Re: adding caldav/carddav next to dovecot

[Plutocrat]

I think rather than Sabre's DAV, you're after their Baikal server.

    https://sabre.io/baikal/

Sabre is also the guts behind Nextcloud's Contacts and Calendar dav sync, which 
you might want to look into, especially if you can see a need for sharing 
contacts among a group of people, as well as files, group chat and all the 
other features of Nextcloud. To bring it back onto topic, Nextcloud can also be 
used as a webmail interface to dovecot, of course.

    https://nextcloud.com/

P.

Re: adding caldav/carddav next to dovecot

[Tom Talpey]

On 10/14/2022 3:13 PM, dove...@ptld.com wrote:

here, to date,

   https://radicale.org/v3.html

is very well behaved.



Looking over radicale, i only see the option for plain text or MD5 
passwords. I don't see an option to have authentication against an 
existing DB, like the same used for Dovecot Authentication. I also don't 
see a way to configure caldav data to be stored in the same location as 
IMAP files. No %user %domain variables that can be used in the config 
path. A way to store calendars outside of linux user home directories 
since users are virtual.


Did i just miss these features? Documentation or tutorials for this 
ability?


Radicale v1 used to be able to authenticate via IMAP, therefore it
would simply log into Dovecot via loopback and share the same auth.
For whatever reason, this was removed in v2, which was disappointing.

But, there's a project on github which adds it back via plugin. I
haven't tried it yet:
  https://github.com/comzeradd/radicale-imap
I've been using htpasswd in the meantime.

It is not difficult to configure Radicale storage for virtual users
using the "filesystem" backend. I just set the "filesystem_folder"
to point alongside the dovecot mail_location, and radicale resolves
the login name to a directory there.

I only use it at small scale, so I can't comment on performance with
10K users.

Re: LDAP just for passdb

[Francis Augusto Medeiros-Logeay]

Again, a bit more reading got me to adding this to my passdb config:

  username_filter = *@domain-a.com

This way, I can control which domains get to authenticate via my ldap backend, 
which gives me time to design a good way of saving other attributes there.

If anyone have other ways of doing this, ie., having multiple domains on 
ldap/freeipa and getting an elegant integration with Dovecot, I’d be glad to 
hear.

Best,

Francis

> On 14 Oct 2022, at 21:58, dovecot-requ...@dovecot.org wrote:
> 
> I actually saw that it was possible, and it works, but I came across another 
> problem and I wonder if you have any tips about it:
> 
> On my current dovecot setup, I use SQL as the backend. So I have the 
> following users:
> 
> fran...@domain-a.com  
> 
> fran...@domain-b.com  
> 
> 
> Those are separate users which their own mailboxes.
> 
> However, I have a freeipa that is configured for the `domain-a.com 
>  ` realm. However, since I am 
> using `%n` for the uid search:
> 
> auth_bind_userdn = uid=%n,cn=users,cn=accounts,dc=domain-a,dc=com
> And 
> pass_filter = (&(objectClass=posixAccount)(uid=%n))
> 
> It of course leads up to both users above being able to authenticate with the 
> same password.
> 
> Is there a way to limit ldap authentication to just one domain, or perform a 
> search where both username and domain are checked? I could use the 
> `mail``attribute to filter users, but I imagine that if two users have the 
> same mail configured, I?d run into trouble?.
> 
> Best,
> 
> Francis
> 
>> On 14 Oct 2022, at 20:08, dovecot-requ...@dovecot.org 
>>  wrote:
>> 
>> Hi,
>> 
>> I couldn't find it in the documentation, so I was wondering - is it 
>> possible to configure Dovecot to use LDAP for passdb and keep using SQL 
>> for userdb?
>> 
>> I would like to do that before I come up with a good strategy to expand 
>> my ldap schema to support other mail attributes for virtual domains, 
>> aliases, etc.
>> 
>> I am currently using FreeIPA.
>> 
>> Best,
>> 
>> Francis
> 

Re: LDAP just for passdb

[Francis Augusto Medeiros-Logeay]

I actually saw that it was possible, and it works, but I came across another 
problem and I wonder if you have any tips about it:

On my current dovecot setup, I use SQL as the backend. So I have the following 
users:

fran...@domain-a.com 
fran...@domain-b.com 

Those are separate users which their own mailboxes.

However, I have a freeipa that is configured for the `domain-a.com 
` realm. However, since I am using `%n` for the uid 
search:

auth_bind_userdn = uid=%n,cn=users,cn=accounts,dc=domain-a,dc=com
And 
pass_filter = (&(objectClass=posixAccount)(uid=%n))

It of course leads up to both users above being able to authenticate with the 
same password.

