Re: [Dovecot] about postlogin in dovecot2

[bmalik]

Thanks a lot. the script you gave works . 



--
View this message in context: 
http://dovecot.2317879.n4.nabble.com/about-postlogin-in-dovecot2-tp5993p37080.html
Sent from the Dovecot mailing list archive at Nabble.com.

Re: [Dovecot] dsync backup gets stuck... fails

[Jeff Gustafson]

On Tue, 2012-08-14 at 23:23 +0300, Timo Sirainen wrote:
> On 11.8.2012, at 0.54, Jeff Gustafson wrote:

> > What can I do to help the developers locate the bug?
> 
> Those hangs are a little bit annoying to debug, and the whole code has
> been rewritten for v2.2 already in a way that should make the hangs
> pretty much impossible. Annoyingly v2.2 isn't ready yet..

I have an issue related to this problem. dsync returns an error 75 when
it detects the source mailbox is empty (client probably pop3'd all of
their email). It also returns an error 75 when I get the timeout error.
For not I am parsing the error to find out which is which and act
accordingly. It would be much nicer if dsync returned a different error
code for empty source mailboxes.

...Jeff

Re: [Dovecot] Listen on multiple ports possible using same protocol?

[Stan Hoeppner]

On 8/14/2012 5:12 PM, Michael Durket wrote:
> Is it possible to have multiple Listen directives in a dovecot configuration 
> file for the same protocol? I am running dovecot-1.2.11 and I want to be able 
> to use the "standard port" as well as a test port:
> 
>protocol imap {
>listen = *:143
>listen = *:10143
>ssl_listen = *:993
>ssl_listen = *:10993
> 
> 
> for example.  Or is this more preferably done by pointing dovecot at 
> different configuration files?

Did you test it?

-- 
Stan

Re: [Dovecot] about postlogin in dovecot2

[Daniel Parthey]

bmalik wrote:
> But I 'll do that for only some email addresses. 

I assume that by "email addresses" you mean "user names".

> How can i do that ? 

The $SECURED variable contains "secured" if a user tries
to log in via SSL/TLS, so if an insecure connection
is found, the script should check whether the user
is in the list if users which are forced to use encryption:

##
if [ "$SECURED" == "secure" ]
then
  :# handle secure connections here
else
  :# handle insecure connections here
  if grep -q "$USER" in /etc/users-with-forced-encryption
  then
printf "* NO [ALERT] You are not allowed to connect without encryption\r\n"
exit 0
  fi
fi
##

Regards
Daniel
-- 
https://plus.google.com/103021802792276734820

Re: [Dovecot] dsync backup gets stuck... fails

[Jeff Gustafson]

On Tue, 2012-08-14 at 23:23 +0300, Timo Sirainen wrote:
> On 11.8.2012, at 0.54, Jeff Gustafson wrote:
> 
> > More dsync issues. We were running 2.1.7 and we updated to 2.1.9. Same
> > problem with both versions. 
> > I'm getting an error 75 on about 40 boxes out of 1800. It is the same
> > list of boxes every time we use 'dsync backup' to backup the server.
> > dsync seems to stop communicating to the backup box (over ssh). strace
> > just shows it sitting at a epoll_wait.
> 
> So you can easily reproduce this by running dsync for a specific user?

Yes. There is a subset of mailboxes that always time out.

> > Once the program quits (times
> > out?), a 'du' shows the destination is smaller (200kbyte in one case).
> 
> As in, some of the mails didn't get synced? (doveadm fetch could be
> used to do a better comparison, file sizes don't necessarily mean
> anything.)

True, I will dump out the mailboxes and see if it truly was incomplete.

> Those hangs are a little bit annoying to debug, and the whole code has
> been rewritten for v2.2 already in a way that should make the hangs
> pretty much impossible. Annoyingly v2.2 isn't ready yet..

I have found a manual work around. I use rsync to get the files over to
the backup machines, then I let the backup script keep things up to
date. It is not the best way to go, but at least I have backups. I
suppose I can check the log and continue to rsync things over until 2.2
comes out.

...Jeff

[Dovecot] Listen on multiple ports possible using same protocol?

[Michael Durket]

Is it possible to have multiple Listen directives in a dovecot configuration 
file for the same protocol? I am running dovecot-1.2.11 and I want to be able 
to use the "standard port" as well as a test port:

   protocol imap {
   listen = *:143
   listen = *:10143
   ssl_listen = *:993
   ssl_listen = *:10993


for example.  Or is this more preferably done by pointing dovecot at different 
configuration files?

Re: [Dovecot] about postlogin in dovecot2

[bmalik]

is there a solution ?  



--
View this message in context: 
http://dovecot.2317879.n4.nabble.com/about-postlogin-in-dovecot2-tp5993p37074.html
Sent from the Dovecot mailing list archive at Nabble.com.

