Xi autobuilds restored
Hi, Xi had problems for more than a month now. I finally managed to access it yesterday, but it was a bit more broken than I anticipated. I had to re-install the whole system. It should now work as before. It is now Debian stable/amd64, so that is now also the master release, which is always built first. Regards, Stephan.
Re: Permissions problem with mdbox maildir
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, 18 Feb 2015, Emanuel Evans wrote:
Hi! Apologies if this has come up before, or if this is a duplicate
posting (I tried posting before but I think it got lost). Anyways, I'm
trying to set up an IMAP server with dovecot, and everything seems to be
more or less working except that I periodically see error messages like
this in my logs:
Feb 18 01:01:15 stark dovecot: lmtp(31956, r...@aleme.nu): Error:
link(/var/decrypted/vmail/aleme.nu/root/mailboxes/INBOX/dbox-Mails/dovecot.index,
/var/decrypted/vmail/aleme.nu/root/mailboxes/INBOX/dbox-Mails/dovecot.index.backup.tmp)
failed: Operation not permitted
I'm assuming it's a permissions problem with my maildir, but I can't
figure out what the relevant process is in order to fix it. The maildir
is owned by vmail with permissions set to 700; here is the output of
dovecot -n:
# 2.1.7: /etc/dovecot/dovecot.conf
# OS: Linux 3.2.0-4-amd64 x86_64 Debian 7.8 fuse.encfs
userdb {
args = uid=vmail gid=vmail home=/var/vmail/%d/%n
driver = static
}
As you can see, I'm keeping the maildir on an encfs-encrypted volume, in
case that's relevant. Please let me know any ideas for why this might be
happening. Thanks in advance!
Could you try what happens, if you create the hardlink manually as the
vmail user _two_ times, if the first link() succeeds. Maybe:
1) hard links won't work on your encfs,
2) link() fails with "Operation not permitted" instead of "File exists" in
your case, if the target file already exists.
Something like: sudo -u vmail ln \
/var/decrypted/vmail/aleme.nu/root/mailboxes/INBOX/dbox-Mails/dovecot.index \
/var/decrypted/vmail/aleme.nu/root/mailboxes/INBOX/dbox-Mails/dovecot.index.backup.tmp
- --
Steffen Kaiser
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
iQEVAwUBVOWOwHz1H7kL/d9rAQKT/wf/VceDCyJ+R2e4lo8ZKuAg7uIKrembrtEE
D73wzQcqiAkmzUXf9IbjmpUGRgwFISN3C9vrImpWbBjYad+WdV4joTB0ECCKSYN/
IdFNlZ+GG87w8Wc/3e7aLInsp83fX4COvnwih2PRs7qGAJVn4MSnaCA5ClU3quFB
s7CY2oj92x1kr/kOBidw/tLeKdhscP9u8k/Ih77oQaHyN45Lwa4jIcJRNvK4/o9u
UEW74QZsC3Fs9MZttsJlsHgtNtUtv2P3AjkpZ1Dwzghu66sX3T1n3RFOKNIMhNe5
mtiOP67UtR6JV2/9YvTrOrjYn1wR/zrqJe/TSKyXttpV21ljI6H87Q==
=DOx5
-END PGP SIGNATURE-
Permissions problem with mdbox maildir
Hi! Apologies if this has come up before, or if this is a duplicate
posting (I tried posting before but I think it got lost). Anyways, I'm
trying to set up an IMAP server with dovecot, and everything seems to be
more or less working except that I periodically see error messages like
this in my logs:
Feb 18 01:01:15 stark dovecot: lmtp(31956, r...@aleme.nu): Error:
link(/var/decrypted/vmail/aleme.nu/root/mailboxes/INBOX/dbox-Mails/dovecot.index,
/var/decrypted/vmail/aleme.nu/root/mailboxes/INBOX/dbox-Mails/dovecot.index.backup.tmp)
failed: Operation not permitted
I'm assuming it's a permissions problem with my maildir, but I can't
figure out what the relevant process is in order to fix it. The maildir
is owned by vmail with permissions set to 700; here is the output of
dovecot -n:
# 2.1.7: /etc/dovecot/dovecot.conf
# OS: Linux 3.2.0-4-amd64 x86_64 Debian 7.8 fuse.encfs
mail_gid = vmail
mail_location = mdbox:/var/decrypted/vmail/%d/%n
mail_uid = vmail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy
include variables body enotify environment mailbox date ihave
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
}
passdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
plugin {
antispam_allow_append_to_spam = no
antispam_dspam_args = --user;root;deliver=;--source=error;--client
antispam_spam = Junk
antispam_trash = Trash
sieve = ~/.dovecot.sieve
sieve_before = /var/lib/dovecot/sieve/before
sieve_dir = ~/sieve
sieve_global_dir = /var/lib/dovecot/sieve/global
}
protocols = " imap lmtp sieve"
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
}
}
service imap-login {
inet_listener imaps {
port = 993
ssl = yes
}
service_count = 1
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0600
user = postfix
}
user = vmail
}
... ...
