date:20190218



On 19.2.2019 4.48, Mark Foley via dovecot wrote:
> On Mon, 18 Feb 2019 10:17:16 - Stuart Henderson wrote:
>> On 2019-02-13, Mark Foley via dovecot  wrote:
>>> Is it possible that no one on this list is authenticating Outlook with 
>>> Dovecot and NTLM?
>> Yes, it's possible, the outdated instructions you found on the wiki
>> suggests it's an uncommon configiration.
> Hmmm, really? And yet Windows/Outlook is still the predominant email client 
> out there
> (unfortunately). Maybe everyone is going to outlook.com?
>
>> No actual answers from me, but it might give you some clues:
>>
>>> More on this ...
>>>
>>> I short-sheeted ntlm_auth to see what was being passed to it. It is getting 
>>> as arg1:
>>>
>>> --helper-protocol=squid-2.5-ntlmssp
>>>
>>> I tried running ntlm_auth at the command line as:
>>>
>>> ntlm_auth --username=user --password=password 
>>> --helper-protocol=squid-2.5-ntlmssp
>>>
>>> It did nothing, just hung there. The ntlm_auth man page says:
>>>
>>> --helper-protocol=PROTO
>>>   Operate as a stdio-based helper. Valid helper protocols are:
>> The squid auth helpers are stdio-based, they run in a loop, reading from
>> stdin, checking authentication, and return results on stdout. This avoids 
>> both
>> passing sensitive data on the command line (visible to ps, at least briefly)
>> and the need to keep forking and initialising a new process.
>>
>> So it's normal that it would just sit waiting for input.
>>
>> Dovecot is just reusing the same protocol that squid uses.
> If --username and --password are passed on the command line, what is it 
> waiting for on stdin?
> Normally, ntlm_auth, with id and pw passed on the command line prints, 
> "NT_STATUS_OK: The
> operation completed successfully. (0x0)" to stdout. There is no further stdin 
> input needed.
>
> Is there a way to disable the --helper-protocol in Dovecot? 
>
>>> After more searching I came across this post, 
>>> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774263
>>> which, in summary, said that ntlm_auth had to run as root. So, I added the 
>>> following to my
>>> dovecot config per that post's suggestion:
>>>
>>> service auth {
>>>   user = root
>>> }
>>>
>>> After restarting and trying again to connect from Outlook I got the message:
>>>
>>> auth: Info: ntlm(?,192.168.0.58,): user not 
>>> authenticated: NT_STATUS_NO_MEMORY
>> I don't know the full details of how samba/ntlm works, but this seems like
>> an error coming from the server you're attempting to authenticate against.
>> I think you should start debugging on the samba side - make sure tools
>> like wbinfo are working, if not then debug those with samba, then move
>> on to Dovecot after you have that working.
> Samba has been running for years (with updates) and everything like wbinfo 
> works.  Dovecot can
> authenticate with kerberos/GSSAPI, and other applications can authenticate 
> with ntlm_auth.  My
> suspicion here is that the "user not authenticated" problem is perhaps 
> because dovecot cannot
> run the auth service as root? The dovecot user is dovenull, so why would it 
> be permitted to run
> as root in any case?
>
> I think the problem is in invoking ntlm_auth. I tried simply returning zero 
> from my "fake"
> ntlm_auth, but that didn't work. Not sure what Dovecot is expecting from 
> ntlm_auth_helper.
>
> --Mark

Hi,

try


service auth {

  user = root

}


Aki

Re: Using SHA256/512 for SQL based password


On 17.2.2019 10.46, Aki Tuomi via dovecot wrote:
>
>> On 17 February 2019 at 10:38 Odhiambo Washington via dovecot <
>> dovecot@dovecot.org > wrote:
>>
>>
>> On Sun, 17 Feb 2019 at 11:34, Marc Weustink via dovecot <
>> dovecot@dovecot.org >
>> wrote:
>>
>>> Jean-Daniel Dupas via dovecot wrote:
>>> >
>>> >
>>> >> Le 13 févr. 2019 à 14:54, Robert Moskowitz via dovecot
>>> >> < dovecot@dovecot.org  >> dovecot@dovecot.org >> a écrit :
>>> >>
>>> >>
>>> >>
>>>
>>> >>> ARGON2 support is added in dovecot v2.3. It also needs to be
>>> enabled
>>> >>> when compiling dovecot, so varying from packagers it might or
>>> not be
>>> >>> available. The CRYPT ones are available if crypt(3) supports
>>> them. In
>>> >>> dovecot v2.3 we have added bcrypt support regardless of crypt(3)
>>> support.
>>> >>
>>> >> CentOS7 is on dovecot 2.2.36:
>>> >>
>>> >> # doveadm pw -s ARGON2-CRYPT -p secret
>>> >> Fatal: Unknown scheme: ARGON2-CRYPT
>>> >> # doveadm pw -s ARGON2 -p secret
>>> >> Fatal: Unknown scheme: ARGON2
>>> >>
>>> >> I tend to stay with the distro's rpms and not take on building and
>>> >> maintaining myself.
>>> >
 And for the record, the hash names are ARGON2I and ARGON2ID (see
 doveadm
 pw -l )
 With dovecot from the dovecot.org < http://dovecot.org> repo:
 # doveadm pw -s ARGON2I -p secret
>>> {ARGON2I}$argon2i$v=19$m=32768,t=4,p=1$bt96TSr3nVrho2SRhnNP0A$h7LYiqkw/4s6d1d+0Xpe+VUE3aISPnkYq/R7QqPRntk
>>>
>>> Also from dovecot.org < http://dovecot.org> repo:
>>> doveadm pw -s ARGON2I -p secret
>>> Fatal: Unknown scheme: ARGON2I
>>> 
>>> Marc
>>
>> It works for me over here:
>>
>> [wash@waridi ~]#/opt/dovecot2.3/bin/doveadm pw -s ARGON2I -p secret
>> {ARGON2I}$argon2i$v=19$m=32768,t=4,p=1$9pggnQBea9F3h3O31HoJEA$0zZZgwEuMRVZ3Mc/v6ckpalzVRVCr+GLBWnb8OrgsxU
>>
>>
>>
>> -- 
>> Best regards,
>> Odhiambo WASHINGTON,
>> Nairobi,KE
>> +254 7 3200 0004/+254 7 2274 3223
>> "Oh, the cruft.", grep ^[^#] :-)
>
> I'll check next week if and why argon is missing from ce packages. 
> ---
> Aki Tuomi

Marc,

ARGON2 is supported only on Debian Stretch and Ubuntu 18 for dovecot,
due to libsodium.

Aki

Re: Need to authenticate Outlook and NTLM

2019-02-18 Thread Mark Foley via dovecot

On Mon, 18 Feb 2019 10:17:16 - Stuart Henderson wrote:
>
> On 2019-02-13, Mark Foley via dovecot  wrote:
> > Is it possible that no one on this list is authenticating Outlook with 
> > Dovecot and NTLM?
>
> Yes, it's possible, the outdated instructions you found on the wiki
> suggests it's an uncommon configiration.

Hmmm, really? And yet Windows/Outlook is still the predominant email client out 
there
(unfortunately). Maybe everyone is going to outlook.com?

> No actual answers from me, but it might give you some clues:
>
> > More on this ...
> >
> > I short-sheeted ntlm_auth to see what was being passed to it. It is getting 
> > as arg1:
> >
> > --helper-protocol=squid-2.5-ntlmssp
> >
> > I tried running ntlm_auth at the command line as:
> >
> > ntlm_auth --username=user --password=password 
> > --helper-protocol=squid-2.5-ntlmssp
> >
> > It did nothing, just hung there. The ntlm_auth man page says:
> >
> > --helper-protocol=PROTO
> >   Operate as a stdio-based helper. Valid helper protocols are:
>
> The squid auth helpers are stdio-based, they run in a loop, reading from
> stdin, checking authentication, and return results on stdout. This avoids both
> passing sensitive data on the command line (visible to ps, at least briefly)
> and the need to keep forking and initialising a new process.
>
> So it's normal that it would just sit waiting for input.
>
> Dovecot is just reusing the same protocol that squid uses.

If --username and --password are passed on the command line, what is it waiting 
for on stdin?
Normally, ntlm_auth, with id and pw passed on the command line prints, 
"NT_STATUS_OK: The
operation completed successfully. (0x0)" to stdout. There is no further stdin 
input needed.

Is there a way to disable the --helper-protocol in Dovecot? 

>
> > After more searching I came across this post, 
> > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774263
> > which, in summary, said that ntlm_auth had to run as root. So, I added the 
> > following to my
> > dovecot config per that post's suggestion:
> >
> > service auth {
> >   user = root
> > }
> >
> > After restarting and trying again to connect from Outlook I got the message:
> >
> > auth: Info: ntlm(?,192.168.0.58,): user not 
> > authenticated: NT_STATUS_NO_MEMORY
>
> I don't know the full details of how samba/ntlm works, but this seems like
> an error coming from the server you're attempting to authenticate against.
> I think you should start debugging on the samba side - make sure tools
> like wbinfo are working, if not then debug those with samba, then move
> on to Dovecot after you have that working.

Samba has been running for years (with updates) and everything like wbinfo 
works.  Dovecot can
authenticate with kerberos/GSSAPI, and other applications can authenticate with 
ntlm_auth.  My
suspicion here is that the "user not authenticated" problem is perhaps because 
dovecot cannot
run the auth service as root? The dovecot user is dovenull, so why would it be 
permitted to run
as root in any case?

I think the problem is in invoking ntlm_auth. I tried simply returning zero 
from my "fake"
ntlm_auth, but that didn't work. Not sure what Dovecot is expecting from 
ntlm_auth_helper.

--Mark

Re: flags not synced correctly with dovecot sync (dsync)

2019-02-18 Thread Dan Christensen via dovecot

I should add that these problems arise frequently in practice, even if
changes are only being made on a single machine, e.g. laptop1.  Flag
changes on laptop1 propagate to server, but then are reverted on server
when laptop2 syncs with server, and then are reverted on laptop1 when it
syncs again with server.  If I redo the flag changes on laptop1, the
process just repeats and they are removed again.

Suggestions for debugging are very welcome, as currently syncing is
much too unreliable for me to continue using it.

Dan

On Feb 16, 2019, Dan Christensen via dovecot  wrote:

> I'm running dovecot 2.3.4.1 from https://repo.dovecot.org/ on Ubuntu
> 18.04 on three machines that I'll call server, laptop1 and laptop2.
>
> Both laptop1 and laptop2 run dovecot sync against server to keep local
> copies of my imap folders.  Even when I initially had only two machines,
> laptop1 and server, I occasionally noticed that flags were lost, usually
> custom flags used by Gnus, but I couldn't reliably reproduce the
> problem.
>
> Now that I have two laptops syncing against the server, the problem has
> gotten worse and I figured out a way to reproduce it:
>
> - on server: create new IMAP folder test, and put two read messages in it
> - on laptop1:  doveadm sync -u user -l 10 -m test -f user@server
> - on laptop2:  doveadm sync -u user -l 10 -m test -f user@server
>
> At this point, all three machines show the two messages M1 and M2
> as being read.
>
> - on laptop1: mark message M1 unread
> - on laptop2: mark message M2 unread
> - on laptop1:  doveadm sync -u user -l 10 -m test -f user@server
>   Both laptop1 and server have M1 unread, M2 read, as expected.
> - on laptop2:  doveadm sync -u user -l 10 -m test -f user@server
>   Now laptop2 and server have M1 *read*, M2 unread.
> - on laptop1:  doveadm sync -u user -l 10 -m test -f user@server
>   Now laptop1 and the server have both M1 and M2 *read*.
> - on laptop2:  doveadm sync -u user -l 10 -m test -f user@server
>   Now laptop2 has both read as well.
>
> The two lines that say "*read*" are wrong in my opinion.  dsync
> propagated a read mark to an unread message, even though that message
> was marked unread more recently than it was marked read.
>
> I usually use stateful sync, and get many related problems.
> I just did a test in which M1 and M2 started out read, and I
> started with empty files named dstate.test on laptop1 and laptop2.
> Then I did the above procedure, using the command
>
> doveadm sync -u user -l 10 -m test -s "`cat dstate.test`" user@server > 
> dstate.test
>
> At the end, laptop2 and server had both messages unread (which is good),
> but laptop1 had only M1 unread, and repeated runs of the sync command
> did not correct this.  So the stateful sync failed to detect a change.
>
> Are these bugs in dovecot?  Is there more information that I can
> provide?  The output of doveconf -n on one machine is below, and
> the others are almost identical.
>
> Thanks for any help!
>
> Dan
>
> # 2.3.4.1 (3c0b8769e): /etc/dovecot/dovecot.conf
> # OS: Linux 4.15.0-45-generic x86_64 Ubuntu 18.04.1 LTS 
> # Hostname: laptop2
> auth_mechanisms = plain login
> listen = 127.0.0.1
> mail_index_log2_max_age = 10 days
> mail_index_log_rotate_min_age = 1 days
> mail_index_log_rotate_min_size = 300 k
> mail_location = maildir:~/Maildir
> namespace inbox {
>   inbox = yes
>   location = 
>   mailbox Drafts {
> special_use = \Drafts
>   }
>   mailbox Junk {
> special_use = \Junk
>   }
>   mailbox Sent {
> special_use = \Sent
>   }
>   mailbox "Sent Messages" {
> special_use = \Sent
>   }
>   mailbox Trash {
> special_use = \Trash
>   }
>   prefix = 
> }
> passdb {
>   args = scheme=CRYPT username_format=%u /etc/dovecot/users
>   driver = passwd-file
> }
> protocols = imap
> service imap-login {
>   inet_listener imap {
> address = *
> port = 143
>   }
>   inet_listener imaps {
> address = *
> port = 943
> ssl = yes
>   }
> }
> service imap {
>   process_limit = 25
> }
> ssl_cert =  ssl_client_ca_dir = /etc/ssl/certs
> ssl_dh = # hidden, use -P to show it
> ssl_key = # hidden, use -P to show it
> userdb {
>   args = username_format=%u /etc/dovecot/users
>   driver = passwd-file
> }
> protocol lda {
>   postmaster_address = [elided]
> }
> protocol imap {
>   mail_max_userip_connections = 20
> }

Re: Error sending email from client




> On 18 Feb 2019, at 15.29, Latin Bishop via dovecot  
> wrote:
> 
> Here is error when sending
> Feb 18 08:24:27 pepino dovecot: imap-login: Login: user=, method=PLAIN, 
> rip=127.0.0.1, lip=127.0.1.1, mpid=5297, TLS, session=<1gQ/CyuChpB/AAAB>
> Feb 18 08:24:28 pepino dovecot: imap(pi): Logged out in=8 out=416
> Feb 18 08:24:34 pepino dovecot: imap-login: Login: user=, method=PLAIN, 
> rip=127.0.0.1, lip=127.0.1.1, mpid=5303, TLS, session=
> Feb 18 08:24:59 pepino postfix/smtpd[5278]: connect from localhost[127.0.0.1]
> Feb 18 08:24:59 pepino postfix/smtpd[5278]: warning: TLS library problem: 
> error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown 
> ca:../ssl/re$Feb 18 08:24:59 pepino postfix/smtpd[5278]: lost connection 
> after STARTTLS from localhost[127.0.0.1]
> Feb 18 08:24:59 pepino postfix/smtpd[5278]: disconnect from 
> localhost[127.0.0.1] ehlo=1 starttls=1 commands=2
> Feb 18 08:26:41 pepino postfix/smtps/smtpd[5328]: connect from 
> localhost[127.0.0.1]
> Feb 18 08:26:41 pepino postfix/smtps/smtpd[5328]: warning: unknown smtpd 
> restriction: "permit_ssl_authenticated"
> Feb 18 08:26:41 pepino postfix/smtps/smtpd[5328]: NOQUEUE: reject: RCPT from 
> localhost[127.0.0.1]: 451 4.3.5 Server configuration error; from= 18 08:26:44 pepino postfix/cleanup[5336]: 8B85C80DE9: 
> message-id=<20190218132644.8b85c80...@mail.torombolo.ml>
> Feb 18 08:26:44 pepino postfix/smtps/smtpd[5328]: disconnect from 
> localhost[127.0.0.1] ehlo=1 mail=1 rcpt=0/1 quit=1 commands=3/4
> Feb 18 08:26:44 pepino postfix/qmgr[4714]: 8B85C80DE9: 
> from=, size=916, nrcpt=1 (queue active)
> Feb 18 08:26:44 pepino postfix/local[5337]: 8B85C80DE9: 
> to=, orig_to=, relay=local, delay=0.1, 
> delays=0.05/0.03/0/0.02,$Feb 18 08:26:44 pepino postfix/qmgr[4714]: 
> 8B85C80DE9: removed
> 

This is postfix configuration error and not a Dovecot issue.

Sami

Re: Error sending email from client

Here is error when sending
Feb 18 08:24:27 pepino dovecot: imap-login: Login: user=, method=PLAIN, 
rip=127.0.0.1, lip=127.0.1.1, mpid=5297, TLS, session=<1gQ/CyuChpB/AAAB>
Feb 18 08:24:28 pepino dovecot: imap(pi): Logged out in=8 out=416
Feb 18 08:24:34 pepino dovecot: imap-login: Login: user=, method=PLAIN, 
rip=127.0.0.1, lip=127.0.1.1, mpid=5303, TLS, session=
Feb 18 08:24:59 pepino postfix/smtpd[5278]: connect from localhost[127.0.0.1]
Feb 18 08:24:59 pepino postfix/smtpd[5278]: warning: TLS library problem: 
error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown 
ca:../ssl/re$Feb 18 08:24:59 pepino postfix/smtpd[5278]: lost connection after 
STARTTLS from localhost[127.0.0.1]
Feb 18 08:24:59 pepino postfix/smtpd[5278]: disconnect from 
localhost[127.0.0.1] ehlo=1 starttls=1 commands=2
Feb 18 08:26:41 pepino postfix/smtps/smtpd[5328]: connect from 
localhost[127.0.0.1]
Feb 18 08:26:41 pepino postfix/smtps/smtpd[5328]: warning: unknown smtpd 
restriction: "permit_ssl_authenticated"
Feb 18 08:26:41 pepino postfix/smtps/smtpd[5328]: NOQUEUE: reject: RCPT from 
localhost[127.0.0.1]: 451 4.3.5 Server configuration error; from=
Feb 18 08:26:44 pepino postfix/smtps/smtpd[5328]: disconnect from 
localhost[127.0.0.1] ehlo=1 mail=1 rcpt=0/1 quit=1 commands=3/4
Feb 18 08:26:44 pepino postfix/qmgr[4714]: 8B85C80DE9: 
from=, size=916, nrcpt=1 (queue active)
Feb 18 08:26:44 pepino postfix/local[5337]: 8B85C80DE9: to=, 
orig_to=, relay=local, delay=0.1, delays=0.05/0.03/0/0.02,$Feb 18 
08:26:44 pepino postfix/qmgr[4714]: 8B85C80DE9: removed


Sent from my iPad

> On Feb 18, 2019, at 7:25 AM, Latin Bishop  wrote:
> 
> Latest 
> 
> 
> So if I telnet into port 25 I am able to send an email to my gmail account 
> 
> True it comes into my spam folder 
> 
> 
> But when I  try sending via client where my server is I get error 4 6 5 
> configuration error 
> 
> Also email I send to server are lost ???
> 
> Pleas3 help 
> 
> 
>

Re: Error configuring unix_listener stats-writer




> On 18 Feb 2019, at 13.12, Peter Nabbefeld via dovecot  
> wrote:
> 
> 
> 
> Am 18.02.19 um 11:34 schrieb Sami Ketola:
>> 
>>> On 18 Feb 2019, at 12.15, Peter Nabbefeld  wrote:
>>> 
>>> 
>>> 
>>> Am 17.02.19 um 18:27 schrieb Sami Ketola:
 Easy way is to use just one config file. That is what I have done for 
 years.
 
 Sami
 
 
>>> I'd preferred that, too, but it seems the 'modern' way - and I don't want 
>>> to get any possible configuration issues on updates, so I won't change this.
>> 
>> If your distribution modifies config files on updates then it's time to 
>> switch to another distribution.
>> 
>> Sami
> Not the config files itself. But IIRC, the "main" config files have been 
> changed in distros when the new style was introduced. Usually the main file 
> wasn't overwritten, but a new file with an extension like "new" had been 
> added.

Shame on those distros.

However even if you do use such lousy distro, you can work around it by just 
having ONE config file in the conf.d folder. That would then be the real config 
file.

> 
> However, my laptop installation isn't as old, and every application I install 
> already has the new style, and of course it has it pros when You get used to 
> the structure of the config file, but if You're new to some application, You 
> also have to learn about this structure for every new one ...

I wish that the split config default would have never been introduced. It's a 
nightmare.

Sami

Dsync and network issues

2019-02-18 Thread Danilo G. Baio via dovecot

Hi.

Our scenario:
dovecot-2.3.4.1
Two FreeBSD servers, A (master) and B (slave).
replication_max_conns = 10
doveadm_port = 60025

All mails are received on server A and replicated to server B.

Sometimes we get these messages on server B:

Feb 18 08:27:35 dsync-server(XX@XX): Error: client_connection_tcp_free:
close((>fd)) @ client-connection-tcp.c:632 failed (fd=15): Connection
reset by peer
Feb 18 08:28:00 dsync-server(XZ@XZ): Error: client_connection_tcp_free:
close((>fd)) @ client-connection-tcp.c:632 failed (fd=15): Connection
reset by peer
Feb 18 08:33:14 dsync-server(XY@XY): Error: client_connection_tcp_free:
close((>fd)) @ client-connection-tcp.c:632 failed (fd=15): Connection
reset by peer
Feb 18 08:44:07 dsync-server(XW@XW): Error: client_connection_tcp_free:
close((>fd)) @ client-connection-tcp.c:632 failed (fd=15): Connection
reset by peer

It happens sometimes (usually early morning) when users are syncing their
mailboxes.

Is there a way to debug this and find what is happening?

Thanks for your time.
-- 
Danilo G. Baio

Error sending email from client

Latest 


So if I telnet into port 25 I am able to send an email to my gmail account 

True it comes into my spam folder 


But when I  try sending via client where my server is I get error 4 6 5 
configuration error 

Also email I send to server are lost ???

Pleas3 help

Re: imap-hibernate returned failure: Failed to parse client input: Invalid peer_dev_minor value

2019-02-18 Thread ivosevb via dovecot

We have exactly the same problem like Alex. It happens all the time. System
is FreeBSD 11.2, Dovecot 2.3.2.1_1.



--
Sent from: http://dovecot.2317879.n4.nabble.com/

unsubscibe

2019-02-18 Thread Henry Otten via dovecot


unsubscribe



smime.p7s
Description: S/MIME cryptographic signature

Re: Dove to error

2019-02-18 Thread Benny Pedersen via dovecot


ssl vs sasl in warning

Benny

Re: Error configuring unix_listener stats-writer

2019-02-18 Thread Peter Nabbefeld via dovecot





Am 18.02.19 um 11:34 schrieb Sami Ketola:



On 18 Feb 2019, at 12.15, Peter Nabbefeld  wrote:



Am 17.02.19 um 18:27 schrieb Sami Ketola:

Easy way is to use just one config file. That is what I have done for years.

Sami



I'd preferred that, too, but it seems the 'modern' way - and I don't want to 
get any possible configuration issues on updates, so I won't change this.


If your distribution modifies config files on updates then it's time to switch 
to another distribution.

Sami
Not the config files itself. But IIRC, the "main" config files have been 
changed in distros when the new style was introduced. Usually the main 
file wasn't overwritten, but a new file with an extension like "new" had 
been added.


However, my laptop installation isn't as old, and every application I 
install already has the new style, and of course it has it pros when You 
get used to the structure of the config file, but if You're new to some 
application, You also have to learn about this structure for every new 
one ...


Peter

Re: CASifying dovecot and webmail



On 17.2.2019 19.33, Juan Carlos Sánchez via dovecot wrote:
> Hello:
>
> I'm trying to authenticate webmail (roundcube) and dovecot with Apereo
> CAS.
>
> I don't find any good guide and everything I have found is some years
> old. Has any of you done a recent integration with CAS and can share
> the details ?
>
> Best regards
>
With 2.3.4 you can use Lua scripting to perform authentication against
these kind of funny things.

Aki

Re: Need to authenticate Outlook and NTLM



On 18.2.2019 12.17, Stuart Henderson via dovecot wrote:
> On 2019-02-13, Mark Foley via dovecot  wrote:
>> Is it possible that no one on this list is authenticating Outlook with 
>> Dovecot and NTLM?
> Yes, it's possible, the outdated instructions you found on the wiki
> suggests it's an uncommon configiration.
>
> No actual answers from me, but it might give you some clues:
>
>> More on this ...
>>
>> I short-sheeted ntlm_auth to see what was being passed to it. It is getting 
>> as arg1:
>>
>> --helper-protocol=squid-2.5-ntlmssp
>>
>> I tried running ntlm_auth at the command line as:
>>
>> ntlm_auth --username=user --password=password 
>> --helper-protocol=squid-2.5-ntlmssp
>>
>> It did nothing, just hung there. The ntlm_auth man page says:
>>
>> --helper-protocol=PROTO
>>   Operate as a stdio-based helper. Valid helper protocols are:
> The squid auth helpers are stdio-based, they run in a loop, reading from
> stdin, checking authentication, and return results on stdout. This avoids both
> passing sensitive data on the command line (visible to ps, at least briefly)
> and the need to keep forking and initialising a new process.
>
> So it's normal that it would just sit waiting for input.
>
> Dovecot is just reusing the same protocol that squid uses.
>
>> After more searching I came across this post, 
>> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774263
>> which, in summary, said that ntlm_auth had to run as root. So, I added the 
>> following to my
>> dovecot config per that post's suggestion:
>>
>> service auth {
>>   user = root
>> }
>>
>> After restarting and trying again to connect from Outlook I got the message:
>>
>> auth: Info: ntlm(?,192.168.0.58,): user not authenticated: 
>> NT_STATUS_NO_MEMORY
> I don't know the full details of how samba/ntlm works, but this seems like
> an error coming from the server you're attempting to authenticate against.
> I think you should start debugging on the samba side - make sure tools
> like wbinfo are working, if not then debug those with samba, then move
> on to Dovecot after you have that working.
>
>
You might need to configure auth and auth-worker processes with larger
vsz_limit, or configure default_vsz_limit = 1G

Aki

Re: Dove to error

Yes it is. Basically can’t send nor receive confit looks good 



> On Feb 17, 2019, at 12:34 PM, Aki Tuomi  wrote:
> 
> Is user 'dovecot' member of group 'mail'?
> 
> Aki
> 
>> On 17 February 2019 at 19:28 Latin Bishop  wrote:
>> 
>> 
>> Changed permissions but still have issues 
>> 
>> A error occurred while sending email the mail server responded 4.3.5 server 
>> configuration error 
>> Please check the message recipient 
>> 
>> Sent from my iPad
>> 
>>> On Feb 17, 2019, at 12:06 PM, Aki Tuomi  wrote:
>>> 
>>> mail_privileged_group=mail
>>> 
>>> Aki
>>> 
 On 17 February 2019 at 19:03 Latin Bishop  wrote:
 
 
 When testing with thunder mail getting this error 
 
 Feb 17 11:59:40 pepino dovecot: imap(pi): Error: open(/var/mail/pi) 
 failed: Permission denied (euid=1000(pi) egid=1000(pi) missing +w perm: 
 /var/mail, we're not in group 8(mail), dir owned by 0:8 mode=0775)
 Feb 17 11:59:40 pepino dovecot: imap(pi): Error: Failed to autocreate 
 mailbox INBOX: Internal error occurred. Refer to server log for more 
 information. [2019-02-17 11:59:40]
 Feb 17 11:59:50 pepino dovecot: imap(pi): Logged out in=155 out=874
 
 
> On Feb 17, 2019, at 8:46 AM, Aki Tuomi  wrote:
> 
> You probably mean -quiet flag which works
> 
> Aki
> 
>> On 17 February 2019 at 12:10 Latin Bishop  wrote:
>> 
>> 
>> Thanks 
>> 
>> Was 143.  I notice the -quite flag no longer works in openssl when 
>> testing connection 
>> 
>>> On Feb 17, 2019, at 3:33 AM, Aki Tuomi  
>>> wrote:
>>> 
>>> 
 On 17 February 2019 at 05:50 Latin Bishop via dovecot < 
 dovecot@dovecot.org> wrote:
 
 
 
 Getting this error after following
 this tutorial
 
 Error in configuration file /etc/dovecot/dovecot.conf duplicate 
 listener
 
 
 https://samhobbs.co.uk/2013/12/raspberry-pi-email-server-part-2-dovecot
 
>>> 
>>> Usually doveconf -n tells you where the duplicate listener is so you 
>>> can remove it.
>>> --- 
>>> Aki Tuomi

Re: index problems after update

2019-02-18 Thread Hajo Locke via dovecot


Hello,

it seems we need a dovecot developers opinion. May be we hit a bug or 
cant help ourselves.


Am 15.02.2019 um 11:35 schrieb Hajo Locke via dovecot:

Hello,

Am 15.02.2019 um 10:03 schrieb Gonzalo Palacios Goicolea via dovecot:

El 15/02/2019 a las 8:47, Hajo Locke via dovecot escribió:

Hello,

Am 11.02.2019 um 09:12 schrieb Hajo Locke via dovecot:

Hello,
Am 08.02.2019 um 09:25 schrieb Hajo Locke via dovecot:

Hello List,

i have a problem with index-files which is separated in 2 
subproblems. May be these problems are connected.
Currently we use Ubuntu 18.04 LTS which is bundled with dovecot 
2.2.33.2
These servers are fresh installed machines and users are added to 
the system after, there was no upgrade.
Sometimes it happens, that dovecot stops showing new mail. There 
is no error in log, dovecot just seems to do his normal operations 
but is not delivering new emails from /var/mail/myuser
emails are delivered again if i delete index-files from .imap 
folder. So index is recreated and everything works again. I cant 
reproduce this problem, but every 2 days i have one user who is 
reporting this problem.




Iam surprised that no one has an opinion in this case. Nobody else 
noticed this problem?
Yesterday i had a customer who was affected twice. First time we saw 
an errormessage, which leads to an index problem:


Feb 13 15:46:58 hostname dovecot[30097]: imap(username): Error: 
Corrupted record in index cache file 
/home/popuser/username/mail/.imap/INBOX/dovecot.index.cache: UID 
26876: Broken physical size in mailbox INBOX: 
read(/var/mail/username) failed: Cached message size smaller than 
expected (2118 < 8088, box=INBOX, UID=26876)
Feb 13 15:46:58 hostname dovecot[30097]: imap(username): Error: 
read(/var/mail/username) failed: Cached message size smaller than 
expected (2118 < 8088, box=INBOX, UID=26876) (FETCH BODY[] for 
mailbox INBOX UID 26876)


At this point no new incoming mail is delivered by imapd. We deleted 
index files, dovecot reacreated them and all was working again.
a day later same user was affected again. But like all other cases 
before there is no error or unusual logline. i turned mail_debug on, 
but no further hint.
There are definitely new Mails in /var/mail/username but dovecot 
still shows old state from cache. I deleted index-files again and 
imap-client showed a lot of new unread mails.
In log i can see that people are active in imap-clients and managing 
mails. If a new mail is coming in this period it seems to harm 
index-files some times. We never noticed same behaviour with long 
used dovecot 2.2.22


It seems that 2.2.33.2 which is bundled with Ubuntu18.04 LTS has a 
special problem.


Please help. What is your advice?


Second problem is similiar. I Upgraded a server from Ubuntu 16.04 
to Ubuntu 18.04. This includes an upgrade from dovecot 2.2.22 to 
2.2.33.2. After that i installed an self packaged dovecot 2.2.36.1
Now here is same problem, dovecot is not showing new mails, but 
the difference is we have a Raw backtrace in Log just as expected:



i think this crash is a special problem of dovecot 2.2.36.1.
if i downgrade to 2.2.33.2 all is working well, upgrading again to 
2.2.36.1 leeds to same crash.
Feb  8 08:45:37 hostname dovecot[14882]: imap(myuser): Error: Raw 
backtrace: /usr/lib/dovecot/libdovecot.so.0(+0xa1ee2) 
[0x7f78b3b2cee2] -> /usr/lib/dovecot/libdovecot.so.0(+0xa1fda) 
[0x7f78b3b2cfda] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) 
[0x7f78b3abb8a8] -> 
/usr/lib/dovecot/libdovecot-storage.so.0(index_mail_parse_header+0x78a) 
[0x7f78b3e7940a] -> /usr/lib/dovecot/libdovecot.so.0(+0x83592) 
[0x7f78b3b0e592] -> 
/usr/lib/dovecot/libdovecot.so.0(i_stream_read+0x74) 
[0x7f78b3b38814] -> 
/usr/lib/dovecot/libdovecot.so.0(i_stream_read_data+0x3d) 
[0x7f78b3b392fd] -> 
/usr/lib/dovecot/libdovecot-storage.so.0(index_mail_get_header_stream+0x4a) 
[0x7f78b3e7a2ea] -> 
/usr/lib/dovecot/libdovecot-storage.so.0(mail_get_header_stream+0x4a) 
[0x7f78b3dfd8da] -> 
/usr/lib/dovecot/libdovecot-storage.so.0(imap_msgpart_open+0x24a) 
[0x7f78b3ebb57a] -> dovecot/imap [myuser ip.ip.ip.ip 
FETCH](+0x2081c) [0x5581ac76d81c] -> dovecot/imap [m038422 
ip.ip.ip.ip FETCH](+0x1ea54) [0x5581ac76ba54] -> dovecot/imap 
[myuser ip.ip.ip.ip FETCH](imap_fetch_more+0x39) [0x5581ac76cd69] 
-> dovecot/imap [myuser ip.ip.ip.ip FETCH](cmd_fetch+0x31b) 
[0x5581ac75e1bb] -> dovecot/imap [myuser ip.ip.ip.ip 
FETCH](command_exec+0x5c) [0x5581ac76a09c] -> dovecot/imap [myuser 
ip.ip.ip.ip FETCH](+0x1b612) [0x5581ac768612] -> dovecot/imap 
[myuser ip.ip.ip.ip FETCH](+0x1b6ac) [0x5581ac7686ac] -> 
dovecot/imap [myuser ip.ip.ip.ip FETCH](client_handle_input+0x18d) 
[0x5581ac768a6d] -> dovecot/imap [myuser ip.ip.ip.ip 
FETCH](client_input+0xac) [0x5581ac768fbc] -> 
/usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x52) 
[0x7f78b3b43482] -> 
/usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run_internal+0x12e) 
[0x7f78b3b44b9e] ->

Re: Dove to error

Changed permissions but still have issues 

A error occurred while sending email the mail server responded 4.3.5 server 
configuration error 
Please check the message recipient 

Sent from my iPad

> On Feb 17, 2019, at 12:06 PM, Aki Tuomi  wrote:
> 
> mail_privileged_group=mail
> 
> Aki
> 
>> On 17 February 2019 at 19:03 Latin Bishop  wrote:
>> 
>> 
>> When testing with thunder mail getting this error 
>> 
>> Feb 17 11:59:40 pepino dovecot: imap(pi): Error: open(/var/mail/pi) failed: 
>> Permission denied (euid=1000(pi) egid=1000(pi) missing +w perm: /var/mail, 
>> we're not in group 8(mail), dir owned by 0:8 mode=0775)
>> Feb 17 11:59:40 pepino dovecot: imap(pi): Error: Failed to autocreate 
>> mailbox INBOX: Internal error occurred. Refer to server log for more 
>> information. [2019-02-17 11:59:40]
>> Feb 17 11:59:50 pepino dovecot: imap(pi): Logged out in=155 out=874
>> 
>> 
>>> On Feb 17, 2019, at 8:46 AM, Aki Tuomi  wrote:
>>> 
>>> You probably mean -quiet flag which works
>>> 
>>> Aki
>>> 
 On 17 February 2019 at 12:10 Latin Bishop  wrote:
 
 
 Thanks 
 
 Was 143.  I notice the -quite flag no longer works in openssl when testing 
 connection 
 
> On Feb 17, 2019, at 3:33 AM, Aki Tuomi  wrote:
> 
> 
>> On 17 February 2019 at 05:50 Latin Bishop via dovecot < 
>> dovecot@dovecot.org> wrote:
>> 
>> 
>> 
>> Getting this error after following
>> this tutorial
>> 
>> Error in configuration file /etc/dovecot/dovecot.conf duplicate listener
>> 
>> 
>> https://samhobbs.co.uk/2013/12/raspberry-pi-email-server-part-2-dovecot
>> 
> 
> Usually doveconf -n tells you where the duplicate listener is so you can 
> remove it.
> --- 
> Aki Tuomi

Re: [grosjo/fts-xapian] `doveadm fts rescan` removes all indices (#15)

2019-02-18 Thread Joan Moreau via dovecot

Can you clarify the piece of code or give an example on how to "Get
list of UIDs for all mails in each folder " and how to get the "list of
all folder/mailbox" from a *backend input ?

On 2019-02-17 14:52, Aki Tuomi wrote:

Not really, as the steps outlined by Timo would not get done.

Aki

On 17 February 2019 at 10:56 Joan Moreau via dovecot
wrote:

In such case, as long as the API is not upgraded, should

doveadm index -A -q \*

be considered a replacement of

doveadm fts rescan

On 2019-02-14 16:24, Timo Sirainen via dovecot wrote:

Hi,

The rescan() function is a bit badly designed. Currently what you could do what fts-lucene does and:
- Get list of UIDs for all mails in each folder
- If Xapian has UID that doesn't exist -> delete it from Xapian
- If UID is missing from Xapian -> expunge the rest of the UIDs in that folder, so the next indexing will cause them to be indexed

The expunging of rest of the mails is rather ugly, yes.. A better API would be if backend simply had a way to iterate all mails in the index, preferrably sorted by folder. Then a more generic code could go through them and expunge the necessary mails and index the missing mails. Although not all FTS backends support indexing in the middle. Anyway, we don't really have time to implement this new API soon.

I'm not sure if this is a big problem though. I don't think most people running FTS have ever run rescan.

On 8 Feb 2019, at 9.54, Joan Moreau via dovecot wrote:

Hi,

THis is a core problem in Dovecot in my understanding.

In my opinion, the rescan in dovecot should send to the FTS plugin the list of "supposedly" indexed emails (UID), and the plugin shall purge the redundant UID (i..e UID present in the index but not in the list sent by dovecot) and send back the list of UID not in its indexes to dovecot, so Dovect can send one by one the missing emails

WHat do you think ?

Original Message

SUBJECT:
[grosjo/fts-xapian] `doveadm fts rescan` removes all indices (#15)

DATE:
2019-02-08 08:28

FROM:
Leonard Lausen

TO:
grosjo/fts-xapian

CC:
Subscribed

REPLY-TO:
grosjo/fts-xapian

doveadm fts rescan -A deletes all indices, ie. all folders and files in the xapian-indexes are deleted. However, according to man doveadm fts, the rescan command should only

Scan what mails exist in the full text search index and compare those to what
actually exist in mailboxes. This removes mails from the index that have already
been expunged and makes sure that the next doveadm index will index all the
missing mails (if any).

Deleting all indices does not seem to be the intended action, especially as constructing the index anew may take very long on large mailboxes.

--
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub [1 [1]], or mute the thread [2].

Links:
--
[1] https://github.com/grosjo/fts-xapian/issues/15
[2]
https://github.com/notifications/unsubscribe-auth/ACLmB9OB-7GaKIvhNc8sCgi7KQTrjNnoks5vLScugaJpZM4auCWp

Links:
--
[1] https://github.com/grosjo/fts-xapian/issues/15

Re: Dove to error

Feb 17 12:48:00 pepino postfix/smtps/smtpd[3988]: connect from 
localhost[127.0.0.1]
Feb 17 12:48:01 pepino postfix/smtps/smtpd[3988]: warning: unknown smtpd 
restriction: "permit_ssl_authenticated"
Feb 17 12:48:01 pepino postfix/smtps/smtpd[3988]: NOQUEUE: reject: RCPT from 
localhost[127.0.0.1]: 451 4.3.5 Server configuration error; 
from= to= proto=ESMTP helo=<[127.0.0.1]>
Feb 17 12:48:07 pepino postfix/cleanup[3998]: 25EC480E6B: 
message-id=<20190217174807.25EC480E6B@pepino>
Feb 17 12:48:07 pepino postfix/smtps/smtpd[3988]: disconnect from 
localhost[127.0.0.1] ehlo=1 auth=1 mail=1 rcpt=0/1 quit=1 commands=4/5
Feb 17 12:48:07 pepino postfix/qmgr[2604]: 25EC480E6B: 
from=, size=970, nrcpt=1 (queue active)
Feb 17 12:48:07 pepino postfix/local[3999]: 25EC480E6B: 
to=, orig_to=, relay=local, delay=0.06, 
delays=0.03/0/0/0.03, dsn=2.0.0, status=sent (delivered to maildir)
Feb 17 12:48:07 pepino postfix/qmgr[2604]: 25EC480E6B: removed

> On Feb 17, 2019, at 12:40 PM, Aki Tuomi  wrote:
> 
> Can you try adding 'pi' to group 'mail' too? Also, can you provide the actual 
> errors from log?
> 
> Aki
> 
>> On 17 February 2019 at 19:37 Latin Bishop  wrote:
>> 
>> 
>> Yes it is. Basically can’t send nor receive confit looks good 
>> 
>> 
>> 
>>> On Feb 17, 2019, at 12:34 PM, Aki Tuomi  wrote:
>>> 
>>> Is user 'dovecot' member of group 'mail'?
>>> 
>>> Aki
>>> 
 On 17 February 2019 at 19:28 Latin Bishop  wrote:
 
 
 Changed permissions but still have issues 
 
 A error occurred while sending email the mail server responded 4.3.5 
 server configuration error 
 Please check the message recipient 
 
 Sent from my iPad
 
> On Feb 17, 2019, at 12:06 PM, Aki Tuomi  
> wrote:
> 
> mail_privileged_group=mail
> 
> Aki
> 
>> On 17 February 2019 at 19:03 Latin Bishop  wrote:
>> 
>> 
>> When testing with thunder mail getting this error 
>> 
>> Feb 17 11:59:40 pepino dovecot: imap(pi): Error: open(/var/mail/pi) 
>> failed: Permission denied (euid=1000(pi) egid=1000(pi) missing +w perm: 
>> /var/mail, we're not in group 8(mail), dir owned by 0:8 mode=0775)
>> Feb 17 11:59:40 pepino dovecot: imap(pi): Error: Failed to autocreate 
>> mailbox INBOX: Internal error occurred. Refer to server log for more 
>> information. [2019-02-17 11:59:40]
>> Feb 17 11:59:50 pepino dovecot: imap(pi): Logged out in=155 out=874
>> 
>> 
>>> On Feb 17, 2019, at 8:46 AM, Aki Tuomi  
>>> wrote:
>>> 
>>> You probably mean -quiet flag which works
>>> 
>>> Aki
>>> 
 On 17 February 2019 at 12:10 Latin Bishop  wrote:
 
 
 Thanks 
 
 Was 143.  I notice the -quite flag no longer works in openssl when 
 testing connection 
 
> On Feb 17, 2019, at 3:33 AM, Aki Tuomi  
> wrote:
> 
> 
>> On 17 February 2019 at 05:50 Latin Bishop via dovecot < 
>> dovecot@dovecot.org> wrote:
>> 
>> 
>> 
>> Getting this error after following
>> this tutorial
>> 
>> Error in configuration file /etc/dovecot/dovecot.conf duplicate 
>> listener
>> 
>> 
>> https://samhobbs.co.uk/2013/12/raspberry-pi-email-server-part-2-dovecot
>> 
> 
> Usually doveconf -n tells you where the duplicate listener is so you 
> can remove it.
> --- 
> Aki Tuomi

Re: Dove to error

Wow, that is lot of useless config, see below for a fixed version to put into 
dovecot.conf =)

Aki

auth_mechanisms = plain login
## doing this lets people log in without SSL
#disable_plaintext_auth = no
listen = *
mail_location = mbox:~/mail:INBOX=/var/mail/%u
namespace {
   inbox = yes
   mailbox {
 special_use = \Drafts
 name = Drafts
   }
   mailbox {
 special_use = \Junk
 name = Junk
   }
   mailbox {
 special_use = \Sent
 name = Sent
   }
   mailbox {
 special_use = \Sent
 name = Sent Messages
   }
   mailbox {
 special_use = \Trash
 name = Trash
   }
   name = inbox
}
 passdb {
   driver = pam
 }
protocols = imap

service auth {
   unix_listener {
 group = postfix
 mode = 0660
 user = postfix
 path = /var/spool/postfix/private/auth
   }
}

## this is useless config, as it's default
#service imap-login {
#   inet_listener {
# port = 143
# name = imap
#   }
#   inet_listener {
# port = 993
# ssl = yes
# name = imaps
#   }
#}

ssl_cert =  On 17 February 2019 at 12:45 soydepr  wrote:
> 
> 
> # 2.2.27 (c0f36b0): /etc/dovecot/dovecot.conf
> # Pigeonhole version 0.4.16 (fed8554)
> # OS: Linux 4.14.79-v7+ armv7l Debian 9.6
> auth_mechanisms = plain login
> disable_plaintext_auth = no
> listen = *
> mail_location = mbox:~/mail:INBOX=/var/mail/%u
> namespace {
>   inbox = yes

Re: Error configuring unix_listener stats-writer

2019-02-18 Thread Peter Nabbefeld via dovecot





Am 17.02.19 um 14:45 schrieb Aki Tuomi:

On 17 February 2019 at 11:47 Peter Nabbefeld via dovecot  
wrote:



Hello,

I've got a very strange problem:
When I try to configure the stats-writer socket, I'm told the
configuration is a duplicate, though none exists in the configuration
files. So I'd guess the configuration is set either built-in or implicitly.

I've put the following into conf.d/10-master.conf:
service auth {
    unix_listener auth-userdb {
    }

    unix_listener stats-writer {
      user = vmail
      group = vmail
      mode = 0666
    }
}

BTW, using imap for mail traffic.

Is there any tool displaying an "effective" config tree (i.e., a tool
displaying the resulting configuration from every file, displaying the
original file and line number)? "dovecot -a" only displays all
configurations, but without source reference, so it's impossible to find
out about the details.  :-(

Kind regards

Peter

Hi

The stats-writer config belongs for service stats, not auth.


Ooops - Thank You!

You can see effective config with 'doveconf -n'.

Nope - it even displays less information than "dovecot -a".

Peter

Aki

Re: Error configuring unix_listener stats-writer

2019-02-18 Thread Jerry via dovecot

On Sun, 17 Feb 2019 10:47:29 +0100, Peter Nabbefeld via dovecot stated:

>Hello,
>
>I've got a very strange problem:
>When I try to configure the stats-writer socket, I'm told the 
>configuration is a duplicate, though none exists in the configuration 
>files. So I'd guess the configuration is set either built-in or
>implicitly.
>
>I've put the following into conf.d/10-master.conf:
>service auth {
>   unix_listener auth-userdb {
>   }
>
>   unix_listener stats-writer {
>     user = vmail
>     group = vmail
>     mode = 0666
>   }
>}
>
>BTW, using imap for mail traffic.
>
>Is there any tool displaying an "effective" config tree (i.e., a tool 
>displaying the resulting configuration from every file, displaying the 
>original file and line number)? "dovecot -a" only displays all 
>configurations, but without source reference, so it's impossible to
>find out about the details.  :-(
>
>Kind regards
>
>Peter


"doveconf -n" should do what you want. Post the "entire output" from
that command here so we an analyze it.

-- 
Jerry


pgp_Lx8fJvAZQ.pgp
Description: OpenPGP digital signature

Re: Error configuring unix_listener stats-writer




> On 18 Feb 2019, at 12.15, Peter Nabbefeld  wrote:
> 
> 
> 
> Am 17.02.19 um 18:27 schrieb Sami Ketola:
>>> 
>> 
>> Easy way is to use just one config file. That is what I have done for years.
>> 
>> Sami
>> 
>> 
> I'd preferred that, too, but it seems the 'modern' way - and I don't want to 
> get any possible configuration issues on updates, so I won't change this.


If your distribution modifies config files on updates then it's time to switch 
to another distribution.

Sami

Re: Dove to error

Feb 17 12:51:28 pepino dovecot: imap-login: Login: user=, method=PLAIN, 
rip=127.0.0.1, lip=127.0.1.1, $Feb 17 13:08:38 pepino dovecot: doveadm: Debug: 
This is Dovecot's debug log (1550426918)
Feb 17 13:08:38 pepino dovecot: doveadm: This is Dovecot's info log (1550426918)
Feb 17 13:08:38 pepino dovecot: doveadm: Warning: This is Dovecot's warning log 
(1550426918)
Feb 17 13:08:38 pepino dovecot: doveadm: Error: This is Dovecot's error log 
(1550426918)
Feb 17 13:08:38 pepino dovecot: doveadm: Fatal: This is Dovecot's fatal log 
(1550426



> On Feb 17, 2019, at 1:12 PM, Aki Tuomi  wrote:
> 
> That really depends on your dovecot config, but try
> 
> doveadm log find
> 
> also you can list recent errors with
> 
> doveadm log errors
> 
> Aki
> 
>> On 17 February 2019 at 20:03 Latin Bishop  wrote:
>> 
>> 
>> Where I find dovecot log
>> 
>> 
>> 
>>> On Feb 17, 2019, at 12:56 PM, Aki Tuomi  wrote:
>>> 
>>> Yes, well, this is postfix log, which is not very useful when debugging 
>>> dovecot problems...
>>> 
>>> Aki
>>> 
 On 17 February 2019 at 19:50 Latin Bishop  wrote:
 
 
 Feb 17 12:48:00 pepino postfix/smtps/smtpd[3988]: connect from 
 localhost[127.0.0.1]
 Feb 17 12:48:01 pepino postfix/smtps/smtpd[3988]: warning: unknown smtpd 
 restriction: "permit_ssl_authenticated"
 Feb 17 12:48:01 pepino postfix/smtps/smtpd[3988]: NOQUEUE: reject: RCPT 
 from localhost[127.0.0.1]: 451 4.3.5 Server configuration error; 
 from= to= proto=ESMTP 
 helo=<[127.0.0.1]>
 Feb 17 12:48:07 pepino postfix/cleanup[3998]: 25EC480E6B: 
 message-id=<20190217174807.25EC480E6B@pepino>
 Feb 17 12:48:07 pepino postfix/smtps/smtpd[3988]: disconnect from 
 localhost[127.0.0.1] ehlo=1 auth=1 mail=1 rcpt=0/1 quit=1 commands=4/5
 Feb 17 12:48:07 pepino postfix/qmgr[2604]: 25EC480E6B: 
 from=, size=970, nrcpt=1 (queue active)
 Feb 17 12:48:07 pepino postfix/local[3999]: 25EC480E6B: 
 to=, orig_to=, relay=local, delay=0.06, 
 delays=0.03/0/0/0.03, dsn=2.0.0, status=sent (delivered to maildir)
 Feb 17 12:48:07 pepino postfix/qmgr[2604]: 25EC480E6B: removed
 
> On Feb 17, 2019, at 12:40 PM, Aki Tuomi  
> wrote:
> 
> Can you try adding 'pi' to group 'mail' too? Also, can you provide the 
> actual errors from log?
> 
> Aki
> 
>> On 17 February 2019 at 19:37 Latin Bishop  wrote:
>> 
>> 
>> Yes it is. Basically can’t send nor receive confit looks good 
>> 
>> 
>> 
>>> On Feb 17, 2019, at 12:34 PM, Aki Tuomi  
>>> wrote:
>>> 
>>> Is user 'dovecot' member of group 'mail'?
>>> 
>>> Aki
>>> 
 On 17 February 2019 at 19:28 Latin Bishop  wrote:
 
 
 Changed permissions but still have issues 
 
 A error occurred while sending email the mail server responded 4.3.5 
 server configuration error 
 Please check the message recipient 
 
 Sent from my iPad
 
> On Feb 17, 2019, at 12:06 PM, Aki Tuomi  
> wrote:
> 
> mail_privileged_group=mail
> 
> Aki
> 
>> On 17 February 2019 at 19:03 Latin Bishop  wrote:
>> 
>> 
>> When testing with thunder mail getting this error 
>> 
>> Feb 17 11:59:40 pepino dovecot: imap(pi): Error: open(/var/mail/pi) 
>> failed: Permission denied (euid=1000(pi) egid=1000(pi) missing +w 
>> perm: /var/mail, we're not in group 8(mail), dir owned by 0:8 
>> mode=0775)
>> Feb 17 11:59:40 pepino dovecot: imap(pi): Error: Failed to 
>> autocreate mailbox INBOX: Internal error occurred. Refer to server 
>> log for more information. [2019-02-17 11:59:40]
>> Feb 17 11:59:50 pepino dovecot: imap(pi): Logged out in=155 out=874
>> 
>> 
>>> On Feb 17, 2019, at 8:46 AM, Aki Tuomi  
>>> wrote:
>>> 
>>> You probably mean -quiet flag which works
>>> 
>>> Aki
>>> 
 On 17 February 2019 at 12:10 Latin Bishop  
 wrote:
 
 
 Thanks 
 
 Was 143.  I notice the -quite flag no longer works in openssl when 
 testing connection 
 
> On Feb 17, 2019, at 3:33 AM, Aki Tuomi 
>  wrote:
> 
> 
>> On 17 February 2019 at 05:50 Latin Bishop via dovecot < 
>> dovecot@dovecot.org> wrote:
>> 
>> 
>> 
>> Getting this error after following
>> this tutorial
>> 
>> Error in configuration file /etc/dovecot/dovecot.conf duplicate 
>> listener
>> 
>> 
>> https://samhobbs.co.uk/2013/12/raspberry-pi-email-server-part-2-dovecot
>> 
> 
> Usually doveconf -n tells

Re: Error configuring unix_listener stats-writer



> On 17 February 2019 at 11:47 Peter Nabbefeld via dovecot 
>  wrote:
> 
> 
> 
> Hello,
> 
> I've got a very strange problem:
> When I try to configure the stats-writer socket, I'm told the 
> configuration is a duplicate, though none exists in the configuration 
> files. So I'd guess the configuration is set either built-in or implicitly.
> 
> I've put the following into conf.d/10-master.conf:
> service auth {
>    unix_listener auth-userdb {
>    }
> 
>    unix_listener stats-writer {
>      user = vmail
>      group = vmail
>      mode = 0666
>    }
> }
> 
> BTW, using imap for mail traffic.
> 
> Is there any tool displaying an "effective" config tree (i.e., a tool 
> displaying the resulting configuration from every file, displaying the 
> original file and line number)? "dovecot -a" only displays all 
> configurations, but without source reference, so it's impossible to find 
> out about the details.  :-(
> 
> Kind regards
> 
> Peter

Hi

The stats-writer config belongs for service stats, not auth.

You can see effective config with 'doveconf -n'.

Aki

Re: Migrate Mail Data from Dovecot to Dovecot

2019-02-18 Thread Phil Turmel via dovecot


On 2/17/19 4:00 AM, Odhiambo Washington via dovecot wrote:

I have built a new server (FreeBSD-12) running dovecot-2.3.4.
My old server (FreeBSD-9.3) is running dovecot-2.3.4 as well.
The configurations are 1:1 identical.
The are about 250 users on this server, all virtual. They are mostly POP3
users, but they do "leave a copy of message on the server"
for set various number of days.

Now, to migrate the mail data, can I simply rsync the mail directories
between the old and the new server? Would that create a pitfall??

What is the recommended method?


Consider re-posting your question in a NEW message, not a reply to 
another, unrelated thread.  The type of people who are likely to know 
the answer are also likely to use threaded mail-readers, and will 
therefore not see your message.


Phil

CASifying dovecot and webmail

2019-02-18 Thread Juan Carlos Sánchez via dovecot


Hello:

I'm trying to authenticate webmail (roundcube) and dovecot with Apereo CAS.

I don't find any good guide and everything I have found is some years 
old. Has any of you done a recent integration with CAS and can share the 
details ?


Best regards

--

--
Juan Carlos Sanchez Hernandez
Servicio de Infraestructura e Innovación
Universidad Politecnica de Madrid - www.upm.es
Rectorado
Avda. Ramiro de Maeztu 7
28040 Madrid
--

Re: Dove to error



Did u mean set this 

 disable_plaintext_auth = no

Need some help as still having issues 

Can’t send or receive 
M181923P5865.pepino,S=7114,W=7258:2,S) failed: Cached message size smaller than 
expected (7114 < 8192, box$Feb 17 14:45:37 pepino dovecot: imap(pi): Error: 
read(/home/pi/Maildir/.Trash/cur/1550431162.M181923P5865.$Feb 17 15:16:04 
pepino dovecot: doveadm: Error: This is Dovecot's error log (1550434564)
Feb 17 15:16:04 pepino dovecot: doveadm: Fatal: This is Dovecot's fatal log 
(1550434564)
Feb 17 15:16:10 pepino dovecot: doveadm: Error: This is Dovecot's error log 
(1550434570)
Feb 17 15:16:10 pepino dovecot: doveadm: Fatal: This is Dovecot's fatal log 
(1550434570)




* error occurred on SMTP session
*** Error occurred while sending the message:
451 4.3.5 Server configuration error
[15:45:38] IMAP> 9 UID STORE 6 +FLAGS.SILENT (\Deleted)
[15:45:38] IMAP< 9 OK Store completed (0.001 + 0.000 secs).
[15:45:38] IMAP> 10 EXPUNGE
[15:45:38] IMAP< * 1 EXPUNGE

  
>> On 17 February 2019 at 12:45 soydepr  wrote:
>> 
>> 
>> # 2.2.27 (c0f36b0): /etc/dovecot/dovecot.conf
>> # Pigeonhole version 0.4.16 (fed8554)
>> # OS: Linux 4.14.79-v7+ armv7l Debian 9.6
>> auth_mechanisms = plain login
>> disable_plaintext_auth = no
>> listen = *
>> mail_location = mbox:~/mail:INBOX=/var/mail/%u
>> namespace {
>>  inbox = yes

Re: Error configuring unix_listener stats-writer



On 18.2.2019 12.10, Peter Nabbefeld wrote:
>
>
> Am 17.02.19 um 14:45 schrieb Aki Tuomi:
>>> On 17 February 2019 at 11:47 Peter Nabbefeld via dovecot
>>>  wrote:
>>>
>>>
>>>
>>> Hello,
>>>
>>> I've got a very strange problem:
>>> When I try to configure the stats-writer socket, I'm told the
>>> configuration is a duplicate, though none exists in the configuration
>>> files. So I'd guess the configuration is set either built-in or
>>> implicitly.
>>>
>>> I've put the following into conf.d/10-master.conf:
>>> service auth {
>>>     unix_listener auth-userdb {
>>>     }
>>>
>>>     unix_listener stats-writer {
>>>       user = vmail
>>>       group = vmail
>>>       mode = 0666
>>>     }
>>> }
>>>
>>> BTW, using imap for mail traffic.
>>>
>>> Is there any tool displaying an "effective" config tree (i.e., a tool
>>> displaying the resulting configuration from every file, displaying the
>>> original file and line number)? "dovecot -a" only displays all
>>> configurations, but without source reference, so it's impossible to
>>> find
>>> out about the details.  :-(
>>>
>>> Kind regards
>>>
>>> Peter
>> Hi
>>
>> The stats-writer config belongs for service stats, not auth.
>
> Ooops - Thank You!
>> You can see effective config with 'doveconf -n'.
> Nope - it even displays less information than "dovecot -a".
>
> Peter
>> Aki
>
doveconf -n shows "what has been set", so it shows the effective
configuration. There is no command to see which included file changed what.

Aki

Re: Error configuring unix_listener stats-writer

2019-02-18 Thread Peter Nabbefeld via dovecot





Am 17.02.19 um 18:27 schrieb Sami Ketola:



On 17 Feb 2019, at 11.47, Peter Nabbefeld via dovecot 
 wrote:



Is there any tool displaying an "effective" config tree (i.e., a tool 
displaying the resulting configuration from every file, displaying 
the original file and line number)? "dovecot -a" only displays all 
configurations, but without source reference, so it's impossible to 
find out about the details.  :-(




Easy way is to use just one config file. That is what I have done for 
years.


Sami


I'd preferred that, too, but it seems the 'modern' way - and I don't 
want to get any possible configuration issues on updates, so I won't 
change this.


Peter

Re: Dove to error

You probably mean -quiet flag which works

Aki

> On 17 February 2019 at 12:10 Latin Bishop  wrote:
> 
> 
> Thanks 
> 
> Was 143.  I notice the -quite flag no longer works in openssl when testing 
> connection 
> 
> > On Feb 17, 2019, at 3:33 AM, Aki Tuomi  wrote:
> > 
> > 
> >> On 17 February 2019 at 05:50 Latin Bishop via dovecot < 
> >> dovecot@dovecot.org> wrote:
> >> 
> >> 
> >> 
> >> Getting this error after following
> >> this tutorial
> >> 
> >> Error in configuration file /etc/dovecot/dovecot.conf duplicate listener
> >> 
> >> 
> >> https://samhobbs.co.uk/2013/12/raspberry-pi-email-server-part-2-dovecot
> >> 
> > 
> > Usually doveconf -n tells you where the duplicate listener is so you can 
> > remove it.
> > --- 
> > Aki Tuomi

Re: Error configuring unix_listener stats-writer

On 17 Feb 2019, at 11.47, Peter Nabbefeld via dovecot  wrote:Is there any tool displaying an "effective" config tree (i.e., a tool displaying the resulting configuration from every file, displaying the original file and line number)? "dovecot -a" only displays all configurations, but without source reference, so it's impossible to find out about the details.  :-(Easy way is to use just one config file. That is what I have done for years.Sami

Re: [grosjo/fts-xapian] `doveadm fts rescan` removes all indices (#15)

Not really, as the steps outlined by Timo would not get done.

Aki

> On 17 February 2019 at 10:56 Joan Moreau via dovecot  
> wrote:
> 
> 
> In such case, as long as the API is not upgraded, should 
> 
> doveadm index -A -q \* 
> 
> be considered a replacement of 
> 
> doveadm fts rescan
> 
> On 2019-02-14 16:24, Timo Sirainen via dovecot wrote:
> 
> > Hi, 
> > 
> > The rescan() function is a bit badly designed. Currently what you could do 
> > what fts-lucene does and: 
> > - Get list of UIDs for all mails in each folder 
> > - If Xapian has UID that doesn't exist -> delete it from Xapian 
> > - If UID is missing from Xapian -> expunge the rest of the UIDs in that 
> > folder, so the next indexing will cause them to be indexed 
> > 
> > The expunging of rest of the mails is rather ugly, yes.. A better API would 
> > be if backend simply had a way to iterate all mails in the index, 
> > preferrably sorted by folder. Then a more generic code could go through 
> > them and expunge the necessary mails and index the missing mails. Although 
> > not all FTS backends support indexing in the middle. Anyway, we don't 
> > really have time to implement this new API soon. 
> > 
> > I'm not sure if this is a big problem though. I don't think most people 
> > running FTS have ever run rescan. 
> > 
> > On 8 Feb 2019, at 9.54, Joan Moreau via dovecot  
> > wrote: 
> > 
> > Hi, 
> > 
> > THis is a core problem in Dovecot in my understanding. 
> > 
> > In my opinion, the rescan in dovecot should send to the FTS plugin the list 
> > of "supposedly" indexed emails (UID), and the plugin shall purge the 
> > redundant UID (i..e UID present in the index but not in the list sent by 
> > dovecot) and send back the list of UID not in its indexes to dovecot, so 
> > Dovect can send one by one the missing emails 
> > 
> > WHat do you think ? 
> > 
> >  Original Message  
> > 
> > SUBJECT:
> > [grosjo/fts-xapian] `doveadm fts rescan` removes all indices (#15)
> > 
> > DATE:
> > 2019-02-08 08:28
> > 
> > FROM:
> > Leonard Lausen 
> > 
> > TO:
> > grosjo/fts-xapian 
> > 
> > CC:
> > Subscribed 
> > 
> > REPLY-TO:
> > grosjo/fts-xapian 
> > 
> > 
> > doveadm fts rescan -A deletes all indices, ie. all folders and files in the 
> > xapian-indexes are deleted. However, according to man doveadm fts, the 
> > rescan command should only 
> > 
> > Scan what mails exist in the full text search index and compare those to 
> > what
> > actually exist in mailboxes. This removes mails from the index that have 
> > already
> > been expunged and makes sure that the next doveadm index will index all the
> > missing mails (if any). 
> > 
> > Deleting all indices does not seem to be the intended action, especially as 
> > constructing the index anew may take very long on large mailboxes. 
> > 
> > --
> > You are receiving this because you are subscribed to this thread.
> > Reply to this email directly, view it on GitHub [1], or mute the thread [2].
>  
> 
> Links:
> --
> [1] https://github.com/grosjo/fts-xapian/issues/15
> [2]
> https://github.com/notifications/unsubscribe-auth/ACLmB9OB-7GaKIvhNc8sCgi7KQTrjNnoks5vLScugaJpZM4auCWp

Re: Dove to error

Is user 'dovecot' member of group 'mail'?

Aki

> On 17 February 2019 at 19:28 Latin Bishop  wrote:
> 
> 
> Changed permissions but still have issues 
> 
> A error occurred while sending email the mail server responded 4.3.5 server 
> configuration error 
> Please check the message recipient 
> 
> Sent from my iPad
> 
> > On Feb 17, 2019, at 12:06 PM, Aki Tuomi  wrote:
> > 
> > mail_privileged_group=mail
> > 
> > Aki
> > 
> >> On 17 February 2019 at 19:03 Latin Bishop  wrote:
> >> 
> >> 
> >> When testing with thunder mail getting this error 
> >> 
> >> Feb 17 11:59:40 pepino dovecot: imap(pi): Error: open(/var/mail/pi) 
> >> failed: Permission denied (euid=1000(pi) egid=1000(pi) missing +w perm: 
> >> /var/mail, we're not in group 8(mail), dir owned by 0:8 mode=0775)
> >> Feb 17 11:59:40 pepino dovecot: imap(pi): Error: Failed to autocreate 
> >> mailbox INBOX: Internal error occurred. Refer to server log for more 
> >> information. [2019-02-17 11:59:40]
> >> Feb 17 11:59:50 pepino dovecot: imap(pi): Logged out in=155 out=874
> >> 
> >> 
> >>> On Feb 17, 2019, at 8:46 AM, Aki Tuomi  wrote:
> >>> 
> >>> You probably mean -quiet flag which works
> >>> 
> >>> Aki
> >>> 
>  On 17 February 2019 at 12:10 Latin Bishop  wrote:
>  
>  
>  Thanks 
>  
>  Was 143.  I notice the -quite flag no longer works in openssl when 
>  testing connection 
>  
> > On Feb 17, 2019, at 3:33 AM, Aki Tuomi  
> > wrote:
> > 
> > 
> >> On 17 February 2019 at 05:50 Latin Bishop via dovecot < 
> >> dovecot@dovecot.org> wrote:
> >> 
> >> 
> >> 
> >> Getting this error after following
> >> this tutorial
> >> 
> >> Error in configuration file /etc/dovecot/dovecot.conf duplicate 
> >> listener
> >> 
> >> 
> >> https://samhobbs.co.uk/2013/12/raspberry-pi-email-server-part-2-dovecot
> >> 
> > 
> > Usually doveconf -n tells you where the duplicate listener is so you 
> > can remove it.
> > --- 
> > Aki Tuomi

Re: Need to authenticate Outlook and NTLM

2019-02-18 Thread Stuart Henderson via dovecot

On 2019-02-13, Mark Foley via dovecot  wrote:
> Is it possible that no one on this list is authenticating Outlook with 
> Dovecot and NTLM?

Yes, it's possible, the outdated instructions you found on the wiki
suggests it's an uncommon configiration.

No actual answers from me, but it might give you some clues:

> More on this ...
>
> I short-sheeted ntlm_auth to see what was being passed to it. It is getting 
> as arg1:
>
> --helper-protocol=squid-2.5-ntlmssp
>
> I tried running ntlm_auth at the command line as:
>
> ntlm_auth --username=user --password=password 
> --helper-protocol=squid-2.5-ntlmssp
>
> It did nothing, just hung there. The ntlm_auth man page says:
>
> --helper-protocol=PROTO
>   Operate as a stdio-based helper. Valid helper protocols are:

The squid auth helpers are stdio-based, they run in a loop, reading from
stdin, checking authentication, and return results on stdout. This avoids both
passing sensitive data on the command line (visible to ps, at least briefly)
and the need to keep forking and initialising a new process.

So it's normal that it would just sit waiting for input.

Dovecot is just reusing the same protocol that squid uses.

> After more searching I came across this post, 
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774263
> which, in summary, said that ntlm_auth had to run as root. So, I added the 
> following to my
> dovecot config per that post's suggestion:
>
> service auth {
>   user = root
> }
>
> After restarting and trying again to connect from Outlook I got the message:
>
> auth: Info: ntlm(?,192.168.0.58,): user not authenticated: 
> NT_STATUS_NO_MEMORY

I don't know the full details of how samba/ntlm works, but this seems like
an error coming from the server you're attempting to authenticate against.
I think you should start debugging on the samba side - make sure tools
like wbinfo are working, if not then debug those with samba, then move
on to Dovecot after you have that working.

Re: Dove to error

That really depends on your dovecot config, but try

doveadm log find

also you can list recent errors with

doveadm log errors

Aki

> On 17 February 2019 at 20:03 Latin Bishop  wrote:
> 
> 
> Where I find dovecot log
> 
> 
> 
> > On Feb 17, 2019, at 12:56 PM, Aki Tuomi  wrote:
> > 
> > Yes, well, this is postfix log, which is not very useful when debugging 
> > dovecot problems...
> > 
> > Aki
> > 
> >> On 17 February 2019 at 19:50 Latin Bishop  wrote:
> >> 
> >> 
> >> Feb 17 12:48:00 pepino postfix/smtps/smtpd[3988]: connect from 
> >> localhost[127.0.0.1]
> >> Feb 17 12:48:01 pepino postfix/smtps/smtpd[3988]: warning: unknown smtpd 
> >> restriction: "permit_ssl_authenticated"
> >> Feb 17 12:48:01 pepino postfix/smtps/smtpd[3988]: NOQUEUE: reject: RCPT 
> >> from localhost[127.0.0.1]: 451 4.3.5 Server configuration error; 
> >> from= to= proto=ESMTP 
> >> helo=<[127.0.0.1]>
> >> Feb 17 12:48:07 pepino postfix/cleanup[3998]: 25EC480E6B: 
> >> message-id=<20190217174807.25EC480E6B@pepino>
> >> Feb 17 12:48:07 pepino postfix/smtps/smtpd[3988]: disconnect from 
> >> localhost[127.0.0.1] ehlo=1 auth=1 mail=1 rcpt=0/1 quit=1 commands=4/5
> >> Feb 17 12:48:07 pepino postfix/qmgr[2604]: 25EC480E6B: 
> >> from=, size=970, nrcpt=1 (queue active)
> >> Feb 17 12:48:07 pepino postfix/local[3999]: 25EC480E6B: 
> >> to=, orig_to=, relay=local, delay=0.06, 
> >> delays=0.03/0/0/0.03, dsn=2.0.0, status=sent (delivered to maildir)
> >> Feb 17 12:48:07 pepino postfix/qmgr[2604]: 25EC480E6B: removed
> >> 
> >>> On Feb 17, 2019, at 12:40 PM, Aki Tuomi  
> >>> wrote:
> >>> 
> >>> Can you try adding 'pi' to group 'mail' too? Also, can you provide the 
> >>> actual errors from log?
> >>> 
> >>> Aki
> >>> 
>  On 17 February 2019 at 19:37 Latin Bishop  wrote:
>  
>  
>  Yes it is. Basically can’t send nor receive confit looks good 
>  
>  
>  
> > On Feb 17, 2019, at 12:34 PM, Aki Tuomi  
> > wrote:
> > 
> > Is user 'dovecot' member of group 'mail'?
> > 
> > Aki
> > 
> >> On 17 February 2019 at 19:28 Latin Bishop  wrote:
> >> 
> >> 
> >> Changed permissions but still have issues 
> >> 
> >> A error occurred while sending email the mail server responded 4.3.5 
> >> server configuration error 
> >> Please check the message recipient 
> >> 
> >> Sent from my iPad
> >> 
> >>> On Feb 17, 2019, at 12:06 PM, Aki Tuomi  
> >>> wrote:
> >>> 
> >>> mail_privileged_group=mail
> >>> 
> >>> Aki
> >>> 
>  On 17 February 2019 at 19:03 Latin Bishop  wrote:
>  
>  
>  When testing with thunder mail getting this error 
>  
>  Feb 17 11:59:40 pepino dovecot: imap(pi): Error: open(/var/mail/pi) 
>  failed: Permission denied (euid=1000(pi) egid=1000(pi) missing +w 
>  perm: /var/mail, we're not in group 8(mail), dir owned by 0:8 
>  mode=0775)
>  Feb 17 11:59:40 pepino dovecot: imap(pi): Error: Failed to 
>  autocreate mailbox INBOX: Internal error occurred. Refer to server 
>  log for more information. [2019-02-17 11:59:40]
>  Feb 17 11:59:50 pepino dovecot: imap(pi): Logged out in=155 out=874
>  
>  
> > On Feb 17, 2019, at 8:46 AM, Aki Tuomi  
> > wrote:
> > 
> > You probably mean -quiet flag which works
> > 
> > Aki
> > 
> >> On 17 February 2019 at 12:10 Latin Bishop  
> >> wrote:
> >> 
> >> 
> >> Thanks 
> >> 
> >> Was 143.  I notice the -quite flag no longer works in openssl when 
> >> testing connection 
> >> 
> >>> On Feb 17, 2019, at 3:33 AM, Aki Tuomi 
> >>>  wrote:
> >>> 
> >>> 
>  On 17 February 2019 at 05:50 Latin Bishop via dovecot < 
>  dovecot@dovecot.org> wrote:
>  
>  
>  
>  Getting this error after following
>  this tutorial
>  
>  Error in configuration file /etc/dovecot/dovecot.conf duplicate 
>  listener
>  
>  
>  https://samhobbs.co.uk/2013/12/raspberry-pi-email-server-part-2-dovecot
>  
> >>> 
> >>> Usually doveconf -n tells you where the duplicate listener is so 
> >>> you can remove it.
> >>> --- 
> >>> Aki Tuomi

