Re: [Dovecot] Connection refused userdb lookup ..dovecot/auth-userdb
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 24 Mar 2014, Simon wrote: Hi All, Ive been googling the crap out of this but still cant seem to make it work.. any assistance would be really appreciated thanks! :) On Sun, Mar 16, 2014 at 9:02 PM, Simon grem...@gmail.com wrote: On Thursday, March 13, 2014, Steffen Kaiser skdove...@smail.inf.fh-brs.de wrote: On Thu, 13 Mar 2014, Simon wrote: Ive taken a look at this and cant quite figure out what is going on here. I have tested all the SQL permissions, and also changed the unix_listener auth-userdb mode to 0666 (as instructed elsewhere to try and solve this issue), but cannot seem to work out what the issue is. what happens if you connect to that socket manually, e.g.: # sudo -u lda-user socat - UNIX:/usr/local/dovecot/var/ run/dovecot/auth-userdb VERSION 1 1 SPID1746 Maybe first try as root, then with the partucular users. Thanks for the reply! I tried this as root and got the following: [root@vmail1 ~]# socat - UNIX:/usr/local/dovecot/var/run/dovecot/auth-userdb 2014/03/16 20:57:05 socat[24404] E connect(3, AF=1 /usr/local/dovecot/var/run/dovecot/auth-userdb, 48): Connection refused Seems a bit wierd that I can't connect as root? Actually, Connection refused is not Permission denied, I would say that: a) Dovecot is not running, b) Dovecot is not configured to listen on that socket, c) Dovecot died when you've connect d) SELinux, AppArmor, ... prevent access - but I would expect Permission denied in that cases, too Check: lsof -c dovecot|grep auth-userdb dovecot 12600 root 56u unix 0x88003f94ed00 0t0 48261 /var/run/dovecot2.2/auth-userdb - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUy/oAnD1/YhP6VMHAQLEEQf/TopegsHb+TJ/t7LBr9WUmRDCwsLxCI7P Ctw8FRODVns7pFQZYkdytQ/klKVnxPY8TGXr58FAGJO+vIKAH0h7yCRzhfrIu2cP rBRTqFXubJ6AuqDnspYQu/hA5tr1O0SSDJKQ5e25kbStMMpSCVaHcMVah/KeZZZC sWScIt7BYkGRUPkwQOdbAbQZzmHvCCL6T/e71abK/dOgj3Pxw0kNCtQlvsAxLCdi 5eqymWXV4DNwrdrJtt89cGjCFX4jmFHngUpxE3SWRjQgtnJj5vDr3rnb0sEKwiOd 3OX8iTavRpapMIh83sTg32rs4zqrJZHv2nCWjh071coN8eAeTTX0Nw== =fIM7 -END PGP SIGNATURE-
Re: [Dovecot] Connection refused userdb lookup ..dovecot/auth-userdb
On 03/24/2014 04:14 AM, Simon wrote: On Sun, Mar 16, 2014 at 9:02 PM, Simon grem...@gmail.com wrote: On Thursday, March 13, 2014, Steffen Kaiser skdove...@smail.inf.fh-brs.de wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 13 Mar 2014, Simon wrote: Ive taken a look at this and cant quite figure out what is going on here. I have tested all the SQL permissions, and also changed the unix_listener auth-userdb mode to 0666 (as instructed elsewhere to try and solve this issue), but cannot seem to work out what the issue is. what happens if you connect to that socket manually, e.g.: # sudo -u lda-user socat - UNIX:/usr/local/dovecot/var/ run/dovecot/auth-userdb VERSION 1 1 SPID1746 Maybe first try as root, then with the partucular users. Thanks for the reply! I tried this as root and got the following: [root@vmail1 ~]# socat - UNIX:/usr/local/dovecot/var/run/dovecot/auth-userdb 2014/03/16 20:57:05 socat[24404] E connect(3, AF=1 /usr/local/dovecot/var/run/dovecot/auth-userdb, 48): Connection refused Seems a bit wierd that I can't connect as root? Hi All, Ive been googling the crap out of this but still cant seem to make it work.. any assistance would be really appreciated thanks! :) Please don't top-post... Some ideas: 1) Show full output of 'doveconf -n' 2) How do permissions of the socket look like? Show full output of 'ls -al /usr/local/dovecot/var/run/dovecot/' 3) Do you use SElinux or some other access control system? Any output in syslog/kernel logging? Tom signature.asc Description: OpenPGP digital signature
[Dovecot] Weird Authentication behaviour
