Error: stat no such file or directory with 2.2.33.2
We have upgraded today from Dovecot 2.2.31 to Dovecot 2.2.33.2 and modified our config to include ITERINDEX in mail_location and we are detecting some errors like this: /Dec 13 08:17:31 buzon_rhel7 dovecot: imap(rboloix): Error: stat(/buzones/location/18/48/rboloix/mailboxes/SIT - Pra 2014/dbox-Mails) failed: No such file or directory// //Dec 13 08:40:24 buzon_rhel7 dovecot: imap(espi): Error: stat(/buzones/location/11/21/espi/mailboxes/CURSOS/ACCION SOCIAL/dbox-Mails) failed: No such file or directory// //Dec 13 08:40:25 buzon_rhel7 dovecot: imap(espi: Error: stat(/buzones/location/11/21/espi/mailboxes/CURSOS/ACCION SOCIAL/dbox-Mails) failed: No such file or directory// //Dec 13 08:41:59 buzon_rhel7 dovecot: imap(espi): Error: stat(/buzones/location/11/21/espi/mailboxes/CURSOS/ACCION SOCIAL/dbox-Mails) failed: No such file or directory/ I have grepped logs of past 4 weeks and have not found this errors with Dovecot 2.2.31. Any idea of what is going on? Full doveconf -n output below: /# 2.2.33.2 (d6601f4ec): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.21 (92477967) # OS: Linux 3.10.0-693.11.1.el7.x86_64 x86_64 Red Hat Enterprise Linux Server release 7.4 (Maipo) xfs auth_cache_negative_ttl = 10 secs auth_cache_size = 10 M auth_cache_ttl = 2 mins auth_master_user_separator = * auth_mechanisms = plain login auth_worker_max_count = 5500 base_dir = /var/run/dovecot/ default_client_limit = 5000 default_process_limit = 6500 disable_plaintext_auth = no imap_capability = +XLIST imap_client_workarounds = tb-extra-mailbox-sep delay-newmail tb-lsub-flags lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes mail_fsync = never mail_gid = entrega mail_home = /buzones/location/%2.26Hn/%2.200Hn/%n/home_usuario/ mail_location = mdbox:/buzoneslocation//%2.26Hn/%2.200Hn/%n:ITERINDEX:INDEX=/indices_dovecot/indices/%2.26Hn/%2.200Hn/%n:ALT=/buzones/alternativolocation//%2.26Hn/%2.200Hn/%n mail_max_userip_connections = 15000 mail_plugins = " zlib acl quota virtual mail_log notify" mail_uid = entrega mailbox_list_index = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date mdbox_purge_preserve_alt = yes mdbox_rotate_interval = 1 days mdbox_rotate_size = 60 M namespace { inbox = yes location = mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox SPAM { auto = subscribe special_use = \Junk } mailbox Sent { auto = subscribe special_use = \Sent } mailbox Trash { auto = subscribe special_use = \Trash } prefix = type = private } namespace { list = yes location = mdbox:/buzoneslocation//%%2.26Hn/%%2.200Hn/%%n:ALT=/buzones/alternativolocation//%%2.26Hn/%%2.200Hn/%%n:INDEX=/indices_dovecot/indices/%%2.26Hn/%%2.200Hn/%%n:INDEXPVT=~/mdbox/carpeta_compartida/%%u prefix = carpeta_compartida/%%u/ separator = / subscriptions = no type = shared } namespace { list = yes location = virtual:/etc/dovecot/virtual:INDEX=~/mdbox/virtual:CONTROL=~/mdbox/virtual prefix = Carpetas_virtuales/ separator = / } passdb { args = /etc/dovecot/deny deny = yes driver = passwd-file } passdb { args = /etc/dovecot/dovecot-ldap.conf driver = ldap } passdb { args = /etc/dovecot/dovecot-ldap.conf driver = ldap } plugin { acl = vfile acl_shared_dict = file:/buzoneslocation//acls_compartidas.db lda_mailbox_autosubscribe = yes mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = uid box msgid size subject from quota = dict:Cuota de usuario::file:/buzones/cuotas/%n quota_rule2 = Trash:storage=+10%% quota_warning = storage=90%% aviso_cuota 90 %u sieve = /buzoneslocation//%2.26Hn/%2.200Hn/%n/home_usuario/dovecot.sieve sieve_dir = /buzoneslocation//%2.26Hn/%2.200Hn/%n/home_usuario/sieve/ zlib_save = gz zlib_save_level = 9 } pop3_no_flag_updates = yes protocols = pop3 imap sieve service anvil { client_limit = 25000 } service auth { client_limit = 32000 unix_listener auth-master { user = entrega } unix_listener auth-userdb { user = entrega } user = root } service aviso_cuota { executable = script /usr/local/bin/quota-warning.sh unix_listener aviso_cuota { mode = 0666 } user = entrega } service config { process_min_avail = 4 } service imap-login { executable = /usr/libexec/dovecot/imap-login group = dovenull process_min_avail = 2 service_count = 0 vsz_limit = 1 G } service imap { executable = /usr/libexec/dovecot/imap process_limit = 8000 process_min_avail = 12 vsz_limit = 1 G } service managesieve-login { executable = /usr/libexec/dovecot/managesieve-login inet_listener sieve { port = 2000 } process_limit = 2000 vsz_limit = 1 G } service managesieve {
Re: TLS Error and not working lmtp
On 13.12.2017 02:59, Jakob Schürz wrote: > Am 2017-12-12 um 09:56 schrieb Aki Tuomi: >> >> On 12.12.2017 02:59, Jakob Schürz wrote: >>> Hi! > [...] >> With v2.3 you are required to provide ssl_dh=> >> You can generate suitable parameters with openssl gendh 2048 (or 4096). >> Make sure you run it on something that has plenty of entropy available, >> it will take some time. > Thanks for the Info. This was a challange for me... > Is this correct to put this option additionally to ssl_key and ssl_cert > in the config? > And it must be the parameter-File, not a cert or key? > > > At least i had to change some paths to the new installation-path > /usr/local/... in exim and dovecot conf. /var/run/dovecot is in > /usr/local/var/run/dovecot, if i compile it from git and install it with > make install. > > > But now, it is working. Thanks for the info > > Jakob > It must be a separate file, yes. Also you can probably omit the paths from your config, as they usually come from defaults. Aki
Re: TLS Error and not working lmtp
Am 2017-12-12 um 09:56 schrieb Aki Tuomi: > > > On 12.12.2017 02:59, Jakob Schürz wrote: >> Hi! [...] > > With v2.3 you are required to provide ssl_dh= > You can generate suitable parameters with openssl gendh 2048 (or 4096). > Make sure you run it on something that has plenty of entropy available, > it will take some time. Thanks for the Info. This was a challange for me... Is this correct to put this option additionally to ssl_key and ssl_cert in the config? And it must be the parameter-File, not a cert or key? At least i had to change some paths to the new installation-path /usr/local/... in exim and dovecot conf. /var/run/dovecot is in /usr/local/var/run/dovecot, if i compile it from git and install it with make install. But now, it is working. Thanks for the info Jakob signature.asc Description: OpenPGP digital signature
Re: New Dovecot service: SMTP Submission (RFC6409)
Am 12.12.2017 um 00:14 schrieb Stephan Bosch: > Hi, > > As some of you know, I started implementing the SMTP submission proxy a > few years ago. It acts as a front-end for any MTA, adding the necessary > functionality for an SMTP submission service, also known as a Mail > Submission Agent (MSA) (https://tools.ietf.org/html/rfc6409). The main > reason I created this, back then, was implementing the BURL capability > (https://tools.ietf.org/html/rfc4468). The main application of that > capability -- together with IMAP URLAUTH -- is avoiding a duplicate > upload of submitted e-mail messages; normally the message is both sent > through SMTP and uploaded to the "Sent" folder through IMAP. Using BURL, > the client can first upload the message to IMAP and then use BURL to > make the SMTP server fetch the message from IMAP for submission, thereby > avoiding a second upload. Apart from BURL, the submission proxy service > also adds the required AUTH support, avoiding the need to configure the > MTA for SASL authentication. More SMTP capabilities like CHUNKING and > SIZE are supported, without requiring the backend MTA supporting these > extensions. Other capabilities like DSN currently require support from > the backend/relay MTA. > > At this point, the submission proxy is still pretty basic. However, it > will provide a basis for adding all kinds of functionality in the (not > so distant) future. For the first time, it will be possible to act upon > message submission, rather than only message retrieval; e.g. plugins can > be devised that process outgoing messages somehow. Examples of the > things we could do are adding Sieve filtering support for outgoing > messages, or implicitly storing submitted messages to the Sent folder. > Once a plugin API is devised, you can create your own plugins. > > The reason I send this message now, is that this code is finally merged > into the Dovecot master repository. This means that it is part of the > upcoming 2.3 release. Now that it is merged, you can install and test it > from Github if you like. Feedback is of course appreciated. The > documentation is still pretty sparse, but there is currently not much to > configure. Just add "submission" to the protocols and configure the > relay MTA server. The configuration is currently only documented in the > example configuration in doc/example-config/conf.d/20-submission.conf. > The submission service is a login service, just like IMAP, POP3 and > ManageSieve, so clients are required to authenticate. The same > authentication configuration will also apply to submission, unless > you're doing protocol-specific things, in which case you may need to > amend your configuration for the new protocol. BURL support requires a > working IMAP URLAUTH implementation. > > I've updated the automated Xi Debian package builder to create an > additional dovecot-submissiond package. So, if you're using the Xi > packages, you only need to install that package and configure the relay MTA. > > Regards, > > Stephan. > > > > > Hi Stephan, this is extreme cool ! Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Schleißheimer Straße 26/MG, 80333 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein
Mail-crypt plugin clarification
I'm looking into ways to encrypt the stored email on my server. The idea is to make it impossible for my hosting provider (who has access to my VPS) to read the mail from the disk. So I'm looking into ways to do this, and I found the mail-crypt plugin for dovecot. Unfortunately I find the documentation very hard to understand. There is no clear description of what the goal and purpose of the plugin is, or how it works. Most of the documentation is very short and provides no explanation. So here are some questions - I will gladly help to update the documentation when some of these questions are answered :) If you cannot answer them all, please tell me what you know.. - It seems mail-cypt will transparently encrypt/decrypt mail - so it stores it on the server in encrypted form, but dovecot serves it unencrypted over IMAP. Is this correct? - It seems that mail-crypt needs both a private and a public key to work. Is this correct? - If mail-crypt has both private and public key in its configuration, does that not defeat the purpose of the whole thing? Anyone with access to the disk will be able to read everything? Regarding the settings: mail_crypt_global_private_key(_n) - Private key to decrypt files, you can specify many mail_crypt_global_public_key - Public key to use to encrypt files, you can specify one - How does this work? What does mail-crypt do when multiple private keys are specified? mail_crypt_private_key - Private key to decrypt user's master key, can be base64 encoded mail_crypt_private_password - Password to decrypt user's master key or environment private key - What is the relation between a users master key, and the private/public global keys above? What is an environment private key? TIA, and as I said above, I will help with updating the docs! -- Sent from: http://dovecot.2317879.n4.nabble.com/
Re: New Dovecot service: SMTP Submission (RFC6409)
Op 12-12-2017 om 15:28 schreef Tanstaafl: This is fantastic Stephan! Especially since I'll soon be rolling a new Dovecot server to act as a backup for our current Office 365 mail, as well as to be prepared in case I can ever talk the boss into migrating back to dovecot (we were using Dovecot for a really long time until he was convinced by others that we 'had' to be on Office 365). I'll also be setting up a shiny new VPS for my own private mail server, to provide better service that I currently get from my shared Dreamhost account. But can you confirm... Would this also be called 'BURL' support? And will this initial implementation work with current Postfix to provide the basic Save-To-Sent feature? I seem to recall there was some minor code required on the Postfix side, and Wietse seemed to not have a problem implementing it, but had asked about any IMAP Clients supporting BURL... The thing is: with the Dovecot submission proxy, the availability of BURL support at Postfix/Exim/Sendmail is irrelevant. Dovecot handles the full SMTP BURL/IMAP URLAUTH functionality without MTA involvement. That should make configuration in most cases quite simple. The current implementation does require that the proxy has direct access to the user's mailbox for BURL (e.g. by running it on the same host as imap), but that restriction should be resolved soon, allowing for more complex setups. However, keep in mind that for this particular feature we're just providing the "chicken" as it were. The "egg", i.e. client support, is still to come. Apart from Trojita (which I think is still not widely used), I know of no IMAP client supporting BURL/URLAUTH for message submission. I'd expect to see it first for clients that can truly benefit; i.e., mobile clients such as K9. Regards, Stephan. On 12/11/2017, 6:14:26 PM, Stephan Boschwrote: Hi, As some of you know, I started implementing the SMTP submission proxy a few years ago. It acts as a front-end for any MTA, adding the necessary functionality for an SMTP submission service, also known as a Mail Submission Agent (MSA) (https://tools.ietf.org/html/rfc6409). The main reason I created this, back then, was implementing the BURL capability (https://tools.ietf.org/html/rfc4468). The main application of that capability -- together with IMAP URLAUTH -- is avoiding a duplicate upload of submitted e-mail messages; normally the message is both sent through SMTP and uploaded to the "Sent" folder through IMAP. Using BURL, the client can first upload the message to IMAP and then use BURL to make the SMTP server fetch the message from IMAP for submission, thereby avoiding a second upload. Apart from BURL, the submission proxy service also adds the required AUTH support, avoiding the need to configure the MTA for SASL authentication. More SMTP capabilities like CHUNKING and SIZE are supported, without requiring the backend MTA supporting these extensions. Other capabilities like DSN currently require support from the backend/relay MTA. At this point, the submission proxy is still pretty basic. However, it will provide a basis for adding all kinds of functionality in the (not so distant) future. For the first time, it will be possible to act upon message submission, rather than only message retrieval; e.g. plugins can be devised that process outgoing messages somehow. Examples of the things we could do are adding Sieve filtering support for outgoing messages, or implicitly storing submitted messages to the Sent folder. Once a plugin API is devised, you can create your own plugins. The reason I send this message now, is that this code is finally merged into the Dovecot master repository. This means that it is part of the upcoming 2.3 release. Now that it is merged, you can install and test it from Github if you like. Feedback is of course appreciated. The documentation is still pretty sparse, but there is currently not much to configure. Just add "submission" to the protocols and configure the relay MTA server. The configuration is currently only documented in the example configuration in doc/example-config/conf.d/20-submission.conf. The submission service is a login service, just like IMAP, POP3 and ManageSieve, so clients are required to authenticate. The same authentication configuration will also apply to submission, unless you're doing protocol-specific things, in which case you may need to amend your configuration for the new protocol. BURL support requires a working IMAP URLAUTH implementation. I've updated the automated Xi Debian package builder to create an additional dovecot-submissiond package. So, if you're using the Xi packages, you only need to install that package and configure the relay MTA.
Re: TLS Error and not working lmtp
On 12.12.2017 02:59, Jakob Schürz wrote: > Hi! > > I have some troubles with the virtual plugin. I run a self-compiled > dovecot 2.2.33.2 from debian testing. I patched this version with the > QRESYNC-Patch from a few weeks ago. > But i always get an errormessage, when i try to open an email from a > virtual mailbox. > > So i cloned the actual git-Repo and compiled dovecot and pigonehole-sieve. > > The problem with the virtual plugin seems gone away. But there are some > other problems. > I use ssl=required and with dovecot from debian TLS/SSL and STARTTLS > works fine. > With the selfcompiled from git, i get this error: > > dovecot[1284]: imap-login: Error: Failed to initialize SSL server > context: Couldn't parse DH parameters: error:0906D06C:PEM > routines:PEM_read_bio:no start line: Expecting: DH PARAMETERS: user=<>, > rip=127.0.0.1, lip=127.0.0.1, secured, session= > > The key and crt are exactly the same files as before. > > The second problem is, lmtp is not working. I use exactly the same > config for the debians dovecot and dovecot from git. But in the > gitversion the error in exim is: > > Failed to connect to socket /var/run/dovecot/lmtp for dovecot_lmtp > transport: Connection refused > > My config is: > > # dovecot -n > # 2.3.devel (b1aac3a1d): /usr/local/etc/dovecot/dovecot.conf > # Pigeonhole version 0.5.devel (624e1769) > # OS: Linux 4.13.0-trunk-amd64 x86_64 Debian 9.3 btrfs > auth_debug = yes > auth_mechanisms = plain login cram-md5 digest-md5 > auth_socket_path = /var/run/dovecot/auth-userdb > auth_verbose = yes > first_valid_uid = 1000 > imap_capability = +XDOVECOT > imap_client_workarounds = tb-extra-mailbox-sep > lda_mailbox_autocreate = yes > lda_mailbox_autosubscribe = yes > listen = *, ::1 > login_trusted_networks = 127.0.0.1/8 192.168.0.0/24 192.168.1.0/24 > 172.17.0.0/24 172.18.0.0/24 > mail_debug = yes > mail_gid = vmail > mail_home = /var/mail/%u > mail_location = > maildir:/var/mail/%u/Maildir:LAYOUT=fs:INDEX=/var/lib/dovecot/db/indexes/Maildir/%u:INDEXPVT=/var/lib/dovecot/db/indexes/Maildir/%u:CONTROL=/var/lib/dovecot/db/control/Maildir/%u > mail_plugins = zlib quota acl listescape mail_log notify virtual > mail_privileged_group = vmail > mail_server_admin = mailto:ja...@xundeenergie.at > mail_shared_explicit_inbox = yes > mail_uid = vmail > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope > encoded-character vacation subaddress comparator-i;ascii-numeric > relational regex imap4flags copy include variables body enotify > environment mailbox date index ihave duplicate mime foreverypart extracttext > mmap_disable = yes > namespace { > hidden = no > inbox = no > list = children > location = > maildir:/var/mail/mailarchiv/%u/:LAYOUT=fs:INDEX=/var/lib/dovecot/db/indexes/mailarchiv/%u:INDEXPVT=/var/lib/dovecot/db/indexes/mailarchiv/%u > mailbox incoming { > auto = create > } > mailbox outgoing { > auto = create > } > prefix = Mailarchiv/ > separator = / > subscriptions = no > type = private > } > namespace { > list = children > location = > maildir:/var/mail/public/:LAYOUT=fs:INDEX=/var/lib/dovecot/db/indexes/public/%u:INDEXPVT=/var/lib/dovecot/db/indexes/public/%u > prefix = Roseggergasse/ > separator = / > subscriptions = no > type = public > } > namespace Geteilt { > hidden = no > inbox = no > list = children > location = > maildir:/var/mail/%%u/Maildir:LAYOUT=fs:INDEXPVT=/var/lib/dovecot/db/indexes/shared/%u/%%u:INDEX=/var/lib/dovecot/db/indexes/shared/%u/%%u > prefix = Geteilt/%%n/ > separator = / > subscriptions = no > type = shared > } > namespace Real { > hidden = yes > list = no > location = > virtual:/var/mail/real:INDEX=/var/lib/dovecot/db/indexes/real/%u > prefix = Real/ > separator = / > subscriptions = no > } > namespace Synoptic { > hidden = no > list = children > location = > virtual:/var/mail/virtual:INDEX=/var/lib/dovecot/db/indexes/virtual/%u > mailbox INBOX/Archives { > auto = no > special_use = \Archive > } > mailbox INBOX/Drafts { > auto = no > special_use = \Drafts > } > mailbox INBOX/Entwürfe { > auto = no > special_use = \Drafts > } > mailbox INBOX/Junk { > auto = no > special_use = \Junk > } > mailbox INBOX/Sent { > auto = no > special_use = \Sent > } > mailbox INBOX/Spam { > auto = no > special_use = \Junk > } > prefix = Synoptic/ > separator = / > subscriptions = no > } > namespace inbox { > hidden = no > inbox = yes > location = > mailbox Archiv { > auto = no > special_use = \Archive > } > mailbox Archive { > auto = no > special_use = \Archive > } > mailbox Archives { > auto = no > special_use = \Archive > } > mailbox "Deleted Messages" { > auto = no > special_use = \Trash > } > mailbox Drafts { > auto = no > special_use = \Drafts > } > mailbox Entwürfe { > auto = no >