Re: About TLS variables
This information is not passed currently to auth process, so no, it's not currently possible. Aki > On 04/03/2021 08:34 Henry wrote: > > > Hello, > > I found the Variable %c only has TLS, Can it be using "TLSv1, > TLSv1.1,TLSv1.2,TLSv1.3" instead of only TLS like as dovecot logging, this is > really a most meaningful , thanks > > > > Variable%c > Long namesecured > Description“TLS” with established SSL/TLS connections, “TLS handshaking”, or > “TLS [handshaking]: error text” if disconnecting due to TLS error. “secured” > with localhost connections. Otherwise empty. > > > > > >
About TLS variables
Hello, I found the Variable %c only has TLS, Can it be using "TLSv1, TLSv1.1, TLSv1.2, TLSv1.3" instead of only TLS like as dovecot logging, this is really a most meaningful , thanks Variable %cLong name securedDescription “TLS” with established SSL/TLS connections, “TLS handshaking”, or “TLS [handshaking]: error text” if disconnecting due to TLS error. “secured” with localhost connections. Otherwise empty.
Re: Why Last-login?
On 3/4/21 3:21 AM, @lbutlr wrote: > On 03 Mar 2021, at 05:38, Aki Tuomi wrote: >> These days you can also replace last-login with mail-lua script, which can >> do lot more than just try to set a dict. But last-login rather useful >> information when you are debugging, or removing dormant accounts. And other >> customer support incidents. > Sure, being able to check a last login, approximately, is obviously useful. > Bu clogging it for every login I do use last-login and I do agree that incrementing the timestamp when the existing value isn't too old is not very useful. I have several deployments where everything is stored in and consumed from MySQL, so deploying redis just for this seems too much. The database is replicated. We end up seeing most of the replication traffic (network and disk IO) coming from last-login. Using specifically binlog_format = ROW, I can mitigate this with a trigger saying 'IF NEW.lastlogin < (OLD.lastlogin + 900) THEN SET NEW.lastlogin = OLD.lastlogin' and I end up having an unchanged row, so nothing goes to the binlog. Especially with pop3 users (some people do still do that) this can be a huge reduction in traffic. It would perhaps be a nice feature if the last-login plugin could first fetch from the dict and do this comparison on its own.
Re: t/s expired cert error
On Wed, 3 Mar 2021, Yassine Chaouche wrote: Le 3/2/21 ? 9:02 PM, Matthias Kneer a ?crit : # echo | openssl s_client -connect emu.sbt.net.au:110 2>/dev/null | openssl x509 -noout -enddate I am intrigued about the function of echo in that command line ? It just a dummy input so that openssl s_client does wait for data from stdin. The OP could have also done openssl s_client ...
Re: Why Last-login?
On Wed, Mar 3, 2021 at 11:16 AM @lbutlr wrote: > On 03 Mar 2021, at 05:33, Yassine Chaouche > wrote: > >> Am I missing some reason I would need/want to keep track of that > specific login time separately? > > > What about mbox files ? > > Is anyone foolish enough to use mbox in 2021? > > It's designed for dozens of kilobytes of mail. Perhaps hundreds of > kilobytes/ It is a horrible horrible format for hundreds of megabyte of > mail, it offers no advantages at all, and is fragile to corruption since it > stores everything in a single file. > > Specific to the 'why use last login' question, with millions of mailboxes, walking the filesystem is more than a little onerous (having done it many times over the years, and never remembering where I put the script from 'last time') and takes a good chunk of a day to run. We were doing file-based last-login for a while (yeah, still needs a fs walk, but at least is dead simple and requires no stat()'ing), till locking became an issue (nfs). We moved to redis a couple of months ago, and now determining things like "who hasn't logged into anything in 30 days" becomes a 1 minute run of a python script using redis SCAN. If you don't have a mountain of mailboxes and fs-walking isn't a problem, then there's def less need. Which means you don't have management repeatedly asking for 'active mailboxes' ;)
Re: Why Last-login?
