Re: Install locks up my server

[Marc Perkel]

On 06/26/17 14:42, Timo Sirainen wrote:

On 26 Jun 2017, at 23.19, Marc Perkel  wrote:

Ever since 2.26 I haven't been able to upgrade. In fact the install locks up my 
server.

I get into and infinite recursive loop where the config-guess program calls 
itself until the server locks up from overload.

I'm running Centos 6 under OpenVZ.

What am I missing? I think there's a serious bug.

31233 pts/3S  0:00 /bin/sh ./config.guess
31235 pts/3S  0:00  \_ /bin/sh ./config.guess
31238 pts/3S  0:00  \_ /bin/sh ./config.guess
31240 pts/3S  0:00  \_ /bin/sh ./config.guess

I think I remember seeing this before, but unfortunately can't remember what the solution was. Maybe it was 
something something messed up in the OS or in the build directory. Are you compiling from the tarballs? So 
it's the "configure" that fails? Also if you run "./config.guess" manually? What's the 
output if you run "bash -x ./config.guess"?





bash -x ./config.guess
+ timestamp=2015-08-20
++ sed -e 's,.*/,,'
++ echo ./config.guess
+ me=config.guess
+ usage='Usage: ./config.guess [OPTION]

Output the configuration name of the system `config.guess'\'' is run on.

Operation modes:
  -h, --help print this help, then exit
  -t, --time-stamp   print date of last modification, then exit
  -v, --version  print version number, then exit

Report bugs and patches to .'
+ version='GNU config.guess (2015-08-20)

Originally written by Per Bothner.
Copyright 1992-2015 Free Software Foundation, Inc.

This is free software; see the source for copying conditions.  There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR 
PURPOSE.'

+ help='
Try `config.guess --help'\'' for more information.'
+ test 0 -gt 0
+ test 0 '!=' 0
+ trap 'exit 1' 1 2 15
+ set_cc_for_build='
trap "exitcode=\$?; (rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 
2>/dev/null) && exit \$exitcode" 0 ;
trap "rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null; exit 1" 1 2 
13 15 ;

: ${TMPDIR=/tmp} ;
 { tmp=`(umask 077 && mktemp -d "$TMPDIR/cgXX") 2>/dev/null` && 
test -n "$tmp" && test -d "$tmp" ; } ||
 { test -n "$RANDOM" && tmp=$TMPDIR/cg$$-$RANDOM && (umask 077 && mkdir 
$tmp) ; } ||
 { tmp=$TMPDIR/cg-$$ && (umask 077 && mkdir $tmp) && echo "Warning: 
creating insecure temp directory" >&2 ; } ||
 { echo "$me: cannot create a temporary directory in $TMPDIR" >&2 ; 
exit 1 ; } ;

