Re: [Dovecot] Question regarding Postfix and Dovecot
I really find the lack of error logging, and the virtual lack of documentation for Dovecot very disturbing. I am so close to dropping this side project of being able to support multiple domains on a mail server. It is in my utmost respectful opinion to have multiple files to edit just to get this working in basic mode. Why cant dovecot combine all configuration parameters into one config like that of postfix main.cf for server config, and the master.cf for sockets and listeners? If there are multiple files to be edited then the error logging should mention what file contains the log, and where so you can easily locate the issue. I find this software to be very lack luster and very difficult to use. Dovecot has given me nothing but headache and grief, and as far as I am concerned not a finished product. On Sun, Mar 17, 2013 at 12:29 AM, Noel Butler noel.but...@ausics.netwrote: On Sat, 2013-03-16 at 15:33 +0100, mourik jan heupink wrote: destination_recipient_limit Not sure what happened there but evolution did not like all the chars in your post when invoking reply... probably time to update this darn thing, its the last ubuntu POS that hasn't been updated to opensuse yet. Ah interesting..! Is that perhaps why dovecot_destination_recipient_limit=1 was needed, here..? No, it was to reduce the possibility of some other little quirks rearing their nasty heads IIRC. -- Daniel Reinhardt crypto...@cryptodan.net http://www.cryptodan.net 301-875-7018(c) 410-455-0488(h)
Re: [Dovecot] Question regarding Postfix and Dovecot
On 3/17/2013 3:20 AM, Daniel Reinhardt wrote: I really find the lack of error logging, and the virtual lack of documentation for Dovecot very disturbing. I am so close to dropping this side project of being able to support multiple domains on a mail server. It is in my utmost respectful opinion to have multiple files to edit just to get this working in basic mode. Why cant dovecot combine all configuration parameters into one config like that of postfix main.cf for server config, and the master.cf for sockets and listeners? If there are multiple files to be edited then the error logging should mention what file contains the log, and where so you can easily locate the issue. I find this software to be very lack luster and very difficult to use. Dovecot has given me nothing but headache and grief, and as far as I am concerned not a finished product. We are very sorry you are not satisfied with the software. Please feel free to return the software for a full refund of all the money you paid. If you do not like the multiple config files, you can always combine them. Documentation is online at http://www.dovecot.org/documentation.html Welcome to the world of open source. Software is provided through the generous contributions of many people, all of whom have regular jobs and do this because they enjoy it. With open source, if there is something you do not like, you can change the software to your liking. Try that with proprietary software. And just a friendly word of advice: change your attitude or you will find your cries fall on deaf ears. Dem
[Dovecot] Dovecot SASL Postfix
This is probably a dumb question, but I'll ask anyway. I am currently using Postfix with Dovecot and Cyrus-SASL. I want to switch over to Dovecot SASL. The regular Dovecot user/password file is not the same as the file used by cyrus-sasl. Usewr names and passwords are different. I created a flat file that dovecot can use for SASL look-ups; however, exactly where in the Dovecot config file to I place the entry. -- Jerry ♔ Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __
Re: [Dovecot] Dovecot SASL Postfix
Am 17.03.2013 13:04, schrieb Jerry: I am currently using Postfix with Dovecot and Cyrus-SASL. I want to switch over to Dovecot SASL. The regular Dovecot user/password file is not the same as the file used by cyrus-sasl I created a flat file that dovecot can use for SASL look-ups the main benefit of dovecot SASL is that SMTP auth is using exactly the same users/passwords and auth-mechs as imap/pop3 - so i do not understand why you want create anything special signature.asc Description: OpenPGP digital signature
Re: [Dovecot] Dovecot SASL Postfix
On Sun, 17 Mar 2013 13:21:38 +0100 Reindl Harald articulated: Am 17.03.2013 13:04, schrieb Jerry: I am currently using Postfix with Dovecot and Cyrus-SASL. I want to switch over to Dovecot SASL. The regular Dovecot user/password file is not the same as the file used by cyrus-sasl I created a flat file that dovecot can use for SASL look-ups the main benefit of dovecot SASL is that SMTP auth is using exactly the same users/passwords and auth-mechs as imap/pop3 - so i do not understand why you want create anything special Because that is the way the system was originally configured. I had nothing to do with it. The system uses a simple format: u...@doman.com password The SASL mechanism presently in use uses: u...@hostname.domain.compassword Worse, the passwords are not the same in both instances. If I try to implement one system I will have to deal with all of the present users and get them all on the same page. That is not something I really want to invest time in right now. If dovecot could be told to use a specific file then that would simplify things greatly. Besides, the SASL file does not need all of the information contained in the regular Dovecot user/passwd file. Otherwise, I might just give up on this entire endeavor. -- Jerry ♔ Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __ signature.asc Description: PGP signature
Re: [Dovecot] Dovecot SASL Postfix
On 2013-03-17 9:08 AM, Jerry je...@seibercom.net wrote: Because that is the way the system was originally configured. I had nothing to do with it. The system uses a simple format: u...@doman.com password The SASL mechanism presently in use uses: u...@hostname.domain.compassword Worse, the passwords are not the same in both instances. If I try to implement one system I will have to deal with all of the present users and get them all on the same page. That is not something I really want to invest time in right now. If dovecot could be told to use a specific file then that would simplify things greatly. Besides, the SASL file does not need all of the information contained in the regular Dovecot user/passwd file. Otherwise, I might just give up on this entire endeavor. Personally, I would *much* prefer the pain of changing everyone over to a single password backend for both just one time, than to have to continue to maintain a broken system. -- Best regards, Charles
Re: [Dovecot] Question regarding Postfix and Dovecot
On 3/17/2013 5:25 AM, Professa Dementia wrote: We are very sorry you are not satisfied with the software. Please feel free to return the software for a full refund of all the money you paid. You do not speak on behalf of Dovecot, Timo, this list, and certainly not for me. Do not use we in this manner. And there's no reason to be a smart ass. Welcome to the world of open source. Software is provided through the generous contributions of many people, all of whom have regular jobs and do this because they enjoy it. With open source, if there is something you do not like, you can change the software to your liking. Try that with proprietary software. The OP is fully familiar with the open source model. Being open source and developed by volunteer effort is NEVER an excuse for crappy software or documentation. The OP has every right, and *duty* to voice his opinion, whether it be praise or critique. Without critique software doesn't get improved. I absolutely agree with him. While the split config setup may make sense to a developer, and it may work better with some automated tools, it is counter intuitive for the majority of UNIX users. It should have been made optional, not the default. Doing this was pretty stupid and will confuse, possibly infuriate, new users, as in this case, and likely some of those upgrading as well. Things like this, as well as lackluster documentation, tend to retard adoption, or worse, drive current users to competing solutions. And just a friendly word of advice: change your attitude or you will find your cries fall on deaf ears. The OP's attitude is fine. It is yours that is the problem. Dissent and critique should be cherished, not attacked. We're not a bunch of little Fascists walking in lock step under de Fuhrer Timo, so stop acting like one. -- Stan
Re: [Dovecot] Dovecot as LDA with Postfix and virtual users
