Authentication Penalty with ID x-originating-ip, HAproxy
The wiki states that anvil's authentication penalties are skipped when
IP is in login_trusted_networks.
http://wiki.dovecot.org/Authentication/Penalty
Is there a way to enable the authentication penalties for specific
advertised remote IPs, when the connecting IP is in
"login_trusted_networks", and it advertises the originating remote IP
via 'ID ("x-originating-ip", "")'?
And with regards to HAproxy, is anvil's authentication penalties by
default transparent with regards to the remote IP advertised in the
proxy protocol header?
/Tobias
Unread Mail flag being reset frequently with dovecot -git master-2.2
Hi again, I'm experiencing problems with the Dovecot git master-2.2 branch, in which mails that have been previously read are randomly appearing as unread. This happens slowly and affects more and more emails the more changes that occur to a mailbox. I am using Maildir format and on Gentoo Linux x86_64 on local disks. Usually only a few at a time change their status - and it seems to be random which ones lose their read status. Typically though they are the most recent emails that have been delivered in the past few months (I haven't yet seen this occur with any really old emails). This problem is MUA independent, it can be observed with Thunderbird as well as Roundcube. If I go in and mark all mails as read then they will show as read for a short while until they too slowly start become 'unread' again. Currently I'm running git rev from https://github.com/dovecot/core/commits/master-2.2 : f292589f4b85e02d97d974dfe34324c6c0bb9d9f (I can't run anything newer due to an SSL symbol error which I reported earlier). This rev: b1254dfe442639236f881afae85e0739520ab409 Is known to be good, so the problem started happening somewhere between these two. (I know there are a lot of in-between revisions, but bisecting that could take days of time). Dovecot config is up at: http://www.reub.net/files/dovecot/thunderstorm-dovecot.conf Rawlog debug files are at http://www.reub.net/files/dovecot/rawlogs/ Hopefully someone else may have seen this happen before. Are there any other debugs I can gather which will help get to the bottom of this? Reuben
Re: fts_solr not working
> On Jun 24, 2016, at 2:06 AM, Jeff Gamsby wrote:
>
> protocol imap {
> plugin {
>fts = solr
>fts_solr = break-imap-search url=http://localhost:8880/solr/
> }
> }
> protocol pop3 {
> plugin {
>fts = solr
>fts_solr = break-imap-search url=http://localhost:8880/solr/
> }
Don't place `plugin {}` setting in other config block.
It should be:
protocol imap {...}
protocol pop3 {...}
plugin {
...
}
Zhang Huangbin, founder of iRedMail project: http://www.iredmail.org/
Time zone: GMT+8 (China/Beijing).
Re: fts_solr not working
> On Jun 24, 2016, at 2:06 AM, Jeff Gamsby wrote: > > doveadm(u...@user.com): Debug: fts: No fts setting - plugin disabled Isn't it very clear here? Zhang Huangbin, founder of iRedMail project: http://www.iredmail.org/ Time zone: GMT+8 (China/Beijing).
FW: error using default_fields in passwd-file
I didn't see a response. Sending again and adding doveconf -n output.
I'm trying to put virtual user mail in:
/var/vmail//
I tried setting the home field in the userdb to /var/vmail/%d/%n
But apparently variable expansion doesn't happen in the userdb because the
Dovecot LDA created the literal directory /var/vmail/%d/%n/Maildir
So then I tried to use default_fields as shown here:
http://wiki2.dovecot.org/AuthDatabase/PasswdFile
So I tried:
userdb {
driver = passwd-file
args = username_format=%n /etc/dovecot/auth.d/%d/passwd
default_fields = home=/var/vmail/%d/%n
}
But when I reload doveadm I get:
doveconf: Fatal: Error in configuration file /etc/dovecot/local.conf line
87: Unknown setting: default_fields
I tried override_fields:
userdb {
driver = passwd-file
args = username_format=%n /etc/dovecot/auth.d/%d/passwd
override_fields = home=/var/vmail/%d/%n
}
And I get the same type of error:
doveconf: Fatal: Error in configuration file /etc/dovecot/local.conf line
87: Unknown setting: override_fields
What gives?
