of
STARTTLS (which http://wiki.dovecot.org/SSL seems to be encouraging the use
of).

At least with IMAP and POP I can just use the one port (each ... 143 and
110) and force STARTTLS on untrusted addresses.

Re: [Dovecot] Tracing sieve execution

[Pascal Volk]

On 04/30/2010 11:43 PM Jerry wrote:
> I have just recently begun learning how to use sieve. For the most
> part, it works fine. The problem is that I have created some rather
> complicated rules. Occasionally, an e-mail will get sorted
> incorrectly and I am not able to easily determine what rule caused it to
> occur.
> 
> Is there any way or utility that I could use to actually see what rule
> or line in the sieve file caused the action?

"recently". So I assume you are using Dovecot v1.2.x. Pigeonhole Sieve
for Dovecot v1.2 provides the sieve-test utility. Maybe it's helpful for
you.


Regards,
Pascal
-- 
The trapper recommends today: c01dcofe.1012...@localdomain.org

Re: [Dovecot] Requiring STARTTLS only on some networks

[Pascal Volk]

On 05/07/2010 04:35 PM Phil Howard wrote:
> Do these "remote sections" need to be in a specific place in the config
> file, or can they just be put where the (global) disable_plaintext_auth is
> located?

The latter one, where the global disable_plaintext_auth is located,

> Do you know if the remote address gets passed from Postfix on to Dovecot
> through the authentication connection (when Dovecot is doing the
> authentication for Postfix mail submission) so that these same remote rules
> apply?

Hm, doesn't look so, as if Postfix would forward this info (remote host)
to Dovecot. Even when I connect from a 'disable_plaintext_auth = no
network' to Postfix (2.6.5), Postfix offers:
250-STARTTLS
250-AUTH DIGEST-MD5 CRAM-MD5

But the SSL/TLS state should be forwarded from Postfix to Dovecot:
http://www.mail-archive.com/postfix-us...@postfix.org/msg10590.html


Regards,
Pascal
-- 
The trapper recommends today: 5e1f1e55.1012...@localdomain.org

[Dovecot] wrong config file?

[Phil Howard]

The sample provided config file (the one I started with by editing it)
included the following text:

# -- WARNING ---
>
> # If there's a file /etc/dovecot/dovecot-postfix.conf, which is part of
> # dovecot-postfix package, it will be used instead of dovecot.conf.
>
> # Keep in mind that, if that file exist, none of the changes in
> # /etc/dovecot/dovecot.conf will have effect on dovecot's configuration.
> # In that case you should customize /etc/dovecot/dovecot-postfix.conf.
>
> # -- WARNING ---
>

So I expected it would use that by default.  It seems to not be doing so.
Does this mean I have to modify the startup scripts to add the -c option to
force the use of this config file?  Or should I just put all my configs in
the default "/etc/dovecot/dovecot.conf" file?

When doing "dovecot -n" it became apparent that my configs were not being
used.  But "dovecot -c /etc/dovecot/dovecot-postfix.conf -n" was doing it.
Any idea why it's not behaving as those comments described?

Re: [Dovecot] Requiring STARTTLS only on some networks

[Pascal Volk]

On 05/07/2010 04:36 PM Thomas Hummel wrote:
> On Fri, May 07, 2010 at 04:26:47PM +0200, Pascal Volk wrote:
> 
>> remote 192.168.111.0/24 {
>>   disable_plaintext_auth = no
>> }
>> remote fdfd::::0/48 {
>>   disable_plaintext_auth = no
>> }
> 
> Thanks. I have to look further in what is allowed to go into those sections.
> But in the case of disabling/enabling STARTTLS, this is indeed what I need.


remote 192.168.111.0/24 {
  disable_plaintext_auth = no
  ssl = no
}

~ # doveconf -f rip=192.168.111.234 ssl
ssl = no
~ # doveconf  ssl
ssl = yes


Regards,
Pascal
-- 
The trapper recommends today: 5e1f1e55.1012...@localdomain.org

