IMAP sessions quit when calling MYRIGHTS on shared namespace
Hi, the IMAP connection is dropped, when I call MYRIGHTS on the root of my shared folders. Using the configuration below, the shared folders are located in shared/%%U/ # telnet localhost imap Trying ::1... Connected to localhost. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN] Dovecot ready. . LOGIN XXX . OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS SPECIAL-USE BINARY MOVE QUOTA ACL RIGHTS=texk] Logged in . MYRIGHTS shared Connection closed by foreign host. I'd expect some kind of error message instead of dropping the connection. Kind regards, Franz # 2.2.13: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-358.18.1.el6.x86_64 x86_64 CentOS release 6.4 (Final) auth_master_user_separator = * auth_verbose = yes debug_log_path = /var/log/dovecot_debug.log default_client_limit = 3500 disable_plaintext_auth = no import_environment = TZ DOVECOT_HOSTNAME lmtp_rcpt_check_quota = yes mail_gid = vmail mail_location = mdbox:~/mail mail_plugins = acl quota zlib mail_log notify mail_uid = vmail managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body environment mailbox date ihave duplicate vacation-seconds imapflags notify mbox_write_locks = fcntl namespace { list = children location = mdbox:%%h/mail prefix = shared/%%u/ separator = / subscriptions = no type = shared } namespace { hidden = yes list = no location = pop3c: prefix = POP3-MIGRATION-NS/ } namespace inbox { inbox = yes location = mailbox Drafts { auto = no special_use = \Drafts } mailbox Sent { auto = no special_use = \Sent } mailbox Spam { auto = subscribe special_use = \Junk } mailbox Trash { auto = no special_use = \Trash } prefix = INBOX/ separator = / subscriptions = yes } namespace parent { hidden = yes list = no location = prefix = separator = / subscriptions = yes } passdb { args = /etc/dovecot/passwd.masterusers driver = passwd-file master = yes } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { acl = vfile acl_shared_dict = file:/var/spool/imap/dovecot-shared-mailboxes mail_log_events = delete undelete expunge copy save mailbox_create mailbox_delete mailbox_rename pop3_migration_mailbox = POP3-MIGRATION-NS/INBOX quota = dict:user::file:%h/mail/dovecot-quota quota_exceeded_message = Empfaenger Postfach ist voll (Mailbox Quota Exceeded) quota_grace = 50M quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u sieve = ~/sieve/active sieve_before = /etc/dovecot/sieve_before/movespamfolder.sieve sieve_dir = ~/sieve sieve_extensions = +notify -enotify +imapflags +vacation-seconds sieve_max_actions = 1000 sieve_max_redirects = 1000 sieve_vacation_max_period = 0 sieve_vacation_min_period = 0 zlib_save = gz zlib_save_level = 6 } pop3_no_flag_updates = yes pop3_uidl_format = %v.%u pop3c_host = pop3.example.com pop3c_master_user = master pop3c_password = secret protocols = imap pop3 lmtp sieve service anvil { unix_listener anvil-auth-penalty { mode = 00 } } service auth { unix_listener auth-userdb { mode = 0777 } } service imap-login { process_limit = 3000 process_min_avail = 16 service_count = 0 } service imap { process_limit = 10240 } service lmtp { inet_listener lmtp { port = 26 } } service managesieve-login { inet_listener sieve_deprecated { port = 2000 } } service pop3-login { service_count = 0 } service pop3 { process_limit = 10240 } service quota-warning { executable = script /usr/local/bin/quota-warning.sh unix_listener quota-warning { user = vmail } } ssl_cert = /etc/pki/dovecot/certs/dovecot.pem ssl_key = /etc/pki/dovecot/private/dovecot.pem syslog_facility = local0 userdb { driver = prefetch } userdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } protocol lmtp { mail_plugins = acl quota zlib mail_log notify sieve } protocol doveadm { mail_plugins = acl quota zlib mail_log notify pop3_migration } protocol lda { mail_plugins = acl quota zlib mail_log notify sieve } protocol imap { mail_max_userip_connections = 3789 mail_plugins = acl quota zlib mail_log notify imap_acl imap_quota } -- Franz Knipp, +43 664 3980169 qnipp GmbH, Hauptstraße 54, 7064 Oslip, Österreich http://qnipp.com http://qnipp.com/qnipp.vcf
