Re: [Dovecot] dovecot LDA: "temporary failure"
Additional information: I created a script to get the return code from deliver: 1 #!/bin/bash 2 3 cat "cur/1300037582.P7332Q0M221160.brusco-mail:2,S" | /usr/lib/dovecot/deliver -f dko...@somedomain.com -d dko...@domainhidden.com 4 5 case $? in 6 0) echo "0" 7 ;; 8 64) echo "64" 9 ;; 10 67) echo "67" 11 ;; 12 78) echo "78" 13 ;; 14 77) echo "77" 15 ;; 16 75) echo "75" 17 ;; 18 *) echo "unknown" 19 esac 20 The file it is cat'ing is a valid email in an Maildir/cur file. It returns 75 (EX_TEMP_FAIL) every time, even run as root. The logs reveal: /var/log/dovecot/lda-deliver: 2011-03-17 23:35:39 deliver(dko...@somedomain2.com): Info: Loading modules from directory: /usr/lib/dovecot/modules/lda /var/log/dovecot/deliver.info: (nothing) /var/log/dovecot/deliver.err: (nothing) I tried the script on another machine with Dovecot 1.0.15-2.3+lenny1 with success if I run as root. Regards, David Koski dko...@sutinen.com > This really has me stumped and desperate. I upgraded Debian from 5...
[Dovecot] dovecot LDA: "temporary failure"
This really has me stumped and desperate. I upgraded Debian from 5 to 6 (squeeze) and now Dovecot LDA fails. I have checked permissions and the usual. Postfix SMTP, Dovecot POP3 and Dovecot IMAP work. Having to upgrade MySQL from 5.0 to 5.1 made me question that. Logging is of little help. I have turned on logging for LDA to a separate file. When I try to run the deliver command it returns nothing and appears to do nothing: ~$ cat /etc/hosts | /usr/lib/dovecot/deliver -f root@localhost -d dkoski@[domainhidden].com $ ..but then I don't know what to expect. The log files are owned by dovecot. I tried chmod'ing them to 777 in desperation. This was working before the upgrade to 1.2.15-4 from 1.0.15-2.3+lenny1. Postfix reports this stuff: Mar 17 22:37:38 host-mail postfix/smtpd[22160]: connect from mail.kosmosisland.com[63.228.175.169] Mar 17 22:37:39 host-mail postfix/smtpd[22160]: 9D80C12AF610: client=mail.kosmosisland.com[63.228.175.169] Mar 17 22:37:39 host-mail postfix/cleanup[22163]: 9D80C12AF610: message-id=<201103172237.29223.dkoski@[another-domainhidden].com> Mar 17 22:37:39 host-mail postfix/qmgr[21877]: 9D80C12AF610: from=, size=1257, nrcpt=1 (queue active) Mar 17 22:37:39 host-mail postfix/smtpd[22160]: disconnect from mail.kosmosisland.com[63.228.175.169] Mar 17 22:37:42 host-mail postfix/smtpd[22168]: connect from localhost[127.0.0.1] Mar 17 22:37:42 host-mail postfix/smtpd[22168]: 480D912AF612: client=mail.kosmosisland.com[63.228.175.169] Mar 17 22:37:42 host-mail postfix/cleanup[22163]: 480D912AF612: message-id=<201103172237.29223.dkoski@[another-domainhidden].com> Mar 17 22:37:42 host-mail postfix/qmgr[21877]: 480D912AF612: from=, size=1873, nrcpt=1 (queue active) Mar 17 22:37:42 host-mail postfix/smtpd[22168]: disconnect from localhost[127.0.0.1] Mar 17 22:37:42 host-mail postfix/pipe[22169]: 480D912AF612: to=, relay=dovecot, delay=0.04, delays=0.02/0.01/0/0.01, dsn=4.3.0, status=deferred (temporary failure) Mar 17 22:37:42 host-mail postfix/smtp[22164]: 9D80C12AF610: to=, relay=127.0.0.1[127.0.0.1]:10024, delay=3.4, delays=0.84/0.01/0/2.5, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=11197-13, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 480D912AF612) Mar 17 22:37:42 host-mail postfix/qmgr[21877]: 9D80C12AF610: removed And /var/log/dovecot/deliver.info: 2011-03-17 22:43:43 auth(default): Info: new auth connection: pid=22232 2011-03-17 22:43:59 auth-worker(default): Info: sql(dkoski@[domainhidden].com,127.0.0.1): query: SELECT email as user, password FROM view_users WHERE email='dkoski@[domainhidden].com'; 2011-03-17 22:43:59 auth(default): Info: client out: OK 1 user=dkoski@[domainhidden].com 2011-03-17 22:43:59 auth(default): Info: master in: REQUEST 73 22061 1 2011-03-17 22:43:59 auth(default): Info: master out: USER 73 dkoski@[domainhidden].comuid=5000gid=5000 home=/home/vmail/[domainhidden].com/dkoski 2011-03-17 22:44:00 auth(default): Info: new auth connection: pid=22234 I tried reinstalling the package dovecot-common. I downloaded it on another machine and compared the md5sum. # postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = no biff = no config_directory = /etc/postfix content_filter = smtp-amavis:[127.0.0.1]:10024 delay_warning_time = 1h inet_interfaces = all mailbox_size_limit = 0 mydestination = backup.host.localnet, backup.localnet, localhost.localnet, localhost myhostname = mail.[domainhidden].com mynetworks = 192.168.1.0/24, 127.0.0.1 myorigin = /etc/mailname recipient_delimiter = + relayhost = smtp_tls_session_cache_database = btree:${queue_directory}/cache/smtp_scache smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_pipelining, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unknown_reverse_client_hostname, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_rbl_client b.barracudacentral.org, reject_rbl_client zen.spamhaus.org, reject_rbl_client cbl.abuseat.org, reject_rbl_client dnsbl.njabl.org, reject_rbl_client combined.njabl.org, reject_rbl_client bl.spamcop.net, reject_rbl_client spamguard.leadmon.net, reject_rbl_client korea.services.net, reject_rbl_client spamsources.fabel.dk, reject_rhsbl_sender rhsbl.ahbl.org smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key smtpd_tls_session_cache_database = btree:${queue_directory}/cache/smtpd_scache smtpd_use_tls = yes virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf,mysql:/etc/postfix/mysql-email2email.cf virt
[Dovecot] Request - please uncomment !include_try /etc/dovecot/local.conf in example config
Hi, could I request that the example config in doc/dovecot/example-config/dovecot.conf be slightly altered to uncomment the last line? The point of include_try is that it only includes if such a file exists, and doesn't break anything if the file does not exist. My distro (Arch) has a policy not to apply non-essential patches, rather asking users to forward requests upstream, hence this email. It allows users to simply keep a local.conf with all their settings and not have to worry that it would not be used when the dovecot package gets upgraded (which mostly means /etc/dovecot/dovecot.conf gets replaced, depending on packaging standards). Thanks.