Is there a way to limit ldap authentication to just one domain, or perform a 
search where both username and domain are checked? I could use the 
`mail``attribute to filter users, but I imagine that if two users have the same 
mail configured, I’d run into trouble….
 
Best,

Francis

> On 14 Oct 2022, at 20:08, dovecot-requ...@dovecot.org wrote:
> 
> Hi,
> 
> I couldn't find it in the documentation, so I was wondering - is it 
> possible to configure Dovecot to use LDAP for passdb and keep using SQL 
> for userdb?
> 
> I would like to do that before I come up with a good strategy to expand 
> my ldap schema to support other mail attributes for virtual domains, 
> aliases, etc.
> 
> I am currently using FreeIPA.
> 
> Best,
> 
> Francis

Re: adding caldav/carddav next to dovecot

[infoomatic]

On 14.10.22 16:13, Marc wrote:

I also do not want any other other 'crap' just the cal (and card) dav solution.


sorry about my suggestion, but I am just a big fan of SOGo (no
affiliation with) from sogo.nu ... it may not be a solution for you
because it offers caldav, carddav, webmail, but performance is top
notch, maybe you want to have a look anyway

Re: adding caldav/carddav next to dovecot

[dovecot]

here, to date,

   https://radicale.org/v3.html

is very well behaved.



Looking over radicale, i only see the option for plain text or MD5 passwords. I 
don't see an option to have authentication against an existing DB, like the 
same used for Dovecot Authentication. I also don't see a way to configure 
caldav data to be stored in the same location as IMAP files. No %user %domain 
variables that can be used in the config path. A way to store calendars outside 
of linux user home directories since users are virtual.

Did i just miss these features? Documentation or tutorials for this ability?

Re: adding caldav/carddav next to dovecot

[Jim Popovitch]

On Fri, 2022-10-14 at 14:08 -0400, PGNet Dev wrote:
> > I don't have exp with 10k users, but I switched from radicale (which
> > worked great!) to Nextcloud which has cloud functionality in
> > addition to
> > Card/CalDav interfaces too.  Perhaps Nextcloud might fit your
> > requirements.   https://nextcloud.com/globalscale/
> 
> NextCloud's a fine solution. but, the OP's requirements specifically
> included:
> 
>   "I also do not want any other other 'crap' just the cal (and
> card) dav solution."
> 
> i suspect it's a more resource-heavy solution than Radicale; but
> that's an unmeasured WAG. ymmv.

The thing to know about Nextcloud is that it can be thought of as an
application container.  If you don't want file sharing functionality,
disable those bits, etc.  You don't have to have all that Nextcloud
offers just to have CardDav/CalDav support.  Additionally, using
Nextcloud for Card/CalDav could give users an alternate webgui to manage
their Card/CalDav data.  That said, I do agree that Nextcloud for just
Card/CalDav alone would be overkill (but it will certainly scale and
it's robustly supported)

-Jim P.

Re: Dovecot mail-crypt webmail can't read encrypted messages

[Serveria Support]

Thanks, worked like a charm!

I wonder if I can just copy the compiled binaries over to the working 
server? Or should I build a new server from scratch and compile Dovecot 
again? If it's possible to copy over, which files will be required? Just 
'dovecot'? Also, in my testing environment I used a Dovecot apt package 
for Debian. Is it compatible with the vanilla Dovecot built from source? 
Thanks in advance.


On 2022-10-13 17:55, Odhiambo Washington wrote:

On Thu, Oct 13, 2022 at 5:40 PM Serveria Support
 wrote:


Hi,

Unfortunately, after running autogen.sh and ./configure the file is
still not there. I understand that this is not a Dovecot issue, but
perhaps someone can help me with this?


1. mkdir ~reinob/Sources
2. cd ~reinob/Sources
3. wget https://dovecot.org/releases/2.3/dovecot-2.3.19.1.tar.gz
4. tar -xzvf dovecot-2.3.19.1.tar.gz
5. cd dovecot-2.3.19.1 # make the changes to the file you want to
patch
6. ./configure --help # select your options
7. ./configure --opt1 --opt2 --opt3, etc
8. make install

--

Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-)

Re: adding caldav/carddav next to dovecot

[PGNet Dev]

I don't have exp with 10k users, but I switched from radicale (which
worked great!) to Nextcloud which has cloud functionality in addition to
Card/CalDav interfaces too.  Perhaps Nextcloud might fit your
requirements.   https://nextcloud.com/globalscale/


NextCloud's a fine solution. but, the OP's requirements specifically included:

"I also do not want any other other 'crap' just the cal (and card) dav 
solution."

i suspect it's a more resource-heavy solution than Radicale; but that's an 
unmeasured WAG. ymmv.

