Re: [Dovecot] sieve not working if i have override
On 2/8/2011 12:33 AM, Paul A wrote: Hi, I have a few domain that I'm overriding the mail_plugins, see password query below, however when I use this password query everything is working expect sieve gives me an error. How can I get around this problem? [...] Feb 7 18:28:20 testip5 dovecot: managesieve: Error: dlopen(/usr/local/lib/dovecot/lib02_imap_acl_plugin.so) failed: /usr/local/lib/dovecot/lib02_imap_acl_plugin.so: undefined symbol: client_send_tagline [...] It also complains about imap_quota. You're trying to load the imap_quota and imap_acl plugins into ManagSieve, which makes no sense. So, your query should not return those plugins when the service (%Ls) is `sieve'. Regards, Stephan.
Re: [Dovecot] Great time savings backing a mdbox versus Maildir
On Tue, Feb 08, 2011 at 08:42:40AM +0100, Javier Miguel Rodríguez wrote: I am writing to this mailing list to thanks Timo for dovecot 2 mdbox. We have almost 30.000 active users and our life was sad with Maildir backup: 24 hours for a full backup with bacula (zlib enabled maildirs, 1.4 TB). After switching to mdbox, the backup time is under 12 hours ! Instead of backing 17 millions files, with mdbox our backup is only of 1 million files, and that speeds up a lot the backup operation. Oh.. I envy you. Will probably need to do the same at some point, but I'm having problems understanding how we will ever be able to make the transition. Too many files -- too many users.. How long did it take to convert from maildir to mdbox, how much downtime ? Do you have a clustered setup, or single node? I'm wondering how safe mdbox will be on a clusterfs (GPFS), as we've had a bit of trouble with the index-files when they're accessed from multiple nodes at the same time (but that was with v1.0.15 -- so we should maybe trust that such problems has since been fixed :-) -jf
Re: [Dovecot] Great time savings backing a mdbox versus Maildir
Oh.. I envy you. Will probably need to do the same at some point, but I'm having problems understanding how we will ever be able to make the transition. Too many files -- too many users.. We did the transiction via imapsync: we had /the old server/ and a /new server/, and we migrated all mailboxes with imapsync and master user feature. The first imapsync takes a lot of time, but the next ones are incremental, and take much less time. When we are ready (a night) , we stop we switch from old server to new server. Minimal downtine, and if everythings goes wrong, we can imapsync in the other way, from new- old instead old-new Our mail servers are virtualized in a vmware vsphere cluster. We have HA DRS, and all the info is stored in the iSCSI SAN. Ir our setup we only have a virtualized mail , but if the hw node fails the virtualized starts automatically in another ESX. Regards Javier How long did it take to convert from maildir to mdbox, how much downtime ? Do you have a clustered setup, or single node? I'm wondering how safe mdbox will be on a clusterfs (GPFS), as we've had a bit of trouble with the index-files when they're accessed from multiple nodes at the same time (but that was with v1.0.15 -- so we should maybe trust that such problems has since been fixed :-) -jf
[Dovecot] Permissions in shared folders
Hi, On my mail server I want to implement shared folders for each workgroup where there are many workgroups. One way would be to create a separate namespace for each workgroup. However, this does not scale well so I decided to use a single Shared mailbox and use ACLs: namespace public { separator = . prefix = Shared. location = maildir:/var/mail/shared:CONTROL=~/Maildir/shared } Each workgroup should get a subfolder in Shared. Until now, this works, I create .Group1, .Group2 and assign correct group permissions and ACL files. However, now a user from group1 wants to create a subfolder in his IMAP folder. Since the permissions for /var/mail/shared/.Group1 are correct (writeable to group1 and the user is member of group1 and 'k' ACL permissions are active) I would expect it to work. However, for obvious reasons, the *sub*folder is created as /var/mail/shared/.Group1.Subfolder so it is actually not a subfolder in sense of the filesystem but rather a folder inside /var/mail/shared However, the user does (and should) not have write permissions to /var/mail/shared (only to /var/mail/shared/.Group1). Is there a way to overcome this problem? Why can't dovecot just use /var/mail/shared/.Group1/.Subfolder? Is there an option to do so? It would make everything a lot easier. The one option is to make /var/mail/shared world-writeable - which is not really a good option. A second option might be to use ACLs and give each group write permissions to /var/mail/shared. However, not even this seems very clean to me. What is the best way to handle this? Best regards, Luke
[Dovecot] NoSQL Storage Backend
Hello, I found a posting on the mailing list from 2008 Adding new storage backend to Dovecot while searching for POP3 and IMAP servers, that allow to use a NoSQL backend rather than a traditional file system. The problem with traditional filesystems is, that they are very limited. You cannot easily extend it, even with RAID 10 all messages may be lost due to a RAID controller failure and just-in-time backups of a heavy loaded system with consistently changing messages folders are virtually impossible. Modern object stores like Scality, CouchDB or MongoDB can be very handy, as they easily allow to keep an arbitrary amount of copies of each message on different servers, you can simply add a storage node and new storage is immediately available and mailboxes aren't bound to a certain server any longer, but messages are evenly distributed across all storage nodes, thus distributing load as well. Since the original posting was dated 2008 I was in good hope, that someone worked on that already, but at least in dovecot-2.0.9/src/lib-storage I couldn't find anything relating to NoSQL message stores. Isn't this option of big interest for every bigger mailbox provider? How hard would it be to develop? Would it be possible to get this developed on a paid basis by the dovecot core team? Kind regards Marten
[Dovecot] pop3 index virtual question
Hi @ll, Timo, on 2.0.9 i have a user reporting pop3 leaving mails on the server does not work as desired i have namespace default { # type = private separator = / prefix = list = yes # hidden = no subscriptions = yes } namespace virtual { # type = private prefix = virtual/ separator = / location = virtual:/etc/dovecot/virtual:LAYOUT=maildir++ #location = virtual:/etc/dovecot/virtual hidden = yes list = no subscriptions= no } namespace real { # type = private prefix = RealMails/ separator = / list = no hidden = yes } and pop3_uidl_format = %08Xu%08Xv before it was pop3_uidl_format = %g ( not sure what best ) # Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes # won't change those UIDLs. Currently this works only with Maildir. #pop3_save_uidl = no my guess is that location = virtual:/etc/dovecot/virtual:LAYOUT=maildir++ isnt enough should be location = virtual:/etc/dovecot/virtual:LAYOUT=maildir++:INDEX=~/ to store/use indexes in the local maildir which is physical under /usr/local/virtual/domain/user@domain any meanings to this -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria
Re: [Dovecot] pop3 index virtual question