Re: [Dovecot] Virtual and system users with public mailboxes
On Thu, 2011-03-17 at 18:35 +0200, Timo Sirainen wrote: > On Wed, 2011-03-16 at 11:54 -0700, Kendall Shaw wrote: > > Hi, > > > > I am running dovecot 1.2.9 and postfix, and I am trying to setup a > > public mailbox. My thought is that there would be one system user with > > a sieve script to deliver messages to the public mailbox. And, I would > > like to give virtual users access to the mailbox. > > Why can't the public mail delivery user be virtual as well? If the users that I want to have shell access (ubuntu 10.04) are virtual users, wouldn't I have to duplicate their credentials, for dovecot? Kendall
Re: [Dovecot] maildir location
On Thu, Mar 17, 2011 at 4:59 PM, Jim Knuth wrote: > am 17.03.11 22:33 schrieb upen : > >>> >>> If you expect to have any folders with lots of messages, I would use >>> mdbox rather than Maildir. NFS tends to have performance problems with >>> lots of small files, and Maildir uses one file per message, where mdbox >>> has a sort of compromise between lots of files and the huge files that >>> mbox creates. >> >> Thanks Patrick. >> >> OK. back to zero again. Now this is new piece of information for me >> which tell me that mdbox is better than Maildir format for emails on >> NFS. > > really? Only for NFS? No I don't know I want to know which is best performance mail format for local storage of emails now that I read that mdbox performs better in NFS environment. Thanks.
Re: [Dovecot] maildir location
am 17.03.11 22:33 schrieb upen : If you expect to have any folders with lots of messages, I would use mdbox rather than Maildir. NFS tends to have performance problems with lots of small files, and Maildir uses one file per message, where mdbox has a sort of compromise between lots of files and the huge files that mbox creates. Thanks Patrick. OK. back to zero again. Now this is new piece of information for me which tell me that mdbox is better than Maildir format for emails on NFS. really? Only for NFS? Question: Which is best format to go with in general, maildir or mdbox? . We really don't want users to use their NFS HOME directories for storing and accessing their emails. Even if they create any imap folder that should also get created on email server's local storage either in Maildir format or the new format mdbox which I've just heard about. -- Mit freundlichen Grüßen, Jim Knuth P.S.: Bitte senden Sie KEINE HTML-Mails! # Zufallszitat: Der Gewissensbiss ist unanständig. [Nietzsche]
Re: [Dovecot] maildir location
> > If you expect to have any folders with lots of messages, I would use > mdbox rather than Maildir. NFS tends to have performance problems with > lots of small files, and Maildir uses one file per message, where mdbox > has a sort of compromise between lots of files and the huge files that > mbox creates. Thanks Patrick. OK. back to zero again. Now this is new piece of information for me which tell me that mdbox is better than Maildir format for emails on NFS. Question: Which is best format to go with in general, maildir or mdbox? . We really don't want users to use their NFS HOME directories for storing and accessing their emails. Even if they create any imap folder that should also get created on email server's local storage either in Maildir format or the new format mdbox which I've just heard about.
Re: [Dovecot] maildir location
On 17/03/11 12:19 PM, upen wrote: > Hello, > > I am trying to use dovecot (v. 2.0.11) and postfix (v. 2.7.3) > together. The email server is an ldap client and user's home > directories on NFS server are mounted using autofs. > > As I understand, Maildir performance is better than mbox type, so I'd > like to use Maildir instead of mbox. > If you expect to have any folders with lots of messages, I would use mdbox rather than Maildir. NFS tends to have performance problems with lots of small files, and Maildir uses one file per message, where mdbox has a sort of compromise between lots of files and the huge files that mbox creates.