Re: [Dovecot] Requiring STARTTLS only on some networks

[Thomas Hummel]

On Fri, May 07, 2010 at 04:26:47PM +0200, Pascal Volk wrote:

> With Dovecot v2.0 you can put something like the following in your
> dovecot.conf:
> 
> remote 192.168.111.0/24 {
>   disable_plaintext_auth = no
> }
> remote fdfd::::0/48 {
>   disable_plaintext_auth = no
> }

Thanks. I have to look further in what is allowed to go into those sections.
But in the case of disabling/enabling STARTTLS, this is indeed what I need.

-- 
Thomas Hummel   | Institut Pasteur
 | Pôle informatique - systèmes et réseau

Re: [Dovecot] Requiring STARTTLS only on some networks

[Phil Howard]

On Fri, May 7, 2010 at 10:26, Pascal Volk <
user+dove...@localhost.localdomain.org
> wrote:

>
> By default "disable_plaintext_auth = yes" is set, in all Dovecot
> versions.
> With Dovecot v2.0 you can put something like the following in your
> dovecot.conf:
>
> remote 192.168.111.0/24 {
>  disable_plaintext_auth = no
> }
> remote fdfd::::0/48 {
>  disable_plaintext_auth = no
> }
>

Do these "remote sections" need to be in a specific place in the config
file, or can they just be put where the (global) disable_plaintext_auth is
located?

Do you know if the remote address gets passed from Postfix on to Dovecot
through the authentication connection (when Dovecot is doing the
authentication for Postfix mail submission) so that these same remote rules
apply?

Re: [Dovecot] Thunderbird very slow startup, 1.2.11, mbox, postfix local delivery to /var/mail

[Charles Marcus]

On 2010-05-07 8:00 AM, Stan Hoeppner wrote:
> There are no local mbox files.  Those are only created if one sets TB to
> synchronize IMAP folders to the local drive for offline use, which I do
> _NOT_ do.  That defeats the whole purpose of having a nearby (network
> latency and b/w wise) fast IMAP server.  If I wanted copies of all my mail
> on my workstation I'd run POP.  But I don't.  Thus, I don't synchronize.

 You're right, my bad...

I generally set all of my folders to offline mode, but do *not* set my
accounts to Sync... that way, I basically get 'Sync on demand' (only
messages that I actually click on are downloaded).I do this mainly to
avoid having to download attachments repeatedly (in my business we deal
with a lot of large attachments).

So, I do have the mbox files, although they are generally very small
compared to how much mail is in the folder...

> It seems TB then spins at 100% CPU for 60+ seconds saying 
> "Downloading header x of 300". When it hits ~300, then there is
> finally network activity as TB seems to sort the messages into the
> proper IMAP folders, which is lightning quick compared to
> "downloading message headers".

The only other thing I can think of is some kind of AV on the local
computer, but it seems like that would affect OE too - unless you had
configured it to not scan OE connections...

> I don't recall having this performance issue with dovecot 1.0.15.  Just in
> case it's something I nurfed in my dovecot config, here's my dovecot -n
> output.

It would be good if you could confirm this, but, I think that if its a
config issue, its more likely a TB config issue (especially since OE
seems to not have a problem) - too bad TB doesn't have a way to dump the
config changes like dovecot/postfix...

Did you make any manual config changes to TB using about:config or
applying manual changes to user.js?

-- 

Best regards,

Charles

Re: [Dovecot] Requiring STARTTLS only on some networks

[Pascal Volk]

On 05/07/2010 02:00 PM Thomas Hummel wrote:
> Hello Timo,
> 
> is there a way, either in 1.2.x or in 2.x to activate
> 
>   disable_plaintext_auth=yes
> 
> only for some address or network ?
> 
> The idea would be to enable clients from the internal networks to keep making
> clear text connections while forbidding it to the rest of the world.
> 
> Thanks.

