date:20170613

Re: Minor patches for builds against ancient platforms

2017-06-13 Thread M. Balridge

Timo Sirainen inscribed:

Have you set mbox_very_dirty_syncs=yes? That should be helpful.

Oh, that sounded like a risky option.

I do have mbox_dirty_syncs enabled.

Are there still "safety checks" with the extra down-and-dirty sync option?

Joseph Tam-a-lyne wrote:
> doveadm user $user
>
> which will supply the second half: it will spit out the UID, GID, home
> and mail directories of a user as specified by dovecot's
> configuration.

Yes, that outputs the UID/GID/location of user mail, which can feed a 
tool to audit and/or change directory permissions to conform to 
expectations.

This is a consequence of writing secure software: it employs least
privilege so that a fault will not result in someone being able to
mess around with someone else's mail (or indices).  GID can also
governaccess to shared mailboxes.

Sure, sure, I understand the notion, as I aspire towards "least 
privilege necessary" designs in my own software. In this case, it seemed 
that the software was throwing an error when it failed to do something 
most unprivileged processes cannot do: change the group ownership of an 
object to a group of which you're not a member.

I would certainly want log entries, sure... but an outright failure when 
ownership/u+ permissions are otherwise supportive of the operation in 
question?

I appreciate the fact my questions (and Piltdown Box) are probably 
noising up your list, and yet you're still both giving me the time of day.

My thanks, once again,
=M=

Re: Minor patches for builds against ancient platforms

2017-06-13 Thread Timo Sirainen

On 12 Jun 2017, at 2.09, M. Balridge  wrote:
> 
>> I think it's just doing a lot of work on the mbox file itself 
>> (reading/writing/rewriting). Would be nice of course if it logged 
>> more information, but mbox format is a bit too legacy to spend 
>> much time on improving.
> 
> I suspect the (heavy) use of procmail on Herr Frankbox is contributing to
> either some lock "confusion" *OR* triggering dovecot to do "expensive" mbox
> re-read/syncs or something?

Have you set mbox_very_dirty_syncs=yes? That should be helpful.

Re: v2.2.30 released

2017-06-13 Thread Odhiambo Washington

Hi Vincent,

The problem was resolved in 2.2.30.2 so feel free to update to that.

On 13 June 2017 at 13:11,  wrote:

> Hi,
>
> Same symptoms here when upgrading from 2.2.29 to 2.2.30. Getting back to
> 2.2.29 resolve the problem.
>
> The client here is a webmail ( rainloop ). User automatically logout as if
> the auth did'nt succed although log show successfull login attempt
>
> My configuration
>
>  2.2.29.1 (e0b76e3): /etc/dovecot/dovecot.conf
> # Pigeonhole version 0.4.18 (29cc74d)
> # OS: Linux 4.11.2-gentoo--std-ipv6-64 x86_64 Gentoo Base System
> release 2.4.1
> auth_cache_size = 10 M
> auth_default_realm = aprogsys.com
> auth_gssapi_hostname = $ALL
> auth_krb5_keytab = /etc/dovecot/dovecot.keytab
> auth_mechanisms = plain login gssapi
> auth_username_format = %Ln
> auth_worker_max_count = 80
> dict {
>   acl = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext
> }
> disable_plaintext_auth = no
> dsync_remote_cmd = ssh -l%{login} %{host} doveadm dsync-server -u%u
> first_valid_uid = 1001
> lda_mailbox_autocreate = yes
> lda_mailbox_autosubscribe = yes
> mail_access_groups = dovecot
> mail_location = mdbox:~/mdbox
> mail_plugins = " acl fts fts_lucene notify replication virtual"
> managesieve_notify_capability = mailto
> managesieve_sieve_capability = fileinto reject envelope encoded-character
> vacation subaddress comparator-i;ascii-numeric relational regex imap4flags
> copy include variables body enotify environment mailbox date index ihave
> duplicate mime foreverypart extracttext
> namespace {
>   list = children
>   location = mdbox:%%h/mdbox
>   prefix = shared/%%n/
>   separator = /
>   subscriptions = no
>   type = shared
> }
> namespace {
>   location = virtual:~/virtual
>   prefix = virtual/
>   separator = /
> }
> namespace inbox {
>   inbox = yes
>   list = yes
>   location =
>   mailbox Drafts {
> auto = no
> special_use = \Drafts
>   }
>   mailbox Junk {
> special_use = \Junk
>   }
>   mailbox SPAM {
> auto = create
> special_use = \Junk
>   }
>   mailbox Sent {
> auto = subscribe
> special_use = \Sent
>   }
>   mailbox "Sent Messages" {
> auto = no
> special_use = \Sent
>   }
>   mailbox Trash {
> auto = no
> special_use = \Trash
>   }
>   prefix =
>   separator = /
> }
> passdb {
>   args = cache_key=%s%u *
>   driver = pam
> }
> plugin {
>   acl = vfile
>   acl_anyone = allow
>   acl_shared_dict = proxy::acl
>   antispam_backend = mailtrain
>   antispam_mail_notspam = learn_ham
>   antispam_mail_sendmail = /usr/bin/rspamc
>   antispam_mail_sendmail_args = -h;localhost:11334;-P;q1
>   antispam_mail_spam = learn_spam
>   antispam_spam = SPAM
>   antispam_trash = Trash
>   fts = lucene
>   fts_autoindex = yes
>   fts_lucene = whitespace_chars=@.
>   mail_replica = remote:root@192.168.1.7
>   replication_dsync_parameters = -d -U
>   sieve = file:~/sieve;active=~/.dovecot.sieve
>   sieve_before = /var/lib/dovecot/sieve
>   sieve_default = /var/lib/dovecot/sieve/spam.sieve
>   sieve_dir = ~/sieve
> }
> protocols = imap pop3 lmtp sieve
> replication_max_conns = 2
> service aggregator {
>   fifo_listener replication-notify-fifo {
> mode = 0666
>   }
>   unix_listener replication-notify {
> mode = 0666
>   }
> }
> service auth {
>   unix_listener /var/spool/postfix/private/auth {
> group = postfix
> mode = 0660
> user = postfix
>   }
>   unix_listener auth-client {
> mode = 0666
>   }
>   unix_listener auth-userdb {
> mode = 0777
>   }
> }
> service dict {
>   unix_listener dict {
> mode = 0666
>   }
> }
> service imap-login {
>   process_min_avail = 4
>   service_count = 0
>   vsz_limit = 256 M
> }
> service managesieve-login {
>   inet_listener sieve {
> port = 4190
>   }
>   inet_listener sieve_deprecated {
> port = 2000
>   }
> }
> service replicator {
>   process_min_avail = 1
>   unix_listener replicator-doveadm {
> mode = 0666
>   }
> }
> ssl_cert =  ssl_key =  # hidden, use -P to show it
> userdb {
>   driver = passwd
> }
> protocol lda {
>   mail_plugins = " acl fts fts_lucene notify replication virtual sieve"
> }
> protocol imap {
>   imap_client_workarounds = delay-newmail tb-extra-mailbox-sep
> tb-lsub-flags
>   mail_max_userip_connections = 40
>   mail_plugins = " acl fts fts_lucene notify replication virtual antispam
> imap_acl"
> }
> local_name imap.agrobioconso.org {
>   ssl_cert =ssl_key =  # hidden, use -P to show it
> }
> local_name imap.aprogsys.com {
>   ssl_cert =ssl_key =  # hidden, use -P to show it
> }
> local_name imap.lesmontreursdours.fr {
>   ssl_cert =  fullchain.pem
>   ssl_key =  # hidden, use -P to show it
> }
> local_name pop.aprogsys.com {
>   ssl_cert =ssl_key =  # hidden, use -P to show it
> }
> local_name imap.caves-explorer.com {
>   ssl_cert =ssl_key =  # hidden, use -P to show it
> }
> local_name imap.vetienne.net {
>   ssl_cert =ssl_key =  # hidden, use -P to show it
> }
>
> Regards,
> Vincent ETIENNE
>
> 1 juin 2017 18:48

Re: v2.2.30 released

2017-06-13 Thread ve

Hi,

Same symptoms here when upgrading from 2.2.29 to 2.2.30. Getting back to 2.2.29 
resolve the problem.