Hi guys, we use dovecot 2.0.9 and authentication against a mysql database. Everything works fine, but we found some weird behavior when the password is e.g. testpass you also authenticate successfully with testpass123 or testpassNOT. Whatever comes after the correct password doesnt matter, the authentication is still successful. Here are the used configs: // auth-sql.conf.ext passdb { driver = sql args = /etc/dovecot/dovecot-sql.conf.ext } userdb { driver = static args = uid=vmail gid=vmail home=/data/mail/%d/%n } // dovecot-sql.conf.ext driver = mysql connect = host=[IP] dbname=[DB] user=[USER] password=[PASS] default_pass_scheme = CRYPT password_query = SELECT `password`, `login` AS `user` FROM `v_email_accounts` WHERE `login`='%u' // 10-auth.conf disable_plaintext_auth = no auth_mechanisms = plain !include auth-sql.conf.ext // 10-master.conf default_process_limit = 1000 default_client_limit = 3003 default_vsz_limit = 1024M service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } service_count = 0 vsz_limit = 1024M } service pop3-login { inet_listener pop3 { port = 110 } inet_listener pop3s { port = 995 ssl = yes } } service lmtp { unix_listener lmtp { } } service imap { vsz_limit = 1024M process_limit = 2048 } service pop3 { process_limit = 2048 } service auth { unix_listener auth-userdb { user = vmail group = vmail } client_limit = 8096 } service auth-worker { } service dict { unix_listener dict { } } Thanks in advance for your help!
Re: [Dovecot] Weird Authentication behaviour
On 03/24/2014 07:34 AM, Jürgen Ladstätter wrote: Hi guys, we use dovecot 2.0.9 and authentication against a mysql database. Everything works fine, but we found some weird behavior – when the password is e.g. “testpass” you also authenticate successfully with “testpass123” or “testpassNOT”. Whatever comes after the correct password doesn’t matter, the authentication is still successful. .. default_pass_scheme = CRYPT http://wiki2.dovecot.org/Authentication/PasswordSchemes -- CRYPT: Traditional DES-crypted password in /etc/passwd (e.g. pass = vpvKh.SaNbR6s) Dovecot uses libc's crypt() function, which means that CRYPT is usually able to recognize MD5-CRYPT and possibly also other password schemes. See all of the *-CRYPT schemes at the top of this page. *The traditional DES-crypt scheme only uses the first 8 characters of the password, the rest are ignored.* Other schemes may have other password length limitations (if they limit the password length at all).
Re: [Dovecot] Weird Authentication behaviour
Am 24.03.2014 12:47, schrieb Gedalya: On 03/24/2014 07:34 AM, Jürgen Ladstätter wrote: we use dovecot 2.0.9 and authentication against a mysql database. Everything works fine, but we found some weird behavior – when the password is e.g. “testpass” you also authenticate successfully with “testpass123” or “testpassNOT”. Whatever comes after the correct password doesn’t matter, the authentication is still successful. .. default_pass_scheme = CRYPT http://wiki2.dovecot.org/Authentication/PasswordSchemes -- CRYPT: Traditional DES-crypted password in /etc/passwd (e.g. pass = vpvKh.SaNbR6s) Dovecot uses libc's crypt() function, which means that CRYPT is usually able to recognize MD5-CRYPT and possibly also other password schemes. See all of the *-CRYPT schemes at the top of this page. *The traditional DES-crypt scheme only uses the first 8 characters of the password, the rest are ignored.* Other schemes may have other password length limitations (if they limit the password length at all) my passwords have 19 chars and my linux login does not accept only the first 8 ones, that's the state for many years now frankly 8 chars is laughable, i recently wrote a PHP library to generate secure random passwords and for 10 passwords get 13 collisions is way to much given that that means you have a collision every 8000 tries which means not you need 8000 in a real world attack GENERATED: 10 COLLISIONS: 13 signature.asc Description: OpenPGP digital signature
[Dovecot] Case-sensitive INBOX or client issue?
