Deleted mail reappearing
Recently I upgraded dovecot quite a few major versions. Since then some
mailboxes are experiencing deleted mail reappearing. It seems to be happening
roughly once a day, but not for every mail client or mailbox, I have at least
two clients with this issue: Thunderbird and Outlook.
Storage is local under two partitions, one as alternative storage.
# 2.3.7.2 (3c910f64b): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.7.2 ()
# OS: Linux 5.4.0-29-generic x86_64 Ubuntu 20.04 LTS ext4
auth_mechanisms = plain login digest-md5
base_dir = /var/run/dovecot/
default_client_limit = 4000
default_vsz_limit = 512 M
dict {
expire = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext
quota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext
}
disable_plaintext_auth = no
lda_mailbox_autocreate = yes
log_timestamp = "%Y-%m-%d %H:%M:%S "
mail_location = mdbox:/home/vmail/%d/%n
mail_max_userip_connections = 240
mail_plugins = quota
mail_privileged_group = mail
mdbox_rotate_size = 64 M
namespace {
inbox = yes
location =
prefix =
separator = .
}
passdb {
args = /etc/dovecot/dovecot-sql.conf
driver = sql
}
plugin {
quota = dict:user_quota::proxy:/var/run/dovecot/dict:quota
quota_warning = storage=95%% quota-warning 95 %u
quota_warning2 = storage=80%% quota-warning 80 %u
sieve = file:~/sieve;active=~/.dovecot.sieve
sieve_dir = ~/sieve
sieve_global_dir = /etc/dovecot/sieve/
}
protocols = imap pop3
service anvil {
client_limit = 2615
}
service auth {
client_limit = 5536
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
}
unix_listener auth-master {
group = root
mode = 0600
user = vmail
}
}
service dict {
unix_listener dict {
mode = 0600
user = vmail
}
}
service imap-login {
client_limit = 2115
executable = /usr/lib/dovecot/imap-login
inet_listener imap {
address = *
port = 143
}
inet_listener imaps {
address = *
port = 993
}
process_limit = 2000
}
service imap {
executable = /usr/lib/dovecot/imap
process_limit = 2000
}
service pop3-login {
client_limit = 1024
executable = /usr/lib/dovecot/pop3-login
inet_listener pop3 {
address = *
port = 110
}
inet_listener pop3s {
address = *
port = 995
}
process_limit = 512
}
service pop3 {
executable = /usr/lib/dovecot/pop3
}
service stats {
unix_listener stats-reader {
group = vmail
mode = 0660
user = vmail
}
unix_listener stats-writer {
group = vmail
mode = 0660
user = vmail
}
}
ssl_cert = < /etc/dovecot/ssl/crt.pem
ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL
ssl_client_ca_dir = /etc/ssl/certs
ssl_dh = # hidden, use -P to show it
ssl_key = # hidden, use -P to show it
ssl_prefer_server_ciphers = yes
syslog_facility = local0
userdb {
args = /etc/dovecot/dovecot-sql.conf
driver = sql
}
protocol imap {
imap_max_line_length = 64 k
mail_plugins = quota imap_quota
}
protocol pop3 {
mail_plugins = quota
pop3_uidl_format = %08Xu%08Xv
}
protocol lda {
auth_socket_path = /var/run/dovecot/auth-master
mail_plugins = quota sieve
postmaster_address = postmaster@localhost
sendmail_path = /usr/lib/sendmail
}
dovecot-sql.conf:
driver = mysql
connect = host=127.0.0.1 dbname=mail user=mail password=
password_query = SELECT IF('%m' = 'DIGEST-MD5', users.password_digest_md5,
NULL) as password, IF('%m' = 'DIGEST-MD5', NULL, 'Y') as nopassword, username
FROM users LEFT JOIN domains ON users.domain = domains.domain WHERE
users.username = '%u' AND users.domain = '%d' AND users.active = 'yes' AND
domains.state = '1' AND ((users.password = encrypt('%w', LEFT(users.password,
11)) AND ('%m' = 'PLAIN' OR '%m' = 'LOGIN')) OR ('%m' = 'DIGEST-MD5'))
user_query = SELECT maildir as home, uid, gid, CONCAT(CONCAT(type, ':',
maildir), ':ALT=/home/altmail/%d/%n') AS mail FROM users LEFT JOIN domains ON
users.domain = domains.domain WHERE users.username = '%u' AND domains.state =
'1'
iterate_query = SELECT SUBSTRING_INDEX(email, '@', 1) AS username, domain FROM
users;
about header address parsing
Hi,
Is this expected or not?