Michael
doveconf -n:
# 2.0.19: /etc/dovecot/dovecot.conf
# OS: Linux 3.13.0-86-generic i686 Ubuntu 12.04.5 LTS
auth_verbose = yes
disable_plaintext_auth = no
mail_gid = vmail
mail_location = maildir:~/Maildir
mail_uid = vmail
passdb {
driver = pam
}
passdb {
args = /etc/dovecot/deny-users
deny = yes
driver = passwd-file
}
passdb {
args = username_format=%n /etc/dovecot/auth.d/%d/passwd
driver = passwd-file
}
pop3_uidl_format = %08Xv%08Xu
protocols = pop3
service auth {
unix_listener auth-userdb {
mode = 0600
user = vmail
}
}
ssl = no
ssl_cert =
SSL Problem with -git master-2.2 tip (24 June 16)
Current master-2.2 branch of Dovecot compiles for me on Gentoo x86_64 but experiences symbol errors when starting up: Jun 24 08:38:00 thunderstorm dovecot: lmtp(8180): Fatal: Couldn't load required plugin /usr/lib64/dovecot/libssl_iostream_openssl.so: dlopen() failed: /usr/lib64/dovecot/libssl_iostream_openssl.so: undefined symbol: SSL_COMP_free_compression_methods Jun 24 08:38:00 thunderstorm dovecot: master: Error: service(lmtp): command startup failed, throttling for 16 secs I suspect that this is because I have libressl installed on my systems instead of OpenSSL. A known commit point which does not work is: f5e6b05684328b9800ccd973c73027300c832d65 However a few commits earlier this problem does not occur: f292589f4b85e02d97d974dfe34324c6c0bb9d9f Looks like commit bff052bd29dbf7175ee6cd14bd14bcea1900b869 : "lib-dcrypt, lib-ssl-iostream: Share OpenSSL init/deinit code." may have broken the tree for LibreSSL/non OpenSSL users. Reuben
Re: fts_solr not working
> On June 23, 2016 at 9:06 PM Jeff Gamsby wrote:
>
>
> I am running ISPConfig 3 on Debian and have managed to install the
> dovecot-solr and dovecot-fts plugins.
>
> I have solr running undet tomcat at http://localhost:8880 but the
> indexing is not working.
>
> I am using Dovecot 2.17
>
> I do not understand namespaces and why fts_solr needs them, I just want
> to index the entire users Maildir.
>
> I am trying to index a users mailbox but am getting the following error:
>
> (changed user name)
> doveadm fts rescan -u u...@user.com inbox
> doveadm(u...@user.com): Error: Namespace prefix not found: inbox
>
> running that in debig mode gives:
>
> doveadm(root): Debug: Loading modules from directory:
> /usr/lib/dovecot/modules
> doveadm(root): Debug: Module loaded:
> /usr/lib/dovecot/modules/lib20_fts_plugin.so
> doveadm(root): Debug: Module loaded:
> /usr/lib/dovecot/modules/lib21_fts_solr_plugin.so
> doveadm(root): Debug: Loading modules from directory:
> /usr/lib/dovecot/modules/doveadm
> doveadm(root): Debug: Skipping module doveadm_acl_plugin, because
> dlopen() failed:
> /usr/lib/dovecot/modules/doveadm/lib10_doveadm_acl_plugin.so: undefined
> symbol: acl_user_module (this is usually intentional, so just ignore
> this message)
> doveadm(root): Debug: Skipping module doveadm_expire_plugin, because
> dlopen() failed:
> /usr/lib/dovecot/modules/doveadm/lib10_doveadm_expire_plugin.so:
> undefined symbol: expire_set_deinit (this is usually intentional, so
> just ignore this message)
> doveadm(root): Debug: Skipping module doveadm_quota_plugin, because
> dlopen() failed:
> /usr/lib/dovecot/modules/doveadm/lib10_doveadm_quota_plugin.so:
> undefined symbol: quota_user_module (this is usually intentional, so
> just ignore this message)
> doveadm(root): Debug: Skipping module doveadm_zlib_plugin, because
> dlopen() failed:
> /usr/lib/dovecot/modules/doveadm/lib10_doveadm_zlib_plugin.so: undefined
> symbol: i_stream_create_deflate (this is usually intentional, so just
> ignore this message)
> doveadm(root): Debug: Module loaded:
> /usr/lib/dovecot/modules/doveadm/lib20_doveadm_fts_plugin.so
> doveadm(u...@user.com): Debug: Added userdb setting:
> mail=maildir:/var/vmail/user.com/user/Maildir
> doveadm(u...@user.com): Debug: Added userdb setting:
> plugin/quota_rule=*:storage=0B
> doveadm(u...@user.com): Debug: Added userdb setting:
> plugin/sieve=/var/vmail/user.com/user/.sieve
> doveadm(u...@user.com): Debug: Effective uid=5000, gid=5000,
> home=/var/vmail/user.com/user
> doveadm(u...@user.com): Debug: Namespace inbox: type=private, prefix=,
> sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes
> location=maildir:/var/vmail/user.com/user/Maildir
> doveadm(u...@user.com): Debug: maildir++:
> root=/var/vmail/user.com/user/Maildir, index=, control=,
> inbox=/var/vmail/user.com/user/Maildir, alt=
> doveadm(u...@user.com): Debug: fts: No fts setting - plugin disabled
> doveadm(u...@user.com): Error: Namespace prefix not found: inbox
>
> in conf.d/10-mail.conf I have this namespace defined:
>
> namespace inbox {
># Namespace type: private, shared or public
>#type = private
>
># Hierarchy separator to use. You should use the same separator for
> all
># namespaces or some clients get confused. '/' is usually a good one.
