Re: Debian Bookworm packages, please !
> > We can already see that the Debian/RedHat patched 2.3 which is offered is > broken because there is more than just "making it compile" with things like > OpenSSL3, and yes, I can appreciate that it's not fully broken, but it's not > fully working either. Yeah, that's sort of what's holding me back from just blindly installing the Debian distro package. Whilst I'm no expert, I did spot some OpenSSL3 mentions looking briefly through the Debian bug tracker. Do you have any opinion on the FreeBSD dovecot ? I'd rather stick with Debian but having a working mailserver on a current version of an OS is a somewhat higher importance. If Stalwart was more mature than it currently is, I would have moved over to that already. Sadly that will have to wait for the next round of server refreshes in a few years time. ___ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-le...@dovecot.org
Re: Debian Bookworm packages, please !
For what it's worth, I installed openssl 1.1.1w in a custom dir, compiled dovecot 2.3.21 against it and it works like a charm against our test suite and production load. On Tuesday, 25/06/2024 at 11:08 Aki Tuomi via dovecot wrote: > On 25/06/2024 17:26 EEST Laura Smith via dovecot wrote: > > > On Tuesday, 25 June 2024 at 15:06, Aki Tuomi via dovecot wrote: > > > > On 25/06/2024 16:58 EEST Laura Smith via dovecot dovecot@dovecot.org wrote: > > > > > > Debian Bookworm (12) was released June 2023. > > > > > > It is therefore somewhat disappointing to see no Bookworm packages in https://repo.dovecot.org/ce-2.3-latest/debian/ > > > > > > We are going to add support for Debian Bookworm to Dovecot 2.4 version. > > > > > > Is there any more concrete news on the mysterious 2.4 ? I found an old post from you from 2023 which said "soon" ? I am aware that we are behind on what we originally estimated to be the release schedule. However, I would rather we release something that is good and tested, instead of just dumping something that "might work". We can already see that the Debian/RedHat patched 2.3 which is offered is broken because there is more than just "making it compile" with things like OpenSSL3, and yes, I can appreciate that it's not fully broken, but it's not fully working either. We are working hard to get it out as soon as possible, and hopefully that soon will be during the remainder of the year, very much preferring it to be sooner than later personally. Unfortunately things sometimes just take more time than one wants. Aki ___ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-le...@dovecot.org ___ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-le...@dovecot.org
Re: Debian Bookworm packages, please !
> On 25/06/2024 17:26 EEST Laura Smith via dovecot wrote: > > > On Tuesday, 25 June 2024 at 15:06, Aki Tuomi via dovecot > wrote: > > > > On 25/06/2024 16:58 EEST Laura Smith via dovecot dovecot@dovecot.org > > > wrote: > > > > > > Debian Bookworm (12) was released June 2023. > > > > > > It is therefore somewhat disappointing to see no Bookworm packages in > > > https://repo.dovecot.org/ce-2.3-latest/debian/ > > > > > > We are going to add support for Debian Bookworm to Dovecot 2.4 version. > > > > > > Is there any more concrete news on the mysterious 2.4 ? I found an old post > from you from 2023 which said "soon" ? I am aware that we are behind on what we originally estimated to be the release schedule. However, I would rather we release something that is good and tested, instead of just dumping something that "might work". We can already see that the Debian/RedHat patched 2.3 which is offered is broken because there is more than just "making it compile" with things like OpenSSL3, and yes, I can appreciate that it's not fully broken, but it's not fully working either. We are working hard to get it out as soon as possible, and hopefully that soon will be during the remainder of the year, very much preferring it to be sooner than later personally. Unfortunately things sometimes just take more time than one wants. Aki ___ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-le...@dovecot.org
Re: Debian Bookworm packages, please !
