Re: mail_log plugin and uid=error in log file

2015-12-02 Thread Alessio Cecchi 


Il 01/12/2015 16:31, Timo Sirainen ha scritto:

On 01 Dec 2015, at 11:36, Alessio Cecchi  wrote:


Hi,

I enabled notify and mail_log plugins to log the message uid for new emails 
delivered via LMTP. All works fine except that the uid is not always logged 
(see uid=error instead of uid=NUMBER)

from dovecot.log:

Dec 01 10:03:08 lmtp(ales...@domain.com): Info: copy from : box=INBOX, uid=error, 
msgid=<14489...@domain.com>, from="WordPress" , subject=Enquiry 
from Joy

Dec 01 10:03:09 lmtp(ales...@domain.com): Info: copy from : box=INBOX, uid=92, 
msgid=<03c4e...@www.domain.com>, from="WordPress" , 
subject=Enquiry from Joy


Does this help? http://hg.dovecot.org/dovecot-2.2/rev/25d63d9c7f5a



I applied the patch and seems works fine.

Thanks!
--
Alessio Cecchi
Postmaster @ http://www.qboxmail.it
https://www.linkedin.com/in/alessice

[patch] Fix for bug in TLS/SSL for LMTP with chained certificates

2015-12-02 Thread NederHost/Sebastiaan Hoogeveen 
Hi,

In case of tl;dr: I fixed a bug in TLS support for LMTP which caused chained 
certificates not to work, and another one which caused certificate read errors 
to be ignored; the patches are attached to this email.

While testing LMTP with TLS and certificate verification by Postfix I 
discovered that certificate chains are not exchanged properly when using LMTP, 
even though everything works fine for POP3 and IMAP (both with or without 
STARTTLS). On LMTP only the server certificate is included in the TLS 
handshake, no intermediate certificates are provided by the server.

The first problem I fixed is that in 
lib-ssl-iostream/iostream-openssl-context.c errors from the 
ssl_ctx_use_certificate_chain function are silently ignored because the 
function returns 0 for a failure but the caller checks for values smaller than 
0. This problem is fixed in the tiny patch 
dovecot-2.2.19-ssl_ctx_certificate_chain_returnvalue.diff.

After applying this patch the following error message appears in the logs for 
LMTP only (IMAP and POP3 still work fine): 

dovecot: lmtp(20683): Error: SSL context initialization failed, disabling SSL: 
Can't load SSL certificate: error:0608308E:digital envelope 
routines:EVP_PKEY_get1_EC_KEY:expecting a ec key

It turns out this issue is not related to the reading of the certificate or its 
associated chain. Somewhere before ssl_ctx_use_certificate_chain is called an 
error is put in the OpenSSL error queue which is never retrieved. Only after 
loading the server certificate is the queue checked and because of the 
previously existing error the chain is not loaded. I think the error is related 
to setting specific protocol options in ssl_iostream_context_set (which may be 
different for LMTP than for IMAP or POP3) but I did not investigate this.

I made the problem go away by making the following two changes:

1. The ssl_ctx_use_certificate_chain function now empties the OpenSSL error 
queue before doing its work by calling ERR_get_error() until the queue is empty.

2. The openssl_iostream_error function in a similar fashion empties the queue 
and returns only the error message for the most recent error (this prevent 
earlier errors from 'hiding' later/more relevant ones).

After applying this second patch LMTP now works properly with certificate 
chains. Note that this patch makes previously unhandled errors simply 
'disappear' from the queue, which may be a Very Bad Thing. I guess there is a 
more elegant way of handling this "queued error" issue but this works for me 
now and I'm actually not a C programmer. These two fixes are included in 
dovecot-2.2.19-lmtp_ssl_bug.diff.

I suspect this is the same issue as the one reported by Piotr Rotter to this 
list on July the 27th.