Re: [Dovecot] dsync backup gets stuck... fails

[Timo Sirainen]

On 11.8.2012, at 0.54, Jeff Gustafson wrote:

>   More dsync issues. We were running 2.1.7 and we updated to 2.1.9. Same
> problem with both versions. 
>   I'm getting an error 75 on about 40 boxes out of 1800. It is the same
> list of boxes every time we use 'dsync backup' to backup the server.
> dsync seems to stop communicating to the backup box (over ssh). strace
> just shows it sitting at a epoll_wait.

So you can easily reproduce this by running dsync for a specific user?

> Once the program quits (times
> out?), a 'du' shows the destination is smaller (200kbyte in one case).

As in, some of the mails didn't get synced? (doveadm fetch could be used to do 
a better comparison, file sizes don't necessarily mean anything.)

>   Has anyone else seen an exit code of 75? Nothing in the documentation
> mentions what exit code 75 could mean.

"temporary failure".

>   What can I do to help the developers locate the bug?

Those hangs are a little bit annoying to debug, and the whole code has been 
rewritten for v2.2 already in a way that should make the hangs pretty much 
impossible. Annoyingly v2.2 isn't ready yet..

Re: [Dovecot] dsync backup gets stuck... fails

[Jeff Gustafson]

I ran a rsync on the mailboxes that I was having issues with. I re-ran
rsync until I had a full sync with no further updates. Then I ran a
dsync. dsync was able to run without issue. 
If I wipe out the target directory and re-run dsync, I'm back to dsync
getting stuck. Running rsync on mdbox files is not optimal. What else
can I do to track down the issue?
I've contacted Timo's company about payed support so we can get a fix
for this issue. I hope to hear from them soon.

...Jeff

[Dovecot] vacation and field FROM

[Николай Клименко]

Hi to all
Here is the following scheme: Dovecot in a link with AD.
For LDA and IMAP different views are used in a base.
For example there is a user with such e-mail type -  1.n...@domain.ltd 
with the name of authorization auth_1.name.

Incoming male folds up in /var/mail/domain/auth_1.name

When vacation is on, the letters from 1.n...@domain.ltd are sent in a 
following way auth_1.n...@domain.ltd

I guess the problem is in two different data-base queries.
Could you please tell me how to solve this problem and to make the 
answer to be sent from the same adress it is comes to.


part of dovecot.conf

protocol lda {
mail_plugins = sieve acl
hostname = domain.ltd
postmaster_address = 
auth_socket_path = /var/run/dovecot/auth-master_lda
log_path = /var/log/dovecot-deliver.log
}

auth default {
verbose = no
debug = no
debug_passwords = no
mechanisms = plain
user = dovecot
passdb passwd-file {
args = /etc/dovecot/passwd.masterusers
master = yes
}
passdb ldap {
args = /etc/dovecot/dovecot-ldap.conf
}
userdb static {
args = uid=2 gid=2 home=/opt/mail/user_mailbox/%Lu
   allow_all_users=yes
}
socket listen {
master {
path = /var/run/dovecot/auth-master
mode = 0660
user = vmail
group = vmail
}
client {
path = /var/spool/postfix/private/dovecot-auth
mode = 0660
user = postfix
group = postfix
   }
}
   }

auth auth_lda {
verbose = no
debug = no
debug_passwords = no
mechanisms = plain
user = dovecot
passdb ldap {
args = /etc/dovecot/dovecot-ldap_lda.conf
}
userdb ldap {
args = /etc/dovecot/dovecot-ldap_lda.conf
}
socket listen {
master  {
path = /var/run/dovecot/auth-master_lda
mode = 0660
user = vmail
group = vmail
}


part of dovecot-ldap.conf (filter options)

   pass_attrs = sAMAccountName=user
   pass_filter =
   
(&(sAMAccountName=%u)(objectClass=user)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))


part of dovecot-ldap_lda.conf

   user_attrs = sAMAccountName=user
   user_filter = (mail=%u)

   pass_attrs = sAMAccountName=user
   pass_filter = (mail=%u)


--

Re: [Dovecot] Deleting metadata smashes file dovecot.dict

[Andre Gröbe]

On reading 'big' metadata entries i got a similiar behaviour 
(metadata_maxsize = 10240). The command getmetadata returns no data. I 
have created a dovecot.dict with a single entry 
(key=priv/mailbox/fba9aa2cf41721501f34d6254462/private/vendor/test/10458d10cf1f2a502375d6254462/2) 
to reproduce that.


I expected to get the value with command:

. getmetadata inbox /private/vendor/test/10458d10cf1f2a502375d6254462/2
. OK Completed.

It seems to me that there is a bug in metadata plugin. Anyone any ideas?

TIA
Andre


dovecot.dict.bz2
Description: application/bzip

Re: [Dovecot] IMAP IDLE - iPhone?

