[Dovecot] Dovecot and ManageSieve crash trace
Hi all, I am trying to deploy Dovecot with Sieve support and I choose the easy way: install ManageSieve. But I have a problem here, and I did not find how to deal with. I tested the communication to the server with the telnet command. Here the result: http://pastebin.com/dgvhEwxJ And I do not understand how to link IMAP authentification and Sieve authentification. I just want to allow creation of Sieve filters for any IMAP user (based on LDAP). Thanks for your answer. Best regards. Samuel Hassine
Re: [Dovecot] logging issues w/ login_max_processes_count on 1.x
On 4.3.2011, at 1.12, Douglas Mortensen wrote: > Today I found our dovecot 2.x gracefully logged: > dovecot: master: Warning: service(imap-login): process_limit reached, client > connections are being dropped > > Does anyone know whether there is a way to get dovecot 1.x to log this type > of error? As long as all of the connection slots aren't used for SSL connections, it should log: Disconnected: Connection queue full as some (not yet logged in) client's disconnection reason. It kills the oldest client away. This is actually what v2.0 also does in that situation, it just logs that extra warning. If all of the login processes are busy serving SSL sessions, v1.x logs: All login processes are in use. You may need to increase login_max_processes_count
[Dovecot] logging issues w/ login_max_processes_count on 1.x
Today I found our dovecot 2.x gracefully logged: dovecot: master: Warning: service(imap-login): process_limit reached, client connections are being dropped I am confident that we had the very same problem on our previous dovecot 1.x box. Of course with dovecot 1.x, the same relative setting is login_max_processes_count. I believe that I turned up all dovecot logging & debugging to the max (also checked with the 1.x wiki), but nothing was ever logged relating to this. Does anyone know whether there is a way to get dovecot 1.x to log this type of error? Thanks, - Doug Mortensen Network Consultant Impala Networks Inc CCNA, MCSA, Security+, A+ Linux+, Network+, Server+ . www.impalanetworks.com P: (505) 327-7300 F: (505) 327-7545
Re: [Dovecot] All mails unread after short while
On 3/3/2011 10:06 AM, francwal...@gmx.net wrote: But anyway, where can i find the place where the mails are set to read or unread? Pulling this out of memory, so someone can correct me if I'm wrong. You mentioned earlier that you were using the Maildir format. Look in the /cur part of the mail folder. The file will end with "2,(flags)" where (flags) are: Flag "P" (passed): the user has resent/forwarded/bounced this message to someone else. Flag "R" (replied): the user has replied to this message. Flag "S" (seen): the user has viewed this message, though perhaps he didn't read all the way through it. Flag "T" (trashed): the user has moved this message to the trash; the trash will be emptied by a later user action. Flag "D" (draft): the user considers this message a draft; toggled at user discretion. Flag "F" (flagged): user-defined flag; toggled at user discretion. Willie Copied some info from http://cr.yp.to/proto/maildir.html
Re: [Dovecot] Problem with sieve and namespace
Patrick Westenberg schrieb: Feb 26 00:39:25 endeavour dovecot: lmtp(6967, m...@jasbafliesen.de): Error: 1WYlBCE1aE03GwAA0CSSVw: sieve: msgid=<4d683da5.7030...@gmx.de>: failed to store into mailbox m...@jasbafliesen.de': Unknown namespace Feb 26 00:39:25 endeavour dovecot: lmtp(6967, m...@jasbafliesen.de): Error: 1WYlBCE1aE03GwAA0CSSVw: sieve: script /usr/local/etc/dovecot/sieve/default.sieve failed with unsuccessful implicit keep FYI: After upgrading to the latest versions these problems don´t occur anymore. Regards Patrick
Re: [Dovecot] process_min_avail being ignored?
