permissions for quota-status
Hello! doveconf --version 2.2.36 I want to move to a new server with dovecot but get an error Error: service(quota-status): listen(*, 12340) failed: Permission denied when I define service quota-status { executable = quota-status -p postfix inet_listener { port = 12340 } client_limit = 1 } private]# ll insgesamt 0 srw-rw-rw-. 1 postfix postfix 0 14. Apr 15:05 anvil srw-rw-rw-. 1 postfix postfix 0 14. Apr 15:05 bounce srw-rw-rw-. 1 postfix postfix 0 14. Apr 15:05 defer srw-rw-rw-. 1 postfix postfix 0 14. Apr 15:05 discard srw---. 1 postfix postfix 0 14. Apr 15:08 dovecot-lmtp srw-rw-rw-. 1 postfix postfix 0 14. Apr 15:05 error srw-rw-rw-. 1 postfix postfix 0 14. Apr 15:05 lmtp srw-rw-rw-. 1 postfix postfix 0 14. Apr 15:05 local srw-rw-rw-. 1 postfix postfix 0 14. Apr 15:05 proxymap srw-rw-rw-. 1 postfix postfix 0 14. Apr 15:05 proxywrite srw-rw. 1 postfix postfix 0 14. Apr 14:58 quota-status srw-rw-rw-. 1 postfix postfix 0 14. Apr 15:05 relay srw-rw-rw-. 1 postfix postfix 0 14. Apr 15:05 retry srw-rw-rw-. 1 postfix postfix 0 14. Apr 15:05 rewrite srw-rw-rw-. 1 postfix postfix 0 14. Apr 15:05 scache srw-rw-rw-. 1 postfix postfix 0 14. Apr 15:05 smtp srw-rw-rw-. 1 postfix postfix 0 14. Apr 15:05 tlsmgr srw-rw-rw-. 1 postfix postfix 0 14. Apr 15:05 trace srw-rw-rw-. 1 postfix postfix 0 14. Apr 15:05 verify srw-rw-rw-. 1 postfix postfix 0 14. Apr 15:05 virtual Don't know what's wrong. Can someone help? Kind regards Andreas -- PGP-Fingerprint: D392 5D21 0299 63D7 5BAE 4562 1E56 B2EA 81A2 59F1 pgpKO0kF7L5_K.pgp Description: Digitale Signatur von OpenPGP
Re: Problem with different certificates
Hello! Greg Wildman schrieb am 27.12.18 um 11:21:55 Uhr: > What problem are you seeing? It uses the correct SSL certs when I > connect. > > prompt> gnutls-cli --port 993 mail.nimmini.de > Processed 149 CA certificate(s). > Resolving 'mail.nimmini.de:993'... > Connecting to '46.38.231.143:993'... > - Certificate type: X.509 > - Got a certificate list of 2 certificates. > - Certificate[0] info: > - subject `CN=nimmini.de', issuer `CN=Let's Encrypt Authority X3,O=Let's > Encrypt,C=US', serial 0x049c7758b8b9555ffdfe5b701b28c1e0a3c6, RSA key 2048 > bits, signed using RSA-SHA256, activated `2018-12-26 21:37:59 UTC', expires > `2019-03-26 21:37:59 UTC', > pin-sha256="0G1iyw4AAayWktCk3M9gauB01s4guqgidOQotb1u49I=" > Public Key ID: > sha1:e03d4c14e735791a4a0924057676bee73b5e199f > > sha256:d06d62cb0e0001ac9692d0a4dccf606ae074d6ce20baa82274e428b5bd6ee3d2 > Public Key PIN: > pin-sha256:0G1iyw4AAayWktCk3M9gauB01s4guqgidOQotb1u49I= > > - Certificate[1] info: > - subject `CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US', issuer > `CN=DST Root CA X3,O=Digital Signature Trust Co.', serial > 0x0a014142015385736a0b85eca708, RSA key 2048 bits, signed using > RSA-SHA256, activated `2016-03-17 16:40:46 UTC', expires `2021-03-17 16:40:46 > UTC', pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg=" > - Status: The certificate is trusted. > - Description: (TLS1.2)-(ECDHE-SECP384R1)-(RSA-SHA256)-(AES-256-GCM) > - Session ID: > 0B:1D:9F:A2:73:92:FA:E7:02:08:98:49:14:A6:69:1B:2D:D4:30:F0:62:A9:AF:B2:4C:B7:79:94:CF:3E:41:A2 > - Options: safe renegotiation, > - Handshake was completed > > - Simple Client Mode: > > * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE > AUTH=PLAIN AUTH=CRAM-MD5] Dovecot ready. > . logout > - Peer has closed the GnuTLS connection Thank you for your investigation! It turned out there was a problem on the server with IPv6 binding to the wrong virtual network-interface. Everthing's running smoothly so far although there is still a problem adding the right IPv6-address additionally to the IPv4-address. Kind regards Andreas -- PGP-Fingerprint: F004 8EEE 5E54 F2EA 566E B939 22E5 85DD AA14 AC0A pgpO6p9tkZG2X.pgp Description: Digitale Signatur von OpenPGP
Problem with different certificates
Hello! Dovecot manages different domains. Today I renewed the certifiactes from letsencrypt and since that time, dovecot does not recognized the certs for different domains anymore: This is part of my config: ssl = yes ssl_cert = < /etc/letsencrypt/live/bitcorner.de/fullchain.pem ssl_key = < /etc/letsencrypt/live/bitcorner.de/privkey.pem local 37.120.166.21 { # instead of IP you can also use hostname, which will be resolved protocol imap { ssl_cert = < /etc/letsencrypt/live/bitcorner.de/fullchain.pem ssl_key = < /etc/letsencrypt/live/bitcorner.de/privkey.pem } } local 46.38.231.143 { protocol imap { ssl_cert = < /etc/letsencrypt/live/nimmini.de/fullchain.pem ssl_key = < /etc/letsencrypt/live/nimmini.de/privkey.pem } } This worked for years and I don't know what's wrong now. It seems dovecot just takes the default certs into account and ignores the certs defined with "local" completly. Any help appreciated. Kind regards Andreas -- PGP-Fingerprint: F004 8EEE 5E54 F2EA 566E B939 22E5 85DD AA14 AC0A pgp671x_NLp7C.pgp Description: Digitale Signatur von OpenPGP
Remove authentication penalty for webmailer
Hi all, I want to remove the authentication penalty for specific ip addresses (subnets if possible). I am using Dovecot 2.3.2 (582970113) and figured that this information: https://wiki2.dovecot.org/Authentication/Penalty > If the IP is in login_trusted_networks (e.g. webmail), skip any authentication penalties is not up to date. Instead this information is: https://wiki2.dovecot.org/Upgrading/2.3 --- START --- *Localhost Auth Penalty* Dovecot no longer disables auth penalty waits for clients connecting from localhost (or login_trusted_networks in general). The previous idea was that it would likely be a webmail that would have its own delays, but there are no guarantees about this. If the old behavior is still wanted, it's possible to do nowadays even more generically with e.g.: passdb { driver = passwd-file args = username_format=%{rip} /etc/dovecot/passdb } /etc/dovecot/passdb: 127.0.0.1:::nodelay=yes 192.168.10.124:::nodelay=yes --- STOP --- Adding the passdb section and creating a passdb file with the respective ip addresses does not have any effect though. Login failures through the webmailer are still being delayed. "dovecot -n" shows that the new passdb section is loaded: --- START --- passdb { args = username_format=%{rip} /etc/dovecot/passdb driver = passwd-file } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } --- STOP --- Changing orders does not make a difference. The passdb file contains these entries: --- START --- 127.0.0.1:::nodelay=yes 10.25.1.20:::nodelay=yes --- STOP --- The logfile shows the increased delay: --- START --- Jul 10 23:37:16 9fcdf83ee81e dovecot: imap-login: Disconnected (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=10.25.1.20, lip=10.25.1.10, TLS, TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bit s) Jul 10 23:37:25 9fcdf83ee81e dovecot: imap-login: Disconnected (auth failed, 1 attempts in 6 secs): user=, method=PLAIN, rip=10.25.1.20, lip=10.25.1.10, TLS, TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bit s) --- STOP --- What am I missing?
Re: Domain without certificate
Hello! It's a client thing. The client should not request StartSSL when there is no certificate present. Sorry for the noise! Andreas Andreas Meyer <a.me...@nimmini.de> schrieb am 22.08.17 um 00:16:54 Uhr: > Hello! > > I have a new domain integrated into dovecot but no certificate yet. > > In dovecot.conf there is ssl = yes and the other domains have > certificates configured. > > How do I exclude this new domain from using SSL? > > Greetings > > Andreas pgpeeFaLkFhPR.pgp Description: Digitale Signatur von OpenPGP
Domain without certificate
Hello! I have a new domain integrated into dovecot but no certificate yet. In dovecot.conf there is ssl = yes and the other domains have certificates configured. How do I exclude this new domain from using SSL? Greetings Andreas pgpX5krx2vxKu.pgp Description: Digitale Signatur von OpenPGP
a question about certificates from letsencrypt
Hello! Certificates from letsencrypt are renewed every three months. Does that mean a MUA has to accept the renewed certificates manually everytime it is renewed? Sorry if this is OT! Greetings Andreas
Re: New password hashing scheme as plugin
2016-08-05 10:59 GMT+02:00 Aki Tuomi <aki.tu...@dovecot.fi>: > > > On 02.08.2016 00:46, Andreas Meyer wrote: > > 2016-08-01 15:58 GMT+02:00 <aki.tu...@dovecot.fi>: > > > >>> On August 1, 2016 at 4:38 PM aki.tu...@dovecot.fi wrote: > >>> > >>> > >>> > >>>> On August 1, 2016 at 3:45 PM Andreas Meyer <luckyfello...@gmail.com> > >> wrote: > >>>> > >>>> 2016-07-31 16:39 GMT+02:00 <aki.tu...@dovecot.fi>: > >>>> > >>>>>> On July 27, 2016 at 2:08 AM Andreas Meyer <luckyfello...@gmail.com > >>>>> wrote: > >>>>>> > >>>>>> Hi, > >>>>>> > >>>>>> > >>>>>> I want to add a new password hashing scheme as plugin and provide > >> it for > >>>>>> the dovecot project, so that it will be included as optional > >> plugin in > >>>>>> future releases. > >>>>>> > >>>>>> Yet the plugin compiles fine and the .so file gets created. > >>>>>> > >>>>>> My approach is to call the functions password_scheme_register() and > >>>>>> password_scheme_unregister() (src/auth/password-scheme.c) inside > >> the > >>>>>> plugin's _init() and _deinit() functions. > >>>>>> > >>>>>> When a client tries to login via imap the log shows an error > >> message: > >>>>>> Error: Couldn't load required plugin > >>>>>> /usr/local/lib/dovecot/lib20_newauth_plugin.so: dlopen() failed: > >>>>>> /usr/local/lib/dovecot/lib20_newauth_plugin.so: undefined symbol: > >>>>>> password_scheme_unregister > >>>>>> > >>>>>> That error obviously occurs, because the required lib is not > >> linked into > >>>>>> the plugin. > >>>>>> > >>>>>> > >>>>>> Now my problem is to understand, whether this approach (via .so > >> file) can > >>>>>> be successful at all and if so, how? > >>>>>> Do I need to link libs into it? Which would that be and how do I > >> specify > >>>>>> them in the Makefile.am? > >>>>>> > >>>>>> I assume, I don't need to link a lib, but need to use a hook to > >> register > >>>>>> the new hashing scheme, since the plugin is loaded into an already > >>>>> existing > >>>>>> process, which needs to get extended. If this is true, which hook > >> would > >>>>>> that be and how do I register the new scheme? > >>>>>> > >>>>>> Or is there no way to accomplish this via a separated .so plugin? > >> Should > >>>>> I > >>>>>> extend the sources in /src/auth instead? (separat file for the > >> hashing > >>>>>> scheme with preprocessor instructions to include it only on demand) > >>>>>> > >>>>>> > >>>>>> > >>>>>> Thank you very much, > >>>>>> > >>>>>> Andreas > >>>>> Can you publish your code in, say, github.com and provide link to > >> it? > >>>>> New password scheme is doable as plugin but it needs to placed in > >> different > >>>>> place and it will be autoloaded. > >>>>> > >>>>> Aki > >>>>> > >>>> > >>>> > >>>> > >>>> I created two branches. Both compile fine with the option: > >> --with-libsodium > >>>> Branch #1) > >>>> > >>>> > >> https://github.com/LuckyFellow/dovecot-core-libsodium/tree/2.2.25_ > libsodium_plugin > >>>> This is my try to add libsodium support as plugin. When the plugin is > >>>> loaded, it exits with the mentioned error message "undefined symbol: > >>>> password_scheme_unregister" > >>>> > >>>> > >>>> Branch #2) > >>>> > >>>> > >> https://github.com/LuckyFellow/dovecot-core-libsodium/tree/2.2.25_ > libsodium_auth > >>>> This compiles fine and also works. The new hashing schemes SCRYPT and > >>>> ARGON2 are avail
Re: New password hashing scheme as plugin
2016-08-01 15:58 GMT+02:00 <aki.tu...@dovecot.fi>: > > > On August 1, 2016 at 4:38 PM aki.tu...@dovecot.fi wrote: > > > > > > > > > On August 1, 2016 at 3:45 PM Andreas Meyer <luckyfello...@gmail.com> > wrote: > > > > > > > > > 2016-07-31 16:39 GMT+02:00 <aki.tu...@dovecot.fi>: > > > > > > > > > > > > On July 27, 2016 at 2:08 AM Andreas Meyer <luckyfello...@gmail.com > > > > > > wrote: > > > > > > > > > > > > > > > Hi, > > > > > > > > > > > > > > > I want to add a new password hashing scheme as plugin and provide > it for > > > > > the dovecot project, so that it will be included as optional > plugin in > > > > > future releases. > > > > > > > > > > Yet the plugin compiles fine and the .so file gets created. > > > > > > > > > > My approach is to call the functions password_scheme_register() and > > > > > password_scheme_unregister() (src/auth/password-scheme.c) inside > the > > > > > plugin's _init() and _deinit() functions. > > > > > > > > > > When a client tries to login via imap the log shows an error > message: > > > > > > > > > > Error: Couldn't load required plugin > > > > > /usr/local/lib/dovecot/lib20_newauth_plugin.so: dlopen() failed: > > > > > /usr/local/lib/dovecot/lib20_newauth_plugin.so: undefined symbol: > > > > > password_scheme_unregister > > > > > > > > > > That error obviously occurs, because the required lib is not > linked into > > > > > the plugin. > > > > > > > > > > > > > > > Now my problem is to understand, whether this approach (via .so > file) can > > > > > be successful at all and if so, how? > > > > > Do I need to link libs into it? Which would that be and how do I > specify > > > > > them in the Makefile.am? > > > > > > > > > > I assume, I don't need to link a lib, but need to use a hook to > register > > > > > the new hashing scheme, since the plugin is loaded into an already > > > > existing > > > > > process, which needs to get extended. If this is true, which hook > would > > > > > that be and how do I register the new scheme? > > > > > > > > > > Or is there no way to accomplish this via a separated .so plugin? > Should > > > > I > > > > > extend the sources in /src/auth instead? (separat file for the > hashing > > > > > scheme with preprocessor instructions to include it only on demand) > > > > > > > > > > > > > > > > > > > > Thank you very much, > > > > > > > > > > Andreas > > > > > > > > Can you publish your code in, say, github.com and provide link to > it? > > > > New password scheme is doable as plugin but it needs to placed in > different > > > > place and it will be autoloaded. > > > > > > > > Aki > > > > > > > > > > > > > > > > > > > I created two branches. Both compile fine with the option: > --with-libsodium > > > > > > Branch #1) > > > > > > > https://github.com/LuckyFellow/dovecot-core-libsodium/tree/2.2.25_libsodium_plugin > > > > > > This is my try to add libsodium support as plugin. When the plugin is > > > loaded, it exits with the mentioned error message "undefined symbol: > > > password_scheme_unregister" > > > > > > > > > Branch #2) > > > > > > > https://github.com/LuckyFellow/dovecot-core-libsodium/tree/2.2.25_libsodium_auth > > > > > > This compiles fine and also works. The new hashing schemes SCRYPT and > > > ARGON2 are available to dovecot. > > > Libsodium support is not created as module, but only added if the > > > --with-libsodium option was passed to configure. > > > > > > > > > > > > Regards, > > > Andreas > > > > Hi! > > > > I had a look at your code and noticed you had tried to put it in > dovecot's tree. I would recommend making completely separate plugin of it. > It's not very hard, I can help you out there. It does not need to be in > src/plugins, the source supports fully external plugins that you can then > install separately. > > > > This would make it lot more easier to develop the plugin. I'll see if I > can make you a little skeleton to help you out with this, you can then use > it as basis for your auth plugin. > > > > Aki > > https://github.com/cmouse/dovecot-password-scheme-plugin > > is the plugin template you can use. please see if it helps you out. > > Aki > Thank you very much for the skeleton. It really helped a lot. I created this repository and checked in my changes: https://github.com/LuckyFellow/dovecot-libsodium-plugin It compiles and installs fine. The auth module loads the plugin automatically on demand, the hashing schemes are available and they work. What do I need to do, so that you can include it as plugin? Regards, Andreas
Re: New password hashing scheme as plugin
2016-07-31 16:39 GMT+02:00 <aki.tu...@dovecot.fi>: > > > On July 27, 2016 at 2:08 AM Andreas Meyer <luckyfello...@gmail.com> > wrote: > > > > > > Hi, > > > > > > I want to add a new password hashing scheme as plugin and provide it for > > the dovecot project, so that it will be included as optional plugin in > > future releases. > > > > Yet the plugin compiles fine and the .so file gets created. > > > > My approach is to call the functions password_scheme_register() and > > password_scheme_unregister() (src/auth/password-scheme.c) inside the > > plugin's _init() and _deinit() functions. > > > > When a client tries to login via imap the log shows an error message: > > > > Error: Couldn't load required plugin > > /usr/local/lib/dovecot/lib20_newauth_plugin.so: dlopen() failed: > > /usr/local/lib/dovecot/lib20_newauth_plugin.so: undefined symbol: > > password_scheme_unregister > > > > That error obviously occurs, because the required lib is not linked into > > the plugin. > > > > > > Now my problem is to understand, whether this approach (via .so file) can > > be successful at all and if so, how? > > Do I need to link libs into it? Which would that be and how do I specify > > them in the Makefile.am? > > > > I assume, I don't need to link a lib, but need to use a hook to register > > the new hashing scheme, since the plugin is loaded into an already > existing > > process, which needs to get extended. If this is true, which hook would > > that be and how do I register the new scheme? > > > > Or is there no way to accomplish this via a separated .so plugin? Should > I > > extend the sources in /src/auth instead? (separat file for the hashing > > scheme with preprocessor instructions to include it only on demand) > > > > > > > > Thank you very much, > > > > Andreas > > Can you publish your code in, say, github.com and provide link to it? > New password scheme is doable as plugin but it needs to placed in different > place and it will be autoloaded. > > Aki > I created two branches. Both compile fine with the option: --with-libsodium Branch #1) https://github.com/LuckyFellow/dovecot-core-libsodium/tree/2.2.25_libsodium_plugin This is my try to add libsodium support as plugin. When the plugin is loaded, it exits with the mentioned error message "undefined symbol: password_scheme_unregister" Branch #2) https://github.com/LuckyFellow/dovecot-core-libsodium/tree/2.2.25_libsodium_auth This compiles fine and also works. The new hashing schemes SCRYPT and ARGON2 are available to dovecot. Libsodium support is not created as module, but only added if the --with-libsodium option was passed to configure. Regards, Andreas
New password hashing scheme as plugin
Hi, I want to add a new password hashing scheme as plugin and provide it for the dovecot project, so that it will be included as optional plugin in future releases. Yet the plugin compiles fine and the .so file gets created. My approach is to call the functions password_scheme_register() and password_scheme_unregister() (src/auth/password-scheme.c) inside the plugin's _init() and _deinit() functions. When a client tries to login via imap the log shows an error message: Error: Couldn't load required plugin /usr/local/lib/dovecot/lib20_newauth_plugin.so: dlopen() failed: /usr/local/lib/dovecot/lib20_newauth_plugin.so: undefined symbol: password_scheme_unregister That error obviously occurs, because the required lib is not linked into the plugin. Now my problem is to understand, whether this approach (via .so file) can be successful at all and if so, how? Do I need to link libs into it? Which would that be and how do I specify them in the Makefile.am? I assume, I don't need to link a lib, but need to use a hook to register the new hashing scheme, since the plugin is loaded into an already existing process, which needs to get extended. If this is true, which hook would that be and how do I register the new scheme? Or is there no way to accomplish this via a separated .so plugin? Should I extend the sources in /src/auth instead? (separat file for the hashing scheme with preprocessor instructions to include it only on demand) Thank you very much, Andreas
solr does not index files in the mailbox
Hello! I startet solr and configured dovecot to use it. Dovecot just indexes two files dovecot.index.log and dovecot.mailbox.log but nothing in the cur directory. ./post -c myfiles /home/a.meyer/Postfach java -classpath /home/andreas/solr-5.5.1/dist/solr-core-5.5.1.jar -Dauto=yes -Dc=myfiles -Ddata=files -Drecursive=yes org.apache.solr.util.SimplePostTool /home/a.meyer/Postfach SimplePostTool version 5.0.0 Posting files to [base] url http://localhost:8983/solr/myfiles/update... Entering auto mode. File endings considered are xml,json,jsonl,csv,pdf,doc,docx,ppt,pptx,xls,xlsx,odt,odp,ods,ott,otp,ots,rtf,htm,html,txt,log Entering recursive mode, max depth=999, delay=0s Indexing directory /home/a.meyer/Postfach (2 files, depth=0) POSTing file dovecot.index.log (text/plain) to [base]/extract POSTing file dovecot.mailbox.log (text/plain) to [base]/extract Indexing directory /home/a.meyer/Postfach/cur (0 files, depth=1) Indexing directory /home/a.meyer/Postfach/new (0 files, depth=1) Indexing directory /home/a.meyer/Postfach/tmp (0 files, depth=1) 2 files indexed. COMMITting Solr index changes to http://localhost:8983/solr/myfiles/update... Time spent: 0:00:00.751 If I give the cur folder as startingpoint ./post -c myfiles /home/a.meyer/Postfach/cur java -classpath /home/andreas/solr-5.5.1/dist/solr-core-5.5.1.jar -Dauto=yes -Dc=myfiles -Ddata=files -Drecursive=yes org.apache.solr.util.SimplePostTool /home/a.meyer/Postfach/cur SimplePostTool version 5.0.0 Posting files to [base] url http://localhost:8983/solr/myfiles/update... Entering auto mode. File endings considered are xml,json,jsonl,csv,pdf,doc,docx,ppt,pptx,xls,xlsx,odt,odp,ods,ott,otp,ots,rtf,htm,html,txt,log Entering recursive mode, max depth=999, delay=0s Indexing directory /home/a.meyer/Postfach/cur (0 files, depth=0) 0 files indexed. COMMITting Solr index changes to http://localhost:8983/solr/myfiles/update... Time spent: 0:00:00.102 nothing is indexed although the directory contains 4 mails. What am I doing wrong? Greetings Andreas