On 03 Mar 2021, at 05:38, Aki Tuomi wrote: > These days you can also replace last-login with mail-lua script, which can do > lot more than just try to set a dict. But last-login rather useful > information when you are debugging, or removing dormant accounts. And other > customer support incidents. Sure, being able to check a last login, approximately, is obviously useful. Bu clogging it for every login seems… well, it seems to be something people have been trouble getting to work properly and the information is right there without having to do anything. Well, expect not use mbox. Seems that are simpler and less impactful and less troublesome ways to do this. Anyway, it seems I am not missing anything, so I'll continue on with ls -lsdtr /path/to/user/maildir/{new,.**/new} if I need to look for defunct accounts. -- I got fired from the zoo for braiding the snakes.
Re: Why Last-login?
On 03 Mar 2021, at 05:33, Yassine Chaouche wrote: >> Am I missing some reason I would need/want to keep track of that specific >> login time separately? > What about mbox files ? Is anyone foolish enough to use mbox in 2021? It's designed for dozens of kilobytes of mail. Perhaps hundreds of kilobytes/ It is a horrible horrible format for hundreds of megabyte of mail, it offers no advantages at all, and is fragile to corruption since it stores everything in a single file. -- The days of our innocence and grace flow by The smiles we wear upon our face blow by
Re: Why Last-login?
> On 03/03/2021 14:36 Yassine Chaouche wrote: > > > Le 3/3/21 à 1:33 PM, Yassine Chaouche a écrit : > > What about mbox files ? > > > > -- Yassine. > > An alternative would be looking into the dovecot logs, but those are > neceassrily time bound. > So either keep very large amounts of logs, or store just the login info > (much shorter) in the > db. > > -- Yassine. These days you can also replace last-login with mail-lua script, which can do lot more than just try to set a dict. But last-login rather useful information when you are debugging, or removing dormant accounts. And other customer support incidents. https://doc.dovecot.org/admin_manual/lua/#id2 Aki
Re: Why Last-login?
Le 3/3/21 à 1:33 PM, Yassine Chaouche a écrit : What about mbox files ? -- Yassine. An alternative would be looking into the dovecot logs, but those are neceassrily time bound. So either keep very large amounts of logs, or store just the login info (much shorter) in the db. -- Yassine.
Re: Why Last-login?
Le 3/3/21 à 12:57 PM, @lbutlr a écrit : I've noticed several threads over the last year or so about last-login, and I was curious WHY people care about tracking this in the database. I can see wanting to know if a user has logged in recently, but this seems quite easy to tell by simply looking at the time stamp and/or contents of the mail spool for the user. For example, on my system I can look at the timestamps on the 'new' folders in the user's maildir to see if they are getting mail, and if the folders are empty, I have a time stamp of when they last checked that mailbox, giving me a pretty accurate time for when they last logged in. For example, looking at one user: # ls -lsdtr /path/to/user/maildir/{new,.**/new} I can see that the most recent "new" mailboxes were accessed on 02 Mar 14:25 and 03 Mar 01:45, and I can see that the latter mailbox has files in it and the former mailbox does not (just by the size, without doing an extra ls of those directories), so I know that the last time the user logged in was about 14:25 or later yesterday and that they definitely have not logged in in the last 3h05, which seems close enough to me. Am I missing some reason I would need/want to keep track of that specific login time separately? What about mbox files ? -- Yassine.
LDA File Permissions
All, I am looking for an easy way to setup LDA so that it creates files with group read permission. Currently LDA/Sieve create the '.dovecot.lda-dupes’ file with ‘0600’. My backup process needs to be able to read the file because it runs as a user that is in the same group as the LDA process. I looked into the source code and the file is opened with mode ‘0666’ as " fd = open(lock_info->lock_path, O_RDWR | O_EXCL | O_CREAT, 0666); This implies it is a umask issue. What is the best way to view and set the umask value for the LDA process on Ubuntu 20.04? Thanks, David
Re: t/s expired cert error
On 03 Mar 2021, at 02:13, Yassine Chaouche wrote: > Le 3/2/21 à 9:02 PM, Matthias Kneer a écrit : >> echo | openssl s_client -connect emu.sbt.net.au:110 -starttls pop3 >> 2>/dev/null | openssl x509 -noout -enddate > I am intrigued about the function of echo in that command line ? Did you try the command without eh "echo |"? With the cho, the command returns the date immediately and ends. Without it, it returns the date and doe not end until you press return again. For the record, you really should just use the proper port 995. -- "Are you pondering what I'm pondering?" "Are you pondering cheesesticks?"