Re: Dove to error

mail_privileged_group=mail

Aki

> On 17 February 2019 at 19:03 Latin Bishop  wrote:
> 
> 
> When testing with thunder mail getting this error 
> 
> Feb 17 11:59:40 pepino dovecot: imap(pi): Error: open(/var/mail/pi) failed: 
> Permission denied (euid=1000(pi) egid=1000(pi) missing +w perm: /var/mail, 
> we're not in group 8(mail), dir owned by 0:8 mode=0775)
> Feb 17 11:59:40 pepino dovecot: imap(pi): Error: Failed to autocreate mailbox 
> INBOX: Internal error occurred. Refer to server log for more information. 
> [2019-02-17 11:59:40]
> Feb 17 11:59:50 pepino dovecot: imap(pi): Logged out in=155 out=874
> 
> 
> > On Feb 17, 2019, at 8:46 AM, Aki Tuomi  wrote:
> > 
> > You probably mean -quiet flag which works
> > 
> > Aki
> > 
> >> On 17 February 2019 at 12:10 Latin Bishop  wrote:
> >> 
> >> 
> >> Thanks 
> >> 
> >> Was 143.  I notice the -quite flag no longer works in openssl when testing 
> >> connection 
> >> 
> >>> On Feb 17, 2019, at 3:33 AM, Aki Tuomi  wrote:
> >>> 
> >>> 
>  On 17 February 2019 at 05:50 Latin Bishop via dovecot < 
>  dovecot@dovecot.org> wrote:
>  
>  
>  
>  Getting this error after following
>  this tutorial
>  
>  Error in configuration file /etc/dovecot/dovecot.conf duplicate listener
>  
>  
>  https://samhobbs.co.uk/2013/12/raspberry-pi-email-server-part-2-dovecot
>  
> >>> 
> >>> Usually doveconf -n tells you where the duplicate listener is so you can 
> >>> remove it.
> >>> --- 
> >>> Aki Tuomi

Re: Dove to error

Yes, well, this is postfix log, which is not very useful when debugging dovecot 
problems...

Aki

> On 17 February 2019 at 19:50 Latin Bishop  wrote:
> 
> 
> Feb 17 12:48:00 pepino postfix/smtps/smtpd[3988]: connect from 
> localhost[127.0.0.1]
> Feb 17 12:48:01 pepino postfix/smtps/smtpd[3988]: warning: unknown smtpd 
> restriction: "permit_ssl_authenticated"
> Feb 17 12:48:01 pepino postfix/smtps/smtpd[3988]: NOQUEUE: reject: RCPT from 
> localhost[127.0.0.1]: 451 4.3.5 Server configuration error; 
> from= to= proto=ESMTP helo=<[127.0.0.1]>
> Feb 17 12:48:07 pepino postfix/cleanup[3998]: 25EC480E6B: 
> message-id=<20190217174807.25EC480E6B@pepino>
> Feb 17 12:48:07 pepino postfix/smtps/smtpd[3988]: disconnect from 
> localhost[127.0.0.1] ehlo=1 auth=1 mail=1 rcpt=0/1 quit=1 commands=4/5
> Feb 17 12:48:07 pepino postfix/qmgr[2604]: 25EC480E6B: 
> from=, size=970, nrcpt=1 (queue active)
> Feb 17 12:48:07 pepino postfix/local[3999]: 25EC480E6B: 
> to=, orig_to=, relay=local, delay=0.06, 
> delays=0.03/0/0/0.03, dsn=2.0.0, status=sent (delivered to maildir)
> Feb 17 12:48:07 pepino postfix/qmgr[2604]: 25EC480E6B: removed
> 
> > On Feb 17, 2019, at 12:40 PM, Aki Tuomi  wrote:
> > 
> > Can you try adding 'pi' to group 'mail' too? Also, can you provide the 
> > actual errors from log?
> > 
> > Aki
> > 
> >> On 17 February 2019 at 19:37 Latin Bishop  wrote:
> >> 
> >> 
> >> Yes it is. Basically can’t send nor receive confit looks good 
> >> 
> >> 
> >> 
> >>> On Feb 17, 2019, at 12:34 PM, Aki Tuomi  
> >>> wrote:
> >>> 
> >>> Is user 'dovecot' member of group 'mail'?
> >>> 
> >>> Aki
> >>> 
>  On 17 February 2019 at 19:28 Latin Bishop  wrote:
>  
>  
>  Changed permissions but still have issues 
>  
>  A error occurred while sending email the mail server responded 4.3.5 
>  server configuration error 
>  Please check the message recipient 
>  
>  Sent from my iPad
>  
> > On Feb 17, 2019, at 12:06 PM, Aki Tuomi  
> > wrote:
> > 
> > mail_privileged_group=mail
> > 
> > Aki
> > 
> >> On 17 February 2019 at 19:03 Latin Bishop  wrote:
> >> 
> >> 
> >> When testing with thunder mail getting this error 
> >> 
> >> Feb 17 11:59:40 pepino dovecot: imap(pi): Error: open(/var/mail/pi) 
> >> failed: Permission denied (euid=1000(pi) egid=1000(pi) missing +w 
> >> perm: /var/mail, we're not in group 8(mail), dir owned by 0:8 
> >> mode=0775)
> >> Feb 17 11:59:40 pepino dovecot: imap(pi): Error: Failed to autocreate 
> >> mailbox INBOX: Internal error occurred. Refer to server log for more 
> >> information. [2019-02-17 11:59:40]
> >> Feb 17 11:59:50 pepino dovecot: imap(pi): Logged out in=155 out=874
> >> 
> >> 
> >>> On Feb 17, 2019, at 8:46 AM, Aki Tuomi  
> >>> wrote:
> >>> 
> >>> You probably mean -quiet flag which works
> >>> 
> >>> Aki
> >>> 
>  On 17 February 2019 at 12:10 Latin Bishop  wrote:
>  
>  
>  Thanks 
>  
>  Was 143.  I notice the -quite flag no longer works in openssl when 
>  testing connection 
>  
> > On Feb 17, 2019, at 3:33 AM, Aki Tuomi  
> > wrote:
> > 
> > 
> >> On 17 February 2019 at 05:50 Latin Bishop via dovecot < 
> >> dovecot@dovecot.org> wrote:
> >> 
> >> 
> >> 
> >> Getting this error after following
> >> this tutorial
> >> 
> >> Error in configuration file /etc/dovecot/dovecot.conf duplicate 
> >> listener
> >> 
> >> 
> >> https://samhobbs.co.uk/2013/12/raspberry-pi-email-server-part-2-dovecot
> >> 
> > 
> > Usually doveconf -n tells you where the duplicate listener is so 
> > you can remove it.
> > --- 
> > Aki Tuomi

Re: Dove to error

Can you try adding 'pi' to group 'mail' too? Also, can you provide the actual 
errors from log?

Aki

> On 17 February 2019 at 19:37 Latin Bishop  wrote:
> 
> 
> Yes it is. Basically can’t send nor receive confit looks good 
> 
> 
> 
> > On Feb 17, 2019, at 12:34 PM, Aki Tuomi  wrote:
> > 
> > Is user 'dovecot' member of group 'mail'?
> > 
> > Aki
> > 
> >> On 17 February 2019 at 19:28 Latin Bishop  wrote:
> >> 
> >> 
> >> Changed permissions but still have issues 
> >> 
> >> A error occurred while sending email the mail server responded 4.3.5 
> >> server configuration error 
> >> Please check the message recipient 
> >> 
> >> Sent from my iPad
> >> 
> >>> On Feb 17, 2019, at 12:06 PM, Aki Tuomi  
> >>> wrote:
> >>> 
> >>> mail_privileged_group=mail
> >>> 
> >>> Aki
> >>> 
>  On 17 February 2019 at 19:03 Latin Bishop  wrote:
>  
>  
>  When testing with thunder mail getting this error 
>  
>  Feb 17 11:59:40 pepino dovecot: imap(pi): Error: open(/var/mail/pi) 
>  failed: Permission denied (euid=1000(pi) egid=1000(pi) missing +w perm: 
>  /var/mail, we're not in group 8(mail), dir owned by 0:8 mode=0775)
>  Feb 17 11:59:40 pepino dovecot: imap(pi): Error: Failed to autocreate 
>  mailbox INBOX: Internal error occurred. Refer to server log for more 
>  information. [2019-02-17 11:59:40]
>  Feb 17 11:59:50 pepino dovecot: imap(pi): Logged out in=155 out=874
>  
>  
> > On Feb 17, 2019, at 8:46 AM, Aki Tuomi  
> > wrote:
> > 
> > You probably mean -quiet flag which works
> > 
> > Aki
> > 
> >> On 17 February 2019 at 12:10 Latin Bishop  wrote:
> >> 
> >> 
> >> Thanks 
> >> 
> >> Was 143.  I notice the -quite flag no longer works in openssl when 
> >> testing connection 
> >> 
> >>> On Feb 17, 2019, at 3:33 AM, Aki Tuomi  
> >>> wrote:
> >>> 
> >>> 
>  On 17 February 2019 at 05:50 Latin Bishop via dovecot < 
>  dovecot@dovecot.org> wrote:
>  
>  
>  
>  Getting this error after following
>  this tutorial
>  
>  Error in configuration file /etc/dovecot/dovecot.conf duplicate 
>  listener
>  
>  
>  https://samhobbs.co.uk/2013/12/raspberry-pi-email-server-part-2-dovecot
>  
> >>> 
> >>> Usually doveconf -n tells you where the duplicate listener is so you 
> >>> can remove it.
> >>> --- 
> >>> Aki Tuomi

Re: Dove to error