># The default however depends on the underlying mail storage format.
>#separator =
>
># Prefix required to access this namespace. This needs to be different
> for
># all namespaces. For example "Public/".
>#prefix =
>
># Physical location of the mailbox. This is in same format as
># mail_location, which is also the default for it.
>#location =
>
># There can be only one INBOX, and this setting defines which
> namespace
># has it.
>inbox = yes
>
># If namespace is hidden, it's not advertised to clients via NAMESPACE
># extension. You'll most likely also want to set list=no. This is
> mostly
># useful when converting from another server with different namespaces
> which
># you want to deprecate but still keep working. For example you can
> create
># hidden namespaces with prefixes "~/mail/", "~%u/mail/" and "mail/".
>#hidden = no
> protocol imap {
>plugin {
> fts = solr
> fts_solr = break-imap-search url=http://localhost:8880/solr/
>}
> }
> protocol pop3 {
>plugin {
> fts = solr
> fts_solr = break-imap-search url=http://localhost:8880/solr/
>}
>
># Show the mailboxes under this namespace with LIST command. This
> makes the
># namespace visible for clients that don't support NAMESPACE
> extension.
># "children" value lists child mailboxes, but hides the namespace
> prefix.
>#list = yes
>
># Namespace handles its own subscriptions. If set to "no", the parent
># namespace handles them (empty prefix should always have this as
> "yes")
>#subscriptions = yes
> }
>
>
> I had to put this in dovecot.co
fts_solr not working
I am running ISPConfig 3 on Debian and have managed to install the
dovecot-solr and dovecot-fts plugins.
I have solr running undet tomcat at http://localhost:8880 but the
indexing is not working.
I am using Dovecot 2.17
I do not understand namespaces and why fts_solr needs them, I just want
to index the entire users Maildir.
I am trying to index a users mailbox but am getting the following error:
(changed user name)
doveadm fts rescan -u u...@user.com inbox
doveadm(u...@user.com): Error: Namespace prefix not found: inbox
running that in debig mode gives:
doveadm(root): Debug: Loading modules from directory:
/usr/lib/dovecot/modules
doveadm(root): Debug: Module loaded:
/usr/lib/dovecot/modules/lib20_fts_plugin.so
doveadm(root): Debug: Module loaded:
/usr/lib/dovecot/modules/lib21_fts_solr_plugin.so
doveadm(root): Debug: Loading modules from directory:
/usr/lib/dovecot/modules/doveadm
doveadm(root): Debug: Skipping module doveadm_acl_plugin, because
dlopen() failed:
/usr/lib/dovecot/modules/doveadm/lib10_doveadm_acl_plugin.so: undefined
symbol: acl_user_module (this is usually intentional, so just ignore
this message)
doveadm(root): Debug: Skipping module doveadm_expire_plugin, because
dlopen() failed:
/usr/lib/dovecot/modules/doveadm/lib10_doveadm_expire_plugin.so:
undefined symbol: expire_set_deinit (this is usually intentional, so
just ignore this message)
doveadm(root): Debug: Skipping module doveadm_quota_plugin, because
dlopen() failed:
/usr/lib/dovecot/modules/doveadm/lib10_doveadm_quota_plugin.so:
undefined symbol: quota_user_module (this is usually intentional, so
just ignore this message)
doveadm(root): Debug: Skipping module doveadm_zlib_plugin, because
dlopen() failed:
/usr/lib/dovecot/modules/doveadm/lib10_doveadm_zlib_plugin.so: undefined
symbol: i_stream_create_deflate (this is usually intentional, so just
ignore this message)
doveadm(root): Debug: Module loaded:
/usr/lib/dovecot/modules/doveadm/lib20_doveadm_fts_plugin.so
doveadm(u...@user.com): Debug: Added userdb setting:
mail=maildir:/var/vmail/user.com/user/Maildir
doveadm(u...@user.com): Debug: Added userdb setting:
plugin/quota_rule=*:storage=0B
doveadm(u...@user.com): Debug: Added userdb setting:
plugin/sieve=/var/vmail/user.com/user/.sieve
doveadm(u...@user.com): Debug: Effective uid=5000, gid=5000,
home=/var/vmail/user.com/user
doveadm(u...@user.com): Debug: Namespace inbox: type=private, prefix=,
sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes
location=maildir:/var/vmail/user.com/user/Maildir
doveadm(u...@user.com): Debug: maildir++:
root=/var/vmail/user.com/user/Maildir, index=, control=,
inbox=/var/vmail/user.com/user/Maildir, alt=
doveadm(u...@user.com): Debug: fts: No fts setting - plugin disabled
doveadm(u...@user.com): Error: Namespace prefix not found: inbox
in conf.d/10-mail.conf I have this namespace defined:
namespace inbox {
# Namespace type: private, shared or public
#type = private
# Hierarchy separator to use. You should use the same separator for
all
# namespaces or some clients get confused. '/' is usually a good one.
# The default however depends on the underlying mail storage format.
#separator =
# Prefix required to access this namespace. This needs to be different
for
# all namespaces. For example "Public/".
#prefix =
# Physical location of the mailbox. This is in same format as
# mail_location, which is also the default for it.
#location =
# There can be only one INBOX, and this setting defines which
namespace
# has it.
inbox = yes
# If namespace is hidden, it's not advertised to clients via NAMESPACE
# extension. You'll most likely also want to set list=no. This is
mostly
# useful when converting from another server with different namespaces
which
# you want to deprecate but still keep working. For example you can
create
# hidden namespaces with prefixes "~/mail/", "~%u/mail/" and "mail/".
#hidden = no
protocol imap {
plugin {
fts = solr
fts_solr = break-imap-search url=http://localhost:8880/solr/
}
}
protocol pop3 {
plugin {
fts = solr
fts_solr = break-imap-search url=http://localhost:8880/solr/
}
# Show the mailboxes under this namespace with LIST command. This
makes the
# namespace visible for clients that don't support NAMESPACE
extension.
# "children" value lists child mailboxes, but hides the namespace
prefix.
#list = yes
# Namespace handles its own subscriptions. If set to "no", the parent
# namespace handles them (empty prefix should always have this as
"yes")
#subscriptions = yes
}
I had to put this in dovecot.conf in order for the plugin to be enabled:
mail_plugins = fts fts_solr
solr is reachable at localhost:8880/solr and appears to be working.
Please help, any suggestions are welcome
Thanks
error using default_fields in passwd-file
I'm trying to put virtual user mail in:
/var/vmail//
I tried setting the home field in the userdb to /var/vmail/%d/%n
But apparently variable expansion doesn't happen in the userdb because the
Dovecot LDA created the literal directory /var/vmail/%d/%n/Maildir
So then I tried to use default_fields as shown here:
http://wiki2.dovecot.org/AuthDatabase/PasswdFile
So my config is:
userdb {
driver = passwd-file
args = username_format=%n /etc/dovecot/auth.d/%d/passwd
default_fields = home=/var/vmail/%d/%u
}
But when I reload doveadm I get:
doveconf: Fatal: Error in configuration file /etc/dovecot/local.conf line
87: Unknown setting: default_fields
I tried override_fields:
userdb {
driver = passwd-file
args = username_format=%n /etc/dovecot/auth.d/%d/passwd
override_fields = home=/var/vmail/%d/%u
}
And I get the same type of error:
doveconf: Fatal: Error in configuration file /etc/dovecot/local.conf line
87: Unknown setting: override_fields
What gives?
Michael
Re: fts lucene crashes in 2.2.24
According to my logs it's indeed fixed: ds9 dovecot: indexer-worker(christiane): Indexed 1 messages in INBOX Thanks! On Wed, Jun 22, 2016 at 12:25 AM, Timo Sirainen wrote: > On 29 May 2016, at 10:56, Wolfgang Rosenauer wrote: > > > > Hi, > > > > I've just enabled FTS via Lucene on my Dovecot 2.2.24 installation but I > > see the indexer crashing ?always?. > > > > This simple testcase with a very tiny testing mailbox exposes the issue > > immediately: > > > > doveadm -v index -u anmesse INBOX > > > > Program received signal SIGSEGV, Segmentation fault. > > rescan_clear_unseen_mailbox (rescan_ctx=rescan_ctx@entry=0x0, > > vname=0x55839820 "INBOX.Testfolder 2", hdr=hdr@entry=0x7fffdaf0) > at > > lucene-wrapper.cc:831 > > Should be fixed by > https://github.com/dovecot/core/commit/0f801c1bd3d684c219d7f3b1e75f8b85f66f7951 > >