Why Last-login?
I've noticed several threads over the last year or so about last-login, and I was curious WHY people care about tracking this in the database. I can see wanting to know if a user has logged in recently, but this seems quite easy to tell by simply looking at the time stamp and/or contents of the mail spool for the user. For example, on my system I can look at the timestamps on the 'new' folders in the user's maildir to see if they are getting mail, and if the folders are empty, I have a time stamp of when they last checked that mailbox, giving me a pretty accurate time for when they last logged in. For example, looking at one user: # ls -lsdtr /path/to/user/maildir/{new,.**/new} I can see that the most recent "new" mailboxes were accessed on 02 Mar 14:25 and 03 Mar 01:45, and I can see that the latter mailbox has files in it and the former mailbox does not (just by the size, without doing an extra ls of those directories), so I know that the last time the user logged in was about 14:25 or later yesterday and that they definitely have not logged in in the last 3h05, which seems close enough to me. Am I missing some reason I would need/want to keep track of that specific login time separately? -- 'But you ain't part of it, are you?' said Granny conversationally. 'You try, but you always find yourself watchin' yourself watchin' people, eh? Never quite believin' anything? Thinkin' the wrong thoughts?'
Re: Can Dovecot honor Outlook's "leave mail on server for X days" setting?
On 03 Mar 2021, at 00:19, Joseph Tam wrote: > On Tue, 2 Mar 2021, Steve Dondley wrote: >> I've got a linux box running dovecot/postfix using maildir format. I >> was surprised to learn that a client that had many GBs of email was >> running POP3, not IMAP. It turns out they had a setting to delete POP3 >> mail after X days turned on but it just went ignored. I turned off POP3 support nearly 20 years ago. I only allow it for users who are importing their mail into gmail (though in theory I would allow it for other users who wanted to import into some other service, assuming it worked). Gmail I know will removed the messages when they are retrieved, so I do not have to worry about broken MUAs. >> I know this is not how POP3 is supposed to work, but is there a way to >> get dovecot to honor the user's settings in Outlook? Or should I just >> tell the client to turn this off and use a proper IMAP account? As Joseph says, this is a MUA setting and is controlled by the MUA. Of course, you could do things like move all messages from the inbox after 30 days to the archive mailbox and auto-expunge your user's Junk and Trash folders, but that will duo little with a POP3 user. Best to simply tun off POP as far as I'm concerned. I do offer a roundcube (used to be Squirrelmail before it was abandoned) for those people who still claim they do not have a MUA that support IMAP. > It's not dovecot (or any POP3) server's job to implement this setting, it's > the client's. Typically, the mail reader downloads a list of messages, > then issues "DELE" commands to remove messages based on whatever criteria > the user had set. Dovecot has no idea what the user's setting is. POP3 is a "feature" that is included in modern MUAs just because it always has been. There is no reason to use it and it offers no advantages over IMAP and many disadvantages. Your user's POP stack was probably last looked at by a competent programmer early in the 2000s. Turn it off. (Users can connect to my mail server on ports 993, 587, and 465; and only on those ports, using TLSv1.2 and 1.3 only. If their MUAs cannot handle that and they will not upgrade, they can use the webmail or gmail). -- 'Why?' he [Rincewind] said. The world is going to end. 'What, again?'
Re: Bug in renaming folder hierarchies - any reaction ?
Hi, this might be caused by FULLDIRNAME=DbOx-mAiLs (as far fetched as it sounds). Would it be possible for you to try it out if it happens if you remove this setting? Aki > On 02/03/2021 21:35 Klaus Steinberger > wrote: > > > Hi, > > no comments on this? This is definitly with two different IMAP Clients > reproducible. > > This led already to some message loss in user Mailboxes. > > > > we discovered a major problem with renaming folders with subfolders > > > > testszenario: > > > > folders: > > > > test1 > > test1/test1-1 > > test1/test1-2 > > > > all 3 folders contain a test message > > > > after renaming the top level folder test1 to test2 following folders exist: > > > > test2 > > test2/test1-1 > > test2/test1-2 > > > > the subfolders test1-1 and test1-2 are empty, the top level folder contains > > the > > correct message. > > > > > > Now renmaing test2 back to test1: > > > > Alle folders again contain their messages. > > > > So this looks like during renaming the top level folder just the message > > references for the subfolders got lost, and with renaming back they are > > there again. > > > > I can reproduce this behavior both with thunderbird and Horde Webmail as a > > client, also it happens with a second different dovecot setup > > > > > Sincerly, > Klaus Steinberger
Re: last login plugins
oh! cannot see the last_login_key at logging Mar 3 17:57:10 cnt8-testing dovecot[650754]: imap(em...@testing.com)<650774>: Debug: Added userdb setting: plugin/quota_rule=*:backend=19922944SMar 3 17:57:10 cnt8-testing dovecot[650754]: imap(em...@testing.com)<650774>: Debug: Effective uid=89, gid=89, home=/home/vpopmail/domains/2/6/x/testing.com/emailMar 3 17:57:10 cnt8-testing dovecot[650754]: imap(em...@testing.com)<650774>: Debug: Quota root: name=User quota backend=maildir args=Mar 3 17:57:10 cnt8-testing dovecot[650754]: imap(em...@testing.com)<650774>: Debug: Quota rule: root=User quota mailbox=* bytes=19922944 messages=0Mar 3 17:57:10 cnt8-testing dovecot[650754]: imap(em...@testing.com)<650774>: Debug: Quota grace: root=User quota bytes=1992294 (10%)Mar 3 17:57:10 cnt8-testing dovecot[650754]: imap(em...@testing.com)<650774>: Debug: Namespace inbox: type=private, prefix=, sep=., inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:~/Maildir:INDEX=/home/vpopmail/domains/2/6/x/testing.com/emailMar 3 17:57:10 cnt8-testing dovecot[650754]: imap(em...@testing.com)<650774>: Debug: maildir++: root=/home/vpopmail/domains/2/6/x/testing.com/email/Maildir, index=/home/vpopmail/domains/2/6/x/testing.com/email, indexpvt=, control=, inbox=/home/vpopmail/domains/2/6/x/testing.com/email/Maildir, alt=Mar 3 17:57:10 cnt8-testing dovecot[650754]: imap(em...@testing.com)<650774>: Debug: quota: quota_over_flag check: quota_over_script unset - skippingMar 3 17:57:10 cnt8-testing dovecot[650754]: imap(em...@testing.com)<650774>: Debug: Mailbox INBOX: Mailbox opened because: STATUSMar 3 17:57:10 cnt8-testing dovecot[650754]: imap(em...@testing.com)<650774>: Debug: Mailbox INBOX: Mailbox opened because: SELECTMar 3 17:57:10 cnt8-testing dovecot[650754]: imap(em...@testing.com)<650774>: Debug: Mailbox Drafts: Mailbox opened because: SELECTMar 3 17:57:10 cnt8-testing dovecot[650754]: imap(em...@testing.com)<650774>: Debug: Mailbox Sent: Mailbox opened because: SELECTMar 3 17:57:10 cnt8-testing dovecot[650754]: imap(em...@testing.com)<650774>: Debug: Mailbox Trash: Mailbox opened because: SELECTMar 3 17:57:10 cnt8-testing dovecot[650754]: imap(em...@testing.com)<650774>: Debug: Mailbox 寄件備份: Mailbox opened because: SELECT Aki Tuomi () 在 2021年3月3日星期三 下午05:51:55 [GMT+8] 寫道: Can you enable `mail_debug=yes` and see what the last_login_key value is when imap session starts? It should show up on logs. Aki > On 03/03/2021 11:12 Henry wrote: > > > but when I remove the last_login_key at plugins, error log as below > > > > Error: last_login_dict: Failed to write value: dict-server returned failure: > sql dict set: Invalid/unmapped key: shared/last-login/em...@testing.com > (reply took 0.006 secs (0.000 in dict wait, 0.002 in other ioloops, 0.001 in > locks, async-id reply 0.000 secs ago, started on dict-server 0.000 secs ago, > took 0.000 secs)) > > > > Aki Tuomi () 在 2021年3月3日星期三 下午04:23:20 [GMT+8] 寫道: > > > Looks promising, can you try removing "plugin { last_login_key=.. }" from > your configuration file completely and see if it works then? > > Aki > > > > On 03/03/2021 10:17 Henry wrote: > > > > > > Dear Aki > > > > > > Below for output, it is normal? > > > > [root@cnt8-testing dovecot]# doveadm user em...@testing.com > > > > doveadm user em...@testing.com > > field value > > uid 89 > > gid 89 > > home /home/vpopmail/domains/2/6/x/testing.com/email > > mail maildir:~/Maildir:INDEX=/home/vpopmail/domains/2/6/x/testing.com/email > > quota_rule *:bytes=19922944 > > last_login_key last-login/em...@testing.com/testing.com///0 > > > > > > > > > > > > Aki Tuomi () 在 2021年3月2日星期二 下午10:47:39 [GMT+8] > > 寫道: > > > > > > Did you try > > > > doveadm user account > > > > to see that last_login_key appears in output in correct form? > > > > Aki > > > > > > On March 2, 2021 2:44:43 PM UTC, Henry wrote: > > > Dear Aki, > > > > > > I try it as your recommend but still no luck, same error > > > > > > Error: Failed to expand plugin setting last_login_key = > > > 'last-login/%u/%d/%r/%l/%a': Unknown variable '%a' > > > > > > If I remark #last_login_key = last-login/%u/%d/%r/%l/%a at plugin , error > > > as below > > > > > > Error: last_login_dict: Failed to write value: dict-server returned > > > failure: sql dict set: Invalid/unmapped key: shared/last-login/ > > > > > >
Re: last login plugins
Can you enable `mail_debug=yes` and see what the last_login_key value is when imap session starts? It should show up on logs. Aki > On 03/03/2021 11:12 Henry wrote: > > > but when I remove the last_login_key at plugins, error log as below > > > > Error: last_login_dict: Failed to write value: dict-server returned failure: > sql dict set: Invalid/unmapped key: shared/last-login/em...@testing.com > (reply took 0.006 secs (0.000 in dict wait, 0.002 in other ioloops, 0.001 in > locks, async-id reply 0.000 secs ago, started on dict-server 0.000 secs ago, > took 0.000 secs)) > > > > Aki Tuomi () 在 2021年3月3日星期三 下午04:23:20 [GMT+8] 寫道: > > > Looks promising, can you try removing "plugin { last_login_key=.. }" from > your configuration file completely and see if it works then? > > Aki > > > > On 03/03/2021 10:17 Henry wrote: > > > > > > Dear Aki > > > > > > Below for output, it is normal? > > > > [root@cnt8-testing dovecot]# doveadm user em...@testing.com > > > > doveadm user em...@testing.com > > field value > > uid 89 > > gid 89 > > home /home/vpopmail/domains/2/6/x/testing.com/email > > mail maildir:~/Maildir:INDEX=/home/vpopmail/domains/2/6/x/testing.com/email > > quota_rule *:bytes=19922944 > > last_login_key last-login/em...@testing.com/testing.com///0 > > > > > > > > > > > > Aki Tuomi () 在 2021年3月2日星期二 下午10:47:39 [GMT+8] > > 寫道: > > > > > > Did you try > > > > doveadm user account > > > > to see that last_login_key appears in output in correct form? > > > > Aki > > > > > > On March 2, 2021 2:44:43 PM UTC, Henry wrote: > > > Dear Aki, > > > > > > I try it as your recommend but still no luck, same error > > > > > > Error: Failed to expand plugin setting last_login_key = > > > 'last-login/%u/%d/%r/%l/%a': Unknown variable '%a' > > > > > > If I remark #last_login_key = last-login/%u/%d/%r/%l/%a at plugin , error > > > as below > > > > > > Error: last_login_dict: Failed to write value: dict-server returned > > > failure: sql dict set: Invalid/unmapped key: shared/last-login/ > > > > > >
Re: t/s expired cert error
Le 3/2/21 à 9:02 PM, Matthias Kneer a écrit : # echo | openssl s_client -connect emu.sbt.net.au:110 2>/dev/null | openssl x509 -noout -enddate unable to load certificate 139830305752976:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:707:Expecting: TRUSTED CERTIFICATE Your test does not use starttls on port 110, could you retry like this?: echo | openssl s_client -connect emu.sbt.net.au:110 -starttls pop3 2>/dev/null | openssl x509 -noout -enddate Is the clients time / date properly configured? For me all your pop3s/imaps/smtps ports answer fine. I am intrigued about the function of echo in that command line ? -- Yassine.
