Re: Postlogin script
"j.emerlik" writes:
I would like to prepare postlogin a script that allow imap connection to
roundcube for all but restrict imap access for selected users.
"from" roundcube?
Is possible in condition IF use IP addresses as range or with mask (because
I've more than one web servers) ?
Of course -- many ways to skin this cat.
If you have only a handful of IPs
case "$IP" in
12.34.56.78) exec "$@";;
23.45.67.89) exec "$@";;
...
esac
If you have CIDR that align neatly on octet boundaries
case "$IP" in
12.34.56.*) exec "$@";;
23.45.67.*) exec "$@";;
...
esac
The toughest situation (using script techniques) is for
CIDR ranges just shy of a full octet boundary e.g. /25. You can use
"cut -d .", "IFS=." or "expr" to break the IP into octets,
then test the components. e.g. 12.34.56.0/25
# Example 1
PART1=`echo $IP | cut -d. -f1,2,3`
PART2=`echo $IP | cut -d. -f4`
[ "$PART1" = "12.34.56" -a "$PART2" -ge 0 -a "$PART2" -le 127 ] && exec
"$@"
# Example 2
PART2=`expr "$IP" : '.*\.\([0-9]*\)'
expr "$IP" : "12.34.56." && [ "$PART2" -ge 0 -a "$PART2" -le 127 ] && exec
"$@"
# Example 3 (dodgy, I haven't fully thought this through)
`echo "$IP" | { IFS=. read a b c PART2; [ "$a.$b.$c" = "12.34.56" -a "$PART2" -ge 0 -a
"$PART2" -le 127 ] && echo "exec $@"; }`
If you have a busy IMAP server, you'll probably want to use Aki's passdb
solution instead, rather than incurring the execution overhead for each
and every authentication.
Joseph Tam
Replication oddities - different sizes between replicated nodes
Dear Dovecot community,
As discussing on IRC with Aki, I have the following thing happening:
I got an alert from my mailservice last night that I was running over quota. My
quota reached almost 91% (coming from 30%) in one day.
I do not recall receiving so much email (we talk about multiple gb’s additional
space usage), so something was acting up.
When I logged into my mailservers (I’ll describe my setup later on), it
mentioned that my FreeBSD mailbox was reaching 12gb of space usage.
While the seeming replicated machine (named A) only had 100mb of space in use
(which, with the amount of messages in the various mailboxes
is consistent with what I would expect).
I found out that the “Junk” mailbox was the ‘major' issue. I vaporized the
replicated (12GB) mailbox and issued a ‘doveadm sync -u $user -N -U tcps:hostB`
so that I would expect the hostB to reach around 100mb-ish of email. I let it
go for a little and saw that the mail was done. When I issued a simple ‘df -h’
on
the directory, it was already multiple 100mb’s large and growing. It grew back
to multiple GB in little time. Again the Junk mailbox was the culprit. In the
mean
time I noticed my mailclient downloading 44k mails in that mailbox (where there
were only a few in the Junk mailbox normally).
I again vaporized the entire mailbox on hostB and cleaned out Junk and issued a
manual synchronisation. It again grew quickly.
Aki did an investigation with me and noticed that my rspamc script was not very
well written. I rewrote it as suggested (As written on the site).
This morning I continued with the investigation and it was again large on hostB
where it was still 100mb-ish on hostA. I vaporized host B again and
issued the manual sync with -Dv included per request of Aki. After letting it
run for a little hostA grew to 300mb and hostB restarted to reach 1.2GB and
remained static there. After half an hour or so the mailbox on hostA grew to
900mb and stayed there.
I investigated the mailboxes and saw 8 times the same email. Cleaning them up
with doveadm deduplicate -u $user mailbox ‘*’ made sure a lot of email
was cut from both hosts. I am now in the state where:
hostA: 268MB
hostB: 579MB
Both are for the same mailbox (I suspect that other mailboxes have similiar
issues).
When I look at the amount of messages counted by Apple Mail in the particular
mailbox I see 1399 emails. The amount of ‘u’ files is 14722 on hostA and 23590
on hostB.
I do not understand the difference from my mail client and the amount of u
files.
from mutt: Mutt: =mailbox [Msgs:1415 New:1 Flag:1 24M]-, which is roughly the
same as Apple mail reports.
I am a bit lost on where to look next, I would suspect that the synchronised
mailboxes would be similar in size, but not the one 2 as large, or before that
it grew and grew
and grew.