On Tuesday, 25 June 2024 at 15:06, Aki Tuomi via dovecot wrote: > > On 25/06/2024 16:58 EEST Laura Smith via dovecot dovecot@dovecot.org wrote: > > > > Debian Bookworm (12) was released June 2023. > > > > It is therefore somewhat disappointing to see no Bookworm packages in > > https://repo.dovecot.org/ce-2.3-latest/debian/ > > > We are going to add support for Debian Bookworm to Dovecot 2.4 version. > > Is there any more concrete news on the mysterious 2.4 ? I found an old post from you from 2023 which said "soon" ? ___ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-le...@dovecot.org
Re: Timeout when opening folder
My guess is that this is a kubernetes specific issue and not a dovecot issue. Please provide kubernetes logs. Also: how is your storage implemented? Any chance more than one dovecot instance are accessing that storage? Is the storage available on the node where the container runs? Regards, Robert On 24.06.24 23:52, Entrepreneur AJ via dovecot wrote: Hi all, I'm stuck with an issue. Migrating everything to a k0s kubernetes cluster, trying to migrate dovecot and all so far seems to be well with PVC for mail storage, ssl working great, authentication vis PostgreSQL working great. Issue is when trying to look at another folder say Deleted or Spam etc folder I am getting a timeout error with no logs. ___ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-le...@dovecot.org
Re: Debian Bookworm packages, please !
On Tue, Jun 25, 2024 at 01:58:21PM +, Laura Smith via dovecot wrote: > Debian Bookworm (12) was released June 2023. > > It is therefore somewhat disappointing to see no Bookworm packages in > https://repo.dovecot.org/ce-2.3-latest/debian/ Debian itself offers pakages of dovecot 2.3.19. https://tracker.debian.org/pkg/dovecot Greetings Marc -- - Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421 ___ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-le...@dovecot.org
Re: Debian Bookworm packages, please !
> On 25/06/2024 16:58 EEST Laura Smith via dovecot wrote: > > > Debian Bookworm (12) was released June 2023. > > It is therefore somewhat disappointing to see no Bookworm packages in > https://repo.dovecot.org/ce-2.3-latest/debian/ We are going to add support for Debian Bookworm to Dovecot 2.4 version. Aki ___ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-le...@dovecot.org
Debian Bookworm packages, please !
Debian Bookworm (12) was released June 2023. It is therefore somewhat disappointing to see no Bookworm packages in https://repo.dovecot.org/ce-2.3-latest/debian/ ___ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-le...@dovecot.org
Re: Timeout when opening folder
> "Entrepreneur" == Entrepreneur AJ via dovecot
> writes:
> Migrating everything to a k0s kubernetes cluster, trying to migrate
> dovecot and all so far seems to be well with PVC for mail storage,
> ssl working great, authentication vis PostgreSQL working great.
So how do you have your local storage defined in your kubernetes
cluster? That strikes me (as a total Kubernetes noob) as the possible
issue you're running into. Your /src/vmail/sr
> Issue is when trying to look at another folder say Deleted or Spam etc
> folder I am getting a timeout error with no logs.
> I disabled apparmour on the nodes the try again and the following error
> message appears;
> Jun 24 21:01:55 imap-login: Info: Login: user=, method=PLAIN,
> rip=194.207.0.0, lip=10.244.24.235, mpid=15, TLS, session=
> Jun 24 21:01:55 imap(eaj)<15>: Debug: Added userdb
> setting: mail=maildir:/srv/vmail/eaj
> Jun 24 21:01:55 imap(eaj)<15>: Debug: Effective
> uid=1000, gid=1000, home=/srv/vmail/eaj
> Jun 24 21:01:55 imap(eaj)<15>: Debug:
> open(/proc/self/io) failed: Permission denied
> Jun 24 21:01:55 imap(eaj)<15>: Debug: Namespace inbox:
> type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes,
> subscriptions=yes location=maildir:/srv/vmail/eaj
> Jun 24 21:01:55 imap(eaj)<15>: Debug: maildir++:
> root=/srv/vmail/eaj, index=, indexpvt=, control=, inbox=/srv/vmail/eaj, alt=
> Jun 24 21:01:55 imap(eaj)<14><3PRZF6kb0JHCz3qg>: Debug: Mailbox INBOX:
> Mailbox opened
> Jun 24 21:02:24 imap(eaj)<15>: Debug: Mailbox Sent:
> Couldn't open mailbox in list index: Storage size changed 160 != 396
> Jun 24 21:02:24 imap(eaj)<15>: Debug: Mailbox Sent:
> Mailbox opened
> Jun 24 21:02:24 imap(eaj)<15>: Debug: Mailbox Drafts:
> Couldn't open mailbox in list index: Storage size changed 160 != 396
> Jun 24 21:02:24 imap(eaj)<15>: Debug: Mailbox Drafts:
> Mailbox opened
> Thunderbird keeps showing a timeout error after a few minutes.
> Dovecot Version: 2.3.21 (47349e2482)
> dovecot -n config:
> # 2.3.21 (47349e2482): /etc/dovecot/dovecot.conf
> # OS: Linux 5.15.0-112-generic x86_64
> # Hostname: dovecot-549bdc98ff-tzwcf
> auth_debug = yes
> auth_debug_passwords = yes
> auth_mechanisms = plain login
> auth_verbose = yes
> auth_verbose_passwords = yes
> base_dir = /var/run/dovecot/
> first_valid_uid = 1000
> import_environment = TZ
> last_valid_uid = 1000
> log_path = /dev/stdout
> login_greeting = IMAP ready.
> mail_debug = yes
> mail_home = /srv/vmail/%n
> mail_location = maildir:~
I think this is wrong, you really want something like:
mail_home =
mail_location = maildir:/srv/vmail/%d/%n/Maildir
Because you don't have local directories for your users. You're doing
completely virtual, so I think this is what you want instead. Also,
for future growth, you might want to add %d (domain) in your path just
in case.
> namespace inbox {
> hidden = no
> inbox = yes
> list = yes
> location =
> mailbox Drafts {
> auto = subscribe
> special_use = \Drafts
> }
> mailbox Junk {
> special_use = \Junk
> }
> mailbox Sent {
> auto = subscribe
> special_use = \Sent
> }
> mailbox "Sent Messages" {
> special_use = \Sent
> }
> mailbox Spam {
> auto = subscribe
> special_use = \Junk
> }
> mailbox Trash {
> auto = subscribe
> special_use = \Trash
> }
> prefix =
> subscriptions = yes
> type = private
> }
> passdb {
> args = /etc/dovecot/dovecot-sql.conf.ext
> driver = sql
> }
> plugin {
> acl = vfile:/etc/dovecot/global-acls:cache_secs=300
> acl_shared_dict = file:/var/lib/dovecot/shared-mailboxes
> imap_compress_deflate_level = 9
> mail_crypt_global_private_key = # hidden, use -P to show it
> mail_crypt_global_public_key = # hidden, use -P to show it
> mail_crypt_save_version = 2
> zlib_save = zstd
> zlib_save_level = 3
> }
> service auth-worker {
> user = vmail
> }
> service auth {
> unix_listener auth-userdb {
> group = vmail
> mode = 0600
> user = vmail
> }
> }
> service dict {
> unix_listener dict {
> group = vmail
> mode = 0660
> user = vmail
> }
> }
> service imap-login {
> inet_listener imap {
> port = 143
> }
> inet_listener imaps {
> port = 993
> ssl = yes
> }
> }
> service lmtp {
> inet_listener lmtp {
> port = 24
> }
> user = vmail
> }
> service pop3-login {
> inet_listener pop3 {
> port = 0
> }
> inet_listener pop3s {
> port = 0
> ssl = yes
> }
> }
> service submission-login {
> inet_listener submission {
> port = 0
> }
> inet_listener submissions {
> port = 0
> }
> }
> ssl = required
> ssl_cert = ssl_cipher_list =
> ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY
Re: logging computer name
You can switch to oauth2 and then each device will have a unique client id that you can use to identify the culprit. On Tuesday, 25/06/2024 at 07:29 Eirik Rye via dovecot wrote: On 2024-06-25 12:00, hp--- via dovecot wrote: > I am running Dovecot 2.3.21. One client has multiple computers in their > LAN, connecting to my server with a static IP. > One or several computers in that LAN keep logging in with failed > password, but the Dovecot log only shows the public static IP, like this > > Jun 25 10:39:20 server-name dovecot[689]: imap-login: Disconnected: > Connection closed (auth failed, 2 attempts in 62 secs): user=, > method=PLAIN, rip=client-public-IP, lip=server-IP, TLS, > session= > > I tried to enable debug, but there is no more information about the LAN > IP or computer names. Is there any setting which helps me with that > purpose? So it will be much easier to locate the failed computers in > that LAN? Technically, there's no way for Dovecot to know what the client's LAN IP address is, at least not without the client providing this information (which it won't). Some IMAP clients send IMAP ID commands to the server. This usually includes the name (e.g. "iPhone Mail", "Microsoft Outlook", etc) and version of the client, and you can have Dovecot log this to your log by setting the option: imap_id_log = * This might help you identify the misconfigured clients. Not all clients send IMAP ID commands though, and some clients only send it *after* authenticating, in which case you won't see it in your situation. - Eirik ___ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-le...@dovecot.org ___ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-le...@dovecot.org
Timeout when opening folder
Hi all, I'm stuck with an issue.
Migrating everything to a k0s kubernetes cluster, trying to migrate
dovecot and all so far seems to be well with PVC for mail storage, ssl
working great, authentication vis PostgreSQL working great.
Issue is when trying to look at another folder say Deleted or Spam etc
folder I am getting a timeout error with no logs.
I disabled apparmour on the nodes the try again and the following error
message appears;
Jun 24 21:01:55 imap-login: Info: Login: user=, method=PLAIN,
rip=194.207.0.0, lip=10.244.24.235, mpid=15, TLS, session=
Jun 24 21:01:55 imap(eaj)<15>: Debug: Added userdb
setting: mail=maildir:/srv/vmail/eaj
Jun 24 21:01:55 imap(eaj)<15>: Debug: Effective
uid=1000, gid=1000, home=/srv/vmail/eaj
Jun 24 21:01:55 imap(eaj)<15>: Debug:
open(/proc/self/io) failed: Permission denied
Jun 24 21:01:55 imap(eaj)<15>: Debug: Namespace inbox:
type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes,
subscriptions=yes location=maildir:/srv/vmail/eaj
Jun 24 21:01:55 imap(eaj)<15>: Debug: maildir++:
root=/srv/vmail/eaj, index=, indexpvt=, control=, inbox=/srv/vmail/eaj, alt=
Jun 24 21:01:55 imap(eaj)<14><3PRZF6kb0JHCz3qg>: Debug: Mailbox INBOX:
Mailbox opened
Jun 24 21:02:24 imap(eaj)<15>: Debug: Mailbox Sent:
Couldn't open mailbox in list index: Storage size changed 160 != 396
Jun 24 21:02:24 imap(eaj)<15>: Debug: Mailbox Sent:
Mailbox opened
Jun 24 21:02:24 imap(eaj)<15>: Debug: Mailbox Drafts:
Couldn't open mailbox in list index: Storage size changed 160 != 396
Jun 24 21:02:24 imap(eaj)<15>: Debug: Mailbox Drafts:
Mailbox opened
Thunderbird keeps showing a timeout error after a few minutes.