Re: last login plugins
but when I remove the last_login_key at plugins, error log as below Error: last_login_dict: Failed to write value: dict-server returned failure: sql dict set: Invalid/unmapped key: shared/last-login/em...@testing.com (reply took 0.006 secs (0.000 in dict wait, 0.002 in other ioloops, 0.001 in locks, async-id reply 0.000 secs ago, started on dict-server 0.000 secs ago, took 0.000 secs)) Aki Tuomi () 在 2021年3月3日星期三 下午04:23:20 [GMT+8] 寫道: Looks promising, can you try removing "plugin { last_login_key=.. }" from your configuration file completely and see if it works then? Aki > On 03/03/2021 10:17 Henry wrote: > > > Dear Aki > > > Below for output, it is normal? > > [root@cnt8-testing dovecot]# doveadm user em...@testing.com > > doveadm user em...@testing.com > field value > uid 89 > gid 89 > home /home/vpopmail/domains/2/6/x/testing.com/email > mail maildir:~/Maildir:INDEX=/home/vpopmail/domains/2/6/x/testing.com/email > quota_rule *:bytes=19922944 > last_login_key last-login/em...@testing.com/testing.com///0 > > > > > > Aki Tuomi () 在 2021年3月2日星期二 下午10:47:39 [GMT+8] 寫道: > > > Did you try > > doveadm user account > > to see that last_login_key appears in output in correct form? > > Aki > > > On March 2, 2021 2:44:43 PM UTC, Henry wrote: > > Dear Aki, > > > > I try it as your recommend but still no luck, same error > > > > Error: Failed to expand plugin setting last_login_key = > > 'last-login/%u/%d/%r/%l/%a': Unknown variable '%a' > > > > If I remark #last_login_key = last-login/%u/%d/%r/%l/%a at plugin , error > > as below > > > > Error: last_login_dict: Failed to write value: dict-server returned > > failure: sql dict set: Invalid/unmapped key: shared/last-login/ > > > >
Re: t/s expired cert error
Le 3/2/21 à 9:04 PM, Arjen de Korte a écrit : Citeren Voytek Eymont : On Wed, March 3, 2021 1:17 am, Yassine Chaouche wrote: hmm, just tried this, 110/143 gives error, 995/993 doesn't: I'll try changing in TB to SSL/TLS not StartTLS, 995 or 993, etc, and, see if error goes # echo | openssl s_client -connect emu.sbt.net.au:110 2>/dev/null | openssl x509 -noout -enddate On port 110/143 you need to tell the POP3/IMAP server to upgrade the connection to TLS. In that case, it will work just fine: # echo | openssl s_client -connect emu.sbt.net.au:110 -starttls pop3 2>/dev/null | openssl x509 -noout -enddate notAfter=Apr 27 12:11:32 2021 GMT #echo | openssl s_client -connect emu.sbt.net.au:143 -starttls imap 2>/dev/null | openssl x509 -noout -enddate notAfter=Apr 27 12:11:32 2021 GMT Remember that there is a difference between connections that are upgraded to TLS (110/143) and connections that use SSL by default (995/993). If you don't tell the first that you want to use TLS, the server will not present the certificate, unlike the latter. Regards, Arjen *tl;dr *: use*-starttls *if you want TLS on a non-TLS port. -- Yassine
Re: last login plugins