dummy=$tmp/dummy ;
tmpfiles="$dummy.c $dummy.o $dummy.rel $dummy" ;
case $CC_FOR_BUILD,$HOST_CC,$CC in
 ,,)echo "int x;" > $dummy.c ;
for c in cc gcc c89 c99 ; do
  if ($c -c -o $dummy.o $dummy.c) >/dev/null 2>&1 ; then
 CC_FOR_BUILD="$c"; break ;
  fi ;
done ;
if test x"$CC_FOR_BUILD" = x ; then
  CC_FOR_BUILD=no_compiler_found ;
fi
;;
 ,,*)   CC_FOR_BUILD=$CC ;;
 ,*,*)  CC_FOR_BUILD=$HOST_CC ;;
esac ; set_cc_for_build= ;'
+ UNAME_MACHINE=x86_64
+ UNAME_RELEASE=2.6.32-042stab123.3
+ UNAME_SYSTEM=Linux
+ UNAME_VERSION='#1 SMP Fri May 5 12:29:05 MSK 2017'
+ case "${UNAME_SYSTEM}" in
+ LIBC=gnu
+ eval trap '"exitcode=\$?;' '(rm' -f '\$tmpfiles' '2>/dev/null;' rmdir 
'\$tmp' '2>/dev/null)' '&&' exit '\$exitcode"' 0 ';' trap '"rm' -f 
'\$tmpfiles' '2>/dev/null;' rmdir '\$tmp' '2>/dev/null;' exit '1"' 1 2 
13 15 ';' : '${TMPDIR=/tmp}' ';' '{' 'tmp=`(umask' 077 '&&' mktemp -d 
'"$TMPDIR/cgXX")' '2>/dev/null`' '&&' test -n '"$tmp"' '&&' test -d 
'"$tmp"' ';' '}' '||' '{' test -n '"$RANDOM"' '&&' 
'tmp=$TMPDIR/cg$$-$RANDOM' '&&' '(umask' 077 '&&' mkdir '$tmp)' ';' '}' 
'||' '{' 'tmp=$TMPDIR/cg-$$' '&&' '(umask' 077 '&&' mkdir '$tmp)' '&&' 
echo '"Warning:' creating insecure temp 'directory"' '>&2' ';' '}' '||' 
'{' echo '"$me:' cannot create a temporary directory in '$TMPDIR"' '>&2' 
';' exit 1 ';' '}' ';' 'dummy=$tmp/dummy' ';' 'tmpfiles="$dummy.c' 
'$dummy.o' '$dummy.rel' '$dummy"' ';' case '$CC_FOR_BUILD,$HOST_CC,$CC' 
in ',,)' echo '"int' 'x;"' '>' '$dummy.c' ';' for c in cc gcc c89 c99 
';' do if '($c' -c -o '$dummy.o' '$dummy.c)' '>/dev/null' '2>&1' ';' 
then 'CC_FOR_BUILD="$c";' break ';' fi ';' done ';' if test 
'x"$CC_FOR_BUILD"' = x ';' then CC_FOR_BUILD=no_compiler_found ';' fi 
';;' ',,*)' 'CC_FOR_BUILD=$CC' ';;' ',*,*)' 'CC_FOR_BUILD=$HOST_CC' ';;' 
esac ';' set_cc_for_build= ';'
++ trap 'exitcode=$?; (rm -f $tmpfiles 2>/dev/null; rmdir $tmp 
2>/dev/null) && exit $exitcode' 0
++ trap 'rm -f $tmpfiles 2>/dev/null; rmdir $tmp 2>/dev/null; exit 1' 1 
2 13 15

++ : /tmp
++ tmp=/tmp/cgpmW24a
++ test -n /tmp/cgpmW24a
++ test -d /tmp/cgpmW24a
++ dummy=/tmp/cgpmW24a/dummy
++ tmpfiles='/tmp/cgpmW24a/dummy.c /tmp/cgpmW24a/dummy.o 
/tmp/cgpmW24a/dummy.rel /tmp/cgpmW24a/dummy'

++ case $CC_FOR_BUILD,$HOST_CC,$CC in
++ echo 'int x;'
++ for c in cc gcc c89 c99

Re: Install locks up my server

[Timo Sirainen]

On 26 Jun 2017, at 23.19, Marc Perkel  wrote:
> 
> Ever since 2.26 I haven't been able to upgrade. In fact the install locks up 
> my server.
> 
> I get into and infinite recursive loop where the config-guess program calls 
> itself until the server locks up from overload.
> 
> I'm running Centos 6 under OpenVZ.
> 
> What am I missing? I think there's a serious bug.
> 
> 31233 pts/3S  0:00 /bin/sh ./config.guess
> 31235 pts/3S  0:00  \_ /bin/sh ./config.guess
> 31238 pts/3S  0:00  \_ /bin/sh ./config.guess
> 31240 pts/3S  0:00  \_ /bin/sh ./config.guess

I think I remember seeing this before, but unfortunately can't remember what 
the solution was. Maybe it was something something messed up in the OS or in 
the build directory. Are you compiling from the tarballs? So it's the 
"configure" that fails? Also if you run "./config.guess" manually? What's the 
output if you run "bash -x ./config.guess"?

[Dovecot-news] Released Pigeonhole v0.4.19 for Dovecot v2.2.31.

[Stephan Bosch]

Hello Dovecot users,

Here's the definitive 0.4.19 release. There is one additional fix.

Changelog v0.4.19:

* This release adjusts Pigeonhole to several changes in the Dovecot API,
  making it depend on Dovecot v2.2.31. Previous versions of Pigeonhole
  will produce compile warnings with the recent Dovecot releases (but
  still work ok).
- Fixed bug in handling of implicit keep in some cases. Implicit
  side-effects, such as assigned flags, were not always applied
  correctly. This is in essence a very old bug, but it was exposed by
  recent changes.
- include extension: Fixed segfault that (sometimes) occurred when the
  global script location was left unconfigured.