Nevermind. My bad. Only now did I realize that my dovecot -n is totally missing anything regarding the "service imap-login", which I defined in /etc/dovecot/dovecot.conf as: service imap-login { service_count=1 process_min_avail = 200 process_limit = 1000 #vsz_limit = 64M } This brought to mind a recollection that building dovecot from source (& using the init.d startup script from the dovecot wiki) caused it to want to look to: /usr/local/var/run/dovecot/dovecot.conf for its config file. Meaning I edited the wrong file this morning. I just added the same configuration to the config file at /usr/local/var/run/dovecot/dovecot.conf, and it worked as expected (currently 237 imap-login sessions). It's time for me to create some sym links so that if I forget this in the future, it won't take me an hour of troubleshooting to remember. Thanks, - Doug Mortensen Network Consultant Impala Networks P: 505.327.7300
[Dovecot] /etc/pam.d/dovecot missing? during high load
This morning on our newly built server, the following was logged twice: auth: Error: pam(username,127.0.0.1): pam_authenticate() failed: Authentication failure (/etc/pam.d/dovecot missing?) This also happened to be during a time of 100+ imap-login processes, where we were seeing: master: Warning: service(imap-login): process_limit reached, client connections are being dropped The initial error was correct, in that I had not yet created /etc/pam.d/dovecot. I have since created the file. However, we brought this server into production yesterday & there were no complaints, nor was the error logged besides twice this morning within 3.5 minutes of eachother. In looking at pam documentation, it is my understanding that when a service (dovecot) does not have its own file existing under /etc/pam.d, then pam will instead use the settings from /etc/pam.d/others as defaults. This seems logical to me, and would explain why things have been working fairly well with no errors regarding pam (other than the 2 logged this morning). However, what this does not explain, is why dovecot auth logged about the file missing at all. I can only guess that it was related to logins being dropped due to high load, and was incorrectly logged?? For reference, my current /etc/pam.d/dovecot is: authrequiredpam_unix.so nullok account requiredpam_unix.so My current /etc/pam.d/other is: @include common-auth @include common-account @include common-password @include common-session Which results in (confirmed via : grep -v ^# common-auth common-account common-password common-session) auth[success=1 default=ignore] pam_unix.so nullok_secure authrequisite pam_deny.so authrequiredpam_permit.so account [success=1 new_authtok_reqd=done default=ignore]pam_unix.so account requisite pam_deny.so password[success=1 default=ignore] pam_unix.so obscure sha512 passwordrequisite pam_deny.so passwordrequiredpam_permit.so session [default=1] pam_permit.so session requisite pam_deny.so session requiredpam_permit.so session requiredpam_unix.so So there definitely is quite a difference between the dovecot pam file I created (based on the dovecot2 wiki), and the system default (other). I don't know whether this could have been related, so I figured I'd share. Otherwise, I'm running dovecot 2.0.9 compiled from source. dovecot -n at the time of the pam errors was probably: # 2.0.9: /usr/local/etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0 auth_debug = yes auth_mechanisms = plain login disable_plaintext_auth = no log_timestamp = "%Y-%m-%d %H:%M:%S " mail_debug = yes mail_location = maildir:~/ mail_privileged_group = mail passdb { driver = pam } protocols = imap pop3 service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } user = root } ssl_cert =
[Dovecot] TB, dovecot & trailing slash - again
Hi there, I have been browsing the mailing list archives in search of a solution to my problem, related to the quite infamous "trailing slash" issue with Thunderbird, but I don't seem to have found any closely related discussion. Please forgive me if this problem has already found a solution. Here I go; We use a lot of TB clients (2.x and 3.x), and we are using Dovecot 1.2.4 on our production server (mbox format). As told in many places, including this list, I added the option "tb-extra-mailbox-sep" in my dovecot.conf file. The checkbox regarding the mix of mailbox/submailbox and mailbox/messages is unchecked in the advanced options of our TB standard config. I snooped the connection with "ngrep" when creating a folder meant for containing subfolders. Here is the trace: 6 create "ABCDE/".. < 6 OK Create completed... 7 subscribe "ABCDE/".. < 7 OK Subscribe completed... 