Am 08.02.2011 13:31, schrieb Robert Schetterer: Hi @ll, Timo, on 2.0.9 i have a user reporting pop3 leaving mails on the server does not work as desired i have namespace default { # type = private separator = / prefix = list = yes # hidden = no subscriptions = yes } namespace virtual { # type = private prefix = virtual/ separator = / location = virtual:/etc/dovecot/virtual:LAYOUT=maildir++ #location = virtual:/etc/dovecot/virtual hidden = yes list = no subscriptions= no } namespace real { # type = private prefix = RealMails/ separator = / list = no hidden = yes } and pop3_uidl_format = %08Xu%08Xv before it was pop3_uidl_format = %g ( not sure what best ) # Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes # won't change those UIDLs. Currently this works only with Maildir. #pop3_save_uidl = no my guess is that location = virtual:/etc/dovecot/virtual:LAYOUT=maildir++ isnt enough should be location = virtual:/etc/dovecot/virtual:LAYOUT=maildir++:INDEX=~/ to store/use indexes in the local maildir which is physical under /usr/local/virtual/domain/user@domain any meanings to this hm seems pop3_uidl_format = %08Xu%08Xv location = virtual:/etc/dovecot/virtual:LAYOUT=maildir++:INDEX=~/virtual is a good setting but i have no feedback yet if the problem pop3 leaving mails on the server is solved with that -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria
Re: [Dovecot] sieve not working if i have override
I know that but I need to use the override option on selected domains, as I don't want all domains to have ACL access. So when I use override I need to specify all plugins I'm using because the override feature will not look at the $mail_plugin statement in dovecot.conf and ofcourse when I do this I get the error below. Is there another method I can use to allow only certain domains ACL access instead of the override. Not sure if Timo has any ideas. Thanks, Paul -Original Message- From: Stephan Bosch [mailto:step...@rename-it.nl] Sent: Tuesday, February 08, 2011 3:18 AM To: Paul A Cc: 'Dovecot Mailing List' Subject: Re: [Dovecot] sieve not working if i have override On 2/8/2011 12:33 AM, Paul A wrote: Hi, I have a few domain that I'm overriding the mail_plugins, see password query below, however when I use this password query everything is working expect sieve gives me an error. How can I get around this problem? [...] Feb 7 18:28:20 testip5 dovecot: managesieve: Error: dlopen(/usr/local/lib/dovecot/lib02_imap_acl_plugin.so) failed: /usr/local/lib/dovecot/lib02_imap_acl_plugin.so: undefined symbol: client_send_tagline [...] It also complains about imap_quota. You're trying to load the imap_quota and imap_acl plugins into ManagSieve, which makes no sense. So, your query should not return those plugins when the service (%Ls) is `sieve'. Regards, Stephan.
[Dovecot] ldap: LDAP attribute used multiple times. This is currently unsupported
Hi, I have a problem when migrating from dovecot 1.0 to dovecot 1.2 (Debian lenny to Debian squeeze). In my dovecot-ldap.conf I have: user_attrs = homeDirectory=home,uidNumber=uid,gidNumber=gid,uid=system_groups_user I use the last parameter for the groups which I need for shared folders. If I only use this, everything works. However, I also use LDAP as passdb with prefetch: pass_attrs = uid=user,userPassword=password,homeDirectory=userdb_home,uidNumber=userdb_uid,gidNumber=userdb_gid,uid=userdb_system_groups_user In this configuration I get the error in the subject line that uid is used multiple times. I know, but the message is somehow weird since it says it is *currently* unsupported. However, it seems to me that it is not supported any more. Is this true? Is there a reason for this? How can I fix this problem? Until now my shared folders do not works anymore because the group memberships are not assigned any more because of the missing system_groups_user parameter. Best regards, Luke
[Dovecot] Effect of separators (was: Re: Permissions in shared folders)
Dear list, A dumb question: What exactly is the effect of the separator? Is it also used to separate in the underlying file system? I.e. when I have the separator '/', the IMAP folder Sent/Jan is physically stored as /home/lukas/Maildir/.Send/Jan/cur ? If this is true this would greatly solve my problem described at the bottom. I have tried it myself, however, dovecot 1.2 does not allow to create a namespace with a separator different than my default namespace... If this works, is there a convenient migration procedure possible to migrate from . to /? The Wiki just mentions the other way (/ -- .). Best regards, Luke Am 08.02.2011 11:33, schrieb Lukas Haase: Hi, On my mail server I want to implement shared folders for each workgroup where there are many workgroups. One way would be to create a separate namespace for each workgroup. However, this does not scale well so I decided to use a single Shared mailbox and use ACLs: namespace public { separator = . prefix = Shared. location = maildir:/var/mail/shared:CONTROL=~/Maildir/shared } Each workgroup should get a subfolder in Shared. Until now, this works, I create .Group1, .Group2 and assign correct group permissions and ACL files. However, now a user from group1 wants to create a subfolder in his IMAP folder. Since the permissions for /var/mail/shared/.Group1 are correct (writeable to group1 and the user is member of group1 and 'k' ACL permissions are active) I would expect it to work. However, for obvious reasons, the *sub*folder is created as /var/mail/shared/.Group1.Subfolder so it is actually not a subfolder in sense of the filesystem but rather a folder inside /var/mail/shared However, the user does (and should) not have write permissions to /var/mail/shared (only to /var/mail/shared/.Group1). Is there a way to overcome this problem? Why can't dovecot just use /var/mail/shared/.Group1/.Subfolder? Is there an option to do so? It would make everything a lot easier. The one option is to make /var/mail/shared world-writeable - which is not really a good option. A second option might be to use ACLs and give each group write permissions to /var/mail/shared. However, not even this seems very clean to me. What is the best way to handle this? Best regards, Luke
Re: [Dovecot] Permissions in shared folders
On 02/08/2011 03:33 AM, Lukas Haase wrote: Hi, On my mail server I want to implement shared folders for each workgroup where there are many workgroups. I did something similar with my small set up. A shared location for each work group. I set things up a little differently though. Instead of a public namespace, I made a shared namespace. However, this entailed making a user for each work group which would share its folders with the appropriate group. Then I could set the ACLs to allow them to create folders, etc. and on the file system, they are stored in separate places. smime.p7s Description: S/MIME Cryptographic Signature
Re: [Dovecot] Great time savings backing a mdbox versus Maildir
On 8.2.2011, at 9.42, Javier Miguel Rodríguez wrote: I am writing to this mailing list to thanks Timo for dovecot 2 mdbox. We have almost 30.000 active users and our life was sad with Maildir backup: 24 hours for a full backup with bacula (zlib enabled maildirs, 1.4 TB). After switching to mdbox, the backup time is under 12 hours ! Instead of backing 17 millions files, with mdbox our backup is only of 1 million files, and that speeds up a lot the backup operation. Hmm. I guess if you were doing backups 24h/day, then you can't really say how much faster mdbox performs than maildir (outside backups)?