userdb {
args = uid=vmail gid=vmail home=/var/vmail/%d/%n
driver = static
}
protocol lmtp {
mail_plugins = " sieve"
}
protocol imap {
mail_plugins = " antispam"
}
As you can see, I'm keeping the maildir on an encfs-encrypted volume, in
case that's relevant. Please let me know any ideas for why this might be
happening. Thanks in advance!
Emanuel
Re: lazy_expunge + mdbox
It appears to me that this issue is related to how lazy_expunge and last_instance work with mdbox - that is different from maildir. With maildir, the message is moved to the expunged namespace only when the last copy is removed (example: from trash folder). With mdbox, first time when you move message from one folder to another, dovecot creates a copy in the expunge namespace. When you delete messages or expunge them from Trash folder (example, nightly 'doveadm expunge' cronjob) they are simply deleted because they already have copies at expunged namespace. @Timo, is that correct ? This is what I could understand from my tests. Thanks, Fernando De: fernando.fig...@uol.com.br Enviada: Quarta-feira, 4 de Fevereiro de 2015 23:15 Para: dovecot@dovecot.org Assunto: lazy_expunge + mdbox Hi, I'm studying an issue related to mdbox and lazy_expunge. If it is active in the imap configuration, when you delete a message (copy to new folder + expunge old folder), a copy is also sent to the expunge namespace. I realize that is something related to mdbox and lazy_expunge_only_last_instance and found almost no references except this one (http://hg.dovecot.org/dovecot-2.2/file/24d6708cea76/TODO): lazy_expunge_only_last_instance=yes + mdbox doesn't work, because refcounts don't update immediately One other suggestion I found was to disable 'move' capability. Does anyone has other news regarding this issue ? Thanks, Fernando
Re: doveadm sync out of memory
On Feb 17, 2015, at 10:51 AM, FUSTE Emmanuel wrote: > Le 16/02/2015 20:40, Casey Stone a écrit : >> On Feb 13, 2015, at 3:42 PM, FUSTE Emmanuel >> wrote: >> >>> Le 13/02/2015 16:19, Casey Stone a écrit : On Feb 5, 2015, at 10:39 PM, Casey Stone wrote: > Hello: > > I've been looking forward to getting my mail server up to Dovecot 2.2+ to > be able to use the sync mechanism. I run my own mail server just for > myself, with a few different accounts, and want to keep a master and > backup server in sync. > > I'm running the Ubuntu server 14.04.1 mail stack which features Dovecot > 2.2.9 (and Postfix). My setup is to use system users (userdb passwd / > passdb pam) with ~/Maildir. I'll post full sanitized output of dovecot -n > if it seems necessary. I have not enabled any plugins (do I need the > replicator plugin active?) I have in my conf a doveadm_password defined. > > Anyway, after setting up an ssl listener on the main machine and after > considerable struggles with SSL, I was able to run doveadm sync from the > backup server successfully for a small mailbox (around 78 MB) with this > command: > > doveadm sync -R tcps:mainserver.example.com:12345 > > Since I run this command as the system user on the backup server (same > system users as main server) it 'just works' for the correct single user > with no further options required. My plan is to run a daily