I am using dovecot as an IMAP server for a Cisco product (Cisco Agent Desktop by Calabrio) and noticed some odd behavior when trying to access emails. The mail is delivered to the main INBOX, then a Cisco server moves it to a directory within the INBOX based on the queue it is meant for. Here is the directory structure of the Maildir: Maildir/INBOX Maildir/INBOX/tmp Maildir/INBOX/63 Maildir/INBOX/63/tmp Maildir/INBOX/63/dovecot.index.cache Maildir/INBOX/63/cur Maildir/INBOX/63/cur/1395445673.M548066P32100.uc-util,S=6403:2, Maildir/INBOX/63/dovecot.index.log Maildir/INBOX/63/dovecot-uidlist Maildir/INBOX/63/maildirfolder Maildir/INBOX/63/new Maildir/INBOX/dovecot.index.cache Maildir/INBOX/cur Maildir/INBOX/dovecot.index.log Maildir/INBOX/dovecot-uidlist Maildir/INBOX/62 Maildir/INBOX/62/tmp Maildir/INBOX/62/dovecot.index.cache Maildir/INBOX/62/cur Maildir/INBOX/62/cur/1395445491.M591207P32114.uc-util,S=6380:2, Maildir/INBOX/62/dovecot.index.log Maildir/INBOX/62/dovecot-uidlist Maildir/INBOX/62/maildirfolder Maildir/INBOX/62/new Maildir/INBOX/new Email is delivered to INBOX then gets moved to INBOX/62 or INBOX/63. The desktop software is then supposed to read the email and process it. I did a packet capture of the conversation and saw the following: IMAP Response: * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE AUTH=PLAIN] Dovecot ready. IMAP Request: A0 AUTHENTICATE PLAIN IMAP Response: + IMAP Request: redacted IMAP Response: A0 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT IDLE CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS] Logged in IMAP Request: A1 LIST Inbox/63 IMAP Response: A1 OK List completed. IMAP Request: A2 CREATE Inbox/63 IMAP Response: A2 NO [ALREADYEXISTS] Mailbox exists. If I login manually and do 'LIST INBOX/63' it works fine, but not with Inbox/63. I was under the impression that INBOX was not case-sensitive. Is this a bug or is the client doing something silly? Thanks, Henry dovecot -n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.7 disable_plaintext_auth = no mail_location = maildir:~/Maildir:LAYOUT=fs namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox Sent Messages { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = pam } protocols = imap ssl = no ssl_cert = /etc/dovecot/dovecot.pem ssl_key = /etc/dovecot/private/dovecot.pem userdb { driver = passwd } -- The best way to predict the future is to invent it - Alan Kay
Re: [Dovecot] Case-sensitive INBOX or client issue?
Am 22.03.2014 01:33, schrieb SB Code Ninja: IMAP Response: * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE AUTH=PLAIN] Dovecot ready. IMAP Request: A0 AUTHENTICATE PLAIN IMAP Response: + IMAP Request: redacted IMAP Response: A0 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT IDLE CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS] Logged in IMAP Request: A1 LIST Inbox/63 IMAP Response: A1 OK List completed. IMAP Request: A2 CREATE Inbox/63 IMAP Response: A2 NO [ALREADYEXISTS] Mailbox exists. If I login manually and do 'LIST INBOX/63' it works fine, but not with Inbox/63. I was under the impression that INBOX was not case-sensitive. Is this a bug or is the client doing something silly? by RFC folder names are *not* case-sensitive, if dovecot handles them case-sensitive it is a bug, however there are broken clients as well if anybody ever struggeled with different MS Outlook versions and no new mails displayed just rename 'Inbox' to 'INBOX' on the server signature.asc Description: OpenPGP digital signature
Re: [Dovecot] Case-sensitive INBOX or client issue?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 21 Mar 2014, SB Code Ninja wrote: If I login manually and do 'LIST INBOX/63' it works fine, but not with Inbox/63. I was under the impression that INBOX was not case-sensitive. As far as I know that applies to INBOX, but not its children, see RFC1730 sec. 9. Formal Syntax mailbox ::= INBOX / astring ;; INBOX is case-insensitive; other names may be ;; case-sensitive depending on implementation. For a workaround see: http://wiki2.dovecot.org/Plugins/MailboxAlias Is this a bug or is the client doing something silly? mail_location = maildir:~/Maildir:LAYOUT=fs - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUzAvD3D1/YhP6VMHAQLZ+wgAohQ2DQ0outoOhUvD+ZnPpNj236FIiEIN vYtGKL665E6ef1mSEZC87yanb5zNzQVEDfCsFbYL0dFSP2OofYvxBBACp7iLMxod wq70qutUEWjMfgMK0eP5XLjYsrzYFpjWRDcglULhr6U/mvgUg8AFbzv5ajw75Q4i LgrEbhn4LBVy68ERVY4J33zP3NZAlSjDGs+759F1mSnEet1n7hJt7P4wenpU5YM+ Lr7sonp4xRf4gF2dTtotJCHTaREkr/wD0ZQpuud3WXOgNI+bSoyShMCuWHpdnOAg 86i0XtozqKOtYJNlowF6pWa5jL+VKC2lsvCn3QwFcF0r57r1C+MzSA== =rnPm -END PGP SIGNATURE-
Re: [Dovecot] Dovecot/Django authentication