[Dovecot] Problem with recompiling sieve scripts after migrating to Dovecot 2.0 from 1.2
I saw this in log file of dovecot: Error: sieve: binary save: failed to create temporary file: open(/usr/local/etc/sieve/after/after.dovecot.svbin.acamail.acasalud.com.ar.13528.) failed: Permission denied (euid=40(vmail) egid=41(vmail) missing +w perm: /usr/local/etc/sieve/after, euid is not dir owner) acamail dovecot: lda(x@xx): Error: sieve: the lda sieve plugin does not have permission to save global sieve script binaries; global sieve scripts like /usr/local/etc/sieve/after/after.dovecot.sieve need to be pre-compiled using the sievec tool So i tried to recompile script using sievec like: sievec /usr/lcaol/etc/sieve/after/after.dovecot.sieve but i get: sievec(root): Error: user root: Initialization failed: Initializing mail storage from mail_location setting failed: stat(/root/Maildir) failed: Permission denied (euid=40(vmail) egid=41(vmail) missing +x perm: /root, euid is not dir owner) sievec(root): Fatal: Invalid user settings. Refer to server log for more information. What i must do to resolve this? My dovecot configuration is: # 2.0.11: /usr/local/etc/dovecot/dovecot.conf # OS: Linux xx auth_master_user_separator = * auth_username_format = %Lu disable_plaintext_auth = no first_valid_gid = 40 first_valid_uid = 40 mail_gid = vmail mail_location = maildir:~/Maildir mail_uid = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date passdb { args = /usr/local/etc/passwd.masterusers driver = passwd-file master = yes } passdb { args = /usr/local/etc/dovecot-ldap.conf driver = ldap } plugin/quota = maildir plugin/quota_rule = *:storage=614400 plugin/quota_rule2 = Trash:storage=+61440 plugin/sieve_after = /usr/local/etc/sieve/after/after.dovecot.sieve plugin/sieve_before = /usr/local/etc/sieve/before/spam.dovecot.sieve protocols = imap pop3 sieve service auth { unix_listener auth-master { group = vmail mode = 0600 user = vmail } user = root } ssl_cert =
Re: [Dovecot] segmentation fault with doveadm search
Timo Sirainen wrote: On Thu, 2011-03-17 at 17:54 +0100, Nick Rosier wrote: Hope this is better: #1 0x00080231ab21 in fts_build_deinit (_ctx=0x801ea2640) at fts-storage.c:551 Yes, much better. Easy fix: http://hg.dovecot.org/dovecot-2.0/rev/3d48418b0501 Thanks, fixed :-)
Re: [Dovecot] Unconfigured dictionary name 'quotadict'
On 17/03/2011 17:22, Timo Sirainen wrote: On Thu, 2011-03-17 at 17:06 +0100, Simone Caruso wrote: plugin { quota = dict:User quota::proxy::quotadict Here you say "quotadict". dict { quota = mysql:/etc/dovecot/dovecot-dict-sql.conf Here you say "quota". Change either one of them so they match. Solved, thank you! -- Simone Caruso
Re: [Dovecot] maildir location
On Thu, Mar 17, 2011 at 12:01 PM, upen wrote: >> If Postfix delivers the mails, rather than Dovecot LDA, then yes you'll >> need to configure Postfix also to deliver correctly. Maybe it would be >> easier to just switch to Dovecot LDA: http://wiki2.dovecot.org/LDA > > Thanks Timo for quick confirmation and the link for setting up dovecot as LDA. > > I made below changes to postfix's main.cf > > mailbox_command = /usr/libexec/dovecot/dovecot-lda ( verified that's > correct location for file) > > postfix reload > > The changed mail_location as mail_location = maildir:/localdir/mail/%u > > dovecot restart > > /var/log/messages shows, below error, > > dovecot: pop3(username): Error: user username: Initialization failed: > Initializing mail storage from mail_location setting failed: > stat(/localdir/mail/username) failed: Permission denied > (euid=1002(username) egid=10(wheel) missing +x perm: /localdir/mail, > euid is not dir owner) > > Any idea what is going wrong? Changed permissions on root directories, don't know if this is secure or not but it worked. I see cur, tmp, new and other files created under local storage now. Set permissions as below, #ls -ald /localdir drwxrwxrwx 31 root root 12288 Mar 17 10:48 /localdir/ # ls -ald /localdir/mail drwxrwxrwx 3 dovecot dovecot 4096 Mar 17 10:49 /localdir/mail mkdir /localdir/mail/username chown username:group /localdir/mail/username chmod 700 /localdir/mail/username Do you think it is okay to keep these perms ?
Re: [Dovecot] Migrating to mdbox
Hi Timo, On Thu, 17 Mar 2011, Timo Sirainen wrote: > > SQL just for one user? That seems a bit wasteful. You could instead use > http://wiki2.dovecot.org/AuthDatabase/PasswdFile Good idea, I hadn't thought of that, I've switched to passwd file now and it seems to be working. > dovecot-lda doesn't know if you're using SQL or whatever, it just does a > userdb lookup from auth process. You need to give -d parameter to > dovecot-lda for this to happen. OK, I've done that and now it seems to be working very well. It's extremely fast compared to mbox, as expected, which is excellent! Searching also feels faster for some reason. Thanks for all your help! Cheers, Chris. -- Aptivate | http://www.aptivate.org | Phone: +44 1223 760887 The Humanitarian Centre, Fenner's, Gresham Road, Cambridge CB1 2ES Aptivate is a not-for-profit company registered in England and Wales with company number 04980791.
Re: [Dovecot] segmentation fault with doveadm search
On Thu, 2011-03-17 at 17:54 +0100, Nick Rosier wrote: > Hope this is better: > > #1 0x00080231ab21 in fts_build_deinit (_ctx=0x801ea2640) at > fts-storage.c:551 Yes, much better. Easy fix: http://hg.dovecot.org/dovecot-2.0/rev/3d48418b0501
Re: [Dovecot] maildir location
> If Postfix delivers the mails, rather than Dovecot LDA, then yes you'll > need to configure Postfix also to deliver correctly. Maybe it would be > easier to just switch to Dovecot LDA: http://wiki2.dovecot.org/LDA Thanks Timo for quick confirmation and the link for setting up dovecot as LDA. I made below changes to postfix's main.cf mailbox_command = /usr/libexec/dovecot/dovecot-lda ( verified that's correct location for file) postfix reload The changed mail_location as mail_location = maildir:/localdir/mail/%u dovecot restart /var/log/messages shows, below error, dovecot: pop3(username): Error: user username: Initialization failed: Initializing mail storage from mail_location setting failed: stat(/localdir/mail/username) failed: Permission denied (euid=1002(username) egid=10(wheel) missing +x perm: /localdir/mail, euid is not dir owner) Any idea what is going wrong?
Re: [Dovecot] SSL Compatibility? SNI vs SAN (Subject Alternative Names) and multiple domains
On 2011-03-17 12:10 AM, Thomas Harold wrote: > Not terribly interested in the free certs because this SSL cert would > also be used for non-company users and we don't want browser warnings to > pop up. Starcom free SSL certs won't do that... -- Best regards, Charles
Re: [Dovecot] problems with public (sub)folders
On Wed, 2011-03-09 at 18:25 +0100, frederik.sch...@gmx.net wrote: > Hi, > > i am trying to share a maildir++ mailbox to other users but i can only > subscribe to the root directory. The subfolders of the public mailbox > do not appear in the exported list. > > Does anyone has an idea how i can share the subfolders too without > creating symlinks for every single folder? > > > ls -lA /var/mail/public > .user01 -> /var/mail/user01/Maildir You mean the user01 (=its INBOX) shows up, but nothing under it? That's how it's intended to work. You could switch from LAYOUT=Maildir++ to LAYOUT=fs and this would work as you intend. But you'll then need to rename all the directories. http://wiki2.dovecot.org/MailLocation/Maildir#Directory_layout
Re: [Dovecot] Dove cot+Kerberos
On Thu, 2011-03-10 at 08:36 +0200, Rostislav Matyusha wrote: > > Mar 10 08:27:23 srv-mail dovecot: auth(default): gssapi(?,10.0.0.5): > authn_name: Username contains disallowed character: 0x2f > Why username "host/srv-mail.cn.energy@CN.ENERGY" ??? I have no idea about anything related to Kerberos, but if the problem is the "disallowed character", you can avoid that by adding the character (in this case '/') to auth_username_chars setting.
Re: [Dovecot] dict crashes with multiple map definitions
On Fri, 2011-03-11 at 22:57 +0100, Birger Brunswiek wrote: > Mar 9 02:27:52 xxx dovecot: dict: Panic: file driver-pgsql.c: line 529 > (do_query): assertion failed: (db->sync_result == NULL) There have been several fixes done to pgsql backend in v2.0 and this is most likely fixed in v2.0.11. I don't really have time to debug v1.2..
Re: [Dovecot] Virtual and system users with public mailboxes
On Wed, 2011-03-16 at 11:54 -0700, Kendall Shaw wrote: > Hi, > > I am running dovecot 1.2.9 and postfix, and I am trying to setup a > public mailbox. My thought is that there would be one system user with > a sieve script to deliver messages to the public mailbox. And, I would > like to give virtual users access to the mailbox. Why can't the public mail delivery user be virtual as well? > On this list, I read how you can have both system and virtual users by > using passdb and static userdbs. But, I don't understand how this can > be combined with namespaces, where I specify the location. > > For all virtual users I had: > > mail_location = maildir:/var/somewhere/%u/maildir/ > > I think I need that for virtual users and: > > maildir:~/Maildir > > for the system users. Not really.. I think you should just keep everything virtual and create a new virtual user for the deliver user, e.g. "publicmail". That would be just like any other user, except would also have a sieve script in /var/somewhere/publicmail/.dovecot.sieve. > namespace private { > location = ? # how do I have the location be different for system > and virtual users? Keep your old mail_location, no need to set this. > } > namespace public { > location = ? # ditto (for the index)? location = maildir:/var/public/Maildir:INDEX=/var/somewhere/%u/public-index or something. Then as necessary use mailbox ACLs.
Re: [Dovecot] dovecot 1.2 quota with local users
On Thu, 2011-03-17 at 09:07 +0100, i...@promax.media.pl wrote: > All other information are now sourced from PAM ( users info, passwords etc.). PAM has only passwords. User info (uid, gid, home) is in passwd. > Is that possible to deliver some information about user as it is now (PAM) > and only quota information in sql table? If you want to merge multiple userdbs (passwd, sql) into one response then no, that's not directly possible. I guess your possibilities are: a) Write a checkpassword script to do that and use userdb checkpassword. b) Sync/merge the information into a single location (passwd-file or sql)
Re: [Dovecot] maildir location
On Thu, 2011-03-17 at 11:19 -0500, upen wrote: > Question : Can I change mail_location for maildir to be somewhere > other than ~/.maildir. ( like /var/mail/%u/Maildir, where /var/mail is > local storage). Sure. > By the way, I am confused about one setting in postfix : home_mailbox > = .maildir/ in main.cf . Does this really play any role? If so, which > parameter should be changed and to what and with what permissions to > the new directory. If Postfix delivers the mails, rather than Dovecot LDA, then yes you'll need to configure Postfix also to deliver correctly. Maybe it would be easier to just switch to Dovecot LDA: http://wiki2.dovecot.org/LDA
Re: [Dovecot] Unconfigured dictionary name 'quotadict'
On Thu, 2011-03-17 at 17:06 +0100, Simone Caruso wrote: > plugin { > quota = dict:User quota::proxy::quotadict Here you say "quotadict". > dict { > quota = mysql:/etc/dovecot/dovecot-dict-sql.conf Here you say "quota". Change either one of them so they match.
Re: [Dovecot] inetd config - dovecot doesn't exits
On Thu, 2011-03-17 at 16:37 +0100, Kamil Jońca wrote: > Is there any option for dovecot to exit when is unneded? No. > But sometimes I want to use it remotely via tcp and I run dovecot via > inetd. I guess you could write a cronjob that checks if any imap processes exist, and if not kills dovecot.