cron job to > sync once daily for each user. > > The problem is when I try to sync a larger mailbox, say 1 GB, > dsync-server on the remote (master) machine throws fatal error 83 Out of > Memory. I already raised vsz_limit to 512 MB. Problems probably arise > with mailboxes around 200 MB though I haven't tested specifically. So my > question is, is this expected and I will need to give my VM much more > memory to be able to use dovecot sync, or do I have something set wrong, > or is it a bug? > > Thanks for your help. No repsonses :-( Here is what it looks like when it crashes with an out of memory error: (start of the run) Feb 13 14:02:38 thepost dovecot: doveadm(10.0.1.22,tcstone): Debug: Effective uid=1002, gid=1002, home=/home/tcstone Feb 13 14:02:38 thepost dovecot: doveadm(10.0.1.22,tcstone): Debug: Namespace inbox: type=private, prefix=, sep=, inbox=yes, hidden=no, list$ Feb 13 14:02:38 thepost dovecot: doveadm(10.0.1.22,tcstone): Debug: maildir++: root=/data/tcstone/Maildir, index=, indexpvt=, control=, inbo$ Feb 13 14:02:39 thepost dovecot: dsync-server(tcstone): Debug: Namespace : Using permissions from /data/tcstone/Maildir: mode=0700 gid=defau$ Feb 13 14:02:39 thepost dovecot: dsync-server(tcstone): Debug: brain S: out state=send_mailbox_tree changed=1 <<>> (end of the run) Feb 13 14:02:52 thepost dovecot: dsync-server(tcstone): Fatal: pool_system_realloc(536870912): Out of memory Feb 13 14:02:52 thepost dovecot: dsync-server(tcstone): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x5e271) [0x7f9d2056b271] -> /usr/lib/dovecot/libdovecot.so.0(+0x5e34e) [0x7f9d2056b34e] -> /usr/lib/dovecot/libdovecot.so.0(i_error+0) [0x7f9d20526bf8] -> /usr/lib/dovecot/libdovecot.so.0(+0x72d53) [0x7f9d2057fd53] -> /usr/lib/dovecot/libdovecot.so.0(+0x7792a) [0x7f9d2058492a] -> /usr/lib/dovecot/libdovecot.so.0(+0x77be6) [0x7f9d20584be6] -> /usr/lib/dovecot/libdovecot.so.0(+0x78748) [0x7f9d20585748] -> /usr/lib/dovecot/libdovecot.so.0(o_stream_sendv+0x8d) [0x7f9d20583d7d] -> /usr/lib/dovecot/libdovecot.so.0(o_stream_send+0x1a) [0x7f9d20583e1a] -> /usr/lib/dovecot/modules/libssl_iostream_openssl.so(+0x4c05) [0x7f9d1f6a0c05] -> /usr/lib/dovecot/modules/libssl_iostream_openssl.so(openssl_iostream_bio_sync+0x21) [0x7f9d1f6a1881] -> /usr/lib/dovecot/modules/libssl_iostream_openssl.so(+0x7a4d) [0x7f9d1f6a3a4d] -> /usr/lib/dovecot/modules/libssl_iostream_openssl.so(+0x7d69) [0x7f9d1f6a3d69] -> /usr/lib/dovecot/libdovecot.so.0(o_stream_sendv+0x8d) [0x7f9d20583d7d] -> /usr/lib/dovecot/libdovecot.so.0(o_stream_nsendv+0xf) [0x7f9d20583e5f] -> /usr/lib/dovecot/libdovecot.so.0(o_stream_nsend+0x1a) [0x7f9d20583e8a] -> dovecot/doveadm-server(+0x2b03f) [0x7f9d20d3003f] -> dovecot/doveadm-server(+0x2c768) [0x7f9d20d31768] -> dovecot/doveadm-server(dsync_ibc_send_mail+0x29) [0x7f9d20d2f309] -> dovecot/doveadm-server(dsync_brain_sync_mails+0x5fc) [0x7f9d20d24a1c] -> dovecot/doveadm-server(dsync_brain_run+0x523) [0x7f9d20d20f93] -> dovecot/doveadm-server(+0x1c270) [0x7f9d20d21270] -> dovecot/doveadm-server(+0x2de60) [0x7f9d20d32e60] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x27) [0x7f9d2057b247] -> /usr/l
Re: how to run dovecot imap on separate server from postfix?
Am 18.02.2015 um 20:07 schrieb Robert Fantini: OK I got delivery from postfix to lmtp working , by changing from unix_listener to inet_listener . Reindl wrote "don't open the port for any other machine as the postfix server" I see that is important.. I assume that just a firewall setting? Or does the 'address' line in inet_listener lmtp have something to do with it? firewall as long as you don't have more than one network card and the interface dovecot is listening on is only reachable from the postfix server even if: *always* restrict the packet filter, sooner or later somebody will change something without realize the impact and hence if it comes to security put at least 2 safety nets in front of server ports On Wed, Feb 18, 2015 at 12:37 PM, Reindl Harald wrote: Am 18.02.2015 um 18:20 schrieb Reindl Harald: Am 18.02.2015 um 18:15 schrieb Robert Fantini: I'm trying to figure out the exact line to put to /etc/postfix/main.cf for local lmtp deliver we use: mailbox_transport = *lmtp:unix:private/dovecot-lmtp* for remote it is supposed to be:* lmtp:host:port* yet at the remote lmtp does not use ports. UNIX domain sockets are used instead so just configure dovecot lmtpd to listen on a TCP port, port 24 is reserved for that - and don't open the port for any other machine as the postfix server [harry@srv-rhsoft:~]$ cat /etc/services | grep -i lmtp lmtp24/tcp # LMTP Mail Delivery lmtp24/udp # LMTP Mail Delivery and since i answered the same question yet on the postfix list http://wiki2.dovecot.org/LMTP http://www.postfix.org/lmtp.8.html signature.asc Description: OpenPGP digital signature
Re: how to run dovecot imap on separate server from postfix?
OK I got delivery from postfix to lmtp working , by changing from unix_listener to inet_listener . Reindl wrote "don't open the port for any other machine as the postfix server" I see that is important.. I assume that just a firewall setting? Or does the 'address' line in inet_listener lmtp have something to do with it? On Wed, Feb 18, 2015 at 12:37 PM, Reindl Harald wrote: > > > Am 18.02.2015 um 18:20 schrieb Reindl Harald: > > >> Am 18.02.2015 um 18:15 schrieb Robert Fantini: >> >>> I'm trying to figure out the exact line to put to /etc/postfix/main.cf >>> >>> for local lmtp deliver we use: >>> mailbox_transport = *lmtp:unix:private/dovecot-lmtp* >>> >>> for remote it is supposed to be:* lmtp:host:port* >>> >>> yet at the remote lmtp does not use ports. UNIX domain sockets are used >>> instead >>> >> >> so just configure dovecot lmtpd to listen on a TCP port, port 24 is >> reserved for that - and don't open the port for any other machine as the >> postfix server >> >> [harry@srv-rhsoft:~]$ cat /etc/services | grep -i lmtp >> lmtp24/tcp # LMTP Mail Delivery >> lmtp24/udp # LMTP Mail Delivery >> > > and since i answered the same question yet on the postfix list > > http://wiki2.dovecot.org/LMTP > http://www.postfix.org/lmtp.8.html > >
Re: how to run dovecot imap on separate server from postfix?
Am 18.02.2015 um 18:20 schrieb Reindl Harald: Am 18.02.2015 um 18:15 schrieb Robert Fantini: I'm trying to figure out the exact line to put to /etc/postfix/main.cf for local lmtp deliver we use: mailbox_transport = *lmtp:unix:private/dovecot-lmtp* for remote it is supposed to be:* lmtp:host:port* yet at the remote lmtp does not use ports. UNIX domain sockets are used instead so just configure dovecot lmtpd to listen on a TCP port, port 24 is reserved for that - and don't open the port for any other machine as the postfix server [harry@srv-rhsoft:~]$ cat /etc/services | grep -i lmtp lmtp24/tcp # LMTP Mail Delivery lmtp24/udp # LMTP Mail Delivery and since i answered the same question yet on the postfix list http://wiki2.dovecot.org/LMTP http://www.postfix.org/lmtp.8.html signature.asc Description: OpenPGP digital signature
Re: how to run dovecot imap on separate server from postfix?