Hello Rob! Thanks for answering! On 17 March 2013 02:58, /dev/rob0 r...@gmx.co.uk wrote: On Sun, Mar 17, 2013 at 01:20:55AM +0100, Christian Benke wrote: Some part in the configuration seems to miss though, as mails are received by Postfix, but instead of giving it to Dovecot for delivery, it delivers the mails itself. Perhaps surprisingly, this is a Postfix issue, not a Dovecot one. No, i was expecting it :-) I just wasn't sure where it belongs to. Mar 17 00:02:46 poab postfix/local[15341]: 66AD04E23EE: to=benkkk AT example.com, relay=local, delay=0.35, delays=0.3/0.01/0/0.04, dsn=2.0.0, status=sent (delivered to mailbox) This is postfix/local, which means it is not being routed to your virtual_transport. It means example.com is in mydestination. You did not even set mydestination, thus you get the default. You really should review the Postfix Basic Configuration README: No, i tried a lot yesterday and i started from a working postfix/dovecot-setup with PAM. The config i posted above was merely the last incarnation. Should probably have emphasized that. I commented out mydestination because i received warnings that i shouldn't list them in both mydestination and virtual_mailbox_domains. Still, dovecot LDA has not been called either when the mydestination-parameter was present: Mar 16 21:54:56 poab postfix/smtpd[4197]: connect from mail-we0-f176.google.com[74.125.82.176] Mar 16 21:54:56 poab postfix/smtpd[4197]: setting up TLS connection from mail-we0-f176.google.com[74.125.82.176] Mar 16 21:54:56 poab postfix/smtpd[4197]: Anonymous TLS connection established from mail-we0-f176.google.com[74.125.82.176]: TLSv1 with cipher RC4-SHA (128/128 bits) Mar 16 21:54:56 poab dovecot: auth: Debug: Loading modules from directory: /usr/lib/dovecot/modules/auth Mar 16 21:54:56 poab dovecot: auth: Debug: Module loaded: /usr/lib/dovecot/modules/auth/libdriver_mysql.so Mar 16 21:54:56 poab dovecot: auth: Debug: Module loaded: /usr/lib/dovecot/modules/auth/libdriver_pgsql.so Mar 16 21:54:56 poab dovecot: auth: Debug: Module loaded: /usr/lib/dovecot/modules/auth/libdriver_sqlite.so Mar 16 21:54:56 poab dovecot: auth: Debug: passwd-file /etc/dovecot/users: Read 1 users in 0 secs Mar 16 21:54:56 poab dovecot: auth: Debug: auth client connected (pid=0) Mar 16 21:54:56 poab postfix/trivial-rewrite[4202]: warning: do not list domain example.com in BOTH mydestination and virtual_mailbox_domains Mar 16 21:54:56 poab postfix/smtpd[4197]: 856034E1FD1: client=mail-we0-f176.google.com[74.125.82.176] Mar 16 21:54:56 poab postfix/cleanup[4203]: 856034E1FD1: message-id=CAAMQ8bS2bi6HG=u8bmc+e-_yu47wrb6dwxhh2rgsushdvpn...@mail.gmail.com Mar 16 21:54:56 poab postfix/qmgr[4195]: 856034E1FD1: from=benkkk AT wheemail.com, size=1644, nrcpt=1 (queue active) Mar 16 21:54:56 poab postfix/trivial-rewrite[4202]: warning: do not list domain example.com in BOTH mydestination and virtual_mailbox_domains Mar 16 21:54:56 poab postfix/smtpd[4197]: disconnect from mail-we0-f176.google.com[74.125.82.176] Mar 16 21:54:56 poab postfix/local[4204]: 856034E1FD1: to=benkkk AT example.com, relay=local, delay=0.39, delays=0.33/0.01/0/0.06, dsn=2.0.0, status=sent (delivered to mailbox) Mar 16 21:54:56 poab postfix/qmgr[4195]: 856034E1FD1: removed Perhaps you'd be better off without the virtual mailboxes anyway? Perhaps, and that's where i actually started from. Virtual users are an attractive feature tough and as it didn't seem too intimidating, i thought i could give it a try. 6 hours later, i was wiser. I've gone back to the working PAM-config today and will try to figure out SASL for now, maybe going back to virtual users later. But i'm still interested in comments regarding the mydestination issue, i can go back to the virtual user settings quickly to try. [snip] Central Asia by bike, starting May 2013 - http://poab.org Wow, a great adventure, good luck! Thanks! Will (re-)add a RSS-feed soon. Best regards, Christian
Re: [Dovecot] Dovecot SASL Postfix
Am 17.03.2013 14:08, schrieb Jerry: the main benefit of dovecot SASL is that SMTP auth is using exactly the same users/passwords and auth-mechs as imap/pop3 - so i do not understand why you want create anything special Because that is the way the system was originally configured. I had nothing to do with it. time to fix it or not touch it at all The system uses a simple format: u...@doman.compassword The SASL mechanism presently in use uses: u...@hostname.domain.com password pff - sounds funny for the users whoever did set this up - seek and punish this guy :-) Worse, the passwords are not the same in both instances. If I try to implement one system I will have to deal with all of the present users and get them all on the same page. That is not something I really want to invest time in right now. so do not touch it at all or do it right for one last time If dovecot could be told to use a specific file then that would simplify things greatly. Besides, the SASL file does not need all of the information contained in the regular Dovecot user/passwd file. Otherwise, I might just give up on this entire endeavor. how should it be told? dovecot has it's passwords and usernames, they are still used for IMAP/POP3 if postfix is using dovecot-SASL dovecot will take over SASL auth at all and is using it's usernames and passwords signature.asc Description: OpenPGP digital signature
Re: [Dovecot] Question regarding Postfix and Dovecot
On 2013-03-17 10:13 AM, Stan Hoeppner s...@hardwarefreak.com wrote: On 3/17/2013 5:25 AM, Professa Dementia wrote: We are very sorry you are not satisfied with the software. Please feel free to return the software for a full refund of all the money you paid. You do not speak on behalf of Dovecot, Timo, this list, and certainly not for me. Do not use we in this manner. And there's no reason to be a smart ass. I'd call it more 'tongue-in-cheek'... But the fact is, while not perfect, Dovecot is pretty well documented, and Timo is very good about fixing it when errors are pointed out. Also, the documentation link is very prominent on dovecots home page, so the complaint about the 'virtual lack of documentation' is flat out wrong and deserves to be called out. Also, since it (the docs) is a wiki, and since this is 'free software', there is nothing wrong with some level of expectation that others help out if/when they encounter anything that lacks. The OP is fully familiar with the open source model. So you know him personally? If you don't, then how can you be so sure? I suggest that his false claim of the 'virtual lack of documentation' suggests otherwise. People familiar with the open source model are also familiar with how to look for documentation for open source software. Being open source and developed by volunteer effort is NEVER an excuse for crappy software or documentation. So now *you* falsely claim that dovecot is 'crappy software with crappy documentation? The nice thing about open source software is you are free to use it, make it better (either through code contributions, documentation efforts, providing support on mail lists, etc), or, don't use it at all. I suggest that your time would be better spent doing one of the above, rather than just spewing false claims. The OP has every right, and *duty* to voice his opinion, whether it be praise or critique. Without critique software doesn't get improved. Does he have every right to *lie* about it? Opinions vary, but facts are facts, and the fact is, the claim that dovecot has a 'virtual lack of documentation' is an outright lie. It may not be as good as you or others might like, and there may be certain places where it is a bit lacking, but rather than spewing false claims, maybe your time would be better spent improving it? I absolutely agree with him. Then you are free to do one of the above... While the split config setup may makesense to a developer, and it may work better with some automated tools, it is counter intuitive for the majority of UNIX users. There are those who disagree with you. I happen to *not* be one of them, I was certainly very confused by the split config when I first peeked at it, but again, as has already been pointed out, you are free to put everything in your own single config file. In fact, It is very easy to do, and also (contrary to the false claims presented) well documented: http://wiki2.dovecot.org/BasicConfiguration In fact, I now really like doing it this way, because I can just add all of my settings to a file named /etc/dovecot/conf.d/99-mysettings.conf, and know that they will over-ride any settings in any other files. This makes it really easy to manage my settings. I do something similar in postfix - I add a new section at the very end of main.cf: *** Bgn My Custom Settings *** my settings here *** End My Custom Settings This makes it very easy (for me) to manage changes and updates. Of course, what I like may seem silly or confusing to someone else. Isn't freedom cool? :) It should have been made optional, not the default. This is a design decision. Timo is the primary dovecot author, so it is his decision. You are free to disagree with it, but his choice doesn't make dovecot 'crappy software'. Doing this was pretty stupid and will confuse, possibly infuriate, new users, as in this case, and likely some of those upgrading as well. As long as they rtfm - and again, it *is* fairly well documented, although personally I personally think it could be made more prominent. And again - you are free to improve the documentation. Regardless, it certainly isn't 'stupid', and is only likely to confuse and/or infuriate new users who refuse to rtfm. Things like this, as well as lackluster documentation, tend to retard adoption, or worse, drive current users to competing solutions. I would agree in general, but not with respect to dovecot in particular, because I don't see dovecot as having 'lackluster' documentation. And just a friendly word of advice: change your attitude or you will find your cries fall on deaf ears. Back at ya Stan. Normally you are pretty level-headed, and some of your posts regarding details of enterprise hardware are extremely informative, personally I think this post is way beneath you. The OP's attitude is fine. It is yours that is the problem. Dissent and critique should be