Re: [Dovecot] Effect of separators
On 02/08/2011 08:54 AM, Lukas Haase wrote: Dear list, A dumb question: What exactly is the effect of the separator? Is it also used to separate in the underlying file system? I.e. when I have the separator '/', the IMAP folder Sent/Jan is physically stored as As far as I understand, the separator is used in the context of IMAP only, and not the file system. So a client using IMAP will open Folder1/subfolder or Folder1.subfolder depending on the separator. Somebody can correct me if I'm wrong, but I don't believe it has an effect on the backend (besides disallowing the use of that character in a folder name).
Re: [Dovecot] NoSQL Storage Backend
On 8.2.2011, at 14.22, Marten Lehmann wrote: I found a posting on the mailing list from 2008 Adding new storage backend to Dovecot while searching for POP3 and IMAP servers, that allow to use a NoSQL backend rather than a traditional file system. I don't remember any mails about NoSQL backend from 2008, but at the end of 2009 it became something I started planning on doing. It's listed in http://wiki2.dovecot.org/Roadmap Isn't this option of big interest for every bigger mailbox provider? How hard would it be to develop? Would it be possible to get this developed on a paid basis by the dovecot core team? It should be pretty easy to develop if you don't care about performance, but since you likely do, it gets more difficult. The latencies for db lookups are higher than local reads, so it would be good to be able to do multiple lookups in parallel. I've recently started imapc backend, which has similar problems and I was planning on solving those problems with it, so it will be easier then for nosql backend. Also it would be good to design a storage backend for nosql that didn't require any kind of locking. One guy recently started looking into developing something for this, but I haven't heard from him for some weeks. I could ask if he's gotten anywhere.. As for me, I'm not entirely sure about my plans for this spring. There's another company wanting to pay me, but I don't know how much of my time they'll really need.
Re: [Dovecot] pop3 index virtual question
On 8.2.2011, at 15.49, Robert Schetterer wrote: pop3_uidl_format = %08Xu%08Xv location = virtual:/etc/dovecot/virtual:LAYOUT=maildir++:INDEX=~/virtual is a good setting but i have no feedback yet if the problem pop3 leaving mails on the server is solved with that Yes, the INDEX= path had to be put into a per-user directory it would work really badly. But still, I'd suggest using pop3_uidl_format=%f instead (or %g is the same thing). In virtual mailboxes the UIDs are a bit more likely to accidentally change, while %f/%g is based on the backend maildir filename which will never change even if you delete the virtual index files.
Re: [Dovecot] sieve not working if i have override
Add some more trickyness to your SQL query using another IF(). If '%s' expands to 'imap', return the imap_* plugins, otherwise don't. On 8.2.2011, at 16.42, Paul A wrote: I know that but I need to use the override option on selected domains, as I don't want all domains to have ACL access. So when I use override I need to specify all plugins I'm using because the override feature will not look at the $mail_plugin statement in dovecot.conf and ofcourse when I do this I get the error below. Is there another method I can use to allow only certain domains ACL access instead of the override. Not sure if Timo has any ideas. Thanks, Paul -Original Message- From: Stephan Bosch [mailto:step...@rename-it.nl] Sent: Tuesday, February 08, 2011 3:18 AM To: Paul A Cc: 'Dovecot Mailing List' Subject: Re: [Dovecot] sieve not working if i have override On 2/8/2011 12:33 AM, Paul A wrote: Hi, I have a few domain that I'm overriding the mail_plugins, see password query below, however when I use this password query everything is working expect sieve gives me an error. How can I get around this problem? [...] Feb 7 18:28:20 testip5 dovecot: managesieve: Error: dlopen(/usr/local/lib/dovecot/lib02_imap_acl_plugin.so) failed: /usr/local/lib/dovecot/lib02_imap_acl_plugin.so: undefined symbol: client_send_tagline [...] It also complains about imap_quota. You're trying to load the imap_quota and imap_acl plugins into ManagSieve, which makes no sense. So, your query should not return those plugins when the service (%Ls) is `sieve'. Regards, Stephan.
Re: [Dovecot] ldap: LDAP attribute used multiple times. This is currently unsupported
On 8.2.2011, at 17.23, Lukas Haase wrote: pass_attrs = uid=user,userPassword=password,homeDirectory=userdb_home,uidNumber=userdb_uid,gidNumber=userdb_gid,uid=userdb_system_groups_user In this configuration I get the error in the subject line that uid is used multiple times. I know, but the message is somehow weird since it says it is *currently* unsupported. However, it seems to me that it is not supported any more. Is this true? Is there a reason for this? I'm pretty sure it never worked. I think in v1.0 it simply ignored the first uid=user. So you could probably just remove that.