Re: IMAP sessions quit when calling MYRIGHTS on shared namespace
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 25 Jun 2014, Franz Knipp wrote: the IMAP connection is dropped, when I call MYRIGHTS on the root of my shared folders. Using the configuration below, the shared folders are located in shared/%%U/ # telnet localhost imap Trying ::1... Connected to localhost. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN] Dovecot ready. . LOGIN XXX . OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS SPECIAL-USE BINARY MOVE QUOTA ACL RIGHTS=texk] Logged in . MYRIGHTS shared Connection closed by foreign host. I'd expect some kind of error message instead of dropping the connection. Did you've looked in your server log? You most likely got an abort or something like that. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBU6p4l3z1H7kL/d9rAQIjWggAhrG+WjBhofpruWi+G9zVBjnjm18TiSvS l/Cfz6vfapk502QCvjgiQ0+OT3FUEqZvwUpu9FGlW537u+WCkJG8fmCpwrgSg7A+ jzW0Vhhszz6P7OCThEtSBypys3QFd71nuK7w20qtNEnKihErDqFiLwKd+HwzIObn vgx4F4kFnaclHZeq/i5HksmCNKVTFMqiQ9BbI4GL+EoYPBuTXkWxHofl/ukemlFw Uk9KdEqYDimfV3FWFHWF9jNEd4PypwVxWEJFeIoR2Ir1f0Tflpd5UqIvA7xqOjXg EbVRq2xT+FoNis9XeVeXEQRj0UlfTl45Z2o6Sa+PIsL+Fp4ig6iLRg== =xc2E -END PGP SIGNATURE-
Re: IMAP sessions quit when calling MYRIGHTS on shared namespace
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am 2014-06-25 09:21, schrieb Steffen Kaiser: the IMAP connection is dropped, when I call MYRIGHTS on the root of my shared folders. Did you've looked in your server log? You most likely got an abort or something like that. You're right. So I enabled core dumps, this is the backtrace: #0 0x7f6857da81c2 in acl_mailbox_get_aclobj (box=value optimized out) at acl-mailbox.c:29 #1 0x7f6857b97f33 in cmd_myrights (cmd=0x13ca1f0) at imap-acl-plugin.c:331 #2 0x0041709d in command_exec (cmd=0x13ca1f0) at imap-commands.c:158 #3 0x00416150 in client_command_input (cmd=0x13ca1f0) at imap-client.c:778 #4 0x0041624a in client_command_input (cmd=0x13ca1f0) at imap-client.c:839 #5 0x004164bd in client_handle_next_command (client=0x13c97d0) at imap-client.c:877 #6 client_handle_input (client=0x13c97d0) at imap-client.c:889 #7 0x0041682f in client_input (client=0x13c97d0) at imap-client.c:931 #8 0x7f68589e62ee in io_loop_call_io (io=0x13ca100) at ioloop.c:441 #9 0x7f68589e7497 in io_loop_handler_run_internal (ioloop=value optimized out) at ioloop-epoll.c:220 #10 0x7f68589e6379 in io_loop_handler_run (ioloop=0x13a4730) at ioloop.c:488 #11 0x7f68589e63f8 in io_loop_run (ioloop=0x13a4730) at ioloop.c:465 #12 0x7f68589935d3 in master_service_run (service=0x13a45c0, callback=value optimized out) at master-service.c:566 #13 0x00420088 in main (argc=1, argv=0x13a4390) at main.c:400 Hope this helps. - -- Franz Knipp, +43 664 3980169 qnipp GmbH, Hauptstraße 54, 7064 Oslip, Österreich http://qnipp.com http://qnipp.com/qnipp.vcf -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlOqlN8ACgkQGRK+JW9GubbFiQCeMG711IR+4RayIpWq3KTpLCgk W7EAoIu1hcYA5TG9I/y3VvYqOQHQX1TH =jq3j -END PGP SIGNATURE-
Remove all messages in a mailbox
Hi All, I am having trouble removing all messages in a mailbox. The command below doesn't remove all the messages: doveadm expunge -u user@domain mailbox '*' all Do I need to add .* or other? THanks Murray
Re: Remove all messages in a mailbox
Hi, we use namespace with prefix = INBOX. When we need to remove all messages in mailbox we need to run this commands: doveadm expunge -u user@domain mailbox INBOX ALL doveadm expunge -u user@domain mailbox INBOX.* ALL The first remove mailboxes in inbox and the second in other subfolders. And in case you use dbox format: doveadm purge -u user@domain On Wed, 25 Jun 2014 17:57:21 +0800 Murray Trainer mtrai...@westnet.com.au wrote: Hi All, I am having trouble removing all messages in a mailbox. The command below doesn't remove all the messages: doveadm expunge -u user@domain mailbox '*' all Do I need to add .* or other? THanks Murray -- [ Ohodnotte kvalitu mailu: http://nicereply.com/websupport/Stano/ ] Pavel Stano | Troubleshooter http://WebSupport.sk *** BERTE A VYCHUTNAVAJTE *** signature.asc Description: PGP signature
sievec drops privileges unexpectedly
(Please keep me CC'd, I'm not subscribed) Hi folks, I'm using dovecot 2.1.7 (from Debian stable) with sieve. I have default sieve script configured, which lives in /etc/dovecot/sieve. I use dovecot-lda running under the virtual-mail user, which does not have write access to the /etc/dovecot/sieve directory. Now, when a mail gets delivered, I get the following message in my logs. Jun 25 14:29:43 mail dovecot: lda(2001): Error: sieve: binary save: failed to create temporary file: open(/etc/dovecot/sieve/default.svbin.mail.local.18902.) failed: Permission denied (euid=2009(virtual-mail) egid=2009(virtual-mail) missing +w perm: /etc/dovecot/sieve, dir owned by 0:0 mode=0755) Jun 25 14:29:43 mail dovecot: lda(2001): Error: sieve: the lda sieve plugin does not have permission to save global sieve script binaries; global sieve scripts like /etc/dovecot/sieve/default need to be pre-compiled using the sievec tool Due to the lack of permissions, this is of course expected. However, when I then try to precompile the script using sievec, that also fails: # sievec /etc/dovecot/sieve/default sievec(root): Error: sieve: binary save: failed to create temporary file: open(/etc/dovecot/sieve/default.svbin.mail.local.18952.) failed: Permission denied (euid=2009(virtual-mail) egid=2009(virtual-mail) missing +w perm: /etc/dovecot/sieve, dir owned by 0:0 mode=0755) So, apparently sievec drops privileges to the virtual-mail user. Why does this happen? It seems kind of counter-productive - I don't see a way to properly run sievec as root now? How is this supposed to work? Now I wrote this, I realized that it might be related that I have specified mail_uid and mail_gid globally in my dovecot.conf file. Perhaps those are intended to only be put inside the protocol imap and protocol lda blocks? This would mean duplicating of this bit of configuration, which doesn't really sound nice. Gr. Matthijs PS, here's my dovecot -n output: # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.10-1-amd64 x86_64 Debian 7.5 log_timestamp = %Y-%m-%d %H:%M:%S mail_access_groups = spamd-access mail_debug = yes mail_gid = virtual-mail mail_location = Maildir:~/Folders:INBOX=~/INBOX:LAYOUT=fs mail_uid = virtual-mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave passdb { args = /etc/dovecot/dovecot-ldap.conf driver = ldap } plugin { antispam_backend = pipe antispam_pipe_program = /usr/bin/spamc antispam_pipe_program_args = --socket=/var/run/spamd.socket antispam_pipe_program_notspam_arg = --learntype=ham antispam_pipe_program_spam_arg = --learntype=spam antispam_spam = Spam antispam_trash_pattern_ignorecase = trash;Deleted *;Prullenbak;Verwijderde * sieve = ~/sieve sieve_dir = ~/sieve.d sieve_global_path = /etc/dovecot/sieve/default } protocols = imap sieve service auth { unix_listener auth-client { group = Debian-exim mode = 0600 user = Debian-exim } unix_listener auth-master { group = virtual-mail mode = 0600 user = virtual-mail } user = nobody } ssl_cert = ssl/mail.tikatika.nl.crt-chain ssl_key = ssl/mail.tikatika.nl.key userdb { args = home=/data/mail/%u allow_all_users=yes uid=virtual-mail gid=virtual-mail driver = static } protocol imap { mail_plugins = antispam } protocol lda { lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes mail_plugins = sieve postmaster_address = } signature.asc Description: Digital signature
Re: sievec drops privileges unexpectedly
Hi Matthijs, Matthijs Kooijman schreef op 25-6-2014 14:53: Now I wrote this, I realized that it might be related that I have specified mail_uid and mail_gid globally in my dovecot.conf file. Perhaps those are intended to only be put inside the protocol imap and protocol lda blocks? This would mean duplicating of this bit of configuration, which doesn't really sound nice. PS, here's my dovecot -n output: # 2.1.7: /etc/dovecot/dovecot.conf This is a very old and obsolete version. This problem was fixed almost two years ago: http://hg.rename-it.nl/dovecot-2.2-pigeonhole/rev/cfe8e9f49dfe This was released in Pigeonhole v0.3.2 for Dovecot v2.1.9. Regards, Stephan.
