Re: [Dovecot] How to troubleshoot LDA or LMTP?

2013-08-07 Thread John Williams 
Steffen Kaiser  writes:

> On Tue, 6 Aug 2013, John Williams wrote:
>
>>> dovecot-lda -c config-file -d user < mailfile
>> Aha!  Piping a message to the process was the step I was not aware of.
>
> does offlineimap provides logs to get to know what mails are newly 
> arriving to your local mail storage,
Yes.

> in order to not filter the same message twice or re-filter messages,
> you've moved around manually?
That is not a problem.  The filtering process works perfectly when I
manually invoke dovecot-lda.  My problem is that I have followed the
instructions here:

http://wiki2.dovecot.org/LDA/

and here:

http://wiki2.dovecot.org/LDA/Sendmail

and here:

http://wiki2.dovecot.org/LMTP

but neither dovecot-lda nor LMTP seem to be triggered whenever I send
email from my MUA (Gnus).  At least, I *think* I have followed the
instructions correctly.  Would you like me to post my dovecot config
again, and the relevant portion of sendmail.cf?

Thank you very much for your help, I truly appreciate it.

[Dovecot] The docs a re a bit weird on "Directory hashing"

2013-08-07 Thread Eliezer Croitoru 
In squid we use a double layer of hashed directories on the FS to allow
storage of millions of files.
I was reading the "Directory hashing" section but never understood it..
since it's written.. in a way I could not understand.
I am using this line:
mail_location = maildir:/home/vmail/%d/%n/Maildir/

and I want to migrate to a hash based directory scheme.
While trying to understand how that hash will work I stumbled a old
thread at:
http://www.dovecot.org/list/dovecot/2010-June/049695.html
there they used:
mail_location=maildir:/buzones/us.es/%1Hu/%2.1u/%n

so I assume it should be used like that:
mail_location=maildir:/home/vmail/%H/%2.256Hn/%d_%n/Maildir/
or:
mail_location=maildir:/home/vmail/%1Mu/%2.1Mu/%d_%n/Maildir/

It's a bit hard to think alone so I hope you can assist me.

let say I want to follow the model of squid cache_dir which has:
cache_dir aufs /usr/local/squid/var/cache/squid 4 16 256

And means a two layers cache of max 16 directories on the first layer
and 256 directories on the second layer.
The above allows millions of files storage and can benefit from all ext4
lower kernel levels of compatibly rather then do stuff on the user-land..
Since I am not 100% sure that the scheme I understood is indeed what I
think I assume the above will need a small correction.

Eliezer

Re: [Dovecot] Unable to use dovecot-antispam plugin

2013-08-07 Thread Xavier Claude 
Le mercredi 31 juillet 2013 08:51:11 Steffen Kaiser a écrit :
> 
> To narrow down the problem, could you:
> 
> a) add "Drafts" to antispam_spam and try again with Drafts,&

I've added it and I have the same behaviour as with the Spam directory.

> a) disable antispam and try to move a message to Spam again.

If I disable the plugin I can move a mail in the Spam directory.

> 
> The config looks fine. Do you have no error in the logs or in syslog? I
> wonder if your client moves the message to Spam at all ... .

I don't see anything in the logs.  

Regards,
-- 
Xavier Claude
claude.xav...@gmail.com

Re: [Dovecot] Override master service settigs with spaces

2013-08-07 Thread Axel Luttgens 
Le 7 août 2013 à 18:03, Ulrich Zehl  a écrit :

> I'd like to override one setting for a master service in
> conf.d/10-master.conf. Unfortunately, said setting contains spaces, and I
> do not know how to escape them properly.
> 
> Here's what I've tried so far. (Note: This is just the easiest/silliest
> test case I could come up with; not the actual setting or service I want to
> overwrite.)
> 
> 
> [...]
> 
> 
> I'm out of ideas now. What's the correct way to quote / escape these
> options?

Hello Ulrich,

What makes you think quota-status would accept a -o option?
And what's that "quota_status_success" plugin supposed to do?
Just curious (probably ill-informed),
Axel

Re: [Dovecot] execvp /usr/local/libexec/dovecot/dovecot-lda: Permission denied

2013-08-07 Thread Axel Luttgens 
Le 7 août 2013 à 16:32, will moura a écrit :

> Hi Edward Carraro,
> 
> I see you got your goal. 
> So I have same trouble and don´t solved.
> I used the three scenarios you used.
> 
> based in http://wiki.dovecot.org/LDA/%VirtualUsers
> 
> And tried using the lmtp, but too don´t worked to delivery mail, I use
> dovecot-lda to sieve plugin work.
> 
> Please help me.
> 
> See the logs:
> 
> mail postfix/local[14324]: 45FCB12E89: to=, relay=local,
> delay=1785, delays=1785/0.05/0/0.12, dsn=4.3.0, status=deferred (temporary
> failure. Command output: local: fatal: execvp /usr/libexec/dovecot/deliver:
> Permission denied)
> 
> Thanks.