Re: [Dovecot] Permissions in shared folders
On 8.2.2011, at 12.33, Lukas Haase wrote: namespace public { separator = . prefix = Shared. location = maildir:/var/mail/shared:CONTROL=~/Maildir/shared location = maildir:/var/mail/shared:INDEX=~/Maildir/shared } Each workgroup should get a subfolder in Shared. Until now, this works, I create .Group1, .Group2 and assign correct group permissions and ACL files. However, now a user from group1 wants to create a subfolder in his IMAP folder. Since the permissions for /var/mail/shared/.Group1 are correct (writeable to group1 and the user is member of group1 and 'k' ACL permissions are active) I would expect it to work. However, for obvious reasons, the *sub*folder is created as /var/mail/shared/.Group1.Subfolder so it is actually not a subfolder in sense of the filesystem but rather a folder inside /var/mail/shared Yep. However, the user does (and should) not have write permissions to /var/mail/shared (only to /var/mail/shared/.Group1). Is there a way to overcome this problem? Why can't dovecot just use /var/mail/shared/.Group1/.Subfolder? Is there an option to do so? It would make everything a lot easier. location = maildir:/var/mail/shared:INDEX=~/Maildir/shared:LAYOUT=fs
Re: [Dovecot] NoSQL Storage Backend
Am 08.02.2011 13:22, schrieb Marten Lehmann: Hello, I found a posting on the mailing list from 2008 Adding new storage backend to Dovecot while searching for POP3 and IMAP servers, that allow to use a NoSQL backend rather than a traditional file system. There has been a recent mail from Timo regarding the future development plans for 2.1 where he mentioned a key/value storage backend. http://dovecot.markmail.org/message/juecu7wm2nwkluji?q=plans+2.1 Isn't this option of big interest for every bigger mailbox provider? How hard would it be to develop? Would it be possible to get this developed on a paid basis by the dovecot core team? I am also very interested on seeing this implemented, maybe also on a paid basis I think the core team is Timo :-) Regards, Oliver
Re: [Dovecot] Auto rebuild indexes?
I have another easy question for you, Timo: When cache files were deleted because some corruption, is there a way to regenerate all cache files in all accounts? I'm talking about 300GB of mails distributed in 40 accounts using Maildir; when all users tried to access their mailboxes with their MUA at the same time, dovecot produced a high load average in the server making it unusable, so would be useful a function that instructs dovecot to check all cache files and regenerate the missing or corrupted ones while no user is accesing its mailbox. Is that possible?
Re: [Dovecot] Auto rebuild indexes?
On 8.2.2011, at 8.25, Emilio wrote: When cache files were deleted because some corruption, is there a way to regenerate all cache files in all accounts? It depends on if you know what fields the clients want. Different clients want different fields. But if you do know them, and you have v2.0, you can do something like: doveadm fetch -A 'size.virtual imap.envelope imap.bodystructure hdr.references' all
Re: [Dovecot] Permissions in shared folders
On 02/08/2011 10:39 AM, Timo Sirainen wrote: On 8.2.2011, at 12.33, Lukas Haase wrote: Is there a way to overcome this problem? Why can't dovecot just use /var/mail/shared/.Group1/.Subfolder? Is there an option to do so? It would make everything a lot easier. location = maildir:/var/mail/shared:INDEX=~/Maildir/shared:LAYOUT=fs Ah, didn't know about LAYOUT. That's good to know.
Re: [Dovecot] NoSQL Storage Backend
On Tue, Feb 8, 2011 at 1:22 PM, Marten Lehmann lehm...@cnm.de wrote: Modern object stores like Scality, CouchDB or MongoDB can be very handy, as they easily allow to keep an arbitrary amount of copies of each message on different servers, you can simply add a storage node and new storage is immediately available and mailboxes aren't bound to a certain server any longer, but messages are evenly distributed across all storage nodes, thus distributing load as well. The Scality webpages mentions they´ve developed storage connector for dovecot: http://www.scality.com/storage-solutions/ whatever that means.. -jf
Re: [Dovecot] NoSQL Storage Backend
On 2011-02-08 1:21 PM, Jan-Frode Myklebust wrote: The Scality webpages mentions they´ve developed storage connector for dovecot: http://www.scality.com/storage-solutions/ whatever that means.. Not so great - they're linking to dovecot.COM instead of dovecot.ORG... -- Best regards, Charles
[Dovecot] multiple domains
Anybody can help me with this issue. It's the right place to submit thios question, please help me. Actually we have configured a server (postfix,dovecot,mysql) with multiple domains, but the problem resides in that we don't want to login via POP3 using user@domain just using user, because we'll migrate our actual platform (Qmail) to dovecot. Our users are logging to their mail boxes, using only user name. We want to ask if that's posible to use a function like a vipmap in qmail, that allow to map an IP address to a domain. We're using the dovecot 1.0.7, the configuration shows as follows: login_dir: /var/run/dovecot/login login_executable(default): /usr/libexec/dovecot/imap-login login_executable(imap): /usr/libexec/dovecot/imap-login login_executable(pop3): /usr/libexec/dovecot/pop3-login first_valid_uid: 100 mail_location: maildir:~/Maildir/ mail_executable(default): /usr/libexec/dovecot/imap mail_executable(imap): /usr/libexec/dovecot/imap mail_executable(pop3): /usr/libexec/dovecot/pop3 mail_plugin_dir(default): /usr/lib64/dovecot/imap mail_plugin_dir(imap): /usr/lib64/dovecot/imap mail_plugin_dir(pop3): /usr/lib64/dovecot/pop3 imap_client_workarounds(default): delay-newmail outlook-idle netscape-eoh imap_client_workarounds(imap): delay-newmail outlook-idle netscape-eoh imap_client_workarounds(pop3): outlook-idle pop3_client_workarounds(default): pop3_client_workarounds(imap): pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh auth default: username_format: %Lu passdb: driver: sql args: /etc/dovecot-mysql.conf userdb: driver: static args: uid=101 gid=102 home=/home/vmail/%d/%n We'll apreciate your response, 'cause we coulnd't find information about this issuet and we didn't to find any clue that shows how can realize it. Thank you in advance. Sergio Moscoso
[Dovecot] How to recover a mail box from an assertion failure
I'm running Dovecot version 1.2.11 and getting this assertion error on a user's mail: Panic: file /home/durket/dovecot-1.2.11/src/lib-index/mail-transaction-log-view.c: line 290 (mail_transaction_log_view_set): assertion failed: (min_file_seq != max_file_seq || max_file_seq != view-head-hdr.file_seq || max_file_offset != (uoff_t)-1 || min_file_offset = view-head-sync_offset) I realize that there are newer releases of Dovecot (that even may fix this bug) but what I need to know is if there's anything I can do (like having Dovecot recreate indexes or whatnot) that will recover the user's mail (short of having to reconstruct it from backups).