[Dovecot] maildir location
Hello, I am trying to use dovecot (v. 2.0.11) and postfix (v. 2.7.3) together. The email server is an ldap client and user's home directories on NFS server are mounted using autofs. As I understand, Maildir performance is better than mbox type, so I'd like to use Maildir instead of mbox. However, when I checked conf.d/10-mail.conf file, there is mail_location = maildir:~/.maildir already configured in it which means user's email will reside in their home directories on the NFS server rather than being on Email server's local storage where plenty of space is available. I anticipate due to NFS there will again be a performance hit . Question : Can I change mail_location for maildir to be somewhere other than ~/.maildir. ( like /var/mail/%u/Maildir, where /var/mail is local storage). There are about 200 ldap users who will be using this email server through squirrel-mail or access them through email clients. By the way, I am confused about one setting in postfix : home_mailbox = .maildir/ in main.cf . Does this really play any role? If so, which parameter should be changed and to what and with what permissions to the new directory. Hope I was able to explain, if not please let me know for more details.. Thanks, U
[Dovecot] Unconfigured dictionary name 'quotadict'
Currently i'm migrating an existing dovecot 1.2 server to dovecot 2.0.11, once configured the 2.0 server works, auth works... but i get these messages in mail.log: dict: Error: dict client: Unconfigured dictionary name 'quotadict' Mar 17 16:46:14 penny dovecot: imap(mail...@example.com): Error: write(/var/run/dovecot/dict) failed: Broken pipe Mar 17 16:46:38 penny dovecot: dict: Error: dict client: Unconfigured dictionary name 'quotadict' Mar 17 16:46:38 penny dovecot: imap(mail...@example.com): Error: read(/var/run/dovecot/dict) failed: Remote disconnected My quota configuration is the following (as wiki says): service dict { unix_listener dict { mode = 0600 user = vmail } } plugin { quota = dict:User quota::proxy::quotadict quota_rule2 = Trash:storage=+55M } dict { quota = mysql:/etc/dovecot/dovecot-dict-sql.conf } dovect-dict-sql.conf: connect = host=localhost dbname=ketna user=* password=* map { pattern = priv/quota/storage table = imap_quota username_field = email value_field = current } map { pattern = priv/quota/messages table = imap_quota username_field = email value_field = messages } Someone can tell me where's my fault? (Attached my "dovecot -n" output.) Thanks! -- Simone Caruso # 2.0.11 (31d8d43fa6b5): /etc/dovecot/dovecot.conf # OS: Linux 2.6.26-2-amd64 x86_64 Debian 5.0.4 ext3 auth_master_user_separator = * auth_mechanisms = plain login auth_worker_max_count = 20 default_client_limit = 500 default_process_limit = 25 dict/quota = mysql:/etc/dovecot/dovecot-dict-sql.conf disable_plaintext_auth = no first_valid_gid = 8 first_valid_uid = 8 hostname = mail.ardeek.com mail_access_groups = mail mail_location = maildir:/home/dovecot/%d/%n:INDEX=/home/index-dovecot/%d/%n mail_plugins = quota autocreate mail_privileged_group = mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date passdb { args = /etc/dovecot/conf.d/auth-sql.conf.ext driver = sql } plugin/autocreate = INBOX.Trash plugin/autocreate2 = INBOX.Sent plugin/autocreate3 = INBOX.Drafts plugin/autocreate4 = INBOX.Spam plugin/autocreate5 = INBOX.Ham plugin/autosubscribe = INBOX.Trash plugin/autosubscribe2 = INBOX.Sent plugin/autosubscribe3 = INBOX.Drafts plugin/autosubscribe4 = INBOX.Spam plugin/autosubscribe5 = INBOX.Ham plugin/quota = dict:User quota::proxy::quotadict plugin/quota_rule2 = Trash:storage=+55M plugin/sieve = ~/.dovecot.sieve plugin/sieve_before = /etc/dovecot/sieve/dovecot.sieve plugin/sieve_dir = ~/sieve plugin/sieve_storage = /home/dovecot/%d/%n/sieve postmaster_address = postmas...@ardeek.com protocols = " imap lmtp sieve pop3" service auth { unix_listener /var/spool/postfix/private/auth { mode = 0666 } } service dict { unix_listener dict { mode = 0666 user = mail } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } process_min_avail = 3 service_count = 0 vsz_limit = 128 M } service imap { process_limit = 1024 } service managesieve-login { inet_listener sieve_deprecated { port = 2000 } process_min_avail = 1 service_count = 0 } service pop3-login { inet_listener pop3 { port = 110 } inet_listener pop3s { port = 995 ssl = yes } } service pop3 { process_limit = 1024 } shutdown_clients = no ssl_cert =
[Dovecot] inetd config - dovecot doesn't exits
Is there any option for dovecot to exit when is unneded? I mostly use dovecot via shell process (ie. something like /usr/sbin/dovecot --exec-mail imap) But sometimes I want to use it remotely via tcp and I run dovecot via inetd. --8<---cut here---start->8--- localhost:imap stream tcp nowait root/usr/sbin/tcpd /usr/lib/dovecot/imap-login --8<---cut here---end--->8--- in inetd.conf works good, but dovecot stays, even if all clients ended their connections. How can I make dovecot to exit after last client disconnects? KJ -- Http://modnebzdury.wordpress.com/2009/10/01/niewiarygodny-list-prof-majewskiej-wprowadzenie/ Wiesz, tryb tekstowy w Linuksie ma się tak do DOSu jak F-117A do paralotni. (c) Dawid Kuroczko
Re: [Dovecot] Attachment file size error in SIS
On Wed, 2011-03-16 at 14:51 -0700, Daniel L. Miller wrote: > I've got an attachment that triggers a "smaller than expected" error. > It was a pdf I received some time ago. I copied the file from the > dovecot storage, renamed it to something close to the original name (I > don't remember what that was), then created a new mail with this as an > attachment and saved it to the server. This created a new file, > identical file size to the other - but continues to have the "smaller > than expected" error. You mean you can reproduce the "smaller than expected" for newly delivered mails with a specific attachment? Any chance you could send such a mail to me?
Re: [Dovecot] search for attachment hash
On Wed, 2011-03-16 at 14:20 -0700, Daniel L. Miller wrote: > How can I determine what message(s) are linked to a given attachment hash? That's difficult.. There is no index for that. So you'll have to grep it from all users' storage/m.* files. Right next to that metadata entry should be message's GUID. You can then do "doveadm dump" for user's each mailbox index and find the GUID from there.