From: us...@fuga.example.com
To: us...@hoge.example.com
↓
a uid fetch 43055 (envelope)
* 1860 FETCH (UID 43055 ENVELOPE ("Thu, 30 Jul 2020 13:52:59 +0900" "test1"
((NIL NIL "user1" "fuga.example.com")) ((NIL NIL "user1" "fuga.example.com"))
((NIL NIL "user1" "fuga.example.com")) ((NIL NIL "user2" "hoge.example.com"))
NIL NIL NIL ""))
From: "us...@fuga.example.com"
To: "us...@hoge.example.com"
↓
a uid fetch 43056 (envelope)
* 1861 FETCH (UID 43056 ENVELOPE ("Thu, 30 Jul 2020 13:53:59 +0900" "test1"
(("us...@fuga.example.com" NIL "user1" "example.com"))
(("us...@fuga.example.com" NIL "user1" "example.com"))
(("us...@fuga.example.com" NIL "user1" "example.com"))
(("us...@hoge.example.com" NIL "user2" "example.com")) NIL NIL NIL
""))
Regards,
--
TACHIBANA Masashi QUALITIA CO., LTD.
mailto:tachib...@qualitia.co.jp
株式会社クオリティア
https://www.qualitia.co.jp/
RE: using %d as a variable in the ldap search base
You have two ways of authenticating against ldap. I decided to use the
method where a single account has access to the user credentials.
(Advantage of this method, you can limit ldap lookups eg do not have to
do 2nd for the userdb)
debug_level = 1
uris = ldaps://ldap.local:8443
dn = cn=,cn=b,ou=c,dc=,dc=,dc=local
dnpass =
base = ou=asdfadsfa,ou=,ou=ggg,dc=f,dc=,dc=local
scope = subtree
user_filter = (&(objectClass=posixAccount)(uid=%u)
pass_attrs =
uid=user,userPassword=password,host=host,homeDirectory=userdb_home,uidNu
mber=userdb_uid,gidNumber=userdb_gid
However I did not have any issues authenticating against ldap with yours
also. But using the %u
-Original Message-
From: Luke Schierer [mailto:luke-dove...@schierer.org]
Sent: maandag 31 augustus 2020 21:32
To: dovecot@dovecot.org
Subject: using %d as a variable in the ldap search base
Hi,
I'm trying to configure dovecot to use LDAP authentication directly, and
I'm having a bit of trouble. I have a somewhat unusual setup, in that I
have an LDAP directory that has 3 OUs each of which have their own set
of users, some of which overlap. As I was trying to figure things out,
I was setting the search base in my /etc/dovecot/dovecot-ldap.conf.ext
file which is referenced by /etc/dovecot/conf.d/auth-ldap.conf.ext file
to
base = ou=%d,dc=thecrazyguys,dc=net
however, the resulting searches against the directory endup just
dropping the %d, resulting in
ou=,dc=thecrazyguys,dc=net
which is invalid. On a whim, I tried a search base of
base = dc=%d,dc=thecrazyguys,dc=net
and found that it did correctly substitute in the variable, which would
be correct, except that my ldap tree is set up with OUs and not an extra
DC segment.
for whatever reason, it will do variable substitution for dc=%d, but not
for ou=%d. this is certainly not documented, and seems like wrong
behavior, since having an ou in a search base is valid.
I'm including configuration information below. Please let me know if
I've missed including information that is required.
Thanks!
Luke
luke@schierer@littera001:/etc/dovecot$ lsb_release -rd
Description: Ubuntu 18.04.5 LTS
Release: 18.04
luke@schierer@littera001:/etc/dovecot$
luke@schierer@littera001:/etc/dovecot$ dpkg -l | grep -i dovecot ii
dovecot-core 1:2.2.33.2-1ubuntu4.6 amd64 ii dovecot-imapd
1:2.2.33.2-1ubuntu4.6 amd64 ii dovecot-ldap 1:2.2.33.2-1ubuntu4.6 amd64
ii dovecot-pop3d 1:2.2.33.2-1ubuntu4.6 amd64
luke@schierer@littera001:/etc/dovecot$
root@littera001:/etc/dovecot# dovecot -n # 2.2.33.2 (d6601f4ec):
/etc/dovecot/dovecot.conf # Pigeonhole version 0.4.21 (92477967) # OS:
Linux 4.15.0-112-generic x86_64 Ubuntu 18.04.5 LTS auth_verbose = yes
first_valid_uid = 1001 imap_hibernate_timeout = 100 secs lock_method =
dotlock mail_cache_min_mail_count = 15 mail_fsync = always mail_location
= maildir:~/Maildir:LAYOUT=fs:INDEX=MEMORY
mail_nfs_index = yes
mail_nfs_storage = yes
mail_privileged_group = mail
mailbox_list_index = yes
maildir_broken_filename_sizes = yes
maildir_very_dirty_syncs = yes
mbox_min_index_size = 10 B
mmap_disable = yes
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
separator = /
}
passdb {
args = /etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
protocols = " imap pop3"
ssl_cert =
using %d as a variable in the ldap search base
Hi,
I'm trying to configure dovecot to use LDAP authentication directly,
and I'm having a bit of trouble. I have a somewhat unusual setup, in
that I have an LDAP directory that has 3 OUs each of which have their
own set of users, some of which overlap. As I was trying to figure
things out, I was setting the search base in my
/etc/dovecot/dovecot-ldap.conf.ext file which is referenced by
/etc/dovecot/conf.d/auth-ldap.conf.ext file to
base = ou=%d,dc=thecrazyguys,dc=net
however, the resulting searches against the directory endup just
dropping the %d, resulting in
ou=,dc=thecrazyguys,dc=net
which is invalid. On a whim, I tried a search base of
base = dc=%d,dc=thecrazyguys,dc=net
and found that it did correctly substitute in the variable, which
would be correct, except that my ldap tree is set up with OUs and not
an extra DC segment.
for whatever reason, it will do variable substitution for dc=%d, but
not for ou=%d. this is certainly not documented, and seems like wrong
behavior, since having an ou in a search base is valid.
I'm including configuration information below. Please let me know if I've
missed including information that is required.
Thanks!
Luke
luke@schierer@littera001:/etc/dovecot$ lsb_release -rd
Description: Ubuntu 18.04.5 LTS
Release: 18.04
luke@schierer@littera001:/etc/dovecot$
luke@schierer@littera001:/etc/dovecot$ dpkg -l | grep -i dovecot
ii dovecot-core 1:2.2.33.2-1ubuntu4.6 amd64
ii dovecot-imapd 1:2.2.33.2-1ubuntu4.6 amd64
ii dovecot-ldap 1:2.2.33.2-1ubuntu4.6 amd64
ii dovecot-pop3d 1:2.2.33.2-1ubuntu4.6 amd64
luke@schierer@littera001:/etc/dovecot$
root@littera001:/etc/dovecot# dovecot -n
# 2.2.33.2 (d6601f4ec): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.21 (92477967)
# OS: Linux 4.15.0-112-generic x86_64 Ubuntu 18.04.5 LTS
auth_verbose = yes
first_valid_uid = 1001
imap_hibernate_timeout = 100 secs
lock_method = dotlock
mail_cache_min_mail_count = 15
mail_fsync = always
mail_location = maildir:~/Maildir:LAYOUT=fs:INDEX=MEMORY
mail_nfs_index = yes
mail_nfs_storage = yes
mail_privileged_group = mail
mailbox_list_index = yes
maildir_broken_filename_sizes = yes
maildir_very_dirty_syncs = yes
mbox_min_index_size = 10 B
mmap_disable = yes
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
separator = /
}
passdb {
args = /etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
protocols = " imap pop3"
ssl_cert =
Re: Bug: Dovecot appending "MISSING_DOMAIN" to fetch envelope responses
Any word about this issue? Should I file a bug in an actual bug tracker
or something?
//Mike
On Sat, 15 Aug, 2020 at 13:26, Michael Gratton wrote:
Hi all,
I'm seeing Dovecot include the string "MISSING_DOMAIN" in fetch
envelope requests when an mailbox's `addr-spec` part does not have a
`domain` part.
For example:
C: a022 uid fetch 40 (envelope rfc822.header)
S: * 5 FETCH (UID 40 ENVELOPE ("Sat, 15 Aug 2020 12:53:05 +1000"
"test {{name}}" (("Michael Gratton" NIL "mike" "vee.net"))
(("Michael Gratton" NIL "mike" "vee.net")) (("Michael Gratton" NIL
"mike" "vee.net")) (("postgres" NIL "postgres" "MISSING_DOMAIN"))
NIL NIL NIL NIL) RFC822.HEADER {literal/244b})
I understand that RFC 5322 require a mailbox to have a domain part,
however it is still possible for mail to contain mailboxes that do
not. In these cases, Dovecot returning random string such as the
above is harmful, since it not possible for IMAP clients to determine
whether host name string is actually present or something that the
IMAP server has made up.
As a result, an IMAP client has two options: Either display the
string as-is, preventing it from providing an appropriately localised
explanation or visual indication of the problem in the user
interface, or simply avoid ever requesting IMAP envelopes from the
server and always download and parse the complete RFC822 headers
itself (as I believe Thunderbird does).
The former is untenable since "MISSING_DOMAIN" does not mean anything
to non-English speakers, the latter is untenable since it
unnecessarily inflates the of volume of data that must be transmitted
over the wire to work around a server bug.
In these cases, or when any other part of a required IMAP address
structure is missing, Dovecot should return the empty string, e.g. "".
Cheers,
//Mike
Dovecot details:
*REDACTED*:~$ sudo dovecot -n
# 2.3.4.1 (f79e8e7e4): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.4 ()
# OS: Linux 4.19.0-9-amd64 x86_64 Debian 10.4 ext4
# Hostname: *REDACTED*
first_valid_uid = *REDACTED*
hostname = *REDACTED*
last_valid_uid = *REDACTED*
lda_original_recipient_header = X-Original-To
lmtp_rcpt_check_quota = yes
lmtp_save_to_detail_mailbox = yes
mail_gid = *REDACTED*
mail_home = *REDACTED*
mail_location = mdbox:*REDACTED*:UTF-8
mail_privileged_group = mail
mail_server_admin = mailto:*REDACTED*
mail_temp_dir = *REDACTED*
mail_uid = *REDACTED*
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date index ihave duplicate mime foreverypart
extracttext imapsieve vnd.dovecot.imapsieve
namespace inbox {
inbox = yes
location =
mailbox Drafts {
auto = subscribe
special_use = \Drafts
}
mailbox Junk {
auto = subscribe
autoexpunge = 30 days
special_use = \Junk
}
mailbox Sent {
auto = subscribe
special_use = \Sent
}
mailbox Trash {
auto = subscribe
autoexpunge = 30 days
special_use = \Trash
}
prefix =
separator = .
type = private
}
passdb {
args = *REDACTED*
driver = ldap
}
plugin {
imapsieve_mailbox1_before = file:*REDACTED*
imapsieve_mailbox1_causes = COPY
imapsieve_mailbox1_name = Junk
imapsieve_mailbox2_before = file:*REDACTED*
imapsieve_mailbox2_causes = COPY
imapsieve_mailbox2_from = Junk
imapsieve_mailbox2_name = *
recipient_delimiter = +
sieve = file://*REDACTED*
sieve_before = /etc/dovecot/sieve-before.d
sieve_global_extensions = +vnd.dovecot.pipe
+vnd.dovecot.environment +vnd.dovecot.report
sieve_pipe_bin_dir = /etc/dovecot/sieve-scripts
sieve_plugins = sieve_imapsieve sieve_extprograms
sieve_quota_max_storage = 50M
}
postmaster_address = *REDACTED*
protocols = " imap lmtp sieve"
service auth-worker {
user = mail
}
service auth {
unix_listener *REDACTED* {
group = postfix
mode = 0666
user = postfix
}
}
service lmtp {
process_min_avail = 2
unix_listener *REDACTED* {
group = postfix
mode = 0600
user = postfix
}
user = mail
}
ssl = required
ssl_cert = <*REDACTED*
ssl_client_ca_dir = *REDACTED*
ssl_dh = # hidden, use -P to show it
ssl_key = # hidden, use -P to show it
submission_host = *REDACTED*:587
userdb {
args = uid=8
driver = static
}
protocol lmtp {
mail_plugins = " sieve"
}
protocol imap {
mail_plugins = " imap_sieve"
}
--
Michael Gratton.