By default "disable_plaintext_auth = yes" is set, in all Dovecot
versions.
With Dovecot v2.0 you can put something like the following in your
dovecot.conf:

remote 192.168.111.0/24 {
  disable_plaintext_auth = no
}
remote fdfd::::0/48 {
  disable_plaintext_auth = no
}

Testing the settings:

~ # doveconf disable_plaintext_auth
disable_plaintext_auth = yes
~ # doveconf -f rip=192.168.0.1 disable_plaintext_auth
disable_plaintext_auth = yes
~ # doveconf -f rip=fdfd::::abcd disable_plaintext_auth
disable_plaintext_auth = no
~ # doveconf -f rip=192.168.111.234 disable_plaintext_auth
disable_plaintext_auth = no

The dovecot.conf for v2.0 contains also:
# Space separated list of trusted network ranges. Connections from these
# IPs are allowed to override their IP addresses and ports (for logging and
# for authentication checks). disable_plaintext_auth is also ignored for
# these networks. Typically you'd specify your IMAP proxy servers here.
#login_trusted_networks =


Regards,
Pascal
-- 
The trapper recommends today: 5e1f1e55.1012...@localdomain.org

Re: [Dovecot] Thunderbird very slow startup, 1.2.11, mbox, postfix local delivery to /var/mail

[Ken A]

On 5/7/2010 7:00 AM, Stan Hoeppner wrote:

Charles Marcus put forth on 5/7/2010 5:29 AM:

On 2010-05-07 1:02 AM, Stan Hoeppner wrote:

I know TBird isn't the greatest IMAP client around,


Actually, its better than most (at least those with a decent GUI)...


but I think taking over
60 seconds just to download ~300 messages is way too damn long given the
hardware resources, network, and load on the client and server machines.


There is definitely something wrong.


I agree.


Do you store your profile on a remote filesystem? There is a known major
TB bug that causes it to be dog slow if your profile is not on a local
hard drive. It is apparently fixed for 3.1, and I think it even made it
into the 3.1b2 that was just released, so you might give it a try if
your profile is on a remote filesystem.


The profiles are on the local machine, which is W2K Pro SP4 all M$ patches
via auto updates, Win32 TB 3.0.4, Athlon XP 2GHz, 1GB dual channel RAM, 7.2K
rpm 120GB Seagate UDMA100.


Maybe some a/v scanning your mail?
If so, try turning it off, or switching TB to port 993 (and enable imaps 
in dovecot).


Ken


 The server is an old dual CPU 500MHz Intel box

with 384MB PC100, a new 500GB 7.2K rpm single platter WD Blue SATA drive on
a new SiI 3512 card, Intel Pro 100 NIC, Debian Lenny 5.0.4 with custom
rolled 2.6.32.9 from kernel.org source, Dovecot 1.2.11 from Lenny backports.
  For practical purposes, this is a personal server with only a single IMAP
client, load average: 0.01, 0.06, 0.03.  The only real load it gets is an
occasional kernel make, or processing a batch of digital camera photos with
imagemagick and curator.

I tested out Outlook Express 6.0, which I've never used before, but was
already on the machine as part of W2K.  There were only a couple of new
messages to grab so I couldn't test new message retrieval speed.  However,
when I clicked on a couple of IMAP folders containing over 11,000 messages
each, they transferred in about 15 seconds per folder.  It was freak'n fast.
  I was pleasantly surprised.  Granted this wasn't an apples to apples test.


TB basically seems to be pulling, or dovecot serving, only about 5
messages/sec over 100Mb ethernet, which is abysmal performance given neither
the server nor client have any load.  The messages are mostly list mail
which are at max a few kilobytes each.

I'm leaning toward a problem with TBird but I've been unable to find a bug
report that covers this, nor a forum post anywhere, etc.  The closest I've
found for "slow startup" are recommendations to compact folders.  I have no
local folders to compact.  I delete immediately and expunge on exit.