Re: Dovecot + libsodium
2016-05-06 23:15 GMT+02:00 Timo Sirainen <t...@iki.fi>: > On 06 May 2016, at 13:14, Andreas Meyer <luckyfello...@gmail.com> wrote: > > > > Hi, > > > > Thank you very much for creating and maintaining dovecot! > > > > In my scenario, I want to use the password hash algorithms provided by > > libsodium: https://download.libsodium.org/doc/ > > > > So my difficulty is to have dovecot support libsodium's hash algorithms, > > particularly: crypto_pwhash_scryptsalsa208sha256_str > > > > On the sodium maillinglist I asked for help and received an adjusted > > dovecot code, which exactly does what I need. You find it here: > > https://github.com/jedisct1/core/tree/scrypt-argon2 > > > > Obviously I need to apply these changes everytime I upgrade to a new > > dovecot version now. > > > > So my question ist, what do I need to do so that you will include > libsodium > > support in future versions of dovecot? > > You could also change it to be a plugin to avoid patching. This is a > pretty old example, but it probably still works, at least with minor > changes: > http://dovecot.org/patches/password-scheme-lmpass.c > > Although it's still a good idea to recompile the plugin after a new > version since sometimes the ABI changes. > > Hi Timo, thank you very much for your reply. Creating a plugin is an option. Though I don't possess the right abilities to do that right away. Nevertheless I want to re-ask my initial question: What is required to get libsodium support into the dovecot core? Or are there concerns about supporting it or is there simply no interest in doing so? As I understand, security is a relevant concern when developing Dovecot. The sodium crypto library focuses on: "... provide all of the core operations needed to build higher-level cryptographic tools." I am sure, utilizing this library by default can be of great benefit for Dovecot. It will help to easily support the latest password hashing algorithms, currently Scrypt and Argon2. And if used for additional cryptographic purposes, it also provides easy to use cryptographically secure pseudo random data, secret-key authenticated encryption and of course secure memory allocations, just to name three features. Thank you very much, Andreas
Dovecot + libsodium
Hi, Thank you very much for creating and maintaining dovecot! In my scenario, I want to use the password hash algorithms provided by libsodium: https://download.libsodium.org/doc/ So my difficulty is to have dovecot support libsodium's hash algorithms, particularly: crypto_pwhash_scryptsalsa208sha256_str On the sodium maillinglist I asked for help and received an adjusted dovecot code, which exactly does what I need. You find it here: https://github.com/jedisct1/core/tree/scrypt-argon2 Obviously I need to apply these changes everytime I upgrade to a new dovecot version now. So my question ist, what do I need to do so that you will include libsodium support in future versions of dovecot? Thank you very much for your attention, Andreas
Problem with permissions of the logfile
Hello! I want to have dovecot log into a separate file and set log_path = /var/log/dovecot instead of log_path = syslog Dovecot does not start if I do this. Tried to change permissions and overschip of the file, no luck, ha. Deleted it in the hope dovecot creates it but no. If I set log_path = syslog dovecot starts and I see it is running as # ps aux |grep dove root 2429 0.2 0.0 3416 2568 ?Ss 16:42 0:00 /usr/sbin/dovecot -F dovecot 2431 0.0 0.0 3100 2080 ?S16:42 0:00 dovecot/anvil root 2432 0.0 0.0 3228 2316 ?S16:42 0:00 dovecot/log root 2434 0.0 0.0 4220 3300 ?S16:42 0:00 dovecot/config What must be done to have doveot log into the specified file? Greetings Andreas
Problem with permissions of the logfile
Hello! I want to have dovecot log into a separate file and set log_path = /var/log/dovecot instead of log_path = syslog Dovecot does not start if I do this. Tried to change permissions and overschip of the file, no luck, ha. Deleted it in the hope dovecot creates it but no. If I set log_path = syslog dovecot starts and I see it is running as # ps aux |grep dove root 2429 0.2 0.0 3416 2568 ?Ss 16:42 0:00 /usr/sbin/dovecot -F dovecot 2431 0.0 0.0 3100 2080 ?S16:42 0:00 dovecot/anvil root 2432 0.0 0.0 3228 2316 ?S16:42 0:00 dovecot/log root 2434 0.0 0.0 4220 3300 ?S16:42 0:00 dovecot/config What must be done to have dovecot log into the specified file? Greetings Andreas
Re: Problem with permissions of the logfile
Hello! To stay on the list. "S. Muthu Kumar"schrieb am 06.11.15 um 21:49:32 Uhr: > log_path here means the logging channel path. It refers to the logger > daemon to use to generate logs. > > Most of the linux/unix based applications prefer to use common system > logger to take care of writing the logs preferably under /var/log/ as > there are other structures(like rotating those logs periodically). > > do refer to man pages of syslog.conf or rsyslog.conf and see how you > can generate individual log files for devecot via (r)syslog daemon > while you have delegated dovecot logging responsibility to (r)syslog. I must admit I don't understand what is going on. I am running rsyslog on two servers and on both servers version 2.2.13 of dovecot. On the first I set log_path = /var/log/dovecot1 with -rw--- 1 root root 1093533 6. Nov 17:24 dovecot1 in /var/log and everthing is fine. If I do this on the newly set up server, dovecot does not start. Ofcourse I could set it up to log to syslog and prepare rsyslog.conf but why is it so? Regards Andreas
Re: distuguish between different domains
Hello! Marco Fretzschrieb am 28.09.15 um 08:29:59 Uhr: > Hi Andreas, > > I'm not 100% sure what you're trying to accomplish. > > smtp_server in roundcube is the outgoing server (submission server, i.e. > postfix). Mailbox is IMAP (dovecot). > You can easily spawn 2 instances of dovecot, one serving aaa.de and one > serving bbb.de on different IPs. How do I do this? > What exactly is the problem with 2 domains on one dovecot? I mean user > @aaa.de usually does not have the password for @bbb.de and vise versa. What is irritating me is that when there are two domains served by dovecot, in the client I can specify server.aaa.de although I have an email-address u...@bbb.de and connect as such. For my understanding it should not be possible to connect to server server.aaa.de with an address line u...@bbb.de and dovecot serves the mailbox of that user. > About the sending server in roundcube: I don't think there is a way to > have a different submission server for different sender domains in > roundcubde. But you could use the postfix configuration to map sender > domains to different outgoing connection IPs. Postfix is not the problem. It's the login into the IMAP-server that is irritating me. Or am I completely wrong? Regards Andreas
Re: distuguish between different domains
"A.L.E.C" <a...@alec.pl> schrieb am 28.09.15 um 10:54:24 Uhr: > On 09/28/2015 10:48 AM, Andreas Meyer wrote: > > Postfix is not the problem. It's the login into the IMAP-server that > > is irritating me. Or am I completely wrong? > > You are completely wrong ;) If the mailbox exist server handles it, > there's no difference from/to which "domain" was the connection. Besides > you can configure Roundcube to select server IP/host based on logon domain. It makes not difference when I define $rcmail_config['default_host'] = 'tls://mail.bbb.de'; in Roundcube. I guess the advantage of this setting is to identify the server when the server are running on different machines. But as long as the domains reside on the same machine, it does not matter. I can login as u...@aaa.de and the mailbox is served. That's what is irritating me. But I can life with it. Regards Andreas
distuguish between different domains
Hello! I asked myself wether it is possible to distinguish between different doamins in dovecot so that a user only sees his mailbox when he is connecting with us...@aaa.de specifying the server with mail.aaa.de for example. So the server does not handout the mailbox for us...@bbb.de when the client connects to mail.aaa.de as us...@bbb.de I have this problem with roundcube. Dovecot is responisble for two domains. With roundcube I can login as us...@aaa.de altough the client is configured like so: $config['smtp_server'] = 'tls://mail.bbb.de'; and I am landing in the mailbox of us...@aaa.de Is there a way to striktly differentiate between doamins? Both domains have their own IP-addresses. Regards Andreas
no login with MySQL
Hello! Setup again to authenticate my users with MySQL but can't login. Sep 13 11:55:49 auth: Info: passwd-file(a.me...@nimmini.de,95.88.63.177,): unknown user Sep 13 11:55:49 auth: Info: passwd-file(a.me...@nimmini.de,95.88.63.177, ): unknown user Sep 13 11:55:49 imap-login: Info: Login: user= , method=CRAM-MD5, rip=95.88.63.177, lip=46.38.231.143, mpid=30826, TLS, TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits) Sep 13 11:55:49 imap(a.me...@nimmini.de): Error: user a.me...@nimmini.de: Initialization failed: Namespace '': Home directory not set for user. Can't expand ~/ for mail root dir in: ~/ Sep 13 11:55:49 imap(a.me...@nimmini.de): Error: Invalid user settings. Refer to server log for more information. Sep 13 11:55:49 auth: Debug: auth client connected (pid=30825) Sep 13 11:55:49 auth: Debug: client in: AUTH1 CRAM-MD5 service=imapsecured session=R7Qe9J0fTgBfWD+xlip=46.38.231.143 rip=95.88.63.177lport=143 rport=45646 Sep 13 11:55:49 auth: Debug: client passdb out: CONT1 PDkzMDcwNTI5Mzk5NTk1NTYuMTQ0MjEzODE0OUBiaXRtYWNoaW5lMT4= Sep 13 11:55:49 auth: Debug: client in: CONT Sep 13 11:55:49 auth: Debug: passwd-file(a.me...@nimmini.de,95.88.63.177, ): lookup: user=a.me...@nimmini.de file=/etc/dovecot/passwd Sep 13 11:55:49 auth-worker(30822): Debug: sql(a.me...@nimmini.de,95.88.63.177): query: SELECT username AS username, password FROM mailbox WHERE username = 'a.me...@nimmini.de' AND active = 1 Sep 13 11:55:49 auth: Debug: client passdb out: OK 1 user=a.me...@nimmini.de Sep 13 11:55:49 auth: Debug: master in: REQUEST 997457921 30821 1 dc2456b4ee1453e5458806ab92da9ee7session_pid=30826 request_auth_token Sep 13 11:55:49 auth: Debug: passwd-file(a.me...@nimmini.de,95.88.63.177, ): lookup: user=a.me...@nimmini.de file=/etc/dovecot/passwd Sep 13 11:55:49 auth-worker(30822): Debug: passwd-file(a.me...@nimmini.de,95.88.63.177): SELECT maildir, uid, gid, concat('*:storage=', quota) AS quota_rule, concat('Trash:storage=+', quota_trash) AS quota_rule2 FROM mailbox WHERE username = 'a.me...@nimmini.de' Sep 13 11:55:49 auth: Debug: master userdb out: USER997457921 a.me...@nimmini.de maildir=/var/spool/vhosts/nimmini.de/ uid=5000 gid=5000quota_rule=*:storage=5242880 quota_rule2=Trash:storage=+100 auth_token=2a4c8e78ff8fcf3f9599eecbefb6a5605f22abe5 Sep 13 11:55:49 imap: Debug: Loading modules from directory: /usr/lib64/dovecot/modules Sep 13 11:55:49 imap: Debug: Module loaded: /usr/lib64/dovecot/modules/lib01_acl_plugin.so Sep 13 11:55:49 imap: Debug: Module loaded: /usr/lib64/dovecot/modules/lib02_imap_acl_plugin.so Sep 13 11:55:49 imap: Debug: Module loaded: /usr/lib64/dovecot/modules/lib10_quota_plugin.so Sep 13 11:55:49 imap: Debug: Module loaded: /usr/lib64/dovecot/modules/lib11_imap_quota_plugin.so Sep 13 11:55:49 imap: Debug: Added userdb setting: plugin/maildir=/var/spool/vhosts/nimmini.de/ Sep 13 11:55:49 imap: Debug: Added userdb setting: plugin/quota_rule=*:storage=5242880 Sep 13 11:55:49 imap: Debug: Added userdb setting: plugin/quota_rule2=Trash:storage=+100 Sep 13 11:55:49 imap(a.me...@nimmini.de): Debug: Effective uid=5000, gid=5000, home= Sep 13 11:55:49 imap(a.me...@nimmini.de): Debug: Quota root: name=User quota backend=maildir args= Sep 13 11:55:49 imap(a.me...@nimmini.de): Debug: Quota rule: root=User quota mailbox=* bytes=5368709120 messages=0 Sep 13 11:55:49 imap(a.me...@nimmini.de): Debug: Quota rule: root=User quota mailbox=Trash bytes=+102400 messages=0 Sep 13 11:55:49 imap(a.me...@nimmini.de): Debug: Quota grace: root=User quota bytes=53687091 (1%) Sep 13 11:55:49 imap(a.me...@nimmini.de): Debug: Namespace inbox: type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:~/ This is what claws-mail says: [12:22:48] IMAP4< * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN AUTH=CRAM-MD5] Dovecot ready. [12:22:48] IMAP4> 1 STARTTLS [12:22:48] IMAP4< 1 OK Begin TLS negotiation now. * IMAP connection is un-authenticated [12:22:48] IMAP4> 2 CAPABILITY [12:22:48] IMAP4< * CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=CRAM-MD5 [12:22:48] IMAP4< 2 OK Pre-login capabilities listed, post-login capabilities have more. [12:22:48] IMAP4> Logging a.me...@nimmini.de to mail.nimmini.de using CRAM-MD5 ** IMAP Fehler auf mail.nimmini.de: parse error (sehr wahrscheinlich ein nicht RFC-konformer Server) ** IMAP4-Verbindung unterbrochen [12:22:48] IMAP4< Error logging in to mail.nimmini.de When I set auth_type PLAIN in Roundcube, login fails too. The SELECTS in the database are ok: mysql> SELECT maildir, uid, gid, concat('*:storage=', quota) AS quota_rule, concat('Trash:storage=+', quota_trash) AS quota_rule2 FROM
Re: no login with MySQL
Christian Kivaloschrieb am 13.09.15 um 22:08:04 Uhr: > > I think the query-string für MySQL would overwrite this mail_location, > > right? But how do I define it in the query? > > yes thats how it should work but your query (looking at the query result > from your first email) overwrites the mail_location with > "/var/spool/vhosts/nimmini.de/" without a username. > > >> With my setup "mail" and "home" is returned from the userdb query from > >> mysql > >> > >> home: /srv/mail/%u > >> mail: /srv/mail/%u/Maildir > > > > The query-strings for virtual users look like this: > > > > password_query = SELECT username AS username, password FROM mailbox > > WHERE username = '%u' AND active = 1 > > user_query = SELECT maildir, uid, gid, concat('*:storage=', quota) AS > > quota_rule, concat('Trash:storage=+', quota_trash) AS quota_rule2 FROM > > mailbox WHERE username = '%u' > > what about > user_query = SELECT CONCAT(maildir, SUBSTRING_INDEX(username,'@',+1)) as > mail, uid, gid, concat('*:storage=', quota) AS quota_rule, > concat('Trash:storage=+', quota_trash) AS quota_rule2 FROM mailbox WHERE > username = '%u' With this query above I can login again with Roundcube and claws-mail but with the mysql-client I get: mysql> SELECT CONCAT(maildir, SUBSTRING_INDEX(username,'@',+1)) as mail, uid, gid, concat('*:storage=', quota) AS quota_rule, concat('Trash:storage=+', quota_trash) AS quota_rule2 FROM mailbox WHERE username = '%u'; Empty set (0,00 sec) This is my old query with wich I couldn't log in. mysql> SELECT maildir, uid, gid, concat('*:storage=', quota) AS quota_rule, concat('Trash:storage=+', quota_trash) AS quota_rule2 FROM mailbox WHERE username = '%u'; Empty set (0,00 sec) > > The SUBSTRING_INDEX returns everything left of the '@' from field > username, that should give you something like > > +--+--+--+---++ > | mail | uid | gid | quota_rule > | quota_rule2| > +--+--+--+---++ > | /var/spool/vhosts/nimmini.de/a.meyer | 5000 | 5000 | *:storage=5242880 > | Trash:storage=+100 | > +--+--+--+---++ > > which hopefully is the path to your maildir. I get am Emty set Don't understand it. Andreas
Re: no login with MySQL
Hello! Christian Kivaloschrieb am 13.09.15 um 19:51:38 Uhr: > > Sep 13 11:55:49 imap(a.me...@nimmini.de): Error: user > > a.me...@nimmini.de: Initialization failed: Namespace '': Home > > directory not set for user. Can't expand ~/ for mail root dir in: ~/ > > Sep 13 11:55:49 imap(a.me...@nimmini.de): Error: Invalid user > > settings. Refer to server log for more information. > > i see an error here "Error: Invalid user settings" relating to the users > mail_location direcory. > > Is "mail_location" (and not so important "mail_home") defined? In dovecot.conf mail_location = maildir:~/ is set. This works with the system-users defined in the passwd file. I think the query-string für MySQL would overwrite this mail_location, right? But how do I define it in the query? > With my setup "mail" and "home" is returned from the userdb query from > mysql > > home: /srv/mail/%u > mail: /srv/mail/%u/Maildir The query-strings for virtual users look like this: password_query = SELECT username AS username, password FROM mailbox WHERE username = '%u' AND active = 1 user_query = SELECT maildir, uid, gid, concat('*:storage=', quota) AS quota_rule, concat('Trash:storage=+', quota_trash) AS quota_rule2 FROM mailbox WHERE username = '%u' There is no mail_loation defined. I thought if maildir is queried, the %u would expand to the mail_location of the user. Where the users only with the local part of the address exist in the filesystem. /var/spool/vhosts/nimmini.de/a.meyer whereas /var/spool/vhosts is a symlink to /home/vhosts. This setup worked fine sometime ago and I wanted to reactivate MySQL for dovecot. Now the query doesn't work anymore, the location seems to be invalid. location=maildir:~/ instead of /var/spool/vhosts/nimmini.de/%u. > > Sep 13 11:55:49 imap(a.me...@nimmini.de): Debug: Namespace inbox: > > type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes, > > subscriptions=yes location=maildir:~/ > > on one of my accounts this same line looks like this: > imap(a...@kivalo.at): Debug: Namespace inbox: type=private, prefix=, > sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes > location=maildir:/srv/mail/a...@kivalo.at/Maildir:LAYOUT=fs > > where location is the "mail_location" setting from 10-mail.conf and is > overridden by the userdb from sql for every user. > > it's probably enough to set the option mail_location in 10-mail.conf to > an absolute path. I cannot set the absolute path in mail_location, because I have systemusers and virtual users. Don't know how to set mail_location in the query-string for MySQL, if the expandation of %u is not enough. %u would expand to the full address a.me...@nimmini.de whereas the location looks like /var/spool/vhosts/nimmini.de/a.meyer Don't know what to do. Regards Andreas
Re: no login with MySQL
Benny Pedersen <m...@junc.eu> schrieb am 14.09.15 um 01:17:17 Uhr: > Andreas Meyer skrev den 2015-09-13 22:52: > > > Don't understand it. > > in mysql shell you self need to expand %u > > since there is possible no user email that is %u Yes, of course. Too much stress today. But I solved my problems with mysql, auth, dovecot_lda and postfix deferred mail by just setting mail_home = /var/spool/vhosts/%d/%n in dovecot.conf again. And the old queries work again. Now is bedtime. Thank you everybody! Andreas
Re: virtual users with postfix
Hello! dravion.sm...@gmx.net dravion.sm...@gmx.net schrieb am 29.08.15 um 10:41:09 Uhr: Am 29.08.2015 um 10:10 schrieb Andreas Meyer: Aug 29 09:52:57 imap(i...@nimmini.de): Error: mkdir_parents(/var/lib/dovecot/db) failed: Permission denied Aug 29 09:52:57 imap(i...@nimmini.de): Error: acl: dict commit failed try chmod /var/lib/dovecot 755 this is what it already has. Andreas
Re: virtual users with postfix
dravion.sm...@gmx.net dravion.sm...@gmx.net schrieb am 29.08.15 um 10:53:24 Uhr: Am 29.08.2015 um 10:10 schrieb Andreas Meyer: Aug 29 09:52:57 imap(i...@nimmini.de): Error: mkdir_parents(/var/lib/dovecot/db) failed: Permission denied Aug 29 09:52:57 imap(i...@nimmini.de): Error: acl: dict commit failed try chmod /var/lib/dovecot 755 this is what it already has. Andreas# Hmm, did you use recursion? Maybe something like chmod -R 775 /var/lib/dovecot or chmod -R 777 /var/lib/dovecot service dovecot restart Will do the trick. Other users in the maillist archive reported this solved thadt error. I compared with a bit older installation and there I see: drwxr-x--- 3500050004096 18. Mai 2014 dovecot # ll insgesamt 20 drwxr-xr-x 2 5000 5000 4096 8. Mai 2014 db -rw-r--r-- 1 root root 62 18. Mai 2014 instances -rw-r--r-- 1 root root 78 15. Mai 2014 mounts -rw--- 1 root root 1789 22. Dez 2013 replicator.db -rw-r--r-- 1 root root 230 15. Mai 2014 ssl-parameters.dat I' ll try with set it to 5000:5000 Andreas
virtual users with postfix
Hello! My passwd file looks like this: i...@nimmini.de:{CRAM-MD5}e33cbd144b372a9c919228923464c806b57e35df2d6d1484ceaabe7e3530cd58:5000:5000::/var/spool/vhosts/nimmini.de/info::userdb_mail=maildir:~/ When I login for the first time, I see this in the log: Aug 29 09:52:57 imap(i...@nimmini.de): Error: mkdir_parents(/var/lib/dovecot/db) failed: Permission denied Aug 29 09:52:57 imap(i...@nimmini.de): Error: acl: dict commit failed Although the mailbox info is created with this content: drwx-- 2 5000 5000 4096 29. Aug 09:52 cur -rw--- 1 5000 50000 29. Aug 09:52 dovecot-acl-list -rw--- 1 5000 5000 272 29. Aug 09:52 dovecot.index.log -rw--- 1 5000 5000 72 29. Aug 09:52 dovecot.mailbox.log -rw--- 1 5000 5000 51 29. Aug 09:52 dovecot-uidlist -rw--- 1 5000 50008 29. Aug 09:52 dovecot-uidvalidity -r--r--r-- 1 5000 50000 29. Aug 09:52 dovecot-uidvalidity.55e164dc drwx-- 5 5000 5000 4096 29. Aug 09:52 .Drafts drwx-- 2 5000 5000 4096 29. Aug 09:52 new drwx-- 5 5000 5000 4096 29. Aug 09:52 .Sent -rw--- 1 5000 5000 18 29. Aug 09:52 subscriptions drwx-- 2 5000 5000 4096 29. Aug 09:52 tmp drwx-- 5 5000 5000 4096 29. Aug 09:52 .Trash /var/lib looks like this: ... drwxr-xr-x 2 root root4096 29. Aug 00:28 dovecot ... Should the folder dovecot be owned by the user dovecot? What causes the error above? Greetings Andreas
Re: virtual users with postfix
Christian Kivalo ml+dove...@valo.at schrieb am 29.08.15 um 11:00:23 Uhr: Am 29.08.2015 um 10:10 schrieb Andreas Meyer: Aug 29 09:52:57 imap(i...@nimmini.de): Error: mkdir_parents(/var/lib/dovecot/db) failed: Permission denied Aug 29 09:52:57 imap(i...@nimmini.de): Error: acl: dict commit failed try chmod /var/lib/dovecot 755 this is what it already has. Please share your doveconf -n output. Wild guess: changing the owner of /var/lib/dovecot to 5000:5000 should probably help. Yes, that did the trick! Andreas
Re: [Dovecot] how to make quota per user ??
