[Dovecot] Proxy to join two accounts

2012-11-21 Thread Tomek 

Hello,

I have server with IMAP on dovecot for user mails and second server on 
archiveopteryx as mail archive.


I'm wondering if it's possible to make some sort of proxy to these two 
servers in way where:

- dovecot server will be main IMAP service with INBOX, etc
- I want archiveopteryx account to be something like shared folder with 
read only access (no delete, no move, etc) in path ex. /archive/user.name
- this proxy mappings should allow adding few archive accounts to one 
user (in case of people replacement)
 + it will be cool if this mappings could be defined in database so I 
could write tools to manage archive access for bosses.


Is such case possible to achieve with dovecot (any howto or example 
would be very helpful)? If not - do you know any proxy tools that could 
allow such configuration?


Thanks for any help.

Regards,
Tomek.

Re: [Dovecot] v2.1 memory usage

2012-11-21 Thread Charles Marcus 

On 2012-11-12 2:31 PM, Ed W li...@wildgooses.com wrote:
Openssl is a *massive* project and I'm unsure that gnutls is much 
smaller... We should assume that both are quite scary from a 
security point of view.  Licensing is the main thing which divides 
them, gnutls is stated as GPL compatible (however, the nominal 
incompatibility of openssl seems difficult to understand?)


OpenVPN integrated with PolarSSL and got Dutch government official 
approval for the combined package.  I think elsewhere it's stated that 
openssl would not have been approved because something like the 
codebase was too large to inspect and sign off

http://polarssl.org/news?item=0132

I haven't worked with PolarSSL, so no idea, but it's massively smaller 
codebase is likely attractive if you are the kind of person who 
actually *does* security audits on the software you run in secure 
situations.


Openssl is just a complete swiss army knife of tools!


Very interesting... I'd certainly be interested in switching to it, as 
long as the most common tools are supported


Is it considered a drop in replacement for OpenSSL?

--

Best regards,

Charles

[Dovecot] Dovecot director doveadm with switch -A error

2012-11-21 Thread Ramon Frontera 
Hi,

we have a problem with our director proxy configuration. 
When we run on proxy server the doveadm command with -A switch, fails with the 
error:

# doveadm -D quota get -A
doveadm(user1): Debug: auth input: user=user1 proxy starttls=any-cert
doveadm(user1): Error: Proxy is missing destination host
doveadm: Error: Failed to iterate through some users

If we execute the command with a single user, director assigns host  and goes 
well,
Example:

# doveadm -D quota get -u user1
doveadm(user1): Debug: auth input: user=user1 proxy starttls=any-cert 
host=xx.xx.xx.xx proxy_refresh=450
Quota name Type Value   Limit   
 %
User quota STORAGE 159401 2621440   
 6
User quota MESSAGE341   -   
 0


We have tried different configurations and all goes wrong with this -A 
switch, Timo please, could you tell us if we  have
a missconfiguration or its a possible director bug ??

We really want execute the expire plugin on ours directors and them redirect to 
the backends servers of every user.

thanks in advance.

Our doveconf -n:

# dovecot -n
# 2.1.10: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-279.14.1.el6.x86_64 x86_64 CentOS release 6.3 (Final) 
auth_cache_size = 3 k
auth_cache_ttl = 15 mins
auth_debug = yes
auth_verbose = yes
base_dir = /var/run/dovecot/
default_client_limit = 3
default_process_limit = 5000
dict {
  expire = mysql:/etc/dovecot/dovecot-dict-expire.conf.ext
}
director_doveadm_port = 990
director_mail_servers = mailserver1 mailserver2
director_servers = proxy1
doveadm_proxy_port = 24245
lmtp_proxy = yes
mail_debug = yes
mail_plugins = expire quota
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character 
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy 
include variables body enotify environment mailbox date ihave
namespace inbox {
  location = 
  mailbox Drafts {
special_use = \Drafts
  }
  mailbox Junk {
special_use = \Junk
  }
  mailbox Sent {
special_use = \Sent
  }
  mailbox Sent Messages {
special_use = \Sent
  }
  mailbox Trash {
special_use = \Trash
  }
  prefix = 
}
passdb {
  args = /etc/dovecot/dovecot-ldap-users.conf.ext
  driver = ldap
}
plugin {
  expire = Trash
  expire2 = Trash/*
  expire_dict = proxy::expire
}
postmaster_address = postmasteratcompany
protocols = imap pop3 lmtp sieve
service auth {
  client_limit = 27048
  unix_listener /var/spool/postfix/private/auth {
mode = 0666
  }
  unix_listener auth-userdb {
group = dovecot
mode = 0660
  }
}
service director {
  fifo_listener login/proxy-notify {
mode = 0600
user = $default_login_user
  }
  inet_listener {
port = 9090
  }
  unix_listener director-userdb {
mode = 0660
  }
  unix_listener login/director {
mode = 0666
  }
}
service doveadm {
  executable = doveadm-server director
  inet_listener doveadm-server {
port = 24245
  }
}
service imap-login {
  executable = imap-login director
  inet_listener imap {
port = 143
  }
  inet_listener imaps {
port = 993
ssl = yes
  }
}
service ipc {
  unix_listener ipc {
user = dovecot
  }
}
service lmtp {
  client_limit = 1
  inet_listener lmtp {
port = 30025
  }
}
service managesieve-login {
  executable = managesieve-login director
}
service pop3-login {
  executable = pop3-login director
  inet_listener pop3 {
port = 110
  }
  inet_listener pop3s {
port = 995
ssl = yes
  }
}
ssl = required
ssl_cert = /etc/pki/tls/certs/imap.crt
ssl_key = /etc/pki/tls/private/imap.uib.es_privatekey.pem
syslog_facility = local1
userdb {
  driver = prefetch
}
userdb {
  args = /etc/dovecot/dovecot-ldap-users.conf.ext
  driver = ldap
}
verbose_proctitle = yes
protocol lmtp {
  auth_socket_path = director-userdb
  mail_plugins = expire quota sieve quota
  passdb {
args = /etc/dovecot/dovecot-ldap-pass.conf.lmtp
driver = ldap
  }
}
protocol doveadm {
  auth_socket_path = director-userdb
}
protocol imap {
  mail_max_userip_connections = 20
  mail_plugins = expire quota
}
protocol pop3 {
  pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
}
local ip/24/24 {
  doveadm_password = supersecretpassword
}