Kind regards,

-- 
Sebastiaan Hoogeveen

NederHost
https://www.nederhost.nl/
KvK: 34099781


dovecot-2.2.19-ssl_ctx_certificate_chain_returnvalue.diff
Description: Binary data


dovecot-2.2.19-lmtp_ssl_bug.diff
Description: Binary data

Re: Dovecot doesn't sent rejection message user overquota

2015-12-02 Thread Marcus Rueckert 
On 2015-12-02 09:13:04 +0100, Antonello Cioffi wrote:
> Dec  2 08:58:49 posta2 dovecot: lda(antonen):
> msgid=<565ea4b9.1020...@uniparthenope.it>: Permanently failed to send
> rejection: smtp(mail.uniparthenope.it): DATA failed: 550 5.7.1 no
> third-party DSNs

smells like an error message from your smtp server.


-- 
   openSUSE - SUSE Linux is my linux
   openSUSE is good for you
   www.opensuse.org

Interpreting keywords

2015-12-02 Thread Mark Foley 
I've marked several messages in Thunderbird using tags. Tags used are:

0 Important
1 Work
2 To Do
3 Personal
4 Later

The messages so tagged appear to have the flag fields set in the IMAP Maildir:

cur/1449002162.8993_0.mail:2,Sb
cur/1449001929.28087_0.mail:2,Sad

I've looked in dovecot-keywords and find:

$ more dovecot-keywords 
 0 $label1
 1 $label2
 2 $label3
 3 $label4
 
I assume these "$label" values are macros that possibly refer to "Important", 
"Work", etc., but
where are these $label's defined? Are they defined in the dovecot configs 
somewhere or does the
mail client just "know" what these correspond to?

--Mark

doveadm backup -R

2015-12-02 Thread Peer Heinlein 


We're using

doveadm -o imapc_user="$USER"  -o imapc_password="$PASSWORD"  -o
imapc_host=$SERVER1 -o pop3c_user="$USER" -o pop3c_password="$PASSWORD"
-o pop3c_host=$SERVER1 -D -v backup -R -u "$USER" imapc:

to migrate Mails from Courier to Dovecot.


We have some complaints on the old system that there are changes on the
old system where delete mails are appearing again (IMAP) and/or mails
are downloaded several times (POP3).

AFAIK there can't be changes on the old system if "backup -R" is used.

Or is there any situation where changes on the old system (where we
connect with imapc) may happen?

Peer




-- 
Heinlein Support GmbH
Schwedter Str. 8/9b, 10119 Berlin

http://www.heinlein-support.de

Tel: 030 / 405051-42
Fax: 030 / 405051-19

Zwangsangaben lt. §35a GmbHG: HRB 93818 B / Amtsgericht
Berlin-Charlottenburg,
Geschäftsführer: Peer Heinlein -- Sitz: Berlin

Re: Interpreting keywords

2015-12-02 Thread Steffen Kaiser 

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Wed, 2 Dec 2015, Mark Foley wrote:


I've marked several messages in Thunderbird using tags. Tags used are:

0 Important




The messages so tagged appear to have the flag fields set in the IMAP Maildir:

cur/1449002162.8993_0.mail:2,Sb
cur/1449001929.28087_0.mail:2,Sad

I've looked in dovecot-keywords and find:

$ more dovecot-keywords
0 $label1

I assume these "$label" values are macros that possibly refer to "Important", 
"Work", etc., but
where are these $label's defined? Are they defined in the dovecot configs 
somewhere or does the
mail client just "know" what these correspond to?


The latter, see 
http://superuser.com/questions/983401/import-export-or-retrieve-thunderbird-tags-from-imap-server


- -- 
Steffen Kaiser

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQEVAwUBVl/vrHz1H7kL/d9rAQIuhAgApkilRQwWk4wdskpnqpfM9/4hshiTke3P
n/3z4wK8J6El2PxSI+pIxdRfIB5wHpa8pJ/Q9LNrWWKUzHQMsTvzdBTbwuf45hj2
KZN9sv1I+3CI3fcBMUkagxI/ds8IK3tNm079HajW7cIFkKRhT8GDKdGsPNJU/WG5
PI7LPctefYWyb8bSEY80946pkAr/dnIybwpS+B6QX9KnHIIktYGcNUIwqZLX1zaR
SBiu2rBrrNPNPEQLbyCS+suUoC10+0o+SopP3HmYJjQIjqzh2vtXUTt1m12lgffC
GR43JrKVHMTo/ZLM30XQdjNfySLsAOvh/sW/8rWS6dMlBT2aXe/2Fw==
=4du1
-END PGP SIGNATURE-