Re: adding caldav/carddav next to dovecot

[Jim Popovitch]

On Fri, 2022-10-14 at 14:33 +, Marc wrote:
> > here, to date,
> > 
> >    https://radicale.org/v3.html
> > 
> > is very well behaved.
> 
> I have seen that one, don't you think that the performance difference
> between an interpreted language vs compiled language comes into play
> with 10k users?

I don't have exp with 10k users, but I switched from radicale (which
worked great!) to Nextcloud which has cloud functionality in addition to
Card/CalDav interfaces too.  Perhaps Nextcloud might fit your
requirements.   https://nextcloud.com/globalscale/

-Jim P.

LDAP just for passdb

[Francis Augusto Medeiros-Logeay]

Hi,

I couldn't find it in the documentation, so I was wondering - is it 
possible to configure Dovecot to use LDAP for passdb and keep using SQL 
for userdb?


I would like to do that before I come up with a good strategy to expand 
my ldap schema to support other mail attributes for virtual domains, 
aliases, etc.


I am currently using FreeIPA.

Best,

Francis

Re: adding caldav/carddav next to dovecot

[PGNet Dev]

I have seen that one, don't you think that the performance difference between 
an interpreted language vs compiled language comes into play with 10k users?


i'm sure it does.

and that's a subjective decision about an objective measure.

i've ~ 2K users, with radicale running alongside 
dovecot/fts-flatcurve/tika+postfix+nginx on 16-core Ryzen with 64GB, and as 
mentioned -- well enough behaved.
could it all be snappier?  of course.

RE: adding caldav/carddav next to dovecot

[Marc]

> here, to date,
> 
>https://radicale.org/v3.html
> 
> is very well behaved.

I have seen that one, don't you think that the performance difference between 
an interpreted language vs compiled language comes into play with 10k users?

Re: adding caldav/carddav next to dovecot

[PGNet Dev]

fyi

here, to date,

  https://radicale.org/v3.html

is very well behaved.

adding caldav/carddav next to dovecot

[Marc]

I hope it is ok to post this off-topic question here. I was wondering if there 
are here environments running that offer next to dovecot also calendar and 
contacts services.
In the past I was testing a bit with the one from Apple, but I think it is 
being discontinued because of converting the python 2 code.

I am looking for some experience with a setup provisioning >10k users. Not that 
I have such requirement, but I want to know if the solution is stable, 
efficient and optionally can scale. I need something efficient, because I do 
not have to many resources and high iops available. 
I also do not want any other other 'crap' just the cal (and card) dav solution.

https://github.com/1and1/cosmo
This looks interesting (used 1und1 in Germany?) but not big community

https://sabre.io/dav/install/
This is in php ...

Re: "make check" fail at test_program_refused

[A. Schulze]

A. Schulze:


Hello,

I moved my buildsystem to an other platform (I do not fully control)  
and now receive this error

on "make check"

Error: program tcp:127.0.0.2:42027: connect(::1) failed: Connection refused
test_program_refused  
. : FAILED


The build run on jenkins buildnodex spawn up on a kubernetes cluster.

What I noticed so far: the buildnode opereate ipv4 only but has an  
entry in /etc/hosts:


127.0.0.1   c4a84c76f0d6
::1 c4a84c76f0d6

Maybe that's the glitch ...

I tried dovecot-2.3.15 and 2.3.19.1. Both fail (only the portnumber differ)

Is there an option to disable only one specific test? I dislike to  
skip "make check" at all.


Update: I've temporary solved my issue be removing this line:
https://github.com/dovecot/core/blob/8216a079d8aac93e2537ed79485e301350ff3887/src/lib-program-client/test-program-client-net.c#L524

this disable only the failing test.



Andreas

what are the options to 'interact' with a dovecot imap user

[Marc]

I am looking for a user friendly way to have a user to tell the 'server' to 
either store or remove an email address.

a. My first thought was to use imapsieve for this and have an imap sieve plugin 
store/remove the email address of the message that is being dragged into a 
predefined monitored folder.

This would work with any imap client


b. I was thinking about the message Flagged[1]. I am curious how would I be 
able to detect this (in sieve)? This does not seem to be stored in the source 
of the message. Although every client seems to support it, it would probably 
conflict with every day use cases.


c. Then you have these colours and/or categories. But these do not seem to 
propagate across clients. Where are these even stored?

Any ideas on how this can be done?




[1]
https://www.rfc-editor.org/rfc/rfc3501#section-2.3.2