[Dovecot] problem configuring deliver in LDAP environment.
hello I am using dovecot-1.2.15 in debian squeeze (packaged) and i have some difficulties migrating from an older installation tha is working perfectly. i have a transport defined in postfix to call deliver as follows: dovecotlda unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -s -e -f ${sender} -d ${recipient} with the auth-socket in dovecot.conf all ok and this in ldap-userdb.conf: user_attrs = vdHome=chroot,mailbox=mail=maildir:%$,quota=quota_rule=*:bytes=%$,otherPath=sieve you see, i have the base directory for the chroot for the entire mail system in ldap:vdHome as /home/vmail/domains and the actual location of the mailbox in maildir format in ldap:mailbox so i can have the actual complete path as /(vdHome)/(mailbox) This is running smoolthly, BUT the chroot environment with all the library dependencies is REALLY REALLY limiting because the huge number of files from the system i must put on the mail storeage (which is networked and used by more systems so i cannot put libraries and binaries there) What i am trying to do is leaving all the dovecot services running in chroot mode (as they do) but let deliver running in NORMAL (non-chroot mode) so i need to remove the chroot variable in userattr reply, and parametrize the mail location with the two ldap values. i am conscious that i can set up this as user_attrs = mailbox=mail=maildir:/home/vmail/domains/%$,quota=quota_rule=*:bytes=%$,otherPath=sieve but I WANT TO KEEP THE BASE DIR PARAMETRIZED to leave me the possibility to set the base dir in LDAP to goup the accounts on different mail storage system. So you know a method to substitute TWO ldap values in the mail parameter definition? Thank you Andrea
Re: [Dovecot] How to recover a mail box from an assertion failure
On 8.2.2011, at 21.14, Michael Durket wrote: Panic: file /home/durket/dovecot-1.2.11/src/lib-index/mail-transaction-log-view.c: line 290 (mail_transaction_log_view_set): assertion failed: (min_file_seq != max_file_seq || max_file_seq != view-head-hdr.file_seq || max_file_offset != (uoff_t)-1 || min_file_offset = view-head-sync_offset) So it crashes in index file reading code. I realize that there are newer releases of Dovecot (that even may fix this bug) but what I need to know is if there's anything I can do (like having Dovecot recreate indexes or whatnot) that will recover the user's mail (short of having to reconstruct it from backups). You can just delete dovecot.index* files from the user's mailboxes.
[Dovecot] converting from maildir to mdbox ?
I´m considering moving from maildir to mdbox, but don´t quite see how I should do the conversion with minimal downtime. Our userdb is ldap, and the we use this setting to point to the users maildirectory: user_attrs = mailMessageStore=mail=maildir:%$:INDEX=/indexes/%1u/%1.1u/%u,mailQuota=quota_rule=*:storage=%$ i.e. every user has a mailMessageStore attribute in LDAP that points to his INBOX. Any ideas for how we can migrate user by user to mdbox? Can we add a mailboxFormat attribute to LDAP, and somehow get that used in the user_attrs lookup ? Ideally have it default to maildir if not set, so that the current setup isn´t changed and only migrated users are affected. Or should we be keeping the mailboxFormat as a prefix in all mailMessageStore strings ? -jf
Re: [Dovecot] converting from maildir to mdbox ?
On Tue, 2011-02-08 at 20:32 +0100, Jan-Frode Myklebust wrote: user_attrs = mailMessageStore=mail=maildir:%$:INDEX=/indexes/%1u/%1.1u/%u,mailQuota=quota_rule=*:storage=%$ i.e. every user has a mailMessageStore attribute in LDAP that points to his INBOX. Any ideas for how we can migrate user by user to mdbox? Can we add a mailboxFormat attribute to LDAP, and somehow get that used in the user_attrs lookup ? Ideally have it default to maildir if not set, so that the current setup isn´t changed and only migrated users are affected. Or should we be keeping the mailboxFormat as a prefix in all mailMessageStore strings ? Change user_attrs to: user_attrs = mailMessageStore=home, mailLocation=mail, mailQuota=..etc.. And in dovecot.conf set: mail_location = maildir:~/:INDEX=/indexes/%1u/%1.1u/%u Then add a temporary mailLocation field, which for converted users contains: mdbox:~/mdbox:INDEX=/indexes/%1u/%1.1u/%u/mdbox Finally once everyone has been converted, get rid of the mailLocation field and instead just set: mail_location = mdbox:~/mdbox:INDEX=/indexes/%1u/%1.1u/%u/mdbox As a bonus you then no longer have home=mail directory, which isn't very good anyway, and possibly might make your mailbox migration slightly more difficult than it needs to be.
Re: [Dovecot] pop3 index virtual question
Am 08.02.2011 18:30, schrieb Timo Sirainen: On 8.2.2011, at 15.49, Robert Schetterer wrote: pop3_uidl_format = %08Xu%08Xv location = virtual:/etc/dovecot/virtual:LAYOUT=maildir++:INDEX=~/virtual is a good setting but i have no feedback yet if the problem pop3 leaving mails on the server is solved with that Yes, the INDEX= path had to be put into a per-user directory ok, then INDEX=~/virtual is ok ? this result in Debug: maildir++: root=/etc/dovecot/virtual, index=/usr/local/virtual/domain.com/u...@domain.com//virtual, control=, inbox= at my setup the double slash might not hurt , but how setup to avoid it? it would work really badly ??? didnt understand this please explain . But still, I'd suggest using pop3_uidl_format=%f instead (or %g is the same thing). In virtual mailboxes the UIDs are a bit more likely to accidentally change, while %f/%g is based on the backend maildir filename which will never change even if you delete the virtual index files. ok i change back to pop3_uidl_format = %g Debug: maildir++: root=/etc/dovecot/virtual, index=/usr/local/virtual/domain.com/u...@domain.com//virtual, control=, inbox= -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria
Re: [Dovecot] sieve not working if i have override
Thank you Timo I got that to work, it's posted below in case some searches the mailing list for something similar. password_query = SELECT username as user, password, \ if('%d' IN ('virttest1.xxx.net', 'test2000.com') AND '%s'='imap', \ 'quota imap_quota trash expire autocreate acl imap_acl',null) as userdb_mail_plugins, \ 101 as userdb_uid, 502 as userdb_gid, CONCAT('*:bytes=', CAST(quota AS CHAR)) AS quota_rule FROM mailbox WHERE username = '%u' Tested and working. paul -Original Message- From: dovecot-bounces+razor=meganet@dovecot.org [mailto:dovecot-bounces+razor=meganet@dovecot.org] On Behalf Of Timo Sirainen Sent: Tuesday, February 08, 2011 12:34 PM To: Paul A Cc: Dovecot Mailing List Subject: Re: [Dovecot] sieve not working if i have override Add some more trickyness to your SQL query using another IF(). If '%s' expands to 'imap', return the imap_* plugins, otherwise don't. On 8.2.2011, at 16.42, Paul A wrote: I know that but I need to use the override option on selected domains, as I don't want all domains to have ACL access. So when I use override I need to specify all plugins I'm using because the override feature will not look at the $mail_plugin statement in dovecot.conf and ofcourse when I do this I get the error below. Is there another method I can use to allow only certain domains ACL access instead of the override. Not sure if Timo has any ideas. Thanks, Paul -Original Message- From: Stephan Bosch [mailto:step...@rename-it.nl] Sent: Tuesday, February 08, 2011 3:18 AM To: Paul A Cc: 'Dovecot Mailing List' Subject: Re: [Dovecot] sieve not working if i have override On 2/8/2011 12:33 AM, Paul A wrote: Hi, I have a few domain that I'm overriding the mail_plugins, see password query below, however when I use this password query everything is working expect sieve gives me an error. How can I get around this problem? [...] Feb 7 18:28:20 testip5 dovecot: managesieve: Error: dlopen(/usr/local/lib/dovecot/lib02_imap_acl_plugin.so) failed: /usr/local/lib/dovecot/lib02_imap_acl_plugin.so: undefined symbol: client_send_tagline [...] It also complains about imap_quota. You're trying to load the imap_quota and imap_acl plugins into ManagSieve, which makes no sense. So, your query should not return those plugins when the service (%Ls) is `sieve'. Regards, Stephan.