ihab ihab_mishr...@hotmail.com wrote: I use dovecot version 1.2.15 and i put quota for all users , now i want to upgrade to at least 2.1.17, it's a painless process. give more size for some emails , i already added the quota to user database , and i added the queries from http://wiki.dovecot.org/Quota/1.1 MySQL: user_query = select uid, gid, home, \ concat('*:bytes=', quota_bytes) as quota_rule \ from users where userid = '%u' We use with v 2.1.17 user_query = SELECT maildir, uid, gid, concat('*:storage=', quota) AS quota_rule, concat('Trash:storage=+', quota_trash) AS quota_rule2 FROM mailbox WHERE username = '%u' # MySQL with userdb prefetch: Remember to prefix quota_rule with userdb_ # (just like all other userdb extra fields): password_query = select userid as user, password, \ uid as userdb_uid, gid as userdb_gid, \ concat('*:bytes=', quota_bytes) as userdb_quota_rule \ from users where userid = '%u' Andreas
[Dovecot] double login lines
Hi! Who can tell me why I have double login lines for some accounts? Oct 31 12:35:36 imap-login: Info: Login: user=anme...@anup.de, method=CRAM-MD5, rip=84.179.59.177, lip=78.47.3.18, mpid=29905, TLS, TLSv1 with cipher RC4-MD5 (128/128 bits) Oct 31 12:35:36 imap-login: Info: Login: user=anme...@anup.de, method=CRAM-MD5, rip=84.179.59.177, lip=78.47.3.18, mpid=29906, TLS, TLSv1 with cipher RC4-MD5 (128/128 bits) I can not think of any reason why this happens at the same time. Greetings Andreas
Re: [Dovecot] Question to sieve symlink
Andreas Meyer anme...@anup.de wrote: A Server running openSUSE 12.3 and dovecot version 2.1.13. In the log I find Oct 19 00:23:23 managesieve(anme...@anup.de): Warning: sieve-storage: Active sieve script symlink /var/spool/vhosts/anup.de/anmeyer/.dovecot.sieve is broken: invalid/unknown path to storage (points to /var/spool/vhosts/anup.de/anmeyer/.sieve/managesieve.sieve). But the link is ok and when I login to roundcube I can manage the filters. What's the problem? I found the corresponding part in sieve-storage-script.c /* Check whether the path is any good */ if ( strcmp(scriptpath, storage-link_path) != 0 strcmp(scriptpath, storage-dir) != 0 ) { i_warning (sieve-storage: Active sieve script symlink %s is broken: invalid/unknown path to storage (points to %s)., storage-active_path, link); return NULL; } but I am not a programmer to say what's wrong there. Andreas
Re: [Dovecot] Question to sieve symlink
Hello! Stephan Bosch step...@rename-it.nl wrote: On 10/19/2013 1:55 AM, Andreas Meyer wrote: Hello! A Server running openSUSE 12.3 and dovecot version 2.1.13. In the log I find Oct 19 00:23:23 managesieve(anme...@anup.de): Warning: sieve-storage: Active sieve script symlink /var/spool/vhosts/anup.de/anmeyer/.dovecot.sieve is broken: invalid/unknown path to storage (points to /var/spool/vhosts/anup.de/anmeyer/.sieve/managesieve.sieve). But the link is ok and when I login to roundcube I can manage the filters. What's the problem? What is your configuration (output from dovecot -n) ? I will not send this sensitive output to a public mailinglist. Do you need a special part of the output? Andreas
Re: [Dovecot] Question to sieve symlink
Charles Marcus cmar...@media-brokers.com wrote: On 2013-10-20 11:39 AM, Andreas Meyer anme...@anup.de wrote: Stephan Bosch step...@rename-it.nl wrote: What is your configuration (output from dovecot -n) ? I will not send this sensitive output to a public mailinglist. Do you need a special part of the output? Don't be stupid. There is little to nothing in that output that would put your system at risk - and if there was, a few seconds to obfuscate it is all it would take. Otherwise, there is nothing anyone here can dot to help you. ok, here it is: # 2.1.17: /etc/dovecot/dovecot.conf # OS: Linux 3.7.10-1.16-pae i686 openSUSE 12.3 (i586) auth_mechanisms = plain cram-md5 auth_verbose = yes debug_log_path = /var/log/dovecot-debug.log disable_plaintext_auth = no hostname = delta.bitcorner.eu log_path = /var/log/dovecot1 login_log_format_elements = user=%u method=%m rip=%r lip=%l mpid=%e %c %k mail_home = /var/spool/vhosts/%d/%n mail_location = maildir:~/ mail_plugins = quota managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave vacation-seconds namespace inbox { inbox = yes location = prefix = } passdb { args = /etc/dovecot/passwd driver = passwd-file } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { autocreate = Trash autocreate2 = Drafts autocreate3 = Sent autosubscribe = Trash autosubscribe2 = Drafts autosubscribe3 = Sent quota = maildir:User quota quota_grace = 10%% quota_rule = *:storage=500MB quota_rule2 = Trash:storage=+10%% quota_status_nouser = DUNNO quota_status_overquota = 552 5.2.2 Mailbox is full / Mailbox ist voll quota_status_success = DUNNO sieve = ~/.dovecot.sieve sieve_dir = ~/.sieve sieve_extensions = +vacation-seconds sieve_vacation_default_period = 10d sieve_vacation_max_period = 30d sieve_vacation_min_period = 1h } postmaster_address = postmas...@bitcorner.de protocols = imap pop3 lmtp sieve quota_full_tempfail = yes service auth { unix_listener auth-userdb { group = vmail mode = 0666 user = vmail } } service managesieve-login { inet_listener sieve { port = 4190 } } service quota-warning { executable = script /usr/local/bin/quota-warning.sh unix_listener quota-warning { mode = 0666 user = vmail } user = vmail } ssl_cert = /etc/dovecot/ssl/startsslkeys/bitcorner/server.pem ssl_cipher_list = DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ALL:!LOW:!SSLv2:!EXP:!aNULL ssl_key = /etc/dovecot/ssl/startsslkeys/bitcorner/key.pem userdb { args = /etc/dovecot/passwd driver = passwd-file } userdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } protocol lda { info_log_path = /var/log/dovecot-lda.log log_path = /var/log/dovecot-lda-errors.log mail_plugins = quota sieve } protocol imap { imap_idle_notify_interval = 29 mins mail_max_userip_connections = 20 mail_plugins = quota quota imap_quota autocreate } protocol lmtp { mail_plugins = quota sieve } protocol sieve { mail_max_userip_connections = 10 managesieve_implementation_string = Dovecot Pigeonhole managesieve_logout_format = bytes=%i/%o managesieve_max_compile_errors = 5 managesieve_max_line_length = 65536 } protocol pop3 { mail_max_userip_connections = 10 pop3_uidl_format = %08Xu%08Xv } local 78.47.3.18 { protocol imap { ssl_cert = /etc/dovecot/ssl/anup/server.pem ssl_key = /etc/dovecot/ssl/anup/mail-anup-de-key.pem } } local 78.47.3.18 { protocol pop3 { ssl_cert = /etc/dovecot/ssl/anup/server.pem ssl_key = /etc/dovecot/ssl/anup/mail-anup-de-key.pem } } local 78.47.3.19 { protocol imap { ssl_cert = /etc/dovecot/ssl/startsslkeys/bitcorner/server.pem ssl_key = /etc/dovecot/ssl/startsslkeys/bitcorner/key.pem } } local 78.47.3.19 { protocol pop3 { ssl_cert = /etc/dovecot/ssl/startsslkeys/bitcorner/server.pem ssl_key = /etc/dovecot/ssl/startsslkeys/bitcorner/key.pem } } local 78.47.3.21 { protocol imap { ssl_cert = /etc/dovecot/ssl/startsslkeys/foxmailer/server.pem ssl_key = /etc/dovecot/ssl/startsslkeys/foxmailer/key.pem } } local 78.47.3.21 { protocol pop3 { ssl_cert = /etc/dovecot/ssl/startsslkeys/foxmailer/server.pem ssl_key = /etc/dovecot/ssl/startsslkeys/foxmailer/key.pem } } local 78.47.3.22 { protocol imap { ssl_cert = /etc/dovecot/ssl/baubetreuung/bau.pem ssl_key = /etc/dovecot/ssl/baubetreuung/mail-baubetreuung-de-key.pem } } local 78.47.3.22 { protocol pop3 { ssl_cert = /etc/dovecot/ssl/baubetreuung/bau.pem ssl_key = /etc/dovecot/ssl/baubetreuung/mail-baubetreuung-de-key.pem } } I did not have this problem with the symlink before with a selfcompiled dovecot version 2.1.17 and a selfcompiled version of dovecot-2.1-pigeonhole-0.3.1 Now, I used the rpm-packages
Re: [Dovecot] Question to sieve symlink
Stephan Bosch step...@rename-it.nl wrote: On 10/20/2013 6:05 PM, Andreas Meyer wrote: I did not have this problem with the symlink before with a selfcompiled dovecot version 2.1.17 and a selfcompiled version of dovecot-2.1-pigeonhole-0.3.1 Now, I used the rpm-packages of the distribution (version 2.1.13), upgraded yesterday with rpm's to version 2.1.17 but the problem persists. Could you enable mail_debug and show us what the logs say? I specified mail_debug = yes debug_log_path = /var/log/dovecot-debug.log in dovecot.conf and restarted dovecot, but nothing is written to the log. # doveadm log find Debug: /var/log/dovecot-debug.log Info: /var/log/dovecot1 Warning: /var/log/dovecot1 Error: /var/log/dovecot1 Fatal: /var/log/dovecot1 Regards, Stephan Andreas
Re: [Dovecot] Question to sieve symlink
Stephan Bosch step...@rename-it.nl wrote: On 10/20/2013 6:05 PM, Andreas Meyer wrote: I did not have this problem with the symlink before with a selfcompiled dovecot version 2.1.17 and a selfcompiled version of dovecot-2.1-pigeonhole-0.3.1 Now, I used the rpm-packages of the distribution (version 2.1.13), upgraded yesterday with rpm's to version 2.1.17 but the problem persists. Could you enable mail_debug and show us what the logs say? In the debug.log I have this Oct 20 20:10:39 managesieve: Debug: Loading modules from directory: /usr/lib/dovecot/modules Oct 20 20:10:39 managesieve: Debug: Module loaded: /usr/lib/dovecot/modules/lib10_quota_plugin.so Oct 20 20:10:39 managesieve: Debug: Added userdb setting: mail=maildir:~/ Oct 20 20:10:39 managesieve: Debug: Added userdb setting: plugin/quota_rule=*:bytes=1G Oct 20 20:10:39 managesieve(anme...@anup.de): Debug: Effective uid=5000, gid=5000, home=/var/spool/vhosts/anup.de/anmeyer Oct 20 20:10:39 managesieve(anme...@anup.de): Debug: Quota root: name=User quota backend=maildir args= Oct 20 20:10:39 managesieve(anme...@anup.de): Debug: Quota rule: root=User quota mailbox=* bytes=1073741824 messages=0 Oct 20 20:10:39 managesieve(anme...@anup.de): Debug: Quota rule: root=User quota mailbox=Trash bytes=+107374182 (10%) messages=0 Oct 20 20:10:39 managesieve(anme...@anup.de): Debug: Namespace inbox: type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:~/ Oct 20 20:10:39 managesieve(anme...@anup.de): Debug: maildir++: root=/var/spool/vhosts/anup.de/anmeyer, index=, control=, inbox=/var/spool/vhosts/anup.de/anmeyer, alt= Oct 20 20:10:39 managesieve(anme...@anup.de): Debug: sieve: include: sieve_global_dir is not set; it is currently not possible to include `:global' scripts. Oct 20 20:10:39 managesieve(anme...@anup.de): Debug: sieve-storage: using active sieve script path: /var/spool/vhosts/anup.de/anmeyer/.dovecot.sieve Oct 20 20:10:39 managesieve(anme...@anup.de): Debug: sieve-storage: using sieve script storage directory: /var/spool/vhosts/anup.de/anmeyer/.sieve Oct 20 20:10:39 managesieve(anme...@anup.de): Debug: sieve-storage: using permissions from /var/spool/vhosts/anup.de/anmeyer/.sieve: mode=0700 gid=-1 Oct 20 20:10:39 managesieve(anme...@anup.de): Debug: sieve-storage: relative path to sieve storage in active link: .sieve/ Oct 20 20:10:51 managesieve: Debug: Loading modules from directory: /usr/lib/dovecot/modules Oct 20 20:10:51 managesieve: Debug: Module loaded: /usr/lib/dovecot/modules/lib10_quota_plugin.so Oct 20 20:10:51 managesieve: Debug: Added userdb setting: mail=maildir:~/ Oct 20 20:10:51 managesieve: Debug: Added userdb setting: plugin/quota_rule=*:bytes=1G Oct 20 20:10:51 managesieve(anme...@anup.de): Debug: Effective uid=5000, gid=5000, home=/var/spool/vhosts/anup.de/anmeyer Oct 20 20:10:51 managesieve(anme...@anup.de): Debug: Quota root: name=User quota backend=maildir args= Oct 20 20:10:51 managesieve(anme...@anup.de): Debug: Quota rule: root=User quota mailbox=* bytes=1073741824 messages=0 Oct 20 20:10:51 managesieve(anme...@anup.de): Debug: Quota rule: root=User quota mailbox=Trash bytes=+107374182 (10%) messages=0 Oct 20 20:10:51 managesieve(anme...@anup.de): Debug: Namespace inbox: type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:~/ Oct 20 20:10:51 managesieve(anme...@anup.de): Debug: maildir++: root=/var/spool/vhosts/anup.de/anmeyer, index=, control=, inbox=/var/spool/vhosts/anup.de/anmeyer, alt= Oct 20 20:10:51 managesieve(anme...@anup.de): Debug: sieve: include: sieve_global_dir is not set; it is currently not possible to include `:global' scripts. Oct 20 20:10:51 managesieve(anme...@anup.de): Debug: sieve-storage: using active sieve script path: /var/spool/vhosts/anup.de/anmeyer/.dovecot.sieve Oct 20 20:10:51 managesieve(anme...@anup.de): Debug: sieve-storage: using sieve script storage directory: /var/spool/vhosts/anup.de/anmeyer/.sieve Oct 20 20:10:51 managesieve(anme...@anup.de): Debug: sieve-storage: using permissions from /var/spool/vhosts/anup.de/anmeyer/.sieve: mode=0700 gid=-1 Oct 20 20:10:51 managesieve(anme...@anup.de): Debug: sieve-storage: relative path to sieve storage in active link: .sieve/ Oct 20 20:10:51 imap: Debug: Loading modules from directory: /usr/lib/dovecot/modules Oct 20 20:10:51 imap: Debug: Module loaded: /usr/lib/dovecot/modules/lib10_quota_plugin.so Oct 20 20:10:51 imap: Debug: Module loaded: /usr/lib/dovecot/modules/lib11_imap_quota_plugin.so Oct 20 20:10:51 imap: Debug: Module loaded: /usr/lib/dovecot/modules/lib20_autocreate_plugin.so Oct 20 20:10:51 imap: Debug: Added userdb setting: mail=maildir:~/ Oct 20 20:10:51 imap: Debug: Added userdb setting: plugin/quota_rule=*:bytes=1G Oct 20 20:10:51 imap(anme...@anup.de): Debug: Effective uid=5000, gid=5000, home=/var/spool/vhosts/anup.de/anmeyer Oct 20 20:10:51 imap(anme...@anup.de): Debug: Quota root: name
Re: [Dovecot] Question to sieve symlink
Robert Schetterer r...@sys4.de wrote: Am 20.10.2013 20:01, schrieb Andreas Meyer: Stephan Bosch step...@rename-it.nl wrote: Now, I used the rpm-packages of the distribution (version 2.1.13), upgraded yesterday with rpm's to version 2.1.17 but the problem persists. Could you enable mail_debug and show us what the logs say? I specified mail_debug = yes debug_log_path = /var/log/dovecot-debug.log in dovecot.conf and restarted dovecot, but nothing is written to the log. # doveadm log find Debug: /var/log/dovecot-debug.log Info: /var/log/dovecot1 Warning: /var/log/dovecot1 Error: /var/log/dovecot1 Fatal: /var/log/dovecot1 does it exist ,is it writable ? I set mail_debug = yes debug_log_path = /var/log/dovecot-debug.log in the dovecot.conf but in the 10-logging.conf there was mail_debug = no set. I thought the dovecot.conf would overtop the 10-logging.conf Best Regards MfG Robert Schetterer Andreas
Re: [Dovecot] Question to sieve symlink
Stephan Bosch step...@rename-it.nl wrote: Oct 20 20:10:39 managesieve-login: Info: Login: user=anme...@anup.de, method=CRAM-MD5, rip=127.0.0.1, lip=127.0.0.1, mpid=1898, secured Oct 20 20:10:39 managesieve(anme...@anup.de): Warning: sieve-storage: Active sieve script symlink /var/spool/vhosts/anup.de/anmeyer/.dovecot.sieve is broken: invalid/unknown path to storage (points to /var/spool/vhosts/anup.de/anmeyer/.sieve/banane.sieve). Oct 20 20:10:39 managesieve(anme...@anup.de): Warning: sieve-storage: Active sieve script symlink /var/spool/vhosts/anup.de/anmeyer/.dovecot.sieve is broken: invalid/unknown path to storage (points to /var/spool/vhosts/anup.de/anmeyer/.sieve/banane.sieve). Oct 20 20:10:39 managesieve(anme...@anup.de): Info: Disconnected: Logged out bytes=52/1565 This looks like a bug to me. Could you try to set: sieve_dir = ~/.sieve/ (notice the slash at the end) Does it stop complaining now? well allright, that seems to solve the problem. No complains anymore so far about the broken symlink. Regards, Stephan. Thank you so much! Andreas
[Dovecot] Question to sieve symlink
Hello! A Server running openSUSE 12.3 and dovecot version 2.1.13. In the log I find Oct 19 00:23:23 managesieve(anme...@anup.de): Warning: sieve-storage: Active sieve script symlink /var/spool/vhosts/anup.de/anmeyer/.dovecot.sieve is broken: invalid/unknown path to storage (points to /var/spool/vhosts/anup.de/anmeyer/.sieve/managesieve.sieve). But the link is ok and when I login to roundcube I can manage the filters. What's the problem? Greetings Andreas
[Dovecot] both passwd-file and MySQL
Hello all! Wondering if it is possible to use a flat passwd-file for some domains and for some other a MySQL-database for queries? All of our domains are handled by passdb { args = /etc/dovecot/passwd driver = passwd-file } userdb { args = /etc/dovecot/passwd driver = passwd-file } Can one use MySQL in addition for another domain? Greetings Andreas
Re: [Dovecot] both passwd-file and MySQL
Robert Schetterer r...@sys4.de wrote: passwd-file for master users are working in addition to sql auth i guess, it should work too for normal users/domains but there should not be overlapping or same info in both for same users perhaps this helps http://sys4.de/de/blog/2013/02/11/master-user-dovecot-isp-layout-mit-postfixadmin/ sorry only german Best Regards MfG Robert Schetterer this one might be better, for help http://wiki2.dovecot.org/Authentication/MultipleDatabases Great! Just upgraded from v 2.1.16 to 2.1.17 with ./configure --prefix=/usr --sysconfdir=/etc --with-mysql --with-solr --with-ldap and everything is fine. Andreas
Re: [Dovecot] Dovecot Postfix Quota Policy Service
Ralf Hildebrandt r...@sys4.de wrote: * Robert Schetterer r...@sys4.de: quota_grace = 10%% quota_status_success = DUNNO quota_status_nouser = DUNNO quota_status_overquota = 552 5.2.2 Mailbox is full / Mailbox ist voll The very last line quota_status_overquota doesn't work. No matter which kind of quoting I'm using ', , or none at all, dovecot will always misbehave (it will accept ANY mail) It would be desireable this feature in dovecot would work so that email would be rejected at first instance and not be bounced after they where accepted by the MDA. Nice Sunday! Andreas
Re: [Dovecot] Dovecot Postfix Quota Policy Service
Daniel Luttermann dan...@dlutt.de wrote: When I use service config { unix_listener config { group = mode = 0666 user = } } then the error permission denied doesn't occur anymore but the error warning: access table unix:private/quota-status entry has empty value I don't know if this is related to your problem but the error may be caused because of the doublespace between entry and has. Timo has already recogniced this. Andreas
Re: [Dovecot] v2.2.0 released
Mark Sapiro m...@msapiro.net wrote: On 4/12/2013 10:33 AM, Timo Sirainen wrote: http://dovecot.org/releases/2.2/dovecot-2.2.0.tar.gz http://dovecot.org/releases/2.2/dovecot-2.2.0.tar.gz.sig Everything now seems to be stable and working in v2.2, so I can finally move onto developing great new interesting features for v2.3. :) It's installed and running here. Congratulations (big round of applause) Can I upgrade from 2.1.16 to 2.2 with the old config? Is there something to be carefull with? Andreas
[Dovecot] IDLE and inactivity
Good day! Apr 07 10:59:40 imap(anme...@anup.de): Info: Disconnected: Disconnected in IDLE in=725 out=2546 Apr 07 10:59:59 imap(anme...@anup.de): Info: Disconnected for inactivity in=952 out=25789 Please someone explain to me the IDLE state and the inactivity state an what the numbers at in= and out= means! Andreas
Re: [Dovecot] v2.1.16 released
Hello! Timo Sirainen t...@iki.fi wrote: http://dovecot.org/releases/2.1/dovecot-2.1.16.tar.gz http://dovecot.org/releases/2.1/dovecot-2.1.16.tar.gz.sig + Added quota-status policy service for Postfix Got a problem with the quota-status. I added it using the howto from Ralf Hildebrand at http://sys4.de/de/blog/2013/04/05/dovecot-quota-mit-postfix-abfragen/ # netstat -pantu |grep 12340 tcp0 0 127.0.0.1:123400.0.0.0:*LISTEN 19666/dovecot plugin { quota = maildir:User quota quota_grace = 10%% quota_rule = *:storage=500MB quota_rule2 = Trash:storage=+10%% quota_status_success = DUNNO quota_status_nouser = DUNNO quota_status_overquota = 552 5.2.2 Mailbox is full / Mailbox ist voll autocreate = Trash autocreate2 = Drafts autocreate3 = Sent autosubscribe = Trash autosubscribe2 = Drafts autosubscribe3 = Sent } service quota-status { executable = quota-status -p postfix inet_listener { port = 12340 } client_limit = 1 } and in der main.cf of postfix warn_if_reject check_policy_service inet:127.0.0.1:12340 I get this in the logfile of postfix: Apr 7 15:52:51 delta postfix/smtpd[19988]: warning: access table inet:127.0.0.1:12340 entry has empty value What's wrong? Postfis does not seem to get the quota-status from dovecot. Andreas
Re: [Dovecot] v2.1.16 released
Robert Schetterer r...@sys4.de wrote: Am 07.04.2013 16:07, schrieb Andreas Meyer: Hello! Timo Sirainen t...@iki.fi wrote: http://dovecot.org/releases/2.1/dovecot-2.1.16.tar.gz http://dovecot.org/releases/2.1/dovecot-2.1.16.tar.gz.sig + Added quota-status policy service for Postfix Got a problem with the quota-status. I added it using the howto from Ralf Hildebrand at http://sys4.de/de/blog/2013/04/05/dovecot-quota-mit-postfix-abfragen/ # netstat -pantu |grep 12340 tcp0 0 127.0.0.1:123400.0.0.0:*LISTEN 19666/dovecot plugin { quota = maildir:User quota quota_grace = 10%% quota_rule = *:storage=500MB quota_rule2 = Trash:storage=+10%% quota_status_success = DUNNO quota_status_nouser = DUNNO quota_status_overquota = 552 5.2.2 Mailbox is full / Mailbox ist voll autocreate = Trash autocreate2 = Drafts autocreate3 = Sent autosubscribe = Trash autosubscribe2 = Drafts autosubscribe3 = Sent } service quota-status { executable = quota-status -p postfix inet_listener { port = 12340 } client_limit = 1 } and in der main.cf of postfix warn_if_reject check_policy_service inet:127.0.0.1:12340 I get this in the logfile of postfix: Apr 7 15:52:51 delta postfix/smtpd[19988]: warning: access table inet:127.0.0.1:12340 entry has empty value What's wrong? Postfis does not seem to get the quota-status from dovecot. Andreas not sure what this means and in hurry ,but i.e try alternate setup service quota-status { executable = quota-status -p postfix unix_listener /var/spool/postfix/private/quota-status { group = postfix mode = 0660 user = postfix } client_limit = 1 } smtpd_recipient_restrictions = reject_non_fqdn_recipient, reject_unknown_recipient_domain, permit_mynetworks, ... reject_unauth_destination, check_policy_service unix:private/quota-status Tried that already with the same behaviour. Postfix does not get the quota-status. Andreas
Re: [Dovecot] v2.1.16 released
Robert Schetterer r...@sys4.de wrote: not sure what this means and in hurry ,but i.e try alternate setup service quota-status { executable = quota-status -p postfix unix_listener /var/spool/postfix/private/quota-status { group = postfix mode = 0660 user = postfix } client_limit = 1 } smtpd_recipient_restrictions = reject_non_fqdn_recipient, reject_unknown_recipient_domain, permit_mynetworks, ... reject_unauth_destination, check_policy_service unix:private/quota-status Tried that already with the same behaviour. Postfix does not get the quota-status. Hi Andreas, i should clean up my eyes the dovecot policy daemon code really is in 2.1.16 but there is no quota_grace Parameter, without this service make small sense i.e if you allready have lmtp quota enabled, cause mostly this will bounce mail before the mailbox gets overquota in real Didn't know the thing with the quota_grace. Yes, I use dovecot-lda as transport from postfix. So postfix hands over the mail to the virtual_transport = dovecot and the check with the inet_listener isn't done then? B) I guess dovecot-lda should report the quota-status and do the check. if you want to test dove quota feature it only make sense if using dove 2.2 ( as written in the blog by Ralf) I testet this in a productive environment. If I get the time I'll setup a testmachine for 2.2 speculation , i dont think that Timo will backport quota_grace to 2.1 Best Regards MfG Robert Schetterer Greetings Andreas
Re: [Dovecot] [Dovecot-de] Dovecot Quota via policy service abfragen
Hallo Waffenmeister! Ralf Hildebrandt ralf.hildebra...@charite.de wrote: Apr 7 14:07:52 delta postfix/qmgr[19078]: 1D8921B31260: from=anme...@anup.de, size=1492149, nrcpt=1 (queue active) Apr 7 14:07:53 delta postfix/pipe[19091]: 1D8921B31260: to=mi...@anup.de, relay=dovecot, delay=2542, delays=2542/0.01/0/0.29, dsn=4.3.0, status=deferred (temporary failure) Ich sehe hier nur einen Fehler vom transport dovecot. plugin { quota = maildir:User quota quota_grace = 10%% quota_rule = *:storage=500MB quota_rule2 = Trash:storage=+10%% quota_status_success = DUNNO quota_status_nouser = DUNNO quota_status_overquota = 552 5.2.2 Mailbox is full / Mailbox ist voll Lass mal das quota_status_overquota feld weg. Habe ich jetzt neben quota_grace = 10%% auch rausgenommen. Apr 7 19:38:35 delta postfix/smtpd[23037]: connect from p54B32BC9.dip.t-dialin.net[84.179.43.201] Apr 7 19:38:36 delta postfix/smtpd[23037]: setting up TLS connection from p54B32BC9.dip.t-dialin.net[84.179.43.201] Apr 7 19:38:36 delta postfix/smtpd[23037]: TLS connection established from p54B32BC9.dip.t-dialin.net[84.179.43.201]: TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits) Apr 7 19:38:37 delta postfix/smtpd[23037]: NOQUEUE: client=p54B32BC9.dip.t-dialin.net[84.179.43.201], sasl_method=CRAM-MD5, sasl_username=anme...@anup.de Apr 7 19:39:01 delta postfix/smtpd[23139]: connect from localhost[127.0.0.1] Apr 7 19:39:01 delta postfix/smtpd[23139]: 9C1BA1B30FB0: client=localhost[127.0.0.1] Apr 7 19:39:01 delta postfix/cleanup[23142]: 9C1BA1B30FB0: message-id=20130407193818.62d8c328@itxnew.bitcorner.intern Apr 7 19:39:01 delta postfix/qmgr[22234]: 9C1BA1B30FB0: from=anme...@anup.de, size=1492149, nrcpt=1 (queue active) Apr 7 19:39:01 delta postfix/smtpd[23139]: disconnect from localhost[127.0.0.1] Apr 7 19:39:02 delta postfix/smtpd[23037]: disconnect from p54B32BC9.dip.t-dialin.net[84.179.43.201] Apr 7 19:39:02 delta postfix/pipe[23143]: 9C1BA1B30FB0: to=mi...@anup.de, relay=dovecot, delay=0.56, delays=0.33/0/0/0.23, dsn=4.3.0, status=deferred (temporary failure) Also ich vermisse das reject-warning von postfix und es hat auch nicht den Anschein, dass postfix den Status der Quota bei dovecot über port 12340 abfrägt. Naja, vielleicht steht es an der falschen Stelle in den Restrictions! Das muss passieren BEVOR irgendwas ein OK zurückgibt. Ich habe warn_if_reject check_policy_service inet:127.0.0.1:12340 ziemlich am Anfang der recipient_restrictions gesetzt nachdem ich den check am Ende hatte noch nach postgrey. smtpd_recipient_restrictions = check_sender_access hash:/etc/postfix/access_sender, permit_mynetworks, permit_sasl_authenticated, reject_invalid_helo_hostname, reject_unlisted_recipient, warn_if_reject check_policy_service inet:127.0.0.1:12340 reject_unknown_sender_domain, check_sender_access pcre:/etc/postfix/umlaute.pcre, check_recipient_access pcre:/etc/postfix/umlaute.pcre, reject_unauth_destination, reject_rbl_client bl.spamcop.net, reject_rbl_client zen.spamhaus.org, check_client_access cidr:/etc/postfix/client.cidr, check_policy_service inet:127.0.0.1:10023 Andreas
Re: [Dovecot] v2.1.16 released
Hello! Timo Sirainen t...@iki.fi wrote: On 7.4.2013, at 17.07, Andreas Meyer anme...@anup.de wrote: Got a problem with the quota-status. I added it using the howto from Ralf Hildebrand at http://sys4.de/de/blog/2013/04/05/dovecot-quota-mit-postfix-abfragen/ .. I get this in the logfile of postfix: Apr 7 15:52:51 delta postfix/smtpd[19988]: warning: access table inet:127.0.0.1:12340 entry has empty value I wonder if that really means that it's getting an empty value or if it's something else. I don't know why it would be getting an empty value. Do you see an anything in Dovecot's error log? Apr 7 19:55:53 delta postfix/smtpd[23362]: connect from dovecot.org[193.210.130.67] Apr 7 19:55:53 delta postfix/smtpd[23362]: warning: access table inet:127.0.0.1:12340 entry has empty value Apr 7 19:55:53 delta postfix/smtpd[23362]: NOQUEUE: client=dovecot.org[193.210.130.67] Apr 7 19:55:54 delta postfix/smtpd[23234]: 727161B31260: client=localhost[127.0.0.1] Apr 7 19:55:54 delta postfix/cleanup[23369]: 727161B31260: message-id=f5021a00-0b9b-4d1f-8b1a-a13311948...@iki.fi Apr 7 19:55:54 delta postfix/smtpd[23234]: disconnect from localhost[127.0.0.1] Apr 7 19:55:54 delta postfix/qmgr[22234]: 727161B31260: from=dovecot-boun...@dovecot.org, size=2764, nrcpt=1 (queue active) Apr 7 19:55:54 delta postfix/smtpd[23362]: disconnect from dovecot.org[193.210.130.67] Apr 7 19:55:54 delta postfix/pipe[23370]: 727161B31260: to=anme...@anup.de, relay=dovecot, delay=0.24, delays=0.07/0/0/0.17, dsn=2.0.0, status=sent (delivered via dovecot service) Apr 7 19:55:54 delta postfix/qmgr[22234]: 727161B31260: removed I know there's a bug in 2.1.16 where it crashes if you try to ask quota status for a nonexistent user.. http://hg.dovecot.org/dovecot-2.1/rev/c6b4a639cae1 fixes that. The user exists. This is what I find in the dovecot-lda-errors.log Apr 07 19:48:13 lda(mi...@anup.de): Error: sieve: msgid=20130407193818.62d8c328@itxnew.bitcorner.intern: failed to store into mailbox 'INBOX': Quota exceeded (mailbox for user is full) Apr 07 19:48:13 lda(mi...@anup.de): Error: sieve: script /var/spool/vhosts/anup.de/miles/.dovecot.sieve failed with unsuccessful implicit keep (user logfile /var/spool/vhosts/anup.de/miles/.dov ecot.sieve.log may reveal additional details) Nothing special in the dovecot.log Apr 07 19:47:15 imap-login: Info: Login: user=mi...@anup.de, method=CRAM-MD5, rip=84.179.43.201, lip=213.239.207.165, mpid=23264, session=X4kr6cjZcgBUsyvJ Andreas
Re: [Dovecot] [Dovecot-de] Dovecot Quota via policy service abfragen
Ralf Hildebrandt ralf.hildebra...@charite.de wrote: * Andreas Meyer anme...@anup.de: Habe ich jetzt neben quota_grace = 10%% auch rausgenommen. Gut. Apr 7 19:38:35 delta postfix/smtpd[23037]: connect from p54B32BC9.dip.t-dialin.net[84.179.43.201] Apr 7 19:38:36 delta postfix/smtpd[23037]: setting up TLS connection from p54B32BC9.dip.t-dialin.net[84.179.43.201] Apr 7 19:38:36 delta postfix/smtpd[23037]: TLS connection established from p54B32BC9.dip.t-dialin.net[84.179.43.201]: TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits) Apr 7 19:38:37 delta postfix/smtpd[23037]: NOQUEUE: client=p54B32BC9.dip.t-dialin.net[84.179.43.201], sasl_method=CRAM-MD5, sasl_username=anme...@anup.de Apr 7 19:39:01 delta postfix/smtpd[23139]: connect from localhost[127.0.0.1] Apr 7 19:39:01 delta postfix/smtpd[23139]: 9C1BA1B30FB0: client=localhost[127.0.0.1] Apr 7 19:39:01 delta postfix/cleanup[23142]: 9C1BA1B30FB0: message-id=20130407193818.62d8c328@itxnew.bitcorner.intern Apr 7 19:39:01 delta postfix/qmgr[22234]: 9C1BA1B30FB0: from=anme...@anup.de, size=1492149, nrcpt=1 (queue active) Apr 7 19:39:01 delta postfix/smtpd[23139]: disconnect from localhost[127.0.0.1] Apr 7 19:39:02 delta postfix/smtpd[23037]: disconnect from p54B32BC9.dip.t-dialin.net[84.179.43.201] Apr 7 19:39:02 delta postfix/pipe[23143]: 9C1BA1B30FB0: to=mi...@anup.de, relay=dovecot, delay=0.56, delays=0.33/0/0/0.23, dsn=4.3.0, status=deferred (temporary failure) Na dann sind deine Restrictions falsch und die Mail wird OK'ed bevor der Policy Server gefragt wird. Ich habe warn_if_reject check_policy_service inet:127.0.0.1:12340 ziemlich am Anfang der recipient_restrictions gesetzt nachdem ich den check am Ende hatte noch nach postgrey. smtpd_recipient_restrictions = --- hier einbauen --- ist ja nur zum Test check_sender_access hash:/etc/postfix/access_sender, permit_mynetworks, permit_sasl_authenticated, reject_invalid_helo_hostname, reject_unlisted_recipient, warn_if_reject check_policy_service inet:127.0.0.1:12340 reject_unknown_sender_domain, check_sender_access pcre:/etc/postfix/umlaute.pcre, check_recipient_access pcre:/etc/postfix/umlaute.pcre, reject_unauth_destination, reject_rbl_client bl.spamcop.net, reject_rbl_client zen.spamhaus.org, check_client_access cidr:/etc/postfix/client.cidr, check_policy_service inet:127.0.0.1:10023 That did the trick! The order of the recipient_restricitons was wrong. Apr 7 20:24:55 delta postfix/smtpd[23806]: connect from p54B32BC9.dip.t-dialin.net[84.179.43.201] Apr 7 20:24:55 delta postfix/smtpd[23806]: setting up TLS connection from p54B32BC9.dip.t-dialin.net[84.179.43.201] Apr 7 20:24:56 delta postfix/smtpd[23806]: TLS connection established from p54B32BC9.dip.t-dialin.net[84.179.43.201]: TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits) Apr 7 20:24:56 delta postfix/smtpd[23806]: NOQUEUE: reject: RCPT from p54B32BC9.dip.t-dialin.net[84.179.43.201]: 552 5.2.2 mi...@anup.de: Recipient address rejected: Quota exceeded (mailbox for user is full); from=anme...@anup.de to=mi...@anup.de proto=ESMTP helo=itxnew.bitcorner.intern Apr 7 20:24:56 delta postfix/smtpd[23806]: lost connection after RCPT from p54B32BC9.dip.t-dialin.net[84.179.43.201] Apr 7 20:24:56 delta postfix/smtpd[23806]: disconnect from p54B32BC9.dip.t-dialin.net[84.179.43.201] The MUA does not get rid of the mail, when it would exceed the quota. But now the next problem. I cannot send this mail and get the following with smtpd_recipient_restrictions = check_policy_service inet:127.0.0.1:12340 check_sender_access hash:/etc/postfix/access_sender, permit_mynetworks, permit_sasl_authenticated, Apr 7 20:31:43 delta postfix/smtpd[23820]: connect from p54B32BC9.dip.t-dialin.net[84.179.43.201] Apr 7 20:31:44 delta postfix/smtpd[23820]: setting up TLS connection from p54B32BC9.dip.t-dialin.net[84.179.43.201] Apr 7 20:31:45 delta postfix/smtpd[23820]: TLS connection established from p54B32BC9.dip.t-dialin.net[84.179.43.201]: TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits) Apr 7 20:31:46 delta postfix/smtpd[23820]: warning: problem talking to server 127.0.0.1:12340: Success Apr 7 20:31:46 delta postfix/smtpd[23820]: NOQUEUE: reject: RCPT from p54B32BC9.dip.t-dialin.net[84.179.43.201]: 451 4.3.5 Server configuration problem; from=anme...@anup.de to=dove...@listen.jpberlin.de proto=ESMTP helo=itxnew.bitcorner.intern Apr 7 20:31:46 delta postfix/smtpd[23820]: lost connection after RCPT from p54B32BC9.dip.t-dialin.net[84.179.43.201] Apr 7 20:31:46 delta postfix/smtpd[23820]: disconnect from p54B32BC9.dip.t-dialin.net[84.179.43.201] the mail is not sent out. I deactivated the check to get sent mail sent. Andreas
Re: [Dovecot] v2.1.16 released
Timo Sirainen t...@iki.fi wrote: On 7.4.2013, at 20.58, Andreas Meyer anme...@anup.de wrote: Apr 7 15:52:51 delta postfix/smtpd[19988]: warning: access table inet:127.0.0.1:12340 entry has empty value I wonder if that really means that it's getting an empty value or if it's something else. I don't know why it would be getting an empty value. Do you see an anything in Dovecot's error log? Apr 7 19:55:53 delta postfix/smtpd[23362]: connect from dovecot.org[193.210.130.67] Apr 7 19:55:53 delta postfix/smtpd[23362]: warning: access table inet:127.0.0.1:12340 entry has empty value Oh, notice the two spaces there between entry has? It's looking up an empty key (instead of email@address), so it's getting back an empty value. Although Dovecot's reply should still be DUNNO then. Anyway, looks to me like Postfix config isn't correct somehow. Yes I saw the space between entry has. ;). And yes, like posted in my other email, I set the check for the inet_listener to the beginning of the recipient_restrictions in Postfix and the thing worked and the MTA refused to take the mail over. But thereby got the problem not beeing able to send any email to the mailserver. Don't know why at the moment. Something is wrong with the order of the checks in postfix. Andreas
Re: [Dovecot] v2.1.16 released
Zhang Huangbin zhbmaillisto...@gmail.com wrote: On Friday, April 5, 2013 at 5:16 AM, Timo Sirainen wrote: + Added quota-status policy service for Postfix Found quota-status related settings in Dovecot-2.2 commit log here: http://hg.dovecot.org/dovecot-2.2/rev/980be1dc80c2 yes, great work! Apr 05 11:26:20 master: Info: Dovecot v2.1.16 starting up (core dumps disabled) Had to recompile dovecot-2.1-pigeonhole-0.3.1. Everything is fine now. Andreas
Re: [Dovecot] loop when I enable quota_warning
Hello! Timo Sirainen t...@iki.fi wrote: On 21.3.2013, at 16.55, Andreas Meyer anme...@anup.de wrote: The problem occurs when I add the following to dovecot.conf: quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u quota_warning3 = -storage=100%% quota-warning below %u # user is no longer over quota The script executed looks like this: #!/bin/sh PERCENT=$1 USER=$2 cat EOF | /usr/libexec/dovecot/dovecot-lda -d $USER -o plugin/quota=maildir:User quota:noenforcing Just because quota isn't enforced, it doesn't mean that the quota warnings aren't executed. You need to disable quota entirely (e.g. -o plugin/quota= might work, although it requires a somewhat new version). Now I have -o plugin/quota= in the script. That seems to avoid the loop, but the user also does not get a quota-warning. plugin { quota = maildir:User quota quota_rule = *:storage=500MB quota_rule2 = Trash:storage=+10%% quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u quota_warning3 = -storage=100%% quota-warning below %u # user is no longer over quota autocreate = Trash autocreate2 = Drafts autocreate3 = Sent autosubscribe = Trash autosubscribe2 = Drafts autosubscribe3 = Sent sieve_extensions = +vacation-seconds sieve_vacation_min_period = 1h sieve_vacation_default_period = 10d sieve_vacation_max_period = 30d } # doveadm -D quota get -u mi...@anup.de doveadm(mail1): Debug: Loading modules from directory: /usr/lib/dovecot doveadm(mail1): Debug: Module loaded: /usr/lib/dovecot/lib10_quota_plugin.so doveadm(mail1): Debug: Loading modules from directory: /usr/lib/dovecot/doveadm doveadm(mail1): Debug: Skipping module doveadm_acl_plugin, because dlopen() failed: /usr/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so: undefined symbol: acl_user_module (this is usually intentional, so just ignore this message) doveadm(mail1): Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: /usr/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so: undefined symbol: expire_set_lookup (this is usually intentional, so just ignore this message) doveadm(mail1): Debug: Module loaded: /usr/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so doveadm(mail1): Debug: Skipping module doveadm_zlib_plugin, because dlopen() failed: /usr/lib/dovecot/doveadm/lib10_doveadm_zlib_plugin.so: undefined symbol: i_stream_create_deflate (this is usually intentional, so just ignore this message) doveadm(mail1): Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib/dovecot/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: fts_list_backend (this is usually intentional, so just ignore this message) doveadm(mi...@anup.de): Debug: Added userdb setting: mail=maildir:~/ doveadm(mi...@anup.de): Debug: Added userdb setting: plugin/quota_rule=*:bytes=30M doveadm(mi...@anup.de): Debug: Effective uid=5000, gid=5000, home=/var/spool/vhosts/anup.de/miles doveadm(mi...@anup.de): Debug: Quota root: name=User quota backend=maildir args= doveadm(mi...@anup.de): Debug: Quota rule: root=User quota mailbox=* bytes=31457280 messages=0 doveadm(mi...@anup.de): Debug: Quota rule: root=User quota mailbox=Trash bytes=+3145728 (10%) messages=0 doveadm(mi...@anup.de): Debug: Quota warning: bytes=29884416 (95%) messages=0 reverse=no command=quota-warning 95 mi...@anup.de doveadm(mi...@anup.de): Debug: Quota warning: bytes=25165824 (80%) messages=0 reverse=no command=quota-warning 80 mi...@anup.de doveadm(mi...@anup.de): Debug: Quota warning: bytes=31457280 (100%) messages=0 reverse=yes command=quota-warning below mi...@anup.de doveadm(mi...@anup.de): Debug: Namespace inbox: type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:~/ doveadm(mi...@anup.de): Debug: maildir++: root=/var/spool/vhosts/anup.de/miles, index=, control=, inbox=/var/spool/vhosts/anup.de/miles, alt= Quota name TypeValue Limit % User quota STORAGE 30715 30720 99 User quota MESSAGE 189 - Andreas
[Dovecot] global mail_plugins
Hello! How do I know what is specified in the global mail_plugins? # doveconf |grep mail_plugins mail_plugins = mail_plugins = quota sieve mail_plugins = quota imap_quota autocreate mail_plugins = sieve Is it just what is defined in the dovecot.conf and when there is nothing defined there are no global mail_plugins per default? Andreas
[Dovecot] loop when I enable
Hello! I have a nasty problem with a loop when I enable quota_warning. The mailbox fills up with thousands of email within seconds. This happens only with mbox'es retrieved with POP3. From MAILER-DAEMON Thu Mar 21 13:54:07 2013 From: supp...@anup.de Subject: Mailbox Quota-Warnung X-UID: 8036 Status: X-Keywords: Content-Length: 41 Ihre Mailbox ist jetzt zu below% belegt. # doveconf -n # 2.1.7: /usr/etc/dovecot/dovecot.conf auth_mechanisms = plain cram-md5 auth_verbose = yes disable_plaintext_auth = no hostname = delta.bitcorner.eu log_path = /var/log/dovecot1 mail_home = /var/spool/vhosts/%d/%n mail_plugins = quota managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave vacation-seconds namespace inbox { inbox = yes location = prefix = } passdb { args = /etc/dovecot/passwd driver = passwd-file } plugin { autocreate = Trash autocreate2 = Drafts autocreate3 = Sent autosubscribe = Trash autosubscribe2 = Drafts autosubscribe3 = Sent quota = maildir:User quota quota_rule = *:storage=500MB quota_rule2 = Trash:storage=+10%% sieve = ~/.dovecot.sieve sieve_dir = ~/.sieve sieve_extensions = +vacation-seconds sieve_vacation_default_period = 10d sieve_vacation_max_period = 30d sieve_vacation_min_period = 1h } postmaster_address = postmas...@bitcorner.de protocols = imap pop3 lmtp sieve quota_full_tempfail = yes service auth { unix_listener auth-userdb { group = vmail mode = 0666 user = vmail } } service managesieve-login { inet_listener sieve { port = 4190 } } service quota-warning { executable = script /usr/local/bin/quota-warning.sh unix_listener quota-warning { mode = 0666 user = vmail } user = vmail } ssl_cert = /etc/dovecot/ssl/hostcert.pem ssl_key = /etc/dovecot/ssl/hostkey.pem userdb { args = /etc/dovecot/passwd driver = passwd-file } protocol lda { info_log_path = /var/log/dovecot-lda.log log_path = /var/log/dovecot-lda-errors.log mail_plugins = quota quota sieve } protocol imap { imap_idle_notify_interval = 29 mins mail_max_userip_connections = 20 mail_plugins = quota quota imap_quota autocreate } protocol lmtp { mail_plugins = quota sieve } protocol sieve { mail_max_userip_connections = 10 managesieve_implementation_string = Dovecot Pigeonhole managesieve_logout_format = bytes=%i/%o managesieve_max_compile_errors = 5 managesieve_max_line_length = 65536 } protocol pop3 { mail_max_userip_connections = 10 mail_plugins = quota quota pop3_uidl_format = %08Xu%08Xv } The problem occurs when I add the following to dovecot.conf: quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u quota_warning3 = -storage=100%% quota-warning below %u # user is no longer over quota The script executed looks like this: #!/bin/sh PERCENT=$1 USER=$2 cat EOF | /usr/libexec/dovecot/dovecot-lda -d $USER -o plugin/quota=maildir:User quota:noenforcing From: supp...@anup.de Subject: Mailbox Quota-Warnung Ihre Mailbox ist jetzt zu $PERCENT% belegt. EOF What can I do? I wonder if there some solution with namespaces possible maybe? Thank you! Andreas
Re: [Dovecot] Integrating with Drupal SQL db
i...@stos.se wrote: Hi I'm trying to get Dovecot to use Drupal users password for authenticating IMAP users. But I just cant figure out how to make Dovecot understand the password hash type that Drupal 7 is using. My example user with password Teacher1 looks like this in Drupal database: $S$DZwJa.U8HXT2PvTmwCK13rGEYEvnx5DB6/hlqnfCBum4s4U7MVWU This is not CRAM-MD5, is it? Dovecot retrieves this hash but complains that its not a recognized hash type, or that the hash is wrong, depending on if I change the default hash type in Dovecot config. Any help appreciated. This is what I get connecting to your server: Connected to stos.se. Escape character is '^]'. * OK [CAPABILITY IMAP4REV1 NAMESPACE ID AUTH=PLAIN AUTH=LOGIN UIDPLUS STARTTLS ACL METADATA] Debian-60-squeeze-64-minimal IMAP4rev1 Citadel 7.83 ready This is what I get connecting to mine: * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN AUTH=CRAM-MD5] Dovecot ready. I see no AUTH=CRAM-MD5 in capabilites of your server. Andreas
Re: [Dovecot] Integrating with Drupal SQL db
Hello! I took the thread back to the list. Tobias Rådenholt tobias.radenh...@stos.se wrote: I think it is ssha512 hashing. It's not stos.se that's affected. It's swedishschoolinsydney.org.au Just found this: capabilities are 'IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE STARTTLS LOGINDISABLED' meaning you can log in via STARTTLS but not via plaintext authentication. Does it have something to do woth your problem? Mar 11 16:18:01 SSiS dovecot: imap-login: Disconnected: Too many invalid commands (auth failed, 1 attempts): user=Teacher1, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured Thanks! /Tobias Andreas i...@stos.se wrote: Hi I'm trying to get Dovecot to use Drupal users password for authenticating IMAP users. But I just cant figure out how to make Dovecot understand the password hash type that Drupal 7 is using. My example user with password Teacher1 looks like this in Drupal database: $S$DZwJa.U8HXT2PvTmwCK13rGEYEvnx5DB6/hlqnfCBum4s4U7MVWU This is not CRAM-MD5, is it? Dovecot retrieves this hash but complains that its not a recognized hash type, or that the hash is wrong, depending on if I change the default hash type in Dovecot config. Any help appreciated. This is what I get connecting to your server: Connected to stos.se. Escape character is '^]'. * OK [CAPABILITY IMAP4REV1 NAMESPACE ID AUTH=PLAIN AUTH=LOGIN UIDPLUS STARTTLS ACL METADATA] Debian-60-squeeze-64-minimal IMAP4rev1 Citadel 7.83 ready This is what I get connecting to mine: * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN AUTH=CRAM-MD5] Dovecot ready. I see no AUTH=CRAM-MD5 in capabilites of your server. Andreas
Re: [Dovecot] warning regarding quota and mboxes
Hello! Timo Sirainen t...@iki.fi wrote: On Thu, 2013-01-10 at 16:45 +0100, Andreas Meyer wrote: Hello! We drive mboxes and maildirs and the dovecot-server is running very well and everthing is fine, but I get the following warning in the dovecot-lda-errors.log when a mail is delivered to a mbox. Jan 10 16:29:24 lda(arc...@bitcorner.de): Warning: quota: Namespace '' is not Maildir, skipping for Maildir++ quota This is what I defined in the dovecot.conf: mail_home = /var/spool/vhosts/%d/%n mail_location = mbox:~/:maildir:~/ How is that setting even working? You're using some early v2.0? It's supposed to fail: # dovecot --version 2.1.7 I was told to define mail_location, if I remember right it was when I changed to dovecot-lda instead of letting postfix deliver dircetly to the maildirs and mailboxes. Error: user x: Initialization failed: Namespace '': Unknown setting: maildir I have no errors like this in the logs. Everthing is working flawless. How can I know, what namespaces are defined? # doveconf -d namespace # doveconf -n namespace give not output. I fear to do something wrong, when I define incomplete namespaces. mail_plugins = quota plugin { quota = maildir:User quota quota_rule = *:storage=500MB quota_rule2 = Trash:storage=+10%% } Can I avoid the error above somehow? Namespaces are a bit mysterious for me at the moment. Maildir++ quota works only when delivering to Maildir. If you want to use some quota backend that works with both mboxes and maildirs, you could use dict file: http://wiki2.dovecot.org/Quota/Dict ok, I'll live with the warning in the log for now. Andreas
[Dovecot] warning regarding quota and mboxes
Hello! We drive mboxes and maildirs and the dovecot-server is running very well and everthing is fine, but I get the following warning in the dovecot-lda-errors.log when a mail is delivered to a mbox. Jan 10 16:29:24 lda(arc...@bitcorner.de): Warning: quota: Namespace '' is not Maildir, skipping for Maildir++ quota This is what I defined in the dovecot.conf: mail_home = /var/spool/vhosts/%d/%n mail_location = mbox:~/:maildir:~/ mail_plugins = quota plugin { quota = maildir:User quota quota_rule = *:storage=500MB quota_rule2 = Trash:storage=+10%% } Can I avoid the error above somehow? Namespaces are a bit mysterious for me at the moment. Greetings Andreas
Re: [Dovecot] setting mail_home and vacation
Ben Morrow b...@morrow.me.uk wrote: At 12AM +0100 on 20/12/12 you (Andreas Meyer) wrote: Ben Morrow b...@morrow.me.uk wrote: Where is that user's home directory, then? (Where is its .dovecot.sieve?) That is the path that mail_home should be set to. It's /var/spool/vhosts/xyz.de/archiv . It's one file, a mbox. There is no .dovecot.sieve. This mbox is flushed various times a day by a MUA. This user archiv is a virtual user and has no home directory, just a mbox. All Dovecot users should have a unique home directory (which needs to be *a directory*, obviously, and shouldn't be the same as any of the mailbox locations). See http://wiki2.dovecot.org/VirtualUsers/Home . ok, thank you, that was an important step for the mboxes we drive! Ben Andreas
Re: [Dovecot] setting mail_home and vacation
Daniel Parthey daniel.part...@informatik.tu-chemnitz.de wrote: Where is that user's home directory, then? (Where is its .dovecot.sieve?) That is the path that mail_home should be set to. It's /var/spool/vhosts/xyz.de/archiv . It's one file, a mbox. There is no .dovecot.sieve. This mbox is flushed various times a day by a MUA. This user archiv is a virtual user and has no home directory, just a mbox. Your mail_home needs to be a directory, not a file. mbox files should be located inside a subdirectory of your mail_home. Thank you, got it! And migrated the users to the new location of the mboxes. Great! That makes everything much easier. Regards Daniel Andreas
[Dovecot] setting mail_home and vacation
Hello! dovecot version 2.1.7 I set up vacation with sieve. We have mboxes and maildirs and in dovecot.conf mail_location = mbox:/var/spool/vhosts/%d/dovecotprivate/%n:INBOX=/var/spool/vhosts/%d/%n Error: User arc...@xyz.de doesn't have home dir set, disabling duplicate database Dec 19 20:37:03 lda(arc...@xyz.de): Error: sieve: sieve script file path ~/.dovecot.sieve is relative to home directory, but home directory is not available. Dec 19 20:37:03 lda(arc...@xyz.de): Error: sieve: failed to access user's sieve script ~/.dovecot.sieve (using default script location instead) When I set mail_home = mbox:/var/spool/vhosts/%d/%n:INBOX=/var/spool/vhosts/%d/%n I get this for mboxes in the log: Error: user arc...@xyz.de: Relative home directory paths not supported: mbox:/var/spool/vhosts/xyz.de/archiv:INBOX=/var/spool/vhosts/xyz.de/archiv The .dovecot.sieve script of the user seems to be found, a vacation response is sent and the email is stored mail into mailbox 'INBOX' What is wrong? Andreas
Re: [Dovecot] setting mail_home and vacation
Ben Morrow b...@morrow.me.uk wrote: When I set mail_home = mbox:/var/spool/vhosts/%d/%n:INBOX=/var/spool/vhosts/%d/%n I get this for mboxes in the log: Error: user arc...@xyz.de: Relative home directory paths not supported: mbox:/var/spool/vhosts/xyz.de/archiv:INBOX=/var/spool/vhosts/xyz.de/archiv mail_home should be set to the path to a directory, not a mailbox location. You want just mail_home = /var/spool/vhosts/%d/%n ok, done that. I get this in Error: chdir(/var/spool/vhosts/xyz.de/archiv) failed: Not a directory Error: sieve: failed to stat sieve script: stat(/var/spool/vhosts/xyz.de/archiv/.dovecot.sieve) failed: Not a directory Error: sieve: failed to access user's sieve script ~/.dovecot.sieve (using default script location instead) I guess, this is just normal for mboxes? arc...@xyz.de is a mbox, per bcc serviced by postfix. Dovecot is interpreting the initial 'mbox:' part as the start of a relative path. Interessting, thank you! Ben Andreas
Re: [Dovecot] setting mail_home and vacation
Ben Morrow b...@morrow.me.uk wrote: mail_home = /var/spool/vhosts/%d/%n ok, done that. I get this in Error: chdir(/var/spool/vhosts/xyz.de/archiv) failed: Not a directory Error: sieve: failed to stat sieve script: stat(/var/spool/vhosts/xyz.de/archiv/.dovecot.sieve) failed: Not a directory Error: sieve: failed to access user's sieve script ~/.dovecot.sieve (using default script location instead) I guess, this is just normal for mboxes? arc...@xyz.de is a mbox, per bcc serviced by postfix. Where is that user's home directory, then? (Where is its .dovecot.sieve?) That is the path that mail_home should be set to. It's /var/spool/vhosts/xyz.de/archiv . It's one file, a mbox. There is no .dovecot.sieve. This mbox is flushed various times a day by a MUA. This user archiv is a virtual user and has no home directory, just a mbox. Ben Andreas
Re: [Dovecot] need help with dovecot-lda
Hello! Ben Morrow b...@morrow.me.uk wrote: At 5PM +0100 on 14/12/12 Andreas Meyer wrote: dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/dovecot-lda -f ${sender} -d ${recipient} What happens if you run echo foo | /usr/libexec/dovecot/dovecot-lda \ -f x...@anup.de -d x...@anup.de # id vmail uid=5000(vmail) gid=5000(vmail) Gruppen=5000(vmail) # su vmail echo foo | /usr/libexec/dovecot/dovecot-lda -f anme...@anup.de -d anme...@anup.de an empty email with 0 B gets delivered to the maildir of anme...@anup.de # echo foo | /usr/libexec/dovecot/dovecot-lda -f anme...@anup.de -d anme...@anup.de email with foo in the body is delivered to the maildir. # delta:/var/spool/vhosts/anup.de/anmeyer/new # ll insgesamt 4 -rw--- 1 vmail vmail 0 15. Dez 11:26 1355567160.M902698P23725.delta,S=0,W=0 -rw--- 1 vmail vmail 4 15. Dez 11:26 1355567171.M334599P23728.delta,S=4,W=5 in the shell (as the vmail user)? Does it fail with exit code 67? This is EX_NOUSER, and is the standard way for LDAs to signal 'I don't know how to deliver to this user'. Either x...@anup.de is not a valid address at that domain, or you haven't made the auth-userdb socket available to the vmail user. See http://wiki2.dovecot.org/LDA, under the section 'Virtual users'. I already added service auth { unix_listener auth-userdb { mode = 0600 user = vmail # User running dovecot-lda group = vmail # Or alternatively mode 0660 + dovecot-lda user in this group } } to the dovecot.conf. How does dovecot know there is a socket in /var/spool/postfix/private/dovecot? And how does dovecot-lda know to look there. Am I missunderstanding something? If I send an email from the desktop I have in the mail.log Dec 15 11:35:25 delta postfix/virtual[23910]: E0BC61B3128A: to=anme...@anup.de, relay=virtual, delay=0.18, delays=0.09/0.01/0/0.09, dsn=4.1.1, status=SOFTBOUNCE (unknown user: anme...@anup.de) and the mail is stuck in the queue # mailq -Queue ID- --Size-- Arrival Time -Sender/Recipient--- E0BC61B3128A 559 Sat Dec 15 11:35:24 anme...@anup.de (unknown user: anme...@anup.de) anme...@anup.de I am lost. I don't if the mail is handed over to dovecot-lda and if so why it can't find the passwd-file. Ben Andreas