Hello Will,

Are you cross-posting without knowing it?
As far as I'm concerned, I'm unable to find any previous related email on this 
list; and the above sure is insufficient for anyone on this list to be of some 
help...
Could you re-state your trouble for the sake of all of us?
:-)

Axel

Re: [Dovecot] 2.2.5 fails to compile - SSL_OP_SINGLE_ECDH_USE : Solaris 10 + Sunstudio 12.3

2013-08-07 Thread Tomi Vainio 
On 7.8.2013 18.01, Timo Sirainen wrote:
> On 7.8.2013, at 15.00, Tomi Vainio  wrote:
> 
>> Compile fails in these two files
>> src/lib-ssl-iostream/iostream-openssl-context.c
>> src/login-common/ssl-proxy-openssl.c
>> due to missing SSL_OP_SINGLE_ECDH_USE
> 
> I did some further cleanups, this should help: 
> http://hg.dovecot.org/dovecot-2.2/rev/27ebd9552471
> 

Thanks, works fine.

Solaris 10 has version which is quite old base line

% openssl version
OpenSSL 0.9.7d 17 Mar 2004 (+ security fixes for: CVE-2005-2969
CVE-2006-2937 CVE-2006-2940 CVE-2006-3738 CVE-2006-4339 CVE-2006-4343
CVE-2006-7250 CVE-2007-5135 CVE-2007-3108 CVE-2008-5077 CVE-2008-7270
CVE-2009-0590 CVE-2009-2409 CVE-2009-3555 CVE-2010-4180 CVE-2011-4576
CVE-2011-4619 CVE-2012-0884 CVE-2012-1165 CVE-2012-2110 CVE-2012-2131
CVE-2012-2333 CVE-2013-0166 CVE-2013-0169)

  Tomppa

Re: [Dovecot] keywords leak in cmd_append_handle_args()

2013-08-07 Thread Timo Sirainen 
On 7.8.2013, at 19.43, Mike Abbott  wrote:

> In 2.2.5 and earlier it appears that mailbox_keywords_unref(&keywords) is not 
> called in some return paths from cmd_append_handle_args().  Should it be?

Yeah, added, thanks: http://hg.dovecot.org/dovecot-2.2/rev/5dbea45eecb8

[Dovecot] keywords leak in cmd_append_handle_args()

2013-08-07 Thread Mike Abbott 
In 2.2.5 and earlier it appears that mailbox_keywords_unref(&keywords) is not 
called in some return paths from cmd_append_handle_args().  Should it be?

Re: [Dovecot] 2.2.5 fails to compile - SSL_OP_SINGLE_ECDH_USE : Solaris 10 + Sunstudio 12.3

2013-08-07 Thread David Hicks 
On Thu, 2013-08-08 at 02:06 +1000, David Hicks wrote:
> OpenSSL has also been defining
> OPENSSL_NO_ECDH in the build script since 30 Jan 2009[2].

Correction of typo in the date: 30 Jan 2003.


signature.asc
Description: This is a digitally signed message part

Re: [Dovecot] 2.2.5 fails to compile - SSL_OP_SINGLE_ECDH_USE : Solaris 10 + Sunstudio 12.3

2013-08-07 Thread David Hicks 
On Wed, 2013-08-07 at 15:00 +0300, Tomi Vainio wrote:
> Compile fails in these two files
> src/lib-ssl-iostream/iostream-openssl-context.c
> src/login-common/ssl-proxy-openssl.c
> due to missing SSL_OP_SINGLE_ECDH_USE
> 
> In these there is only
> #if !defined(OPENSSL_NO_ECDH)
> when all the other places it always compares also SSL version
> #if !defined(OPENSSL_NO_ECDH) && OPENSSL_VERSION_NUMBER >= 0x10002000L

SSL_OP_SINGLE_ECDH_USE has been defined in OpenSSL's ssl/ssl.h since
draft ECC support was first committed on 9 Aug 2002[1]. OpenSSL's
CHANGES file states that draft ECC support was added between
openssl-0.9.7 and openssl-0.9.8. OpenSSL has also been defining
OPENSSL_NO_ECDH in the build script since 30 Jan 2009[2]. All releases
in the openssl-0.9.8 series and higher should therefore have both
SSL_OP_SINGLE_ECDH_USE and OPENSSL_NO_ECDH defined.

