Re: Disabling passdb pam in local.conf
On Mon, 20 Jun 2016 22:03:44 +0200 Patrick Ben Koetterwrote: > Greetings, > > I'm trying to create a configuration that leaves every config file > deployed by an install process or paket management software > untouched. The goal is to put every configuration required > into /etc/dovecot/local.conf. > > I've come quite far, but I fail to disable pam as passdb service in > local.conf. What I get if I run doveconf -n is this section: > > passdb { > driver = pam > } > > It is in there, because 10-auth.conf includes it: > > !include auth-system.conf.ext > > > These actions are not an option at the moment: > > - modify /etc/dovecot/conf.d/10-auth.conf and comment/remove the > !include-statement > - create an /etc/dovecot/dovecot.conf which would contain all options > required and would not include any other *.conf files > > Reading http://wiki2.dovecot.org/ConfigFile I see ways to include > external files, but nothing to exclude a file in local.conf. > > Knowing Timo I would expect there is a way to acchieve what I want. I > just don't seem to find it. > > What am I missing? That 10-auth.conf is actually meant to be edited. most distros should have configuration file handling pretty much figured out by now. so none of your changes to those files should get lost. also configuration management comes to mind. darix -- openSUSE - SUSE Linux is my linux openSUSE is good for you www.opensuse.org
Re: autocreate: We need "auto=init"!
On 13 May 2016, at 13:30, Peer Heinleinwrote: > > > There had been several discussions about the common problem, that > there's need for a autocreate-function that creates mailboxes ONLY for > new users that had never been logged in before. > > The reason: Existing users already HAVE "special folders" with localized > names. Creating "standard names" at every login will produce confusion, > because then they have multiple Sent-Folders and aren't be able to > delete them, because they'll always be recreated. > > I would love to have: > > 1) auto = init > Create the folders ONLY if the whole Storage-Folder (e.g.: ~/Maildir or > e.g. `/mdbox) is create (=creation of the INBOX itself). Don't create > any folder if the main INBOX already exists. Since there has to be a > hook to autoreate a non-existing INBOX it should be able to use this > action to also create the folders with auto=init at the same time. You should be able to implement this with http://wiki2.dovecot.org/Plugins/Welcome
Re: Bug with shared access to mailbox
On 03 Jun 2016, at 11:26, Davewrote: > >> We tested with 2.2.24, and were unable to reproduce the error. Can you >> try again with 2.2.24? > > Apologies for butting in, but I've been seeing exactly the same issue post > upgrade to 2.2.24 (from 2.2.18): > > [2016-06-02T10:38:28+0100] imap(x): Error: Corrupted index cache file > /mnt/index/8cc/95 > 2952/.INBOX/dovecot.index.cache: Broken MIME parts for mail UID 13758 in > mailbox INBOX: Cached MIME parts don't > match message during parsing: Cached header size mismatch > (parts=4100f7020a030508000 This bug should have been fixed by https://github.com/dovecot/core/commit/20faa69d801460e89aa0b1214f3db4b026999b1e + https://github.com/dovecot/core/commit/1bc6f1c54b4d77830288b8cf19060bd8a6db7b27
Re: fts lucene crashes in 2.2.24
On 29 May 2016, at 10:56, Wolfgang Rosenauerwrote: > > Hi, > > I've just enabled FTS via Lucene on my Dovecot 2.2.24 installation but I > see the indexer crashing ?always?. > > This simple testcase with a very tiny testing mailbox exposes the issue > immediately: > > doveadm -v index -u anmesse INBOX > > Program received signal SIGSEGV, Segmentation fault. > rescan_clear_unseen_mailbox (rescan_ctx=rescan_ctx@entry=0x0, > vname=0x55839820 "INBOX.Testfolder 2", hdr=hdr@entry=0x7fffdaf0) at > lucene-wrapper.cc:831 Should be fixed by https://github.com/dovecot/core/commit/0f801c1bd3d684c219d7f3b1e75f8b85f66f7951
Re: Dovecot 2.2.24 coredump client_check_command_hangs()
On 08 Jun 2016, at 12:23, Peter Erikssonwrote: > > I’m seeing core dumps from Dovecot’s imap process (around 1/day currently) > from client_check_command_hangs(). > > Dovecot 2.2.24 > OS: Solaris 10 > CPU: x86 > Filesystem: Local ZFS > > Most crashes are associated with one user (with 25GB of mail in his > mailboxes) but some (two) are also associated with other user with “just” > 10GB mail. > > Please find enclosed various log files/traces. Let me know if there is > something else I might be able to provide that might give more insight into > this. Could you also print in dbx: print *client->command_queue print *client->command_queue->next print *client->command_queue->next->next print *client->command_queue->next->next->next ..etc until it stops working Looks like there is still some bug with command pipelining.