Ummm... compacting has nothing to do with 'Local Folders', it has to do
with the local mbox files that are used to store the message headers
(and bodies of downloaded messages) - and simply expunging is *not*
enough. You need to either manually compact them every now and then, or
set it to automatically compact regularly.


There are no local mbox files.  Those are only created if one sets TB to
synchronize IMAP folders to the local drive for offline use, which I do
_NOT_ do.  That defeats the whole purpose of having a nearby (network
latency and b/w wise) fast IMAP server.  If I wanted copies of all my mail
on my workstation I'd run POP.  But I don't.  Thus, I don't synchronize.

The only noteworthy TB files I have locally are .msf files in the
~\Application Data\~\ImapMail directory, one per IMAP folder on the server.
  AFAIK these are the index files TB creates of the message headers it d/l's
from the IMAP server.  I also have a couple of cache files in the other TB
profile directory ~\Local Settings\~\Cache that are rather large, one being
~50MB, the other being ~30MB, both with a current timestamp, meaning both
are actively being used.  AIUI, compacting folders in TB only affects local
mbox files, removing deleted messages, and rewriting the file to eliminate
whitespace.  In absence of this, I defrag both partitions on my workstation
disk frequently.  Even after a fresh thorough defrag, this TB startup
performance problem still exists.  AFAIK, Dovecot does something similar to
TB compacting automatically on its mbox files upon expunge.

Regardless of all the mbox and compacting talk, why would this ever affect
new message headers being served up to TB by dovecot from the /var/mail/stan
file?  Every time I exit TB /var/mail/stan gets automatically compacted by
dovecot.  When I open TB the next time, and there are 300 messages, dovecot
reads the partial headers and funnels them to TB.  Correct?  It seems TB
then spins at 100% CPU for 60+ seconds saying "Downloading header x of 300".
  When it hits ~300, then there is finally network activity as TB seems to
sort the messages into the proper IMAP folders, which is lightning quick
compared to "downloading message headers".

I don't recall having this performance issue with dovecot 1.0.15.  Just in
case it's something I nurfed in my dovecot config, here's my

[Dovecot] Go Away Message after the first successful login on proxy server

[Tomislav Mihalicek]

hello

i have a dovecot 1.2.11 and i have implementation of 2 dovecot machines, one
proxy one storage part. everything is working fine, i only have one question
regarding the message that should go away after the first successful login
on proxy server. how to remove it on proxy server?

May  7 16:04:19 proxy-server dovecot: pop3-login: proxy(tmi...@example.com):
started proxying to 192.168.1.100:110: user=,
method=PLAIN, rip=192.168.22.222, lip=192.168.1.100:109

[r...@dougie:/usr/local/src/dovecot-1.2-managesieve]/etc/init.d/dovecot
restart
Restarting DovecotIf you have trouble with authentication failures,
enable auth_debug setting. See http://wiki.dovecot.org/WhyDoesItNotWork
This message goes away after the first successful login.

-- 
View this message in context: 
http://old.nabble.com/Go-Away-Message-after-the-first-successful-login-on-proxy-server-tp28486467p28486467.html
Sent from the Dovecot mailing list archive at Nabble.com.

[Dovecot] dovecotpw documentation

[Phil Howard]

Where can I find documentation on how to use the "dovecotpw" program that I
was referred to?  No man page.  No wiki.  Very little from "dovecotpw -h".
What I need to do is generate the "passwd-file" contents with an MD5 scheme
(the one equivalent to /etc/shadow is preferred).

[Dovecot] Problems with the IMAP proxy after upgrading from dovecot 1.1.16 to 1.211

[Holger Richter]

We have frequent timeout problems after upgrading our imap servers  
from dovecot 1.1.16 to dovecot 1.2.11. One server acts as proxy only,  
and the other one is the "real" imap server". The credentials for the  
proxy service are stored in a remote MYSQL database.