Re: [Dovecot] Question regarding Postfix and Dovecot
Seriously. Stop it. Carry on your personal vendettas with Stan and others in private, please. - bdh On Mar 17, 2013, at 11:39 AM, Charles Marcus cmar...@media-brokers.com wrote: On 2013-03-17 10:13 AM, Stan Hoeppner s...@hardwarefreak.com wrote: On 3/17/2013 5:25 AM, Professa Dementia wrote: We are very sorry you are not satisfied with the software. Please feel free to return the software for a full refund of all the money you paid. You do not speak on behalf of Dovecot, Timo, this list, and certainly not for me. Do not use we in this manner. And there's no reason to be a smart ass. I'd call it more 'tongue-in-cheek'... But the fact is, while not perfect, Dovecot is pretty well documented, and Timo is very good about fixing it when errors are pointed out. Also, the documentation link is very prominent on dovecots home page, so the complaint about the 'virtual lack of documentation' is flat out wrong and deserves to be called out. Also, since it (the docs) is a wiki, and since this is 'free software', there is nothing wrong with some level of expectation that others help out if/when they encounter anything that lacks. The OP is fully familiar with the open source model. So you know him personally? If you don't, then how can you be so sure? I suggest that his false claim of the 'virtual lack of documentation' suggests otherwise. People familiar with the open source model are also familiar with how to look for documentation for open source software. Being open source and developed by volunteer effort is NEVER an excuse for crappy software or documentation. So now *you* falsely claim that dovecot is 'crappy software with crappy documentation? The nice thing about open source software is you are free to use it, make it better (either through code contributions, documentation efforts, providing support on mail lists, etc), or, don't use it at all. I suggest that your time would be better spent doing one of the above, rather than just spewing false claims. The OP has every right, and *duty* to voice his opinion, whether it be praise or critique. Without critique software doesn't get improved. Does he have every right to *lie* about it? Opinions vary, but facts are facts, and the fact is, the claim that dovecot has a 'virtual lack of documentation' is an outright lie. It may not be as good as you or others might like, and there may be certain places where it is a bit lacking, but rather than spewing false claims, maybe your time would be better spent improving it? I absolutely agree with him. Then you are free to do one of the above... While the split config setup may makesense to a developer, and it may work better with some automated tools, it is counter intuitive for the majority of UNIX users. There are those who disagree with you. I happen to *not* be one of them, I was certainly very confused by the split config when I first peeked at it, but again, as has already been pointed out, you are free to put everything in your own single config file. In fact, It is very easy to do, and also (contrary to the false claims presented) well documented: http://wiki2.dovecot.org/BasicConfiguration In fact, I now really like doing it this way, because I can just add all of my settings to a file named /etc/dovecot/conf.d/99-mysettings.conf, and know that they will over-ride any settings in any other files. This makes it really easy to manage my settings. I do something similar in postfix - I add a new section at the very end of main.cf: *** Bgn My Custom Settings *** my settings here *** End My Custom Settings This makes it very easy (for me) to manage changes and updates. Of course, what I like may seem silly or confusing to someone else. Isn't freedom cool? :) It should have been made optional, not the default. This is a design decision. Timo is the primary dovecot author, so it is his decision. You are free to disagree with it, but his choice doesn't make dovecot 'crappy software'. Doing this was pretty stupid and will confuse, possibly infuriate, new users, as in this case, and likely some of those upgrading as well. As long as they rtfm - and again, it *is* fairly well documented, although personally I personally think it could be made more prominent. And again - you are free to improve the documentation. Regardless, it certainly isn't 'stupid', and is only likely to confuse and/or infuriate new users who refuse to rtfm. Things like this, as well as lackluster documentation, tend to retard adoption, or worse, drive current users to competing solutions. I would agree in general, but not with respect to dovecot in particular, because I don't see dovecot as having 'lackluster' documentation. And just a friendly word of advice: change your attitude or you will find your cries fall on deaf ears. Back at ya Stan. Normally you are
Re: [Dovecot] Question regarding Postfix and Dovecot
First of all the wiki articles on dovecots site are poorly written compared to apache and postfix. That is what I mean by lack luster the error logging is lack luster as it doesn't specify the file or the line error is on like many very well supported applications like apache and postfix and that makes dovecot not very user friendly. I owe no one an apology for stating my opinion and I have over 10 years of using open source software and dovecot is the application that I have used that given me such headache and grief to the point I have given up on this learning experience. Daniel Reinhardt 301-875-7018(c) 410-455-0488(h) On 2013-03-17, at 16:46, Brian Hayden b...@machinehum.com wrote: Seriously. Stop it. Carry on your personal vendettas with Stan and others in private, please. - bdh On Mar 17, 2013, at 11:39 AM, Charles Marcus cmar...@media-brokers.com wrote: On 2013-03-17 10:13 AM, Stan Hoeppner s...@hardwarefreak.com wrote: On 3/17/2013 5:25 AM, Professa Dementia wrote: We are very sorry you are not satisfied with the software. Please feel free to return the software for a full refund of all the money you paid. You do not speak on behalf of Dovecot, Timo, this list, and certainly not for me. Do not use we in this manner. And there's no reason to be a smart ass. I'd call it more 'tongue-in-cheek'... But the fact is, while not perfect, Dovecot is pretty well documented, and Timo is very good about fixing it when errors are pointed out. Also, the documentation link is very prominent on dovecots home page, so the complaint about the 'virtual lack of documentation' is flat out wrong and deserves to be called out. Also, since it (the docs) is a wiki, and since this is 'free software', there is nothing wrong with some level of expectation that others help out if/when they encounter anything that lacks. The OP is fully familiar with the open source model. So you know him personally? If you don't, then how can you be so sure? I suggest that his false claim of the 'virtual lack of documentation' suggests otherwise. People familiar with the open source model are also familiar with how to look for documentation for open source software. Being open source and developed by volunteer effort is NEVER an excuse for crappy software or documentation. So now *you* falsely claim that dovecot is 'crappy software with crappy documentation? The nice thing about open source software is you are free to use it, make it better (either through code contributions, documentation efforts, providing support on mail lists, etc), or, don't