Re: [Dovecot] Dovecot auth process delays exiting if LDAPS passdb used

2012-05-23 Thread SATOH Fumiyasu 
At Thu, 24 May 2012 01:01:25 +0900,
SATOH Fumiyasu wrote:
> If Dovecot passdb is configured with LDAP (no TLS/SSL),
> it is no problem. But if Dovecot passdb is configured with
> LDAPS (or LDAP+TLS), Dovecot auth process has a problem
> that Dovecot auth delays exiting about between 20 and
> 60 seconds when Dovecot dovecot (master) process is already
> terminated by an administrator.

I can reproduce this problem with LDAP (no TLS/SSL) passdb.

Sorry...

-- 
-- Name: SATOH Fumiyasu (fumiyas @ osstech co jp)
-- Business Home: http://www.OSSTech.co.jp/
-- Personal Home: http://www.SFO.jp/blog/

Re: [Dovecot] High level of pop3 popping causing server to become unresponsive

2012-05-23 Thread Robert Schetterer 
Am 23.05.2012 16:01, schrieb Root Kev:
> Missed CCing on last reply.  See below..
> 
> Also, would having Nagios checking the number of messages in a mailbox
> cause issues with the popping of messages? And/Or would having a user
> accessing the mailbox from two different applications cause issues?  Ie.
> from Outlook and mobile device?  I am under the impression that a lock file
> is generated which should deal with the issue of contention, deleting mail,
> etc.
> 
> Thanks for any information.
> 
> Kevin

i have a different setup as yours ( virtual , sql etc )
with dove 2.0.20 and extrem high pop3 traffic
no problem so far

same with low pop3 traffic setup dove 2.1.6
no problem reported

anyway use imap

where are your confs and logs ?

> 
> 
> Sorry for the delay in responding, long weekend in Canada...
>>
>> When trying to SSH into the server, the server prompts for user name then
>> password, then just hangs.  Same if there is already a console connection
>> over, when trying to SU to root, it just hangs after entering the password.
>>
>> Our passwords are in the shadow file, and because this is a server
>> dedicated for this task, there is only the default linux users, and maybe 8
>> other user accounts in the shadow file.
>>
>> There shouldn't be high IO as all this box does is postfix, pop3ad and
>> dovecot.  This box is seeing less then 3000 emails a day, and only has 5
>> mailboxes on it.
>>
>> Thanks for the continued suggestions...
>>
>> Kevin
>>
>>
>> On Sat, May 19, 2012 at 3:33 PM, Timo Sirainen  wrote:
>>
>>> On Fri, 2012-05-18 at 09:21 -0400, Root Kev wrote:
 During the last time that the load went up, it became unable to login /
>>> su
 to root for the entire period that dovecot was running, we had to kill
 dovecot and go back to Popa3d until the mailq was cleared up.  We are
 running CentOS 5.6 server.  Based on TOP running at the time the CPU
>>> usage
 was running under 10%.  Once Dovecot was killed, we were then able to
>>> log
 in /su again.
>>>
>>> Like Kelsey said, a very high disk IO might explain this, although
>>> normally the login should still eventually succeed. Another thing I'm
>>> wondering is if some process limit reached. How does the login/su fail,
>>> does it just hang or immediately fail with some error?
>>>
 We were under the impression that checking to shadow directly should be
>>> the
 fastest and least amount of overhead, is any of the other ways to
>>> connect
 have less load on authentication to PAM?
>>>
>>> Your passwords really are in /etc/shadow file, not LDAP/something else?
>>> I don't think the problem is with authentication. Reading /etc/shadow is
>>> pretty fast (unless maybe if it's a huge file) and it anyway can't block
>>> login/su from working.
>>>
>>>
>>>
>>
> 


-- 
Best Regards

MfG Robert Schetterer

Germany/Munich/Bavaria

Re: [Dovecot] Dovecot auth process delays exiting if LDAPS passdb used

2012-05-23 Thread SATOH Fumiyasu 
Hi,

At Thu, 24 May 2012 01:01:25 +0900,
SATOH Fumiyasu wrote:
> If Dovecot passdb is configured with LDAP (no TLS/SSL),
> it is no problem. But if Dovecot passdb is configured with
> LDAPS (or LDAP+TLS), Dovecot auth process has a problem
> that Dovecot auth delays exiting about between 20 and
> 60 seconds when Dovecot dovecot (master) process is already
> terminated by an administrator.
> 
> Is this known problem?