Il 2014-03-21 17:29 Thomas Johnson ha scritto: Has anyone done a dovecot authentication plugin to support these password forms (and/or any other forms that django supports)? You could use a checkpassword script to authenticate against django. The interface is fairly simple. http://wiki2.dovecot.org/AuthDatabase/CheckPassword?action=showredirect=PasswordDatabase%2FCheckPassword ciao Luca
[Dovecot] imap: Error: mmap() failed with file ... dovecot.index.cache: Cannot allocate memory
Hi, since some days (about 10) I get the following error in mail error log many, many times: ... dovecot: imap(u...@domain.com pid:32769 session:dszL7lX1xADD/uGI): Error: mmap() failed with file /home/dovecotindex/domain.com/user/mailboxes/Trash /dovecot.index.cache: Cannot allocate memory It's always the same dovecot.index.cache file and only for the same heavily used account. The account is currently used from about 10 different clients with imap at the sime time. I checked the size of the index cache file and it seems very big: total 2,7G -rw--- 1 mailstore mailstore 464 Mär 24 14:36 dovecot.index -rw--- 1 mailstore mailstore 464 Mär 24 14:36 dovecot.index.backup -rw--- 1 mailstore mailstore 2,7G Mär 24 14:19 dovecot.index.cache -rw--- 1 mailstore mailstore 140 Mär 24 14:45 dovecot.index.log -rw--- 1 mailstore mailstore 89K Mär 24 14:36 dovecot.index.log.2 About 2,7 GB? To solve the problem temporarily, I removed the index files from the index Trash folder and Dovecot initialized an index rebuild. Now the size of the index files are small: total 28K -rw--- 1 mailstore mailstore 512 Mär 24 14:47 dovecot.index -rw--- 1 mailstore mailstore 20K Mär 24 15:28 dovecot.index.cache -rw--- 1 mailstore mailstore 1,2K Mär 24 15:28 dovecot.index.log But why could the index cache file be so big? Many thanks Urban
Re: [Dovecot] Weird Authentication behaviour
Reindl Harald wrote: Am 24.03.2014 12:47, schrieb Gedalya: On 03/24/2014 07:34 AM, Jürgen Ladstätter wrote: we use dovecot 2.0.9 and authentication against a mysql database. Everything works fine, but we found some weird behavior – when the password is e.g. “testpass” you also authenticate successfully with “testpass123” or “testpassNOT”. Whatever comes after the correct password doesn’t matter, the authentication is still successful. .. default_pass_scheme = CRYPT http://wiki2.dovecot.org/Authentication/PasswordSchemes -- CRYPT: Traditional DES-crypted password in /etc/passwd (e.g. pass = vpvKh.SaNbR6s) Dovecot uses libc's crypt() function, which means that CRYPT is usually able to recognize MD5-CRYPT and possibly also other password schemes. See all of the *-CRYPT schemes at the top of this page. *The traditional DES-crypt scheme only uses the first 8 characters of the password, the rest are ignored.* Other schemes may have other password length limitations (if they limit the password length at all) my passwords have 19 chars and my linux login does not accept only the first 8 ones, that's the state for many years now Because libc's crypt() was extended to support other encryption algorithms and your distribution chose to use them. (in Debian see for example /etc/login.defs, variable ENCRYPT_METHOD) That doesn't change the fact you can still use crypt() with DES encryption. For example, htpasswd still does that by default (or at least was doing that few months ago), you can recofigure your Linux login to do it as well and obviously you can configure Dovecot the same way. frankly 8 chars is laughable, i recently wrote a PHP library to generate secure random passwords and for 10 passwords get 13 collisions is way to much given that that means you have a collision every 8000 tries which means not you need 8000 in a real world attack GENERATED: 10 COLLISIONS: 13 Yes, AFAIK DES encryption is obsolete for very long time and if you know hash, it's quite easy to generate a secret which will match the hash (so security-wise database with DES encrypted passwords is pretty much no better than database with plaintext passwords) For the author of top post: Dovecot does what you told it to do. If you want to change this, it'll be a bit of a problem. If you by any chance have plaintext passwords for your accounts (and you shouldn't have them), you can pass them to doveadm pw -s SHA512-CRYPT -p plaintext and store what comes out to your DB. If you don't have them, there's a way using postlogin script - http://wiki2.dovecot.org/PostLoginScripting , see http://wiki2.dovecot.org/HowTo/ConvertPasswordSchemes This method will however convert scheme for _first_ password that allows someone to login. So you can expect complaints from your users who use their account from two devices with different passwords (with difference after 8th character.) They will login from one device, password scheme changes and the other device will be locked out.