use it at all. I suggest that your time would be better spent doing one of the above, rather than just spewing false claims. The OP has every right, and *duty* to voice his opinion, whether it be praise or critique. Without critique software doesn't get improved. Does he have every right to *lie* about it? Opinions vary, but facts are facts, and the fact is, the claim that dovecot has a 'virtual lack of documentation' is an outright lie. It may not be as good as you or others might like, and there may be certain places where it is a bit lacking, but rather than spewing false claims, maybe your time would be better spent improving it? I absolutely agree with him. Then you are free to do one of the above... While the split config setup may makesense to a developer, and it may work better with some automated tools, it is counter intuitive for the majority of UNIX users. There are those who disagree with you. I happen to *not* be one of them, I was certainly very confused by the split config when I first peeked at it, but again, as has already been pointed out, you are free to put everything in your own single config file. In fact, It is very easy to do, and also (contrary to the false claims presented) well documented: http://wiki2.dovecot.org/BasicConfiguration In fact, I now really like doing it this way, because I can just add all of my settings to a file named /etc/dovecot/conf.d/99-mysettings.conf, and know that they will over-ride any settings in any other files. This makes it really easy to manage my settings. I do something similar in postfix - I add a new section at the very end of main.cf: *** Bgn My Custom Settings *** my settings here *** End My Custom Settings This makes it very easy (for me) to manage changes and updates. Of course, what I like may seem silly or confusing to someone else. Isn't freedom cool? :) It should have been made optional, not the default. This is a design decision. Timo is the primary dovecot author, so it is his decision. You are free to disagree with it, but his choice doesn't make dovecot 'crappy software'. Doing this was pretty stupid and will confuse, possibly infuriate, new users, as in this case, and likely some of those upgrading as well. As long as they rtfm - and
Re: [Dovecot] Question regarding Postfix and Dovecot
On Sun, 17 Mar 2013 17:11:18 + Daniel articulated: First of all the wiki articles on dovecots site are poorly written compared to apache and postfix. That is what I mean by lack luster the error logging is lack luster as it doesn't specify the file or the line error is on like many very well supported applications like apache and postfix and that makes dovecot not very user friendly. I owe no one an apology for stating my opinion and I have over 10 years of using open source software and dovecot is the application that I have used that given me such headache and grief to the point I have given up on this learning experience. First of all, I don't think any sane person would argue that the Dovecot documentation is in a league with Postfix or even Apache. For that matter, I know of no other open source software that has documentation as detailed as Postfix. Try deciphering the OpenSSL documentation sometime. However, I think it is obvious that the poster was simply venting his frustrations out on a convenient audience. The logging could be tightened up and the documentation does need work. With that said, I think we can put this matter to bed. Nothing is going to come from it so why waste time arguing over it. -- Jerry ♔ Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __
Re: [Dovecot] Dovecot as LDA with Postfix and virtual users
On Sun, Mar 17, 2013 at 04:57:36PM +0100, Christian Benke wrote: On 17 March 2013 02:58, /dev/rob0 r...@gmx.co.uk wrote: On Sun, Mar 17, 2013 at 01:20:55AM +0100, Christian Benke wrote: Some part in the configuration seems to miss though, as mails are received by Postfix, but instead of giving it to Dovecot for delivery, it delivers the mails itself. Perhaps surprisingly, this is a Postfix issue, not a Dovecot one. No, i was expecting it :-) I just wasn't sure where it belongs to. Mar 17 00:02:46 poab postfix/local[15341]: 66AD04E23EE: to=benkkk AT example.com, relay=local, delay=0.35, delays=0.3/0.01/0/0.04, dsn=2.0.0, status=sent (delivered to mailbox) This is postfix/local, which means it is not being routed to your virtual_transport. It means example.com is in mydestination. You did not even set mydestination, thus you get the default. You really should review the Postfix Basic Configuration README: No, i tried a lot yesterday and i started from a working postfix/dovecot-setup with PAM. The config i posted above was merely the last incarnation. Should probably have emphasized that. I commented out mydestination because i received warnings that i shouldn't list them in both mydestination and virtual_mailbox_domains. With mydestination commented out you get the default, which is not an empty set. $ /usr/sbin/postconf -d mydestination mydestination = $myhostname, localhost.$mydomain, localhost Still, dovecot LDA has not been called either when the mydestination-parameter was present: Mar 16 21:54:56 poab postfix/smtpd[4197]: connect from mail-we0-f176.google.com[74.125.82.176] Mar 16 21:54:56 poab postfix/smtpd[4197]: setting up TLS connection from mail-we0-f176.google.com[74.125.82.176] Mar 16 21:54:56 poab postfix/smtpd[4197]: Anonymous TLS connection established from mail-we0-f176.google.com[74.125.82.176]: TLSv1 with cipher RC4-SHA (128/128 bits) Mar 16 21:54:56 poab dovecot: auth: Debug: Loading modules from directory: /usr/lib/dovecot/modules/auth Mar 16 21:54:56 poab dovecot: auth: Debug: Module loaded: /usr/lib/dovecot/modules/auth/libdriver_mysql.so Mar 16 21:54:56 poab dovecot: auth: Debug: Module loaded: /usr/lib/dovecot/modules/auth/libdriver_pgsql.so Mar 16 21:54:56 poab dovecot: auth: Debug: Module loaded: /usr/lib/dovecot/modules/auth/libdriver_sqlite.so Mar 16 21:54:56 poab dovecot: auth: Debug: passwd-file /etc/dovecot/users: Read 1 users in 0 secs Mar 16 21:54:56 poab dovecot: auth: Debug: auth client connected (pid=0) Mar 16 21:54:56 poab postfix/trivial-rewrite[4202]: warning: do not list domain example.com in BOTH mydestination and virtual_mailbox_domains Mar 16 21:54:56 poab postfix/smtpd[4197]: 856034E1FD1: client=mail-we0-f176.google.com[74.125.82.176] Mar 16 21:54:56 poab postfix/cleanup[4203]: 856034E1FD1: message-id=CAAMQ8bS2bi6HG=u8bmc+e-_yu47wrb6dwxhh2rgsushdvpn...@mail.gmail.com Mar 16 21:54:56 poab postfix/qmgr[4195]: 856034E1FD1: from=benkkk AT wheemail.com, size=1644, nrcpt=1 (queue active) Mar 16 21:54:56 poab postfix/trivial-rewrite[4202]: warning: do not list domain example.com in BOTH mydestination and virtual_mailbox_domains This is undocumented, but when a domain is in some other class in addition to mydestination, mydestination takes priority. Don't count on that: just ensure that each address class definition (see the Address Class README) is unique. Mar 16 21:54:56 poab postfix/smtpd[4197]: disconnect from mail-we0-f176.google.com[74.125.82.176] Mar 16 21:54:56 poab postfix/local[4204]: 856034E1FD1: to=benkkk AT example.com, relay=local, delay=0.39, delays=0.33/0.01/0/0.06, dsn=2.0.0, status=sent (delivered to mailbox) Thus we see again, mail is handled by the local_transport, local(8). Mar 16 21:54:56 poab postfix/qmgr[4195]: 856034E1FD1: removed Perhaps you'd be better off without the virtual mailboxes anyway? Perhaps, and that's where i actually started from. Virtual users are an attractive feature tough and as it didn't seem too intimidating, i thought i could give it a try. 6 hours later, i was wiser. Virtual mailboxes have their place, indeed, but more so for large numbers of domains and users. For a small-timer (as it sounds like you are), I wouldn't say they're attractive. Increased complexity, decreased functionality, [usually] security tradeoffs. (System users who own all and ONLY their own mail are not going to endanger others' mail. Virtual mailboxes typically are owned by a shared UID+GID, and a compromise of that UID or GID could threaten all mail.) I've gone back to the working PAM-config today and will try to figure out SASL for now, maybe going back to virtual users later. But i'm still interested in comments regarding the mydestination issue, i can go back to the virtual user settings quickly to try. If your domain is NOT listed in mydestination, but it IS listed in virtual_mailbox_domains, it will be handled by your
Re: [Dovecot] Dovecot SASL Postfix