GDB backtrace in Dovecot auth process on Debian GNU/Linux:

(gdb) bt full
#0  0x7fa725c59f43 in __epoll_wait_nocancel ()
at ../sysdeps/unix/syscall-template.S:82
No locals.
#1  0x7fa7267a6db7 in io_loop_handler_run (ioloop=0x17686d0) at 
ioloop-epoll.c:181
ctx = 0x1770350
events = 0xfffc
event = 0x7530
list = 
io = 
tv = {tv_sec = 29, tv_usec = 999374}
msecs = 3
ret = 
i = 
j = 
call = 
#2  0x7fa7267a5cc9 in io_loop_run (ioloop=0x17686d0) at ioloop.c:398
No locals.
#3  0x7fa7267938ff in master_service_run (service=0x1768580, 
callback=)
at master-service.c:544
No locals.
#4  0x00418517 in main (argc=1, argv=0x1768370) at main.c:373
c = 

DBX backtrace in Dovecot auth process on Solaris 10:

(dbx) where
  [1] __pollsys(0x80bc3c8, 0x4, 0x8047cd8, 0x0), at 0xfed75a15
  [2] _pollsys(0x80bc3c8, 0x4, 0x8047cd8, 0x0), at 0xfed69fc8
  [3] _poll(0x80bc3c8, 0x4, 0x7530), at 0xfed1e95a
=>[4] io_loop_handler_run(ioloop = ???) (optimized), at 0xfef59294 (line ~166) 
in "ioloop-poll.c"
  [5] io_loop_run(ioloop = ???) (optimized), at 0xfef586cf (line ~398) in 
"ioloop.c"
  [6] master_service_run(service = ???, callback = ???) (optimized), at 
0xfef42e03 (line ~544) in "master-service.c"
  [7] main(argc = ???, argv = ???) (optimized), at 0x8077d9b (line ~374) in 
"main.c"

Thanks.

-- 
-- Name: SATOH Fumiyasu (fumiyas @ osstech co jp)
-- Business Home: http://www.OSSTech.co.jp/
-- Personal Home: http://www.SFO.jp/blog/

> On AIX, this problem prevents restart Dovecot service by
> the following error:
> 
> May 24 00:42:03 build-aix6 mail:warn|warning dovecot: master: Warning: Killed 
> with signal 15 (by pid=11337890 uid=0 code=kill)
> May 24 00:42:10 build-aix6 mail:err|error dovecot: master: Error: 
> service(auth): Socket already exists: /opt/osstech/var/run/dovecot/auth-login
> May 24 00:42:11 build-aix6 mail:crit dovecot: master: Fatal: Failed to start 
> listeners
> 
> My Dovecot 2.1.6 platforms are:
> 
>   * Debian GNU/Linux wheezy + OpenLDAP 2.4.28 (linked with GNU TLS 2.12.18)
>   * Solaris 10 + OpenLDAP 2.4.26 (linked with OpenSSL 0.9.7)
>   * AIX 6.1 + OpenLDAP 2.4.31 (linked with OpenSSL 1.0.0)
>   * AIX 7.1 + OpenLDAP 2.4.28 (linked with OpenSSL 1.0.0)
> 
> Because I see the problem on the all of above, there is a
> bug in Dovecot 2.1.6, I think.

[Dovecot] Dovecot auth process delays exiting if LDAPS passdb used

2012-05-23 Thread SATOH Fumiyasu 
Hi,

I'm using Dovecot 2.1.6 and LDAP server as a backend for
Postfix SMTP-Auth (SASL) on Debian GNU/Linux (wheezy),
Solaris 10 and AIX 6.1/7.1.

If Dovecot passdb is configured with LDAP (no TLS/SSL),
it is no problem. But if Dovecot passdb is configured with
LDAPS (or LDAP+TLS), Dovecot auth process has a problem
that Dovecot auth delays exiting about between 20 and
60 seconds when Dovecot dovecot (master) process is already
terminated by an administrator.

Is this known problem?