Re: Pluggable SNI?
On 21 Jun 2016, at 22:58, Felipe Gasperwrote: > > Hello, > > How feasible would it be to have a “pluggable” Dovecot setup that would > permit arbitrary logic for fetching TLS/SNI certificates and key, rather than > having to hard-code each domain’s resources in a configuration file? > > A couple scenarios that I envision such a framework being able to > accommodate: > > 1) An internal TLS service that accepts queries via a UNIX socket by domain > name and returns certificate/key. > > 2) A directory where these resources are stored, indexed by domain name. Configuration settings are looked up from $base_dir/config socket. In theory you could replace this socket with your own proxy service, which forwards all requests to the real config process and changes the reply in whatever way you want. You should be able to change the default config socket with: service config { unix_listener config { path = config-old } }
Re: Storage upgrade maildir suggestions?
On 2016-06-21 07:17, Götz Reinicke - IT Koordinator wrote: Hi, we start to run out of diskspace soon as our users start to keep mails for longer time periods. That's fine, but space consuming. The maildirs are about 1 TB in total, and not long ago we enabled zlib which is very nice. Now I have some thoughts about the next steps: a) Migrating the whole system to a new server with more storage? b) Install a virtual server for the mailsystem and an extra storage system may be NFS? c) Stay with the current server and move all mails to a bigger NFS storage. The last option c) would be the most easy one for me as I currently have NFS space. Any thoughts? Hints regarding the NFS storage? Pros Cons? I have seen the dovecot wiki on NFS already and for now we will stay with one single dovecot server. FC or iSCSI as storage. and always have a lvm layer between your HW and the FS. that way you can easily attach more disk to the stripe set and grow your storage that way. darix -- openSUSE - SUSE Linux is my linux openSUSE is good for you www.opensuse.org
Pluggable SNI?
Hello, How feasible would it be to have a “pluggable” Dovecot setup that would permit arbitrary logic for fetching TLS/SNI certificates and key, rather than having to hard-code each domain’s resources in a configuration file? A couple scenarios that I envision such a framework being able to accommodate: 1) An internal TLS service that accepts queries via a UNIX socket by domain name and returns certificate/key. 2) A directory where these resources are stored, indexed by domain name. Thank you! -FG
Re: Storage upgrade maildir suggestions?
Gotz, at that level of usage I would just add more drives. Working with NFS/clustering is not worth it when you are at that level. In the following months I'll send a e-mail to the list here talking about how I'm using Ceph FS successfully with Dovecot, but it's a lot of trouble. At the 1TB/2TB/4TB level, just go out and buy a bigger disk. As a side note, with too may emails it is always a problem to have too many small files. I would recommend taking a look at mdbox. Best, Daniel Colchete On Tue, Jun 21, 2016 at 4:17 AM, Götz Reinicke - IT Koordinator < goetz.reini...@filmakademie.de> wrote: > Hi, > > we start to run out of diskspace soon as our users start to keep mails > for longer time periods. That's fine, but space consuming. > > The maildirs are about 1 TB in total, and not long ago we enabled zlib > which is very nice. > > Now I have some thoughts about the next steps: > > a) Migrating the whole system to a new server with more storage? > > b) Install a virtual server for the mailsystem and an extra storage > system may be NFS? > > c) Stay with the current server and move all mails to a bigger NFS storage. > > The last option c) would be the most easy one for me as I currently have > NFS space. > > Any thoughts? Hints regarding the NFS storage? Pros Cons? > > I have seen the dovecot wiki on NFS already and for now we will stay > with one single dovecot server. > > > Thanks and regards . Götz > > > >