Re: Dovecot doesn't sent rejection message user overquota

2015-12-02 Thread Antonello Cioffi 

Il 01/12/2015 16:19, Timo Sirainen ha scritto:

On 01 Dec 2015, at 17:10, Antonello Cioffi  
wrote:

Hi

I'm using postfix+dovecot (2.2.18).

The problem is that dovecot silently discard message when user has its own 
mailbox full without sending rejection message to the sender.

Here a sample log:

Dec  1 14:54:23 posta2 postfix/smtp[21478]: B315111C00B: 
to=, relay=192.168.241.110[192.168.241.110]:25, 
delay=0.4, delays=0.2/0/0/0.2, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 
C27BF1244DD)
Dec  1 14:54:23 posta2 dovecot: lda(antonen): Error: sieve: 
msgid=<565da68e.8060...@uniparthenope.it>: failed to store into mailbox 
'INBOX': Quota exceeded (mailbox for user is full)
Dec  1 14:54:23 posta2 dovecot: lda(antonen): sieve: Execution of script 
/usr/local/etc/dovecot/sieve/default.sieve failed with unsuccessful implicit 
keep
Dec  1 14:54:23 posta2 dovecot: lda(antonen): 
msgid=<565da68e.8060...@uniparthenope.it>: rejected: Quota exceeded (mailbox 
for user is full)
Dec  1 14:54:23 posta2 postfix/pipe[21020]: 111FB11C00B: 
to=, relay=dovecot, delay=0.14, 
delays=0.05/0.01/0/0.09, dsn=2.0.0, status=sent (delivered via dovecot service)

Dovecot should have sent a bounce message at that time. I guess that doesn't 
work for some reason. By default Dovecot uses:

sendmail_path = /usr/sbin/sendmail

Also you can instead have it send it via SMTP by setting submission_host 
setting. And finally if you give -e parameter to dovecot-lda, it won't send a 
bounce itself but instead will exit with 77 causing Postfix to send the bounce.


Hi

I don't set -e parameter.

Now I set "submission_host = mail.uniparthenope.it" to use smtp instead 
of sendmail_path and the result is now:


Dec  2 08:58:49 posta2 dovecot: lda(antonen): 
msgid=<565ea4b9.1020...@uniparthenope.it>: Permanently failed to send 
rejection: smtp(mail.uniparthenope.it): DATA failed: 550 5.7.1 no 
third-party DSNs


Regards

--
Dott. Antonello Cioffi
Ufficio Servizi Informatici
Università degli Studi di Napoli Parthenope
Tel. 081/5475292 - Fax. 081/5475180

Re: doveadm backup -R

2015-12-02 Thread Timo Sirainen 
On 02 Dec 2015, at 10:25, Peer Heinlein  wrote:
> 
> 
> 
> We're using
> 
> doveadm -o imapc_user="$USER"  -o imapc_password="$PASSWORD"  -o
> imapc_host=$SERVER1 -o pop3c_user="$USER" -o pop3c_password="$PASSWORD"
> -o pop3c_host=$SERVER1 -D -v backup -R -u "$USER" imapc:
> 
> to migrate Mails from Courier to Dovecot.
> 
> 
> We have some complaints on the old system that there are changes on the
> old system where delete mails are appearing again (IMAP) and/or mails
> are downloaded several times (POP3).
> 
> AFAIK there can't be changes on the old system if "backup -R" is used.
> 
> Or is there any situation where changes on the old system (where we
> connect with imapc) may happen?

No.. There really shouldn't be any changes to the source when doveadm backup is 
used. I can't think of any reason for the behavior you're seeing. You could 
enable pop3c_rawlog_dir and imapc_rawlog_dir though to see what dsync is doing.