Re: sievec drops privileges unexpectedly
Hey Stephan, # 2.1.7: /etc/dovecot/dovecot.conf This is a very old and obsolete version. This problem was fixed almost two years ago: Ah, cool. This is what Debian/stable ships, so I'll probably stick to this version for a while. Good to hear it's already fixed, then I'll just work around the issue for now :-) Thanks, Matthijs signature.asc Description: Digital signature
question on lmtp logged message
Hi, I have dovecot running for IMAP4/POP3 and also local delivery through LMTP. It's working just fine, absolutely no problem on that, setup is fine. Anyway, sometimes LMTP seems to not be able to deliver some messages and keep them on postfixqueue. And on the next or third try, the message gets delivered successfully. The logged message, however, is not helping me identify what is happening.Example: (error - message was expunged) Jun 25 11:49:39 correio postfix/lmtp[21835]: ADB0A1AC05108: to=vanilson.parre...@domain.com.br, relay=correio.domain.com.br[private/dovecot-lmtp], conn_use=6, delay=13, delays=0.07/0/0/13, dsn=4.2.0, status=deferred (host correio.domain.com.br[private/dovecot-lmtp] said: 451 4.2.0 vanilson.parre...@domain.com.br Message was expunged (received-date) (in reply to end of DATA command)) (successfull delivery) Jun 25 12:34:42 correio postfix/lmtp[6411]: ADB0A1AC05108: to=vanilson.parre...@domain.com.br, relay=correio.domain.com.br[private/dovecot-lmtp], delay=2716, delays=2714/0/0/2.3, dsn=2.0.0, status=sent (250 2.0.0 vanilson.parre...@domain.com.br U7pOLAHsqlPvMgAAHvf8vg Saved) During these two log entries, absolutely nothing was changed, no configuration, absolutely nothing. Everything is local, i mean, no NFS involved. So, finally, question is: what does the 'message was expunged' message given from LMTP means ??? This is happening quite often but, as i mentionted, sooner or later all messages are getting delivered. It's working despite the delay this is causing. [root@correio log]# dovecot --version 2.2.13 -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: Managing users and home dirs
Just a quick update on the below ... The 3-node setup is working cleanly now. One master/backup DB node, two dovecot nodes, using Percona Xtradb Cluster 5.5. All replication (percona and dovecot dsync) is via ipsec tunnels. Adding a user or new domain is a matter of creating a /var/mail/newusers.txt file, containing the list of users to be added. john,doe.com,password,John Doe user A cronjob on both dovecot nodes scans the user database and the /var/mail dirs. For any new users in the file it adds them to the DB and creates their userdir/Maildir. Any new user in the DB without a userdir, it creates their userdir/Maildir. So it's a max of 5 minutes for a new user to be available on node1, and another 5 minutes to be replicated to node2. Once the users are created, the newusers.txt file is deleted. It would be nice to use a database trigger to create the userdir/Maildir immediately rather than the cronjob, but I haven't got that figured out yet. I found the lib_mysqludf_sys UDF library, but it doesn't seem to be working. Some issue with the db replication I think. Any ideas for creating a directory from a mysql trigger ? On 2014-06-21 11:12, deano-dove...@areyes.com wrote: For those of you using virtual users, and SQL, how are you managing your users and their home dirs ? That is, what process do you use for adding/deleting users, creating their home dirs etc ? I suppose it's easy enough to do manually, inserting rows in the database, creating dirs, chown/chmod yada yada, but there must be a better way to do it ... If you're doing dovecot replication then it gets even more cumbersome, having to duplicate the effort in two places (and make sure it's correct). I have a nice test setup using Percona XtraDB Clustering in a 3-node cluster which works swimmingly, albeit in VMs only at the moment. A master DB node and two dovecot nodes. Dovecot replication is up and running nicely too, and I almost have all the communications going over ipsec tunnels, so it will be nice and secure. D.