There were no trouble with dovecot 1.1.16. But now, with the most  
recent version, we get frequent login failures. It seems dovecot  
reconnects too late to the MySQL database after a timeout, after  
sending the SQL query. Here's a piece of my log file:


May  7 14:46:32 ttt dovecot: auth(default): new auth connection: pid=5136
May  7 14:46:42 ttt dovecot: auth(default): client in:  
AUTH^I1^IPLAIN^Iservice=imap^Isecured^Ilip=xxx.xxx.xxx.xxx^Irip=yyy.yyy.yyy.yyy^Ilport=sss^Irport=26480^Iresp=
May  7 14:46:42 ttt dovecot: auth-worker(default):  
sql(uid,yyy.yyy.yyy.yyy): query: SELECT NULL as password, destuser,  
host, 'zzz' as port, 'Y' as proxy, '0' as proxy_timeout, 'Y' as  
nopassword, 'Y' as nodelay from accounts where user ='uid';
May  7 14:47:42 ttt dovecot: auth(default):  
worker-server(uid,yyy.yyy.yyy.yyy): Aborted: Lookup timed out
May  7 14:47:42 ttt dovecot: auth-worker(default): mysql: Connected to  
lll.lll.lll.lll (imapauth)
May  7 14:47:44 ttt dovecot: auth(default): client out:  
FAIL^I1^Iuser=uid^Itemp
May  7 14:47:49 ttt dovecot: imap-login: Disconnected (auth failed, 1  
attempts): user=, method=PLAIN, rip=yyy.yyy.yyy.yyy,  
lip=xxx.xxx.xxx.xxx, TLS

May  7 14:48:26 ttt dovecot: auth(default): new auth connection: pid=5159
May  7 14:48:47 ttt dovecot: auth(default): client in:  
AUTH^I1^IPLAIN^Iservice=imap^Isecured^Ilip=xxx.xxx.xxx.xxx^Irip=yyy.yyy.yyy.yyy^Ilport=sss^Irport=6243^Iresp=
May  7 14:48:47 ttt dovecot: auth-worker(default):  
sql(uid,yyy.yyy.yyy.yyy): query: SELECT NULL as password, destuser,  
host, 'zzz' as port, 'Y' as proxy, '0' as proxy_timeout, 'Y' as  
nopassword, 'Y' as nodelay from accounts where user ='uid';
May  7 14:48:47 ttt dovecot: auth(default): client out:  
OK^I1^Iuser=uid^Idestuser=luid^Ihost=mmm.mmm.mmm.mmm^Iport=zzz^Iproxy^Iproxy_timeout=0^Ipass=
May  7 14:48:47 ttt dovecot: imap-login: proxy(uid): started proxying  
to mmm.mmm.mmm.mmm:zzz/luid: user=, method=PLAIN,  
rip=yyy.yyy.yyy.yyy, lip=xxx.xxx.xxx.xxx, TLS
May  7 14:48:48 ttt dovecot: imap-login: proxy(uid): disconnecting  
yyy.yyy.yyy.yyy


As you can see, the second login attempt is always successful. Of  
course I've tried out various values (0, 60, 90, 300) for the  
proxy_timeout parameter - but without any success.

[Dovecot] Requiring STARTTLS only on some networks

[Thomas Hummel]

Hello Timo,

is there a way, either in 1.2.x or in 2.x to activate

  disable_plaintext_auth=yes

only for some address or network ?

The idea would be to enable clients from the internal networks to keep making
clear text connections while forbidding it to the rest of the world.

Thanks.

-- 
Thomas Hummel   | Institut Pasteur
 | Pôle informatique - systèmes et réseau

Re: [Dovecot] Thunderbird very slow startup, 1.2.11, mbox, postfix local delivery to /var/mail

[Stan Hoeppner]

Charles Marcus put forth on 5/7/2010 5:29 AM:
> On 2010-05-07 1:02 AM, Stan Hoeppner wrote:
>> I know TBird isn't the greatest IMAP client around,
> 
> Actually, its better than most (at least those with a decent GUI)...
> 
>> but I think taking over
>> 60 seconds just to download ~300 messages is way too damn long given the
>> hardware resources, network, and load on the client and server machines.
> 
> There is definitely something wrong.