Re: [Dovecot] need help with dovecot-lda
Hello! I already added service auth { unix_listener auth-userdb { mode = 0600 user = vmail # User running dovecot-lda group = vmail # Or alternatively mode 0660 + dovecot-lda user in this group You're supposed to understand the comments and then remove them, not copy them blindly without reading them. That's ok, I'll remove the comments. But there is no auth-userdb socket in the sockets directtory of dovecot. } } to the dovecot.conf. Well, that looks OK to me; but the only way to test it is to manually run dovecot-lda as vmail. Is there an auth-userdb socket in your dovecot sockets directory? Does it have the right permissions? No, no such socket in /var/run/dovecot # ll insgesamt 4 srwxrwxrwx 1 root root 0 8. Jun 2012 dict-server drwxr-x--- 2 root dovecot 4096 22. Jun 19:58 login How does dovecot know there is a socket in /var/spool/postfix/private/dovecot? And how does dovecot-lda know to look there. Am I missunderstanding something? Yes, you are misunderstanding something. It works (something) like this: - A mail comes in to Postfix. - Postfix decides this mail is local. - Postfix sends the mail through /var/spool/postfix/private/dovecot to a Postfix pipe(8) process on the other end. - That pipe(8) process runs dovecot-lda, as the vmail user. - dovecot-lda reads dovecot.conf. - dovecot-lda contacts the Dovecot auth process using the auth-userdb socket. - If the user exists, it delivers the mail to their mailbox. No Dovecot process needs to know anything at all about the Postfix socket, it's just for internal communication between different bits of Postfix. Have you read the Postfix documentation? Thank you for that explanation! I am lost. I don't if the mail is handed over to dovecot-lda and if so why it can't find the passwd-file. If the mail was handed over to dovecot-lda, it ought to be logging *something*. Find out where those logs should go; if they aren't appearing, you need to fix that. Syslog is IMHO a better bet than custom log files. I have a dovecot-lda-errors.log and a dovecot-lda.log # cat dovecot-lda-errors.log Dec 14 23:28:20 lda: Error: userdb lookup: connect(/var/run/dovecot/auth-userdb) failed: No such file or directory Dec 14 23:28:20 lda: Fatal: Internal error occurred. Refer to server log for more information. # echo foo | /usr/libexec/dovecot/dovecot-lda -f anme...@anup.de -d anme...@anup.de # cat dovecot-lda.log Dec 14 21:04:07 lda(anme...@anup.de): Info: sieve: msgid=unspecified: stored mail into mailbox 'INBOX' Dec 14 21:16:46 lda(anme...@anup.de): Info: sieve: msgid=unspecified: stored mail into mailbox 'INBOX' Dec 14 21:18:25 lda(anme...@anup.de): Info: sieve: msgid=unspecified: stored mail into mailbox 'INBOX' Dec 14 21:20:44 lda(anme...@anup.de): Info: sieve: msgid=unspecified: stored mail into mailbox 'INBOX' Dec 14 21:58:13 lda(anme...@anup.de): Info: sieve: msgid=unspecified: stored mail into mailbox 'INBOX' Dec 15 10:14:50 lda(anme...@anup.de): Info: sieve: msgid=unspecified: stored mail into mailbox 'INBOX' Dec 15 10:14:59 lda(anme...@anup.de): Info: sieve: msgid=unspecified: stored mail into mailbox 'INBOX' Dec 15 10:24:19 lda(anme...@anup.de): Info: sieve: msgid=unspecified: stored mail into mailbox 'INBOX' Dec 15 10:24:27 lda(anme...@anup.de): Info: sieve: msgid=unspecified: stored mail into mailbox 'INBOX' Dec 15 11:14:58 lda(anme...@anup.de): Info: sieve: msgid=unspecified: stored mail into mailbox 'INBOX' Dec 15 11:26:01 lda(anme...@anup.de): Info: sieve: msgid=unspecified: stored mail into mailbox 'INBOX' Dec 15 11:26:11 lda(anme...@anup.de): Info: sieve: msgid=unspecified: stored mail into mailbox 'INBOX' Dec 15 14:07:40 lda(anme...@anup.de): Info: sieve: msgid=unspecified: stored mail into mailbox 'INBOX' So the question is how do I get this auth-userdb socket? Ben Andreas
Re: [Dovecot] need help with dovecot-lda
Andreas Meyer anme...@anup.de wrote: Well, that looks OK to me; but the only way to test it is to manually run dovecot-lda as vmail. Is there an auth-userdb socket in your dovecot sockets directory? Does it have the right permissions? No, no such socket in /var/run/dovecot I just found out the sockets of dovecot reside in /usr/var/run/dovecot # ll insgesamt 16 srw--- 1 rootroot0 15. Dez 11:14 anvil srw--- 1 rootroot0 15. Dez 11:14 anvil-auth-penalty srw--- 1 rootroot0 15. Dez 11:14 auth-client srw--- 1 dovecot root0 15. Dez 11:14 auth-login srw--- 1 rootroot0 15. Dez 11:14 auth-master srw--- 1 vmail vmail 0 15. Dez 11:14 auth-userdb srw--- 1 dovecot root0 15. Dez 11:14 auth-worker srw--- 1 rootroot0 15. Dez 11:14 config srw--- 1 rootroot0 15. Dez 11:14 dict srw--- 1 rootroot0 15. Dez 11:14 director-admin srw-rw-rw- 1 rootroot0 15. Dez 11:14 dns-client srw--- 1 rootroot0 15. Dez 11:14 doveadm-server lrwxrwxrwx 1 rootroot 29 15. Dez 11:14 dovecot.conf - /usr/etc/dovecot/dovecot.conf drwxr-xr-x 2 rootroot 4096 8. Jun 2012 empty srw-rw-rw- 1 rootroot0 15. Dez 11:14 indexer srw--- 1 dovecot root0 15. Dez 11:14 indexer-worker srw--- 1 rootroot0 15. Dez 11:14 ipc srw-rw-rw- 1 rootroot0 15. Dez 11:14 lmtp srw--- 1 rootroot0 15. Dez 11:14 log-errors drwxr-x--- 2 rootdovenull 4096 15. Dez 11:14 login -rw--- 1 rootroot6 15. Dez 11:14 master.pid -rw-r--r-- 1 rootroot 37 15. Dez 11:14 mounts srw--- 1 rootroot0 15. Dez 11:14 replication-notify prw--- 1 rootroot0 15. Dez 11:14 replication-notify-fifo srw--- 1 dovecot root0 15. Dez 11:14 replicator srw--- 1 rootroot0 15. Dez 11:14 stats prw--- 1 rootroot0 15. Dez 11:14 stats-mail the auth-userdb is there and vmail is the owner. What problem do I have that dovecot-lda does not find the users? Andreas
Re: [Dovecot] need help with dovecot-lda
Ben Morrow b...@morrow.me.uk wrote: At 2PM +0100 on 15/12/12 Andreas Meyer wrote: [Ben Morrow wrote:] Well, that looks OK to me; but the only way to test it is to manually run dovecot-lda as vmail. Is there an auth-userdb socket in your dovecot sockets directory? Does it have the right permissions? No, no such socket in /var/run/dovecot # ll insgesamt 4 srwxrwxrwx 1 root root 0 8. Jun 2012 dict-server drwxr-x--- 2 root dovecot 4096 22. Jun 19:58 login If I were to ask 'is anything listening on those sockets?' is there any chance you could answer that? Nothing is listening on /var/run/dovecot. It must be a relict from the old version 1.x # netstat -lnp |grep dovecot tcp0 0 0.0.0.0:993 0.0.0.0:* LISTEN 25542/dovecot tcp0 0 0.0.0.0:995 0.0.0.0:* LISTEN 25542/dovecot tcp0 0 0.0.0.0:110 0.0.0.0:* LISTEN 25542/dovecot tcp0 0 0.0.0.0:143 0.0.0.0:* LISTEN 25542/dovecot tcp0 0 0.0.0.0:41900.0.0.0:* LISTEN 25542/dovecot tcp0 0 :::993 :::*LISTEN 25542/dovecot tcp0 0 :::995 :::*LISTEN 25542/dovecot tcp0 0 :::110 :::*LISTEN 25542/dovecot tcp0 0 :::143 :::*LISTEN 25542/dovecot tcp0 0 :::4190 :::*LISTEN 25542/dovecot unix 2 [ ACC ] STREAM HÖRT 3425398 24015/master private/dovecot unix 2 [ ACC ] STREAM HÖRT 3441242 25542/dovecot /usr/var/run/dovecot/login/sieve unix 2 [ ACC ] STREAM HÖRT 3441249 25542/dovecot /usr/var/run/dovecot/login/ssl-params unix 2 [ ACC ] STREAM HÖRT 3441260 25542/dovecot /usr/var/run/dovecot/login/pop3 unix 2 [ ACC ] STREAM HÖRT 3441278 25542/dovecot /usr/var/run/dovecot/login/ipc-proxy unix 2 [ ACC ] STREAM HÖRT 3441288 25542/dovecot /usr/var/run/dovecot/login/imap unix 2 [ ACC ] STREAM HÖRT 3441302 25542/dovecot /usr/var/run/dovecot/login/dns-client unix 2 [ ACC ] STREAM HÖRT 3441316 25542/dovecot /usr/var/run/dovecot/login/login unix 2 [ ACC ] STREAM HÖRT 3441246 25542/dovecot /usr/var/run/dovecot/stats unix 2 [ ACC ] STREAM HÖRT 3441253 25542/dovecot /usr/var/run/dovecot/replicator unix 2 [ ACC ] STREAM HÖRT 3441257 25542/dovecot /usr/var/run/dovecot/replication-notify unix 2 [ ACC ] STREAM HÖRT 3441268 25542/dovecot /usr/var/run/dovecot/log-errors unix 2 [ ACC ] STREAM HÖRT 3441272 25542/dovecot /usr/var/run/dovecot/lmtp unix 2 [ ACC ] STREAM HÖRT 3441276 25542/dovecot /usr/var/run/dovecot/ipc unix 2 [ ACC ] STREAM HÖRT 3441282 25542/dovecot /usr/var/run/dovecot/indexer-worker unix 2 [ ACC ] STREAM HÖRT 3441286 25542/dovecot /usr/var/run/dovecot/indexer unix 2 [ ACC ] STREAM HÖRT 3441296 25542/dovecot /usr/var/run/dovecot/doveadm-server unix 2 [ ACC ] STREAM HÖRT 3441300 25542/dovecot /usr/var/run/dovecot/dns-client unix 2 [ ACC ] STREAM HÖRT 3441306 25542/dovecot /usr/var/run/dovecot/director-admin unix 2 [ ACC ] STREAM HÖRT 3441310 25542/dovecot /usr/var/run/dovecot/dict unix 2 [ ACC ] STREAM HÖRT 3441314 25542/dovecot /usr/var/run/dovecot/config unix 2 [ ACC ] STREAM HÖRT 3441320 25542/dovecot /usr/var/run/dovecot/auth-login unix 2 [ ACC ] STREAM HÖRT 3441324 25542/dovecot /usr/var/run/dovecot/auth-client unix 2 [ ACC ] STREAM HÖRT 3441328 25542/dovecot /usr/var/run/dovecot/auth-userdb unix 2 [ ACC ] STREAM HÖRT 3441332 25542/dovecot /usr/var/run/dovecot/auth-master unix 2 [ ACC ] STREAM HÖRT 3441336 25542/dovecot /usr/var/run/dovecot/auth-worker unix 2 [ ACC ] STREAM HÖRT 3441340 25542/dovecot /usr/var/run/dovecot/anvil unix 2 [ ACC ] STREAM HÖRT 3441344 25542/dovecot /usr/var/run/dovecot/anvil-auth-penalty snip If the mail was handed over to dovecot-lda, it ought to be logging *something*. Find out where those logs should go; if they aren't appearing, you need to fix
Re: [Dovecot] need help with dovecot-lda
Ben Morrow b...@morrow.me.uk wrote: That's not where dovecot-lda is looking, at least not according to the log above. Is the vmail user able to read dovecot.conf? Do you have more than one dovecot.conf, with different settings in? I would ask you to run doveconf -m lda base_dir auth_socket_path as the vmail user, but I'm not convinced you know how. I managed to su to vmail by giving it a shell. # su - vmail vmail@delta:~ doveconf -m lda base_dir auth_socket_path base_dir = /usr/var/run/dovecot auth_socket_path = auth-userdb But I don't know how to tell dovecot-lda to listen on sockets in /usr/var/run/dovecot Ben Andreas
Re: [Dovecot] need help with dovecot-lda
Ben Morrow b...@morrow.me.uk wrote: # su - vmail vmail@delta:~ doveconf -m lda base_dir auth_socket_path base_dir = /usr/var/run/dovecot auth_socket_path = auth-userdb But I don't know how to tell dovecot-lda to listen on sockets in /usr/var/run/dovecot Do you mean 'connect to'? It's important to be clear. hm, what does dovecot-lda do? I think it tries to connect to /usr/var/run/dovecot/auth-userdb ? The first thing is to see what actually happens when you invoke dovecot-lda as vmail. Remember to check the logs as well as the mailboxes. vmail@delta:~ echo foo | /usr/libexec/dovecot/dovecot-lda -f anme...@anup.de -d anme...@anup.de The email with body foo in it is delivered to the mailbox. Dec 15 16:37:27 lda(anme...@anup.de): Info: sieve: msgid=unspecified: stored mail into mailbox 'INBOX' Sending an email from the desktop results in the same error: # mailq -Queue ID- --Size-- Arrival Time -Sender/Recipient--- CB9771B3025F 559 Sat Dec 15 16:39:48 anme...@anup.de (unknown user: anme...@anup.de) anme...@anup.de I looked at the makefiles in the sources of the installed version of dovecot and found that dovecot-lda is like everything compiled with localstatedir = ${prefix}/var rundir = ${prefix}/var/run/dovecot statedir = ${prefix}/var/lib/dovecot where prefix = /usr I don't know why dovecot-lda is not connecting? to /usr/var/run/dovecot/auth-userdb and instead uses /var/run/dovecot. I delete /var/run/dovecot meanwhile. Ben Andreas
Re: [Dovecot] need help with dovecot-lda
Hello! Daniel Parthey daniel.part...@informatik.tu-chemnitz.de wrote: Andreas Meyer wrote: Ben Morrow b...@morrow.me.uk wrote: # su - vmail vmail@delta:~ doveconf -m lda base_dir auth_socket_path base_dir = /usr/var/run/dovecot auth_socket_path = auth-userdb But I don't know how to tell dovecot-lda to listen on sockets in /usr/var/run/dovecot Do you mean 'connect to'? It's important to be clear. hm, what does dovecot-lda do? I think it tries to connect to /usr/var/run/dovecot/auth-userdb ? Try to trace the open syscalls of dovecot-lda and its children: strace -f -eopen /usr/libexec/dovecot/dovecot-lda -f anme...@anup.de -d anme...@anup.de # strace -f -eopen /usr/libexec/dovecot/dovecot-lda -f anme...@anup.de -d anme...@anup.de open(/usr/lib/dovecot/tls/i686/sse2/libdovecot-lda.so.0, O_RDONLY) = -1 ENOENT (No such file or directory) open(/usr/lib/dovecot/tls/i686/libdovecot-lda.so.0, O_RDONLY) = -1 ENOENT (No such file or directory) open(/usr/lib/dovecot/tls/sse2/libdovecot-lda.so.0, O_RDONLY) = -1 ENOENT (No such file or directory) open(/usr/lib/dovecot/tls/libdovecot-lda.so.0, O_RDONLY) = -1 ENOENT (No such file or directory) open(/usr/lib/dovecot/i686/sse2/libdovecot-lda.so.0, O_RDONLY) = -1 ENOENT (No such file or directory) open(/usr/lib/dovecot/i686/libdovecot-lda.so.0, O_RDONLY) = -1 ENOENT (No such file or directory) open(/usr/lib/dovecot/sse2/libdovecot-lda.so.0, O_RDONLY) = -1 ENOENT (No such file or directory) open(/usr/lib/dovecot/libdovecot-lda.so.0, O_RDONLY) = 3 open(/usr/lib/dovecot/libdovecot-storage.so.0, O_RDONLY) = 3 open(/usr/lib/dovecot/libdovecot.so.0, O_RDONLY) = 3 open(/usr/lib/dovecot/libc.so.6, O_RDONLY) = -1 ENOENT (No such file or directory) open(/etc/ld.so.cache, O_RDONLY) = 3 open(/lib/libc.so.6, O_RDONLY)= 3 open(/usr/lib/dovecot/librt.so.1, O_RDONLY) = -1 ENOENT (No such file or directory) open(/lib/librt.so.1, O_RDONLY) = 3 open(/usr/lib/dovecot/libssl.so.0.9.8, O_RDONLY) = -1 ENOENT (No such file or directory) open(/usr/lib/libssl.so.0.9.8, O_RDONLY) = 3 open(/usr/lib/dovecot/libcrypto.so.0.9.8, O_RDONLY) = -1 ENOENT (No such file or directory) open(/usr/lib/libcrypto.so.0.9.8, O_RDONLY) = 3 open(/usr/lib/dovecot/libz.so.1, O_RDONLY) = -1 ENOENT (No such file or directory) open(/lib/libz.so.1, O_RDONLY)= 3 open(/usr/lib/dovecot/libdl.so.2, O_RDONLY) = -1 ENOENT (No such file or directory) open(/lib/libdl.so.2, O_RDONLY) = 3 open(/lib/libpthread.so.0, O_RDONLY) = 3 open(/var/log/dovecot-lda-errors.log, O_WRONLY|O_CREAT|O_APPEND|O_LARGEFILE, 0600) = 6 open(/var/log/dovecot-lda.log, O_WRONLY|O_CREAT|O_APPEND|O_LARGEFILE, 0600) = 7 open(/usr/lib/dovecot, O_RDONLY|O_NONBLOCK|O_LARGEFILE|O_DIRECTORY) = 8 open(/usr/lib/dovecot/lib90_sieve_plugin.so, O_RDONLY) = 8 open(/usr/lib/dovecot/libdovecot-sieve.so.0, O_RDONLY) = 8 open(/var/log/dovecot-lda-errors.log, O_WRONLY|O_CREAT|O_APPEND|O_LARGEFILE, 0600) = 6 open(/var/log/dovecot-lda.log, O_WRONLY|O_CREAT|O_APPEND|O_LARGEFILE, 0600) = 7 This should give you an idea about which files dovecot-lda really tries to open. Can't really say there is something wrong. It seems to find everything it is looking for. Regards Daniel Andreas
Re: [Dovecot] need help with dovecot-lda
Ben Morrow b...@morrow.me.uk wrote: At 5PM +0100 on 15/12/12 Daniel Parthey wrote: Andreas Meyer wrote: I managed to su to vmail by giving it a shell. # su - vmail For security reasons, you should rather not give a login shell to non-interactive users. [This is good advice.] You can temporarily pass a shell to su: su -s /bin/sh - vmail That depends on your su. Mine won't do that. I believe your assumption that Andreas is on Linux, and therefore has a su that does do that, is correct, but I don't know. (I might assume that since I said earlier 'read your system's su(1)' that it doesn't; but then again I might not...) Yes it does. man su says so too. Ben
Re: [Dovecot] need help with dovecot-lda