--
Michael Gratton.
AW: AW: how fetch zlibed mails with doveadm
A dream, that's it, thank you! Yours sincerely Pascal Rudolf -Ursprüngliche Nachricht- Von: Aki Tuomi Gesendet: Montag, 31. August 2020 13:26 An: rud...@padaru.de; dovecot@dovecot.org Betreff: Re: AW: how fetch zlibed mails with doveadm > On 31/08/2020 14:19 rud...@padaru.de wrote: > > Try loading zlib plugin globally, so add mail_plugins = $mail_plugins zlib before your protocol sections Aki > I can imagine, that some protocol need the mail_plugins=zlib directive too? > > > Yours sincerely > Pascal Rudolf > > -Ursprüngliche Nachricht- > Von: dovecot Im Auftrag von Aki Tuomi > Gesendet: Montag, 31. August 2020 12:02 > An: rud...@padaru.de; dovecot@dovecot.org > Betreff: Re: how fetch zlibed mails with doveadm > > > > On 31/08/2020 12:55 rud...@padaru.de wrote: > > > > > > Hey there, > > > > i need some help with an administrativ dovecot question. > > > > I run a dovecot 2.2.33 ubuntu server with mdbox and „zlib_save = gz > > zlib_save_level = 6“. Now i want to fetch the mailheader from some mails > > via doveadm fetch -u hdr uid . The only thing what i receive is > > some binary stuff. Is there a way, i can tell the dovemadm fetch command, > > that he should deflate the output for me? > > > > Yours sincerely > > Pascal Rudolf > > This should happen automatically. Can you provide `doveconf -n`? > > Aki
Re: AW: how fetch zlibed mails with doveadm
> On 31/08/2020 14:19 rud...@padaru.de wrote: > > Try loading zlib plugin globally, so add mail_plugins = $mail_plugins zlib before your protocol sections Aki > I can imagine, that some protocol need the mail_plugins=zlib directive too? > > > Yours sincerely > Pascal Rudolf > > -Ursprüngliche Nachricht- > Von: dovecot Im Auftrag von Aki Tuomi > Gesendet: Montag, 31. August 2020 12:02 > An: rud...@padaru.de; dovecot@dovecot.org > Betreff: Re: how fetch zlibed mails with doveadm > > > > On 31/08/2020 12:55 rud...@padaru.de wrote: > > > > > > Hey there, > > > > i need some help with an administrativ dovecot question. > > > > I run a dovecot 2.2.33 ubuntu server with mdbox and „zlib_save = gz > > zlib_save_level = 6“. Now i want to fetch the mailheader from some mails > > via doveadm fetch -u hdr uid . The only thing what i receive is > > some binary stuff. Is there a way, i can tell the dovemadm fetch command, > > that he should deflate the output for me? > > > > Yours sincerely > > Pascal Rudolf > > This should happen automatically. Can you provide `doveconf -n`? > > Aki
AW: how fetch zlibed mails with doveadm
Yes:
# 2.2.33.2 (d6601f4ec): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.21 (92477967)
# OS: Linux 4.15.0-109-generic x86_64 Ubuntu 18.04.5 LTS
auth_mechanisms = plain login
auth_username_chars =
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@üÜöÖäÄ
auth_worker_max_count = 60
disable_plaintext_auth = no
imap_capability = +XLIST
imap_logout_format = in=%i out=%o del=%{deleted}
fetched_mails=%{fetch_hdr_count}
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
lock_method = flock
login_greeting = mailserver ready.