Re: Disabling passdb pam in local.conf
On 16-06-21 07:20:49, Edgar Pettijohn wrote: > > > Sent from my iPhone > > > On Jun 21, 2016, at 6:46 AM, Ralf Hildebrandtwrote: > > > > * Edgar Pettijohn : > > > >>> Only /etc/dovecot/local.conf should be changed. > >> So you want the standard files to remain unchanged from default settings > >> and override them with your settings in local.conf? > > > > Exactly (he said that in his initial mail). > > > Sorry for requesting verification. > > However, to answer the question. I don't think it's possible. There are a lot > of neat config options, but I don't think the exact use case is possible. It > may be easy to implement, im not familiar with dovecots parse_config(). Maybe > store the first occurrence of a setting, but replace it with the last > encountered. > > > -- > > [*] sys4 AG > > > > http://sys4.de, +49 (89) 30 90 46 64 > > Schlei??heimer Stra??e 26/MG, 80333 M??nchen > > > > Sitz der Gesellschaft: M??nchen, Amtsgericht M??nchen: HRB 199263 > > Vorstand: Patrick Ben Koetter, Marc Schiffbauer > > Aufsichtsratsvorsitzender: Florian Kirstein Sorry didn't send to list. -- Edgar Pettijohn
Re: Disabling passdb pam in local.conf
On 16-06-20 23:28:20, Patrick Ben Koetter wrote: > * Edgar Pettijohn: > > Is your goal to have "1" config file? > > No, that would eliminate the ability to change distro settings via the regular > package management. > > My goal is to add/remove what my service requires via the additional > local.conf. > > p@rick > > -- > [*] sys4 AG > > https://sys4.de, +49 (89) 30 90 46 64 > Schlei??heimer Stra??e 26/MG,80333 M??nchen > > Sitz der Gesellschaft: M??nchen, Amtsgericht M??nchen: HRB 199263 > Vorstand: Patrick Ben Koetter, Marc Schiffbauer > Aufsichtsratsvorsitzender: Florian Kirstein > I'm not sure what you mean by "ability to change distro settings" -- Edgar Pettijohn
Re: Disabling passdb pam in local.conf
On 16-06-20 23:28:20, Patrick Ben Koetter wrote: > * Edgar Pettijohn: > > Is your goal to have "1" config file? > > No, that would eliminate the ability to change distro settings via the regular > package management. > > My goal is to add/remove what my service requires via the additional > local.conf. > > p@rick > > -- > [*] sys4 AG > > https://sys4.de, +49 (89) 30 90 46 64 > Schlei??heimer Stra??e 26/MG,80333 M??nchen > > Sitz der Gesellschaft: M??nchen, Amtsgericht M??nchen: HRB 199263 > Vorstand: Patrick Ben Koetter, Marc Schiffbauer > Aufsichtsratsvorsitzender: Florian Kirstein > What package management do you speak of? I've installed dovecot on several distros and haven't had to use anything other than the typical dovecot config files. -- Edgar Pettijohn
Re: Disabling passdb pam in local.conf
On 16-06-20 23:28:20, Patrick Ben Koetter wrote: > * Edgar Pettijohn: > > Is your goal to have "1" config file? > > No, that would eliminate the ability to change distro settings via the regular > package management. > > My goal is to add/remove what my service requires via the additional > local.conf. > > p@rick > > -- > [*] sys4 AG > > https://sys4.de, +49 (89) 30 90 46 64 > Schlei??heimer Stra??e 26/MG,80333 M??nchen > > Sitz der Gesellschaft: M??nchen, Amtsgericht M??nchen: HRB 199263 > Vorstand: Patrick Ben Koetter, Marc Schiffbauer > Aufsichtsratsvorsitzender: Florian Kirstein > By distro settings do you mean that you want a config that can be easily changed going from say Debian to FreeBSD? What package management do you speak of? -- Edgar Pettijohn
Re: Disabling passdb pam in local.conf