8 list "" "ABCDE/".. < * LIST (\Noselect \HasChildren) "/" "ABCDE/"..8 OK List completed... So far, so good. But when you have a look at the .subscriptions file, you can see that the ABCDE folder has no trailing slash: it has been stripped off, apparently due to an "enhancement" made in 2009: http://hg.dovecot.org/dovecot-1.2/rev/339be408f49a It may be intended, but the drawback is that TB then gets a bit confused, as it has no way, during a "LIST" operation, to distinguish between a "folder/subfolder" scheme and a "folder/message" scheme: consequently, you get an error message from TB whenever you click on the containing folder, stating that "the mailbox isn't selectable". The problem is not just cosmetic, though, as the subfolders of such folders are not synchronized when selected for offline reading. I made a test with another version of Dovecot, of the 1.1 branch, and it behaves a little bit differently: the trailing slash is kept in the .subscriptions file, and everything is ok. TB is able to make the distinction between both kinds of folders. For the moment, I simply erased the "tb-extra-mailbox-sep" from my config file, and this is what happens: > 306 create "ABCDE/".. < 306 OK Create completed... > 307 subscribe "ABCDE/".. < 307 NO Invalid mailbox name: ABCDE/.. > 308 list "" "ABCDE/".. < * LIST (\Noselect \HasChildren) "/" "ABCDE/"..308 OK List completed... In that case, the "subscribe" command fails, so the folder does not appear by itself in the .subscriptions file, but as it is not used (only "terminal" mailboxes, containing messages, which are files in the filesystem), this is not a problem. The directory is created on the disk, and you can then create subfolders without any problem... Sorry for this long message, I just wanted to explain precisely what happens. A last word: switching to maildir would be quite a hassle, as we use quite a lot of procmail-based tools. Rewriting everything using Sieve is not planned for the moment. Does anyone out there have a solution for this ? What am I doing wrong ? Is the "tb-extra-mailbox-sep" really necessary when using TB ? As far as I can tell, it rather got us into trouble here, than solved anything... Thanks for any info/pointer/else ! Best regards, Bruno -- - Service Hydrographique et Oceanographique de la Marine - DO/MGS/INF - 13, rue du Chatellier - CS 92803 - 29228 Brest Cedex 2, FRANCE - Phone: +33 2 98 22 17 49 - Email: bruno.tregu...@shom.fr
Re: [Dovecot] expire plugin and sieve
On Thu, 10 Feb 2011 02:07:38 +0200, Timo Sirainen wrote: However, the combination of sieve and expire does not seem to be working: When sieve moves messages into a folder, no entry is created in the database. Don't these plugins work together, or did I misconfigure something? If you didn't yet find out: lda: mail_plugins: expire mail_plugins: sieve The second mail_plugins setting overrides the first one. Use: mail_plugins = expire sieve Thanks, this works to the extent that dates are now written into the database when mails are moved by sieve filters. What doesn't work (and I spent the last weeks testing and googling, hence my late reply) is the deletion of expired mails. When an expiration date occurs, the database is updated, but nothing is deleted. I have implemented a test with a 1 day expiry. Dates get updated, nothing is deleted. Output of expire tool: Info: Loading modules from directory: /usr/lib/dovecot/modules/imap Info: Module loaded: /usr/lib/dovecot/modules/imap/lib20_expire_plugin.so Info: expire: pattern=INBOX.Trash type=expunge secs=604800 Info: expire: pattern=INBOX.Mailing-Lists.test type=expunge secs=86400 Info: expire: pattern=INBOX.Spam type=expunge secs=2592000 Info: auth input: uid=5000 Info: auth input: gid=5000 Info: auth input: home=/home/vmail/example.com/user1 Info: Namespace: type=private, prefix=INBOX., sep=., inbox=yes, hidden=no, list=yes, subscriptions=yes Info: maildir: data=/home/vmail//:INDEX=/var/indexes/ Info: maildir++: root=/home/vmail/, index=/var/indexes, control=, inbox=/home/vmail/ Info: auth input: uid=5000 Info: auth input: gid=5000 Info: auth input: home=/home/vmail/example.com/user2 Info: Namespace: type=private, prefix=INBOX., sep=., inbox=yes, hidden=no, list=yes, subscriptions=yes Info: maildir: data=/home/vmail//:INDEX=/var/indexes/ Info: maildir++: root=/home/vmail/, index=/var/indexes, control=, inbox=/home/vmail/ Is this an issue with the mail_location setting? I know the wiki says something about a userdb lookup returning the mail location, but, frankly, I'm not sure what that's supposed to say... Thanks.
[Dovecot] process_min_avail being ignored?
Today I found out we are having users w/ problems because: Mar 3 09:57:33 jlgray dovecot: master: Warning: service(imap-login): process_limit reached, client connections are being dropped Mar 3 09:58:42 jlgray dovecot: master: Warning: service(imap-login): process_limit reached, client connections are being dropped Mar 3 10:02:51 jlgray dovecot: master: Warning: service(imap-login): process_limit reached, client connections are being dropped Mar 3 10:04:29 jlgray dovecot: master: Warning: service(imap-login): process_limit reached, client connections are being dropped Mar 3 10:05:41 jlgray dovecot: master: Warning: service(imap-login): process_limit reached, client connections are being dropped Mar 3 10:06:58 jlgray dovecot: master: Warning: service(imap-login): process_limit reached, client connections are being dropped So, based on the dovecot2 wiki, it would seem that the solution is to follow the recommendations at http://wiki2.dovecot.org/LoginProcess, and use them as a guide for our situation. I have done so. But unless I misunderstand their purpose, I don't think they're working. Maybe I don't have them in the correct place?? I am expecting the imap-login process count to immediately jump up to 200 (based on my config below). But instead, they just slowly gradually increase. But even an hour after changing the config & restarting dovecot, I only have 78 login processes. dovecot -n output is: # 2.0.9: /usr/local/etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0 auth_debug = yes auth_mechanisms = plain login disable_plaintext_auth = no log_timestamp = "%Y-%m-%d %H:%M:%S " mail_debug = yes mail_location = maildir:~/ mail_privileged_group = mail passdb { driver = pam } protocols = imap pop3 service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } user = root } ssl_cert = http://wiki2.dovecot.org/Upgrading/2.0 Namely: doveconf -n -c dovecot-1.conf > dovecot-2.conf Then we renamed dovecot-2.conf to dovecot.conf I'm pretty sure there were no problems with that part. We are running dovecot 2.0.9 compiled from source. OS is 64-bit Debian Squeeze (6.0), as shown by 'cat /proc/version': Linux version 2.6.32-5-amd64 (Debian 2.6.32-30) (b...@decadent.org.uk) (gcc version 4.3.5 (Debian 4.3.5-4) ) #1 SMP Wed Jan 12 03:40:32 UTC 2011 I really appreciate anyone helping me figure out why Thanks, - Doug Mortensen Network Consultant Impala Networks Inc CCNA, MCSA, Security+, A+ Linux+, Network+, Server+ . www.impalanetworks.com P: (505) 327-7300 F: (505) 327-7545
Re: [Dovecot] All mails unread after short while
Am 03.03.2011 um 17:56 schrieb Charles Marcus: > > Which is not much of a problem description, but obviously means you did > something wrong... so, instead of finding/fixing the problem, you just > reverted? Yes, i reverted and put back the config-files of the old dovecot version. After this everything worked well again like i thought. I will upgrade Dovecot in some weeks for sure because of Quota, but at the moment i am happy if just the little (?) Unread-problem is away ☺ But anyway, where can i find the place where the mails are set to read or unread?
Re: [Dovecot] All mails unread after short while
On 2011-03-03 11:16 AM, francwal...@gmx.net wrote: >> Upgrading would be a very good idea and would likely solve your problem >> in the process... there should be repos that have the latest versions >> available. > Unfortunately this was what i tried a month before, without success. > After upgrading the communication between Postfix and Dovecot stopped. Which is not much of a problem description, but obviously means you did something wrong... so, instead of finding/fixing the problem, you just reverted? -- Best regards, Charles
Re: [Dovecot] dovecot share
On 2011-03-03 11:19 AM, Eric Broch wrote: > Oh! After upgrading to v2 everything worked as expected, and it was > quite easy to set up! > > Thanks, Charles. No worries, glad you got it sorted... -- Best regards, Charles
Re: [Dovecot] dovecot share
On 3/3/2011 8:57 AM, Charles Marcus wrote: > On 2011-03-02 7:50 PM, Eric Broch wrote: >> Sorry, Charles , I didn't see your request not to top post. > No problem... > >> Is there s certain procedure for upgrading from dovecot 1.x to 2.x? >> Do I uninstall the current version on my machine? >> Or, is there an upgrade option during install? >> >> I just want to do it correctly. > When in doubt, rtfm... ;) > > http://wiki.dovecot.org/Upgrading/ > Oh! After upgrading to v2 everything worked as expected, and it was quite easy to set up! Thanks, Charles.
Re: [Dovecot] All mails unread after short while
> > Upgrading would be a very good idea and would likely solve your problem > in the process... there should be repos that have the latest versions > available. > Unfortunately this was what i tried a month before, without success. After upgrading the communication between Postfix and Dovecot stopped.