The release is available as follows:

https://pigeonhole.dovecot.org/releases/2.2/dovecot-2.2-pigeonhole-0.4.19.tar.gz
https://pigeonhole.dovecot.org/releases/2.2/dovecot-2.2-pigeonhole-0.4.19.tar.gz.sig

Refer to http://pigeonhole.dovecot.org and the Dovecot v2.x wiki for
more information. Have fun testing this release and don't hesitate to
notify me when there are any problems.

Regards,

-- 
Stephan Bosch
step...@rename-it.nl











___
Dovecot-news mailing list
Dovecot-news@dovecot.org
https://dovecot.org/mailman/listinfo/dovecot-news

Install locks up my server

[Marc Perkel]

Ever since 2.26 I haven't been able to upgrade. In fact the install 
locks up my server.


I get into and infinite recursive loop where the config-guess program 
calls itself until the server locks up from overload.


I'm running Centos 6 under OpenVZ.

What am I missing? I think there's a serious bug.

31233 pts/3S  0:00 /bin/sh ./config.guess
31235 pts/3S  0:00  \_ /bin/sh ./config.guess
31238 pts/3S  0:00  \_ /bin/sh ./config.guess
31240 pts/3S  0:00  \_ /bin/sh ./config.guess
31241 pts/3S  0:00  \_ /bin/sh ./config.guess
31267 pts/3S  0:00  \_ /bin/sh ./config.guess
31272 pts/3S  0:00  \_ /bin/sh ./config.guess
31279 pts/3S  0:00  \_ /bin/sh 
./config.guess
31280 pts/3S  0:00  \_ /bin/sh 
./config.guess
31281 pts/3S  0:00  \_ /bin/sh 
./config.guess
31283 pts/3S  0:00  \_ 
/bin/sh ./config.guess

31284 pts/3S  0:00 \_ /bin/sh ./config.guess
31285 pts/3S 0:00  \_ 
/bin/sh ./config.guess
31292 pts/3S 0:00  
\_ /bin/sh ./config.guess
31303 pts/3S 
0:00  \_ /bin/sh 
./config.guess
31304 pts/3S 
0:00  \_ /bin/sh 
./config.guess
31305 pts/3S 
0:00  \_ 
/bin/sh ./config.guess

31306 pts/3S 0:00 \_ /bin/sh ./config.guess
31307 pts/3S 0:00 \_ /bin/sh ./config.guess
31321 pts/3S 0:00 \_ /bin/sh ./config.guess
31340 pts/3S 0:00 \_ /bin/sh ./config.guess
31341 pts/3S 0:00 \_ /bin/sh ./config.guess
31426 pts/3S 0:00 \_ /bin/sh ./config.guess
31530 pts/3S 0:00 \_ /bin/sh ./config.guess

Released Pigeonhole v0.4.19 for Dovecot v2.2.31.

[Stephan Bosch]

Hello Dovecot users,

Here's the definitive 0.4.19 release. There is one additional fix.

Changelog v0.4.19:

* This release adjusts Pigeonhole to several changes in the Dovecot API,
  making it depend on Dovecot v2.2.31. Previous versions of Pigeonhole
  will produce compile warnings with the recent Dovecot releases (but
  still work ok).
- Fixed bug in handling of implicit keep in some cases. Implicit
  side-effects, such as assigned flags, were not always applied
  correctly. This is in essence a very old bug, but it was exposed by
  recent changes.
- include extension: Fixed segfault that (sometimes) occurred when the
  global script location was left unconfigured.

The release is available as follows:

https://pigeonhole.dovecot.org/releases/2.2/dovecot-2.2-pigeonhole-0.4.19.tar.gz
https://pigeonhole.dovecot.org/releases/2.2/dovecot-2.2-pigeonhole-0.4.19.tar.gz.sig

Refer to http://pigeonhole.dovecot.org and the Dovecot v2.x wiki for
more information. Have fun testing this release and don't hesitate to
notify me when there are any problems.

Regards,

-- 
Stephan Bosch
step...@rename-it.nl

Re: localhost logins

[Daniel Miller]

On 2017-06-23 15:09, Marcus Rueckert wrote:

On Fri, 23 Jun 2017 11:38:28 -0700
Daniel Miller  wrote:


While auditing my logs after an account was compromised, I see a
number of entries like:

Jun 23 11:32:18 bubba dovecot: auth:
ldap("one-of-my-accounts",127.0.0.1): invalid credentials


webmail?


I thought that as well - because I do have a webmail service - but 
that's on a separate virtual server (admittedly, running on this host).  
So that shouldn't give me a localhost IP.  I also don't see anything in 
the webmail logs corresponding to the dovecot logs.