Re: [Dovecot] doveadm expunge info message in std.error
On Wed, 2011-03-16 at 12:00 -0700, Kui Zhang wrote: > doveadm expunge -u "user@domain" mailbox ".namespace/*" savedbefore 7d > > writes these messages to std.error > > doveadm(user@domain): Info: expunge: box=.namespace/INBOX, uid=5932, > msgid=, size=1824 You should be able to get rid of these with: doveadm -o plugin/mail_log_events= expunge .. > Can we write these messages(informational) to std.out I thought about this too, but I think in the end it could lead to trouble. Several doveadm commands already output replies to stdout, so not all commands can have their Info: logs outputted to stdout. And having some commands do that and others not isn't very consistent.
Re: [Dovecot] segmentation fault with doveadm search
Timo Sirainen wrote: On Thu, 2011-03-17 at 14:38 +0100, Nick Rosier wrote: # doveadm search -A body dead_beef [1]34789 segmentation fault doveadm search -A body dead_beef How can I (help) troubleshoot this? With the use of DTrace I was able to track that the last Folder it searched was a Virtual-folder (all mails unseen). After temporarily moving this folder and running the command again it did not sigsegv. How can I prevent a search from trying to index Virtual-folders? Could you get gdb backtrace? gdb --args doveadm search -A body dead_beef run bt full I assume I will have to re-install from source; FreeBSD ports strips during install so I doubt that would be handy. Rgds, N.
Re: [Dovecot] segmentation fault with doveadm search
On Thu, 2011-03-17 at 14:38 +0100, Nick Rosier wrote: > > # doveadm search -A body dead_beef > > [1]34789 segmentation fault doveadm search -A body dead_beef > > > > How can I (help) troubleshoot this? > > > With the use of DTrace I was able to track that the last Folder it > searched was a Virtual-folder (all mails unseen). After temporarily > moving this folder and running the command again it did not sigsegv. How > can I prevent a search from trying to index Virtual-folders? Could you get gdb backtrace? gdb --args doveadm search -A body dead_beef run bt full
Re: [Dovecot] Configuration of LMTP Reject Code
On Thu, 2011-03-17 at 14:49 +0100, Petter Urkedal wrote: > > I think I'll do a bit larger change here that replaces all getpwnam(), > > getpwuid() and maybe other calls. Dovecot doesn't need thread-safe > > getpw*() so I can do an easier to use wrapper function. > > Sounds good. Added to hg: http://hg.dovecot.org/dovecot-2.0/rev/7f5735ab7c35 http://hg.dovecot.org/dovecot-2.0/rev/02829f7f79c7
Re: [Dovecot] Configuration of LMTP Reject Code
On 2011-03-17, Timo Sirainen wrote: > On Thu, 2011-03-17 at 14:16 +0100, Petter Urkedal wrote: > > > I think there is a better solution. It seems that getpwnam_r is POSIX > > and does the right thing. > > Oh, weird. I knew about that function but I never realized it fixed the > error handling problem. Also everything I saw discussing the getpwnam() > error problems never bothered to mention getpwnam_r(). Yeah, that's odd. I don't have the POSIX standard, but my reading a few of the top Google matches for "getpwnam_r POSIX", suggests it returns 0 on "not found". My testing is for RHEL-6 using sssd. > > The attached patch adds a feature-check for > > getpwnam_r and, if present, uses it in userdb-passwd.c in place of the > > problematic getpwnam. I've not some light testing on a non-production > > server. > > I think I'll do a bit larger change here that replaces all getpwnam(), > getpwuid() and maybe other calls. Dovecot doesn't need thread-safe > getpw*() so I can do an easier to use wrapper function. Sounds good.
Re: [Dovecot] segmentation fault with doveadm search
Nick Rosier wrote: Configuration: Dovecot 2.0.11 on FreeBSD 8.2 When I run a search to generate the FTS search indexes I get following error: # doveadm search -A body dead_beef [1]34789 segmentation fault doveadm search -A body dead_beef How can I (help) troubleshoot this? With the use of DTrace I was able to track that the last Folder it searched was a Virtual-folder (all mails unseen). After temporarily moving this folder and running the command again it did not sigsegv. How can I prevent a search from trying to index Virtual-folders? Rgds, N.
Re: [Dovecot] Configuration of LMTP Reject Code
On Thu, 2011-03-17 at 14:16 +0100, Petter Urkedal wrote: > I think there is a better solution. It seems that getpwnam_r is POSIX > and does the right thing. Oh, weird. I knew about that function but I never realized it fixed the error handling problem. Also everything I saw discussing the getpwnam() error problems never bothered to mention getpwnam_r(). > The attached patch adds a feature-check for > getpwnam_r and, if present, uses it in userdb-passwd.c in place of the > problematic getpwnam. I've not some light testing on a non-production > server. I think I'll do a bit larger change here that replaces all getpwnam(), getpwuid() and maybe other calls. Dovecot doesn't need thread-safe getpw*() so I can do an easier to use wrapper function.
Re: [Dovecot] Migrating to mdbox
On Thu, 2011-03-17 at 11:26 +, Chris Wilson wrote: > Now I'm trying to migrate just my user account to mdbox, without affecting > other users. I think I figured out that I have to use a SQL userdb with > just an entry for me, falling back to the passwd userdb for everyone else. SQL just for one user? That seems a bit wasteful. You could instead use http://wiki2.dovecot.org/AuthDatabase/PasswdFile > I think I got this configured, and Dovecot IMAP then appears to open my > mdbox when I connect, but deliver still delivers to /var/spool/mail/chris. > > doveconf -m lda doesn't pick up anything about the SQL userdb, so I don't > see how deliver could even know that it should look here to pick up my > mail location, but I think it should work out where the user is expecting > their mail to be stored in order to deliver it to the correct place, > shouldn't it? What am I missing? dovecot-lda doesn't know if you're using SQL or whatever, it just does a userdb lookup from auth process. You need to give -d parameter to dovecot-lda for this to happen.
