lmtp and recipient_delimiter

2020-03-11 Thread Juri Haberland 
Hi list,

I have a small problem with recipient_delimiters contained in usernames.
Recently I have extended recipient_delimiter from "+" to "+-" in both
Postfix and Dovecot (using lmtp) and now any user that have a '-' in it's
username can't receive mail anymore, because lmtp truncates the localpart
after the '-' and of course can't find the first half in the user database.

To illustrate: given an account "foo-...@example.com", I get the following
log entry from postfix:
Mar  9 09:31:43 batleth postfix/lmtp[6196]: 9A7BA33E005B:
to=,
relay=batleth.sapienti-sat.org[private/dovecot-lmtp], delay=20,
delays=20/0.01/0.01/0.08, dsn=5.1.1, status=bounced (host
batleth.sapienti-sat.org[private/dovecot-lmtp] said: 550 5.1.1
 User doesn't exist: f...@example.com (in reply to RCPT
TO command))

Is there any way to tell lmtp to first look for
 and if that fails look for  only (the
reverse order would be ok, too)?


Thanks in advance,
  Juri


doveconf -n:
# 2.3.10 (0da0eff44): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.10 (bf8ef1c2)
# OS: Linux 4.4.0-174-generic x86_64 Ubuntu 16.04.6 LTS ext4
# Hostname: batleth.sapienti-sat.org
auth_default_realm = sapienti-sat.org
first_valid_uid = 115
imap_idle_notify_interval = 29 mins
last_valid_uid = 115
mail_location = maildir:/srv/vmail/%Ld/%Ln
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags
copy include variables body enotify environment mailbox date index ihave
duplicate mime foreverypart extracttext
namespace inbox {
  inbox = yes
  location =
  mailbox Drafts {
special_use = \Drafts
  }
  mailbox Junk {
autoexpunge = 180 days
special_use = \Junk
  }
  mailbox Sent {
special_use = \Sent
  }
  mailbox "Sent Messages" {
special_use = \Sent
  }
  mailbox Trash {
autoexpunge = 365 days
special_use = \Trash
  }
  prefix = INBOX.
  separator = .
}
passdb {
  args = /etc/dovecot/dovecot-sql.conf.ext
  driver = sql
}
plugin {
  sieve = file:~/sieve;active=~/.dovecot.sieve
}
protocols = " imap lmtp sieve"
service auth {
  unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
  }
}
service imap-login {
  inet_listener imap {
address = 127.0.0.1 ::1
  }
}
service lmtp {
  unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0600
user = postfix
  }
}
service pop3-login {
  inet_listener pop3 {
port = 0
  }
}
ssl_cert =

Pigeonhole v0.5.10 release notes

2020-03-11 Thread Aki Tuomi 
Hi!

We  made a mistake of releasing pigeonhole with wrong release notes, so
please find the correct release notes here. Also if you are using
`--without-dovecot-install-dirs`, you must use `--with-moduledir`.
Otherwise the Makefile gets broken.

v0.5.10 2020-03-06  Aki Tuomi 

* imap_sieve_filter: Change result action logging to include IMAP UID
- vacation: Addresses were compared case-sensitively.

Aki Tuomi




signature.asc
Description: OpenPGP digital signature

Dovecot Imap-Proxy: openssl_iostream_handle_error

2020-03-11 Thread Urban Loesch 

Hi,

I'm running Dovecot 2.3.9-2 as an IMAP/POP3 Proxy in front of several 
Dovecotbackends. No Director, only static routing to the backends of each user.
The proxies are also working as "SSL offload engines". SystemOS: Debian Stretch 
(9.11) on LXC Virtualization

Sometimes I get the following errors in mail.err log:

...
Mar 10 16:47:24 imap1 dovecot: imap-login: Panic: file iostream-openssl.c: line 
599 (openssl_iostream_handle_error): assertion failed: (errno != 0)
Mar 10 16:47:24 imap1 dovecot: imap-login: Fatal: master: service(imap-login): 
child 30431 killed with signal 6 (core dumped)
Mar 10 16:47:38 imap1 dovecot: imap-login: Panic: file iostream-openssl.c: line 
599 (openssl_iostream_handle_error): assertion failed: (errno != 0)
Mar 10 16:47:38 imap1 dovecot: imap-login: Fatal: master: service(imap-login): 
child 30471 killed with signal 6 (core dumped)
...