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 21 Jun 2016, Ralf Hildebrandt wrote: I'm trying to create a configuration that leaves every config file deployed by an install process or paket management software untouched. The goal is to put every configuration required into /etc/dovecot/local.conf. I've come quite far, but I fail to disable pam as passdb service in local.conf. What I get if I run doveconf -n is this section: passdb { driver = pam } It seems that there is no way of saying something like: remove passdb Adding new passdb entries is no problem, but removing existing ones is hard. I thought passwd 1 { driver = none } would do the trick, but you get an error about that this passdb is already defined. passdb 0 { passdb 2 { is fine, because they do not already exist. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBV2k483z1H7kL/d9rAQKAkQgApe4vem0lhSEcsgNK8W0jJjROC/z7N5Ij sNBdWolbzwP7I1cnNMP6cs7xHwneM7khmRh6PzNScHBoF6YpMkAb7MLWeXKpWLpN AafN9NOM6wBjr1Stzb4DzuztuKsFE806md96MgrSQKqfNKPNUDwlNpDW8yIRo07E kOi3CBRzur+ZVkUFXhtgtcejTpoo441WNUMbL9oFRatMv+lPVddLHMuNWINWoz2N kVtYdzN+hlTUHuI2wlWIs1J0YqiAVXbbsEHT8LExp9d30eMxbNiQDqX9hQlUSmax 2tTKPuiLZ8VRZytQcMfAHX0DmNfDga8/zvWrt9SRaLn5d9Qc4rGdPA== =5tei -END PGP SIGNATURE-
Re: Disabling passdb pam in local.conf
Sent from my iPhone > On Jun 21, 2016, at 6:46 AM, Ralf Hildebrandtwrote: > > * Edgar Pettijohn : > >>> Only /etc/dovecot/local.conf should be changed. >> So you want the standard files to remain unchanged from default settings and >> override them with your settings in local.conf? > > Exactly (he said that in his initial mail). > Sorry for requesting verification. However, to answer the question. I don't think it's possible. There are a lot of neat config options, but I don't think the exact use case is possible. It may be easy to implement, im not familiar with dovecots parse_config(). Maybe store the first occurrence of a setting, but replace it with the last encountered. > -- > [*] sys4 AG > > http://sys4.de, +49 (89) 30 90 46 64 > Schleißheimer Straße 26/MG, 80333 München > > Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 > Vorstand: Patrick Ben Koetter, Marc Schiffbauer > Aufsichtsratsvorsitzender: Florian Kirstein
Re: Disabling passdb pam in local.conf
* Patrick Ben Koetter: > Greetings, > > I'm trying to create a configuration that leaves every config file deployed by > an install process or paket management software untouched. The goal is to put > every configuration required into /etc/dovecot/local.conf. > > I've come quite far, but I fail to disable pam as passdb service in > local.conf. What I get if I run doveconf -n is this section: > > passdb { > driver = pam > } It seems that there is no way of saying something like: remove passdb Adding new passdb entries is no problem, but removing existing ones is hard. What is the actual problem? System accounts shouldn't be able to log-in? System accounts shouldn't be valid mailboxes? -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Schleißheimer Straße 26/MG, 80333 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein
Re: Disabling passdb pam in local.conf
* Edgar Pettijohn: > > Only /etc/dovecot/local.conf should be changed. > > > So you want the standard files to remain unchanged from default settings and > override them with your settings in local.conf? Exactly (he said that in his initial mail). -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Schleißheimer Straße 26/MG, 80333 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein
Re: Disabling passdb pam in local.conf