---
Daniel

[Dovecot-news] v2.2.31 released

[Timo Sirainen]

https://dovecot.org/releases/2.2/dovecot-2.2.31.tar.gz
https://dovecot.org/releases/2.2/dovecot-2.2.31.tar.gz.sig

This should be a great and stable release for the summer :) v2.2.32 is planned 
for the end of August. Hopefully soon afterwards we can get back to v2.3.

 * LMTP: Removed "(Dovecot)" from added Received headers. Some
   installations want to hide it, and there's not really any good reason
   for anyone to have it.

 + Add ssl_alt_cert and ssl_alt_key settings to add support for
   having both RSA and ECDSA certificates.
 + dsync/imapc, pop3-migration plugin: Strip trailing whitespace from
   headers when matching mails. This helps with migrations from Zimbra.
 + acl: Add acl_globals_only setting to disable looking up
   per-mailbox dovecot-acl files.
 + Parse invalid message addresses better. This mainly affects the
   generated IMAP ENVELOPE replies.
 - v2.2.30 wasn't fixing corrupted dovecot.index.cache files properly.
   It could have deleted wrong mail's cache or assert-crashed.
 - v2.2.30 mail-crypt-acl plugin was assert-crashing
 - v2.2.30 welcome plugin wasn't working
 - Various fixes to handling mailbox listing. Especially related to
   handling nonexistent autocreated/autosubscribed mailboxes and ACLs.
 - Global ACL file was parsed as if it was local ACL file. This caused
   some of the ACL rule interactions to not work exactly as intended.
 - auth: forward_* fields didn't work properly: Only the first forward
   field was working, and only if the first passdb lookup succeeded.
 - Using mail_sort_max_read_count sometimes caused "Broken sort-*
   indexes, resetting" errors.
 - Using mail_sort_max_read_count may have caused very high CPU usage.
 - Message address parsing could have crashed on invalid input.
 - imapc_features=fetch-headers wasn't always working correctly and
   caused the full header to be fetched.
 - imapc: Various bugfixes related to connection failure handling.
 - quota=imapc sent unnecessary FETCH RFC822.SIZE to server when
   expunging mails.
 - quota=count: quota_warning = -storage=.. was never executed
 - quota=count: Add support for "ns" parameter
 - dsync: Fix incremental syncing for mails that don't have Date or
   Message-ID headers.
 - imap: Fix hang when client sends pipelined SEARCH +
   EXPUNGE/CLOSE/LOGOUT.
 - oauth2: Token validation didn't accept empty server responses.
 - imap: NOTIFY command has been almost completely broken since the
   beginning. I guess nobody has been trying to use it.

___
Dovecot-news mailing list
Dovecot-news@dovecot.org
https://dovecot.org/mailman/listinfo/dovecot-news

v2.2.31 released

[Timo Sirainen]

https://dovecot.org/releases/2.2/dovecot-2.2.31.tar.gz
https://dovecot.org/releases/2.2/dovecot-2.2.31.tar.gz.sig

This should be a great and stable release for the summer :) v2.2.32 is planned 
for the end of August. Hopefully soon afterwards we can get back to v2.3.

 * LMTP: Removed "(Dovecot)" from added Received headers. Some
   installations want to hide it, and there's not really any good reason
   for anyone to have it.

 + Add ssl_alt_cert and ssl_alt_key settings to add support for
   having both RSA and ECDSA certificates.
 + dsync/imapc, pop3-migration plugin: Strip trailing whitespace from
   headers when matching mails. This helps with migrations from Zimbra.
 + acl: Add acl_globals_only setting to disable looking up
   per-mailbox dovecot-acl files.
 + Parse invalid message addresses better. This mainly affects the
   generated IMAP ENVELOPE replies.
 - v2.2.30 wasn't fixing corrupted dovecot.index.cache files properly.
   It could have deleted wrong mail's cache or assert-crashed.
 - v2.2.30 mail-crypt-acl plugin was assert-crashing
 - v2.2.30 welcome plugin wasn't working
 - Various fixes to handling mailbox listing. Especially related to
   handling nonexistent autocreated/autosubscribed mailboxes and ACLs.
 - Global ACL file was parsed as if it was local ACL file. This caused
   some of the ACL rule interactions to not work exactly as intended.
 - auth: forward_* fields didn't work properly: Only the first forward
   field was working, and only if the first passdb lookup succeeded.
 - Using mail_sort_max_read_count sometimes caused "Broken sort-*
   indexes, resetting" errors.
 - Using mail_sort_max_read_count may have caused very high CPU usage.
 - Message address parsing could have crashed on invalid input.
 - imapc_features=fetch-headers wasn't always working correctly and
   caused the full header to be fetched.
 - imapc: Various bugfixes related to connection failure handling.
 - quota=imapc sent unnecessary FETCH RFC822.SIZE to server when
   expunging mails.
 - quota=count: quota_warning = -storage=.. was never executed
 - quota=count: Add support for "ns" parameter
 - dsync: Fix incremental syncing for mails that don't have Date or
   Message-ID headers.
 - imap: Fix hang when client sends pipelined SEARCH +
   EXPUNGE/CLOSE/LOGOUT.
 - oauth2: Token validation didn't accept empty server responses.
 - imap: NOTIFY command has been almost completely broken since the
   beginning. I guess nobody has been trying to use it.