Am 18.02.2015 um 18:15 schrieb Robert Fantini: I'm trying to figure out the exact line to put to /etc/postfix/main.cf for local lmtp deliver we use: mailbox_transport = *lmtp:unix:private/dovecot-lmtp* for remote it is supposed to be:* lmtp:host:port* yet at the remote lmtp does not use ports. UNIX domain sockets are used instead so just configure dovecot lmtpd to listen on a TCP port, port 24 is reserved for that - and don't open the port for any other machine as the postfix server [harry@srv-rhsoft:~]$ cat /etc/services | grep -i lmtp lmtp24/tcp # LMTP Mail Delivery lmtp24/udp # LMTP Mail Delivery signature.asc Description: OpenPGP digital signature
Re: how to run dovecot imap on separate server from postfix?
I'm trying to figure out the exact line to put to /etc/postfix/main.cf for local lmtp deliver we use: mailbox_transport = *lmtp:unix:private/dovecot-lmtp* for remote it is supposed to be:* lmtp:host:port* yet at the remote lmtp does not use ports. UNIX domain sockets are used instead: netstat --listening --programs| grep lmtp unix 2 [ ACC ] STREAM LISTENING 8457 3696/dovecot /var/run/dovecot/lmtp unix 2 [ ACC ] STREAM LISTENING 7998 3834/master private/lmtp unix 2 [ ACC ] STREAM LISTENING 7630 3696/dovecot /var/spool/postfix/private/dovecot-lmtp Is there a different setting for lmtp using 'domain sockets' ? On Tue, Feb 17, 2015 at 5:02 PM, Robert Fantini wrote: > Hello again Reindl Harald > > I always thought Wietse Venema was only as smart as me ;-) > > seriously thank you for the help. > > On Tue, Feb 17, 2015 at 4:57 PM, Reindl Harald > wrote: > >> >> Am 17.02.2015 um 22:51 schrieb Robert Fantini: >> >>> I want to make sure that the postfix delivery does not give up trying to >>> get the email delivered when the lmtp host is not reachable. I do >>> not >>> just want to assume that the default settings are correct for us. >>> >>> Are there postfix or other settings which can be checked and adjusted? >>> >> >> postfix was *not* written by a moron and hence in any case any mail in >> the queue will be re-tried until "maximal_queue_lifetime" is reached >> >> there is no difference if lmtp is a unix socket or on the network because >> nobody can say for sure that the lmtpd on localhost is reachable 365/7/24 >> and hence any sane MTA handles errors properly >> >> >> On Tue, Feb 17, 2015 at 4:37 PM, Reindl Harald >>> wrote: >>> Am 17.02.2015 um 22:29 schrieb Robert Fantini: we are using version 2.2.13 on debian. > >currently imap runs on the same system as postfix , spamassassin > and > other mail related software. > >I'd like to move dovecot imapd and mail storage to its own system. > >I've search google and wiki and could not see how to do so. > >could someone please point me in the direction to that done? I like > reading documentation.. > > here is more info on our set up: > > postfix: > # grep dovecot /etc/postfix/* > /etc/postfix/main.cf:mailbox_transport = > lmtp:unix:private/dovecot-lmtp > /etc/postfix/main.cf:smtpd_sasl_type = dovecot > > just configure postfix to use "lmtp:host:port" of the dovecot machine >>> >> >
Re: Dovecot 2.1.7 random login fails
On Wed, 18 Feb 2015 07:49:04 +0100, Steffen Kaiser wrote: > did you've verified that the file exists and has a reasonable file size? The file in question is actually a unix socket that I guess is used to refresh the SSL data from the main privileged process. I don't know which process is actually logging the error, but the ssl- params file is root owned and is readable and writable by everyone.