> On Jun 21, 2016, at 1:26 AM, Patrick Ben Koetterwrote: > > * Edgar Pettijohn : >> What distro settings? > > These files should remain unchanged: > > ~$ tree /etc/dovecot/ > /etc/dovecot/ > ├── conf.d > │ ├── 10-auth.conf > │ ├── 10-director.conf > │ ├── 10-logging.conf > │ ├── 10-mail.conf > │ ├── 10-master.conf > │ ├── 10-ssl.conf > │ ├── 10-tcpwrapper.conf > │ ├── 15-lda.conf > │ ├── 15-mailboxes.conf > │ ├── 20-imap.conf > │ ├── 90-acl.conf > │ ├── 90-plugin.conf > │ ├── 90-quota.conf > │ ├── auth-checkpassword.conf.ext > │ ├── auth-deny.conf.ext > │ ├── auth-master.conf.ext > │ ├── auth-passwdfile.conf.ext > │ ├── auth-sql.conf.ext > │ ├── auth-static.conf.ext > │ ├── auth-system.conf.ext > │ └── auth-vpopmail.conf.ext > ├── dovecot.conf > ├── dovecot-dict-sql.conf.ext > ├── dovecot.pem > ├── dovecot-sql.conf.ext > ├── private > └── README > > Only /etc/dovecot/local.conf should be changed. > So you want the standard files to remain unchanged from default settings and override them with your settings in local.conf? > p@rick > > > > >> >> Sent from my iPhone >> >>> On Jun 20, 2016, at 4:28 PM, Patrick Ben Koetter wrote: >>> >>> * Edgar Pettijohn : Is your goal to have "1" config file? >>> >>> No, that would eliminate the ability to change distro settings via the >>> regular >>> package management. >>> >>> My goal is to add/remove what my service requires via the additional >>> local.conf. >>> >>> p@rick >>> >>> -- >>> [*] sys4 AG >>> >>> https://sys4.de, +49 (89) 30 90 46 64 >>> Schleißheimer Straße 26/MG,80333 München >>> >>> Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 >>> Vorstand: Patrick Ben Koetter, Marc Schiffbauer >>> Aufsichtsratsvorsitzender: Florian Kirstein > > -- > [*] sys4 AG > > https://sys4.de, +49 (89) 30 90 46 64 > Schleißheimer Straße 26/MG,80333 München > > Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 > Vorstand: Patrick Ben Koetter, Marc Schiffbauer > Aufsichtsratsvorsitzender: Florian Kirstein >
Storage upgrade maildir suggestions?
Hi, we start to run out of diskspace soon as our users start to keep mails for longer time periods. That's fine, but space consuming. The maildirs are about 1 TB in total, and not long ago we enabled zlib which is very nice. Now I have some thoughts about the next steps: a) Migrating the whole system to a new server with more storage? b) Install a virtual server for the mailsystem and an extra storage system may be NFS? c) Stay with the current server and move all mails to a bigger NFS storage. The last option c) would be the most easy one for me as I currently have NFS space. Any thoughts? Hints regarding the NFS storage? Pros Cons? I have seen the dovecot wiki on NFS already and for now we will stay with one single dovecot server. Thanks and regards . Götz smime.p7s Description: S/MIME Cryptographic Signature
Re: Disabling passdb pam in local.conf
* Edgar Pettijohn: > What distro settings? These files should remain unchanged: ~$ tree /etc/dovecot/ /etc/dovecot/ ├── conf.d │ ├── 10-auth.conf │ ├── 10-director.conf │ ├── 10-logging.conf │ ├── 10-mail.conf │ ├── 10-master.conf │ ├── 10-ssl.conf │ ├── 10-tcpwrapper.conf │ ├── 15-lda.conf │ ├── 15-mailboxes.conf │ ├── 20-imap.conf │ ├── 90-acl.conf │ ├── 90-plugin.conf │ ├── 90-quota.conf │ ├── auth-checkpassword.conf.ext │ ├── auth-deny.conf.ext │ ├── auth-master.conf.ext │ ├── auth-passwdfile.conf.ext │ ├── auth-sql.conf.ext │ ├── auth-static.conf.ext │ ├── auth-system.conf.ext │ └── auth-vpopmail.conf.ext ├── dovecot.conf ├── dovecot-dict-sql.conf.ext ├── dovecot.pem ├── dovecot-sql.conf.ext ├── private └── README Only /etc/dovecot/local.conf should be changed. p@rick > > Sent from my iPhone > > > On Jun 20, 2016, at 4:28 PM, Patrick Ben Koetter wrote: > > > > * Edgar Pettijohn : > >> Is your goal to have "1" config file? > > > > No, that would eliminate the ability to change distro settings via the > > regular > > package management. > > > > My goal is to add/remove what my service requires via the additional > > local.conf. > > > > p@rick > > > > -- > > [*] sys4 AG > > > > https://sys4.de, +49 (89) 30 90 46 64 > > Schleißheimer Straße 26/MG,80333 München > > > > Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 > > Vorstand: Patrick Ben Koetter, Marc Schiffbauer > > Aufsichtsratsvorsitzender: Florian Kirstein > > -- [*] sys4 AG https://sys4.de, +49 (89) 30 90 46 64 Schleißheimer Straße 26/MG,80333 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein