permissions for quota-status

[Andreas Meyer via dovecot]

Hello!

doveconf --version 2.2.36

I want to move to a new server with dovecot but get an error
Error: service(quota-status): listen(*, 12340) failed: Permission denied

when I define

service quota-status {
executable = quota-status -p postfix
inet_listener {
port = 12340
}
client_limit = 1
}

private]# ll
insgesamt 0
srw-rw-rw-. 1 postfix postfix 0 14. Apr 15:05 anvil
srw-rw-rw-. 1 postfix postfix 0 14. Apr 15:05 bounce
srw-rw-rw-. 1 postfix postfix 0 14. Apr 15:05 defer
srw-rw-rw-. 1 postfix postfix 0 14. Apr 15:05 discard
srw---. 1 postfix postfix 0 14. Apr 15:08 dovecot-lmtp
srw-rw-rw-. 1 postfix postfix 0 14. Apr 15:05 error
srw-rw-rw-. 1 postfix postfix 0 14. Apr 15:05 lmtp
srw-rw-rw-. 1 postfix postfix 0 14. Apr 15:05 local
srw-rw-rw-. 1 postfix postfix 0 14. Apr 15:05 proxymap
srw-rw-rw-. 1 postfix postfix 0 14. Apr 15:05 proxywrite
srw-rw. 1 postfix postfix 0 14. Apr 14:58 quota-status
srw-rw-rw-. 1 postfix postfix 0 14. Apr 15:05 relay
srw-rw-rw-. 1 postfix postfix 0 14. Apr 15:05 retry
srw-rw-rw-. 1 postfix postfix 0 14. Apr 15:05 rewrite
srw-rw-rw-. 1 postfix postfix 0 14. Apr 15:05 scache
srw-rw-rw-. 1 postfix postfix 0 14. Apr 15:05 smtp
srw-rw-rw-. 1 postfix postfix 0 14. Apr 15:05 tlsmgr
srw-rw-rw-. 1 postfix postfix 0 14. Apr 15:05 trace
srw-rw-rw-. 1 postfix postfix 0 14. Apr 15:05 verify
srw-rw-rw-. 1 postfix postfix 0 14. Apr 15:05 virtual

Don't know what's wrong. Can someone help?

Kind regards

  Andreas
-- 
PGP-Fingerprint: D392 5D21 0299 63D7 5BAE 4562 1E56 B2EA 81A2 59F1


pgpKO0kF7L5_K.pgp
Description: Digitale Signatur von OpenPGP

Re: Problem with different certificates

[Andreas Meyer]

Hello!

Greg Wildman  schrieb am 27.12.18 um 11:21:55 Uhr:

> What problem are you seeing? It uses the correct SSL certs when I
> connect.
> 
> prompt> gnutls-cli --port 993 mail.nimmini.de  
> Processed 149 CA certificate(s).
> Resolving 'mail.nimmini.de:993'...
> Connecting to '46.38.231.143:993'...
> - Certificate type: X.509
> - Got a certificate list of 2 certificates.
> - Certificate[0] info:
>  - subject `CN=nimmini.de', issuer `CN=Let's Encrypt Authority X3,O=Let's 
> Encrypt,C=US', serial 0x049c7758b8b9555ffdfe5b701b28c1e0a3c6, RSA key 2048 
> bits, signed using RSA-SHA256, activated `2018-12-26 21:37:59 UTC', expires 
> `2019-03-26 21:37:59 UTC', 
> pin-sha256="0G1iyw4AAayWktCk3M9gauB01s4guqgidOQotb1u49I="
>   Public Key ID:
>   sha1:e03d4c14e735791a4a0924057676bee73b5e199f
>   
> sha256:d06d62cb0e0001ac9692d0a4dccf606ae074d6ce20baa82274e428b5bd6ee3d2
>   Public Key PIN:
>   pin-sha256:0G1iyw4AAayWktCk3M9gauB01s4guqgidOQotb1u49I=
> 
> - Certificate[1] info:
>  - subject `CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US', issuer 
> `CN=DST Root CA X3,O=Digital Signature Trust Co.', serial 
> 0x0a014142015385736a0b85eca708, RSA key 2048 bits, signed using 
> RSA-SHA256, activated `2016-03-17 16:40:46 UTC', expires `2021-03-17 16:40:46 
> UTC', pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="
> - Status: The certificate is trusted. 
> - Description: (TLS1.2)-(ECDHE-SECP384R1)-(RSA-SHA256)-(AES-256-GCM)
> - Session ID: 
> 0B:1D:9F:A2:73:92:FA:E7:02:08:98:49:14:A6:69:1B:2D:D4:30:F0:62:A9:AF:B2:4C:B7:79:94:CF:3E:41:A2
> - Options: safe renegotiation,
> - Handshake was completed
> 
> - Simple Client Mode:
> 
> * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE 
> AUTH=PLAIN AUTH=CRAM-MD5] Dovecot ready.
> . logout
> - Peer has closed the GnuTLS connection

Thank you for your investigation! It turned out there was a problem on the 
server with IPv6 binding
to the wrong virtual network-interface.

Everthing's running smoothly so far although there is still a problem adding 
the right IPv6-address
additionally to the IPv4-address.

Kind regards

  Andreas

-- 
PGP-Fingerprint: F004 8EEE 5E54 F2EA 566E B939 22E5 85DD AA14 AC0A


pgpO6p9tkZG2X.pgp
Description: Digitale Signatur von OpenPGP

Problem with different certificates

[Andreas Meyer]

Hello!

Dovecot manages different domains. Today I renewed the certifiactes from 
letsencrypt
and since that time, dovecot does not recognized the certs for different 
domains anymore:

This is part of my config:

ssl = yes
ssl_cert = < /etc/letsencrypt/live/bitcorner.de/fullchain.pem
ssl_key = < /etc/letsencrypt/live/bitcorner.de/privkey.pem

local 37.120.166.21 { # instead of IP you can also use hostname, which will be 
resolved
  protocol imap {
  ssl_cert = < /etc/letsencrypt/live/bitcorner.de/fullchain.pem
  ssl_key  = < /etc/letsencrypt/live/bitcorner.de/privkey.pem
}
}

local 46.38.231.143 {
  protocol imap {
  ssl_cert = < /etc/letsencrypt/live/nimmini.de/fullchain.pem
  ssl_key  = < /etc/letsencrypt/live/nimmini.de/privkey.pem
}
}

This worked for years and I don't know what's wrong now. It seems dovecot just 
takes the
default certs into account and ignores the certs defined with "local" completly.

Any help appreciated.

Kind regards

  Andreas

-- 
PGP-Fingerprint: F004 8EEE 5E54 F2EA 566E B939 22E5 85DD AA14 AC0A


pgp671x_NLp7C.pgp
Description: Digitale Signatur von OpenPGP

Remove authentication penalty for webmailer

[Andreas Meyer]

Hi all,

I want to remove the authentication penalty for specific ip addresses
(subnets if possible).

I am using Dovecot 2.3.2 (582970113) and figured that this information:
https://wiki2.dovecot.org/Authentication/Penalty
> If the IP is in login_trusted_networks (e.g. webmail), skip any
authentication penalties

is not up to date.
Instead this information is:
https://wiki2.dovecot.org/Upgrading/2.3

--- START ---
*Localhost Auth Penalty*

Dovecot no longer disables auth penalty waits for clients connecting from
localhost (or login_trusted_networks in general). The previous idea was
that it would likely be a webmail that would have its own delays, but there
are no guarantees about this.

If the old behavior is still wanted, it's possible to do nowadays even more
generically with e.g.:

passdb {
 driver = passwd-file
 args = username_format=%{rip} /etc/dovecot/passdb
}

/etc/dovecot/passdb:

127.0.0.1:::nodelay=yes
192.168.10.124:::nodelay=yes
--- STOP ---


Adding the passdb section and creating a passdb file with the respective ip
addresses does not have any effect though.
Login failures through the webmailer are still being delayed.

"dovecot -n" shows that the new passdb section is loaded:

--- START ---
passdb {
  args = username_format=%{rip} /etc/dovecot/passdb
  driver = passwd-file
}
passdb {
  args = /etc/dovecot/dovecot-sql.conf.ext
  driver = sql
}
--- STOP ---

Changing orders does not make a difference.

The passdb file contains these entries:
--- START ---
127.0.0.1:::nodelay=yes
10.25.1.20:::nodelay=yes
--- STOP ---

The logfile shows the increased delay:
--- START ---
Jul 10 23:37:16 9fcdf83ee81e dovecot: imap-login: Disconnected (auth
failed, 1 attempts in 2 secs): user=, method=PLAIN,
rip=10.25.1.20, lip=10.25.1.10, TLS, TLSv1.2 with cipher
ECDHE-RSA-AES128-GCM-SHA256 (128/128 bit
s)
Jul 10 23:37:25 9fcdf83ee81e dovecot: imap-login: Disconnected (auth
failed, 1 attempts in 6 secs): user=, method=PLAIN,
rip=10.25.1.20, lip=10.25.1.10, TLS, TLSv1.2 with cipher
ECDHE-RSA-AES128-GCM-SHA256 (128/128 bit
s)
--- STOP ---


What am I missing?

Re: Domain without certificate

[Andreas Meyer]

Hello!

It's a client thing. The client should not request StartSSL when
there is no certificate present.

Sorry for the noise!

  Andreas

Andreas Meyer <a.me...@nimmini.de> schrieb am 22.08.17 um 00:16:54 Uhr:

> Hello!
> 
> I have a new domain integrated into dovecot but no certificate yet.
> 
> In dovecot.conf there is ssl = yes and the other domains have
> certificates configured.
> 
> How do I exclude this new domain from using SSL?
> 
> Greetings
> 
>   Andreas



pgpeeFaLkFhPR.pgp
Description: Digitale Signatur von OpenPGP

Domain without certificate

[Andreas Meyer]

Hello!

I have a new domain integrated into dovecot but no certificate yet.

In dovecot.conf there is ssl = yes and the other domains have
certificates configured.

How do I exclude this new domain from using SSL?

Greetings

  Andreas


pgpX5krx2vxKu.pgp
Description: Digitale Signatur von OpenPGP

a question about certificates from letsencrypt

[Andreas Meyer]

Hello!

Certificates from letsencrypt are renewed every three months.

Does that mean a MUA has to accept the renewed certificates manually
everytime it is renewed?

Sorry if this is OT!

Greetings

 Andreas

Re: New password hashing scheme as plugin

[Andreas Meyer]

2016-08-05 10:59 GMT+02:00 Aki Tuomi <aki.tu...@dovecot.fi>:

>
>
> On 02.08.2016 00:46, Andreas Meyer wrote:
> > 2016-08-01 15:58 GMT+02:00 <aki.tu...@dovecot.fi>:
> >
> >>> On August 1, 2016 at 4:38 PM aki.tu...@dovecot.fi wrote:
> >>>
> >>>
> >>>
> >>>> On August 1, 2016 at 3:45 PM Andreas Meyer <luckyfello...@gmail.com>
> >> wrote:
> >>>>
> >>>> 2016-07-31 16:39 GMT+02:00 <aki.tu...@dovecot.fi>:
> >>>>
> >>>>>> On July 27, 2016 at 2:08 AM Andreas Meyer <luckyfello...@gmail.com
> >>>>> wrote:
> >>>>>>
> >>>>>> Hi,
> >>>>>>
> >>>>>>
> >>>>>> I want to add a new password hashing scheme as plugin and provide
> >> it for
> >>>>>> the dovecot project, so that it will be included as optional
> >> plugin in
> >>>>>> future releases.
> >>>>>>
> >>>>>> Yet the plugin compiles fine and the .so file gets created.
> >>>>>>
> >>>>>> My approach is to call the functions password_scheme_register() and
> >>>>>> password_scheme_unregister() (src/auth/password-scheme.c) inside
> >> the
> >>>>>> plugin's _init() and _deinit() functions.
> >>>>>>
> >>>>>> When a client tries to login via imap the log shows an error
> >> message:
> >>>>>> Error: Couldn't load required plugin
> >>>>>> /usr/local/lib/dovecot/lib20_newauth_plugin.so: dlopen() failed:
> >>>>>> /usr/local/lib/dovecot/lib20_newauth_plugin.so: undefined symbol:
> >>>>>> password_scheme_unregister
> >>>>>>
> >>>>>> That error obviously occurs, because the required lib is not
> >> linked into
> >>>>>> the plugin.
> >>>>>>
> >>>>>>
> >>>>>> Now my problem is to understand, whether this approach (via .so
> >> file) can
> >>>>>> be successful at all and if so, how?
> >>>>>> Do I need to link libs into it? Which would that be and how do I
> >> specify
> >>>>>> them in the Makefile.am?
> >>>>>>
> >>>>>> I assume, I don't need to link a lib, but need to use a hook to
> >> register
> >>>>>> the new hashing scheme, since the plugin is loaded into an already
> >>>>> existing
> >>>>>> process, which needs to get extended. If this is true, which hook
> >> would
> >>>>>> that be and how do I register the new scheme?
> >>>>>>
> >>>>>> Or is there no way to accomplish this via a separated .so plugin?
> >> Should
> >>>>> I
> >>>>>> extend the sources in /src/auth instead? (separat file for the
> >> hashing
> >>>>>> scheme with preprocessor instructions to include it only on demand)
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>> Thank you very much,
> >>>>>>
> >>>>>> Andreas
> >>>>> Can you publish your code in, say, github.com and provide link to
> >> it?
> >>>>> New password scheme is doable as plugin but it needs to placed in
> >> different
> >>>>> place and it will be autoloaded.
> >>>>>
> >>>>> Aki
> >>>>>
> >>>>
> >>>>
> >>>>
> >>>> I created two branches. Both compile fine with the option:
> >> --with-libsodium
> >>>> Branch #1)
> >>>>
> >>>>
> >> https://github.com/LuckyFellow/dovecot-core-libsodium/tree/2.2.25_
> libsodium_plugin
> >>>> This is my try to add libsodium support as plugin. When the plugin is
> >>>> loaded, it exits with the mentioned error message "undefined symbol:
> >>>> password_scheme_unregister"
> >>>>
> >>>>
> >>>> Branch #2)
> >>>>
> >>>>
> >> https://github.com/LuckyFellow/dovecot-core-libsodium/tree/2.2.25_
> libsodium_auth
> >>>> This compiles fine and also works. The new hashing schemes SCRYPT and
> >>>> ARGON2 are avail

Re: New password hashing scheme as plugin

[Andreas Meyer]

2016-08-01 15:58 GMT+02:00 <aki.tu...@dovecot.fi>:

>
> > On August 1, 2016 at 4:38 PM aki.tu...@dovecot.fi wrote:
> >
> >
> >
> > > On August 1, 2016 at 3:45 PM Andreas Meyer <luckyfello...@gmail.com>
> wrote:
> > >
> > >
> > > 2016-07-31 16:39 GMT+02:00 <aki.tu...@dovecot.fi>:
> > >
> > > >
> > > > > On July 27, 2016 at 2:08 AM Andreas Meyer <luckyfello...@gmail.com
> >
> > > > wrote:
> > > > >
> > > > >
> > > > > Hi,
> > > > >
> > > > >
> > > > > I want to add a new password hashing scheme as plugin and provide
> it for
> > > > > the dovecot project, so that it will be included as optional
> plugin in
> > > > > future releases.
> > > > >
> > > > > Yet the plugin compiles fine and the .so file gets created.
> > > > >
> > > > > My approach is to call the functions password_scheme_register() and
> > > > > password_scheme_unregister() (src/auth/password-scheme.c) inside
> the
> > > > > plugin's _init() and _deinit() functions.
> > > > >
> > > > > When a client tries to login via imap the log shows an error
> message:
> > > > >
> > > > > Error: Couldn't load required plugin
> > > > > /usr/local/lib/dovecot/lib20_newauth_plugin.so: dlopen() failed:
> > > > > /usr/local/lib/dovecot/lib20_newauth_plugin.so: undefined symbol:
> > > > > password_scheme_unregister
> > > > >
> > > > > That error obviously occurs, because the required lib is not
> linked into
> > > > > the plugin.
> > > > >
> > > > >
> > > > > Now my problem is to understand, whether this approach (via .so
> file) can
> > > > > be successful at all and if so, how?
> > > > > Do I need to link libs into it? Which would that be and how do I
> specify
> > > > > them in the Makefile.am?
> > > > >
> > > > > I assume, I don't need to link a lib, but need to use a hook to
> register
> > > > > the new hashing scheme, since the plugin is loaded into an already
> > > > existing
> > > > > process, which needs to get extended. If this is true, which hook
> would
> > > > > that be and how do I register the new scheme?
> > > > >
> > > > > Or is there no way to accomplish this via a separated .so plugin?
> Should
> > > > I
> > > > > extend the sources in /src/auth instead? (separat file for the
> hashing
> > > > > scheme with preprocessor instructions to include it only on demand)
> > > > >
> > > > >
> > > > >
> > > > > Thank you very much,
> > > > >
> > > > > Andreas
> > > >
> > > > Can you publish your code in, say, github.com and provide link to
> it?
> > > > New password scheme is doable as plugin but it needs to placed in
> different
> > > > place and it will be autoloaded.
> > > >
> > > > Aki
> > > >
> > >
> > >
> > >
> > >
> > > I created two branches. Both compile fine with the option:
> --with-libsodium
> > >
> > > Branch #1)
> > >
> > >
> https://github.com/LuckyFellow/dovecot-core-libsodium/tree/2.2.25_libsodium_plugin
> > >
> > > This is my try to add libsodium support as plugin. When the plugin is
> > > loaded, it exits with the mentioned error message "undefined symbol:
> > > password_scheme_unregister"
> > >
> > >
> > > Branch #2)
> > >
> > >
> https://github.com/LuckyFellow/dovecot-core-libsodium/tree/2.2.25_libsodium_auth
> > >
> > > This compiles fine and also works. The new hashing schemes SCRYPT and
> > > ARGON2 are available to dovecot.
> > > Libsodium support is not created as module, but only added if the
> > > --with-libsodium option was passed to configure.
> > >
> > >
> > >
> > > Regards,
> > > Andreas
> >
> > Hi!
> >
> > I had a look at your code and noticed you had tried to put it in
> dovecot's tree. I would recommend making completely separate plugin of it.
> It's not very hard, I can help you out there. It does not need to be in
> src/plugins, the source supports fully external plugins that you can then
> install separately.
> >
> > This would make it lot more easier to develop the plugin. I'll see if I
> can make you a little skeleton to help you out with this, you can then use
> it as basis for your auth plugin.
> >
> > Aki
>
> https://github.com/cmouse/dovecot-password-scheme-plugin
>
> is the plugin template you can use. please see if it helps you out.
>
> Aki
>



Thank you very much for the skeleton. It really helped a lot.

I created this repository and checked in my changes:
https://github.com/LuckyFellow/dovecot-libsodium-plugin
It compiles and installs fine. The auth module loads the plugin
automatically on demand, the hashing schemes are available and they work.

What do I need to do, so that you can include it as plugin?


Regards,
Andreas

Re: New password hashing scheme as plugin

[Andreas Meyer]

2016-07-31 16:39 GMT+02:00 <aki.tu...@dovecot.fi>:

>
> > On July 27, 2016 at 2:08 AM Andreas Meyer <luckyfello...@gmail.com>
> wrote:
> >
> >
> > Hi,
> >
> >
> > I want to add a new password hashing scheme as plugin and provide it for
> > the dovecot project, so that it will be included as optional plugin in
> > future releases.
> >
> > Yet the plugin compiles fine and the .so file gets created.
> >
> > My approach is to call the functions password_scheme_register() and
> > password_scheme_unregister() (src/auth/password-scheme.c) inside the
> > plugin's _init() and _deinit() functions.
> >
> > When a client tries to login via imap the log shows an error message:
> >
> > Error: Couldn't load required plugin
> > /usr/local/lib/dovecot/lib20_newauth_plugin.so: dlopen() failed:
> > /usr/local/lib/dovecot/lib20_newauth_plugin.so: undefined symbol:
> > password_scheme_unregister
> >
> > That error obviously occurs, because the required lib is not linked into
> > the plugin.
> >
> >
> > Now my problem is to understand, whether this approach (via .so file) can
> > be successful at all and if so, how?
> > Do I need to link libs into it? Which would that be and how do I specify
> > them in the Makefile.am?
> >
> > I assume, I don't need to link a lib, but need to use a hook to register
> > the new hashing scheme, since the plugin is loaded into an already
> existing
> > process, which needs to get extended. If this is true, which hook would
> > that be and how do I register the new scheme?
> >
> > Or is there no way to accomplish this via a separated .so plugin? Should
> I
> > extend the sources in /src/auth instead? (separat file for the hashing
> > scheme with preprocessor instructions to include it only on demand)
> >
> >
> >
> > Thank you very much,
> >
> > Andreas
>
> Can you publish your code in, say, github.com and provide link to it?
> New password scheme is doable as plugin but it needs to placed in different
> place and it will be autoloaded.
>
> Aki
>




I created two branches. Both compile fine with the option: --with-libsodium

Branch #1)

https://github.com/LuckyFellow/dovecot-core-libsodium/tree/2.2.25_libsodium_plugin

This is my try to add libsodium support as plugin. When the plugin is
loaded, it exits with the mentioned error message "undefined symbol:
password_scheme_unregister"


Branch #2)

https://github.com/LuckyFellow/dovecot-core-libsodium/tree/2.2.25_libsodium_auth

This compiles fine and also works. The new hashing schemes SCRYPT and
ARGON2 are available to dovecot.
Libsodium support is not created as module, but only added if the
--with-libsodium option was passed to configure.



Regards,
Andreas

New password hashing scheme as plugin

[Andreas Meyer]

Hi,


I want to add a new password hashing scheme as plugin and provide it for
the dovecot project, so that it will be included as optional plugin in
future releases.

Yet the plugin compiles fine and the .so file gets created.

My approach is to call the functions password_scheme_register() and
password_scheme_unregister() (src/auth/password-scheme.c) inside the
plugin's _init() and _deinit() functions.

When a client tries to login via imap the log shows an error message:

Error: Couldn't load required plugin
/usr/local/lib/dovecot/lib20_newauth_plugin.so: dlopen() failed:
/usr/local/lib/dovecot/lib20_newauth_plugin.so: undefined symbol:
password_scheme_unregister

That error obviously occurs, because the required lib is not linked into
the plugin.


Now my problem is to understand, whether this approach (via .so file) can
be successful at all and if so, how?
Do I need to link libs into it? Which would that be and how do I specify
them in the Makefile.am?

I assume, I don't need to link a lib, but need to use a hook to register
the new hashing scheme, since the plugin is loaded into an already existing
process, which needs to get extended. If this is true, which hook would
that be and how do I register the new scheme?

Or is there no way to accomplish this via a separated .so plugin? Should I
extend the sources in /src/auth instead? (separat file for the hashing
scheme with preprocessor instructions to include it only on demand)



Thank you very much,

Andreas

solr does not index files in the mailbox

[Andreas Meyer]

Hello!

I startet solr and configured dovecot to use it. Dovecot just indexes
two files dovecot.index.log and dovecot.mailbox.log but nothing in
the cur directory.

./post -c myfiles /home/a.meyer/Postfach
java -classpath /home/andreas/solr-5.5.1/dist/solr-core-5.5.1.jar -Dauto=yes 
-Dc=myfiles -Ddata=files -Drecursive=yes org.apache.solr.util.SimplePostTool 
/home/a.meyer/Postfach
SimplePostTool version 5.0.0
Posting files to [base] url http://localhost:8983/solr/myfiles/update...
Entering auto mode. File endings considered are 
xml,json,jsonl,csv,pdf,doc,docx,ppt,pptx,xls,xlsx,odt,odp,ods,ott,otp,ots,rtf,htm,html,txt,log
Entering recursive mode, max depth=999, delay=0s
Indexing directory /home/a.meyer/Postfach (2 files, depth=0)
POSTing file dovecot.index.log (text/plain) to [base]/extract
POSTing file dovecot.mailbox.log (text/plain) to [base]/extract
Indexing directory /home/a.meyer/Postfach/cur (0 files, depth=1)
Indexing directory /home/a.meyer/Postfach/new (0 files, depth=1)
Indexing directory /home/a.meyer/Postfach/tmp (0 files, depth=1)
2 files indexed.
COMMITting Solr index changes to http://localhost:8983/solr/myfiles/update...
Time spent: 0:00:00.751

If I give the cur folder as startingpoint

./post -c myfiles /home/a.meyer/Postfach/cur
java -classpath /home/andreas/solr-5.5.1/dist/solr-core-5.5.1.jar -Dauto=yes 
-Dc=myfiles -Ddata=files -Drecursive=yes org.apache.solr.util.SimplePostTool 
/home/a.meyer/Postfach/cur
SimplePostTool version 5.0.0
Posting files to [base] url http://localhost:8983/solr/myfiles/update...
Entering auto mode. File endings considered are 
xml,json,jsonl,csv,pdf,doc,docx,ppt,pptx,xls,xlsx,odt,odp,ods,ott,otp,ots,rtf,htm,html,txt,log
Entering recursive mode, max depth=999, delay=0s
Indexing directory /home/a.meyer/Postfach/cur (0 files, depth=0)
0 files indexed.
COMMITting Solr index changes to http://localhost:8983/solr/myfiles/update...
Time spent: 0:00:00.102

nothing is indexed although the directory contains 4 mails.

What am I doing wrong?

Greetings

Andreas

Re: Dovecot + libsodium

[Andreas Meyer]

2016-05-06 23:15 GMT+02:00 Timo Sirainen <t...@iki.fi>:

> On 06 May 2016, at 13:14, Andreas Meyer <luckyfello...@gmail.com> wrote:
> >
> > Hi,
> >
> > Thank you very much for creating and maintaining dovecot!
> >
> > In my scenario, I want to use the password hash algorithms provided by
> > libsodium: https://download.libsodium.org/doc/
> >
> > So my difficulty is to have dovecot support libsodium's hash algorithms,
> > particularly: crypto_pwhash_scryptsalsa208sha256_str
> >
> > On the sodium maillinglist I asked for help and received an adjusted
> > dovecot code, which exactly does what I need. You find it here:
> > https://github.com/jedisct1/core/tree/scrypt-argon2
> >
> > Obviously I need to apply these changes everytime I upgrade to a new
> > dovecot version now.
> >
> > So my question ist, what do I need to do so that you will include
> libsodium
> > support in future versions of dovecot?
>
> You could also change it to be a plugin to avoid patching. This is a
> pretty old example, but it probably still works, at least with minor
> changes:
> http://dovecot.org/patches/password-scheme-lmpass.c
>
> Although it's still a good idea to recompile the plugin after a new
> version since sometimes the ABI changes.
>
>

Hi Timo,


thank you very much for your reply. Creating a plugin is an option. Though
I don't possess the right abilities to do that right away.

Nevertheless I want to re-ask my initial question: What is required to get
libsodium support into the dovecot core?
Or are there concerns about supporting it or is there simply no interest in
doing so?

As I understand, security is a relevant concern when developing Dovecot.
The sodium crypto library focuses on: "... provide all of the core
operations needed to build higher-level cryptographic tools."
I am sure, utilizing this library by default can be of great benefit for
Dovecot. It will help to easily support the latest password hashing
algorithms, currently Scrypt and Argon2.
And if used for additional cryptographic purposes, it also provides easy to
use cryptographically secure pseudo random data, secret-key authenticated
encryption and of course secure memory allocations, just to name three
features.


Thank you very much,

Andreas

Dovecot + libsodium

[Andreas Meyer]

Hi,

Thank you very much for creating and maintaining dovecot!

In my scenario, I want to use the password hash algorithms provided by
libsodium: https://download.libsodium.org/doc/

So my difficulty is to have dovecot support libsodium's hash algorithms,
particularly: crypto_pwhash_scryptsalsa208sha256_str

On the sodium maillinglist I asked for help and received an adjusted
dovecot code, which exactly does what I need. You find it here:
https://github.com/jedisct1/core/tree/scrypt-argon2

Obviously I need to apply these changes everytime I upgrade to a new
dovecot version now.

So my question ist, what do I need to do so that you will include libsodium
support in future versions of dovecot?


Thank you very much for your attention,

Andreas

Problem with permissions of the logfile

[Andreas Meyer]

Hello!

I want to have dovecot log into a separate file and set
log_path = /var/log/dovecot instead of log_path = syslog

Dovecot does not start if I do this. Tried to change
permissions and overschip of the file, no luck, ha.
Deleted it in the hope dovecot creates it but no.

If I set log_path = syslog dovecot starts and I see
it is running as

# ps aux |grep dove
root  2429  0.2  0.0   3416  2568 ?Ss   16:42   0:00 
/usr/sbin/dovecot -F
dovecot   2431  0.0  0.0   3100  2080 ?S16:42   0:00 dovecot/anvil
root  2432  0.0  0.0   3228  2316 ?S16:42   0:00 dovecot/log
root  2434  0.0  0.0   4220  3300 ?S16:42   0:00 dovecot/config

What must be done to have doveot log into the specified file?

Greetings

  Andreas

Problem with permissions of the logfile

[Andreas Meyer]

Hello!