Would I be correct to assume that Solaris 10 is bundling OpenSSL
<=0.9.7?

[1]
http://git.openssl.org/gitweb/?p=openssl.git;a=blob;f=ssl/ssl.h;h=49e3c52c9c4982ccec5e280cd3577d1b783f016c;hb=ea262260469e49149cb10b25a87dfd6ad3fbb4ba#l480

[2]
http://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff;f=util/mk1mf.pl;h=5f3ab059f0cccd058a89e9036a740c046d813ba8;hp=8c6370bc5dcbb470550d520b834148a027a7d3bc;hb=0b13e9f055d3f7be066dc2e89fc9f9822b12eca7;hpb=96f7065f6392e19f1449578aaeabb8dc39294fa7



signature.asc
Description: This is a digitally signed message part

[Dovecot] Override master service settigs with spaces

2013-08-07 Thread Ulrich Zehl 
I'd like to override one setting for a master service in
conf.d/10-master.conf. Unfortunately, said setting contains spaces, and I
do not know how to escape them properly.

Here's what I've tried so far. (Note: This is just the easiest/silliest
test case I could come up with; not the actual setting or service I want to
overwrite.)


conf.d/10-master.conf:
service quota-status {
  executable = quota-status -p postfix -o plugin/quota_status_success=Testing 1 
2 3
  inet_listener {
port = 12340
  }
}

Reaction:
$ printf "recipient=t...@example.org\nsize=0\n\n" | nc 127.0.0.1 12340
action=Testing


conf.d/10-master.conf:
service quota-status {
  executable = quota-status -p postfix -o "plugin/quota_status_success=Testing 
1 2 3"
  inet_listener {
port = 12340
  }
}

Reaction:
$ printf "recipient=t...@example.org\nsize=0\n\n" | nc 127.0.0.1 12340
action=DUNNO [<-- This is the default setting]


conf.d/10-master.conf:
service quota-status {
  executable = quota-status -p postfix -o 'plugin/quota_status_success=Testing 
1 2 3'
  inet_listener {
port = 12340
  }
}

Reaction:
$ printf "recipient=t...@example.org\nsize=0\n\n" | nc 127.0.0.1 12340
action=DUNNO [<-- This is the default setting]


conf.d/10-master.conf:
service quota-status {
  executable = quota-status -p postfix -o plugin/quota_status_success="Testing 
1 2 3"
  inet_listener {
port = 12340
  }
}

Reaction:
$ printf "recipient=t...@example.org\nsize=0\n\n" | nc 127.0.0.1 12340
action="Testing [<-- Note the " after = ]


conf.d/10-master.conf:
service quota-status {
  executable = quota-status -p postfix -o plugin/quota_status_success=Testing\ 
1\ 2\ 3
  inet_listener {
port = 12340
  }
}

Reaction:
$ printf "recipient=t...@example.org\nsize=0\n\n" | nc 127.0.0.1 12340
action=Testing\ [<-- Note the \ ]


I'm out of ideas now. What's the correct way to quote / escape these
options?

Re: [Dovecot] 2.2.5 fails to compile - SSL_OP_SINGLE_ECDH_USE : Solaris 10 + Sunstudio 12.3

2013-08-07 Thread Timo Sirainen 
On 7.8.2013, at 15.00, Tomi Vainio  wrote:

> Compile fails in these two files
> src/lib-ssl-iostream/iostream-openssl-context.c
> src/login-common/ssl-proxy-openssl.c
> due to missing SSL_OP_SINGLE_ECDH_USE

I did some further cleanups, this should help: 
http://hg.dovecot.org/dovecot-2.2/rev/27ebd9552471

Re: [Dovecot] execvp /usr/local/libexec/dovecot/dovecot-lda: Permission denied

2013-08-07 Thread will moura 
Hi Edward Carraro,

I see you got your goal. 
So I have same trouble and don´t solved.
I used the three scenarios you used.

based in http://wiki.dovecot.org/LDA/%VirtualUsers

And tried using the lmtp, but too don´t worked to delivery mail, I use
dovecot-lda to sieve plugin work.

Please help me.