My personal feeling is that the sync takes place, but somehow it is not
registering that a message had been synchronised and does that again, and
again, and again till
the message gets synchronised right and the acknowledge is received and it
stays the same. That would at least support the 8times the same email that I
saw at first
and might also support the roughly double as big size of the other host (one
sync goes wrong, the next sync went right and got acked). At the bottom I also
referenced
two previous emails of mine which report similar oddities. Messages that were
removed on hostA got back within seconds as “new message” . My feeling there is
that
the hostB has the ‘failed sync copy with a different uid/guid’ and tells hostA
that there is a new message and sends it over.
My doveconf -n for hostA (hostB follows), I did sanitize a bit wrt. IP
addresses and hostnames:
2.2.33.2 (d6601f4ec): /usr/local/etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.21 (92477967)
# OS: FreeBSD 11.1-RELEASE amd64
auth_mechanisms = plain login
disable_plaintext_auth = no
doveadm_password = # hidden, use -P to show it
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
lmtp_save_to_detail_mailbox = yes
login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c %k
mail_debug = yes
mail_fsync = always
mail_location = sdbox:~/sdbox
mail_plugins = " quota notify replication"
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy
include variables body enotify environment mailbox date index ihave duplicate
mime foreverypart extracttext imapsieve vnd.dovecot.imapsieve
namespace {
inbox = yes
location =
mailbox Drafts {
auto = subscribe
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
auto = subscribe
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Spam {
auto = subscribe
special_use = \Junk
}
mailbox Trash {
auto = subscribe
special_use = \Trash
Re: rawlog segfaults (error 4 in libdovecot.so.0.0.0)
Am 10.11.2017 um 11:19 schrieb Aki Tuomi:
rawlog files are plain text, readable files. you do not need to dump
them with doveadm.
but the file command says
> file 20171110-101523-29744.in
> 20171110-101523-29744.in: data
and less [...] may be a binary file. See it anyway? [...]
When i do doveadm dump 20171110-101523-29744.in i get
Detected file type: imapzlib
2 COMPRESS DEFLATE
3 ID ("name" "Thunderbird" "version" "52.4.0")
4 list (subscribed) "" "INBOX/*"
5 list (subscribed) "" "shared/*"
Error: zlib.read((file)): unexpected EOF at 137
can you get gdb "bt full" for the core file?
gdb /usr/libexec/dovecot/rawlog /var/core/12802
GNU gdb (GDB) Red Hat Enterprise Linux (7.2-92.el6)
Copyright (C) 2010 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/libexec/dovecot/rawlog...(no debugging symbols
found)...done.
[New Thread 12802]
Reading symbols from /usr/lib64/dovecot/libdovecot.so.0...done.
Loaded symbols for /usr/lib64/dovecot/libdovecot.so.0
Reading symbols from /lib64/libc.so.6...(no debugging symbols found)...done.
Loaded symbols for /lib64/libc.so.6
Reading symbols from /lib64/libdl.so.2...(no debugging symbols found)...done.
Loaded symbols for /lib64/libdl.so.2
Reading symbols from /lib64/librt.so.1...(no debugging symbols found)...done.
Loaded symbols for /lib64/librt.so.1
Reading symbols from /lib64/ld-linux-x86-64.so.2...(no debugging symbols
found)...done.
Loaded symbols for /lib64/ld-linux-x86-64.so.2
Reading symbols from /lib64/libpthread.so.0...(no debugging symbols
found)...done.
[Thread debugging using libthread_db enabled]
Loaded symbols for /lib64/libpthread.so.0
Core was generated by `/usr/libexec/dovecot/rawlog [rob...@tutech.de:12801
rawlog] ���'.
Program terminated with signal 11, Segmentation fault.
#0 o_stream_flush (stream=0x0) at ostream.c:175
175 ostream.c: Datei oder Verzeichnis nicht gefunden.
in ostream.c
Missing separate debuginfos, use: debuginfo-install
dovecot22-2.2.33.2-1.gf.el6.x86_64
(gdb) bt full
#0 o_stream_flush (stream=0x0) at ostream.c:175
_stream =
ret =
__FUNCTION__ = "o_stream_flush"
#1 0x00401c35 in proxy_flush_timeout ()
No symbol table info available.
#2 0x7fbed5387e0a in io_loop_handle_timeouts_real (ioloop=0x1bef760) at
ioloop.c:568
timeout = 0x1bf0a80
item = 0x1bf0a80
tv = {tv_sec = 0, tv_usec = 0}
tv_call = {tv_sec = 1510312817, tv_usec = 931447}
t_id = 3
#3 io_loop_handle_timeouts (ioloop=0x1bef760) at ioloop.c:581
_data_stack_cur_id = 2
#4 0x7fbed5389357 in io_loop_handler_run_internal (ioloop=0x1bef760) at
ioloop-epoll.c:196
ctx = 0x1befbf0
events =
event =
list =
io =
tv = {tv_sec = 0, tv_usec = 991646}
events_count =
msecs =
ret = 0
i =
call =
__FUNCTION__ = "io_loop_handler_run_internal"
#5 0x7fbed53877ac in io_loop_handler_run (ioloop=0x1bef760) at
ioloop.c:649
No locals.
#6 0x7fbed5387968 in io_loop_run (ioloop=0x1bef760) at ioloop.c:624
__FUNCTION__ = "io_loop_run"
#7 0x00402896 in main ()
No symbol table info available.
Do i need to install the debuginfo packet?
Aki
Thanks
Thomas
On 10.11.2017 11:35, T. Robers wrote:
Hello everybody,
i tried to debug imap sessions with the rawlog feature and rawlog
creates files but when i try to dump them doveadm tells me
[...] Error: zlib.read((file)): unexpected EOF at [...].
I looked at syslog files and i see, that rawlog gets
terminated with a segfault, e.g.:
segfault at 10 ip 7ff6da362596 sp 7fffe725a080 error 4 in
libdovecot.so.0.0.0[7ff6da2a4000+122000]
Is there a way to debug why rawlog ist terminated? I haven't found
anything.I would be very thankful, if somebody could give a hint.
My system is:
# 2.2.33.2 (d6601f4ec): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.21 (92477967)
# OS: Linux 2.6.32-696.3.1.el6.x86_64 x86_64 CentOS release 6.9
(Final) ext4
auth_debug = yes
auth_debug_passwords = yes
auth_master_user_separator = *
auth_mechanisms = plain login
auth_verbose = yes
disable_plaintext_auth = no
imap_max_line_length = 2 M
mail_debug = yes
mail_location = maildir:/export/home/imap/%Lu/Maildir
mail_plugins = acl zlib mai
Re: Sieve global path?
Alex, that's good to know. The defaults for Fedora: [0:root@elmo squid]$ doveconf | grep maildir_stat_dirs maildir_stat_dirs = no [0:root@elmo squid]$ grep maildir_stat_dirs /etc/dovecot/conf.d/* /etc/dovecot/conf.d/10-mail.conf:#maildir_stat_dirs = no I haven't overridden it. All my changes are in /etc/dovecot/conf.d/99-mystuff.conf except for 10-ssl.conf where I commented out ssl_cert & ssl_key. Like I said, I'm not having a problem with anything unwanted showing up: [0:root@elmo squid]$ ls /home/bill/Maildir/ cur dovecot.index.log.2 dovecot.list.index.log dovecot.svbin maildir.dovecot.purge.conf shared-maildirs dovecot.index dovecot.index.thread dovecot.list.index.log.2 dovecot-uidlist maildir.purge.conf.bak sieve dovecot.index.cache dovecot-keywords dovecot.mailbox.log dovecot-uidvalidity new subscriptions dovecot.index.log dovecot.list.index dovecot.sieve dovecot-uidvalidity.50841ad2 shared-folders tmp Bill On 11/10/2017 6:06 AM, Alex JOST wrote: Am 10.11.2017 um 11:57 schrieb Bill Shirley: I just checked with Thunderbird, SquirrelMail, and Roundcube. The sieve directory is not in the overview. dovecot is highly configurable. Ya think I may have configured mine where this is not a problem? I have 9+ mail servers running this way. Do you have 'maildir_stat_dirs=yes'? Without it non-mailbox files may show up as mailboxes. See: https://wiki.dovecot.org/VirtualUsers/Home#Home_vs._mail_directory
Re: Postlogin script