Re: [Dovecot] Configuration of LMTP Reject Code
On 2011-02-22, Timo Sirainen wrote: > On Tue, 2011-02-22 at 11:02 +0100, Petter Urkedal wrote: > > userdb { > > driver = passwd > > args = home=/srv/mail/nbi.ku.dk/%1n/%n mail=maildir:~/Maildir > > } > > The problem with passwd is that it can't separate "user doesn't exist" > from "temporary error". http://wiki2.dovecot.org/UserDatabase/NSS can > separate these, but it hasn't been tested much.. > > > > > We use Postfix on the front-end, which is very configurable in this > > > > respect. I don't see a way to override the error code from LMTP, > > > > though, but suggestions are welcome. > > > > > > I don't really like adding settings that have very few users.. > > > > I understand, it's really a workaround. A global directive to turn all > > permanent errors into temporary ones, would do as well, since any error > > from LMTP is a potential issue we want to know about. I'm not sure > > whether that's any nicer from your point of view. > > Well, there aren't really any other permanent errors.. Quota already has > quota_full_tempfail setting. I think there is a better solution. It seems that getpwnam_r is POSIX and does the right thing. The attached patch adds a feature-check for getpwnam_r and, if present, uses it in userdb-passwd.c in place of the problematic getpwnam. I've not some light testing on a non-production server. diff -r 26d5351649ac configure.in --- a/configure.in Wed Mar 16 19:49:27 2011 +0200 +++ b/configure.in Thu Mar 17 13:54:55 2011 +0100 @@ -379,7 +379,8 @@ setrlimit setproctitle seteuid setreuid setegid setresgid \ strtoull strtoll strtouq strtoq \ setpriority quotactl getmntent kqueue kevent backtrace_symbols \ - walkcontext dirfd clearenv malloc_usable_size glob fallocate) + walkcontext dirfd clearenv malloc_usable_size glob fallocate \ + getpwnam_r) AC_CHECK_LIB(rt, clock_gettime, [ AC_DEFINE(HAVE_CLOCK_GETTIME,, Define if you have the clock_gettime function) diff -r 26d5351649ac src/auth/userdb-passwd.c --- a/src/auth/userdb-passwd.c Wed Mar 16 19:49:27 2011 +0200 +++ b/src/auth/userdb-passwd.c Thu Mar 17 13:54:55 2011 +0100 @@ -9,12 +9,18 @@ #include "userdb-static.h" #include +#include #define USER_CACHE_KEY "%u" struct passwd_userdb_module { struct userdb_module module; struct userdb_static_template *tmpl; + +#ifdef HAVE_GETPWNAM_R + char *buf; + size_t bufsize; +#endif }; struct passwd_userdb_iterate_context { @@ -33,15 +39,35 @@ struct passwd_userdb_module *module = (struct passwd_userdb_module *)_module; struct passwd *pw; +#ifdef HAVE_GETPWNAM_R + struct passwd pw_data; + int err; +#endif auth_request_log_debug(auth_request, "passwd", "lookup"); +#ifdef HAVE_GETPWNAM_R + err = getpwnam_r(auth_request->user, &pw_data, +module->buf, module->bufsize, &pw); + if (pw == NULL) { + if (err) { + auth_request_log_error(auth_request, "passwd", "%s", + strerror(err)); + callback(USERDB_RESULT_INTERNAL_FAILURE, auth_request); + return; + } + auth_request_log_info(auth_request, "passwd", "unknown user"); + callback(USERDB_RESULT_USER_UNKNOWN, auth_request); + return; + } +#else pw = getpwnam(auth_request->user); if (pw == NULL) { auth_request_log_info(auth_request, "passwd", "unknown user"); callback(USERDB_RESULT_USER_UNKNOWN, auth_request); return; } +#endif auth_request_set_field(auth_request, "user", pw->pw_name, NULL); @@ -151,6 +177,13 @@ module->module.cache_key = USER_CACHE_KEY; module->tmpl = userdb_static_template_build(pool, "passwd", args); +#ifdef HAVE_GETPWNAM_R + module->bufsize = sysconf(_SC_GETPW_R_SIZE_MAX); + if (module->bufsize == (size_t)-1) + module->bufsize = 16384; + module->buf = p_malloc(pool, module->bufsize); +#endif + if (userdb_static_template_remove(module->tmpl, "blocking", &value)) { module->module.blocking = value == NULL ||
Re: [Dovecot] Migrating to mdbox
Hi Timo, On Wed, 16 Mar 2011, Timo Sirainen wrote: > On Wed, 2011-03-16 at 15:23 +, Chris Wilson wrote: > > > chris@one-mail(~)$ sudo dsync -v -u chris backup mdbox:/home/chris/mdbox > > [sudo] password for chris: > > dsync(chris): Error: open() failed with mbox file /home/chris/mail/admin: > > Permission denied > > Well, this is the problem. dsync aborts early because it can't open the > mailbox.. Fixing it in the code didn't look as simple as I hoped, so > since this is unlikely to be a common problem, maybe you could just > remove the symlink for now or give enough permissions for the duration > of dsync.. Thanks, I removed this symlink and one other, and fixed a similar problem where dsync would abort on my gzipped archive mailboxes, and this time it finished and seemed to be working well :) Now I'm trying to migrate just my user account to mdbox, without affecting other users. I think I figured out that I have to use a SQL userdb with just an entry for me, falling back to the passwd userdb for everyone else. I think I got this configured, and Dovecot IMAP then appears to open my mdbox when I connect, but deliver still delivers to /var/spool/mail/chris. doveconf -m lda doesn't pick up anything about the SQL userdb, so I don't see how deliver could even know that it should look here to pick up my mail location, but I think it should work out where the user is expecting their mail to be stored in order to deliver it to the correct place, shouldn't it? What am I missing? chris@one-mail(~)$ doveconf -n # 2.0.8: /etc/dovecot/dovecot.conf doveconf: Warning: service anvil { client_limit=100 } is lower than required under max. load (203) # OS: Linux 2.6.18-164.10.1.el5xen x86_64 CentOS release 5.5 (Final) auth_mechanisms = plain login auth_verbose = yes auth_worker_max_count = 10 default_client_limit = 100 mail_location = mbox:~/mail:INBOX=/var/mail/%u mail_privileged_group = mail mbox_write_locks = fcntl mdbox_preallocate_space = yes mdbox_rotate_size = 16 M passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } passdb { driver = pam } service auth-worker { user = $default_internal_user } service imap-login { process_min_avail = 2 } service imap { process_limit = 80 } service pop3 { process_limit = 10 } ssl_cert = http://www.aptivate.org | Phone: +44 1223 760887 The Humanitarian Centre, Fenner's, Gresham Road, Cambridge CB1 2ES Aptivate is a not-for-profit company registered in England and Wales with company number 04980791.