I want to have dovecot log into a separate file and set
log_path = /var/log/dovecot instead of log_path = syslog

Dovecot does not start if I do this. Tried to change
permissions and overschip of the file, no luck, ha.
Deleted it in the hope dovecot creates it but no.

If I set log_path = syslog dovecot starts and I see
it is running as

# ps aux |grep dove
root  2429  0.2  0.0   3416  2568 ?Ss   16:42   0:00 
/usr/sbin/dovecot -F
dovecot   2431  0.0  0.0   3100  2080 ?S16:42   0:00 dovecot/anvil
root  2432  0.0  0.0   3228  2316 ?S16:42   0:00 dovecot/log
root  2434  0.0  0.0   4220  3300 ?S16:42   0:00 dovecot/config

What must be done to have dovecot log into the specified file?

Greetings

  Andreas

Re: Problem with permissions of the logfile

[Andreas Meyer]

Hello!

To stay on the list.

"S. Muthu Kumar"  schrieb am 06.11.15 um 21:49:32 Uhr:

> log_path here means the logging channel path. It refers to the logger
> daemon to use to generate logs.
> 
> Most of the linux/unix based applications prefer to use common system
> logger to take care of writing the logs preferably under /var/log/ as
> there are other structures(like rotating those logs periodically).
> 
> do refer to man pages of syslog.conf or rsyslog.conf and see how you
> can generate individual log files for devecot via (r)syslog daemon
> while you have delegated dovecot logging responsibility to (r)syslog.

I must admit I don't understand what is going on. I am running rsyslog
on two servers and on both servers version 2.2.13 of dovecot.

On the first I set log_path = /var/log/dovecot1 with
-rw--- 1 root   root   1093533  6. Nov 17:24 dovecot1
in /var/log and everthing is fine.

If I do this on the newly set up server, dovecot does not start.

Ofcourse I could set it up to log to syslog and prepare rsyslog.conf
but why is it so?

Regards

  Andreas

Re: distuguish between different domains

[Andreas Meyer]

Hello!

Marco Fretz  schrieb am 28.09.15 um 08:29:59 Uhr:

> Hi Andreas,
> 
> I'm not 100% sure what you're trying to accomplish.
> 
> smtp_server in roundcube is the outgoing server (submission server, i.e.
> postfix). Mailbox is IMAP (dovecot).
> You can easily spawn 2 instances of dovecot, one serving aaa.de and one
> serving bbb.de on different IPs.

How do I do this?

> What exactly is the problem with 2 domains on one dovecot? I mean user
> @aaa.de usually does not have the password for @bbb.de and vise versa.

What is irritating me is that when there are two domains served by
dovecot, in the client I can specify server.aaa.de although I have
an email-address u...@bbb.de and connect as such.

For my understanding it should not be possible to connect to server
server.aaa.de with an address line u...@bbb.de and dovecot serves
the mailbox of that user.
 
> About the sending server in roundcube: I don't think there is a way to
> have a different submission server for different sender domains in
> roundcubde. But you could use the postfix configuration to map sender
> domains to different outgoing connection IPs.

Postfix is not the problem. It's the login into the IMAP-server that
is irritating me. Or am I completely wrong?

Regards

  Andreas

Re: distuguish between different domains

[Andreas Meyer]

"A.L.E.C" <a...@alec.pl> schrieb am 28.09.15 um 10:54:24 Uhr:

> On 09/28/2015 10:48 AM, Andreas Meyer wrote:
> > Postfix is not the problem. It's the login into the IMAP-server that
> > is irritating me. Or am I completely wrong?
> 
> You are completely wrong ;) If the mailbox exist server handles it,
> there's no difference from/to which "domain" was the connection. Besides
> you can configure Roundcube to select server IP/host based on logon domain.

It makes not difference when I define 
$rcmail_config['default_host'] = 'tls://mail.bbb.de';
in Roundcube. I guess the advantage of this setting
is to identify the server when the server are running
on different machines. But as long as the domains reside
on the same machine, it does not matter.

I can login as u...@aaa.de and the mailbox is served.
That's what is irritating me. But I can life with it.

Regards

  Andreas

distuguish between different domains

[Andreas Meyer]

Hello!

I asked myself wether it is possible to distinguish between
different doamins in dovecot so that a user only sees his
mailbox when he is connecting with us...@aaa.de specifying
the server with mail.aaa.de for example.

So the server does not handout the mailbox for us...@bbb.de
when the client connects to mail.aaa.de as us...@bbb.de

I have this problem with roundcube. Dovecot is responisble
for two domains. With roundcube I can login as us...@aaa.de
altough the client is configured like so:
$config['smtp_server'] = 'tls://mail.bbb.de';
and I am landing in the mailbox of us...@aaa.de

Is there a way to striktly differentiate between doamins?
Both domains have their own IP-addresses.

Regards

  Andreas

no login with MySQL

[Andreas Meyer]

Hello!

Setup again to authenticate my users with MySQL but can't login.

Sep 13 11:55:49 auth: Info: 
passwd-file(a.me...@nimmini.de,95.88.63.177,): unknown user
Sep 13 11:55:49 auth: Info: 
passwd-file(a.me...@nimmini.de,95.88.63.177,): unknown user
Sep 13 11:55:49 imap-login: Info: Login: user=, 
method=CRAM-MD5, rip=95.88.63.177, lip=46.38.231.143, mpid=30826, TLS, TLSv1 
with cipher ECDHE-RSA-AES256-SHA (256/256 bits)
Sep 13 11:55:49 imap(a.me...@nimmini.de): Error: user a.me...@nimmini.de: 
Initialization failed: Namespace '': Home directory not set for user. Can't 
expand ~/ for mail root dir in: ~/
Sep 13 11:55:49 imap(a.me...@nimmini.de): Error: Invalid user settings. Refer 
to server log for more information.



Sep 13 11:55:49 auth: Debug: auth client connected (pid=30825)
Sep 13 11:55:49 auth: Debug: client in: AUTH1   CRAM-MD5
service=imapsecured session=R7Qe9J0fTgBfWD+xlip=46.38.231.143   
rip=95.88.63.177lport=143 rport=45646
Sep 13 11:55:49 auth: Debug: client passdb out: CONT1   
PDkzMDcwNTI5Mzk5NTk1NTYuMTQ0MjEzODE0OUBiaXRtYWNoaW5lMT4=
Sep 13 11:55:49 auth: Debug: client in: CONT
Sep 13 11:55:49 auth: Debug: 
passwd-file(a.me...@nimmini.de,95.88.63.177,): lookup: 
user=a.me...@nimmini.de file=/etc/dovecot/passwd
Sep 13 11:55:49 auth-worker(30822): Debug: 
sql(a.me...@nimmini.de,95.88.63.177): query: SELECT username AS username, 
password FROM mailbox WHERE username = 'a.me...@nimmini.de' AND active = 1
Sep 13 11:55:49 auth: Debug: client passdb out: OK  1   
user=a.me...@nimmini.de
Sep 13 11:55:49 auth: Debug: master in: REQUEST 997457921   30821   1   
dc2456b4ee1453e5458806ab92da9ee7session_pid=30826   
request_auth_token
Sep 13 11:55:49 auth: Debug: 
passwd-file(a.me...@nimmini.de,95.88.63.177,): lookup: 
user=a.me...@nimmini.de file=/etc/dovecot/passwd
Sep 13 11:55:49 auth-worker(30822): Debug: 
passwd-file(a.me...@nimmini.de,95.88.63.177): SELECT maildir, uid, gid, 
concat('*:storage=', quota) AS quota_rule, concat('Trash:storage=+', 
quota_trash) AS quota_rule2 FROM mailbox WHERE username = 'a.me...@nimmini.de'
Sep 13 11:55:49 auth: Debug: master userdb out: USER997457921   
a.me...@nimmini.de  maildir=/var/spool/vhosts/nimmini.de/   uid=5000
gid=5000quota_rule=*:storage=5242880  
quota_rule2=Trash:storage=+100  
auth_token=2a4c8e78ff8fcf3f9599eecbefb6a5605f22abe5
Sep 13 11:55:49 imap: Debug: Loading modules from directory: 
/usr/lib64/dovecot/modules
Sep 13 11:55:49 imap: Debug: Module loaded: 
/usr/lib64/dovecot/modules/lib01_acl_plugin.so
Sep 13 11:55:49 imap: Debug: Module loaded: 
/usr/lib64/dovecot/modules/lib02_imap_acl_plugin.so
Sep 13 11:55:49 imap: Debug: Module loaded: 
/usr/lib64/dovecot/modules/lib10_quota_plugin.so
Sep 13 11:55:49 imap: Debug: Module loaded: 
/usr/lib64/dovecot/modules/lib11_imap_quota_plugin.so
Sep 13 11:55:49 imap: Debug: Added userdb setting: 
plugin/maildir=/var/spool/vhosts/nimmini.de/
Sep 13 11:55:49 imap: Debug: Added userdb setting: 
plugin/quota_rule=*:storage=5242880
Sep 13 11:55:49 imap: Debug: Added userdb setting: 
plugin/quota_rule2=Trash:storage=+100
Sep 13 11:55:49 imap(a.me...@nimmini.de): Debug: Effective uid=5000, gid=5000, 
home=
Sep 13 11:55:49 imap(a.me...@nimmini.de): Debug: Quota root: name=User quota 
backend=maildir args=
Sep 13 11:55:49 imap(a.me...@nimmini.de): Debug: Quota rule: root=User quota 
mailbox=* bytes=5368709120 messages=0
Sep 13 11:55:49 imap(a.me...@nimmini.de): Debug: Quota rule: root=User quota 
mailbox=Trash bytes=+102400 messages=0
Sep 13 11:55:49 imap(a.me...@nimmini.de): Debug: Quota grace: root=User quota 
bytes=53687091 (1%)
Sep 13 11:55:49 imap(a.me...@nimmini.de): Debug: Namespace inbox: type=private, 
prefix=, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes 
location=maildir:~/


This is what claws-mail says:

[12:22:48] IMAP4< * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS 
ID ENABLE IDLE STARTTLS AUTH=PLAIN AUTH=CRAM-MD5] Dovecot ready. 
[12:22:48] IMAP4> 1 STARTTLS 
[12:22:48] IMAP4< 1 OK Begin TLS negotiation now. 
* IMAP connection is un-authenticated
[12:22:48] IMAP4> 2 CAPABILITY 
[12:22:48] IMAP4< * CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID 
ENABLE IDLE AUTH=PLAIN AUTH=CRAM-MD5 
[12:22:48] IMAP4< 2 OK Pre-login capabilities listed, post-login capabilities 
have more. 
[12:22:48] IMAP4> Logging a.me...@nimmini.de to mail.nimmini.de using CRAM-MD5
** IMAP Fehler auf mail.nimmini.de: parse error (sehr wahrscheinlich ein nicht 
RFC-konformer Server)
** IMAP4-Verbindung unterbrochen
[12:22:48] IMAP4< Error logging in to mail.nimmini.de

When I set auth_type PLAIN in Roundcube, login fails too.

The SELECTS in the database are ok:

mysql> SELECT maildir, uid, gid, concat('*:storage=', quota) AS quota_rule, 
concat('Trash:storage=+', quota_trash) AS quota_rule2 FROM 

Re: no login with MySQL

[Andreas Meyer]

Christian Kivalo  schrieb am 13.09.15 um 22:08:04 Uhr:

> > I think the query-string für MySQL would overwrite this mail_location,
> > right? But how do I define it in the query?
> 
> yes thats how it should work but your query (looking at the query result 
> from your first email) overwrites the mail_location with 
> "/var/spool/vhosts/nimmini.de/" without a username.
> 
> >> With my setup "mail" and "home" is returned from the userdb query from
> >> mysql
> >> 
> >> home: /srv/mail/%u
> >> mail: /srv/mail/%u/Maildir
> > 
> > The query-strings for virtual users look like this:
> > 
> > password_query = SELECT username AS username, password FROM mailbox
> > WHERE username = '%u' AND active = 1
> > user_query = SELECT maildir, uid, gid, concat('*:storage=', quota) AS
> > quota_rule, concat('Trash:storage=+', quota_trash) AS quota_rule2 FROM
> > mailbox WHERE username = '%u'
> 
> what about
> user_query = SELECT CONCAT(maildir, SUBSTRING_INDEX(username,'@',+1)) as 
> mail, uid, gid, concat('*:storage=', quota) AS quota_rule, 
> concat('Trash:storage=+', quota_trash) AS quota_rule2 FROM mailbox WHERE 
> username = '%u'

With this query above I can login again with Roundcube and claws-mail but
with the mysql-client I get:

mysql> SELECT CONCAT(maildir, SUBSTRING_INDEX(username,'@',+1)) as mail, uid, 
gid, concat('*:storage=', quota) AS quota_rule, concat('Trash:storage=+', 
quota_trash) AS quota_rule2 FROM mailbox WHERE username = '%u';
Empty set (0,00 sec)

This is my old query with wich I couldn't log in.
mysql> SELECT maildir, uid, gid, concat('*:storage=', quota) AS quota_rule, 
concat('Trash:storage=+', quota_trash) AS quota_rule2 FROM mailbox WHERE 
username = '%u';
Empty set (0,00 sec)

> 
> The SUBSTRING_INDEX returns everything left of the '@' from field 
> username, that should give you something like
> 
> +--+--+--+---++
> | mail | uid  | gid  | quota_rule
> | quota_rule2|
> +--+--+--+---++
> | /var/spool/vhosts/nimmini.de/a.meyer | 5000 | 5000 | *:storage=5242880 
> | Trash:storage=+100 |
> +--+--+--+---++
> 
> which hopefully is the path to your maildir.

I get am Emty set

Don't understand it.

  Andreas

Re: no login with MySQL

[Andreas Meyer]

Hello!

Christian Kivalo  schrieb am 13.09.15 um 19:51:38 Uhr:

> > Sep 13 11:55:49 imap(a.me...@nimmini.de): Error: user
> > a.me...@nimmini.de: Initialization failed: Namespace '': Home
> > directory not set for user. Can't expand ~/ for mail root dir in: ~/
> > Sep 13 11:55:49 imap(a.me...@nimmini.de): Error: Invalid user
> > settings. Refer to server log for more information.
> 
> i see an error here "Error: Invalid user settings" relating to the users 
> mail_location direcory.
> 
> Is "mail_location" (and not so important "mail_home") defined?

In dovecot.conf mail_location = maildir:~/ is set. This works with
the system-users defined in the passwd file.

I think the query-string für MySQL would overwrite this mail_location,
right? But how do I define it in the query?