Re: [Dovecot] dovecot share
On 3/3/2011 8:57 AM, Charles Marcus wrote: > On 2011-03-02 7:50 PM, Eric Broch wrote: >> Sorry, Charles , I didn't see your request not to top post. > No problem... > >> Is there s certain procedure for upgrading from dovecot 1.x to 2.x? >> Do I uninstall the current version on my machine? >> Or, is there an upgrade option during install? >> >> I just want to do it correctly. > When in doubt, rtfm... ;) > > http://wiki.dovecot.org/Upgrading/ > Thanks, Charles! I had looked at that web page previously but it didn't offer any assistance on upgrading tarballs. So, I went ahead and started experimenting on my test server. Here is my procedure... (Stop Qmailtoaster) 1) qmailctl stop >> (Uninstall dovecot v1.2.3) 2) cd /my/dovecot/dir/dovecot-1.2.3 3) sudo make uninstall (Install dovecot v2.0.9) 4) cd /my/dovecot/dir 5) wget http://dovecot.org/releases/2.0/dovecot-2.0.9.tar.gz 6) tar -zxvf dovecot-2.0.9.tar.gz 7) cd dovecot-2.0.9 8) ./configure --with-vpopmail --with-ssl=openssl 9) make 10) sudo make install (Create the v2.0.9 configuration file from v1.2.3 configuration file andput it in v2 directory) 11) cp /usr/local/etc/dovecot.conf /usr/local/etc/dovecot/dovecot.conf 12) cd /usr/local/etc/dovecot 13) doveconf -n> dovecot-2.conf (Create v2 compatible file) 14) cp dovecot-2.conf dovecot.conf (Rename v2 compatible file) (Edit v2 file) 15) Removed the following setting from dovecot.conf (IMAP will not work with this setting) service auth { user = vpopmail } 16) qmailctl start Oh, and I've been informed that I missed creating the 'dovenull' user. Eric
Re: [Dovecot] All mails unread after short while
On 2011-03-03 8:53 AM, francwal...@gmx.net wrote: > Dovecot 1.0.10. Upgrading would be a very good idea and would likely solve your problem in the process... there should be repos that have the latest versions available. -- Best regards, Charles
Re: [Dovecot] dovecot share
On 2011-03-02 7:50 PM, Eric Broch wrote: > Sorry, Charles , I didn't see your request not to top post. No problem... > Is there s certain procedure for upgrading from dovecot 1.x to 2.x? > Do I uninstall the current version on my machine? > Or, is there an upgrade option during install? > > I just want to do it correctly. When in doubt, rtfm... ;) http://wiki.dovecot.org/Upgrading/ -- Best regards, Charles
Re: [Dovecot] auth on tcp socket?
Hello, is it possible to provide service auth on tcp-socket instead of unix-socket? I changed my conf and dovecot 2.0.5 is restarting but on telnet test it throws: dovecot: auth: Fatal: getsockname(12) failed: Socket operation on non-socket Want to separate smtp and imap to different servers but keep using dovecot auth for postfix-sasl. Whats to do? hmm, is postfix able to use non-unix socket for dovecot-sasl? Well, added support for that: http://hg.dovecot.org/dovecot-2.0/rev/fe8e82b5bff9 Thanks for that. is it save to use smtpd_sasl_path = inet:localhost:1434 in postfix's main.cf? there are some warnings in log: "when SASL type is "dovecot", SASL path "inet:localhost:1434" should be a socket pathname" ( Datei src/xsasl/xsasl_dovecot_server.c ) Thanks, Hajo
[Dovecot] All mails unread after short while
Hello, I have on Ubuntu 8.04 Postfix 2.5.1 and Dovecot 1.0.10. The mails are saved in maildir format. In one account on my server all mails are unread all the time. If i set them as read in my client (IMAP with Mac Mail 4.4 or IMAP with Squirrelmail, it doesn’t matter) they seem to be checked as read for some minutes or less, but very soon they are unread again, so i guess, only my client thinks that they are read, but after the next check, the client reads again that they are unread. Now i don’t know where to look or change the “Has been read”-Flag in the maildir-directory. Is it in some file or where is it, the flag? It is only one account, the other accounts on the same domain and on other domains are working quite well. Maybe it is only after a Squirrelmail update last week, but I am not sure. Thank you, Kind Regards, frank walter
Re: [Dovecot] Does dovecot proxy support message caching?
On 02/03/2011 18:10, Timo Sirainen wrote: I was just told by my boss that it's a feature he thinks would be useful and he'd offer his developers to help. Well, there's the message body caching that I'm not that interested in writing myself. It can probably be pretty easily separated from the rest of the code, so not much Dovecot knowledge is required either. I remain interested to sponsor such a feature though? Just make it affordable... Thanks Ed W