On AIX, this problem prevents restart Dovecot service by
the following error:

May 24 00:42:03 build-aix6 mail:warn|warning dovecot: master: Warning: Killed 
with signal 15 (by pid=11337890 uid=0 code=kill)
May 24 00:42:10 build-aix6 mail:err|error dovecot: master: Error: 
service(auth): Socket already exists: /opt/osstech/var/run/dovecot/auth-login
May 24 00:42:11 build-aix6 mail:crit dovecot: master: Fatal: Failed to start 
listeners

My Dovecot 2.1.6 platforms are:

  * Debian GNU/Linux wheezy + OpenLDAP 2.4.28 (linked with GNU TLS 2.12.18)
  * Solaris 10 + OpenLDAP 2.4.26 (linked with OpenSSL 0.9.7)
  * AIX 6.1 + OpenLDAP 2.4.31 (linked with OpenSSL 1.0.0)
  * AIX 7.1 + OpenLDAP 2.4.28 (linked with OpenSSL 1.0.0)

Because I see the problem on the all of above, there is a
bug in Dovecot 2.1.6, I think.

Thanks.

-- 
-- Name: SATOH Fumiyasu (fumiyas @ osstech co jp)
-- Business Home: http://www.OSSTech.co.jp/
-- Personal Home: http://www.SFO.jp/blog/

Re: [Dovecot] High level of pop3 popping causing server to become unresponsive

2012-05-23 Thread Root Kev 
Missed CCing on last reply.  See below..

Also, would having Nagios checking the number of messages in a mailbox
cause issues with the popping of messages? And/Or would having a user
accessing the mailbox from two different applications cause issues?  Ie.
from Outlook and mobile device?  I am under the impression that a lock file
is generated which should deal with the issue of contention, deleting mail,
etc.

Thanks for any information.

Kevin


Sorry for the delay in responding, long weekend in Canada...
>
> When trying to SSH into the server, the server prompts for user name then
> password, then just hangs.  Same if there is already a console connection
> over, when trying to SU to root, it just hangs after entering the password.
>
> Our passwords are in the shadow file, and because this is a server
> dedicated for this task, there is only the default linux users, and maybe 8
> other user accounts in the shadow file.
>
> There shouldn't be high IO as all this box does is postfix, pop3ad and
> dovecot.  This box is seeing less then 3000 emails a day, and only has 5
> mailboxes on it.
>
> Thanks for the continued suggestions...
>
> Kevin
>
>
> On Sat, May 19, 2012 at 3:33 PM, Timo Sirainen  wrote:
>
>> On Fri, 2012-05-18 at 09:21 -0400, Root Kev wrote:
>> > During the last time that the load went up, it became unable to login /
>> su
>> > to root for the entire period that dovecot was running, we had to kill
>> > dovecot and go back to Popa3d until the mailq was cleared up.  We are
>> > running CentOS 5.6 server.  Based on TOP running at the time the CPU
>> usage
>> > was running under 10%.  Once Dovecot was killed, we were then able to
>> log
>> > in /su again.
>>
>> Like Kelsey said, a very high disk IO might explain this, although
>> normally the login should still eventually succeed. Another thing I'm
>> wondering is if some process limit reached. How does the login/su fail,
>> does it just hang or immediately fail with some error?
>>
>> > We were under the impression that checking to shadow directly should be
>> the
>> > fastest and least amount of overhead, is any of the other ways to
>> connect
>> > have less load on authentication to PAM?
>>
>> Your passwords really are in /etc/shadow file, not LDAP/something else?
>> I don't think the problem is with authentication. Reading /etc/shadow is
>> pretty fast (unless maybe if it's a huge file) and it anyway can't block
>> login/su from working.
>>
>>
>>
>

Re: [Dovecot] Running sieve manually

2012-05-23 Thread Robert Schetterer 
Am 23.05.2012 10:21, schrieb Fredrik Staxeng:
> I would like use sieve to split up my saved mail into different
> folders. I have tried to find out how to do that, but failed.
> 
> The IMAP server is dovecot 1.2.15 on ubuntu 11.04. The mail is stored in
> mbox folders. I have shell access. 
> 

you mean refilter existing mail ?

http://wiki.dovecot.org/HowTo/RefilterMail

if you want every mail is a file in a some folder on the filesystem you
might
want to use/change to maildir mailbox format

-- 
Best Regards

MfG Robert Schetterer

Germany/Munich/Bavaria

[Dovecot] Running sieve manually

2012-05-23 Thread Fredrik Staxeng 
I would like use sieve to split up my saved mail into different
folders. I have tried to find out how to do that, but failed.

The IMAP server is dovecot 1.2.15 on ubuntu 11.04. The mail is stored in
mbox folders. I have shell access. 

-- 
Fredrik Stax\"ang | rot13: s...@hcqngr.hh.fr
This is all you need to know about vi: ESC : q ! RET