Re: Memory problems with config service
> On 16/02/2022 07:30 Víctor Rubiella Monfort wrote:
>
>
> Hi all,
> I'm having problems with memory in config service. I increased vsz_limit to
> 10GB but continue with this errors when try to reload or restart dovecot:
>
> config: Panic: data stack: Out of memory when allocating 2147483688 bytes
> master: Error: service(config): command startup failed, throttling for 2 secs
> config: Fatal: master: service(config): child 5512 killed with signal 6
> (core dumps disabled)
>
> Dovecot has a lot of certificates TLS configured (SNI) (about 3k), but if I
> check the size of all of them is aprox 170MB on disk.Why does it need so much
> memory to boot? Is normal?
>
>
>
> service config {
> vsz_limit = {{ vszlimit }}
> }
Hi!
Can you send your doveconf -n output?
Aki
Re: Replications ERROR
Hallo Christian,
Danke für Deine Antwort!
Am Dienstag, 15. Februar 2022, 13:44:20 CET schrieb Christian Mack:
> Hello
>
> Am 14.02.22 um 14:41 schrieb Günther J. Niederwimmer:
> > Hello,
> >
> > Can any Help me to find out the Problem with "sync failed"
> >
> > I have all disabled only one user is in the moment running?
> >
> > doveadm replicator status '*'
> > usernamepriority fast sync full sync
> > success sync failed
> > g...@example.comnone 00:01:47 23:37:43
> > - y
> > gjn none 00:01:47 23:42:43 -
> > y
> >
> > Could it be a Problem with this
> > doveadm user '*'
> > g...@example.com
> >
> > What is the way to become logs what is going wrong ?
> >
> > Could it be, I have Problems with the Dovecot Variables in the LDAP Config
> > ?
> >
> > Thanks very match for a answer,
>
> I would try a manual sync and see what error messages you get.
> something like:
> doveadm -v -D sync -u ${USER_NAME} -f tcp:${SERVERNAME_TO_SYNC_TO} 2>&1
| tee sync-error.log
I have this as answer
-bash: tcp:${mx01.example.com.lan}: Falsche Variablenersetzung.
olso with a IP address What is the correct syntax Thanks
PS: sowas hatte ich schon gesucht, aber nicht gefunden DANKE
--
mit freundlichen Grüßen / best regards
Günther J. Niederwimmer
signature.asc
Description: This is a digitally signed message part.
Fwd: Memory problems with config service
(Resend to list, sorry for personal reply)
Mensaje reenviado
Asunto: Re: Memory problems with config service
Fecha: Wed, 16 Feb 2022 16:19:32 +0100
De: Víctor Rubiella Monfort
Para: Aki Tuomi
# 2.2.27 (): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.16 ()
# OS: Linux 4.9.0-16-amd64 x86_64 Debian 9.9
auth_username_chars =
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@&
auth_worker_max_count = 25
default_client_limit = 1200
disable_plaintext_auth = no
first_valid_uid = 100
info_log_path = /var/log/dovecot-info.log
log_path = /var/log/dovecot.log
login_greeting = Server ready
login_log_format_elements = user=<%u> method=%m port=%a rip=%r lip=%l
mpid=%e %c
mail_location = maildir:%h
mail_max_userip_connections = 100
passdb {
args = /etc/dovecot/mailaccounts.db
driver = passwd-file
}
plugin {
quota = maildir:User quota
quota_rule3 = SPAM:storage=+50M
}
protocols = imap pop3
service config {
vsz_limit = 9 G
}
service imap-login {
process_limit = 500
}
service pop3-login {
process_limit = 500
}
ssl_ca =
On 16/02/2022 07:30 Víctor Rubiella Monfort wrote:
Hi all,
I'm having problems with memory in config service. I increased
vsz_limit to 10GB but continue with this errors when try to reload or
restart dovecot:
config: Panic: data stack: Out of memory when allocating 2147483688 bytes
master: Error: service(config): command startup failed, throttling
for 2 secs
config: Fatal: master: service(config): child 5512 killed with signal
6 (core dumps disabled)
Dovecot has a lot of certificates TLS configured (SNI) (about 3k),
but if I check the size of all of them is aprox 170MB on disk.Why
does it need so much memory to boot? Is normal?
service config {
vsz_limit = {{ vszlimit }}
}
Hi!
Can you send your doveconf -n output?
Aki
Re: Replications ERROR
Hello
Am 16.02.22 um 14:35 schrieb Günther J. Niederwimmer:
> Hallo Christian,
>
> Danke für Deine Antwort!
>
> Am Dienstag, 15. Februar 2022, 13:44:20 CET schrieb Christian Mack:
>> Hello
>>
>> Am 14.02.22 um 14:41 schrieb Günther J. Niederwimmer:
>>> Hello,
>>>
>>> Can any Help me to find out the Problem with "sync failed"
>>>
>>> I have all disabled only one user is in the moment running?
>>>
>>> doveadm replicator status '*'
>>> usernamepriority fast sync full sync
>>> success sync failed
>>> g...@example.comnone 00:01:47 23:37:43
>>> - y
>>> gjn none 00:01:47 23:42:43 -
>>> y
>>>
>>> Could it be a Problem with this
>>> doveadm user '*'
>>> g...@example.com
>>>
>>> What is the way to become logs what is going wrong ?
>>>
>>> Could it be, I have Problems with the Dovecot Variables in the LDAP Config
>>> ?
>>>
>>> Thanks very match for a answer,
>>
>> I would try a manual sync and see what error messages you get.
>> something like:
>> doveadm -v -D sync -u ${USER_NAME} -f tcp:${SERVERNAME_TO_SYNC_TO} 2>&1
> | tee sync-error.log
>
> I have this as answer
> -bash: tcp:${mx01.example.com.lan}: Falsche Variablenersetzung.
>
> olso with a IP address What is the correct syntax Thanks
>
> PS: sowas hatte ich schon gesucht, aber nicht gefunden DANKE
>
Sorry, didn't expect this to be a problem.
The ${...} are shell variables, therefore try in your case:
doveadm -v -D sync -u g...@example.com -f tcp:mx01.example.com.lan 2>&1 |
tee sync-error.log
Kind regards,
Christian Mack
--
Christian Mack
Universität Konstanz
Kommunikations-, Informations-, Medienzentrum (KIM)
Abteilung IT-Dienste Forschung und Lehre
78457 Konstanz
+49 7531 88-4416
smime.p7s
Description: S/MIME Cryptographic Signature
Re: dovecot mailing list (this mailing list), DKIM, SPF and DMARC
On Sat, Feb 12, 2022 at 12:58:03PM +0100, Sebastian Nielsen wrote: > Thats a TLD ban. Meaning *.ru is banned. > > same applies for my domain for example, I ban *.xyz, *.date and a few others. > I don't understand at all why banning tld is reasonable. I'm not rich. I buy .rocks and .xyz .rocks really works well with the domain name. .xyz is short, memorable and easy to type. I can't afford to buy domain names that cost $200 a year to purchase. .com .net .info , etc. have run out of the names I wish to use. I have never ever sent a single spam email, but you would block my emails? Bluntly said, but without malice, that attitude favors the rich over the poor. I refuse to trust the BIG guys. My dad uses yahoo and gets emails yanked away while he is reading it. Also, I can't find a server company that has IP blocks that are clean enough. I truly wish I could. There are many other methods to block spam. IMHO, blocking by tld is a bit harsh. But you have the right to do whatever method you wish. I will only point out my thoughts. SPAM sucks! :-) -- Chris Bennett
Re: dovecot mailing list (this mailing list), DKIM, SPF and DMARC
On 2022 Feb 16, at 10:22, Chris Bennett wrote: > On Sat, Feb 12, 2022 at 12:58:03PM +0100, Sebastian Nielsen wrote: >> Thats a TLD ban. Meaning *.ru is banned. >> >> same applies for my domain for example, I ban *.xyz, *.date and a few others. > I don't understand at all why banning tld is reasonable. For the same reason that banning roadrunner was reasonable, the vast majority of mail from these new TLDs is nothing but spam, and I mean at levels far higher than the 97% of general email spam percentage. When I blacklisted .top I has getting hundreds of thousands of spam emails a day on a quite small mail server, so much mail that it was overwhelming my server. I have seen very few new olds that are not major spam magnets, and when I do, I unblock them. But my default position is that ever TLD is locked except for the ones I specifically allow. > I'm not rich. The vast majority of olds are quite cheap. > I can't afford to buy domain names that cost $200 a year to purchase. > .com .net .info , etc. have run out of the names I wish to use. If you are paying $200/yr for a domain name you are doing something very wrong. I am saying about $12/year. Maybe as high as $15/yr? I'd have to check, it is such a low number I don't really know. > I