> With my setup "mail" and "home" is returned from the userdb query from 
> mysql
> 
> home: /srv/mail/%u
> mail: /srv/mail/%u/Maildir

The query-strings for virtual users look like this:

password_query = SELECT username AS username, password FROM mailbox WHERE 
username = '%u' AND active = 1
user_query = SELECT maildir, uid, gid, concat('*:storage=', quota) AS 
quota_rule, concat('Trash:storage=+', quota_trash) AS quota_rule2 FROM mailbox 
WHERE username = '%u'

There is no mail_loation defined. I thought if maildir is queried, the %u
would expand to the mail_location of the user. Where the users only with
the local part of the address exist in the filesystem.

/var/spool/vhosts/nimmini.de/a.meyer

whereas /var/spool/vhosts is a symlink to /home/vhosts.

This setup worked fine sometime ago and I wanted to reactivate MySQL
for dovecot. Now the query doesn't work anymore, the location seems
to be invalid.

location=maildir:~/
instead of
/var/spool/vhosts/nimmini.de/%u.

> > Sep 13 11:55:49 imap(a.me...@nimmini.de): Debug: Namespace inbox:
> > type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes,
> > subscriptions=yes location=maildir:~/
> 
> on one of my accounts this same line looks like this:
> imap(a...@kivalo.at): Debug: Namespace inbox: type=private, prefix=, 
> sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes 
> location=maildir:/srv/mail/a...@kivalo.at/Maildir:LAYOUT=fs
> 
> where location is the "mail_location" setting from 10-mail.conf and is 
> overridden by the userdb from sql for every user.
> 
> it's probably enough to set the option mail_location in 10-mail.conf to 
> an absolute path.

I cannot set the absolute path in mail_location, because I have
systemusers and virtual users.

Don't know how to set mail_location in the query-string for MySQL,
if the expandation of %u is not enough. %u would expand to the full
address a.me...@nimmini.de whereas the location looks like
/var/spool/vhosts/nimmini.de/a.meyer

Don't know what to do.

Regards

  Andreas

Re: no login with MySQL

[Andreas Meyer]

Benny Pedersen <m...@junc.eu> schrieb am 14.09.15 um 01:17:17 Uhr:

> Andreas Meyer skrev den 2015-09-13 22:52:
> 
> > Don't understand it.
> 
> in mysql shell you self need to expand %u
> 
> since there is possible no user email that is %u

Yes, of course. Too much stress today.

But I solved my problems with mysql, auth, dovecot_lda
and postfix deferred mail by just setting
mail_home = /var/spool/vhosts/%d/%n
in dovecot.conf again.

And the old queries work again. Now is bedtime.
Thank you everybody!

  Andreas

Re: virtual users with postfix

[Andreas Meyer]

Hello!

dravion.sm...@gmx.net dravion.sm...@gmx.net schrieb am 29.08.15 um 10:41:09 
Uhr:

 Am 29.08.2015 um 10:10 schrieb Andreas Meyer:
  Aug 29 09:52:57 imap(i...@nimmini.de): Error: 
  mkdir_parents(/var/lib/dovecot/db) failed: Permission denied
  Aug 29 09:52:57 imap(i...@nimmini.de): Error: acl: dict commit failed
 
 try chmod /var/lib/dovecot 755

this is what it already has.

  Andreas

Re: virtual users with postfix

[Andreas Meyer]

dravion.sm...@gmx.net dravion.sm...@gmx.net schrieb am 29.08.15 um 10:53:24 
Uhr:

  Am 29.08.2015 um 10:10 schrieb Andreas Meyer:
  Aug 29 09:52:57 imap(i...@nimmini.de): Error: 
  mkdir_parents(/var/lib/dovecot/db) failed: Permission denied
  Aug 29 09:52:57 imap(i...@nimmini.de): Error: acl: dict commit failed
 
  try chmod /var/lib/dovecot 755
  this is what it already has.
 
 Andreas#
 Hmm, did you use recursion?
 Maybe something like
 chmod -R 775 /var/lib/dovecot
 or
 chmod -R 777 /var/lib/dovecot
 service dovecot restart
 
 Will do the trick. Other users in the maillist archive reported this 
 solved thadt error.

I compared with a bit older installation and there I see:

drwxr-x---  3500050004096 18. Mai 2014  dovecot

# ll
insgesamt 20
drwxr-xr-x 2 5000 5000 4096  8. Mai 2014  db
-rw-r--r-- 1 root root   62 18. Mai 2014  instances
-rw-r--r-- 1 root root   78 15. Mai 2014  mounts
-rw--- 1 root root 1789 22. Dez 2013  replicator.db
-rw-r--r-- 1 root root  230 15. Mai 2014  ssl-parameters.dat

I' ll try with set it to 5000:5000

  Andreas

virtual users with postfix

[Andreas Meyer]

Hello!

My passwd file looks like this:

i...@nimmini.de:{CRAM-MD5}e33cbd144b372a9c919228923464c806b57e35df2d6d1484ceaabe7e3530cd58:5000:5000::/var/spool/vhosts/nimmini.de/info::userdb_mail=maildir:~/

When I login for the first time, I see this in the log:

Aug 29 09:52:57 imap(i...@nimmini.de): Error: 
mkdir_parents(/var/lib/dovecot/db) failed: Permission denied
Aug 29 09:52:57 imap(i...@nimmini.de): Error: acl: dict commit failed

Although the mailbox info is created with this content:

drwx-- 2 5000 5000 4096 29. Aug 09:52 cur
-rw--- 1 5000 50000 29. Aug 09:52 dovecot-acl-list
-rw--- 1 5000 5000  272 29. Aug 09:52 dovecot.index.log
-rw--- 1 5000 5000   72 29. Aug 09:52 dovecot.mailbox.log
-rw--- 1 5000 5000   51 29. Aug 09:52 dovecot-uidlist
-rw--- 1 5000 50008 29. Aug 09:52 dovecot-uidvalidity
-r--r--r-- 1 5000 50000 29. Aug 09:52 dovecot-uidvalidity.55e164dc
drwx-- 5 5000 5000 4096 29. Aug 09:52 .Drafts
drwx-- 2 5000 5000 4096 29. Aug 09:52 new
drwx-- 5 5000 5000 4096 29. Aug 09:52 .Sent
-rw--- 1 5000 5000   18 29. Aug 09:52 subscriptions
drwx-- 2 5000 5000 4096 29. Aug 09:52 tmp
drwx-- 5 5000 5000 4096 29. Aug 09:52 .Trash

/var/lib looks like this:
...
drwxr-xr-x  2 root root4096 29. Aug 00:28 dovecot
...

Should the folder dovecot be owned by the user dovecot?
What causes the error above?

Greetings

  Andreas

Re: virtual users with postfix

[Andreas Meyer]

Christian Kivalo ml+dove...@valo.at schrieb am 29.08.15 um 11:00:23 Uhr:

  Am 29.08.2015 um 10:10 schrieb Andreas Meyer:
   Aug 29 09:52:57 imap(i...@nimmini.de): Error:
 mkdir_parents(/var/lib/dovecot/db) failed: Permission denied
   Aug 29 09:52:57 imap(i...@nimmini.de): Error: acl: dict commit
 failed
  
  try chmod /var/lib/dovecot 755
 
 this is what it already has.
 
 Please share your doveconf -n output. 
 
 Wild guess: changing the owner of /var/lib/dovecot to 5000:5000 should 
 probably help.

Yes, that did the trick!

  Andreas

Re: [Dovecot] how to make quota per user ??

[Andreas Meyer]

ihab ihab_mishr...@hotmail.com wrote:

 I use dovecot version 1.2.15 and i put quota for all users , now i want to

upgrade to at least 2.1.17, it's a painless process.

 give more size for some emails , i already added the  quota to user database
 , and i added the queries from http://wiki.dovecot.org/Quota/1.1
 MySQL:
 user_query = select uid, gid, home, \
   concat('*:bytes=', quota_bytes) as quota_rule \
   from users where userid = '%u'

We use with v 2.1.17
user_query = SELECT maildir, uid, gid, concat('*:storage=', quota) AS 
quota_rule, concat('Trash:storage=+', quota_trash) AS quota_rule2 FROM mailbox 
WHERE username = '%u'

 
 # MySQL with userdb prefetch: Remember to prefix quota_rule with userdb_
 # (just like all other userdb extra fields):
 password_query = select userid as user, password, \
   uid as userdb_uid, gid as userdb_gid, \
   concat('*:bytes=', quota_bytes) as userdb_quota_rule \
   from users where userid = '%u'

  Andreas

[Dovecot] double login lines

[Andreas Meyer]

Hi!

Who can tell me why I have double login lines for some accounts?

Oct 31 12:35:36 imap-login: Info: Login: user=anme...@anup.de, 
method=CRAM-MD5, rip=84.179.59.177, lip=78.47.3.18, mpid=29905, TLS, TLSv1 with 
cipher RC4-MD5 (128/128 bits)
Oct 31 12:35:36 imap-login: Info: Login: user=anme...@anup.de, 
method=CRAM-MD5, rip=84.179.59.177, lip=78.47.3.18, mpid=29906, TLS, TLSv1 with 
cipher RC4-MD5 (128/128 bits)

I can not think of any reason why this happens at the same time.

Greetings

  Andreas

Re: [Dovecot] Question to sieve symlink

[Andreas Meyer]

Andreas Meyer anme...@anup.de wrote:
 
 A Server running openSUSE 12.3 and dovecot version 2.1.13.
 In the log I find
 
 Oct 19 00:23:23 managesieve(anme...@anup.de): Warning: sieve-storage: Active 
 sieve script symlink /var/spool/vhosts/anup.de/anmeyer/.dovecot.sieve is 
 broken: invalid/unknown path to storage (points to 
 /var/spool/vhosts/anup.de/anmeyer/.sieve/managesieve.sieve).
 
 But the link is ok and when I login to roundcube I can manage the filters.
 What's the problem?

I found the corresponding part in sieve-storage-script.c

/* Check whether the path is any good */
if ( strcmp(scriptpath, storage-link_path) != 0 
strcmp(scriptpath, storage-dir) != 0 ) {
i_warning
(sieve-storage: Active sieve script symlink %s is 
broken: 
invalid/unknown path to storage (points to 
%s).,
storage-active_path, link);
return NULL;
}

but I am not a programmer to say what's wrong there.

  Andreas

Re: [Dovecot] Question to sieve symlink

[Andreas Meyer]

Hello!

Stephan Bosch step...@rename-it.nl wrote:

 On 10/19/2013 1:55 AM, Andreas Meyer wrote:
  Hello!
 
  A Server running openSUSE 12.3 and dovecot version 2.1.13.
  In the log I find
 
  Oct 19 00:23:23 managesieve(anme...@anup.de): Warning: sieve-storage: 
  Active sieve script symlink 
  /var/spool/vhosts/anup.de/anmeyer/.dovecot.sieve is broken: invalid/unknown 
  path to storage (points to 
  /var/spool/vhosts/anup.de/anmeyer/.sieve/managesieve.sieve).
 
  But the link is ok and when I login to roundcube I can manage the filters.
  What's the problem?
 
 What is your configuration (output from dovecot -n) ?

I will not send this sensitive output to a public mailinglist.
Do you need a special part of the output?

  Andreas

Re: [Dovecot] Question to sieve symlink

[Andreas Meyer]

Charles Marcus cmar...@media-brokers.com wrote:

 On 2013-10-20 11:39 AM, Andreas Meyer anme...@anup.de wrote:
  Stephan Bosch step...@rename-it.nl wrote:
  What is your configuration (output from dovecot -n) ?
 
  I will not send this sensitive output to a public mailinglist.
  Do you need a special part of the output?
 
 Don't be stupid. There is little to nothing in that output that would 
 put your system at risk - and if there was, a few seconds to obfuscate 
 it is all it would take.
 
 Otherwise, there is nothing anyone here can dot to help you.
 

ok, here it is:

# 2.1.17: /etc/dovecot/dovecot.conf
# OS: Linux 3.7.10-1.16-pae i686 openSUSE 12.3 (i586) 
auth_mechanisms = plain cram-md5
auth_verbose = yes
debug_log_path = /var/log/dovecot-debug.log
disable_plaintext_auth = no
hostname = delta.bitcorner.eu
log_path = /var/log/dovecot1
login_log_format_elements = user=%u method=%m rip=%r lip=%l mpid=%e %c %k
mail_home = /var/spool/vhosts/%d/%n
mail_location = maildir:~/
mail_plugins = quota
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character 
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy 
include variables body enotify environment mailbox date ihave vacation-seconds
namespace inbox {
  inbox = yes
  location = 
  prefix = 
}
passdb {
  args = /etc/dovecot/passwd
  driver = passwd-file
}
passdb {
  args = /etc/dovecot/dovecot-sql.conf.ext
  driver = sql
}
plugin {
  autocreate = Trash
  autocreate2 = Drafts
  autocreate3 = Sent
  autosubscribe = Trash
  autosubscribe2 = Drafts
  autosubscribe3 = Sent
  quota = maildir:User quota
  quota_grace = 10%%
  quota_rule = *:storage=500MB
  quota_rule2 = Trash:storage=+10%%
  quota_status_nouser = DUNNO
  quota_status_overquota = 552 5.2.2 Mailbox is full / Mailbox ist voll
  quota_status_success = DUNNO
  sieve = ~/.dovecot.sieve
  sieve_dir = ~/.sieve
  sieve_extensions = +vacation-seconds
  sieve_vacation_default_period = 10d
  sieve_vacation_max_period = 30d
  sieve_vacation_min_period = 1h
}
postmaster_address = postmas...@bitcorner.de
protocols = imap pop3 lmtp sieve
quota_full_tempfail = yes
service auth {
  unix_listener auth-userdb {
group = vmail
mode = 0666
user = vmail
  }
}
service managesieve-login {
  inet_listener sieve {
port = 4190
  }
}
service quota-warning {
  executable = script /usr/local/bin/quota-warning.sh
  unix_listener quota-warning {
mode = 0666
user = vmail
  }
  user = vmail
}
ssl_cert = /etc/dovecot/ssl/startsslkeys/bitcorner/server.pem
ssl_cipher_list = 
DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ALL:!LOW:!SSLv2:!EXP:!aNULL
ssl_key = /etc/dovecot/ssl/startsslkeys/bitcorner/key.pem
userdb {
  args = /etc/dovecot/passwd
  driver = passwd-file
}
userdb {
  args = /etc/dovecot/dovecot-sql.conf.ext
  driver = sql
}
protocol lda {
  info_log_path = /var/log/dovecot-lda.log
  log_path = /var/log/dovecot-lda-errors.log
  mail_plugins = quota sieve
}
protocol imap {
  imap_idle_notify_interval = 29 mins
  mail_max_userip_connections = 20
  mail_plugins = quota quota imap_quota autocreate
}
protocol lmtp {
  mail_plugins = quota sieve
}
protocol sieve {
  mail_max_userip_connections = 10
  managesieve_implementation_string = Dovecot Pigeonhole
  managesieve_logout_format = bytes=%i/%o
  managesieve_max_compile_errors = 5
  managesieve_max_line_length = 65536
}
protocol pop3 {
  mail_max_userip_connections = 10
  pop3_uidl_format = %08Xu%08Xv
}
local 78.47.3.18 {
  protocol imap {
ssl_cert = /etc/dovecot/ssl/anup/server.pem
ssl_key = /etc/dovecot/ssl/anup/mail-anup-de-key.pem
  }
}
local 78.47.3.18 {
  protocol pop3 {
ssl_cert = /etc/dovecot/ssl/anup/server.pem
ssl_key = /etc/dovecot/ssl/anup/mail-anup-de-key.pem
  }
}
local 78.47.3.19 {
  protocol imap {
ssl_cert = /etc/dovecot/ssl/startsslkeys/bitcorner/server.pem
ssl_key = /etc/dovecot/ssl/startsslkeys/bitcorner/key.pem
  }
}
local 78.47.3.19 {
  protocol pop3 {
ssl_cert = /etc/dovecot/ssl/startsslkeys/bitcorner/server.pem
ssl_key = /etc/dovecot/ssl/startsslkeys/bitcorner/key.pem
  }
}
local 78.47.3.21 {
  protocol imap {
ssl_cert = /etc/dovecot/ssl/startsslkeys/foxmailer/server.pem
ssl_key = /etc/dovecot/ssl/startsslkeys/foxmailer/key.pem
  }
}
local 78.47.3.21 {
  protocol pop3 {
ssl_cert = /etc/dovecot/ssl/startsslkeys/foxmailer/server.pem
ssl_key = /etc/dovecot/ssl/startsslkeys/foxmailer/key.pem
  }
}
local 78.47.3.22 {
  protocol imap {
ssl_cert = /etc/dovecot/ssl/baubetreuung/bau.pem
ssl_key = /etc/dovecot/ssl/baubetreuung/mail-baubetreuung-de-key.pem
  }
}
local 78.47.3.22 {
  protocol pop3 {
ssl_cert = /etc/dovecot/ssl/baubetreuung/bau.pem
ssl_key = /etc/dovecot/ssl/baubetreuung/mail-baubetreuung-de-key.pem
  }
}

I did not have this problem with the symlink before with a selfcompiled
dovecot version 2.1.17 and a selfcompiled version of 
dovecot-2.1-pigeonhole-0.3.1

Now, I used the rpm-packages

Re: [Dovecot] Question to sieve symlink

[Andreas Meyer]

Stephan Bosch step...@rename-it.nl wrote:

 On 10/20/2013 6:05 PM, Andreas Meyer wrote:
  I did not have this problem with the symlink before with a selfcompiled
  dovecot version 2.1.17 and a selfcompiled version of 
  dovecot-2.1-pigeonhole-0.3.1
 
  Now, I used the rpm-packages of the distribution (version 2.1.13), upgraded
  yesterday with rpm's to version 2.1.17 but the problem persists.
 
 Could you enable mail_debug and show us what the logs say?

I specified

mail_debug = yes
debug_log_path = /var/log/dovecot-debug.log

in dovecot.conf and restarted dovecot, but nothing is written to
the log.

# doveadm log find
Debug: /var/log/dovecot-debug.log
Info: /var/log/dovecot1
Warning: /var/log/dovecot1
Error: /var/log/dovecot1
Fatal: /var/log/dovecot1

 Regards,
 
 Stephan

  Andreas

Re: [Dovecot] Question to sieve symlink

[Andreas Meyer]

Stephan Bosch step...@rename-it.nl wrote:

 On 10/20/2013 6:05 PM, Andreas Meyer wrote:
  I did not have this problem with the symlink before with a selfcompiled
  dovecot version 2.1.17 and a selfcompiled version of 
  dovecot-2.1-pigeonhole-0.3.1
 
  Now, I used the rpm-packages of the distribution (version 2.1.13), upgraded
  yesterday with rpm's to version 2.1.17 but the problem persists.
 
 Could you enable mail_debug and show us what the logs say?

In the debug.log I have this

Oct 20 20:10:39 managesieve: Debug: Loading modules from directory: 
/usr/lib/dovecot/modules
Oct 20 20:10:39 managesieve: Debug: Module loaded: 
/usr/lib/dovecot/modules/lib10_quota_plugin.so
Oct 20 20:10:39 managesieve: Debug: Added userdb setting: mail=maildir:~/
Oct 20 20:10:39 managesieve: Debug: Added userdb setting: 
plugin/quota_rule=*:bytes=1G
Oct 20 20:10:39 managesieve(anme...@anup.de): Debug: Effective uid=5000, 
gid=5000, home=/var/spool/vhosts/anup.de/anmeyer
Oct 20 20:10:39 managesieve(anme...@anup.de): Debug: Quota root: name=User 
quota backend=maildir args=
Oct 20 20:10:39 managesieve(anme...@anup.de): Debug: Quota rule: root=User 
quota mailbox=* bytes=1073741824 messages=0
Oct 20 20:10:39 managesieve(anme...@anup.de): Debug: Quota rule: root=User 
quota mailbox=Trash bytes=+107374182 (10%) messages=0
Oct 20 20:10:39 managesieve(anme...@anup.de): Debug: Namespace inbox: 
type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes 
location=maildir:~/
Oct 20 20:10:39 managesieve(anme...@anup.de): Debug: maildir++: 
root=/var/spool/vhosts/anup.de/anmeyer, index=, control=, 
inbox=/var/spool/vhosts/anup.de/anmeyer, alt=
Oct 20 20:10:39 managesieve(anme...@anup.de): Debug: sieve: include: 
sieve_global_dir is not set; it is currently not possible to include `:global' 
scripts.
Oct 20 20:10:39 managesieve(anme...@anup.de): Debug: sieve-storage: using 
active sieve script path: /var/spool/vhosts/anup.de/anmeyer/.dovecot.sieve
Oct 20 20:10:39 managesieve(anme...@anup.de): Debug: sieve-storage: using sieve 
script storage directory: /var/spool/vhosts/anup.de/anmeyer/.sieve
Oct 20 20:10:39 managesieve(anme...@anup.de): Debug: sieve-storage: using 
permissions from /var/spool/vhosts/anup.de/anmeyer/.sieve: mode=0700 gid=-1
Oct 20 20:10:39 managesieve(anme...@anup.de): Debug: sieve-storage: relative 
path to sieve storage in active link: .sieve/
Oct 20 20:10:51 managesieve: Debug: Loading modules from directory: 
/usr/lib/dovecot/modules
Oct 20 20:10:51 managesieve: Debug: Module loaded: 
/usr/lib/dovecot/modules/lib10_quota_plugin.so
Oct 20 20:10:51 managesieve: Debug: Added userdb setting: mail=maildir:~/
Oct 20 20:10:51 managesieve: Debug: Added userdb setting: 
plugin/quota_rule=*:bytes=1G
Oct 20 20:10:51 managesieve(anme...@anup.de): Debug: Effective uid=5000, 
gid=5000, home=/var/spool/vhosts/anup.de/anmeyer
Oct 20 20:10:51 managesieve(anme...@anup.de): Debug: Quota root: name=User 
quota backend=maildir args=
Oct 20 20:10:51 managesieve(anme...@anup.de): Debug: Quota rule: root=User 
quota mailbox=* bytes=1073741824 messages=0
Oct 20 20:10:51 managesieve(anme...@anup.de): Debug: Quota rule: root=User 
quota mailbox=Trash bytes=+107374182 (10%) messages=0
Oct 20 20:10:51 managesieve(anme...@anup.de): Debug: Namespace inbox: 
type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes 
location=maildir:~/
Oct 20 20:10:51 managesieve(anme...@anup.de): Debug: maildir++: 
root=/var/spool/vhosts/anup.de/anmeyer, index=, control=, 
inbox=/var/spool/vhosts/anup.de/anmeyer, alt=
Oct 20 20:10:51 managesieve(anme...@anup.de): Debug: sieve: include: 
sieve_global_dir is not set; it is currently not possible to include `:global' 
scripts.
Oct 20 20:10:51 managesieve(anme...@anup.de): Debug: sieve-storage: using 
active sieve script path: /var/spool/vhosts/anup.de/anmeyer/.dovecot.sieve
Oct 20 20:10:51 managesieve(anme...@anup.de): Debug: sieve-storage: using sieve 
script storage directory: /var/spool/vhosts/anup.de/anmeyer/.sieve
Oct 20 20:10:51 managesieve(anme...@anup.de): Debug: sieve-storage: using 
permissions from /var/spool/vhosts/anup.de/anmeyer/.sieve: mode=0700 gid=-1
Oct 20 20:10:51 managesieve(anme...@anup.de): Debug: sieve-storage: relative 
path to sieve storage in active link: .sieve/
Oct 20 20:10:51 imap: Debug: Loading modules from directory: 
/usr/lib/dovecot/modules
Oct 20 20:10:51 imap: Debug: Module loaded: 
/usr/lib/dovecot/modules/lib10_quota_plugin.so
Oct 20 20:10:51 imap: Debug: Module loaded: 
/usr/lib/dovecot/modules/lib11_imap_quota_plugin.so
Oct 20 20:10:51 imap: Debug: Module loaded: 
/usr/lib/dovecot/modules/lib20_autocreate_plugin.so
Oct 20 20:10:51 imap: Debug: Added userdb setting: mail=maildir:~/
Oct 20 20:10:51 imap: Debug: Added userdb setting: plugin/quota_rule=*:bytes=1G
Oct 20 20:10:51 imap(anme...@anup.de): Debug: Effective uid=5000, gid=5000, 
home=/var/spool/vhosts/anup.de/anmeyer
Oct 20 20:10:51 imap(anme...@anup.de): Debug: Quota root: name

Re: [Dovecot] Question to sieve symlink

[Andreas Meyer]

Robert Schetterer r...@sys4.de wrote:

 Am 20.10.2013 20:01, schrieb Andreas Meyer:
  Stephan Bosch step...@rename-it.nl wrote:

  Now, I used the rpm-packages of the distribution (version
  2.1.13), upgraded yesterday with rpm's to version 2.1.17 but
  the problem persists.
  
  Could you enable mail_debug and show us what the logs say?
  
  I specified
  
  mail_debug = yes debug_log_path = /var/log/dovecot-debug.log
  
  in dovecot.conf and restarted dovecot, but nothing is written to 
  the log.
  
  # doveadm log find Debug: /var/log/dovecot-debug.log Info:
  /var/log/dovecot1 Warning: /var/log/dovecot1 Error:
  /var/log/dovecot1 Fatal: /var/log/dovecot1

 does it exist ,is it writable ?

I set
mail_debug = yes
debug_log_path = /var/log/dovecot-debug.log

in the dovecot.conf but in the 10-logging.conf there was
mail_debug = no set. I thought the dovecot.conf would
overtop the 10-logging.conf

 Best Regards
 MfG Robert Schetterer

  Andreas

Re: [Dovecot] Question to sieve symlink

[Andreas Meyer]

Stephan Bosch step...@rename-it.nl wrote:

  Oct 20 20:10:39 managesieve-login: Info: Login: user=anme...@anup.de, 
  method=CRAM-MD5, rip=127.0.0.1, lip=127.0.0.1, mpid=1898, secured
  Oct 20 20:10:39 managesieve(anme...@anup.de): Warning: sieve-storage: 
  Active sieve script symlink 
  /var/spool/vhosts/anup.de/anmeyer/.dovecot.sieve is broken: invalid/unknown 
  path to storage (points to 
  /var/spool/vhosts/anup.de/anmeyer/.sieve/banane.sieve).
  Oct 20 20:10:39 managesieve(anme...@anup.de): Warning: sieve-storage: 
  Active sieve script symlink 
  /var/spool/vhosts/anup.de/anmeyer/.dovecot.sieve is broken: invalid/unknown 
  path to storage (points to 
  /var/spool/vhosts/anup.de/anmeyer/.sieve/banane.sieve).
  Oct 20 20:10:39 managesieve(anme...@anup.de): Info: Disconnected: Logged 
  out bytes=52/1565
 
 This looks like a bug to me. Could you try to set:
 
 sieve_dir = ~/.sieve/
 
 (notice the slash at the end)
 
 Does it stop complaining now?

well allright, that seems to solve the problem. No complains anymore
so far about the broken symlink.

 Regards,
 
 Stephan.

Thank you so much!

  Andreas

[Dovecot] Question to sieve symlink

[Andreas Meyer]

Hello!

A Server running openSUSE 12.3 and dovecot version 2.1.13.
In the log I find

Oct 19 00:23:23 managesieve(anme...@anup.de): Warning: sieve-storage: Active 
sieve script symlink /var/spool/vhosts/anup.de/anmeyer/.dovecot.sieve is 
broken: invalid/unknown path to storage (points to 
/var/spool/vhosts/anup.de/anmeyer/.sieve/managesieve.sieve).

But the link is ok and when I login to roundcube I can manage the filters.
What's the problem?

Greetings

  Andreas

[Dovecot] both passwd-file and MySQL

[Andreas Meyer]

Hello all!

Wondering if it is possible to use a flat passwd-file for some domains
and for some other a MySQL-database for queries?

All of our domains are handled by

passdb {
  args = /etc/dovecot/passwd
  driver = passwd-file
}
userdb {
  args = /etc/dovecot/passwd
  driver = passwd-file
}

Can one use MySQL in addition for another domain?

Greetings

  Andreas

Re: [Dovecot] both passwd-file and MySQL

[Andreas Meyer]

Robert Schetterer r...@sys4.de wrote:

  passwd-file for master users are working in addition to sql auth
  i guess, it should work too for normal users/domains but there should
  not be overlapping or same info in both for same users
  
  perhaps this helps
  
  http://sys4.de/de/blog/2013/02/11/master-user-dovecot-isp-layout-mit-postfixadmin/
  
  sorry only german
  
  
  Best Regards
  MfG Robert Schetterer
  
 
 this one might be better, for help
 
 http://wiki2.dovecot.org/Authentication/MultipleDatabases

Great! Just upgraded from v 2.1.16 to 2.1.17 with
./configure --prefix=/usr --sysconfdir=/etc --with-mysql --with-solr --with-ldap
and everything is fine.

  Andreas

Re: [Dovecot] Dovecot Postfix Quota Policy Service

[Andreas Meyer]

Ralf Hildebrandt r...@sys4.de wrote:

 * Robert Schetterer r...@sys4.de:
 
  quota_grace = 10%%
  quota_status_success = DUNNO
  quota_status_nouser = DUNNO
  quota_status_overquota = 552 5.2.2 Mailbox is full / Mailbox ist voll
 
 The very last line quota_status_overquota doesn't work. No matter
 which kind of quoting I'm using ', , or none at all, dovecot will
 always misbehave (it will accept ANY mail)

It would be desireable this feature in dovecot would work so that
email would be rejected at first instance and not be bounced after
they where accepted by the MDA.

Nice Sunday!

  Andreas

Re: [Dovecot] Dovecot Postfix Quota Policy Service

[Andreas Meyer]

Daniel Luttermann dan...@dlutt.de wrote:

 When I use
 
 service config {
   unix_listener config {
 group =
 mode = 0666
 user =
   }
 }
 
 then the error permission denied doesn't occur anymore but the error
 
   warning: access table unix:private/quota-status entry  has empty value

I don't know if this is related to your problem but the error may be
caused because of the doublespace between entry and has. Timo
has already recogniced this.

  Andreas

Re: [Dovecot] v2.2.0 released

[Andreas Meyer]

Mark Sapiro m...@msapiro.net wrote:

 On 4/12/2013 10:33 AM, Timo Sirainen wrote:
  http://dovecot.org/releases/2.2/dovecot-2.2.0.tar.gz
  http://dovecot.org/releases/2.2/dovecot-2.2.0.tar.gz.sig
  
  Everything now seems to be stable and working in v2.2, so I can finally
  move onto developing great new interesting features for v2.3. :)
 
 
 It's installed and running here. Congratulations (big round of applause)

Can I upgrade from 2.1.16 to 2.2 with the old config? Is there something
to be carefull with? 

  Andreas

[Dovecot] IDLE and inactivity

[Andreas Meyer]

Good day!

Apr 07 10:59:40 imap(anme...@anup.de): Info: Disconnected: Disconnected in IDLE 
in=725 out=2546
Apr 07 10:59:59 imap(anme...@anup.de): Info: Disconnected for inactivity in=952 
out=25789

Please someone explain to me the IDLE state and the inactivity state an what
the numbers at in= and out= means!

  Andreas

Re: [Dovecot] v2.1.16 released

[Andreas Meyer]

Hello!

Timo Sirainen t...@iki.fi wrote:

 http://dovecot.org/releases/2.1/dovecot-2.1.16.tar.gz
 http://dovecot.org/releases/2.1/dovecot-2.1.16.tar.gz.sig
 
   + Added quota-status policy service for Postfix

Got a problem with the quota-status. I added it using the howto
from Ralf Hildebrand at
http://sys4.de/de/blog/2013/04/05/dovecot-quota-mit-postfix-abfragen/

# netstat -pantu |grep 12340
tcp0  0 127.0.0.1:123400.0.0.0:*LISTEN  19666/dovecot

plugin {
quota = maildir:User quota
quota_grace = 10%%
quota_rule = *:storage=500MB
quota_rule2 = Trash:storage=+10%%

quota_status_success = DUNNO
quota_status_nouser = DUNNO
quota_status_overquota = 552 5.2.2 Mailbox is full / Mailbox ist voll
   
autocreate = Trash
autocreate2 = Drafts
autocreate3 = Sent

autosubscribe = Trash
autosubscribe2 = Drafts
autosubscribe3 = Sent
}

service quota-status {
executable = quota-status -p postfix
inet_listener {
port = 12340
}
client_limit = 1
}

and in der main.cf of postfix
warn_if_reject check_policy_service inet:127.0.0.1:12340

I get this in the logfile of postfix:
Apr  7 15:52:51 delta postfix/smtpd[19988]: warning: access table 
inet:127.0.0.1:12340 entry  has empty value

What's wrong? Postfis does not seem to get the quota-status from dovecot.

  Andreas

Re: [Dovecot] v2.1.16 released

[Andreas Meyer]

Robert Schetterer r...@sys4.de wrote:

 Am 07.04.2013 16:07, schrieb Andreas Meyer:
  Hello!
  
  Timo Sirainen t...@iki.fi wrote:
  
  http://dovecot.org/releases/2.1/dovecot-2.1.16.tar.gz
  http://dovecot.org/releases/2.1/dovecot-2.1.16.tar.gz.sig
 
 + Added quota-status policy service for Postfix
  
  Got a problem with the quota-status. I added it using the howto
  from Ralf Hildebrand at
  http://sys4.de/de/blog/2013/04/05/dovecot-quota-mit-postfix-abfragen/
  
  # netstat -pantu |grep 12340
  tcp0  0 127.0.0.1:123400.0.0.0:*LISTEN  
  19666/dovecot
  
  plugin {
  quota = maildir:User quota
  quota_grace = 10%%
  quota_rule = *:storage=500MB
  quota_rule2 = Trash:storage=+10%%
  
  quota_status_success = DUNNO
  quota_status_nouser = DUNNO
  quota_status_overquota = 552 5.2.2 Mailbox is full / Mailbox ist voll
 
  autocreate = Trash
  autocreate2 = Drafts
  autocreate3 = Sent
  
  autosubscribe = Trash
  autosubscribe2 = Drafts
  autosubscribe3 = Sent
  }
  
  service quota-status {
  executable = quota-status -p postfix
  inet_listener {
  port = 12340
  }
  client_limit = 1
  }
  
  and in der main.cf of postfix
  warn_if_reject check_policy_service inet:127.0.0.1:12340
  
  I get this in the logfile of postfix:
  Apr  7 15:52:51 delta postfix/smtpd[19988]: warning: access table 
  inet:127.0.0.1:12340 entry  has empty value
  
  What's wrong? Postfis does not seem to get the quota-status from dovecot.
  
Andreas
  
 
 not sure what this means and in hurry ,but
 i.e try alternate setup
 
 service quota-status {
 executable = quota-status -p postfix
 unix_listener /var/spool/postfix/private/quota-status {
 group = postfix
 mode = 0660
 user = postfix
 }
 client_limit = 1
 }
 
 smtpd_recipient_restrictions = reject_non_fqdn_recipient,
reject_unknown_recipient_domain,
permit_mynetworks,
 ...
   reject_unauth_destination,
   check_policy_service unix:private/quota-status

Tried that already with the same behaviour. Postfix does not get
the quota-status.

  Andreas

Re: [Dovecot] v2.1.16 released

[Andreas Meyer]

Robert Schetterer r...@sys4.de wrote:

  not sure what this means and in hurry ,but
  i.e try alternate setup
 
  service quota-status {
  executable = quota-status -p postfix
  unix_listener /var/spool/postfix/private/quota-status {
  group = postfix
  mode = 0660
  user = postfix
  }
  client_limit = 1
  }
 
  smtpd_recipient_restrictions = reject_non_fqdn_recipient,
 reject_unknown_recipient_domain,
 permit_mynetworks,
  ...
reject_unauth_destination,
check_policy_service unix:private/quota-status
  
  Tried that already with the same behaviour. Postfix does not get
  the quota-status.

 Hi Andreas, i should clean up my eyes
 the dovecot policy daemon code really is in
 2.1.16 but there is no quota_grace Parameter, without
 this service make small sense i.e if you allready have lmtp quota
 enabled, cause mostly this will bounce mail before the mailbox gets
 overquota in real

Didn't know the thing with the quota_grace. Yes, I use dovecot-lda
as transport from postfix. So postfix hands over the mail to the
virtual_transport = dovecot and the check with the inet_listener
isn't done then? B)
I guess dovecot-lda should report the quota-status and do the check.

 if you want to test dove quota feature it only make sense
 if using dove 2.2 ( as written in the blog by Ralf)

I testet this in a productive environment. If I get the time I'll
setup a testmachine for 2.2

 speculation , i dont think that Timo will backport quota_grace to 2.1
 
 Best Regards
 MfG Robert Schetterer

Greetings

  Andreas

Re: [Dovecot] [Dovecot-de] Dovecot Quota via policy service abfragen

[Andreas Meyer]

Hallo Waffenmeister!

Ralf Hildebrandt ralf.hildebra...@charite.de wrote:

  Apr  7 14:07:52 delta postfix/qmgr[19078]: 1D8921B31260: 
  from=anme...@anup.de, size=1492149, nrcpt=1 (queue active)
  Apr  7 14:07:53 delta postfix/pipe[19091]: 1D8921B31260: 
  to=mi...@anup.de, relay=dovecot, delay=2542, delays=2542/0.01/0/0.29, 
  dsn=4.3.0, status=deferred (temporary failure)
 
 Ich sehe hier nur einen Fehler vom transport dovecot.
 
  plugin {
  quota = maildir:User quota
  quota_grace = 10%%
  quota_rule = *:storage=500MB
  quota_rule2 = Trash:storage=+10%%
  
  quota_status_success = DUNNO
  quota_status_nouser = DUNNO
  quota_status_overquota = 552 5.2.2 Mailbox is full / Mailbox ist voll
 
 Lass mal das quota_status_overquota feld weg. 

Habe ich jetzt neben quota_grace = 10%% auch rausgenommen.

Apr  7 19:38:35 delta postfix/smtpd[23037]: connect from 
p54B32BC9.dip.t-dialin.net[84.179.43.201]
Apr  7 19:38:36 delta postfix/smtpd[23037]: setting up TLS connection from 
p54B32BC9.dip.t-dialin.net[84.179.43.201]
Apr  7 19:38:36 delta postfix/smtpd[23037]: TLS connection established from 
p54B32BC9.dip.t-dialin.net[84.179.43.201]: TLSv1 with cipher DHE-RSA-AES128-SHA 
(128/128 bits)
Apr  7 19:38:37 delta postfix/smtpd[23037]: NOQUEUE: 
client=p54B32BC9.dip.t-dialin.net[84.179.43.201], sasl_method=CRAM-MD5, 
sasl_username=anme...@anup.de
Apr  7 19:39:01 delta postfix/smtpd[23139]: connect from localhost[127.0.0.1]
Apr  7 19:39:01 delta postfix/smtpd[23139]: 9C1BA1B30FB0: 
client=localhost[127.0.0.1]
Apr  7 19:39:01 delta postfix/cleanup[23142]: 9C1BA1B30FB0: 
message-id=20130407193818.62d8c328@itxnew.bitcorner.intern
Apr  7 19:39:01 delta postfix/qmgr[22234]: 9C1BA1B30FB0: 
from=anme...@anup.de, size=1492149, nrcpt=1 (queue active)
Apr  7 19:39:01 delta postfix/smtpd[23139]: disconnect from localhost[127.0.0.1]
Apr  7 19:39:02 delta postfix/smtpd[23037]: disconnect from 
p54B32BC9.dip.t-dialin.net[84.179.43.201]
Apr  7 19:39:02 delta postfix/pipe[23143]: 9C1BA1B30FB0: to=mi...@anup.de, 
relay=dovecot, delay=0.56, delays=0.33/0/0/0.23, dsn=4.3.0, status=deferred 
(temporary failure)

  Also ich vermisse das reject-warning von postfix und es hat auch nicht den
  Anschein, dass postfix den Status der Quota bei dovecot über port 12340
  abfrägt.
 
 Naja, vielleicht steht es an der falschen Stelle in den Restrictions!
 Das muss passieren BEVOR irgendwas ein OK zurückgibt.
 
Ich habe warn_if_reject check_policy_service inet:127.0.0.1:12340
ziemlich am Anfang der recipient_restrictions gesetzt nachdem ich
den check am Ende hatte noch nach postgrey.

smtpd_recipient_restrictions =
check_sender_access hash:/etc/postfix/access_sender,
permit_mynetworks,
permit_sasl_authenticated,
reject_invalid_helo_hostname,
reject_unlisted_recipient,
warn_if_reject check_policy_service inet:127.0.0.1:12340
reject_unknown_sender_domain,
check_sender_access pcre:/etc/postfix/umlaute.pcre,
check_recipient_access pcre:/etc/postfix/umlaute.pcre,
reject_unauth_destination,
reject_rbl_client bl.spamcop.net,
reject_rbl_client zen.spamhaus.org,
check_client_access cidr:/etc/postfix/client.cidr,
check_policy_service inet:127.0.0.1:10023

  Andreas

Re: [Dovecot] v2.1.16 released

[Andreas Meyer]

Hello!

Timo Sirainen t...@iki.fi wrote:

 On 7.4.2013, at 17.07, Andreas Meyer anme...@anup.de wrote:
 
  Got a problem with the quota-status. I added it using the howto
  from Ralf Hildebrand at
  http://sys4.de/de/blog/2013/04/05/dovecot-quota-mit-postfix-abfragen/
 ..
  I get this in the logfile of postfix:
  Apr  7 15:52:51 delta postfix/smtpd[19988]: warning: access table 
  inet:127.0.0.1:12340 entry  has empty value
 
 I wonder if that really means that it's getting an empty value or if it's 
 something else. I don't know why it would be getting an empty value. Do you 
 see an anything in Dovecot's error log?

Apr  7 19:55:53 delta postfix/smtpd[23362]: connect from 
dovecot.org[193.210.130.67]
Apr  7 19:55:53 delta postfix/smtpd[23362]: warning: access table 
inet:127.0.0.1:12340 entry  has empty value
Apr  7 19:55:53 delta postfix/smtpd[23362]: NOQUEUE: 
client=dovecot.org[193.210.130.67]
Apr  7 19:55:54 delta postfix/smtpd[23234]: 727161B31260: 
client=localhost[127.0.0.1]
Apr  7 19:55:54 delta postfix/cleanup[23369]: 727161B31260: 
message-id=f5021a00-0b9b-4d1f-8b1a-a13311948...@iki.fi
Apr  7 19:55:54 delta postfix/smtpd[23234]: disconnect from localhost[127.0.0.1]
Apr  7 19:55:54 delta postfix/qmgr[22234]: 727161B31260: 
from=dovecot-boun...@dovecot.org, size=2764, nrcpt=1 (queue active)
Apr  7 19:55:54 delta postfix/smtpd[23362]: disconnect from 
dovecot.org[193.210.130.67]
Apr  7 19:55:54 delta postfix/pipe[23370]: 727161B31260: to=anme...@anup.de, 
relay=dovecot, delay=0.24, delays=0.07/0/0/0.17, dsn=2.0.0, status=sent 
(delivered via dovecot service)
Apr  7 19:55:54 delta postfix/qmgr[22234]: 727161B31260: removed

 
 I know there's a bug in 2.1.16 where it crashes if you try to ask quota 
 status for a nonexistent user.. 
 http://hg.dovecot.org/dovecot-2.1/rev/c6b4a639cae1 fixes that.
 
The user exists. This is what I find in the dovecot-lda-errors.log

Apr 07 19:48:13 lda(mi...@anup.de): Error: sieve: 
msgid=20130407193818.62d8c328@itxnew.bitcorner.intern: failed to store into 
mailbox 'INBOX': Quota exceeded (mailbox for user is full)
Apr 07 19:48:13 lda(mi...@anup.de): Error: sieve: script 
/var/spool/vhosts/anup.de/miles/.dovecot.sieve failed with unsuccessful 
implicit keep (user logfile /var/spool/vhosts/anup.de/miles/.dov
ecot.sieve.log may reveal additional details)

Nothing special in the dovecot.log
Apr 07 19:47:15 imap-login: Info: Login: user=mi...@anup.de, method=CRAM-MD5, 
rip=84.179.43.201, lip=213.239.207.165, mpid=23264, session=X4kr6cjZcgBUsyvJ

  Andreas

Re: [Dovecot] [Dovecot-de] Dovecot Quota via policy service abfragen

[Andreas Meyer]

Ralf Hildebrandt ralf.hildebra...@charite.de wrote:

 * Andreas Meyer anme...@anup.de:
 
  Habe ich jetzt neben quota_grace = 10%% auch rausgenommen.
 
 Gut.
  
  Apr  7 19:38:35 delta postfix/smtpd[23037]: connect from 
  p54B32BC9.dip.t-dialin.net[84.179.43.201]
  Apr  7 19:38:36 delta postfix/smtpd[23037]: setting up TLS connection from 
  p54B32BC9.dip.t-dialin.net[84.179.43.201]
  Apr  7 19:38:36 delta postfix/smtpd[23037]: TLS connection established from 
  p54B32BC9.dip.t-dialin.net[84.179.43.201]: TLSv1 with cipher 
  DHE-RSA-AES128-SHA (128/128 bits)
  Apr  7 19:38:37 delta postfix/smtpd[23037]: NOQUEUE: 
  client=p54B32BC9.dip.t-dialin.net[84.179.43.201], sasl_method=CRAM-MD5, 
  sasl_username=anme...@anup.de
  Apr  7 19:39:01 delta postfix/smtpd[23139]: connect from 
  localhost[127.0.0.1]
  Apr  7 19:39:01 delta postfix/smtpd[23139]: 9C1BA1B30FB0: 
  client=localhost[127.0.0.1]
  Apr  7 19:39:01 delta postfix/cleanup[23142]: 9C1BA1B30FB0: 
  message-id=20130407193818.62d8c328@itxnew.bitcorner.intern
  Apr  7 19:39:01 delta postfix/qmgr[22234]: 9C1BA1B30FB0: 
  from=anme...@anup.de, size=1492149, nrcpt=1 (queue active)
  Apr  7 19:39:01 delta postfix/smtpd[23139]: disconnect from 
  localhost[127.0.0.1]
  Apr  7 19:39:02 delta postfix/smtpd[23037]: disconnect from 
  p54B32BC9.dip.t-dialin.net[84.179.43.201]
  Apr  7 19:39:02 delta postfix/pipe[23143]: 9C1BA1B30FB0: 
  to=mi...@anup.de, relay=dovecot, delay=0.56, delays=0.33/0/0/0.23, 
  dsn=4.3.0, status=deferred (temporary failure)
 
 Na dann sind deine Restrictions falsch und die Mail wird OK'ed bevor
 der Policy Server gefragt wird.
 
  Ich habe warn_if_reject check_policy_service inet:127.0.0.1:12340
  ziemlich am Anfang der recipient_restrictions gesetzt nachdem ich
  den check am Ende hatte noch nach postgrey.
  
  smtpd_recipient_restrictions =
 
  --- hier einbauen ---
  ist ja nur zum Test
  
  check_sender_access hash:/etc/postfix/access_sender,
  permit_mynetworks,
  permit_sasl_authenticated,
  reject_invalid_helo_hostname,
  reject_unlisted_recipient,
  warn_if_reject check_policy_service inet:127.0.0.1:12340
  reject_unknown_sender_domain,
  check_sender_access pcre:/etc/postfix/umlaute.pcre,
  check_recipient_access pcre:/etc/postfix/umlaute.pcre,
  reject_unauth_destination,
  reject_rbl_client bl.spamcop.net,
  reject_rbl_client zen.spamhaus.org,
  check_client_access cidr:/etc/postfix/client.cidr,
  check_policy_service inet:127.0.0.1:10023

That did the trick! The order of the recipient_restricitons was wrong.

Apr  7 20:24:55 delta postfix/smtpd[23806]: connect from 
p54B32BC9.dip.t-dialin.net[84.179.43.201]
Apr  7 20:24:55 delta postfix/smtpd[23806]: setting up TLS connection from 
p54B32BC9.dip.t-dialin.net[84.179.43.201]
Apr  7 20:24:56 delta postfix/smtpd[23806]: TLS connection established from 
p54B32BC9.dip.t-dialin.net[84.179.43.201]: TLSv1 with cipher DHE-RSA-AES128-SHA 
(128/128 bits)
Apr  7 20:24:56 delta postfix/smtpd[23806]: NOQUEUE: reject: RCPT from 
p54B32BC9.dip.t-dialin.net[84.179.43.201]: 552 5.2.2 mi...@anup.de: Recipient 
address rejected: Quota exceeded (mailbox for user is full); 
from=anme...@anup.de to=mi...@anup.de proto=ESMTP 
helo=itxnew.bitcorner.intern
Apr  7 20:24:56 delta postfix/smtpd[23806]: lost connection after RCPT from 
p54B32BC9.dip.t-dialin.net[84.179.43.201]
Apr  7 20:24:56 delta postfix/smtpd[23806]: disconnect from 
p54B32BC9.dip.t-dialin.net[84.179.43.201]

The MUA does not get rid of the mail, when it would exceed the quota.

But now the next problem. I cannot send this mail and get the following
with 

smtpd_recipient_restrictions =
check_policy_service inet:127.0.0.1:12340
check_sender_access hash:/etc/postfix/access_sender,
permit_mynetworks,
permit_sasl_authenticated,


Apr  7 20:31:43 delta postfix/smtpd[23820]: connect from 
p54B32BC9.dip.t-dialin.net[84.179.43.201]
Apr  7 20:31:44 delta postfix/smtpd[23820]: setting up TLS connection from 
p54B32BC9.dip.t-dialin.net[84.179.43.201]
Apr  7 20:31:45 delta postfix/smtpd[23820]: TLS connection established from 
p54B32BC9.dip.t-dialin.net[84.179.43.201]: TLSv1 with cipher DHE-RSA-AES128-SHA 
(128/128 bits)
Apr  7 20:31:46 delta postfix/smtpd[23820]: warning: problem talking to server 
127.0.0.1:12340: Success
Apr  7 20:31:46 delta postfix/smtpd[23820]: NOQUEUE: reject: RCPT from 
p54B32BC9.dip.t-dialin.net[84.179.43.201]: 451 4.3.5 Server configuration 
problem; from=anme...@anup.de to=dove...@listen.jpberlin.de proto=ESMTP 
helo=itxnew.bitcorner.intern
Apr  7 20:31:46 delta postfix/smtpd[23820]: lost connection after RCPT from 
p54B32BC9.dip.t-dialin.net[84.179.43.201]
Apr  7 20:31:46 delta postfix/smtpd[23820]: disconnect from 
p54B32BC9.dip.t-dialin.net[84.179.43.201]

the mail is not sent out. I deactivated the check to get sent
mail sent.

  Andreas

Re: [Dovecot] v2.1.16 released

[Andreas Meyer]

Timo Sirainen t...@iki.fi wrote:

 On 7.4.2013, at 20.58, Andreas Meyer anme...@anup.de wrote:
 
  Apr  7 15:52:51 delta postfix/smtpd[19988]: warning: access table 
  inet:127.0.0.1:12340 entry  has empty value
  
  I wonder if that really means that it's getting an empty value or if it's 
  something else. I don't know why it would be getting an empty value. Do 
  you see an anything in Dovecot's error log?
  
  Apr  7 19:55:53 delta postfix/smtpd[23362]: connect from 
  dovecot.org[193.210.130.67]
  Apr  7 19:55:53 delta postfix/smtpd[23362]: warning: access table 
  inet:127.0.0.1:12340 entry  has empty value
 
 
 Oh, notice the two spaces there between entry  has? It's looking up an 
 empty key (instead of email@address), so it's getting back an empty value. 
 Although Dovecot's reply should still be DUNNO then. Anyway, looks to me like 
 Postfix config isn't correct somehow.
 

Yes I saw the space between entry  has. ;). And yes, like posted in my
other email, I set the check for the inet_listener to the beginning of
the recipient_restrictions in Postfix and the thing worked and the MTA
refused to take the mail over.

But thereby got the problem not beeing able to send any email to the
mailserver. Don't know why at the moment. Something is wrong with the
order of the checks in postfix.

  Andreas

Re: [Dovecot] v2.1.16 released

[Andreas Meyer]

Zhang Huangbin zhbmaillisto...@gmail.com wrote:

 
 
 On Friday, April 5, 2013 at 5:16 AM, Timo Sirainen wrote:
 
  + Added quota-status policy service for Postfix
  
 
 
 Found quota-status related settings in Dovecot-2.2 commit log here:
 http://hg.dovecot.org/dovecot-2.2/rev/980be1dc80c2

yes, great work!

Apr 05 11:26:20 master: Info: Dovecot v2.1.16 starting up (core dumps disabled)

Had to recompile dovecot-2.1-pigeonhole-0.3.1. Everything is fine now.

  Andreas

Re: [Dovecot] loop when I enable quota_warning

[Andreas Meyer]

Hello!

Timo Sirainen t...@iki.fi wrote:

 On 21.3.2013, at 16.55, Andreas Meyer anme...@anup.de wrote:
 
  The problem occurs when I add the following to dovecot.conf:
  
  quota_warning = storage=95%% quota-warning 95 %u
  quota_warning2 = storage=80%% quota-warning 80 %u
  quota_warning3 = -storage=100%% quota-warning below %u # user is no longer 
  over quota
  
  The script executed looks like this:
  
  #!/bin/sh
  PERCENT=$1
  USER=$2
  cat  EOF | /usr/libexec/dovecot/dovecot-lda -d $USER -o 
  plugin/quota=maildir:User quota:noenforcing
 
 Just because quota isn't enforced, it doesn't mean that the quota warnings 
 aren't executed. You need to disable quota entirely (e.g. -o plugin/quota= 
 might work, although it requires a somewhat new version).
 

Now I have -o plugin/quota= in the script. That seems to avoid the loop,
but the user also does not get a quota-warning.

plugin {
quota = maildir:User quota
quota_rule = *:storage=500MB
quota_rule2 = Trash:storage=+10%%

quota_warning = storage=95%% quota-warning 95 %u
quota_warning2 = storage=80%% quota-warning 80 %u
quota_warning3 = -storage=100%% quota-warning below %u # user is no longer 
over quota

autocreate = Trash
autocreate2 = Drafts
autocreate3 = Sent

autosubscribe = Trash
autosubscribe2 = Drafts
autosubscribe3 = Sent

sieve_extensions = +vacation-seconds
sieve_vacation_min_period = 1h
sieve_vacation_default_period = 10d
sieve_vacation_max_period = 30d
}

# doveadm -D quota get -u mi...@anup.de
doveadm(mail1): Debug: Loading modules from directory: /usr/lib/dovecot
doveadm(mail1): Debug: Module loaded: /usr/lib/dovecot/lib10_quota_plugin.so
doveadm(mail1): Debug: Loading modules from directory: /usr/lib/dovecot/doveadm
doveadm(mail1): Debug: Skipping module doveadm_acl_plugin, because dlopen() 
failed: /usr/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so: undefined symbol: 
acl_user_module (this is usually intentional, so just ignore this message)
doveadm(mail1): Debug: Skipping module doveadm_expire_plugin, because dlopen() 
failed: /usr/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so: undefined 
symbol: expire_set_lookup (this is usually intentional, so just ignore this 
message)
doveadm(mail1): Debug: Module loaded: 
/usr/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so
doveadm(mail1): Debug: Skipping module doveadm_zlib_plugin, because dlopen() 
failed: /usr/lib/dovecot/doveadm/lib10_doveadm_zlib_plugin.so: undefined 
symbol: i_stream_create_deflate (this is usually intentional, so just ignore 
this message)
doveadm(mail1): Debug: Skipping module doveadm_fts_plugin, because dlopen() 
failed: /usr/lib/dovecot/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: 
fts_list_backend (this is usually intentional, so just ignore this message)
doveadm(mi...@anup.de): Debug: Added userdb setting: mail=maildir:~/
doveadm(mi...@anup.de): Debug: Added userdb setting: 
plugin/quota_rule=*:bytes=30M
doveadm(mi...@anup.de): Debug: Effective uid=5000, gid=5000, 
home=/var/spool/vhosts/anup.de/miles
doveadm(mi...@anup.de): Debug: Quota root: name=User quota backend=maildir args=
doveadm(mi...@anup.de): Debug: Quota rule: root=User quota mailbox=* 
bytes=31457280 messages=0
doveadm(mi...@anup.de): Debug: Quota rule: root=User quota mailbox=Trash 
bytes=+3145728 (10%) messages=0
doveadm(mi...@anup.de): Debug: Quota warning: bytes=29884416 (95%) messages=0 
reverse=no command=quota-warning 95 mi...@anup.de
doveadm(mi...@anup.de): Debug: Quota warning: bytes=25165824 (80%) messages=0 
reverse=no command=quota-warning 80 mi...@anup.de
doveadm(mi...@anup.de): Debug: Quota warning: bytes=31457280 (100%) messages=0 
reverse=yes command=quota-warning below mi...@anup.de
doveadm(mi...@anup.de): Debug: Namespace inbox: type=private, prefix=, sep=, 
inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:~/
doveadm(mi...@anup.de): Debug: maildir++: root=/var/spool/vhosts/anup.de/miles, 
index=, control=, inbox=/var/spool/vhosts/anup.de/miles, alt=
Quota name TypeValue Limit  
%
User quota STORAGE 30715 30720  
   99
User quota MESSAGE   189 - 

  Andreas

[Dovecot] global mail_plugins

[Andreas Meyer]

Hello!

How do I know what is specified in the global mail_plugins?

# doveconf |grep mail_plugins
mail_plugins = 
  mail_plugins =  quota sieve
  mail_plugins =  quota imap_quota autocreate
  mail_plugins =  sieve

Is it just what is defined in the dovecot.conf and when there
is nothing defined there are no global mail_plugins per default?

  Andreas

[Dovecot] loop when I enable

[Andreas Meyer]

Hello!

I have a nasty problem with a loop when I enable quota_warning. The
mailbox fills up with thousands of email within seconds. This happens
only with mbox'es retrieved with POP3.