imap/pop3/lmtp proxy question/problem
Dear list, We are finally back to our task of migrating from cyrus to dovecot. dovecot mostly does what we want in terms of POP3/IMAP server. Now we are preparing for migration. The plan is to use dovecot as proxy for not-yet migrated accounts. This works wonderfully for IMAP but not for LMTP. Here's what I find in the logs when I try to deliver e-mail to the dovecot lmtp port: Jun 25 19:03:06 klee dovecot: lmtp(5037): Debug: none: root=, index=, indexpvt=, control=, inbox=, alt= Jun 25 19:03:06 klee dovecot: lmtp(5037): Connect from IP-address Jun 25 19:03:06 klee dovecot: lmtp(5037): Debug: user USER: Auth PASS lookup returned temporary failure: reason=Configured passdbs don't support crentials lookups Jun 25 19:03:06 klee dovecot: lmtp(5037): Debug: auth input: reason=Configured passdbs don't support crentials lookups Delivery works fine without proxy (lmtp_proxy = no). What I would need to do is to configure the proxy part so that POP3/IMAP uses the accounts username/password and LMTP uses a special account to deliver e-mail. This is dovecot-ldap.auth (the =proxy=y will be replaced by a field from ldap once the tests work): uris = ldaps://our.ldap.server/ tls = no auth_bind = yes base = dc=mur,dc=at deref = never scope = subtree user_attrs = =home=/srv/vmail/mail/%Lu,=uid=999,=gid=999 user_filter = ((objectClass=posixAccount)(uid=%u)) pass_attrs = uid=user,userPassword=password,=proxy=y,=host=our.imap.server,=starttls=yes iterate_attrs = uid=user iterate_filter = (objectClass=posixAccount) dovecot -n # 2.2.13: /etc/dovecot/dovecot.conf # OS: Linux 3.14-1-amd64 x86_64 Debian jessie/sid auth_verbose = yes disable_plaintext_auth = no lmtp_proxy = yes login_greeting = Dovecot is spitze! mail_debug = yes mail_location = maildir:/srv/vmail/mail/%u mail_plugins = acl namespace { hidden = no inbox = no list = children location = maildir:/srv/vmail/mail/%%u:INDEX=/srv/vmail/mail/%u/shared/%%u prefix = shared.%%u. separator = . subscriptions = yes type = shared } namespace inbox { hidden = no ignore_on_failure = no inbox = yes list = yes location = mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Junk { auto = subscribe special_use = \Junk } mailbox Sent { auto = subscribe special_use = \Sent } mailbox Trash { auto = subscribe special_use = \Trash } prefix = INBOX. separator = . subscriptions = yes type = private } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { acl = vfile acl_shared_dict = file:/var/lib/dovecot/db/shared-mailboxes.db sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap lmtp pop3 service auth { unix_listener auth-userdb { group = vmail user = vmail } } service lmtp { inet_listener lmtp { address = 172.16.16.78 port = 24 } user = vmail } ssl_cert = /etc/dovecot/server.pem ssl_key = /etc/dovecot/private/server.pem userdb { driver = prefetch } userdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } protocol lmtp { mail_plugins = acl quota sieve postmaster_address = postmas...@mur.at } protocol imap { mail_plugins = acl imap_acl } Regards, -- j.hofmüller Gerüchtegenerator http://plagi.at/geruecht signature.asc Description: OpenPGP digital signature