I agree.

> Do you store your profile on a remote filesystem? There is a known major
> TB bug that causes it to be dog slow if your profile is not on a local
> hard drive. It is apparently fixed for 3.1, and I think it even made it
> into the 3.1b2 that was just released, so you might give it a try if
> your profile is on a remote filesystem.

The profiles are on the local machine, which is W2K Pro SP4 all M$ patches
via auto updates, Win32 TB 3.0.4, Athlon XP 2GHz, 1GB dual channel RAM, 7.2K
rpm 120GB Seagate UDMA100.  The server is an old dual CPU 500MHz Intel box
with 384MB PC100, a new 500GB 7.2K rpm single platter WD Blue SATA drive on
a new SiI 3512 card, Intel Pro 100 NIC, Debian Lenny 5.0.4 with custom
rolled 2.6.32.9 from kernel.org source, Dovecot 1.2.11 from Lenny backports.
 For practical purposes, this is a personal server with only a single IMAP
client, load average: 0.01, 0.06, 0.03.  The only real load it gets is an
occasional kernel make, or processing a batch of digital camera photos with
imagemagick and curator.

I tested out Outlook Express 6.0, which I've never used before, but was
already on the machine as part of W2K.  There were only a couple of new
messages to grab so I couldn't test new message retrieval speed.  However,
when I clicked on a couple of IMAP folders containing over 11,000 messages
each, they transferred in about 15 seconds per folder.  It was freak'n fast.
 I was pleasantly surprised.  Granted this wasn't an apples to apples test.

>> TB basically seems to be pulling, or dovecot serving, only about 5
>> messages/sec over 100Mb ethernet, which is abysmal performance given neither
>> the server nor client have any load.  The messages are mostly list mail
>> which are at max a few kilobytes each.
>>
>> I'm leaning toward a problem with TBird but I've been unable to find a bug
>> report that covers this, nor a forum post anywhere, etc.  The closest I've
>> found for "slow startup" are recommendations to compact folders.  I have no
>> local folders to compact.  I delete immediately and expunge on exit.
> 
> Ummm... compacting has nothing to do with 'Local Folders', it has to do
> with the local mbox files that are used to store the message headers
> (and bodies of downloaded messages) - and simply expunging is *not*
> enough. You need to either manually compact them every now and then, or
> set it to automatically compact regularly.

There are no local mbox files.  Those are only created if one sets TB to
synchronize IMAP folders to the local drive for offline use, which I do
_NOT_ do.  That defeats the whole purpose of having a nearby (network
latency and b/w wise) fast IMAP server.  If I wanted copies of all my mail
on my workstation I'd run POP.  But I don't.  Thus, I don't synchronize.

The only noteworthy TB files I have locally are .msf files in the
~\Application Data\~\ImapMail directory, one per IMAP folder on the server.
 AFAIK these are the index files TB creates of the message headers it d/l's
from the IMAP server.  I also have a couple of cache files in the other TB
profile directory ~\Local Settings\~\Cache that are rather large, one being
~50MB, the other being ~30MB, both with a current timestamp, meaning both
are actively being used.  AIUI, compacting folders in TB only affects local
mbox files, removing deleted messages, and rewriting the file to eliminate
whitespace.  In absence of this, I defrag both partitions on my workstation
disk frequently.  Even after a fresh thorough defrag, this TB startup
performance problem still exists.  AFAIK, Dovecot does something similar to
TB compacting automatically on its mbox files upon expunge.

Regardless of all the mbox and compacting talk, why would this ever affect
new message headers being served up to TB by dovecot from the /var/mail/stan
file?  Every time I exit TB /var/mail/stan gets automatically compacted by
dovecot.  When I open TB the next time, and there are 300 messages, dovecot
reads the partial headers and funnels them to TB.  Correct?  It seems TB
then spins at 100% CPU for 60+ seconds saying "Downloading header x of 300".
 When it hits ~300, then there is finally network activity as TB seems to
sort the messages into the proper IMAP folders, which is lightning quick
compared to "downloading message headers".