See the logs:

mail postfix/local[14324]: 45FCB12E89: to=, relay=local,
delay=1785, delays=1785/0.05/0/0.12, dsn=4.3.0, status=deferred (temporary
failure. Command output: local: fatal: execvp /usr/libexec/dovecot/deliver:
Permission denied)

Thanks.




--
View this message in context: 
http://dovecot.2317879.n4.nabble.com/execvp-usr-local-libexec-dovecot-dovecot-lda-Permission-denied-tp9592p43756.html
Sent from the Dovecot mailing list archive at Nabble.com.

[Dovecot] 2.2.5 fails to compile - SSL_OP_SINGLE_ECDH_USE : Solaris 10 + Sunstudio 12.3

2013-08-07 Thread Tomi Vainio 
Hi,

Compile fails in these two files
src/lib-ssl-iostream/iostream-openssl-context.c
src/login-common/ssl-proxy-openssl.c
due to missing SSL_OP_SINGLE_ECDH_USE

In these there is only
#if !defined(OPENSSL_NO_ECDH)
when all the other places it always compares also SSL version
#if !defined(OPENSSL_NO_ECDH) && OPENSSL_VERSION_NUMBER >= 0x10002000L

  Tomppa

Re: [Dovecot] Postfix aliases with quota-status service

2013-08-07 Thread Timo Sirainen 
On 7.8.2013, at 9.29, Ulrich Zehl  wrote:

> On Tue, Aug 06, 2013 at 09:20:13PM +0200, Thomas Leuxner wrote:
>> Now everything in between seems to create SMTPD rejections in some cases
>> _or_ queue the mail and let it hit the quota in other cases. That's my
>> whole point...
> 
> I'm sorry, I don't get your point.
> 
> Are you saying that quota-status does not eliminate all over-quota bounces?
> 
> That's to be expected. quota-status does not reserve quota when questioned,
> it only tells Postfix whether enough space is currently free or not. This
> is not free of race conditions, and therefore cannot eliminate all late
> bounces, even when quota-status has all the information, including size.

I think it would work also to do the check in SMTP RCPT TO stage and do quota 
bouncing only there. In LMTP/LDA stage use infinite quota to avoid bouncing. 
Yeah, user might get a little bit over quota (even over quota_grace) but not by 
much.

Re: [Dovecot] Please HELP: how to delete all messages older than X days from the server?

2013-08-07 Thread Timo Sirainen 
On 7.8.2013, at 11.22, Răzvan Sandu  wrote:

> On Tue, 06 Aug 2013 19:18:15 +0200, Pascal Volk a scris:
> 
>> There is also the -A option, see
>> http://wiki2.dovecot.org/Tools/Doveadm/Expunge#section_options
> 
> 
> Thank you, but doveadm expunge will ask for the mailbox name:
> 
> [root@mail1 ~]# doveadm expunge -u john@example.com ON 2013-08-07
> doveadm(root): Fatal: expunge: To avoid accidents, search query must
> contain MAILBOX in all search branches

Add: mailbox '*'

> Also for the correct search criteria: should I use SAVEDBEFORE or
> SENTBEFORE ?

If they are POP3 only, then SAVEDBEFORE and BEFORE and the same. SENTBEFORE 
usually is also almost the same, except if the mail has been stuck in queues 
for a while or if the sender's clock is wrong. So better not use it.

Re: [Dovecot] Please HELP: how to delete all messages older than X days from the server?

2013-08-07 Thread Răzvan Sandu 
On Tue, 06 Aug 2013 19:18:15 +0200, Pascal Volk a scris:

> There is also the -A option, see
> http://wiki2.dovecot.org/Tools/Doveadm/Expunge#section_options


Thank you, but doveadm expunge will ask for the mailbox name:

[root@mail1 ~]# doveadm expunge -u john@example.com ON 2013-08-07
doveadm(root): Fatal: expunge: To avoid accidents, search query must
contain MAILBOX in all search branches

What I need is to traverse *all* directories under
/var/spool/mail/vhosts/domainname/  (which are
/var/spool/mail/vhosts/domainname/username, with further variable
subdirectories, name never known in advance...) and to delete all
messages older than X days (incoming, sent, drafts, trash, etc.)

This must be done without manual confirmation ("are you sure...?") (if I
do it via a script run from cron).

>From the examples given in the wiki page, the expire plugin presents the
same problem: one must know in advance the *name of the mailbox* he has
to empty.

Also for the correct search criteria: should I use SAVEDBEFORE or
SENTBEFORE ?


Thanks again,
Răzvan








<>