login_log_format_elements = user=<%u> method=%m rip=%r lip=%l %c
mail_cache_min_mail_count = 30
mail_location = auto:
mail_max_userip_connections = 30
mail_privileged_group = mail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto envelope encoded-character vacation
subaddress comparator-i;ascii-numeric relational regex imap4flags copy include
variables body enotify environment mailbox date index ihave duplicate mime
foreverypart extracttext editheader imapflags notify vnd.dovecot.pipe
vnd.dovecot.filter vnd.dovecot.execute
mbox_read_locks = dotlock
mdbox_rotate_size = 250 M
namespace inbox {
inbox = yes
location =
mailbox Archiv {
auto = no
special_use =
}
mailbox Drafts {
auto = no
special_use =
}
mailbox Junk {
auto = no
special_use =
}
mailbox Sent {
auto = no
special_use =
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
auto = no
special_use =
}
prefix =
}
passdb {
args =
driver = sql
}
plugin {
sieve = ~/sieve/.dovecot.sieve
sieve_after =
sieve_before =
sieve_dir = ~/sieve
sieve_execute_bin_dir = /usr/local/bin/
sieve_execute_input_eol = lf
sieve_extensions = +notify +imapflags +vnd.dovecot.pipe +vnd.dovecot.filter
+vnd.dovecot.execute +editheader -reject
sieve_filter_bin_dir = /usr/local/bin/
sieve_filter_input_eol = lf
sieve_global_dir = /etc/dovecot/sieve/
sieve_max_redirects = 25
sieve_pipe_bin_dir = /usr/local/bin/
sieve_pipe_input_eol = lf
sieve_plugins = sieve_extprograms
sieve_redirect_envelope_from = recipient
zlib_save = gz
zlib_save_level = 6
}
protocols = imap pop3 sieve
service auth-worker {
idle_kill = 1 mins
}
service auth {
idle_kill = 1 mins
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
}
user = root
}
service imap-login {
executable = /usr/lib/dovecot/imap-login
process_min_avail = 4
service_count = 0
user = dovecot
}
service imap {
process_limit = 1024
}
service managesieve-login {
inet_listener sieve {
port = 4190
}
service_count = 0
user = dovecot
}
service managesieve {
process_limit = 1024
user = dovecot
}
service pop3-login {
executable = /usr/lib/dovecot/pop3-login
process_min_avail = 4
service_count = 0
user = dovecot
}
service pop3 {
executable = /usr/lib/dovecot/pop3
process_limit = 1024
}
shutdown_clients = no
ssl_ca =
ssl_cert =
ssl_cipher_list =
ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:!DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
ssl_dh_parameters_length =
ssl_prefer_server_ciphers = yes
userdb {
args =
driver = sql
}
verbose_proctitle = yes
protocol lda {
mail_plugins = " sieve zlib"
rejection_reason = Your message to <%t> was automatically discarded:%n%r
}
protocol imap {
imap_client_workarounds = delay-newmail
mail_plugins = " mail_log notify zlib"
ssl = yes
}
protocol pop3 {
mail_plugins = zlib
pop3_client_workarounds = oe-ns-eoh outlook-no-nuls
pop3_no_flag_updates = no
pop3_uidl_format = %08Xu%08Xv
ssl = yes
}
I can imagine, that some protocol need the mail_plugins=zlib directive too?
Yours sincerely
Pascal Rudolf
-Ursprüngliche Nachricht-
Von: dovecot Im Auftrag von Aki Tuomi
Gesendet: Montag, 31. August 2020 12:02
An: rud...@padaru.de; dovecot@dovecot.org
Betreff: Re: how fetch zlibed mails with doveadm
> On 31/08/2020 12:55 rud...@padaru.de wrote:
>
>
> Hey there,
>
> i need some help with an administrativ dovecot question.
>
> I run a dovecot 2.2.33 ubuntu server with mdbox and „zlib_save = gz
> zlib_save_level = 6“. Now i want to fetch the mailheader from some mails via
> doveadm fetch -u hdr uid . The only thing what i receive is some
> binary stuff. Is there a way, i can tell
Re: zlib errors after upgrading
ok, I installed zstd successfully, it works - but how i re-compress
everything via dsync ? (on the same server?)
I did :
sudo doveadm backup -D -u "${mailbox_username}"
"mdbox:/home/vmail/virtualmailboxes/${mailbox_username}_backup"
sudo service dovecot stop
sudo mv "/home/vmail/virtualmailboxes/${mailbox_username}"
"/home/vmail/virtualmailboxes/${mailbox_username}_original"
sudo mv "/home/vmail/virtualmailboxes/${mailbox_username}_backup"
"/home/vmail/virtualmailboxes/${mailbox_username}"
sudo service dovecot start
but somehow that does not work correctly, thunderbird claims that
mailboxes are not existing, etc ...
so what is the correct way to recompress the mailboxes locally ?
Robert
Am 28.08.2020 um 13:15 schrieb Timo Sirainen:
On 28. Aug 2020, at 12.10, Robert Nowotny > wrote:
unfortunately after re-installing 2.3.11.3, those broken-pipe errors
appear again. (on different, new files)
so for sure there is something broken with zlib.