On Sun, 17 Mar 2013 17:27:04 +0100 Reindl Harald articulated: Am 17.03.2013 14:08, schrieb Jerry: the main benefit of dovecot SASL is that SMTP auth is using exactly the same users/passwords and auth-mechs as imap/pop3 - so i do not understand why you want create anything special Because that is the way the system was originally configured. I had nothing to do with it. time to fix it or not touch it at all The system uses a simple format: u...@doman.com password The SASL mechanism presently in use uses: u...@hostname.domain.compassword pff - sounds funny for the users whoever did set this up - seek and punish this guy :-) Worse, the passwords are not the same in both instances. If I try to implement one system I will have to deal with all of the present users and get them all on the same page. That is not something I really want to invest time in right now. so do not touch it at all or do it right for one last time If dovecot could be told to use a specific file then that would simplify things greatly. Besides, the SASL file does not need all of the information contained in the regular Dovecot user/passwd file. Otherwise, I might just give up on this entire endeavor. how should it be told? dovecot has it's passwords and usernames, they are still used for IMAP/POP3 if postfix is using dovecot-SASL dovecot will take over SASL auth at all and is using it's usernames and passwords From what I was told, it was originally set up so that if a user's mailbox password was compromised, it would not also compromise their SASL password. Actually, it does seem to make a somewhat more secure system. Having an optional file for use strictly with SASL in Dovecot would seem like something that could be quite useful under the right circumstances. In any case, I will revisit this problem when I feel inclined to fight with the current users of the system. -- Jerry ♔ Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __ signature.asc Description: PGP signature
Re: [Dovecot] Question regarding Postfix and Dovecot
On 3/17/2013 11:39 AM, Charles Marcus wrote: On 2013-03-17 10:13 AM, Stan Hoeppner s...@hardwarefreak.com wrote: On 3/17/2013 5:25 AM, Professa Dementia wrote: And just a friendly word of advice: change your attitude or you will find your cries fall on deaf ears. Back at ya Stan. Normally you are pretty level-headed, and some of your posts regarding details of enterprise hardware are extremely informative, personally I think this post is way beneath you. Follow the threading Charles. The comment above belongs to Dementia, not me. The OP's attitude is fine. It is yours that is the problem. Dissent and critique should be cherished, not attacked. We're not a bunch of little Fascists walking in lock step under de Fuhrer Timo, so stop acting like one. Dissent is ok to a point, as long as it is done politely and without unnecessary flaming, and includes some minimal amount of reasonable argument. The only flaming here was done by Dementia. Note that Daniel stated in his complaint: in my utmost respectful opinion Flame-baiting (ie making false claims that dovecot is 'crappy software with lackluster or ), on the other hand, is absolutely *not* ok, and imnsho, this is all the OP - and you - were engaging in. You perceived an attack and picked up sword and shield to defend Dovecot and Timo. Unfortunately your adrenaline got the best of you. Neither Daniel nor I engaged in flame baiting. You would do well to drop the sword and shield and re-read both of our posts dispassionately. I did not call Dovecot crappy software as you accuse me of here. If that were my opinion I certainly would not be using it and I wouldn't be participating on this mailing list. Dementia made the case that users are responsible for fixing anything they don't like about open source software, suggesting it's ok to publish crappy software and make it the users' responsibility to fix it. When it boils down to a simple question of personal preference (ie the 'split config' issue), by all means, provide *constructive* criticism (ie, make your argument against making the split config the default) - We both did. but just name-calling and outright false-isms is *not* OK, and I for one would appreciate it if you'd re-think your comments. Neither of us engaged in name calling nor made false claims. We did both express frustration. And yes I did use the word stupid. And Linus told nVidia Fuck you! on camera. I'd say stupid is very tame, blunt, and to the point. Anyone who is so thin skinned as to take offense to stupid isn't tough enough to participate on the interwebs. Personally, I think both of you owe Timo an apology. Personally I would prefer you let the air out of your chest Charles, drop the sword and the shield, and re-read the email exchange dispassionately. ;) I think you know me well enough through our extensive interaction that I would not make ad hominem attacks or make baseless accusation against Dovecot or Timo. I think Timo's skin is sufficiently thick to take a little criticism and not lose sleep over it. Apologies are for personal attacks. I made no personal attacks. -- Stan
Re: [Dovecot] Question regarding Postfix and Dovecot
All of this said (and much of it not worth repeating), one problem that seems to affect all software as it grows is that as documentation is patched to describe new features, it becomes too complex for the new user who just wants to do something simple to figure how to do that simple stuff. For the user who has been along for the long ride since the software started, it makes sense but the new user is overwhelmed. Rewriting documentation is no easy task but it can help for someone to take a look at it the way a new user might who knows nothing about the software. I don't know the history of Dovecot but my guess would be the Dovecot LDA was added after the Dovecot POP/IMAP server component. Why? Because the www.dovecot.org Overview says Dovecot is an open source IMAP and POP3 email server for Linux/UNIX-like systems without any mention of the Dovecot LDA anywhere on that front page. Longtime users know about the Dovecot LDA but they rarely read that first page and it's harder to notice something is missing than it is to notice something is wrong. I recently replaced UW-IMAP with Dovecot. Once I set down to do it, it was fairly easy. But getting there was tough thanks to misinformation including a failed attempt a few years back using a package that tried to do too much (including forcing a conversion to Maildir - it may be the preferred way and it might be a good goal to get there but why force it when Dovecot was perfectly content to work with the existing mbox mailboxes). Coupled with that is the problem of people who like to give complex answers to simple questions. A poster wants to know how to do A and gets an answer that instead of doing A (which would require a simple configuration change), they're better off doing B which requires new software and/or a complicated conversion (I was just reading something in an archive where someone asked about locking of mbox files and instead of answering the question about how to configure that was told they're better off using Maildir. Perhaps true in the long run but a config change takes a few seconds; converting to Maildir can be a multi-hour or day project). Giving complex answers to simple questions creates the impression that the Dovecot is far more complex than it needs to be. -- Larry Stone lston...@stonejongleux.com http://www.stonejongleux.com/
Re: [Dovecot] Question regarding Postfix and Dovecot
On 17.3.2013, at 18.11, Daniel crypto...@gmail.com wrote: First of all the wiki articles on dovecots site are poorly written compared to apache and postfix. It's the best I can do myself. I have no idea how they could be improved in any major way. They say that the software developer himself is the worst possible person to write its documentation, because he can't understand what others find difficult.. That is what I mean by lack luster the error logging is lack luster as it doesn't specify the file or the line error is on like many very well supported applications like apache and postfix and that makes dovecot not very user friendly. If there is a syntax error, Dovecot shows the file and line number. After that it should always mention the setting name that is causing trouble, which I'd think should be easy to grep from the configs.. I guess it could be useful to show the file+line for it, but that's quite a lot of code to add just to avoid a grep. It's also a bit tricky to do without wasting more memory (wasting memory in config / doveconf process is fine, but not elsewhere, and some settings won't get processed until later). I owe no one an apology for stating my opinion and I have over 10 years of using open source software and dovecot is the application that I have used that given me such headache and grief to the point I have given up on this learning experience. Quickly browsing through this thread, I guess this is the main problem? : Mar 15 06:56:37 andromeda dovecot: lda(cryptodan): Fatal: setgid(8(mail) from mail_gid setting) failed with euid=1000(cryptodan), gid=1000(cryptodan), egid=1000(cryptodan): Operation not permitted (This binary should probably be called with process group set to 8(mail) instead of 1000(cryptodan)) Yes, this is something I've been annoyed at for a long time. But it's also not easy to make that error any better, except maybe by creating a wiki page explaining the whole thing and linking to it. (There are a ton of mails about this exact thing in Dovecot list archies.) There's also no setting that is specifically related to this (the problem is a mismatch between Dovecot/Postfix configuration). There is a super easy solution though: use LMTP instead of LDA, and there are no permission troubles. Maybe that's what the LDA wiki page should say.. Done: http://wiki2.dovecot.org/LDA