Re: [Dovecot] Using dovecot with wordpress/phpass passwords?
To sum up: >> Wordpress and others are using phpass to authenticate >> (http://www.openwall.com/phpass/), it is basically a salted md5 hash. >> Basically, after the process, a hash like this is obtained. >> >> $P$BiWISc3IsqRHxeEjq4VJP1Vi8gy4mg1 (for test123 password) >> >> I would like to know if dovecot would be able to read this, > > It can't. But if you're using Openwall, apparently its crypt() supports > this and Dovecot doesn't need to. Unfortunately, that stuff isn't include in any major distribution, had to look on the other options > >> I could still make a custom checkpassword function but that would be >> non-optimal. I created a checkpass script to verify the passwords. For anyone looking for this, I got some good information here: .- Implementation of custom checkpassword in perl, with a sample testing script: http://wiki.qpsmtpd.org/plugins:auth:authcheckpassword .- Phpass implementation for perl http://search.cpan.org/~zefram/Authen-Passphrase/lib/Authen/Passphrase/PHPass.pm For the dovecot part, just add in the passdb section from dovecot.conf this: passdb checkpassword { args = /etc/dovecot/checkpassword.pl }
Re: [Dovecot] SSL Compatibility? SNI vs SAN (Subject Alternative Names) and multiple domains
On 17/03/2011 00:03, Rick Romero wrote: > > So you're not having acceptance issues with godaddy certs? I moved away from > them because there was virtually no recognition for mail clients at the time. > Although I do believe they changed root certs since then... Been using them for 2 years without anyone obviously noticing? I will have to double check now, but I thought they were chain signed by a big upstream name? You do need to add the intermediate cert, and if you forget that then probably nothing will accept your cert? I am definitely not the largest shop in the world though... I suspect the only customers using SSL will be those using clients which default to it being on, ie OSX, newer thunderbird and I think newer Outlook? Cheers Ed W
Re: [Dovecot] dovecot 1.2 quota with local users
> On Wed, 2011-03-16 at 11:38 +0100, i...@promax.media.pl wrote: >> I got problem with setting quota from mysql for local users. In database >> are only information with quota. Password are store in passwd/shadow. > > You mean you only want quota limits to be listed in SQL, right? Then you > don't need to use dict quota at all (or especially not sql dict). Yes, only information in sql should be about quota. E.g my table is: Select * from quota; +---+---+--+ | username | bytes | messages | +---+---+--+ | user@test com | 3000 | 1000 | +---+---+--+ All other information are now sourced from PAM ( users info, passwords etc.). Is that possible to deliver some information about user as it is now (PAM) and only quota information in sql table? > > So what you need to use is passdb pam and userdb sql. In userdb sql you > need to specify the user_query. You didn't give much information about > your current setup that I'd assume is already working without working > quota. http://wiki2.dovecot.org/AuthDatabase/SQL anyway has information > about user_query (you can ignore the password_query). > You mean: userdb sql { args = /etc/dovecot/dovecot-sql.conf } How should look like sql query in dovecot-sql.conf for table above ? regards,
Re: [Dovecot] SSL Compatibility? SNI vs SAN (Subject Alternative Names) and multiple domains
On 03/16/2011 10:10 PM, Thomas Harold wrote: Leaning towards DigiCert at the moment, personally not a GoDaddy fan (and that's a whole different topic). Verisign and Thawte were rather pricey compared to DigiCert. Not terribly interested in the free certs because this SSL cert would also be used for non-company users and we don't want browser warnings to pop up. I've become a fan of StartSSL (from StartCom.org) and their free class 1 certificates. StartCom's root CA is included in Microsoft's, Mozilla's, Apple's, and even Android's list of trusted root certificates.
Re: [Dovecot] Problems with pam+ldap + quota
Hi, Just take a look on pam_ldap for authentification of user against pam in LDAP Database so that your dovecot settings should only be based on Ldap attributes for both user and password. Regards, Stephane Le 15 mars 2011 à 20:26, Antonio Perez-Aranda a écrit : > Ok I will try to use passdb with pam and userdb with ldap driver, although > in another conf, this two fail together. > El 15/03/2011 19:28, "Sven Hartge" escribió: >> Antonio Perez-Aranda wrote: >> >>> Yes I know and I have some nodes with dovecot+ldap >> >>> But this node need to login with module pam_imap, because it's use a >>> "closed" one time password system. >> >>> I'm trying with something like this: >> >>> userdb { >>> driver = passwd >>> args = uid=exim gid=exim quota=*:bytes=%$ >>> } >> >>> But I need to put the nss attribute en %$ var or another. >> >>> From my experience with PAM,NSS and LDAP I don't think it is possible to >> achieve what you are trying to do. >> >> Grüße, >> Sven. >> >> -- >> Sig lost. Core dumped. >>