Re: acl shared maildir with virtual users

[Aki Tuomi]

Did you try closing & opening the tree in thunderbird's UI?


On 24.06.2017 01:11, Rich Simcox wrote:
> Can anyone point out where i'm going wrong with my dovecot sharedinbox setup 
> with ACL i'm contemplating giving up with dovecot alltogether i've spent 3 
> days trying different paths to the virtual users mailboxes
>
> I seem to have two issues
>
> my acls are getting written to my sql db fine
>
> in roundcube i can see the shared folder but cant subscribe to it
>
> in thunderbird if i go to namespaces it sees the shared. namespace but its 
> not listing anything in it even though my acls are written to the db
>
> please someone tell me what i'm missing i'm betting its something silly but 
> i've been over and over the wiki 
>
> here is my conf and below it an extract of my debug log
>

> i see this alot
>
> Debug: acl vfile: reading file 
> /home/server/mail/website2.com/sales/.ebay.Sent/dovecot-acl
>
> this is how my path currently looks in debug but i've tried all sorts
>
> Jun 23 22:32:47 ssd99 dovecot: imap(sa...@website2.com): Debug: Namespace : 
> type=shared, prefix=Shared.%u., sep=., inbox=no, hidden=no, list=yes, 
> subscriptions=no 
> location=maildir:%h/Maildir:INDEXPVT=~/mail/virtual/sa...@website2.com/shared/%u
>
> this is what my private namespace paths relate to
>
> Jun 23 22:32:47 ssd99 dovecot: imap(sa...@website2.com): Debug: Namespace 
> sent: type=private, prefix=sent, sep=., inbox=no, hidden=yes, list=no, 
> subscriptions=yes 
> location=virtual:/usr/local/cpanel/etc/dovecot/virtual/sent:INDEX=~/mail/virtual/sa...@website2.com
> Jun 23 22:32:47 ssd99 dovecot: imap(sa...@website2.com): Debug: fs: 
> root=/usr/local/cpanel/etc/dovecot/virtual/sent, 
> index=/home/server/mail/website2.com/sales/mail/virtual/sa...@website2.com, 
> indexpvt=, control=, inbox=, alt=
>
> please someone must know the answer

Those look ok.

Aki

Re: Limit IMAP/IMAPS listening IPs

[Nick Edwards]

This is why sane admins don't use the *EVIL* systemd

Thankfully there are still some modern distros that refuse to touch it.

Name sounds cute, the idea sounded OK, but the reality is, its a
_REDACTED_ useless pile of REDACTED REDACTED REDACTED



On Sun, Jun 25, 2017 at 3:59 AM, Dudi Goldenberg  wrote:

> Hello list.
>
> I am running dovecot v2.2.13 on debian 8.8;
>
> I tried to add a "address =" statement for only localhost and one private
> IP, but then I got a complaint from system:
>
> dovecot[20515]: Error: systemd listens on port 143, but it's not
> configured in Dovecot. Closing.
>
> What is the proper way to resolve this?
>
> TIA & Regards,
>
> Dudi
>

ACL problems on shared folder

[Thomas Robers]

Hello,

I've a Dovecot Server Version 2.2.30.2 running on CentOS 6.9
and there's a problem with acls on shared folder. We have
some mailboxes which are shared and used as a "group mailbox"
and also some user who share their inbox and only the inbox
when they are on holiday e.g..
When I set

"acl_defaults_from_inbox = yes"

it's not possible to restrict the access to only the inbox,
meaning that the user who wants to share only their inbox
have to share the whole mailbox. On the other hand when I set

"acl_defaults_from_inbox = no"

it is not possible to create a folder direct under the inbox
of a "group mailbox" and one gets a "permission denied" message.
Is this the normal behavior normal? Although the user who wants
to create the folder has all rights he gets a "permission denied"
message? Why? Am I missing something important? Does anyone who
uses shared mailboxes had the same problem and solved this?
Any suggestion or information, that I probably miss is welcome.