Re: [Dovecot] Dovecot as LDA with Postfix and virtual users
Perhaps you'd be better off without the virtual mailboxes anyway? Perhaps, and that's where i actually started from. Virtual users are an attractive feature tough and as it didn't seem too intimidating, i thought i could give it a try. 6 hours later, i was wiser. Virtual mailboxes have their place, indeed, but more so for large numbers of domains and users. For a small-timer (as it sounds like you are), I wouldn't say they're attractive. Increased complexity, decreased functionality, [usually] security tradeoffs. (System users who own all and ONLY their own mail are not going to endanger others' mail. Virtual mailboxes typically are owned by a shared UID+GID, and a compromise of that UID or GID could threaten all mail.) Rob, thank you for your comments! I'll just stay with system users then, i only need a few accounts as you guessed correctly. Virtual users appeared nice due to the separation from the system. But probably not worth the effort, as you argumented. Cheers, Christian
Re: [Dovecot] Question regarding Postfix and Dovecot
Am 17.03.2013 21:12, schrieb Larry Stone: Giving complex answers to simple questions creates the impression that the Dovecot is far more complex than it needs to be. mail isnt simple in general, if you wanna help getting better or more easy documentation at whatever feel free to write it, your welcome Actions speak louder than words. Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich
Re: [Dovecot] Question regarding Postfix and Dovecot
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 03/17/2013 07:13 AM, Stan Hoeppner wrote: On 3/17/2013 5:25 AM, Professa Dementia wrote: We are very sorry you are not satisfied with the software. Please feel free to return the software for a full refund of all the money you paid. This is a formulaic response. You do not speak on behalf of Dovecot, Timo, this list, and certainly not for me. Do not use we in this manner. And there's no reason to be a smart ass. Right. Welcome to the world of open source. Software is provided through the generous contributions of many people, all of whom have regular jobs and do this because they enjoy it. With open source, if there is something you do not like, you can change the software to your liking. Try that with proprietary software. More formulaic response. The OP is fully familiar with the open source model. Being open source and developed by volunteer effort is NEVER an excuse for crappy software or documentation. The OP has every right, and *duty* to voice his opinion, whether it be praise or critique. Without critique software doesn't get improved. I don't know if the [original poster] is fully familiar with the open source model or not, but I would save the rest of this response as a gem. The formulaic response, which I have seen again and again in the over ten years I've been working with open source software, really assumes that all users are programmers--or should be programmers--and are responsible for submitting fixes when something is wrong. Because what it really says is, if you don't like it, fix it yourself. Too many times, I've heard this referred to as freedom. And like some other notions of freedom advanced in our society, it is only freedom for a limited class of people. There are lots of these kinds of assumptions throughout our society. But the fact is that not all of our talents align in the same directions. That's why we have specialization of labor. The next logical step in this assumption is that a dissatisfied user should, having become a programmer, fork the project, maintain and develop that fork, and integrate it at least with whatever distribution/variety of UNIX-like operating system s/he is using. Not all of us have time to do this. Again, that's why we have specialization of labor. snip The OP's attitude is fine. It is yours that is the problem. Dissent and critique should be cherished, not attacked. We're not a bunch of little Fascists walking in lock step under de Fuhrer Timo, so stop acting like one. More words to treasure. (Not that Timo envisions himself any kind of Fuehrer.) This reaches to a certain deification of certain individuals and organizations in the community--whether they themselves would be deified or not; I know examples of both--that really ought to be looked at more critically. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJRRj9gAAoJELJhbl/uPb4SWtoQAJm1/aHlmQQu20o/8EvOiB9I a04lh7aLDD2DDq/09M0wj4Rjd02g1PP9AYpaHkPbnIPGm6TsiMy9d6uN7VHlPMN8 2ylc4aVUSpu564LvuMolLQxuWszdt2VHA4T2DYxdTBEYOpZKI2Yn8oBniP1MA3VW 7OP1Jr0BYtn2tffU6RHguRT+/ApSDKv/owI0aJorL0ql0QA9WlXKlKz4A5SvvRHU siZT7CyoxtaVn2SDIZRMrV4T/5gSZyxUatiIw8brNkhyaJb7TptLfusxgueUHEgT ZR84qyK2uenVP9LiFG7Ur8tsSU1ANmNSnGJyQLL8FJefsX4a1s0fhTb0U6ZenJsh u1OtOIF3KVtIvIb0tlBdX2n3nDDlXanvQW6Wg5qIBI0Fpk3BupDrxnKYicKCpaMc rj5tgAR5xNOpvGVRlaIspMw6+64xD53rMxWur3U7QUHqNBr/IodDc7ySJzbx9IJi /pG2ll+2TtT2fj+zIT5nLiPyl3R7hs4SE5JM52adQBtLmmS6vZwWEeMSTT6iBokn eXytWgY1+hdE8ldZdWropPd3tu0kfiPZSHE+bc9/Yj09P53FbrHD7QxE8j3HeG+v PtjKvdSmC2dDzuRp44tUoMkS6u3Y3NjT8ZYRrYHFlXLURLcKqkfziXEXjYEYYsIG YNbYpbWeIg5/z1yXnQI4 =I801 -END PGP SIGNATURE-
Re: [Dovecot] Question regarding Postfix and Dovecot
On Sun, 17 Mar 2013 21:50:34 +0100 Timo Sirainen articulated: It's the best I can do myself. I have no idea how they could be improved in any major way. They say that the software developer himself is the worst possible person to write its documentation, because he can't understand what others find difficult.. So very true Timo. That is why many fortune 500 companies use private authors to write the documentation for their products. Someone who knows nothing about it is usually the best one to write the instructions. Of course, they are guided along by competent instructors (hopefully). Unfortunately, the actual inventor or writer of an item usually takes everything for granted. That is why I have enjoyed the Dummies series of books. They break things down for the beginner as well as being (in most cases) detailed enough for the more experienced user. -- Jerry ♔ Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __
[Dovecot] Dovecot not obeying disable_plaintext_auth = yes and how to force/disable encryption
I'm using Dovecot 2.1.15. I need to require encryption and only secure
auth on public addresses, but allow plaintext auth over an unencrypted
connection on localhost.
I have so far (excerpts from `doveconf -a`):
auth_mechanisms = cram-md5 plain
disable_plaintext_auth = yes
listen =
service imap-login {
inet_listener imap-local {
address = ::1
port = 143
ssl = no
}
inet_listener imap-pub {
address = 2001:db8::1
port = 993
ssl = yes
}
}
service managesieve-login {
inet_listener sieve-local {
address = ::1
port = 4190
ssl = no
}
inet_listener sieve-pub {
address = 2001:db8::1
port = 4190
ssl = no
}
}
The ssl option only seems to switch the inet_listener between using a
secure socket and using STARTTLS. How do I tell a given inet_listener
to do neither? How do I tell a given inet_listener to require STARTTLS
before allowing AUTH/SASL?
I would prefer to offer only CRAM-MD5 on the UGA/public ports, and only
PLAIN or at least also PLAIN on localhost. I tried adding
auth_mechanisms lines to each inet_listener block, but got parse errors.
How do I do this?
Dovecot seems to ignore disable_plaintext_auth = yes:
# telnet 2001:db8::1 4190
Trying 2001:db8::1...
Connected to host.example.com.
Escape character is '^]'.
IMPLEMENTATION Dovecot Pigeonhole
SIEVE fileinto reject envelope encoded-character vacation subaddress
comparator-i;ascii-numeric relational regex imap4flags copy include
variables body enotify environment mailbox date ihave
NOTIFY mailto
SASL CRAM-MD5 PLAIN
STARTTLS
VERSION 1.0
OK Dovecot ready.
--
Please reply on list.