Re: [Dovecot] Connection refused userdb lookup ..dovecot/auth-userdb
On Mon, Mar 24, 2014 at 9:10 PM, Tom Hendrikx t...@whyscream.net wrote: [root@vmail1 ~]# socat - UNIX:/usr/local/dovecot/var/run/dovecot/auth-userdb 2014/03/16 20:57:05 socat[24404] E connect(3, AF=1 /usr/local/dovecot/var/run/dovecot/auth-userdb, 48): Connection refused Seems a bit wierd that I can't connect as root? Hi All, Ive been googling the crap out of this but still cant seem to make it work.. any assistance would be really appreciated thanks! :) Please don't top-post... Hi There, Sorry about that ;) Some ideas: 1) Show full output of 'doveconf -n' http://pastebin.com/wsUt0eEF 2) How do permissions of the socket look like? Show full output of 'ls -al /usr/local/dovecot/var/run/dovecot/' http://pastebin.com/pCazAVUz 3) Do you use SElinux or some other access control system? Any output in syslog/kernel logging? /etc/selinux/config was set to permissive, so i set to disabled. Apart from the mail.log output in my pastbin above - there is no more logging that i can find. Thanks! Simon
Re: [Dovecot] Connection refused userdb lookup ..dovecot/auth-userdb
On 3/24/2014 3:55 PM, Simon grem...@gmail.com wrote: Some ideas: 1) Show full output of 'doveconf -n' http://pastebin.com/wsUt0eEF One more thing... please don't use pastebin... it breaks archives (eventually). Just copy/paste the output directly into the email body (this goes for logs too)... -- Best regards, Charles
Re: [Dovecot] Connection refused userdb lookup ..dovecot/auth-userdb
On Tue, Mar 25, 2014 at 9:00 AM, Charles Marcus cmar...@media-brokers.comwrote: One more thing... please don't use pastebin... it breaks archives (eventually). Just copy/paste the output directly into the email body (this goes for logs too)... Oh sorry :( Mar 13 09:50:44 vmail1 postfix/pipe[31090]: 5D4FFA1057: to= accou...@thedomainname.com, relay=dovecot, delay=135007, delays=135006/0.03/0/1, dsn=4.3.0, status=deferred (temporary failure) Mar 13 09:55:43 vmail1 postfix/qmgr[1486]: 5220B9FE50: from= accou...@thedomainname.com, size=2787, nrcpt=1 (queue active) Mar 13 09:55:43 vmail1 dovecot: lda: Debug: Loading modules from directory: /usr/local/dovecot/lib/dovecot Mar 13 09:55:43 vmail1 dovecot: lda: Debug: Module loaded: /usr/local/dovecot/lib/dovecot/lib10_quota_plugin.so Mar 13 09:55:43 vmail1 dovecot: lda: Debug: Module loaded: /usr/local/dovecot/lib/dovecot/lib90_sieve_plugin.so Mar 13 09:55:44 vmail1 dovecot: lda: Error: userdb lookup: connect(/usr/local/dovecot/var/run/dovecot/auth-userdb) failed: Connection refused Mar 13 09:55:44 vmail1 dovecot: lda: Fatal: Internal error occurred. Refer to server log for more information. Mar 13 09:55:44 vmail1 postfix/pipe[31212]: 5220B9FE50: to= accou...@thedomainname.com, relay=dovecot, delay=136173, delays=136171/0.03/0/1.1, dsn=4.3.0, status=deferred (temporary failure) [root@vmail1 vmail]# dovecot -n # 2.0.