You could also have used allow_nets passdb field. https://wiki2.dovecot.org/PasswordDatabase/ExtraFields Aki On 10.11.2017 12:45, j.emerlik wrote: > Thx, prips works as I expected, gr8 tool, not available in Gentoo repository > but after compilation Dovecot doing what I wanted. > Regards, > Jack > > 2017-11-09 21:19 GMT+01:00 Gedalya : > >> A bit clunky but perhaps you could find another command. >> >> https://packages.debian.org/stretch/netmask >> >> $ IP=172.11.0.28 >> $ if [ "$(netmask -n $IP/24)" == " 172.11.0.0/24" ]; then echo OK; fi >> OK >> $ IP=172.12.0.11 >> $ if [ "$(netmask -n $IP/24)" == " 172.11.0.0/24" ]; then echo OK; fi >> $ >> >> Range: >> >> https://packages.debian.org/stretch/prips >> >> $ IP=172.11.0.28 >> $ if prips 172.11.0.11 172.11.0.55 | grep $IP; then echo OK; fi >> 172.11.0.28 >> OK >> $ IP=172.11.0.66 >> $ if prips 172.11.0.11 172.11.0.55 | grep $IP; then echo OK; fi >> >> >> On 11/09/2017 11:12 AM, j.emerlik wrote: >>> Hi, >>> I would like to prepare postlogin a script that allow imap connection to >>> roundcube for all but restrict imap access for selected users. >>> >>> My question is that: >>> >>> Is possible in condition IF use IP addresses as range or with mask >> (because >>> I've more than one web servers) ? >>> >>> My script: >>> >>> #!/bin/sh >>> if [ "$IP" = "172.11.0.28" ] ; then >>> printf "* [ALERT] Access allowed from that IP\r\n" >>> exec "$@" >>> fi >>> >>> CHECK_USER=`PGPASSWORD="somepass" /usr/local/pg950/bin/psql -q -t -U >>> someuser -d maildb -c "select imap_allowed from __users where name = >>> '$USER' LIMIT 1"` >>> >>> if [ $CHECK_USER == "f" ] ; then >>> exit 0 >>> fi >>> >>> if [ $CHECK_USER == "t" ] ; then >>> exec "$@" >>> fi >>> >>> Regards, >>> Jack >> >>
Re: Sieve global path?
Am 10.11.2017 um 11:57 schrieb Bill Shirley: I just checked with Thunderbird, SquirrelMail, and Roundcube. The sieve directory is not in the overview. dovecot is highly configurable. Ya think I may have configured mine where this is not a problem? I have 9+ mail servers running this way. Do you have 'maildir_stat_dirs=yes'? Without it non-mailbox files may show up as mailboxes. See: https://wiki.dovecot.org/VirtualUsers/Home#Home_vs._mail_directory -- Alex JOST
Re: Sieve global path?
I just checked with Thunderbird, SquirrelMail, and Roundcube. The sieve
directory is not
in the overview.
dovecot is highly configurable. Ya think I may have configured mine where
this is not a problem? I have 9+ mail servers running this way.
Bill
On 11/10/2017 4:56 AM, Tamsy wrote:
Stephan von Krawczynski wrote on 10.11.2017 16:35:
On Fri, 10 Nov 2017 03:41:20 -0500
Bill Shirley wrote:
No it isn't shown as a folder. All folder directories here begin with a dot.
i.e. .INBOX .Trash .Drafts
Bill
No, they don't. me thought that, too. But using the rainloop webmail interface
on top of such a config showed the sieve folder in the overview. Sometimes you
can even see a "dovecot" folder, which also disappears when sieve is outside.
--
Regards,
Stephan
On 11/10/2017 3:07 AM, Stephan von Krawczynski wrote:
On Thu, 9 Nov 2017 21:02:44 -0500
Bill Shirley wrote:
Set the sieve_global_dir like this.
/etc/dovecot/conf.d/99-mystuff.conf:
.
.
plugin {
sieve = ~/Maildir/dovecot.sieve
sieve_dir = ~/Maildir/sieve
sieve_global_dir = /etc/dovecot/sieve/global/
sieve_before = /etc/dovecot/sieve/before.d/
# sieve_before2 =
# sieve_before3 =
sieve_after = /etc/dovecot/sieve/after.d/
# sieve_after2 =
# sieve_after3 =
fts = lucene
fts_lucene = whitespace_chars=@.
}
Permissions:
drwxr-xr-x. 174 root root system_u:object_r:etc_t:s0 12288 Nov 9
11:43 /etc drwxr-xr-x. 4 root root system_u:object_r:dovecot_etc_t:s0
95 Apr 28 2016 /etc/dovecot drwxr-xr-x. 5 root root
system_u:object_r:dovecot_etc_t:s0 64 Jul 13 2015 /etc/dovecot/sieve
drwxr-xr-x. 2 root root system_u:object_r:dovecot_etc_t:s0 10 Jul 13
2015 /etc/dovecot/sieve/global
Since this directory is read-only to all but root, pre-complie your
scripts with 'sievec'.
Bill
... And don't follow this example setting sieve_dir inside your maildirs.
This will lead to the dir being shown as imap folder which you don't want.
Simply put out it outside and everything is fine.
Excactly the same happens with Roundcube (at least v.1.2): The Sieve folder
shows up in the Folder View.
Re: Postlogin script
Thx, prips works as I expected, gr8 tool, not available in Gentoo repository but after compilation Dovecot doing what I wanted. Regards, Jack 2017-11-09 21:19 GMT+01:00 Gedalya : > A bit clunky but perhaps you could find another command. > > https://packages.debian.org/stretch/netmask > > $ IP=172.11.0.28 > $ if [ "$(netmask -n $IP/24)" == " 172.11.0.0/24" ]; then echo OK; fi > OK > $ IP=172.12.0.11 > $ if [ "$(netmask -n $IP/24)" == " 172.11.0.0/24" ]; then echo OK; fi > $ > > Range: > > https://packages.debian.org/stretch/prips > > $ IP=172.11.0.28 > $ if prips 172.11.0.11 172.11.0.55 | grep $IP; then echo OK; fi > 172.11.0.28 > OK > $ IP=172.11.0.66 > $ if prips 172.11.0.11 172.11.0.55 | grep $IP; then echo OK; fi > > > On 11/09/2017 11:12 AM, j.emerlik wrote: > > Hi, > > I would like to prepare postlogin a script that allow imap connection to > > roundcube for all but restrict imap access for selected users. > > > > My question is that: > > > > Is possible in condition IF use IP addresses as range or with mask > (because > > I've more than one web servers) ? > > > > My script: > > > > #!/bin/sh > > if [ "$IP" = "172.11.0.28" ] ; then > > printf "* [ALERT] Access allowed from that IP\r\n" > > exec "$@" > > fi > > > > CHECK_USER=`PGPASSWORD="somepass" /usr/local/pg950/bin/psql -q -t -U > > someuser -d maildb -c "select imap_allowed from __users where name = > > '$USER' LIMIT 1"` > > > > if [ $CHECK_USER == "f" ] ; then > > exit 0 > > fi > > > > if [ $CHECK_USER == "t" ] ; then > > exec "$@" > > fi > > > > Regards, > > Jack > > >
Re: rawlog segfaults (error 4 in libdovecot.so.0.0.0)
rawlog files are plain text, readable files. you do not need to dump
them with doveadm. can you get gdb "bt full" for the core file?
Aki
On 10.11.2017 11:35, T. Robers wrote:
> Hello everybody,
>
> i tried to debug imap sessions with the rawlog feature and rawlog
> creates files but when i try to dump them doveadm tells me
> [...] Error: zlib.read((file)): unexpected EOF at [...].
> I looked at syslog files and i see, that rawlog gets
> terminated with a segfault, e.g.:
>
> segfault at 10 ip 7ff6da362596 sp 7fffe725a080 error 4 in
> libdovecot.so.0.0.0[7ff6da2a4000+122000]
>
> Is there a way to debug why rawlog ist terminated? I haven't found
> anything.I would be very thankful, if somebody could give a hint.
>
> My system is:
>
> # 2.2.33.2 (d6601f4ec): /etc/dovecot/dovecot.conf
> # Pigeonhole version 0.4.21 (92477967)
> # OS: Linux 2.6.32-696.3.1.el6.x86_64 x86_64 CentOS release 6.9
> (Final) ext4
> auth_debug = yes
> auth_debug_passwords = yes
> auth_master_user_separator = *
> auth_mechanisms = plain login
> auth_verbose = yes
> disable_plaintext_auth = no
> imap_max_line_length = 2 M
> mail_debug = yes
> mail_location = maildir:/export/home/imap/%Lu/Maildir
> mail_plugins = acl zlib mail_log notify
> mailbox_idle_check_interval = 10 secs
> mailbox_list_index = yes
> managesieve_notify_capability = mailto
> managesieve_sieve_capability = fileinto reject envelope
> encoded-character vacation subaddress comparator-i;ascii-numeric
> relational regex imap4flags copy include variables body enotify
> environment mailbox date index ihave duplicate mime foreverypart
> extracttext
> namespace {
> hidden = no
> ignore_on_failure = no
> inbox = no
> list = children
> location = maildir:%%h/Maildir:INDEXPVT=%h/shared/%%u
> prefix = shared/%%u/
> separator = /
> subscriptions = yes
> type = shared
> }
> namespace inbox {
> hidden = no
> inbox = yes
> list = yes
> location =
> mailbox Drafts {
> special_use = \Drafts
> }
> mailbox Junk {
> special_use = \Junk
> }
> mailbox Sent {
> special_use = \Sent
> }
> mailbox "Sent Messages" {
> special_use = \Sent
> }
> mailbox Trash {
> special_use = \Trash
> }
> prefix = INBOX/
> separator = /
> type = private
> }
> passdb {
> args = /etc/dovecot/dovecot-ldap.conf.ext
> driver = ldap
> }
> plugin {
> acl = vfile:/etc/dovecot/global-acls:cache_secs=300
> acl_shared_dict = file:/export/home/shared-db/shared-mailboxes
> mail_log_events = append delete undelete expunge copy mailbox_delete
> mailbox_rename flag_change
> mail_log_fields = uid box msgid size from flags
> sieve = ~/.dovecot.sieve
> sieve_dir = ~/sieve
> sieve_global = /var/lib/dovecot/sieve/global/
> sieve_user_log = ~/.dovecot.sieve.log
> zlib_save = gz
> zlib_save_level = 6
> }
> protocols = imap pop3 lmtp sieve
> service auth {
> unix_listener /var/spool/postfix/private/auth {
> mode = 0666
> }
> unix_listener auth-userdb {
> group = vmail
> mode = 0660
> user = vmail
> }
> }
> service imap-login {
> inet_listener imap {
> port = 143
> }
> inet_listener imaps {
> port = 993
> ssl = yes
> }
> process_limit = 500
> process_min_avail = 20
> }
> service imap {
> executable = imap postlogin
> }
> service lmtp {
> inet_listener lmtp {
> address = 127.0.0.1
> port = 24
> }
> }
>
> service managesieve-login {
> inet_listener sieve {
> port = 4190
> }
> inet_listener sieve_deprecated {
> port = 2000
> }
> }
> service pop3-login {
> inet_listener pop3s {
> port = 995
> ssl = yes
> }
> }
> service pop3 {
> executable = pop3 postlogin
> }
> service postlogin {
> executable = script-login -d rawlog -f in
> }
> ssl = required
> ssl_cert = ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL:!EXPORT
> ssl_key = # hidden, use -P to show it
> ssl_protocols = !SSLv3 !SSLv2
> syslog_facility = local6
> userdb {
> args = /etc/dovecot/dovecot-ldap-userdb.conf.ext
> driver = ldap
> }
> protocol lmtp {
> mail_plugins = acl zlib mail_log notify sieve
> }
> protocol imap {
> mail_max_userip_connections = 100
> mail_plugins = acl zlib mail_log notify imap_zlib imap_acl
> rawlog_dir = /tmp/rawlog/%u
> }
>
>
> Tia
> Thomas
Re: Sieve global path?
Stephan von Krawczynski wrote on 10.11.2017 16:35:
On Fri, 10 Nov 2017 03:41:20 -0500
Bill Shirley wrote:
No it isn't shown as a folder. All folder directories here begin with a dot.
i.e. .INBOX .Trash .Drafts
Bill
No, they don't. me thought that, too. But using the rainloop webmail interface
on top of such a config showed the sieve folder in the overview. Sometimes you
can even see a "dovecot" folder, which also disappears when sieve is outside.
--
Regards,
Stephan
On 11/10/2017 3:07 AM, Stephan von Krawczynski wrote:
On Thu, 9 Nov 2017 21:02:44 -0500
Bill Shirley wrote:
Set the sieve_global_dir like this.
/etc/dovecot/conf.d/99-mystuff.conf:
.
.
plugin {
sieve = ~/Maildir/dovecot.sieve
sieve_dir = ~/Maildir/sieve
sieve_global_dir = /etc/dovecot/sieve/global/
sieve_before = /etc/dovecot/sieve/before.d/
# sieve_before2 =
# sieve_before3 =
sieve_after = /etc/dovecot/sieve/after.d/
# sieve_after2 =
# sieve_after3 =
fts = lucene
fts_lucene = whitespace_chars=@.
}
Permissions:
drwxr-xr-x. 174 root root system_u:object_r:etc_t:s0 12288 Nov 9
11:43 /etc drwxr-xr-x. 4 root root system_u:object_r:dovecot_etc_t:s0
95 Apr 28 2016 /etc/dovecot drwxr-xr-x. 5 root root
system_u:object_r:dovecot_etc_t:s0 64 Jul 13 2015 /etc/dovecot/sieve
drwxr-xr-x. 2 root root system_u:object_r:dovecot_etc_t:s0 10 Jul 13
2015 /etc/dovecot/sieve/global
Since this directory is read-only to all but root, pre-complie your
scripts with 'sievec'.
Bill
... And don't follow this example setting sieve_dir inside your maildirs.
This will lead to the dir being shown as imap folder which you don't want.
Simply put out it outside and everything is fine.
Excactly the same happens with Roundcube (at least v.1.2): The Sieve
folder shows up in the Folder View.
Re: Sieve global path?
On Fri, 10 Nov 2017 03:41:20 -0500
Bill Shirley wrote:
> No it isn't shown as a folder. All folder directories here begin with a dot.
> i.e. .INBOX .Trash .Drafts
>
> Bill
No, they don't. me thought that, too. But using the rainloop webmail interface
on top of such a config showed the sieve folder in the overview. Sometimes you
can even see a "dovecot" folder, which also disappears when sieve is outside.
--
Regards,
Stephan
>
> On 11/10/2017 3:07 AM, Stephan von Krawczynski wrote:
> > On Thu, 9 Nov 2017 21:02:44 -0500
> > Bill Shirley wrote:
> >
> >> Set the sieve_global_dir like this.
> >> /etc/dovecot/conf.d/99-mystuff.conf:
> >> .
> >> .
> >> plugin {
> >> sieve = ~/Maildir/dovecot.sieve
> >> sieve_dir = ~/Maildir/sieve
> >> sieve_global_dir = /etc/dovecot/sieve/global/
> >> sieve_before = /etc/dovecot/sieve/before.d/
> >> # sieve_before2 =
> >> # sieve_before3 =
> >> sieve_after = /etc/dovecot/sieve/after.d/
> >> # sieve_after2 =
> >> # sieve_after3 =
> >>
> >> fts = lucene
> >> fts_lucene = whitespace_chars=@.
> >> }
> >>
> >> Permissions:
> >> drwxr-xr-x. 174 root root system_u:object_r:etc_t:s0 12288 Nov 9
> >> 11:43 /etc drwxr-xr-x. 4 root root system_u:object_r:dovecot_etc_t:s0
> >> 95 Apr 28 2016 /etc/dovecot drwxr-xr-x. 5 root root
> >> system_u:object_r:dovecot_etc_t:s0 64 Jul 13 2015 /etc/dovecot/sieve
> >> drwxr-xr-x. 2 root root system_u:object_r:dovecot_etc_t:s0 10 Jul 13
> >> 2015 /etc/dovecot/sieve/global
> >>
> >> Since this directory is read-only to all but root, pre-complie your
> >> scripts with 'sievec'.
> >>
> >> Bill
> > ... And don't follow this example setting sieve_dir inside your maildirs.
> > This will lead to the dir being shown as imap folder which you don't want.
> > Simply put out it outside and everything is fine.
> >
rawlog segfaults (error 4 in libdovecot.so.0.0.0)
Hello everybody,
i tried to debug imap sessions with the rawlog feature and rawlog
creates files but when i try to dump them doveadm tells me
[...] Error: zlib.read((file)): unexpected EOF at [...].
I looked at syslog files and i see, that rawlog gets
terminated with a segfault, e.g.:
segfault at 10 ip 7ff6da362596 sp 7fffe725a080 error 4 in
libdovecot.so.0.0.0[7ff6da2a4000+122000]
Is there a way to debug why rawlog ist terminated? I haven't found
anything.I would be very thankful, if somebody could give a hint.
My system is:
# 2.2.33.2 (d6601f4ec): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.21 (92477967)
# OS: Linux 2.6.32-696.3.1.el6.x86_64 x86_64 CentOS release 6.9 (Final) ext4
auth_debug = yes
auth_debug_passwords = yes
auth_master_user_separator = *
auth_mechanisms = plain login
auth_verbose = yes
disable_plaintext_auth = no
imap_max_line_length = 2 M
mail_debug = yes
mail_location = maildir:/export/home/imap/%Lu/Maildir
mail_plugins = acl zlib mail_log notify
mailbox_idle_check_interval = 10 secs
mailbox_list_index = yes
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress
comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify
environment mailbox date index ihave duplicate mime foreverypart extracttext
namespace {
hidden = no
ignore_on_failure = no
inbox = no
list = children
location = maildir:%%h/Maildir:INDEXPVT=%h/shared/%%u
prefix = shared/%%u/
separator = /
subscriptions = yes
type = shared
}
namespace inbox {
hidden = no
inbox = yes
list = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix = INBOX/
separator = /
type = private
}
passdb {
args = /etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
plugin {
acl = vfile:/etc/dovecot/global-acls:cache_secs=300
acl_shared_dict = file:/export/home/shared-db/shared-mailboxes
mail_log_events = append delete undelete expunge copy mailbox_delete
mailbox_rename flag_change
mail_log_fields = uid box msgid size from flags
sieve = ~/.dovecot.sieve
sieve_dir = ~/sieve
sieve_global = /var/lib/dovecot/sieve/global/
sieve_user_log = ~/.dovecot.sieve.log
zlib_save = gz
zlib_save_level = 6
}
protocols = imap pop3 lmtp sieve
service auth {
unix_listener /var/spool/postfix/private/auth {
mode = 0666
}
unix_listener auth-userdb {
group = vmail
mode = 0660
user = vmail
}
}
service imap-login {
inet_listener imap {
port = 143
}
inet_listener imaps {
port = 993
ssl = yes
}
process_limit = 500
process_min_avail = 20
}
service imap {
executable = imap postlogin
}
service lmtp {
inet_listener lmtp {
address = 127.0.0.1
port = 24
}
}
service managesieve-login {
inet_listener sieve {
port = 4190
}
inet_listener sieve_deprecated {
port = 2000
}
}
service pop3-login {
inet_listener pop3s {
port = 995
ssl = yes
}
}
service pop3 {
executable = pop3 postlogin
}
service postlogin {
executable = script-login -d rawlog -f in
}
ssl = required
ssl_cert =
Re: Sieve global path?