I don't recall having this performance issue with dovecot 1.0.15.  Just in
case it's something I nurfed in my dovecot config, here's my dovecot -n
output.  Keep in mind I've made modifications appropriate for serving a
single or just a couple of clients whi

Re: [Dovecot] Thunderbird very slow startup, 1.2.11, mbox, postfix local delivery to /var/mail

[Charles Marcus]

On 2010-05-07 1:02 AM, Stan Hoeppner wrote:
> I know TBird isn't the greatest IMAP client around,

Actually, its better than most (at least those with a decent GUI)...

> but I think taking over
> 60 seconds just to download ~300 messages is way too damn long given the
> hardware resources, network, and load on the client and server machines.

There is definitely something wrong.

Do you store your profile on a remote filesystem? There is a known major
TB bug that causes it to be dog slow if your profile is not on a local
hard drive. It is apparently fixed for 3.1, and I think it even made it
into the 3.1b2 that was just released, so you might give it a try if
your profile is on a remote filesystem.

> TB basically seems to be pulling, or dovecot serving, only about 5
> messages/sec over 100Mb ethernet, which is abysmal performance given neither
> the server nor client have any load.  The messages are mostly list mail
> which are at max a few kilobytes each.
> 
> I'm leaning toward a problem with TBird but I've been unable to find a bug
> report that covers this, nor a forum post anywhere, etc.  The closest I've
> found for "slow startup" are recommendations to compact folders.  I have no
> local folders to compact.  I delete immediately and expunge on exit.

Ummm... compacting has nothing to do with 'Local Folders', it has to do
with the local mbox files that are used to store the message headers
(and bodies of downloaded messages) - and simply expunging is *not*
enough. You need to either manually compact them every now and then, or
set it to automatically compact regularly.

-- 

Best regards,

Charles

Re: [Dovecot] Any Knowledge, pls: Iphone and Dovecot - 2-way sync

[Charles Marcus]

On 2010-05-07 12:54 AM, Frank Cusack wrote:
> On 5/6/10 6:17 AM -0400 Charles Marcus wrote:
>> Actually, Outlook uses the same folders as the iPhone ('Sent Messages' &
>> 'Deleted Messages')...

> No, Outlook uses 'Sent Items' and 'Deleted Items'.

Wups, I stand corrected... my only excuse is I haven't used it since
about 2000/2001, and only had to try to troubleshoot a few problems here
and there over the years since...

-- 

Best regards,

Charles

Re: [Dovecot] Thunderbird very slow startup, 1.2.11, mbox, postfix local delivery to /var/mail

[Noel Butler]

Try a different client and see if its the same results
if so, return with your dovecot -n  output
Cheers


On Fri, 2010-05-07 at 02:56 -0500, Stan Hoeppner wrote:

> Eray Aslan put forth on 5/7/2010 12:44 AM:
> > On Fri, May 07, 2010 at 12:02:33AM -0500, Stan Hoeppner wrote:
> >> Anyone have any ideas?  Other than switching to LDA+sieve and have TB check
> >> the IMAP folders for new mail?
> > 
> > Try turning off indexing on Thunderbird.
> 
> The TB indexing isn't slow.  Downloading the message headers is slow.
> 

Re: [Dovecot] Thunderbird very slow startup, 1.2.11, mbox, postfix local delivery to /var/mail

[Stan Hoeppner]

Eray Aslan put forth on 5/7/2010 12:44 AM:
> On Fri, May 07, 2010 at 12:02:33AM -0500, Stan Hoeppner wrote:
>> Anyone have any ideas?  Other than switching to LDA+sieve and have TB check
>> the IMAP folders for new mail?
> 
> Try turning off indexing on Thunderbird.

The TB indexing isn't slow.  Downloading the message headers is slow.

-- 
Stan