Looks promising, can you try removing "plugin { last_login_key=.. }" from your configuration file completely and see if it works then? Aki > On 03/03/2021 10:17 Henry wrote: > > > Dear Aki > > > Below for output, it is normal? > > [root@cnt8-testing dovecot]# doveadm user em...@testing.com > > doveadm user em...@testing.com > field value > uid 89 > gid 89 > home /home/vpopmail/domains/2/6/x/testing.com/email > mail maildir:~/Maildir:INDEX=/home/vpopmail/domains/2/6/x/testing.com/email > quota_rule *:bytes=19922944 > last_login_key last-login/em...@testing.com/testing.com///0 > > > > > > Aki Tuomi () 在 2021年3月2日星期二 下午10:47:39 [GMT+8] 寫道: > > > Did you try > > doveadm user account > > to see that last_login_key appears in output in correct form? > > Aki > > > On March 2, 2021 2:44:43 PM UTC, Henry wrote: > > Dear Aki, > > > > I try it as your recommend but still no luck, same error > > > > Error: Failed to expand plugin setting last_login_key = > > 'last-login/%u/%d/%r/%l/%a': Unknown variable '%a' > > > > If I remark #last_login_key = last-login/%u/%d/%r/%l/%a at plugin , error > > as below > > > > Error: last_login_dict: Failed to write value: dict-server returned > > failure: sql dict set: Invalid/unmapped key: shared/last-login/ > > > >
Re: last login plugins
Dear Aki Below for output, it is normal? [root@cnt8-testing dovecot]# doveadm user em...@testing.com doveadm user email@testing.comfield valueuid 89gid 89home /home/vpopmail/domains/2/6/x/testing.com/emailmail maildir:~/Maildir:INDEX=/home/vpopmail/domains/2/6/x/testing.com/emailquota_rule *:bytes=19922944last_login_key last-login/em...@testing.com/testing.com///0 Aki Tuomi () 在 2021年3月2日星期二 下午10:47:39 [GMT+8] 寫道: Did you try doveadm user account to see that last_login_key appears in output in correct form? Aki On March 2, 2021 2:44:43 PM UTC, Henry wrote: Dear Aki, I try it as your recommend but still no luck, same error Error: Failed to expand plugin setting last_login_key = 'last-login/%u/%d/%r/%l/%a': Unknown variable '%a' If I remark #last_login_key = last-login/%u/%d/%r/%l/%a at plugin , error as below Error: last_login_dict: Failed to write value: dict-server returned failure: sql dict set: Invalid/unmapped key: shared/last-login/ There is any error in my configuration? thanks for your help. ## dovecot.confuserdb { driver = prefetch}userdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql}plugin { quota = maildir:User quota last_login_dict = proxy::lastlogin last_login_key = last-login/%u/%d/%r/%l/%a quota_status_success = DUNNO quota_status_nouser = DUNNO quota_status_overquota = "552 5.2.2 Mailbox is full"}dict { lastlogin = mysql:/etc/dovecot/dovecot-last-login.conf } ## dovecot-sql.conf.extpassword_query = SELECT CONCAT(pw_name, '@', pw_domain) AS user,pw_passwd AS password, concat('*:backend=', pw_shell) as \ userdb_quota_rule, 89 AS userdb_uid, 89 AS userdb_gid, pw_dir AS userdb_home ,'last-login/%u/%d/%r/%l/%a' AS last_login_key FROM vpopmail LEFT JOIN limits ON vpopmail.pw_domain = \limits.domain WHERE pw_name = '%n' AND pw_domain='%d' AND (( '%s' = 'smtp' AND (pw_gid & 2048)<>2048 AND COALESCE(disable_smtp,0)!