Daniel Parthey daniel.part...@informatik.tu-chemnitz.de wrote: Andreas Meyer wrote: hm, what does dovecot-lda do? I think it tries to connect to /usr/var/run/dovecot/auth-userdb ? Try to trace the open syscalls of dovecot-lda and its children: strace -f -eopen /usr/libexec/dovecot/dovecot-lda -f anme...@anup.de -d anme...@anup.de This should give you an idea about which files dovecot-lda really tries to open. Can't really say there is something wrong. It seems to find everything it is looking for. You can also replace the -eopen with -efile to trace all file syscalls. echo foo | strace -f -efile /usr/libexec/dovecot/dovecot-lda -f anme...@anup.de -d anme...@anup.de # echo foo | strace -f -efile /usr/libexec/dovecot/dovecot-lda -f anme...@anup.de -d anme...@anup.de execve(/usr/libexec/dovecot/dovecot-lda, [/usr/libexec/dovecot/dovecot-lda, -f, anme...@anup.de, -d, anme...@anup.de], [/* 57 vars */]) = 0 access(/etc/ld.so.preload, R_OK) = -1 ENOENT (No such file or directory) open(/usr/lib/dovecot/tls/i686/sse2/libdovecot-lda.so.0, O_RDONLY) = -1 ENOENT (No such file or directory) stat64(/usr/lib/dovecot/tls/i686/sse2, 0xbf901578) = -1 ENOENT (No such file or directory) open(/usr/lib/dovecot/tls/i686/libdovecot-lda.so.0, O_RDONLY) = -1 ENOENT (No such file or directory) stat64(/usr/lib/dovecot/tls/i686, 0xbf901578) = -1 ENOENT (No such file or directory) open(/usr/lib/dovecot/tls/sse2/libdovecot-lda.so.0, O_RDONLY) = -1 ENOENT (No such file or directory) stat64(/usr/lib/dovecot/tls/sse2, 0xbf901578) = -1 ENOENT (No such file or directory) open(/usr/lib/dovecot/tls/libdovecot-lda.so.0, O_RDONLY) = -1 ENOENT (No such file or directory) stat64(/usr/lib/dovecot/tls, 0xbf901578) = -1 ENOENT (No such file or directory) open(/usr/lib/dovecot/i686/sse2/libdovecot-lda.so.0, O_RDONLY) = -1 ENOENT (No such file or directory) stat64(/usr/lib/dovecot/i686/sse2, 0xbf901578) = -1 ENOENT (No such file or directory) open(/usr/lib/dovecot/i686/libdovecot-lda.so.0, O_RDONLY) = -1 ENOENT (No such file or directory) stat64(/usr/lib/dovecot/i686, 0xbf901578) = -1 ENOENT (No such file or directory) open(/usr/lib/dovecot/sse2/libdovecot-lda.so.0, O_RDONLY) = -1 ENOENT (No such file or directory) stat64(/usr/lib/dovecot/sse2, 0xbf901578) = -1 ENOENT (No such file or directory) open(/usr/lib/dovecot/libdovecot-lda.so.0, O_RDONLY) = 3 open(/usr/lib/dovecot/libdovecot-storage.so.0, O_RDONLY) = 3 open(/usr/lib/dovecot/libdovecot.so.0, O_RDONLY) = 3 open(/usr/lib/dovecot/libc.so.6, O_RDONLY) = -1 ENOENT (No such file or directory) open(/etc/ld.so.cache, O_RDONLY) = 3 open(/lib/libc.so.6, O_RDONLY)= 3 open(/usr/lib/dovecot/librt.so.1, O_RDONLY) = -1 ENOENT (No such file or directory) open(/lib/librt.so.1, O_RDONLY) = 3 open(/usr/lib/dovecot/libssl.so.0.9.8, O_RDONLY) = -1 ENOENT (No such file or directory) open(/usr/lib/libssl.so.0.9.8, O_RDONLY) = 3 open(/usr/lib/dovecot/libcrypto.so.0.9.8, O_RDONLY) = -1 ENOENT (No such file or directory) open(/usr/lib/libcrypto.so.0.9.8, O_RDONLY) = 3 open(/usr/lib/dovecot/libz.so.1, O_RDONLY) = -1 ENOENT (No such file or directory) open(/lib/libz.so.1, O_RDONLY)= 3 open(/usr/lib/dovecot/libdl.so.2, O_RDONLY) = -1 ENOENT (No such file or directory) open(/lib/libdl.so.2, O_RDONLY) = 3 open(/lib/libpthread.so.0, O_RDONLY) = 3 open(/var/log/dovecot-lda-errors.log, O_WRONLY|O_CREAT|O_APPEND|O_LARGEFILE, 0600) = 8 open(/var/log/dovecot-lda.log, O_WRONLY|O_CREAT|O_APPEND|O_LARGEFILE, 0600) = 9 open(/usr/lib/dovecot, O_RDONLY|O_NONBLOCK|O_LARGEFILE|O_DIRECTORY) = 10 open(/usr/lib/dovecot/lib90_sieve_plugin.so, O_RDONLY) = 10 open(/usr/lib/dovecot/libdovecot-sieve.so.0, O_RDONLY) = 10 open(/var/log/dovecot-lda-errors.log, O_WRONLY|O_CREAT|O_APPEND|O_LARGEFILE, 0600) = 8 open(/var/log/dovecot-lda.log, O_WRONLY|O_CREAT|O_APPEND|O_LARGEFILE, 0600) = 9 chdir(/var/spool/vhosts/anup.de/anmeyer) = 0 stat64(/var/spool/vhosts/anup.de/anmeyer, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 open(/etc/localtime, O_RDONLY)= 11 stat64(/etc/localtime, {st_mode=S_IFREG|0644, st_size=2295, ...}) = 0 lstat64(/var/spool/vhosts/anup.de/anmeyer/.dovecot.sieve, {st_mode=S_IFLNK|0777, st_size=25, ...}) = 0 stat64(/var/spool/vhosts/anup.de/anmeyer/.dovecot.sieve, {st_mode=S_IFREG|0600, st_size=111, ...}) = 0 open(/var/spool/vhosts/anup.de/anmeyer/.dovecot.svbin, O_RDONLY|O_LARGEFILE) = 11 stat64(/var/spool/vhosts/anup.de/anmeyer/tmp, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat64(/var/spool/vhosts/anup.de/anmeyer, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat64(/var/spool/vhosts/anup.de/anmeyer, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 open(/var/spool/vhosts/anup.de/anmeyer/dovecot.index.log, O_RDWR|O_LARGEFILE) = 12 open(/var/spool/vhosts/anup.de/anmeyer/dovecot.index, O_RDWR|O_LARGEFILE) = 13 open(/var/spool/vhosts/anup.de/anmeyer/tmp/1355597452.M328355P30049.delta, O_WRONLY
Re: [Dovecot] need help with dovecot-lda
Ben Morrow b...@morrow.me.uk wrote: Sending an email from the desktop results in the same error: # mailq -Queue ID- --Size-- Arrival Time -Sender/Recipient--- CB9771B3025F 559 Sat Dec 15 16:39:48 anme...@anup.de (unknown user: anme...@anup.de) anme...@anup.de *Right*. Now we're getting somewhere: it looks like the problem is in your Postfix configuration. Create a script something like this #!/bin/sh echo --- FROM [$1] TO [$2] /tmp/lda-log /usr/bin/id /tmp/lda-log /usr/bin/env /tmp/lda-log exec /usr/libexec/dovecot/dovecot-lda -f $1 -d $2 (you may need to adjust the paths to id and env; the point is to avoid relying on $PATH) and change the master.cf entry to invoke /path/to/script ${sender} ${recipient} instead of dovecot-lda. Then deliver some mail and see what, if anything, gets written to /tmp/lda-log. Done that, made the script executable, restarted postfix and sent two mails from the desktop. The stuck in the queue, no file lda-log in /tmp. dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/etc/postfix/script.sh ${sender} ${recipient} Ben Andreas
Re: [Dovecot] need help with dovecot-lda
Ben Morrow b...@morrow.me.uk wrote: dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/etc/postfix/script.sh ${sender} ${recipient} OK, then I think the problem is entirely on the Postfix side: it's not even attempting to deliver the mail to Dovecot. You need to ask on a Postfix list. And finally I think I found the problem. There is a transportmap in postfix integrated that says: anup.devirtual .anup.de virtual I chanched this to anup.dedovecot .anup.de dovecot and mail gets delivered. Even when I comment that map, mail is delivered because of virtual_transport = dovecot. Mail never reached the service dovecot because of that transportmap. You are so great! Thank you all for being so patient and for your help! Now I can go on. Ben Andreas
Re: [Dovecot] need help with dovecot-lda
Ben Morrow b...@morrow.me.uk wrote: And finally I think I found the problem. There is a transportmap in postfix integrated that says: anup.devirtual .anup.de virtual I chanched this to anup.dedovecot .anup.de dovecot and mail gets delivered. Even when I comment that map, mail is delivered because of virtual_transport = dovecot. Mail never reached the service dovecot because of that transportmap. Before you go any further, please put the virtual_mailbox_maps parameter back with a map of the valid virtual addresses. Otherwise you'll become a backscatter source. Do you mean the old virtual_mailbox_maps = hash:/etc/postfix/vmailbox ? But wouldn't that mean I have to care for two user files? vmailbox and the passwd-file of dovecot? Ben Andreas
Re: [Dovecot] need help with dovecot-lda
Ben Morrow b...@morrow.me.uk wrote: At 9PM +0100 on 15/12/12 Andreas Meyer wrote: Ben Morrow b...@morrow.me.uk wrote: Before you go any further, please put the virtual_mailbox_maps parameter back with a map of the valid virtual addresses. Otherwise you'll become a backscatter source. Do you mean the old virtual_mailbox_maps = hash:/etc/postfix/vmailbox ? But wouldn't that mean I have to care for two user files? vmailbox and the passwd-file of dovecot? It doesn't matter how you do it, but you need to reject invalid users during the SMTP transaction rather than allowing the mail to bounce later. (This is really basic stuff: have you read through the Postfix documentation? It make this pretty clear.) Yes, this is clear to me and I also read through the dovecot-wiki a bit and especially LDA and LDA-Posfix. ;) If you're using a passwd-file userdb in Dovecot, you need to write a script to convert it to a Postfix map, and make sure that script gets run whenever the source file is updated. (Makefiles are good for that sort of thing.) Alternatively, you could switch to keeping your userdb in an SQL or LDAP database, and have Postfix query it directly. If all else fails, you can arrange to pass the output of 'doveadm user *' to postmap, though depending on your Dovecot setup you may need to append a domain. Thank you for your hints, Ben! I am glad I have that thing up and running at least. And I already converted the old vmailbox file that postfix used to a new one with the valid users so postfix knows them too. Thinking about SQL or LDAP database is one of the next steps I am considering. We don't have that much users and taking care of them is not that much work. Next thing is I want to implement Quota. We are running users with maildir and mboxes. And of course I want to realize sieve filtering soon or later. I am glad I got this right now with your help. And learned much again. Ben Andreas
[Dovecot] need help with dovecot-lda
Hello all! Some month ago I upgraded our dovecot installation from version 1.0.5 to version 2.1.7 without having any trouble. Postfix is delivering email directly per virtual transport to the maildirs and mailboxes of the users in /var/spool/vhosts/domains/ Now I want to use dovecot-lda and created a new entry in the master.cf of postfix. dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/dovecot-lda -f ${sender} -d ${recipient} It is not clear to me, how the dovecot-lda is started bei dovecot and you it finds the socket dovecot postfix created. The dovecot.conf looks like this; # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 2.6.22.5-31-bigsmp i686 openSUSE 10.3 (i586) ext3 auth_verbose = yes disable_plaintext_auth = no log_path = /var/log/dovecot1 mail_location = mbox:/var/spool/vhosts/%d/dovecotprivate/%n:INBOX=/var/spool/vhosts/%d/%n !include /etc/dovecot/conf.d/*.conf passdb { args = /etc/dovecot/passwd driver = passwd-file } userdb { args = /etc/dovecot/passwd driver = passwd-file } ssl_cert = /etc/dovecot/ssl/hostcert.pem ssl_key = /etc/dovecot/ssl/hostkey.pem #verbose_ssl = yes plugin { quota = maildir:User quota quota_rule = *:storage=500MB # 10% of 1GB = 100MB quota_rule2 = Trash:storage=+10%% # 20% of 1GB = 200MB # quota_rule3 = Spam:storage=+20%% autocreate = Trash autocreate2 = Drafts autocreate3 = Sent autosubscribe = Trash autosubscribe2 = Drafts autosubscribe3 = Sent } I set soft_bounce = yes in main.cf of postfix and delivery of mail fails with Dec 14 16:13:34 delta postfix/virtual[14082]: BBC0F1B31294: to=x...@anup.de, relay=virtual, delay=395, delays=395/0.01/0/0.13, dsn=4.1.1, status=SOFTBOUNCE (unknown user: x...@anup.de) This is the relevant part of the main.cf: dovecot_destination_recipient_limit = 1 virtual_mailbox_domains = anup.de bit-corner.de bitcorner.de baubetreuung-meyer.de saxelektro.de virtual_mailbox_base = /var/spool/vhosts #virtual_mailbox_maps = hash:/etc/postfix/vmailbox #virtual_minimum_uid = 100 #virtual_uid_maps = static:5000 #virtual_gid_maps = static:5000 virtual_mailbox_limit = 524288000 virtual_transport = dovecot I don't get it right. As far as I understand postfix uses virtual_transport = dovecot and hands the mail over to the socket dovecot. But how does dovecot know where to look for the socket. I am missing somthing but don't know what. Any help is appreciated! Andreas
Re: [Dovecot] need help with dovecot-lda
Hello! Ben Morrow b...@morrow.me.uk wrote: At 5PM +0100 on 14/12/12 Andreas Meyer wrote: Some month ago I upgraded our dovecot installation from version 1.0.5 to version 2.1.7 without having any trouble. Postfix is delivering email directly per virtual transport to the maildirs and mailboxes of the users in /var/spool/vhosts/domains/ Now I want to use dovecot-lda and created a new entry in the master.cf of postfix. dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/dovecot-lda -f ${sender} -d ${recipient} It is not clear to me, how the dovecot-lda is started bei dovecot and you it finds the socket dovecot postfix created. The process listening on that 'dovecot' pipe is a Postfix pipe(8) process. When a delivery request comes in from elsewhere in Postfix, it invokes /usr/libexec/dovecot/dovecot-lda as a new child process. This new lda process will contact the dovecot-auth service if it needs to, but is otherwise not connected to the running Dovecot server at all. If you want Dovecot to listen for deliveries (which has some efficiency advantages), you want to use LMTP. I set soft_bounce = yes in main.cf of postfix and delivery of mail fails with Dec 14 16:13:34 delta postfix/virtual[14082]: BBC0F1B31294: to=x...@anup.de, relay=virtual, delay=395, delays=395/0.01/0/0.13, dsn=4.1.1, status=SOFTBOUNCE (unknown user: x...@anup.de) What happens if you run echo foo | /usr/libexec/dovecot/dovecot-lda \ -f x...@anup.de -d x...@anup.de in the shell (as the vmail user)? Does it fail with exit code 67? This is EX_NOUSER, and is the standard way for LDAs to signal 'I don't know how to deliver to this user'. Either x...@anup.de is not a valid address at that domain, or you haven't made the auth-userdb socket available to the vmail user. See http://wiki2.dovecot.org/LDA, under the section 'Virtual users'. I did this in the shell: delta:/ # su vmail delta:/ # whoami root delta:/ # echo test | /usr/libexec/dovecot/dovecot-lda -f anme...@anup.de -d anme...@anup.de and the mail was delivered to the mailbox without error. Maybe the vmail user is the problem? When I send an email from my desktop I get this in the mail.log: Dec 14 21:19:42 delta postfix/virtual[16185]: A6E511B3128A: to=anme...@anup.de, relay=virtual, delay=0.15, delays=0.08/0.01/0/0.06, dsn=4.1.1, status=SOFTBOUNCE (unknown user: anme...@anup.de) The line of the /etc/shadow for vmail looks like this: vmail::13940:0:9:7::: Why is root not switching to vmail? May vmail be the problem? delta:/ # id vmail uid=110(vmail) gid=110(vmail) Gruppen=110(vmail) Andreas
[Dovecot] imap_idle_notify_interval
Hi! I want to change the imap_idle_notify_interval t0 29 minutes and have edited the 20-imap.conf with imap_idle_notify_interval = 29 mins and restarted the server. doveconf -n shows me this: protocol imap { imap_idle_notify_interval = 29 mins mail_max_userip_connections = 10 mail_plugins = quota imap_quota autocreate } doveconf |grep idle shows me the following output: default_idle_kill = 1 mins imap_idle_notify_interval = 2 mins mailbox_idle_check_interval = 30 secs idle_kill = 0 idle_kill = 4294967295 secs idle_kill = 0 idle_kill = 0 idle_kill = 0 idle_kill = 0 idle_kill = 4294967295 secs idle_kill = 0 idle_kill = 0 idle_kill = 0 idle_kill = 0 idle_kill = 0 idle_kill = 0 idle_kill = 0 idle_kill = 0 idle_kill = 4294967295 secs idle_kill = 0 idle_kill = 0 idle_kill = 0 idle_kill = 0 idle_kill = 4294967295 secs idle_kill = 0 idle_kill = 4294967295 secs imap_idle_notify_interval = 29 mins I see two line of imap_idle_notify_interval. What is the right one? Greetings Andreas
Re: [Dovecot] imap_idle_notify_interval
Hi! Timo Sirainen t...@iki.fi wrote: On 11.9.2012, at 17.00, Andreas Meyer wrote: protocol imap { imap_idle_notify_interval = 29 mins mail_max_userip_connections = 10 mail_plugins = quota imap_quota autocreate } doveconf |grep idle shows me the following output: imap_idle_notify_interval = 2 mins imap_idle_notify_interval = 29 mins I see two line of imap_idle_notify_interval. What is the right one? One is used by IMAP processes, the other is used by non-IMAP processes. Of course, non-IMAP processes don't use that setting. So everthing is fine and the imap_idle_notify_interval = 29 mins Thank you! Andreas
Re: [Dovecot] v2.0.21 released
Timo Sirainen t...@iki.fi wrote: http://dovecot.org/releases/2.0/dovecot-2.0.21.tar.gz http://dovecot.org/releases/2.0/dovecot-2.0.21.tar.gz.sig + dict: file backend supports now also fcntl/flock locking optionally - imap-login: Memory leak fixed - imap: Non-UTF8 input on SEARCH command parameters could have crashed - auth: Fixed crash with DIGEST-MD5 when attempting to do master user login without master passdbs. - sdbox: Don't use more fds than necessary when copying mails. - mdbox kept the user's storage locked a bit longer than it needed to Please can some soul explain the naming conventions used to release this software? Tue Jun 12 00:51:56 EEST 2012 Released v2.0.21. Tue May 29 22:24:49 EEST 2012 Released v2.1.7. I don't understand the numbering. Andreas
Re: [Dovecot] per user quota
Daniel Parthey daniel.part...@informatik.tu-chemnitz.de wrote: Hello Andreas, Andreas Meyer wrote: I activated quota plugin { quota = maildir:User quota quota_rule = *:storage=1GB # 10% of 1GB = 100MB quota_rule2 = Trash:storage=+10%% } But when I want to do per user quota in the passwd-file ...vhosts/anup.de/anmeyer::userdb_mail=maildir:~/userdb_quota_rule=*:bytes=10G It looks like you are at least missing a space between userdb_mail=maildir:~/ and userdb_quota_rule. Wow, great! The space was missing and now it works. You forgot to attach your doveconf -n output. ok, next time. Regards, Daniel Andreas
[Dovecot] upgrade from 1.0.5 to 2.1.7
Hello! I want to upgrade the docevot-installation from v 1.0.5 to 2.1..7 Now I get the following executing doveconf -n -c /etc/dovecot/dovecot.conf /home/mail1/dovecot-2.conf doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:217: add auth_ prefix to all settings inside auth {} and remove the auth {} section completely doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:219: passdb passwd-file {} has been replaced by passdb { driver=passwd-file } doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:222: userdb passwd-file {} has been replaced by userdb { driver=passwd-file } The section at line 217 looks like this: auth default { mechanisms = plain passdb passwd-file { args = /etc/dovecot/passwd } userdb passwd-file { args = /etc/dovecot/passwd } How do I change it to fullfill the new needs? And how do I handle line 217? add auth_ prefix to all settings inside auth {} and remove the auth {} section completely ? Thanks for help! Andreas
Re: [Dovecot] upgrade from 1.0.5 to 2.1.7
Reindl Harald h.rei...@thelounge.net wrote: Am 08.06.2012 13:05, schrieb Andreas Meyer: I want to upgrade the docevot-installation from v 1.0.5 to 2.1..7 Now I get the following executing doveconf -n -c /etc/dovecot/dovecot.conf /home/mail1/dovecot-2.conf doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:217: add auth_ prefix to all settings inside auth {} and remove the auth {} section completely doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:219: passdb passwd-file {} has been replaced by passdb { driver=passwd-file } doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:222: userdb passwd-file {} has been replaced by userdb { driver=passwd-file } The section at line 217 looks like this: auth default { mechanisms = plain passdb passwd-file { args = /etc/dovecot/passwd } userdb passwd-file { args = /etc/dovecot/passwd } How do I change it to fullfill the new needs? And how do I handle line 217? add auth_ prefix to all settings inside auth {} and remove the auth {} section completely what exactly are you not understanding here? this is a very clear message I find the message very confusing. It says to do all settings inside auth {} and then to remove the auth {} section. With v1.0.5 I do have an auth default {} section and a section ## Authentication processes. below a partly output from a working 2.1.7 auth_mechanisms= CRAM-MD5 DIGEST-MD5 APOP LOGIN PLAIN auth_worker_max_count = 100 auth_cache_size= 32768 auth_cache_ttl = 1800 auth_cache_negative_ttl= 1800 auth_username_chars= abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@% auth_username_translation = %@AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz auth_debug = no auth_debug_passwords = no auth_verbose = no Thank you! I found section ## Authentication processes but when I add auth_passdb { args = /etc/dovecot/passwd driver = passwd-file } auth_userdb { args = /etc/dovecot/passwd driver = passwd-file } I get an error: doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf line 709: Unknown setting: auth_passdb Where do I put the passdb and userdb sections? Andreas
