Re: mail_log plugin and uid=error in log file
Il 01/12/2015 16:31, Timo Sirainen ha scritto: On 01 Dec 2015, at 11:36, Alessio Cecchiwrote: Hi, I enabled notify and mail_log plugins to log the message uid for new emails delivered via LMTP. All works fine except that the uid is not always logged (see uid=error instead of uid=NUMBER) from dovecot.log: Dec 01 10:03:08 lmtp(ales...@domain.com): Info: copy from : box=INBOX, uid=error, msgid=<14489...@domain.com>, from="WordPress" , subject=Enquiry from Joy Dec 01 10:03:09 lmtp(ales...@domain.com): Info: copy from : box=INBOX, uid=92, msgid=<03c4e...@www.domain.com>, from="WordPress" , subject=Enquiry from Joy Does this help? http://hg.dovecot.org/dovecot-2.2/rev/25d63d9c7f5a I applied the patch and seems works fine. Thanks! -- Alessio Cecchi Postmaster @ http://www.qboxmail.it https://www.linkedin.com/in/alessice
[patch] Fix for bug in TLS/SSL for LMTP with chained certificates
Hi, In case of tl;dr: I fixed a bug in TLS support for LMTP which caused chained certificates not to work, and another one which caused certificate read errors to be ignored; the patches are attached to this email. While testing LMTP with TLS and certificate verification by Postfix I discovered that certificate chains are not exchanged properly when using LMTP, even though everything works fine for POP3 and IMAP (both with or without STARTTLS). On LMTP only the server certificate is included in the TLS handshake, no intermediate certificates are provided by the server. The first problem I fixed is that in lib-ssl-iostream/iostream-openssl-context.c errors from the ssl_ctx_use_certificate_chain function are silently ignored because the function returns 0 for a failure but the caller checks for values smaller than 0. This problem is fixed in the tiny patch dovecot-2.2.19-ssl_ctx_certificate_chain_returnvalue.diff. After applying this patch the following error message appears in the logs for LMTP only (IMAP and POP3 still work fine): dovecot: lmtp(20683): Error: SSL context initialization failed, disabling SSL: Can't load SSL certificate: error:0608308E:digital envelope routines:EVP_PKEY_get1_EC_KEY:expecting a ec key It turns out this issue is not related to the reading of the certificate or its associated chain. Somewhere before ssl_ctx_use_certificate_chain is called an error is put in the OpenSSL error queue which is never retrieved. Only after loading the server certificate is the queue checked and because of the previously existing error the chain is not loaded. I think the error is related to setting specific protocol options in ssl_iostream_context_set (which may be different for LMTP than for IMAP or POP3) but I did not investigate this. I made the problem go away by making the following two changes: 1. The ssl_ctx_use_certificate_chain function now empties the OpenSSL error queue before doing its work by calling ERR_get_error() until the queue is empty. 2. The openssl_iostream_error function in a similar fashion empties the queue and returns only the error message for the most recent error (this prevent earlier errors from 'hiding' later/more relevant ones). After applying this second patch LMTP now works properly with certificate chains. Note that this patch makes previously unhandled errors simply 'disappear' from the queue, which may be a Very Bad Thing. I guess there is a more elegant way of handling this "queued error" issue but this works for me now and I'm actually not a C programmer. These two fixes are included in dovecot-2.2.19-lmtp_ssl_bug.diff. I suspect this is the same issue as the one reported by Piotr Rotter to this list on July the 27th. Kind regards, -- Sebastiaan Hoogeveen NederHost https://www.nederhost.nl/ KvK: 34099781 dovecot-2.2.19-ssl_ctx_certificate_chain_returnvalue.diff Description: Binary data dovecot-2.2.19-lmtp_ssl_bug.diff Description: Binary data
Re: Dovecot doesn't sent rejection message user overquota
On 2015-12-02 09:13:04 +0100, Antonello Cioffi wrote: > Dec 2 08:58:49 posta2 dovecot: lda(antonen): > msgid=<565ea4b9.1020...@uniparthenope.it>: Permanently failed to send > rejection: smtp(mail.uniparthenope.it): DATA failed: 550 5.7.1 no > third-party DSNs smells like an error message from your smtp server. -- openSUSE - SUSE Linux is my linux openSUSE is good for you www.opensuse.org
Interpreting keywords
I've marked several messages in Thunderbird using tags. Tags used are: 0 Important 1 Work 2 To Do 3 Personal 4 Later The messages so tagged appear to have the flag fields set in the IMAP Maildir: cur/1449002162.8993_0.mail:2,Sb cur/1449001929.28087_0.mail:2,Sad I've looked in dovecot-keywords and find: $ more dovecot-keywords 0 $label1 1 $label2 2 $label3 3 $label4 I assume these "$label" values are macros that possibly refer to "Important", "Work", etc., but where are these $label's defined? Are they defined in the dovecot configs somewhere or does the mail client just "know" what these correspond to? --Mark
doveadm backup -R