Re: [Dovecot] Question regarding Postfix and Dovecot
Timo, First thank you for taking the time to reply to this, but I tried using various LDA Command line suggestions from various places on the net, and Postfix is not even seeing that dovecot is listed in the master.cf file as a unix socket. I have tried using LMTP and again it is not seeing that postfix is configured to use dovecot-lmtp as a mail delivery agent for postfix. The way postfix works with dovecot is via mail-stack-delivery and use of mailbox_command that is set up within main.cf If I comment that out postfix sends to default mode which is Maildir in the users /home directory. I have configured SQL Lookups successfully for authentication within postfix and dovecot, its just the mail delivery agent that is not working. I even tried the sudo method, and that also failed. Don't get me wrong Dovecot is a nice piece of software, but maybe getting rid of the multiple files could make things easier, and a couple of sample configs could then be included in the source. And I am here trying to learn something new that I could put to use in a future job if I were ever told to setup an email server to replace an exchange system to handle multiple domains for various people. So thanks for allowing me to learn another process of setting up a server with email. Sincerely, Daniel Reinhardt On Sun, Mar 17, 2013 at 8:50 PM, Timo Sirainen t...@iki.fi wrote: On 17.3.2013, at 18.11, Daniel crypto...@gmail.com wrote: First of all the wiki articles on dovecots site are poorly written compared to apache and postfix. It's the best I can do myself. I have no idea how they could be improved in any major way. They say that the software developer himself is the worst possible person to write its documentation, because he can't understand what others find difficult.. That is what I mean by lack luster the error logging is lack luster as it doesn't specify the file or the line error is on like many very well supported applications like apache and postfix and that makes dovecot not very user friendly. If there is a syntax error, Dovecot shows the file and line number. After that it should always mention the setting name that is causing trouble, which I'd think should be easy to grep from the configs.. I guess it could be useful to show the file+line for it, but that's quite a lot of code to add just to avoid a grep. It's also a bit tricky to do without wasting more memory (wasting memory in config / doveconf process is fine, but not elsewhere, and some settings won't get processed until later). I owe no one an apology for stating my opinion and I have over 10 years of using open source software and dovecot is the application that I have used that given me such headache and grief to the point I have given up on this learning experience. Quickly browsing through this thread, I guess this is the main problem? : Mar 15 06:56:37 andromeda dovecot: lda(cryptodan): Fatal: setgid(8(mail) from mail_gid setting) failed with euid=1000(cryptodan), gid=1000(cryptodan), egid=1000(cryptodan): Operation not permitted (This binary should probably be called with process group set to 8(mail) instead of 1000(cryptodan)) Yes, this is something I've been annoyed at for a long time. But it's also not easy to make that error any better, except maybe by creating a wiki page explaining the whole thing and linking to it. (There are a ton of mails about this exact thing in Dovecot list archies.) There's also no setting that is specifically related to this (the problem is a mismatch between Dovecot/Postfix configuration). There is a super easy solution though: use LMTP instead of LDA, and there are no permission troubles. Maybe that's what the LDA wiki page should say.. Done: http://wiki2.dovecot.org/LDA -- Daniel Reinhardt crypto...@cryptodan.net http://www.cryptodan.net 301-875-7018(c) 410-455-0488(h)
Re: [Dovecot] Question regarding Postfix and Dovecot
Am 18.03.2013 00:27, schrieb Daniel Reinhardt: First thank you for taking the time to reply to this, but I tried using various LDA Command line suggestions from various places on the net, and Postfix is not even seeing that dovecot is listed in the master.cf file as a unix socket. I have tried using LMTP and again it is not seeing that postfix is configured to use dovecot-lmtp as a mail delivery agent for postfix YOU ARE RESPONSIBLE TO CONFIGURE POSTFIX MASTER.CF NOT DOVECOT NOT ANYBODY ELSE YOU ARE RESPONSIBLE TO SET POSTFIX-TRANSPORTS TO USE LMTP NOT DOVECOT NOT ANYBODY ELSE RTFM - NOT THE DOVECOT THE POSTFIX ONES signature.asc Description: OpenPGP digital signature
Re: [Dovecot] Question regarding Postfix and Dovecot
On Sun, 2013-03-17 at 10:20 +, Daniel Reinhardt wrote: I really find the lack of error logging, and the virtual lack of documentation for Dovecot very disturbing. I am so close to dropping this side project of being able to support multiple domains on a mail server. I know I came in late having been away for a bit, but I did not note any reference to this guide you mentioned you used, perhaps show us a URL for it, maybe it is borked, and you'll chase your tail forever... It is in my utmost respectful opinion to have multiple files to edit just to get this working in basic mode. Why cant dovecot combine all configuration parameters into one config like that of postfix main.cf for server config, and the master.cf for sockets and listeners? It used to, I strongly disagreed with the conf.d/blah blah blah splitting, its messy, cluttery, clumsy, and not time-management efficient, but, Timo's choice to do it. I use one single file, its about or less than 4K in size, and you can too, simple copy any million changes of other cruddy confs into dovecot.conf and comment out any includes, even delete them. The only separate file I have, is dovecot-sql.conf Dovecot has given me nothing but headache and grief, and as far as I am concerned not a finished product. it runs on some pretty big networks, handling millions of users, granted 2.x was, well, I always considered 2.0 to be beta, and 2.1 up until recently, it is not a good sign when there is patches every second other week, but, its been really good for a few months now, sad I know, 1.2 was like a tank, couldn't break it no mater what you through at it, infact I still have two servers using 1.2 as a fail safe. But, that said, you need to show us this guide you have followed, if you posted it, my bad for not seeing it, if not, your bad for not linking to it ;) attachment: face-wink.png signature.asc Description: This is a digitally signed message part
Re: [Dovecot] Question regarding Postfix and Dovecot
On Sun, 2013-03-17 at 03:25 -0700, Professa Dementia wrote: And just a friendly word of advice: change your attitude or you will find your cries fall on deaf ears. Dem and that shit is helpful how? signature.asc Description: This is a digitally signed message part
Re: [Dovecot] Question regarding Postfix and Dovecot
On Sun, 2013-03-17 at 09:13 -0500, Stan Hoeppner wrote: On 3/17/2013 5:25 AM, Professa Dementia wrote: We are very sorry you are not satisfied with the software. Please feel free to return the software for a full refund of all the money you paid. You do not speak on behalf of Dovecot, Timo, this list, and certainly not for me. Do not use we in this manner. And there's no reason to be a smart ass. I never ever in my wildest dreams thought I'd be saying this, but I wholeheartedly agree with Stan signature.asc Description: This is a digitally signed message part
Re: [Dovecot] Question regarding Postfix and Dovecot
On Mar 17, 2013, at 4:50 PM, Robert Schetterer r...@sys4.de wrote: Am 17.03.2013 21:12, schrieb Larry Stone: Giving complex answers to simple questions creates the impression that the Dovecot is far more complex than it needs to be. mail isnt simple in general, True. But your needs aren't my needs. And while some systems may need a complex solution, not every one does. My mail server is at home serving four users, all family members. Daily mail volume is in the hundreds. Have I incorporated every high-performance trick I can? Heck, no because I don't need it. My server sits idle most of the day. It would be a waste of my time to optimize it. To the extent I have a bottle-neck, it's the Internet connection (not all that fast but fast enough). So for now I keep it simple. Can I do something more complex later? Maybe. If I have time, if I think it's worthwhile. Meanwhile, I would never go suggesting that the server environment I have with my four users and hundreds of messages per day is appropriate for an environment with thousands of users and millions of messages per day. -- Larry Stone lston...@stonejongleux.com http://www.stonejongleux.com/
Re: [Dovecot] Question regarding Postfix and Dovecot
On 3/17/2013 3:10 PM, David Benfell wrote: I don't know if the [original poster] is fully familiar with the open source model or not, but I would save the rest of this response as a gem. The formulaic response, which I have seen again and again in the over ten years I've been working with open source software, really assumes that all users are programmers--or should be programmers--and are responsible for submitting fixes when something is wrong. Because what it really says is, if you don't like it, fix it yourself. Too many times, I've heard this referred to as freedom. And like some other notions of freedom advanced in our society, it is only freedom for a limited class of people. Imagine this: You live near a mechanic. He has an extra car that he got from the junk yard and fixed up. It works fairly well and you need a car so he generously gives it to you for free. After a time, something breaks. What do you do? If you are mechanically inclined you can fix it yourself - that is, if you are part of that limited class of people known as mechanics. If not, you can go back to the original mechanic or maybe a completely different mechanic. However, if you scream at him, call him names, tell him the car is total garbage that was never fixed right in the first place, then demand he fix it, how do you think he would respond? It is much better to ask politely. Everything you say above is perfectly valid. However, I have been part of quite a few open source projects and this list has much more than its share of trolls and flame wars. Why is that? A little civility goes a long way, especially if you are not part of the limited class of people and are asking for their help with something that you were given for free to begin with. Dem
Re: [Dovecot] [solved] Dovecot not obeying disable_plaintext_auth = yes and how to force/disable encryption
I figured this out. I was testing Dovecot from the machine running Dovecot. I didn't know that when the client address is a local address (even if it's a public one), that Dovecot treats the connection as if it was localhost. I also did not know that Dovecot automatically ignores ssl = required and disable_plaintext_auth = yes for localhost connections. As this renders pretty much my entire email moot, we can call this one solved. :) -- Please reply on list.