I will go back to2.3.10.1 now.
attached is the configuration file, though it did not change between
2.3.10.1 and 2.3.11.3
Oh, this is with xz, not with gz like we first thought. There are some
known problems with xz, which is why we are planning on removing it
entirely. I'm not sure why v2.3.11 breaks it, although there are some
changes related to it but it might be coincidence. I can't reproduce
this problem though.
In any case, I'd recommend switching to zlib or to zstd in v2.3.12.
(In theory you could leave the existing mails xz-compressed, but best
would be to re-compress everything via dsync so old mails can be read
when we eventually remove xz support.)
smime.p7s
Description: S/MIME Cryptographic Signature
Re: how fetch zlibed mails with doveadm
> On 31/08/2020 12:55 rud...@padaru.de wrote: > > > Hey there, > > i need some help with an administrativ dovecot question. > > I run a dovecot 2.2.33 ubuntu server with mdbox and „zlib_save = gz > zlib_save_level = 6“. Now i want to fetch the mailheader from some mails via > doveadm fetch -u hdr uid . The only thing what i receive is some > binary stuff. Is there a way, i can tell the dovemadm fetch command, that he > should deflate the output for me? > > Yours sincerely > Pascal Rudolf This should happen automatically. Can you provide `doveconf -n`? Aki
how fetch zlibed mails with doveadm
Hey there, i need some help with an administrativ dovecot question. I run a dovecot 2.2.33 ubuntu server with mdbox and "zlib_save = gz zlib_save_level = 6". Now i want to fetch the mailheader from some mails via doveadm fetch -u hdr uid . The only thing what i receive is some binary stuff. Is there a way, i can tell the dovemadm fetch command, that he should deflate the output for me? Yours sincerely Pascal Rudolf
Dovecot Proxy
Hello everyone, it's my first post here on this mailing list and I hope, I make it right. I posted a question on https://serverfault.com/questions/1031441/dovecot-as-proxy-with-submission and nobody was able to answer it. So I decided to push that question here (I'm talking about any new dovecot version and I've tested it with 2.3.4.1 (f79e8e7e4)). I try to run a dovecot proxy in front of a big number of mail servers (serving SMTP-in, submission, IMAP, POP3, Sieve). I need that proxy, because I run out of IPv4 addresses. Of course I use IPv6 too, but many customers still have problems with there providers and they really don't want to share their mails on a "shared-mailserver". I planed to use Dovecot for IMAPS, POP3S, SMTP-submission(465) and postfix for the rest. If I find a solution for sieve, I would try that too, but that is very optional. With the documentation https://wiki1.dovecot.org/HowTo/ImapProxy (which is really old and should be updated) and some other ascii docs (from an Apple mirror somewhere deep in the web) I was able to build a IMAP/POP3 proxy that forwards requests from outside to a specific backend using SSL (993,995). That works - I think.You can find the config on the serverfault page. In general - all known domains in backend are using SSL and the passdb forwards all requests to the backend via SSL. So - I understand:|| |password_query = SELECT NULL AS password, NULL AS destuser, host, 'Y' AS nologin, 'Y' AS nodelay, 'Y' AS nopassword, 'Y' AS proxy, 'any-cert' AS `ssl` FROM proxy_domain WHERE domain = '%d' | But that is only 50% of the show. The rest ist submission (and maybe sieve). Practically the submission implementation in dovecot works too. But because dovecot by default only opens port 587 (starttls), my passdb setting has a problem. When I try to use that port Dovecot tries to use SSL on the backend/587 too - but that is wrong (it should either use 465 or should try to use starttls). So, I have the following options. - find a way to configure dovecot-proxy to listen on 465 with SSL for submission service and hope that it uses the same port - but I didn't find any documentation for that and need help - find a way to configure dovecot-proxy/passdb to return starttls=y when dovecot-submission is used (use a different passdb) - but I didn't find any documentation for that and I'm not sure, if this worls on service/protocol level - find a way to configure the passdb answer based on the used port/protocol. But I only know the parameter %u, %d and %p. - so it would be nice to find a way to also select the protocol (if already developed) - find a way to make a patch in dovecot (which isn't easy for me, because I don't really know the code) Has somebody an idea, how I can configure the dovecot-proxy in that way. bye Thoralf