We're using doveadm -o imapc_user="$USER" -o imapc_password="$PASSWORD" -o imapc_host=$SERVER1 -o pop3c_user="$USER" -o pop3c_password="$PASSWORD" -o pop3c_host=$SERVER1 -D -v backup -R -u "$USER" imapc: to migrate Mails from Courier to Dovecot. We have some complaints on the old system that there are changes on the old system where delete mails are appearing again (IMAP) and/or mails are downloaded several times (POP3). AFAIK there can't be changes on the old system if "backup -R" is used. Or is there any situation where changes on the old system (where we connect with imapc) may happen? Peer -- Heinlein Support GmbH Schwedter Str. 8/9b, 10119 Berlin http://www.heinlein-support.de Tel: 030 / 405051-42 Fax: 030 / 405051-19 Zwangsangaben lt. §35a GmbHG: HRB 93818 B / Amtsgericht Berlin-Charlottenburg, Geschäftsführer: Peer Heinlein -- Sitz: Berlin
Re: Interpreting keywords
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 2 Dec 2015, Mark Foley wrote: I've marked several messages in Thunderbird using tags. Tags used are: 0 Important The messages so tagged appear to have the flag fields set in the IMAP Maildir: cur/1449002162.8993_0.mail:2,Sb cur/1449001929.28087_0.mail:2,Sad I've looked in dovecot-keywords and find: $ more dovecot-keywords 0 $label1 I assume these "$label" values are macros that possibly refer to "Important", "Work", etc., but where are these $label's defined? Are they defined in the dovecot configs somewhere or does the mail client just "know" what these correspond to? The latter, see http://superuser.com/questions/983401/import-export-or-retrieve-thunderbird-tags-from-imap-server - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBVl/vrHz1H7kL/d9rAQIuhAgApkilRQwWk4wdskpnqpfM9/4hshiTke3P n/3z4wK8J6El2PxSI+pIxdRfIB5wHpa8pJ/Q9LNrWWKUzHQMsTvzdBTbwuf45hj2 KZN9sv1I+3CI3fcBMUkagxI/ds8IK3tNm079HajW7cIFkKRhT8GDKdGsPNJU/WG5 PI7LPctefYWyb8bSEY80946pkAr/dnIybwpS+B6QX9KnHIIktYGcNUIwqZLX1zaR SBiu2rBrrNPNPEQLbyCS+suUoC10+0o+SopP3HmYJjQIjqzh2vtXUTt1m12lgffC GR43JrKVHMTo/ZLM30XQdjNfySLsAOvh/sW/8rWS6dMlBT2aXe/2Fw== =4du1 -END PGP SIGNATURE-
Re: Dovecot doesn't sent rejection message user overquota
Il 01/12/2015 16:19, Timo Sirainen ha scritto: On 01 Dec 2015, at 17:10, Antonello Cioffiwrote: Hi I'm using postfix+dovecot (2.2.18). The problem is that dovecot silently discard message when user has its own mailbox full without sending rejection message to the sender. Here a sample log: Dec 1 14:54:23 posta2 postfix/smtp[21478]: B315111C00B: to= , relay=192.168.241.110[192.168.241.110]:25, delay=0.4, delays=0.2/0/0/0.2, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as C27BF1244DD) Dec 1 14:54:23 posta2 dovecot: lda(antonen): Error: sieve: msgid=<565da68e.8060...@uniparthenope.it>: failed to store into mailbox 'INBOX': Quota exceeded (mailbox for user is full) Dec 1 14:54:23 posta2 dovecot: lda(antonen): sieve: Execution of script /usr/local/etc/dovecot/sieve/default.sieve failed with unsuccessful implicit keep Dec 1 14:54:23 posta2 dovecot: lda(antonen): msgid=<565da68e.8060...@uniparthenope.it>: rejected: Quota exceeded (mailbox for user is full) Dec 1 14:54:23 posta2 postfix/pipe[21020]: 111FB11C00B: to= , relay=dovecot, delay=0.14, delays=0.05/0.01/0/0.09, dsn=2.0.0, status=sent (delivered via dovecot service) Dovecot should have sent a bounce message at that time. I guess that doesn't work for some reason. By default Dovecot uses: sendmail_path = /usr/sbin/sendmail Also you can instead have it send it via SMTP by setting submission_host setting. And finally if you give -e parameter to dovecot-lda, it won't send a bounce itself but instead will exit with 77 causing Postfix to send the bounce. Hi I don't set -e parameter. Now I set "submission_host = mail.uniparthenope.it" to use smtp instead of sendmail_path and the result is now: Dec 2 08:58:49 posta2 dovecot: lda(antonen): msgid=<565ea4b9.1020...@uniparthenope.it>: Permanently failed to send rejection: smtp(mail.uniparthenope.it): DATA failed: 550 5.7.1 no third-party DSNs Regards -- Dott. Antonello Cioffi Ufficio Servizi Informatici Università degli Studi di Napoli Parthenope Tel. 081/5475292 - Fax. 081/5475180
Re: doveadm backup -R
On 02 Dec 2015, at 10:25, Peer Heinleinwrote: > > > > We're using > > doveadm -o imapc_user="$USER" -o imapc_password="$PASSWORD" -o > imapc_host=$SERVER1 -o pop3c_user="$USER" -o pop3c_password="$PASSWORD" > -o pop3c_host=$SERVER1 -D -v backup -R -u "$USER" imapc: > > to migrate Mails from Courier to Dovecot. > > > We have some complaints on the old system that there are changes on the > old system where delete mails are appearing again (IMAP) and/or mails > are downloaded several times (POP3). > > AFAIK there can't be changes on the old system if "backup -R" is used. > > Or is there any situation where changes on the old system (where we > connect with imapc) may happen? No.. There really shouldn't be any changes to the source when doveadm backup is used. I can't think of any reason for the behavior you're seeing. You could enable pop3c_rawlog_dir and imapc_rawlog_dir though to see what dsync is doing.