--
--
  Ramon Frontera Gallardo
  Universitat de les Illes Balears

[Dovecot] Autocreate No namespace for Problem

2012-11-21 Thread tibby 

Hi!

I see this in the log:
autocreate: No namespace found for Trash
autocreate: No namespace found for Spam
autocreate: No namespace found for Sent
autocreate: No namespace found for Trash
autocreate: No namespace found for Spam
autocreate: No namespace found for Sent

Why do I get this error ?
Do I need to create a separate namespace for every folder?

The config file looks like this:
namespace private {
separator = .
prefix = INBOX.
inbox = yes
subscriptions = yes
list = yes
}
...
plugin {
  autocreate = Trash
  autocreate2 = Spam
  autocreate3 = Sent
  autosubscribe = Trash
  autosubscribe2 = Spam
  autosubscribe3 = Sent
}

Thanks!

Re: [Dovecot] Autocreate No namespace for Problem

2012-11-21 Thread Robert Schetterer 
Am 21.11.2012 15:23, schrieb ti...@tibby.hu:
 Hi!
 
 I see this in the log:
 autocreate: No namespace found for Trash
 autocreate: No namespace found for Spam
 autocreate: No namespace found for Sent
 autocreate: No namespace found for Trash
 autocreate: No namespace found for Spam
 autocreate: No namespace found for Sent
 
 Why do I get this error ?
 Do I need to create a separate namespace for every folder?
 
 The config file looks like this:
 namespace private {
 separator = .
 prefix = INBOX.
 inbox = yes
 subscriptions = yes
 list = yes
 }
 ...
 plugin {
   autocreate = Trash
   autocreate2 = Spam
   autocreate3 = Sent
   autosubscribe = Trash
   autosubscribe2 = Spam
   autosubscribe3 = Sent
 }
 
 Thanks!
 

just a guess

try

autocreate = INBOX.Trash

cause you did
prefix = INBOX.


Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer
Aufsichtsratsvorsitzender: Joerg Heidrich

[Dovecot] XMLRPC anyone?

2012-11-21 Thread Egbert 

Hi,

Is there any code around that lets Dovecot (2.x) aauthenticate via a 
XMLRPC server (which connects to a LDAP server) instead of going 
directly to a LDAP server? It could give much more flexibility.

TIA
Egbert Jan, NL

[Dovecot] Filesystem quotas

2012-11-21 Thread Andreas Kasenides 
I could not determine if when using filesystem quotas 
(http://wiki2.dovecot.org/Quota/FS)
Dovecot will use the reported quota and limits without the need of 
configuring them
via quota_rules. Is this possible somehow? Such a feature would 
determine the quota limits
automatically from the filesystem quotas thereby allowing to make use of 
them in quota warnings.
Dovecot already knows the quota settings and limits. Here is evidence 
from the logs


Nov 21 19:24:22 iolaos dovecot: imap(user): Debug: box=/Mail/ank 
mount=/newmail match=yes
Nov 21 19:24:22 iolaos dovecot: imap(user): Debug: quota-fs: 
host=..ucy.xx.cy, path=/mail, uid=211, bytes
Nov 21 19:24:22 iolaos dovecot: imap(user): Debug: quota-fs: uid=211, 
value=2779115520, limit=8388608000

I am using (testing) version 2.2alpha1.

Thankx.

--
Andreas Kasenides
Senior IT Officer
University of Cyprus, Dept. of Computer Science
Tel: 22892714, Fax: 22892701