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-431.el6.centos.plus.x86_64 x86_64 CentOS release 6.5 (Final) xfs auth_debug = yes auth_debug_passwords = yes auth_mechanisms = plain login digest-md5 cram-md5 auth_verbose = yes debug_log_path = /var/log/dovecot.log mail_debug = yes mail_location = maildir:/var/vmail/%d/%n/Maildir mbox_write_locks = fcntl passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { quota = maildir:User quota quota_rule = *:storage=512M quota_rule2 = Trash:storage=+10%% quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=50%% quota-warning 50 %u } service auth { unix_listener auth-userdb { group = vmail mode = 0666 user = vmail } } service quota-warning { executable = script /var/vmail/quota-warning.sh unix_listener quota-warning { user = vmail } user = dovecot } ssl_cert = /etc/pki/dovecot/certs/dovecot.pem ssl_key = /etc/pki/dovecot/private/dovecot.pem userdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } protocol lda { mail_plugins = quota } protocol imap { mail_plugins = quota imap_quota ssl_cert = /etc/ssl/dovecot/imap.pem ssl_key = /etc/ssl/dovecot/imap.pem } protocol pop3 { mail_plugins = quota ssl_cert = /etc/ssl/dovecot/pop.pem ssl_key = /etc/ssl/dovecot/pop.pem } # ls -al total 28 drwxr-xr-x. 5 rootroot 4096 Aug 17 2013 . drwxr-xr-x. 3 rootroot 4096 Jul 13 2013 .. srw---. 1 rootroot0 Jul 18 2013 anvil srw---. 1 rootroot0 Jul 18 2013 anvil-auth-penalty srw---. 1 rootroot0 Jul 18 2013 auth-client srw---. 1 dovecot root0 Jul 18 2013 auth-login srw---. 1 rootroot0 Jul 18 2013 auth-master -rw---. 1 rootroot 32 Jul 13 2013 auth-token-secret.dat srwxrwxrwx. 1 vmail vmail 0 Jul 18 2013 auth-userdb srw---. 1 dovecot root0 Jul 18 2013 auth-worker srw---. 1 rootroot0 Jul 18 2013 config srwxrwxrwx. 1 vmail vmail 0 Jul 18 2013 dict srw---. 1 rootroot0 Jul 18 2013 director-admin srw---. 1 rootroot0 Jul 18 2013 director-userdb srw-rw-rw-. 1 rootroot0 Jul 18 2013 dns-client srw---. 1 rootroot0 Jul 18 2013 doveadm-server lrwxrwxrwx. 1 rootroot 43 Jul 18 2013 dovecot.conf - /usr/local/dovecot/etc/dovecot/dovecot.conf drwxr-xr-x. 2 rootroot 4096 Jul 13 2013 empty srw-rw-rw-. 1 rootroot0 Jul 18 2013 imap-urlauth srw---. 1 dovecot root0 Jul 18 2013 imap-urlauth-worker srw-rw-rw-. 1 rootroot0 Jul 18 2013 indexer srw---. 1 dovecot root0 Jul 18 2013 indexer-worker srw---. 1 rootroot0 Jul 18 2013 ipc srw---. 1 rootroot0 Jul 18 2013 log-errors drwxr-x---. 2 rootdovenull 4096 Jul 18 2013 login -rw-r--r--. 1 rootroot 40 Jul 18 2013 mounts srw---. 1 vmail root0 Jul 18 2013 quota-warning srw---. 1 rootroot0 Jul 18 2013 replication-notify prw---. 1 rootroot0 Jul 18 2013 replication-notify-fifo srw---. 1 dovecot root0 Jul 18 2013 replicator srw-rw-rw-. 1 rootroot0 Jul 18 2013 ssl-params srw---. 1 rootroot0 Jul 18 2013 stats prw---. 1 rootroot0 Jul 18 2013 stats-mail drwxr-x---. 2 rootdovenull 4096 Jul 18 2013 token-login
[Dovecot] Direct groups of users to pairs of backend servers
Hi All, I am using dovecot in the Director setup with multiple proxy and backend mailstores and user information stored in LDAP. I am aware users can be directed to a single backend server. It would be useful to be able to direct groups of users to pairs of backend servers to give some fault tolerance against NFS issues and make the whole thing more scalable. Otherwise each backend mailstore will need all the NFS mounts and the whole cluster will be affected if one NFS mount has an issue. I am not sure if this possible with the current dovecot implementation? If not it would be a great enhancement. Thanks Murray