No it isn't shown as a folder. All folder directories here begin with a dot.
i.e. .INBOX .Trash .Drafts
Bill
On 11/10/2017 3:07 AM, Stephan von Krawczynski wrote:
On Thu, 9 Nov 2017 21:02:44 -0500
Bill Shirley wrote:
Set the sieve_global_dir like this.
/etc/dovecot/conf.d/99-mystuff.conf:
.
.
plugin {
sieve = ~/Maildir/dovecot.sieve
sieve_dir = ~/Maildir/sieve
sieve_global_dir = /etc/dovecot/sieve/global/
sieve_before = /etc/dovecot/sieve/before.d/
# sieve_before2 =
# sieve_before3 =
sieve_after = /etc/dovecot/sieve/after.d/
# sieve_after2 =
# sieve_after3 =
fts = lucene
fts_lucene = whitespace_chars=@.
}
Permissions:
drwxr-xr-x. 174 root root system_u:object_r:etc_t:s0 12288 Nov 9
11:43 /etc drwxr-xr-x. 4 root root system_u:object_r:dovecot_etc_t:s0
95 Apr 28 2016 /etc/dovecot drwxr-xr-x. 5 root root
system_u:object_r:dovecot_etc_t:s0 64 Jul 13 2015 /etc/dovecot/sieve
drwxr-xr-x. 2 root root system_u:object_r:dovecot_etc_t:s0 10 Jul 13
2015 /etc/dovecot/sieve/global
Since this directory is read-only to all but root, pre-complie your scripts
with 'sievec'.
Bill
... And don't follow this example setting sieve_dir inside your maildirs. This
will lead to the dir being shown as imap folder which you don't want.
Simply put out it outside and everything is fine.
Re: Sieve global path?
On Thu, 9 Nov 2017 21:02:44 -0500
Bill Shirley wrote:
> Set the sieve_global_dir like this.
> /etc/dovecot/conf.d/99-mystuff.conf:
> .
> .
> plugin {
> sieve = ~/Maildir/dovecot.sieve
> sieve_dir = ~/Maildir/sieve
> sieve_global_dir = /etc/dovecot/sieve/global/
> sieve_before = /etc/dovecot/sieve/before.d/
> # sieve_before2 =
> # sieve_before3 =
> sieve_after = /etc/dovecot/sieve/after.d/
> # sieve_after2 =
> # sieve_after3 =
>
> fts = lucene
> fts_lucene = whitespace_chars=@.
> }
>
> Permissions:
> drwxr-xr-x. 174 root root system_u:object_r:etc_t:s0 12288 Nov 9
> 11:43 /etc drwxr-xr-x. 4 root root system_u:object_r:dovecot_etc_t:s0
> 95 Apr 28 2016 /etc/dovecot drwxr-xr-x. 5 root root
> system_u:object_r:dovecot_etc_t:s0 64 Jul 13 2015 /etc/dovecot/sieve
> drwxr-xr-x. 2 root root system_u:object_r:dovecot_etc_t:s0 10 Jul 13
> 2015 /etc/dovecot/sieve/global
>
> Since this directory is read-only to all but root, pre-complie your scripts
> with 'sievec'.
>
> Bill
... And don't follow this example setting sieve_dir inside your maildirs. This
will lead to the dir being shown as imap folder which you don't want.
Simply put out it outside and everything is fine.
--
Regards,
Stephan