Dovecot Version: 2.3.21 (47349e2482)
dovecot -n config:
# 2.3.21 (47349e2482): /etc/dovecot/dovecot.conf
# OS: Linux 5.15.0-112-generic x86_64
# Hostname: dovecot-549bdc98ff-tzwcf
auth_debug = yes
auth_debug_passwords = yes
auth_mechanisms = plain login
auth_verbose = yes
auth_verbose_passwords = yes
base_dir = /var/run/dovecot/
first_valid_uid = 1000
import_environment = TZ
last_valid_uid = 1000
log_path = /dev/stdout
login_greeting = IMAP ready.
mail_debug = yes
mail_home = /srv/vmail/%n
mail_location = maildir:~
namespace inbox {
hidden = no
inbox = yes
list = yes
location =
mailbox Drafts {
auto = subscribe
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
auto = subscribe
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Spam {
auto = subscribe
special_use = \Junk
}
mailbox Trash {
auto = subscribe
special_use = \Trash
}
prefix =
subscriptions = yes
type = private
}
passdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
plugin {
acl = vfile:/etc/dovecot/global-acls:cache_secs=300
acl_shared_dict = file:/var/lib/dovecot/shared-mailboxes
imap_compress_deflate_level = 9
mail_crypt_global_private_key = # hidden, use -P to show it
mail_crypt_global_public_key = # hidden, use -P to show it
mail_crypt_save_version = 2
zlib_save = zstd
zlib_save_level = 3
}
service auth-worker {
user = vmail
}
service auth {
unix_listener auth-userdb {
group = vmail
mode = 0600
user = vmail
}
}
service dict {
unix_listener dict {
group = vmail
mode = 0660
user = vmail
}
}
service imap-login {
inet_listener imap {
port = 143
}
inet_listener imaps {
port = 993
ssl = yes
}
}
service lmtp {
inet_listener lmtp {
port = 24
}
user = vmail
}
service pop3-login {
inet_listener pop3 {
port = 0
}
inet_listener pop3s {
port = 0
ssl = yes
}
}
service submission-login {
inet_listener submission {
port = 0
}
inet_listener submissions {
port = 0
}
}
ssl = required
ssl_cert = ssl_cipher_list =
ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305
ssl_key = # hidden, use -P to show it
ssl_prefer_server_ciphers = yes
userdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
verbose_ssl = yes
protocol imap {
mail_plugins =
postmaster_address = postmas...@eajglobal.net
}
protocol lmtp {
mail_plugins =
postmaster_address = postmas...@eajglobal.net
}
Any pointers would be highly appreciated.
___
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org
Re: logging computer name
On 2024-06-25 12:00, hp--- via dovecot wrote: I am running Dovecot 2.3.21. One client has multiple computers in their LAN, connecting to my server with a static IP. One or several computers in that LAN keep logging in with failed password, but the Dovecot log only shows the public static IP, like this Jun 25 10:39:20 server-name dovecot[689]: imap-login: Disconnected: Connection closed (auth failed, 2 attempts in 62 secs): user=, method=PLAIN, rip=client-public-IP, lip=server-IP, TLS, session= I tried to enable debug, but there is no more information about the LAN IP or computer names. Is there any setting which helps me with that purpose? So it will be much easier to locate the failed computers in that LAN? Technically, there's no way for Dovecot to know what the client's LAN IP address is, at least not without the client providing this information (which it won't). Some IMAP clients send IMAP ID commands to the server. This usually includes the name (e.g. "iPhone Mail", "Microsoft Outlook", etc) and version of the client, and you can have Dovecot log this to your log by setting the option: imap_id_log = * This might help you identify the misconfigured clients. Not all clients send IMAP ID commands though, and some clients only send it *after* authenticating, in which case you won't see it in your situation. - Eirik ___ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-le...@dovecot.org
logging computer name
I am running Dovecot 2.3.21. One client has multiple computers in their LAN, connecting to my server with a static IP. One or several computers in that LAN keep logging in with failed password, but the Dovecot log only shows the public static IP, like this Jun 25 10:39:20 server-name dovecot[689]: imap-login: Disconnected: Connection closed (auth failed, 2 attempts in 62 secs): user=, method=PLAIN, rip=client-public-IP, lip=server-IP, TLS, session= I tried to enable debug, but there is no more information about the LAN IP or computer names. Is there any setting which helps me with that purpose? So it will be much easier to locate the failed computers in that LAN? Thank you. ___ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-le...@dovecot.org