The client here is a webmail ( rainloop ). User automatically logout as if the 
auth did'nt succed although log show successfull login attempt

My configuration

 2.2.29.1 (e0b76e3): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.18 (29cc74d)
# OS: Linux 4.11.2-gentoo--std-ipv6-64 x86_64 Gentoo Base System release 
2.4.1 
auth_cache_size = 10 M
auth_default_realm = aprogsys.com
auth_gssapi_hostname = $ALL
auth_krb5_keytab = /etc/dovecot/dovecot.keytab
auth_mechanisms = plain login gssapi
auth_username_format = %Ln
auth_worker_max_count = 80
dict {
  acl = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext
}
disable_plaintext_auth = no
dsync_remote_cmd = ssh -l%{login} %{host} doveadm dsync-server -u%u
first_valid_uid = 1001
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
mail_access_groups = dovecot
mail_location = mdbox:~/mdbox
mail_plugins = " acl fts fts_lucene notify replication virtual"
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character 
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy 
include variables body enotify environment mailbox date index ihave duplicate 
mime foreverypart extracttext
namespace {
  list = children
  location = mdbox:%%h/mdbox
  prefix = shared/%%n/
  separator = /
  subscriptions = no
  type = shared
}
namespace {
  location = virtual:~/virtual
  prefix = virtual/
  separator = /
}
namespace inbox {
  inbox = yes
  list = yes
  location = 
  mailbox Drafts {
auto = no
special_use = \Drafts
  }
  mailbox Junk {
special_use = \Junk
  }
  mailbox SPAM {
auto = create
special_use = \Junk
  }
  mailbox Sent {
auto = subscribe
special_use = \Sent
  }
  mailbox "Sent Messages" {
auto = no
special_use = \Sent
  }
  mailbox Trash {
auto = no
special_use = \Trash
  }
  prefix = 
  separator = /
}
passdb {
  args = cache_key=%s%u *
  driver = pam
}
plugin {
  acl = vfile
  acl_anyone = allow
  acl_shared_dict = proxy::acl
  antispam_backend = mailtrain
  antispam_mail_notspam = learn_ham
  antispam_mail_sendmail = /usr/bin/rspamc
  antispam_mail_sendmail_args = -h;localhost:11334;-P;q1
  antispam_mail_spam = learn_spam
  antispam_spam = SPAM
  antispam_trash = Trash
  fts = lucene
  fts_autoindex = yes
  fts_lucene = whitespace_chars=@.
  mail_replica = remote:root@192.168.1.7
  replication_dsync_parameters = -d -U
  sieve = file:~/sieve;active=~/.dovecot.sieve
  sieve_before = /var/lib/dovecot/sieve
  sieve_default = /var/lib/dovecot/sieve/spam.sieve
  sieve_dir = ~/sieve
}
protocols = imap pop3 lmtp sieve
replication_max_conns = 2
service aggregator {
  fifo_listener replication-notify-fifo {
mode = 0666
  }
  unix_listener replication-notify {
mode = 0666
  }
}
service auth {
  unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
  }
  unix_listener auth-client {
mode = 0666
  }
  unix_listener auth-userdb {
mode = 0777
  }
}
service dict {
  unix_listener dict {
mode = 0666
  }
}
service imap-login {
  process_min_avail = 4
  service_count = 0
  vsz_limit = 256 M
}
service managesieve-login {
  inet_listener sieve {
port = 4190
  }
  inet_listener sieve_deprecated {
port = 2000
  }
}
service replicator {
  process_min_avail = 1
  unix_listener replicator-doveadm {
mode = 0666
  }
}
ssl_cert =  a écrit:
> Nothing in the error log, because authentication is actually successful.
>

rescann / reindex / rebuild a subfolder structure

2017-06-13 Thread Götz Reinicke - IT Koordinator


Hi,

an user is missing all mail from a folder and all subfolders which are 
still saved in the users maildir directory on the dovecot server.


From an imap client she sees the main folder but empty. No subfolders.

She told me with an other imap client and a new created account she has 
the same problem.


Question: Can I resync / regenerate some folder... index 
something-files from the dovecot side?


Thanks for hints and regards . Götz





smime.p7s
Description: S/MIME Cryptographic Signature

Re: Minor patches for builds against ancient platforms

Re: Minor patches for builds against ancient platforms

Re: v2.2.30 released

Re: v2.2.30 released

rescann / reindex / rebuild a subfolder structure

5 matches

Site Navigation

Mail list logo

Footer information