Re: [Dovecot] upgrade from 1.0.5 to 2.1.7
Reindl Harald h.rei...@thelounge.net wrote: The section at line 217 looks like this: auth default { mechanisms = plain passdb passwd-file { args = /etc/dovecot/passwd } userdb passwd-file { args = /etc/dovecot/passwd } How do I change it to fullfill the new needs? And how do I handle line 217? add auth_ prefix to all settings inside auth {} and remove the auth {} section completely what exactly are you not understanding here? this is a very clear message I find the message very confusing. It says to do all settings inside auth {} and then to remove the auth {} section. no, it says you should MOVE all settings OUT from auth {} in the main part and add a prefix auth_ to them you quoted your auth{} section in a pure 2.x setup this would not exist I get this output when I move the passwd settings to the main section: # doveconf -n -c /etc/dovecot/dovecot.conf /home/mail1/dovecot-2.conf doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf line 710: Unknown setting: auth_passdb Also if I use !include /etc/dovecot/auth-passwdfile.conf in the main section, the auth-passwdfile.conf weems to be ignored. It has the following content: passdb { driver = passwd-file #args = scheme=CRYPT username_format=%u /etc/dovecot/passwd args = /etc/dovecot/passwd } userdb { driver = passwd-file #args = username_format=%u /etc/dovecot/passwd args = /etc/dovecot/passwd # Default fields that can be overridden by passwd-file #default_fields = quota_rule=*:storage=1G # Override fields from passwd-file #override_fields = home=/home/virtual/%u } I don't know where to put the passwd section. Andreas
Re: [Dovecot] upgrade from 1.0.5 to 2.1.7
Reindl Harald h.rei...@thelounge.net wrote: Am 08.06.2012 16:50, schrieb Andreas Meyer: Reindl Harald h.rei...@thelounge.net wrote: you quoted your auth{} section in a pure 2.x setup this would not exist I get this output when I move the passwd settings to the main section: # doveconf -n -c /etc/dovecot/dovecot.conf /home/mail1/dovecot-2.conf doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf line 710: Unknown setting: auth_passdb because this does not belong here consider take a look at dovecot2 manuals http://wiki2.dovecot.org/AuthDatabase/ http://wiki2.dovecot.org/AuthDatabase/PasswdFile thanks again! I think I got this one right now. I risked to restat dovecot with the new version and got this in the logfile now: Jun 08 17:20:19 imap: Error: dlopen(/usr/lib/dovecot/modules/imap/lib10_quota_plugin.so) failed: /usr/lib/dovecot/modules/imap/lib10_quota_plugin.so: undefined symbol: mail_storage_module_id Jun 08 17:20:19 imap: Fatal: Couldn't load required plugins Jun 08 17:20:19 imap-login: Warning: SSL alert: where=0x4008, ret=256: warning close notify [84.179.59.203] The /usr/lib/dovecot/modules/imap/lib10_quota_plugin.so is a symlink to /usr/lib/dovecot/modules/lib10_quota_plugin.so What can I do? Wouldn't it be great to get the new dovecot working with my users and the old passwd file? Andreas
Re: [Dovecot] upgrade from 1.0.5 to 2.1.7
Timo Sirainen t...@iki.fi wrote: On 8.6.2012, at 14.05, Andreas Meyer wrote: I want to upgrade the docevot-installation from v 1.0.5 to 2.1..7 Now I get the following executing doveconf -n -c /etc/dovecot/dovecot.conf /home/mail1/dovecot-2.conf Didn't this command produce a working dovecot-2.conf file? If not, it's probably a bug. Yes, it did. I was wondering, it just containes a few lines. ;) Took it and placed it in /usr/etc as dovecot.conf. But then I got this error with the quota_plugin, see they other thread. doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:217: add auth_ prefix to all settings inside auth {} and remove the auth {} section completely doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:219: passdb passwd-file {} has been replaced by passdb { driver=passwd-file } doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:222: userdb passwd-file {} has been replaced by userdb { driver=passwd-file } .. How do I change it to fullfill the new needs? doveconf should have done all of those changes for you and placed them to dovecot-2.conf Yes, it did. Andreas
Re: [Dovecot] upgrade from 1.0.5 to 2.1.7
Timo Sirainen t...@iki.fi wrote: On 8.6.2012, at 18.36, Andreas Meyer wrote: Jun 08 17:20:19 imap: Error: dlopen(/usr/lib/dovecot/modules/imap/lib10_quota_plugin.so) failed: /usr/lib/dovecot/modules/imap/lib10_quota_plugin.so: What can I do? Wouldn't it be great to get the new dovecot working with my users and the old passwd file? The quota plugin isn't against the same version of Dovecot.. So you have two Dovecot versions now somehow all mixed up. One solution would be to delete all files related to Dovecot and install 2.1.7 again. I wonder ./configure, make and make install went through, but for some reason the /usr/lib/dovecot/modules directory was not updated. Could it be because there was the old version 1.0.5 still running while installing the new one? I'll try to do a make install again while the dovecot is stopped and then start the new version and see what happens. Andreas
Re: [Dovecot] upgrade from 1.0.5 to 2.1.7
Reindl Harald h.rei...@thelounge.net wrote: I wonder ./configure, make and make install went through, but for some reason the /usr/lib/dovecot/modules directory was not updated. Could it be because there was the old version 1.0.5 still running while installing the new one? ouch - why are you doing such rough installs instead taking some time to learn how to build packages for your OS? the benefit of package-systems like rpm/deb is that obsolete files are removed on updates and you have clean installs over many years and major upgrades of any software as example for FedoraRHEL it is quite easy to setup rpmbuild, install a recent src.rpm and replace rebuild new versions for older releases the additional benefit is that you can do this on a dedicated virtual machine with devel-packages, GCC and so on which is all not needed on the production systems AND you can easily use this packages on testing machines followed by a crontrolled rollout even for software with a handful of scripts - on my servers and workstations NEVER get any software installed without a package and there are only two exceptions: VMware Workstation and ZendStudio ;-) I never ever built a rpm using sources since years. I always build and install from the sources. So ok, made a fresh make install and found out that the directory /usr/lib/dovecot/modules and its contents were not created after deleting manually the old /usr/lib/dovecot directory. Got this snipped from the make install output: make[4]: Leaving directory `/home/mail1/dovecot-2.1.7/src/plugins/imap-stats' make[3]: Leaving directory `/home/mail1/dovecot-2.1.7/src/plugins/imap-stats' Making install in trash make[3]: Entering directory `/home/mail1/dovecot-2.1.7/src/plugins/trash' make[4]: Entering directory `/home/mail1/dovecot-2.1.7/src/plugins/trash' make[4]: Für das Ziel »install-exec-am« ist nichts zu tun. test -z /usr/lib/dovecot || /bin/mkdir -p /usr/lib/dovecot /bin/sh ../../../libtool --mode=install /usr/bin/install -c lib11_trash_plugin.la '/usr/lib/dovecot' libtool: install: warning: relinking `lib11_trash_plugin.la' libtool: install: (cd /home/mail1/dovecot-2.1.7/src/plugins/trash; /bin/sh /home/mail1/dovecot-2.1.7/libtool --tag CC --mode=relink gcc -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -module -avoid-version -o lib11_trash_plugin.la -rpath /usr/lib/dovecot trash-plugin.lo ../quota/lib10_quota_plugin.la -lrt ) *** Warning: Linking the shared library lib11_trash_plugin.la against the loadable module *** lib10_quota_plugin.so is not portable! libtool: relink: gcc -shared -fPIC -DPIC .libs/trash-plugin.o -Wl,-rpath -Wl,/usr/lib/dovecot -L/usr/lib/dovecot -l10_quota_plugin -lrt -O2 -Wl,-soname -Wl,lib11_trash_plugin.so -o .libs/lib11_trash_plugin.so libtool: install: /usr/bin/install -c .libs/lib11_trash_plugin.soT /usr/lib/dovecot/lib11_trash_plugin.so libtool: install: /usr/bin/install -c .libs/lib11_trash_plugin.lai /usr/lib/dovecot/lib11_trash_plugin.la libtool: install: /usr/bin/install -c .libs/lib11_trash_plugin.a /usr/lib/dovecot/lib11_trash_plugin.a libtool: install: chmod 644 /usr/lib/dovecot/lib11_trash_plugin.a libtool: install: ranlib /usr/lib/dovecot/lib11_trash_plugin.a libtool: finish: PATH=/usr/local/bin:/usr/bin:/sbin:/usr/sbin:/bin:/usr/X11R6/bin:/usr/games:/usr/lib/mit/bin:/usr/lib/mit/sbin:/sbin ldconfig -n /usr/lib/dovecot Andreas
Re: [Dovecot] upgrade from 1.0.5 to 2.1.7
Reindl Harald h.rei...@thelounge.net wrote: ;-) I never ever built a rpm using sources since years. I always build and install from the sources a good time to start again :-) i missed to tell another benefit: you have to specify every installed file in the %files section, so you are aware of changes in any folder-structure, as long it builds wtihout complaining with a new source-version you can be pretty sure all is sane this time virtualization is a real improvement * build packages outside production environment * provide local repos in the own LAN * setup testing machins with real data * test upgrades with real data in this life i will never ever setup a server on bare metal without having VMware ESXi as backend (clone, snapshots..) I have that beast running. There was an entry in the docecot.conf like this, created by doveconf -n -c /etc/dovecot/dovecot.conf /home/mail1/dovecot-2.conf protocol imap { mail_plugin_dir = /usr/lib/dovecot/modules/imap mail_plugins = quota imap_quota } protocol pop3 { mail_plugin_dir = /usr/lib/dovecot/modules/pop3 mail_plugins = quota pop3_uidl_format = %08Xu%08Xv } I commented it out and I can retrieved mail furthermore. :-) Now I want to install dovecot-2.1-pigeonhole-0.3.1 to get sieve running. Thank you everybody for the help and that great piece of software! Andreas
[Dovecot] per user quota
Hello! I activated quota plugin { quota = maildir:User quota quota_rule = *:storage=1GB # 10% of 1GB = 100MB quota_rule2 = Trash:storage=+10%% } But when I want to do per user quota in the passwd-file ...vhosts/anup.de/anmeyer::userdb_mail=maildir:~/userdb_quota_rule=*:bytes=10G I get this in the logfile and can't login: Jun 08 22:25:52 imap(anme...@anup.de): Error: user anme...@anup.de: Initialization failed: Initializing mail storage from mail_location setting failed: Unknown setting: bytes Jun 08 22:25:52 imap(anme...@anup.de): Error: Invalid user settings. Refer to server log for more information. Same with 'storage' in the passwd-file. What's wrong? Andreas
[Dovecot] sieve with dovecot v1.x
Hello! Is there a chance to have sieve working with dovecot version 1.0.5? /usr/lib/dovecot looks like this: -rwxr-xr-x 1 root root 43932 22. Sep 2007 checkpassword-reply -rwxr-xr-x 1 root root 538996 22. Sep 2007 deliver -rwxr-xr-x 1 root root 127728 22. Sep 2007 dict -rwxr-xr-x 1 root root 270248 22. Sep 2007 dovecot-auth -rwxr-xr-x 1 root root 43952 22. Sep 2007 gdbhelper -rwxr-xr-x 1 root root 48080 22. Sep 2007 idxview -rwxr-xr-x 1 root root 596364 22. Sep 2007 imap -rwxr-xr-x 1 root root 135912 22. Sep 2007 imap-login -rwxr-xr-x 1 root root 43952 22. Sep 2007 logview drwxr-xr-x 5 root root 4096 23. Dez 2008 modules -rwxr-xr-x 1 root root 529512 22. Sep 2007 pop3 -rwxr-xr-x 1 root root 127660 22. Sep 2007 pop3-login -rwxr-xr-x 1 root root 69056 22. Sep 2007 rawlog -rwxr-xr-x 1 root root 134748 22. Sep 2007 sievec -rwxr-xr-x 1 root root 68748 22. Sep 2007 sieved -rwxr-xr-x 1 root root 44116 22. Sep 2007 ssl-build-param so there is a sievec and a sieved, but in the dovecot.conf there is no mention about sieve. I would compile the latest version of dovecot if I knew, how the running 1.0.5 was built. I need it for an openSUSE 10.3 Kind regards Andreas
Re: [Dovecot] sieve with dovecot v1.x
Hello! Stephan Bosch step...@rename-it.nl wrote: On 6/2/2012 1:43 PM, Andreas Meyer wrote: Hello! Is there a chance to have sieve working with dovecot version 1.0.5? Yes, the old CMUSieve plugin should work for that. By the looks of it, it is already installed, so you'll only need to configure it: http://wiki1.dovecot.org/LDA/Sieve/CMU#Configuring Ok, I have done that. How can I know, if sieve now works with dovecot? When I login with roundcube, in the settings I have a Filter-Tab but when I click on it it says not possible to connect to server or somesuch. Regards, Stephan. Andreas
Re: [Dovecot] sieve with dovecot v1.x
Hello! Stephan Bosch step...@rename-it.nl wrote: Oh, you didn't mention using RoundCube earlier. That implies the need of ManageSieve. You'll need to configure the following as well: http://wiki1.dovecot.org/ManageSieve Your earlier directory listing indicates that it is not installed on your system; the managesieve and managesieve-login binaries would be located there if it were. Check whether that version of opensuse has a package for dovecot-managesieve or compile it yourself if it is missing. If that is difficult, the following could be an alternative: http://www.gitorious.net/pysieved/pages/Home I think pysieved is the only chance I have. I have installed it and activated by xinetd. But now I have the problem that the dovecot.conf says: auth default { mechanisms = plain passdb passwd-file { args = /etc/dovecot/passwd } and the install howto of pysieved says: auth default { socket listen { client { path = /var/run/dovecot/auth-client mode = 0666 } } } pysieved.ini : [Dovecot] mux = /var/run/dovecot/auth-client what can I do now? Regards, Stephan. Andreas
Re: [Dovecot] dovecot with IMAP and POP3 mixed
Hello! Mark Sapiro m...@msapiro.net schrieb: On Sun, Mar 22, 2009 at 12:27:54PM +0100, Andreas Meyer wrote: Yes, this is what I get too and the default_folder_prefix is empty. I run dovecot with pop3, imap and squirrelmail with no problems. The major difference I see between your dovecot -n and mine other than the fact that you have 1.0.5 and I have 1.2.beta3 is that I have Yes, this is a SuSE-rpm from openSuSE10.3 mail_location: mbox:~/Mail:INBOX=/var/spool/mail/%u In other words, I specify one file for the INBOX and another directory for everything else. I don't think this works with maildir though. I have the beast running. I found out that I had to create a directory where dovecot can write indexes and such things to. # dovecot -n # 1.0.5: /etc/dovecot/dovecot.conf log_path: /var/log/dovecot1 protocols: imap imaps pop3 ssl_disable: yes disable_plaintext_auth: no login_dir: /var/run/dovecot/login login_executable(default): /usr/lib/dovecot/imap-login login_executable(imap): /usr/lib/dovecot/imap-login login_executable(pop3): /usr/lib/dovecot/pop3-login mail_location: mbox:/var/spool/vhosts/%d/dovecotprivate/%n:INBOX=/var/spool/vhosts/%d/%n mail_debug: yes mail_executable(default): /usr/lib/dovecot/imap mail_executable(imap): /usr/lib/dovecot/imap mail_executable(pop3): /usr/lib/dovecot/pop3 mail_plugin_dir(default): /usr/lib/dovecot/modules/imap mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3 pop3_uidl_format(default): pop3_uidl_format(imap): pop3_uidl_format(pop3): %08Xu%08Xv auth default: passdb: driver: passwd-file args: /etc/dovecot/passwd userdb: driver: passwd-file args: /etc/dovecot/passwd So in dovecotprivate directories for the indexes are stored for mbox-users. This works, I had to set permissions to 777 for dovecotprivate so that dovecot can write into it. I don't know if this is a security-risk. The /etc/dovecot/passwd then looks like this: # anup.de (maildir) m...@anup.de:{PLAIN}passwd:5000:5000::/var/spool/vhosts/anup.de/mail::userdb_mail=maildir:~/ u...@anup.de:{PLAIN}passwd:5000:5000::/var/spool/vhosts/anup.de/user::userdb_mail=maildir:~/ # anup.de (mbox) us...@anup.de:{PLAIN}passwd7:5000:5000 us...@anup.de:{PLAIN}passwd8:5000:5000 Works great and dovecot can handle both maildir and mbox for one domain. And this solved also the problem with Squirrelmail. The setup is not fully testet yet. Thank you all! -- Andreas Meyer A man, a miss, a car -- a curve, He kissed the miss and missed the curve -- Burma Shave (1948) Mein öffentlicher GPG-Schlüssel unter: http://gpg-keyserver.de/pks/lookup?search=anmeyerfingerprint=onop=index
Re: [Dovecot] dovecot with IMAP and POP3 mixed
Hello! Seth Mattinen se...@rollernet.us schrieb: Bill Cole wrote: There *should* be some way to make SquirrelMail stop trying to create its folders under INBOX, but I have no idea if there actually *is* one. Some IMAP servers only allow the creation of folders as children of INBOX, and as a result some (broken) IMAP clients only know how to create folders that way. You can accommodate such software in Dovecot by using namespaces. Run the squirrelmail configure program and change the default folder prefix to blank under folder defaults. The default folder prefix is empty. ~Seth -- Andreas Meyer A man, a miss, a car -- a curve, He kissed the miss and missed the curve -- Burma Shave (1948) Mein öffentlicher GPG-Schlüssel unter: http://gpg-keyserver.de/pks/lookup?search=anmeyerfingerprint=onop=index