have never ever sent a single spam email, but you would block my emails? Yep. > Bluntly said, but without malice, that attitude favors the rich > over the poor. No, it's not an economic issue at all. You are confusing your DESIRE for a cheap domain 'you want' with having to get a domain in a skeezy TLD. > I refuse to trust the BIG guys. That is your choice. My choice is to not accept mail from .xyz or .rocks or .top or many hundreds of others. Email, having been designed a long time ago, has no mechanism for stopping bad behavior, so it is up to each admin to do what they can to stop unwanted mail. The vast majority of email that is sent is dangerous, malicious, illegal, or unwanted. Not like 505, but in the high 90s. The mail that a system accepts is based on a variety of trust characteristcis that are pretty much unique to every server. My mail server checks the IP address for every connection against several RBLs, checked the connection for certain behaviors before it even allows the connection to start talking to the mail server. Once communication occurs, it checks a lot more things before accepting the message. Nearly every connection attempt is refused and nearly every message that is attempted to be sent is rejected. Even so, of the mail that is accepted, 80% is spam and ends up in the user's junk mail box. > My dad uses yahoo and > gets emails yanked away while he is reading it. This has nothing to do with TLDs. > There are many other methods to block spam. > IMHO, blocking by tld is a bit harsh. That is your opinion and that is fine. But your opinion has zero effect on admins who block TLDs. You have no idea how big an issue spam really is and how much time mail mins spend trying to control it to simply a deluge. This also is probably not the best group for this discussion. -- I loved you when our love was blessed I love you now there's nothing left But sorrow and a sense of overtime
Mailbox sharing not working
Hi Team, I am trying to setup mailbox sharing. But although user test2 shares INBOX with test1, it is not visible for user1. doveadm acl get -u test2 INBOX ID Global Rights user=test1 admin create delete expunge insert lookup post read write write-deleted write-seen cat /srv/mail/dovecot/lib/shared-mailboxes.db shared/shared-boxes/user/test1/te...@example.com 1 Log output: Feb 16 20:12:42 server dovecot: imap-login: Login: user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=900367, secured, session= Feb 16 20:12:42 server dovecot: imap(te...@example.com)<900367>: Debug: Loading modules from directory: /usr/lib/dovecot/modules Feb 16 20:12:42 server dovecot: imap(te...@example.com)<900367>: Debug: Module loaded: /usr/lib/dovecot/modules/lib01_acl_plugin.so Feb 16 20:12:42 server dovecot: imap(te...@example.com)<900367>: Debug: Module loaded: /usr/lib/dovecot/modules/lib02_imap_acl_plugin.so Feb 16 20:12:42 server dovecot: imap(te...@example.com)<900367>: Debug: Module loaded: /usr/lib/dovecot/modules/lib15_notify_plugin.so Feb 16 20:12:42 server dovecot: imap(te...@example.com)<900367>: Debug: Module loaded: /usr/lib/dovecot/modules/lib20_fts_plugin.so Feb 16 20:12:42 server dovecot: imap(te...@example.com)<900367>: Debug: Module loaded: /usr/lib/dovecot/modules/lib20_listescape_plugin.so Feb 16 20:12:42 server dovecot: imap(te...@example.com)<900367>: Debug: Module loaded: /usr/lib/dovecot/modules/lib20_push_notification_plugin.so Feb 16 20:12:42 server dovecot: imap(te...@example.com)<900367>: Debug: Module loaded: /usr/lib/dovecot/modules/lib20_zlib_plugin.so Feb 16 20:12:42 server dovecot: imap(te...@example.com)<900367>: Debug: Module loaded: /usr/lib/dovecot/modules/lib21_fts_xapian_plugin.so Feb 16 20:12:42 server dovecot: imap(te...@example.com)<900367>: Debug: Module loaded: /usr/lib/dovecot/modules/lib95_imap_sieve_plugin.so Feb 16 20:12:42 server dovecot: imap(te...@example.com)<900367>: Debug: Effective uid=990, gid=986, home=/srv/mail/vmail Feb 16 20:12:42 server dovecot: imap(te...