If needed here's my Dovecot configuration:


> # 2.2.30.2 (c0c463e): /etc/dovecot/dovecot.conf
> # Pigeonhole version 0.4.18 (29cc74d)
> # OS: Linux 2.6.32-696.3.1.el6.x86_64 x86_64 CentOS release 6.9 (Final) ext4
> auth_debug = yes
> auth_master_user_separator = *
> auth_mechanisms = plain login
> auth_verbose = yes
> disable_plaintext_auth = no
> mail_debug = yes
> mail_location = maildir:/export/home/imap/%Lu/Maildir
> mail_plugins = acl zlib mail_log notify
> mailbox_idle_check_interval = 10 secs
> mailbox_list_index = yes
> managesieve_notify_capability = mailto
> managesieve_sieve_capability = fileinto reject envelope encoded-character 
> vacation subaddress comparator-i;ascii-numeric relational regex imap4flags 
> copy include variables body enotify environment mailbox date index ihave 
> duplicate mime foreverypart extracttext
> mbox_write_locks = fcntl
> namespace {
>   hidden = no
>   ignore_on_failure = no
>   inbox = no
>   list = children
>   location = maildir:%%h/Maildir:INDEXPVT=%h/shared/%%u
>   prefix = shared/%%u/
>   separator = /
>   subscriptions = yes
>   type = shared
> }
> namespace inbox {
>   hidden = no
>   inbox = yes
>   list = yes
>   location = 
>   mailbox Drafts {
> special_use = \Drafts
>   }
>   mailbox Junk {
> special_use = \Junk
>   }
>   mailbox Sent {
> special_use = \Sent
>   }
>   mailbox "Sent Messages" {
> special_use = \Sent
>   }
>   mailbox Trash {
> special_use = \Trash
>   }
>   prefix = INBOX/
>   separator = /
>   type = private
> }
> passdb {
>   args = /etc/dovecot/master-users
>   driver = passwd-file
>   master = yes
> }
> passdb {
>   args = /etc/dovecot/dovecot-ldap.conf.ext
>   driver = ldap
> }
> plugin {
>   acl = vfile:/etc/dovecot/global-acls:cache_secs=300
>   acl_shared_dict = file:/export/home/shared-db/shared-mailboxes
>   mail_log_events = append delete undelete expunge copy mailbox_delete 
> mailbox_rename flag_change
>   mail_log_fields = uid box msgid size from flags
>   sieve = ~/.dovecot.sieve
>   sieve_dir = ~/sieve
>   sieve_global = /var/lib/dovecot/sieve/global/
>   sieve_user_log = ~/.dovecot.sieve.log
>   zlib_save = gz
>   zlib_save_level = 6
> }
> protocols = imap pop3 lmtp sieve
> service auth {
>   unix_listener /var/spool/postfix/private/auth {
> mode = 0666
>   }
>   unix_listener auth-userdb {
> group = vmail
> mode = 0660
> user = vmail
>   }
> }
> service imap-login {
>   process_limit = 500
>   process_min_avail = 20
> }
> service lmtp {
>   inet_listener lmtp {
> address = 127.0.0.1
> port = 24
>   }
> }
> service managesieve-login {
>   inet_listener sieve {
> port = 4190
>   }
>   inet_listener sieve_deprecated {
> port = 2000
>   }
> }
> ssl = required
> ssl_cert =  ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL:!EXPORT
> ssl_key =  # hidden, use -P to show it
> ssl_protocols = !SSLv3 !SSLv2
> syslog_facility = local6
> userdb {
>   args = /etc/dovecot/dovecot-ldap-userdb.conf.ext
>   driver = ldap
> }
> protocol lmtp {
>   mail_plugins = acl zlib mail_log notify sieve
> }
> protocol imap {
>   mail_max_userip_connections = 100
>   mail_plugins = acl zlib mail_log notify imap_zlib imap_acl
> }


TIA & Regards,
Thomas