Re: [Dovecot] sieve not working if i have override
If you add another table with domain and protocol keys you could more easily manage plugins for domain,protocols pairs. SELECT t1.username as user,t1.password, \ group_concat(t2.plugin seperator ' ' ) as userdb_mail_plugins, \ 101 as userdb_uid, 502 as userdb_gid, CONCAT('*:bytes=', CAST(t1.quota AS CHAR)) AS quota_rule from mailbox t1 left outer join mailbox_plugins t2 on t2.domain = '%d' and t2.protocol = '%s' Could join on username as well, nice for testing. -- Brad On Feb 8, 2011, at 1:09 PM, Paul A wrote: Thank you Timo I got that to work, it's posted below in case some searches the mailing list for something similar. password_query = SELECT username as user, password, \ if('%d' IN ('virttest1.xxx.net', 'test2000.com') AND '%s'='imap', \ 'quota imap_quota trash expire autocreate acl imap_acl',null) as userdb_mail_plugins, \ 101 as userdb_uid, 502 as userdb_gid, CONCAT('*:bytes=', CAST(quota AS CHAR)) AS quota_rule FROM mailbox WHERE username = '%u' Tested and working. paul -Original Message- From: dovecot-bounces+razor=meganet@dovecot.org [mailto:dovecot-bounces+razor=meganet@dovecot.org] On Behalf Of Timo Sirainen Sent: Tuesday, February 08, 2011 12:34 PM To: Paul A Cc: Dovecot Mailing List Subject: Re: [Dovecot] sieve not working if i have override Add some more trickyness to your SQL query using another IF(). If '%s' expands to 'imap', return the imap_* plugins, otherwise don't. On 8.2.2011, at 16.42, Paul A wrote: I know that but I need to use the override option on selected domains, as I don't want all domains to have ACL access. So when I use override I need to specify all plugins I'm using because the override feature will not look at the $mail_plugin statement in dovecot.conf and ofcourse when I do this I get the error below. Is there another method I can use to allow only certain domains ACL access instead of the override. Not sure if Timo has any ideas. Thanks, Paul -Original Message- From: Stephan Bosch [mailto:step...@rename-it.nl] Sent: Tuesday, February 08, 2011 3:18 AM To: Paul A Cc: 'Dovecot Mailing List' Subject: Re: [Dovecot] sieve not working if i have override On 2/8/2011 12:33 AM, Paul A wrote: Hi, I have a few domain that I'm overriding the mail_plugins, see password query below, however when I use this password query everything is working expect sieve gives me an error. How can I get around this problem? [...] Feb 7 18:28:20 testip5 dovecot: managesieve: Error: dlopen(/usr/local/lib/dovecot/lib02_imap_acl_plugin.so) failed: /usr/local/lib/dovecot/lib02_imap_acl_plugin.so: undefined symbol: client_send_tagline [...] It also complains about imap_quota. You're trying to load the imap_quota and imap_acl plugins into ManagSieve, which makes no sense. So, your query should not return those plugins when the service (%Ls) is `sieve'. Regards, Stephan.
Re: [Dovecot] ldap: LDAP attribute used multiple times. This is currently unsupported
Dear Timo, Thank you for your advice! Am 08.02.2011 18:35, schrieb Timo Sirainen: On 8.2.2011, at 17.23, Lukas Haase wrote: [...] I know, but the message is somehow weird since it says it is *currently* unsupported. However, it seems to me that it is not supported any more. Is this true? Is there a reason for this? I'm pretty sure it never worked. I think in v1.0 it simply ignored the first uid=user. So you could probably just remove that. Unfortunately not. I am really sure it worked in v1.0. For example: # id luke uid=1000(luke) gid=100(users) groups=51683(family),25783(ssh_users),63315(projects),19580(multimedia),1019(data),51684(friends),100(users) So luke's *primary* group is users but he is also member of the other groups (like family). An IMAP folder in my shared namespace has permissions as follows: # ls -la /var/mail/shared [...] drwxrwx--- 5 root family 4096 Feb 8 22:53 .Family [...] So the folder Family in the shared namespace is *not* accessible in the *default* configuration since the directory is not accessible by the group users but only by the group family. And in the default configuration the groups are ignored by dovecot (except the primary group). In Debian Lenny (dovecot 1.xx) I set uid=system_user in the user_attrs setting of my ldap config. According to the Wiki, this should read out the primary groups of the user contained in the LDAP field uid. And this worked: I could access the folder. Now I upgraded to Debian sequeeze (dovecot 1.2) and I get the mentioned error message. So I am somehow sure that it actually worked and was not just ignored. Nevertheless, is there a way to overcome this issue? Can dovecot just read out the group membership from the user field of pass_attrs? Another obvious solution would be to define a manual scheme with a manual attribute uid_dovecot and copy the value of uid. But this seems to me like a using a sledgehammer method since it provides unnecessary redundancy in the LDAP tree (where the increased complexity might cause problems and inconsistencies) and requires defined a manual LDAP scheme. Any solution would be greatly appreciated! Best regads, Luke
Re: [Dovecot] Effect of separators
Am 08.02.2011 18:14, schrieb Willie Gillespie: On 02/08/2011 08:54 AM, Lukas Haase wrote: Dear list, A dumb question: What exactly is the effect of the separator? Is it also used to separate in the underlying file system? I.e. when I have the separator '/', the IMAP folder Sent/Jan is physically stored as As far as I understand, the separator is used in the context of IMAP only, and not the file system. Dear Willie, So if I understand correctly, if I set '/' as separator, the Maildir layout will still be .Folder1.subfolder ? Thank you for this hint, I think this is clear now. [...] Somebody can correct me if I'm wrong, but I don't believe it has an effect on the backend (besides disallowing the use of that character in a folder name). Thank you for your reply! Regards, Luke