@example.com)<900367>: Debug: Namespace inbox: type=private, prefix=, sep=~, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:/srv/mail/vmail/example.com/test1/store:LAYOUT=fs:FULLDIRNAME=0_FolderContent:UTF-8:INDEX=/srv/mail/vmail/example.com/test1/index:CONTROL=/srv/mail/vmail/example.com/test1/control:VOLATILEDIR=/srv/mail/vmail/example.com/test1/volatile Feb 16 20:12:42 server dovecot: imap(te...@example.com)<900367>: Debug: fs: root=/srv/mail/vmail/example.com/test1/store, index=/srv/mail/vmail/example.com/test1/index, indexpvt=, control=/srv/mail/vmail/example.com/test1/control, inbox=, alt= Feb 16 20:12:42 server dovecot: imap(te...@example.com)<900367>: Debug: acl: initializing backend with data: vfile Feb 16 20:12:42 server dovecot: imap(te...@example.com)<900367>: Debug: Mailbox INBOX~example.com: Mailbox opened because: SELECT Feb 16 20:12:42 server dovecot: imap(te...@example.com)<900367>: Debug: acl vfile: file /srv/mail/vmail/example.com/test1/store/INBOX/example.com/0_FolderContent/dovecot-acl not found Feb 16 20:12:42 server dovecot: imap(te...@example.com)<900367>: Logged out in=136 out=1584 deleted=0 expunged=0 trashed=0 hdr_count=0 hdr_bytes=0 body_count=0 body_bytes=0 Feb 16 20:12:43 server dovecot: imap-login: Login: user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=900369, secured, session=<82gfbyfYuNF/AAAB> Feb 16 20:12:43 server dovecot: imap(te...@example.com)<900369><82gfbyfYuNF/AAAB>: Debug: Namespace inbox: type=private, prefix=, sep=~, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:/srv/mail/vmail/example.com/test1/store:LAYOUT=fs:FULLDIRNAME=0_FolderContent:UTF-8:INDEX=/srv/mail/vmail/example.com/test1/index:CONTROL=/srv/mail/vmail/example.com/test1/control:VOLATILEDIR=/srv/mail/vmail/example.com/test1/volatile Feb 16 20:12:43 server dovecot: imap(te...@example.com)<900369><82gfbyfYuNF/AAAB>: Debug: fs: root=/srv/mail/vmail/example.com/test1/store, index=/srv/mail/vmail/example.com/test1/index, indexpvt=, control=/srv/mail/vmail/example.com/test1/control, inbox=, alt= Feb 16 20:12:43 server dovecot: imap(te...@example.com)<900369><82gfbyfYuNF/AAAB>: Debug: acl: initializing backend with data: vfile Feb 16 20:12:43 server dovecot: imap(te...@example.com)<900369><82gfbyfYuNF/AAAB>: Debug: acl: acl username = te...@example.com Feb 16 20:12:43 server dovecot: imap(te...@example.com)<900369><82gfbyfYuNF/AAAB>: Debug: acl: owner = 1 Feb 16 20:12:43 server dovecot: imap(te...@example.com)<900369><82gfbyfYuNF/AAAB>: Debug: acl vfile: Global ACLs disabled Feb 16 20:12:43 server dovecot: imap(te...@example.com)<900369><82gfbyfYuNF/AAAB>: Debug: Namespace : type=shared, prefix=shared~%u~, sep=~, inbox=no, hidden=no, list=no, subscriptions=no location=maildir:/srv/mail/vmail/example.com/%n/store:LAYOUT=fs:FULLDIRNAME=0_FolderContent:UTF-8:INDEXPVT=/srv/mail/vma
Re: Mailbox sharing not working
> On 16/02/2022 21:40 Kees van Vloten wrote:
>
>
> Hi Team,
>
>
> I am trying to setup mailbox sharing. But although user test2 shares
> INBOX with test1, it is not visible for user1.
>
> doveadm acl get -u test2 INBOX
> ID Global Rights
> user=test1 admin create delete expunge insert lookup post read
> write write-deleted write-seen
>
> cat /srv/mail/dovecot/lib/shared-mailboxes.db
> shared/shared-boxes/user/test1/te...@example.com
> 1
>
> Log output:
>
> namespace {
> hidden = no
> list = no
> location =
> maildir:/srv/mail/vmail/example.com/%%n/store:LAYOUT=fs:FULLDIRNAME=0_FolderContent:UTF-8:INDEXPVT=/srv/mail/vmail/example.com/%n/index_shared/%%u:CONTROL=/srv/mail/vmail/example.com/%%n/control:VOLATILEDIR=/srv/mail/vmail/example.com/%%n/volatile
> prefix = shared~%%u~
> separator = ~
> subscriptions = no
> type = shared
> }
you've marked this as `list = no`, when it shoukld be `list = children`. Maybe
it'll help.
>
>
> Is there anything obviously wrong in the config?
>
> I suspect a mismatch between %u and %n somewhere but don't know how to
> figure out the culprit.
>
> How can I get more relevant debug log output about namespaces / mailbox
> sharing?
> Or can I run commands to check validity?
>
> - Kees
Aki