Re: [Dovecot] lda: duplicate prefix?
Anyone?
On Mon, Mar 4, 2013 at 12:50 AM, Larry Rosenman larry...@gmail.com wrote:
I've just started using Dovecot, and can't seem to get the LDA to work.
I get the following error:
Mar 4 00:47:19 thebighonker dovecot: lda(ler): Error: user ler:
Initialization failed: namespace configuration error: Duplicate namespace
prefix:
Mar 4 00:47:19 thebighonker dovecot: lda(ler): Fatal: Invalid user
settings. Refer to server log for more information.
Mar 4 00:47:19 thebighonker exim[76281]: 1UCPB8-000JqI-L7 ==
/home/ler/clamav-rules l...@lerctr.org R=userforward
T=address_file_dovecot defer (0): Child process of address_file_dovecot
transport returned 75 (could mean temporary error) from command:
/usr/local/libexec/dovecot/dovecot-lda
dovecot -n attached.
the invocation from my exim config for other than inbox:
address_file_dovecot:
driver = pipe
# Use /usr/lib/dovecot/dovecot-lda if using Debian's package.
# You may or may not want to add -d $local_part@$domain depending on if
you ne
ed a userdb lookup done.
command = /usr/local/libexec/dovecot/dovecot-lda -f $sender_address -m
~/mail/
${sg{$address_file}{$home}{}}
message_prefix =
message_suffix =
log_output
delivery_date_add
envelope_to_add
return_path_add
#group = mail
#mode = 0660
temp_errors = 64 : 69 : 70: 71 : 72 : 73 : 74 : 75 : 78
What am I doing wrong?
--
Larry Rosenman http://www.lerctr.org/~ler
Phone: +1 214-642-9640 (c) E-Mail: larry...@gmail.com
US Mail: 430 Valona Loop, Round Rock, TX 78681-3893
--
Larry Rosenman http://www.lerctr.org/~ler
Phone: +1 214-642-9640 (c) E-Mail: larry...@gmail.com
US Mail: 430 Valona Loop, Round Rock, TX 78681-3893
Re: [Dovecot] Dovecot with sasl/imaps/postfix and thunderbird
https://www.rapidsslonline.com/ less than $20/year, takes literally 15 minutes from start to having a certificate. Well, maybe 30 minutes the first time when you need to read everything. There are probably dozens of other sites offering similar services; I've used this one several times. Namecheap reseller: $5/year https://www.cheapssls.com/ I ended up buying one from rapidsslonline, after I learned they require authorization from only the subdomain, not the top-level. I'll check out cheapssls.com as well. I'm not quite sure yet, but it seems these are only supported with the most current browsers? If a customer visits with, say, IE8 or IE6, are they going to have an issue? (not that they ever should be, or that it would probably affect my purchasing choice; I was just curious because I'm seeing some old browsers and fielding some support issues now.) Thanks, Alex
Re: [Dovecot] Question regarding Postfix and Dovecot
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 03/17/2013 06:08 PM, Professa Dementia wrote: If not, you can go back to the original mechanic or maybe a completely different mechanic. However, if you scream at him, call him names, tell him the car is total garbage that was never fixed right in the first place, then demand he fix it, how do you think he would respond? It is much better to ask politely. As I was looking for the response that I wanted to reply to, I noticed there had in fact been quite a number of messages as the original poster had attempted to resolve his problem. Yes, he got frustrated. Yes, he lost his temper. But this summation takes a short cut in ignoring all that happened before. It also ignores--and if I read (and remember) Timo correctly, he doesn't like this either--that all too often, error messages are too vague to be helpful. The standard response is also borne of frustration--a frustration that seemingly expects people to worship the ground that developers walk on. So what we have here is frustration meeting frustration. It pushes my buttons because I've been watching this in a number of venues for years and I've occasionally been that frustrated user who couldn't get something working. One of the things I came across in studying indigenous ways of knowing that may be applicable here is a caution against displaying knowledge. The point of that is that some people answer not so much to be helpful as to show off their own prowess and expertise. That gets ego involved. The standard response follows from this, making the situation worse by conveying an arrogance that undermines any claim to have been sincerely helpful before. We all want good software. That requires more of a partnership than we often see. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJRRphOAAoJELJhbl/uPb4SThcQAI8ipyEw8OVyVhzZLkrpU5fv 2X4uz6WAJQMgkAOCG8M5RX/FDdm0b4puxcwalYsx4V0Pv2mZa49vJPHwooFjHM/s h6x34zeip5pd+nq519pCav+et0MLD5c49iUrPL4IEID2eEiPrBKq5LCK79q7HoJ4 lwPwqRpyyQUqznScq1seLzgMBFs/isNs2+uCj5i9DjHGON7mFURP+lHwcDhEvAKC F4y1rh54vuxTChGGROYBKHgzISJwcomuS3OROjQU7nPnhb05SDMrcn3j2Zz2xAhC +rFP5Gp3mvIAJLL7jybgFph8DgeBx2RaN5VW41HKvGC159bBwIDXIY34rWEh8mk+ KoBYQUIH2YbCBBFWOAAArKr3JUCq8cb/lb+3wblSbyAeOXYhrQWOLSGC7AU+KKxZ g+x5O8fzBwibHE3i7l+NQFJLlLyXJbdHgL1ZEO128xl5cTEewXE0u/xzPyNdPqmH S1vIe2uo8qPaoodGqUOEwQIhcCfSPLVmFjdn9kOI4VqjFa7sRqL6O0VFXnUcGhju FFw1+vctHDjPnZmuNKAiddZh1gwF5l/tGPQ/5T8rwxuleAuMesefV8R2vYTzocQV mTejoxGQe3GOzRqB9gHX19Gk8aJChHR2TXwqkdo/9IGFrYa3ZTYzsrpuwx6CcCOr Z5GGtVgZ9YedSzPIcP/g =OOy+ -END PGP SIGNATURE-
Re: [Dovecot] Question regarding Postfix and Dovecot
On Sun, 2013-03-17 at 21:30 -0700, David Benfell wrote: The standard response is also borne of frustration--a frustration that seemingly expects people to worship the ground that developers walk on. One thing that shows a good developer, is one who listens, to the negatives as well as positives, Timo thus far has mostly done this (still waiting on the mysql failover change talked about nearly 2 yrs ago ;) ). A good developer knows that without users feedback, both good and bad, their project can die a swift and painful death. We all want good software. That requires more of a partnership than we often see. True attachment: face-wink.png signature.asc Description: This is a digitally signed message part