Re: [Dovecot] Permissions in shared folders
Dear Timo, Thank you for your advice! Am 08.02.2011 18:39, schrieb Timo Sirainen: On 8.2.2011, at 12.33, Lukas Haase wrote: namespace public { separator = . prefix = Shared. location = maildir:/var/mail/shared:CONTROL=~/Maildir/shared location = maildir:/var/mail/shared:INDEX=~/Maildir/shared Why? According to the Wiki, CONTROL is used for example for the subscriptions (I can not use subscriptions=no because my private namespace is INDEX. and not empty) and therefore I use it. Furthermore, according to the Wiki, INDEX can be omitted if all users have write permissions because this way the index file is shared among all users. However, I can also set CONTROL *and* INDEX. I think there is nothing wrong about it, isn't it? [...] location = maildir:/var/mail/shared:INDEX=~/Maildir/shared:LAYOUT=fs Wooow, great! Thank you very much! I found very few documentation (although it is mentioned in the Wiki) on it so I think that is the reason why I did not know it. Thank you very much! Regards, Luke
Re: [Dovecot] Great time savings backing a mdbox versus Maildir
Hello Hmm. I guess if you were doing backups 24h/day, then you can't really say how much faster mdbox performs than maildir (outside backups)? No, 24 hours is for a FULL backup in the weekend. An incremental backup is only 2-3 hours in the night every day. About performance... I can not give you real numbers of Maildir vs mdbox. In Maildir our indexes were stored in a ram disk, but we can not do that with mdbox (we can not recreate them if power is lost). Regards Javier
Re: [Dovecot] Great time savings backing a mdbox versus Maildir
On 9.2.2011, at 0.28, Javier de Miguel Rodríguez wrote: Hello Hmm. I guess if you were doing backups 24h/day, then you can't really say how much faster mdbox performs than maildir (outside backups)? No, 24 hours is for a FULL backup in the weekend. An incremental backup is only 2-3 hours in the night every day. About performance... I can not give you real numbers of Maildir vs mdbox. In Maildir our indexes were stored in a ram disk, but we can not do that with mdbox (we can not recreate them if power is lost). So with mdbox disk I/O usage increased compared to maildir+ramdisk indexes?
Re: [Dovecot] Permissions in shared folders
On 9.2.2011, at 0.20, Lukas Haase wrote: namespace public { separator = . prefix = Shared. location = maildir:/var/mail/shared:CONTROL=~/Maildir/shared location = maildir:/var/mail/shared:INDEX=~/Maildir/shared Why? According to the Wiki, CONTROL is used for example for the subscriptions (I can not use subscriptions=no because my private namespace is INDEX. and not empty) and therefore I use it. You can create a prefix= namespace with list=no hidden=yes where the subscriptions will be saved. Furthermore, according to the Wiki, INDEX can be omitted if all users have write permissions because this way the index file is shared among all users. You can't share index files without sharing control files, otherwise they'll be out of sync (IMAP UID - maildir filename mapping is only in dovecot-uidlist control file). However, I can also set CONTROL *and* INDEX. I think there is nothing wrong about it, isn't it? Yes, but then if any keywords (= custom flags = labels = ..) are used, they're not shared between users. Other users instead will see keywords like Unknown-1.
Re: [Dovecot] ldap: LDAP attribute used multiple times. This is currently unsupported
On 9.2.2011, at 0.12, Lukas Haase wrote: I'm pretty sure it never worked. I think in v1.0 it simply ignored the first uid=user. So you could probably just remove that. Unfortunately not. I am really sure it worked in v1.0. For example: I mean in v1.0 it set system_groups_user=uid, but it didn't set user=uid. I doubt you need the user=uid, since they're probably same to begin with (you didn't show pass_filter so I don't know how you look up the user). So just remove the uid=user from pass_attrs and it'll probably work fine.
Re: [Dovecot] multiple domains
On Tue, 2011-02-08 at 15:12 -0400, Sergio Moscoso wrote: Anybody can help me with this issue. It's the right place to submit thios question, please help me. Actually we have configured a server (postfix,dovecot,mysql) with multiple domains, but the problem resides in that we don't want to login via POP3 using user@domain just using user, because we'll migrate our actual platform (Qmail) to dovecot. Our users are logging to their mail boxes, using only user name. We want to ask if that's posible to use a function like a vipmap in qmail, that allow to map an IP address to a domain. We're using the dovecot 1.0.7, the configuration shows as follows: login_dir: /var/run/dovecot/login login_executable(default): /usr/libexec/dovecot/imap-login login_executable(imap): /usr/libexec/dovecot/imap-login login_executable(pop3): /usr/libexec/dovecot/pop3-login first_valid_uid: 100 mail_location: maildir:~/Maildir/ mail_executable(default): /usr/libexec/dovecot/imap mail_executable(imap): /usr/libexec/dovecot/imap mail_executable(pop3): /usr/libexec/dovecot/pop3 mail_plugin_dir(default): /usr/lib64/dovecot/imap mail_plugin_dir(imap): /usr/lib64/dovecot/imap mail_plugin_dir(pop3): /usr/lib64/dovecot/pop3 imap_client_workarounds(default): delay-newmail outlook-idle netscape-eoh imap_client_workarounds(imap): delay-newmail outlook-idle netscape-eoh imap_client_workarounds(pop3): outlook-idle pop3_client_workarounds(default): pop3_client_workarounds(imap): pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh auth default: username_format: %Lu passdb: driver: sql args: /etc/dovecot-mysql.conf userdb: driver: static args: uid=101 gid=102 home=/home/vmail/%d/%n We'll apreciate your response, 'cause we coulnd't find information about this issuet and we didn't to find any clue that shows how can realize it. Thank you in advance. Sergio Moscoso Have you tried 'auth_username_format = %n'?