[Oon-Ee Ng]

On Tue, Aug 14, 2012 at 4:18 PM, Timo Sirainen  wrote:
> Yes, doesn't help with multiple accounts, because the hashed username is 
> different (no IP). I guess this could be changed to be per IP just as well. I 
> think I wondered about which one to use previously but didn't see any point 
> in choosing IP over username, but yes, multiple accounts could be a reason, 
> especially after the whole world is using only Dovecot. :)

I for one welcome our new Dovecot overlords

Sorry for the noise.

Re: [Dovecot] IMAP IDLE - iPhone?

[Timo Sirainen]

On 14.8.2012, at 11.04, Ed W wrote:

> - Then there is tcp keepalive.  Does Dovecot enable these? (Sorry, I should 
> look in the code...).

Yes.

>  However, applications which enable it (eg optional in SSH) will trigger a 
> default (I think) 75 second network packet

It's something like 2 hours by default in Linux.

> As Timo says, Dovecot tries to be clever and coalesce packets from checking 
> multiple folders, but from memory there are limitations on this if you have 
> multiple *accounts*?  I think the hash is per email address and per IP ?

Yes, doesn't help with multiple accounts, because the hashed username is 
different (no IP). I guess this could be changed to be per IP just as well. I 
think I wondered about which one to use previously but didn't see any point in 
choosing IP over username, but yes, multiple accounts could be a reason, 
especially after the whole world is using only Dovecot. :)

> But of course if your emails turn up every few seconds, then you will be 
> triggering wakeups every few seconds also.

Maybe Dovecot could make this somehow smarter some day.. Or create a plugin 
that allows that.

Re: [Dovecot] IMAP IDLE - iPhone?

[Ed W]

On 10/08/2012 10:25, Timo Sirainen wrote:

how does help me "save battery" if i have a folder-structure
maintained by sieve if i do not get my new mails?

If you open 10 connections to IMAP server and will IDLE on them - your phone 
will wake up to reply for ping in every of that 10 connections.
Imagine if there will 100 folders?

Like mentioned previously in this thread, you can disable the "ping"s in 
Dovecot. And even when they happen Dovecot makes them happen at the same time. So I think 
the power usage difference between 1 connection and 100 connections isn't much.



The battery consumption problem seems common, but understanding of it is 
poor...


The situation is simply:
- Waking up a 3G radio is expensive on power
- So prefer to do it less frequently and do a chunk of stuff, rather 
than doing a small amount of data quite frequently

- Every 30 mins is only 48 times a day.  Every 15 seconds is massively more
- Different 3G networks have different parameters set which will 
dramatically affect battery life.  ie they wait longer/shorter before 
allowing the radio to go idle once woken up. I don't know a good online 
resource to see these settings, my old Nokia had a utility to 
investigate things...
- Firewalls impose challenges on being silent for 30 mins at a time and 
may drop any NAT mappings
- The 3G network will almost certainly have a NAT in the way which 
guarantees you have a (probably very short) NAT timeout (perhaps 10 mins 
or perhaps less)
- Then there is tcp keepalive.  Does Dovecot enable these? (Sorry, I 
should look in the code...).  However, applications which enable it (eg 
optional in SSH) will trigger a default (I think) 75 second network packet


As Timo says, Dovecot tries to be clever and coalesce packets from 
checking multiple folders, but from memory there are limitations on this 
if you have multiple *accounts*?  I think the hash is per email address 
and per IP ?


But of course if your emails turn up every few seconds, then you will be 
triggering wakeups every few seconds also.


I think if you tune things with that in mind, it's very possible to get 
very low battery usage.  Using tcpdump on your mobile client to help 
tune things is a great help.  Basically every stray packet is a killer 
for battery, hunt them down.



Cheers

Ed W

Re: [Dovecot] v2.2 status update: IMAP NOTIFY extension and more

[Ed W]

On 13/08/2012 19:27, Patrick Ben Koetter wrote:

* Timo Sirainen :

I'm also considering implementing an SMTP submission server, which works
only as a proxy to the real SMTP server. The benefits of it would mainly
be:

  * It could support BURL command and other extensions required by
LEMONADE. The real SMTP server would see only regular DATA commands.
  * Would make SMTP AUTH easy to implement regardless of what the real
SMTP server is.

Nice move! Especially since I recall Wietse being not very inclined to
implement anything alike.



Annoyingly Apple implemented burl for postfix, submitted the patch, but 
Wietse declined it (for reasons I would need to remind myself of - I 
think some implementation concerns, but mainly "who is using it, lets 
see the clients first")


I would also be very interested to see BURL support appear.  It appears 
to offer bandwidth reductions (my customers are all on slow dialup 
links), and at least some apple clients (IOS?) support it


Cheers

Ed W