Full backtrace of the coredump:
...
# gdb /usr/lib/dovecot/imap-login core.imap-login.30471

GNU gdb (Debian 7.12-6) 7.12.0.20161007-git
Copyright (C) 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later 
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
.
Find the GDB manual and other documentation resources online at:
.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /usr/lib/dovecot/imap-login...Reading symbols from 
/usr/lib/debug/.build-id/3c/24fcde9d366e5cfd7615cc42e013a060d092e5.debug...done.
done.
[New LWP 30471]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Core was generated by `dovecot/imap-login'.
Program terminated with signal SIGABRT, Aborted.
#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51

warning: Source file is more recent than executable.
51  }
(gdb) bt full
#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
set = {__val = {0, 140427116827682, 140427117098374, 2147483649, 140427116658101, 0, 140427119440144, 140427116658101, 140427116658080, 
140427104016227, 140427119689728, 0, 140427104016288, 140427119440144, 18446744073709551615,

0}}
pid = 
tid = 
#1  0x7fb7bc5ba42a in __GI_abort () at abort.c:89
save_stage = 2
act = {__sigaction_handler = {sa_handler = 0x7fff75b21b30, sa_sigaction = 0x7fff75b21b30}, sa_mask = {__val = {0, 140427119702945, 
94861876544520, 140427119702945, 140427120378435, 140735167994944, 94861876544520,
  140427119702945, 6008397283549395712, 140427119702945, 94861876544520, 140735167994832, 140427101843879, 3, 5, 140427119702945}}, 
sa_flags = -1130359394, sa_restorer = 0x0}

sigs = {__val = {32, 0 }}
#2  0x7fb7bca0c464 in default_fatal_finish (status=0, type=LOG_TYPE_PANIC) 
at failures.c:459
backtrace = 0x5646c0a5ae4c ""
recursed = 0
recursed = 0
#3  fatal_handler_real (ctx=, format=, 
args=) at failures.c:471
status = 0
#4  0x7fb7bca0c551 in i_internal_fatal_handler (ctx=, 
format=, args=) at failures.c:848
No locals.
#5  0x7fb7bc9622e3 in i_panic (format=format@entry=0x7fb7bb85ae70 "file %s: line 
%d (%s): assertion failed: (%s)") at failures.c:523
ctx = {type = LOG_TYPE_PANIC, exit_status = 0, timestamp = 0x0, 
timestamp_usecs = 0, log_prefix = 0x0, log_prefix_type_pos = 0}
args = {{gp_offset = 40, fp_offset = 48, overflow_arg_area = 
0x7fff75b21d20, reg_save_area = 0x7fff75b21c60}}
#6  0x7fb7bb858708 in openssl_iostream_handle_error (ssl_io=ssl_io@entry=0x5646c0a22aa0, ret=-1, 
type=type@entry=OPENSSL_IOSTREAM_SYNC_TYPE_HANDSHAKE, func_name=func_name@entry=0x7fb7bb85b1a7 "SSL_accept()") at iostream-openssl.c:599

errstr = 0x0
err = 5
__func__ = "openssl_iostream_handle_error"
#7  0x7fb7bb8588ea in openssl_iostream_handshake (ssl_io=0x5646c0a22aa0) at 
iostream-openssl.c:669
reason = 0x53621d7edb623b00 
error = 0x0
ret = 
__func__ = "openssl_iostream_handshake"
#8  0x7fb7bb8583da in openssl_iostream_more (ssl_io=ssl_io@entry=0x5646c0a22aa0, type=type@entry=OPENSSL_IOSTREAM_SYNC_TYPE_HANDSHAKE) at 
iostream-openssl.c:546

ret = 
#9  0x7fb7bb85a30f in i_stream_ssl_read_real 
(stream=stream@entry=0x5646c0a5b530) at istream-openssl.c:46
sstream = 0x5646c0a5b530
ssl_io = 0x5646c0a22aa0
buffer = 
"\234y\345h\226#a\256*\v\216\024\215\250S\227\362\300\003\231\212\027\361\340\353vfv\206_\375\340\362\300\003\231\212\027\361\340\353vfv\206_\375\340kEt`6\005\235\273\205\365\2