[Dovecot] IMAP subfolders and MDBOX
Hello We actually use MBOX format on our mailhub but this does not permit to create IMAP subfolders. Many users are asking me fot this feature and I agree with them of course. My problem is to choose the format that will permit imap subfolders creation. Maildir is not my favorite format and I wonder about MDBOX. Does it permit imap subfolders creation ? It is possible to convert from MBOX to MDBOX in one shot ? Is it stable / mature enoug for a production server ( 4000 users ) ? Thank you
Re: [Dovecot] Great time savings backing a mdbox versus Maildir
So with mdbox disk I/O usage increased compared to maildir+ramdisk indexes? That is a tricky question to ask. It depends on usage, I think the following: - LDA delivery: load is a bit lower (on disk) in Maildir vs mdbox: in both cases the message has to be written, indexes are updated, in Maildir indexes are in ram, so lower disk load in this case - POP3 access: the same as the previous post - IMAP access: this is tricky. In mdbox a /delete message/ command only lowers the refcount, indexes are updated and in the night a cron job runs doveadm purge. In Maildir, you really delete the message when MUA/webmail /compacts/ the folder, and indexes are updated. I think that mdbox has a /delayed IO /in this case, and has less load on disk on production hours. Am I missing anything? The stats in the SAN after the change maildir-mdbox do not help, we have zlib enabled in lda imap with mdbox, so our # of real IOPs is lower than Maildir (we did not have zlib enabled) Regards Javier
Re: [Dovecot] Great time savings backing a mdbox versus Maildir
On 9.2.2011, at 9.21, Javier Miguel Rodríguez wrote: That is a tricky question to ask. It depends on usage, I think the following: - LDA delivery: load is a bit lower (on disk) in Maildir vs mdbox: in both cases the message has to be written, indexes are updated, in Maildir indexes are in ram, so lower disk load in this case - POP3 access: the same as the previous post - IMAP access: this is tricky. In mdbox a /delete message/ command only lowers the refcount, indexes are updated and in the night a cron job runs doveadm purge. In Maildir, you really delete the message when MUA/webmail /compacts/ the folder, and indexes are updated. I think that mdbox has a /delayed IO /in this case, and has less load on disk on production hours. Am I missing anything? Yes, in theory those are right. I'm interested in finding out some real numbers :) The stats in the SAN after the change maildir-mdbox do not help, we have zlib enabled in lda imap with mdbox, so our # of real IOPs is lower than Maildir (we did not have zlib enabled) I wonder how large a write can be before it is split to two iops.. With NFS probably smaller I'd guess. Still, I would have thought that even if zlib writes only half as much, the disk iops difference wouldn't be nearly as much.
Re: [Dovecot] Great time savings backing a mdbox versus Maildir
The stats in the SAN after the change maildir-mdbox do not help, we have zlib enabled in lda imap with mdbox, so our # of real IOPs is lower than Maildir (we did not have zlib enabled) I wonder how large a write can be before it is split to two iops.. With NFS probably smaller I'd guess. Still, I would have thought that even if zlib writes only half as much, the disk iops difference wouldn't be nearly as much. Without zlib our mailstore was 2.1 TB. With zlib enabled is 1.4 TB. We use a iSCSI SAN with ext4. I am writing a document with some benchmarking of dovecot (postal rabid software) with some graphs about # of iops, cpu load, and so... I am still writing it if you are interested I can post a link to the document in the list. Regards Javier
[Dovecot] critical feature from version 1 not migrated to version 2 = authentication configuration database per IP
not possible make operation with dovecot version 2.x as was possible in version 1.x: requisites description: connect to dovecot service on IP1 - dovecot must serve users that related to domain1 located in database1 connect to dovecot service on IP2 - dovecot must serve users that related to domain2 located in database2 login must be with username that form not as user@domain but simple user databases may contain identical username, but they have different passwords existing version 1 config file, that allow such configuration: /etc/dovecot.conf BEGIN server mail.domain1.tld { protocols = imaps pop3s pop3 ssl_cert_file = /etc/pki/cert1.pem ssl_key_file = /etc/pki/cert1.key listen = 123.123.123.1 ssl_listen = 123.123.123.1 default_mail_env = mbox:/tmp:INBOX=/var/mail/domain1.tld/%n:INDEX=MEMORY pop3_uidl_format = %08Xu%08Xv auth default { mechanisms = plain passdb ldap { args= /etc/dovecot-ldap.conf.domain1.tld1 } userdb ldap { args= /etc/dovecot-ldap.conf.domain1.tld1 } } login_process_per_connection = yes login_max_processes_count = 4 login_processes_count = 1 } server mail.domain2.tld { protocols = imaps pop3s pop3 ssl_cert_file = /etc/pki/cert2.pem ssl_key_file = /etc/pki/cert2.key listen = 123.123.123.2 ssl_listen = 123.123.123.2 default_mail_env = mbox:/tmp:INBOX=/var/mail/domain2.tld/%n:INDEX=MEMORY pop3_uidl_format = %08Xu%08Xv auth default { mechanisms = plain passdb ldap { args= /etc/dovecot-ldap.conf.domain2.tld2 } userdb ldap { args= /etc/dovecot-ldap.conf.domain2.tld2 } } login_process_per_connection = yes login_max_processes_count = 4 login_processes_count = 1 } /etc/dovecot.conf END /etc/dovecot-ldap.conf.domain1.tld and /etc/dovecot-ldap.conf.domain2.tld refers to different ldap databases
Re: [Dovecot] critical feature from version 1 not migrated to version 2 = authentication configuration database per IP
On 9.2.2011, at 9.37, da...@apollo.lv wrote: existing version 1 config file, that allow such configuration: /etc/dovecot.conf BEGIN server mail.domain1.tld { I'm surprised that this server block really worked for you. I only remember having problems with it, and that's why its existence is well hidden. In v2.0 the idea is anyway that you could do: local mail.domain1.tld { .. } local mail.domain2.tld { .. } But this unfortunately doesn't currently work for auth settings. I'll get around to doing it at some point.. There is actually probably one horribly ugly way to make this already work, but it's so bad I don't really even want to suggest it (involving creating duplicate service blocks for different IPs and chrooting their processes to different dirs)..