=1) OR \('%s' = 'pop3' AND (pw_gid & 2)<>2 AND COALESCE(disable_pop,0) != 1 ) OR ('%s' = 'imap' AND ('%r'='127.0.0.1') AND \(pw_gid & 4)<>4 AND COALESCE(disable_webmail,0)!=1) OR ('%s' = 'imap' AND ('%r'!='127.0.0.1') AND (pw_gid & 8)<>8 AND COALESCE(disable_imap,0)!=1)); user_query = \ SELECT pw_dir AS home, \ 89 AS uid, \ 89 AS gid, \ CONCAT('*:bytes=', REPLACE(SUBSTRING_INDEX(pw_shell, 'S', 1), 'NOQUOTA', '0')) AS quota_rule, \ 'last-login/%u/%d/%r/%l/%a' AS last_login_key \ FROM vpopmail \ WHERE pw_name = '%n' AND pw_domain = '%d' \ AND ('%a'!='995' or !(pw_gid & 2)) \ AND ('%r'!='[WEBMAIL-IP]' or !(pw_gid & 4)) \ AND ('%r'='[WEBMAIL-IP]' or '%a'!='993' or !(pw_gid & 8)) # Henry () 在 2021年2月28日星期日 下午05:24:45 [GMT+8] 寫道: Dear Aka Still no luck, same errorError: Failed to expand plugin setting last_login_key = 'last-login/%u/%d/%r/%l/%a': Unknown variable '%a' If I remark #last_login_key = last-login/%u/%d/%r/%l/%a at plugin , error as belowError: last_login_dict: Failed to write value: dict-server returned failure: sql dict set: Invalid/unmapped key: shared/last-login/ #dovecot.confuserdb { driver = prefetch}userdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql}plugin { quota = maildir:User quota last_login_dict = proxy::lastlogin last_login_key = last-login/%u/%d/%r/%l/%a quota_status_success = DUNNO quota_status_nouser = DUNNO quota_status_overquota = "552 5.2.2 Mailbox is full"}dict { lastlogin = mysql:/etc/dovecot/dovecot-last-login.conf } # dovecot-sql.conf.extpassword_query = SELECT CONCAT(pw_name, '@', pw_domain) AS user,pw_passwd AS password, concat('*:backend=', pw_shell) as \ userdb_quota_rule, 89 AS userdb_uid, 89 AS userdb_gid, pw_dir AS userdb_home ,'last-login/%u/%d/%r/%l/%a' AS last_login_key FROM vpopmail LEFT JOIN limits ON vpopmail.pw_domain = \limits.domain WHERE pw_name = '%n' AND pw_domain='%d' AND (( '%s' = 'smtp' AND (pw_gid & 2048)<>2048 AND COALESCE(disable_smtp,0)!=1) OR \('%s' = 'pop3' AND (pw_gid & 2)<>2 AND COALESCE(disable_pop,0) != 1 ) OR ('%s' = 'imap' AND ('%r'='127.0.0.1') AND \(pw_gid & 4)<>4 AND COALESCE(disable_webmail,0)!=1) OR ('%s' = 'imap' AND ('%r'!='127.0.0.1') AND (pw_gid & 8)<>8 AND COALESCE(disable_imap,0)!=1)); user_query = \ SELECT pw_dir AS home, \ 89 AS uid, \ 89 AS gid, \ CONCAT('*:bytes=', REPLACE(SUBSTRING_INDEX(pw_shell, 'S', 1), 'NOQUOTA', '0')) AS quota_rule, \ 'last-login/%u/%d/%r/%l/%a' AS last_login_key \ FROM vpopmail \ WHERE pw_name = '%n' AND pw_domain = '%d' \ AND ('%a'!='995' or !(pw_gid & 2)) \ AND ('%r'!='[WEBMAIL-IP]' or !(pw_gid & 4)) \ AND ('%r'='[WEBMAIL-IP]' or '%a'!='993' or !(pw_gid & 8)) Aki Tuomi () 在 2021年2月28日星期日 下午04:55:04 [GMT+8] 寫道: You need to put it in the sql query. SELECT ..., 'last-login/%u/%d/%r/%l/%a' AS last_login_key Aki On February 28, 2021 8:12:39 AM UTC, Henry wrote: > current config as below: >userdb { driver = prefetch}userdb { args = >/etc/dovecot/dovecot-sql.conf.ext driver = sql}