From MAILER-DAEMON  Thu Mar 21 13:54:07 2013 
From: supp...@anup.de 
Subject: Mailbox Quota-Warnung 
X-UID: 8036 
Status:  
X-Keywords:
Content-Length: 41 
 
Ihre Mailbox ist jetzt zu below% belegt.

# doveconf -n

# 2.1.7: /usr/etc/dovecot/dovecot.conf

auth_mechanisms = plain cram-md5
auth_verbose = yes
disable_plaintext_auth = no
hostname = delta.bitcorner.eu
log_path = /var/log/dovecot1
mail_home = /var/spool/vhosts/%d/%n
mail_plugins = quota
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character 
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy 
include variables body enotify environment mailbox date ihave vacation-seconds
namespace inbox {
  inbox = yes
  location = 
  prefix = 
}
passdb {
  args = /etc/dovecot/passwd
  driver = passwd-file
}
plugin {
  autocreate = Trash
  autocreate2 = Drafts
  autocreate3 = Sent
  autosubscribe = Trash
  autosubscribe2 = Drafts
  autosubscribe3 = Sent
  quota = maildir:User quota
  quota_rule = *:storage=500MB
  quota_rule2 = Trash:storage=+10%%
  sieve = ~/.dovecot.sieve
  sieve_dir = ~/.sieve
  sieve_extensions = +vacation-seconds
  sieve_vacation_default_period = 10d
  sieve_vacation_max_period = 30d
  sieve_vacation_min_period = 1h
}
postmaster_address = postmas...@bitcorner.de
protocols = imap pop3 lmtp sieve
quota_full_tempfail = yes
service auth {
  unix_listener auth-userdb {
group = vmail
mode = 0666
user = vmail
  }
}
service managesieve-login {
  inet_listener sieve {
port = 4190
  }
}
service quota-warning {
  executable = script /usr/local/bin/quota-warning.sh
  unix_listener quota-warning {
mode = 0666
user = vmail
  }
  user = vmail
}
ssl_cert = /etc/dovecot/ssl/hostcert.pem
ssl_key = /etc/dovecot/ssl/hostkey.pem
userdb {
  args = /etc/dovecot/passwd
  driver = passwd-file
}
protocol lda {
  info_log_path = /var/log/dovecot-lda.log
  log_path = /var/log/dovecot-lda-errors.log
  mail_plugins = quota quota sieve
}
protocol imap {
  imap_idle_notify_interval = 29 mins
  mail_max_userip_connections = 20
  mail_plugins = quota quota imap_quota autocreate
}
protocol lmtp {
  mail_plugins = quota sieve
}
protocol sieve {
  mail_max_userip_connections = 10
  managesieve_implementation_string = Dovecot Pigeonhole
  managesieve_logout_format = bytes=%i/%o
  managesieve_max_compile_errors = 5
  managesieve_max_line_length = 65536
}
protocol pop3 {
  mail_max_userip_connections = 10
  mail_plugins = quota quota
  pop3_uidl_format = %08Xu%08Xv
}

The problem occurs when I add the following to dovecot.conf:

quota_warning = storage=95%% quota-warning 95 %u
quota_warning2 = storage=80%% quota-warning 80 %u
quota_warning3 = -storage=100%% quota-warning below %u # user is no longer over 
quota

The script executed looks like this:

#!/bin/sh
PERCENT=$1
USER=$2
cat  EOF | /usr/libexec/dovecot/dovecot-lda -d $USER -o 
plugin/quota=maildir:User quota:noenforcing
From: supp...@anup.de
Subject: Mailbox Quota-Warnung

Ihre Mailbox ist jetzt zu $PERCENT% belegt.
EOF

What can I do? I wonder if there some solution with namespaces possible maybe?

Thank you!

  Andreas

Re: [Dovecot] Integrating with Drupal SQL db

[Andreas Meyer]

i...@stos.se wrote:

 Hi
 
 I'm trying to get Dovecot to use Drupal users password for authenticating
 IMAP users. But I just cant figure out how to make Dovecot understand the
 password hash type that Drupal 7 is using.
 
 My example user with password Teacher1 looks like this in Drupal database:
 $S$DZwJa.U8HXT2PvTmwCK13rGEYEvnx5DB6/hlqnfCBum4s4U7MVWU

This is not CRAM-MD5, is it?

 Dovecot retrieves this hash but complains that its not a recognized hash
 type, or that the hash is wrong, depending on if I change the default hash
 type in Dovecot config.
 
 Any help appreciated.

This is what I get connecting to your server:
Connected to stos.se.
Escape character is '^]'.
* OK [CAPABILITY IMAP4REV1 NAMESPACE ID AUTH=PLAIN AUTH=LOGIN UIDPLUS STARTTLS 
ACL METADATA] Debian-60-squeeze-64-minimal IMAP4rev1 Citadel 7.83 ready

This is what I get connecting to mine:
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE 
STARTTLS AUTH=PLAIN AUTH=CRAM-MD5] Dovecot ready.

I see no AUTH=CRAM-MD5 in capabilites of your server.

  Andreas

Re: [Dovecot] Integrating with Drupal SQL db

[Andreas Meyer]

Hello!

I took the thread back to the list.

Tobias Rådenholt  tobias.radenh...@stos.se wrote:

 I think it is ssha512 hashing.  It's not stos.se that's affected. It's 
 swedishschoolinsydney.org.au 

Just found this:
capabilities are 'IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
 STARTTLS LOGINDISABLED' meaning you can log in via STARTTLS but not via
plaintext authentication.

Does it have something to do woth your problem?

 Mar 11 16:18:01 SSiS dovecot: imap-login: Disconnected: Too many invalid
 commands (auth failed, 1 attempts): user=Teacher1, method=PLAIN,
 rip=127.0.0.1, lip=127.0.0.1, secured

 Thanks! 
 /Tobias 

  Andreas


 i...@stos.se wrote:
 
  Hi
  
  I'm trying to get Dovecot to use Drupal users password for authenticating
  IMAP users. But I just cant figure out how to make Dovecot understand the
  password hash type that Drupal 7 is using.
  
  My example user with password Teacher1 looks like this in Drupal database:
  $S$DZwJa.U8HXT2PvTmwCK13rGEYEvnx5DB6/hlqnfCBum4s4U7MVWU
 
 This is not CRAM-MD5, is it?
 
  Dovecot retrieves this hash but complains that its not a recognized hash
  type, or that the hash is wrong, depending on if I change the default hash
  type in Dovecot config.
  
  Any help appreciated.
 
 This is what I get connecting to your server:
 Connected to stos.se.
 Escape character is '^]'.
 * OK [CAPABILITY IMAP4REV1 NAMESPACE ID AUTH=PLAIN AUTH=LOGIN UIDPLUS 
 STARTTLS ACL METADATA] Debian-60-squeeze-64-minimal IMAP4rev1 Citadel 7.83 
 ready
 
 This is what I get connecting to mine:
 * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE 
 STARTTLS AUTH=PLAIN AUTH=CRAM-MD5] Dovecot ready.
 
 I see no AUTH=CRAM-MD5 in capabilites of your server.
 
   Andreas

Re: [Dovecot] warning regarding quota and mboxes

[Andreas Meyer]

Hello!

Timo Sirainen t...@iki.fi wrote:

 On Thu, 2013-01-10 at 16:45 +0100, Andreas Meyer wrote:
  Hello!
  
  We drive mboxes and maildirs and the dovecot-server is running very well and
  everthing is fine, but I get the following warning in the 
  dovecot-lda-errors.log
  when a mail is delivered to a mbox.
  
  Jan 10 16:29:24 lda(arc...@bitcorner.de): Warning: quota: Namespace '' is 
  not Maildir, skipping for Maildir++ quota
  
  This is what I defined in the dovecot.conf:
  
  mail_home = /var/spool/vhosts/%d/%n
  mail_location = mbox:~/:maildir:~/
 
 How is that setting even working? You're using some early v2.0? It's
 supposed to fail:

# dovecot --version
2.1.7

I was told to define mail_location, if I remember right it was when I
changed to dovecot-lda instead of letting postfix deliver dircetly to
the maildirs and mailboxes.

 Error: user x: Initialization failed: Namespace '': Unknown setting:
 maildir

I have no errors like this in the logs. Everthing is working flawless.

How can I know, what namespaces are defined?

# doveconf -d namespace
# doveconf -n namespace

give not output. I fear to do something wrong, when I define incomplete
namespaces.

  mail_plugins = quota
  
  plugin {
  quota = maildir:User quota
  quota_rule = *:storage=500MB
  quota_rule2 = Trash:storage=+10%%
  }
  
  Can I avoid the error above somehow? Namespaces are a bit mysterious for
  me at the moment.
 
 Maildir++ quota works only when delivering to Maildir. If you want to
 use some quota backend that works with both mboxes and maildirs, you
 could use dict file: http://wiki2.dovecot.org/Quota/Dict

ok, I'll live with the warning in the log for now.

  Andreas

[Dovecot] warning regarding quota and mboxes

[Andreas Meyer]

Hello!

We drive mboxes and maildirs and the dovecot-server is running very well and
everthing is fine, but I get the following warning in the dovecot-lda-errors.log
when a mail is delivered to a mbox.

Jan 10 16:29:24 lda(arc...@bitcorner.de): Warning: quota: Namespace '' is not 
Maildir, skipping for Maildir++ quota

This is what I defined in the dovecot.conf:

mail_home = /var/spool/vhosts/%d/%n
mail_location = mbox:~/:maildir:~/
mail_plugins = quota

plugin {
quota = maildir:User quota
quota_rule = *:storage=500MB
quota_rule2 = Trash:storage=+10%%
}

Can I avoid the error above somehow? Namespaces are a bit mysterious for
me at the moment.

Greetings

  Andreas

Re: [Dovecot] setting mail_home and vacation

[Andreas Meyer]

Ben Morrow b...@morrow.me.uk wrote:

 At 12AM +0100 on 20/12/12 you (Andreas Meyer) wrote:
  Ben Morrow b...@morrow.me.uk wrote:
  
   Where is that user's home directory, then? (Where is its
   .dovecot.sieve?) That is the path that mail_home should be set to.
  
  It's /var/spool/vhosts/xyz.de/archiv . It's one file, a mbox. There is no
  .dovecot.sieve. This mbox is flushed various times a day by a MUA.
  This user archiv is a virtual user and has no home directory, just a mbox.
 
 All Dovecot users should have a unique home directory (which needs to be
 *a directory*, obviously, and shouldn't be the same as any of the
 mailbox locations). See http://wiki2.dovecot.org/VirtualUsers/Home .

ok, thank you, that was an important step for the mboxes we drive!

 Ben

  Andreas

Re: [Dovecot] setting mail_home and vacation

[Andreas Meyer]

Daniel Parthey daniel.part...@informatik.tu-chemnitz.de wrote:

   Where is that user's home directory, then? (Where is its
   .dovecot.sieve?) That is the path that mail_home should be set to.
  
  It's /var/spool/vhosts/xyz.de/archiv . It's one file, a mbox. There is no
  .dovecot.sieve. This mbox is flushed various times a day by a MUA.
  This user archiv is a virtual user and has no home directory, just a mbox.
 
 Your mail_home needs to be a directory, not a file.
 mbox files should be located inside a subdirectory of your mail_home.

Thank you, got it! And migrated the users to the new location of the
mboxes. Great! That makes everything much easier.

 Regards
 Daniel

  Andreas

[Dovecot] setting mail_home and vacation

[Andreas Meyer]

Hello!

dovecot version 2.1.7

I set up vacation with sieve. We have mboxes and maildirs and in dovecot.conf
mail_location = 
mbox:/var/spool/vhosts/%d/dovecotprivate/%n:INBOX=/var/spool/vhosts/%d/%n

Error: User arc...@xyz.de doesn't have home dir set, disabling duplicate 
database
Dec 19 20:37:03 lda(arc...@xyz.de): Error: sieve: sieve script file path 
~/.dovecot.sieve is relative to home directory, but home directory is not 
available.
Dec 19 20:37:03 lda(arc...@xyz.de): Error: sieve: failed to access user's sieve 
script ~/.dovecot.sieve (using default script location instead)

When I set
mail_home = mbox:/var/spool/vhosts/%d/%n:INBOX=/var/spool/vhosts/%d/%n

I get this for mboxes in the log: 
Error: user arc...@xyz.de: Relative home directory paths not supported: 
mbox:/var/spool/vhosts/xyz.de/archiv:INBOX=/var/spool/vhosts/xyz.de/archiv

The .dovecot.sieve script of the user seems to be found, a vacation response is 
sent
and the email is stored mail into mailbox 'INBOX'

What is wrong?

  Andreas

Re: [Dovecot] setting mail_home and vacation

[Andreas Meyer]

Ben Morrow b...@morrow.me.uk wrote:

  When I set
  mail_home = mbox:/var/spool/vhosts/%d/%n:INBOX=/var/spool/vhosts/%d/%n
  
  I get this for mboxes in the log: 
  Error: user arc...@xyz.de: Relative home directory paths not
  supported:
  mbox:/var/spool/vhosts/xyz.de/archiv:INBOX=/var/spool/vhosts/xyz.de/archiv
 
 mail_home should be set to the path to a directory, not a mailbox
 location. You want just
 
 mail_home = /var/spool/vhosts/%d/%n
 
ok, done that. I get this in 
Error: chdir(/var/spool/vhosts/xyz.de/archiv) failed: Not a directory
Error: sieve: failed to stat sieve script: 
stat(/var/spool/vhosts/xyz.de/archiv/.dovecot.sieve) failed: Not a directory
Error: sieve: failed to access user's sieve script ~/.dovecot.sieve (using 
default script location instead)

I guess, this is just normal for mboxes? arc...@xyz.de is a mbox, per bcc
serviced by postfix.

 Dovecot is interpreting the initial 'mbox:' part as the start of a
 relative path.

Interessting, thank you!

 
 Ben

  Andreas

Re: [Dovecot] setting mail_home and vacation

[Andreas Meyer]

Ben Morrow b...@morrow.me.uk wrote:

   mail_home = /var/spool/vhosts/%d/%n
   
  ok, done that. I get this in 
  Error: chdir(/var/spool/vhosts/xyz.de/archiv) failed: Not a directory
  Error: sieve: failed to stat sieve script:
  stat(/var/spool/vhosts/xyz.de/archiv/.dovecot.sieve) failed: Not a
  directory
  Error: sieve: failed to access user's sieve script ~/.dovecot.sieve
  (using default script location instead)
  
  I guess, this is just normal for mboxes? arc...@xyz.de is a mbox, per bcc
  serviced by postfix.
 
 Where is that user's home directory, then? (Where is its
 .dovecot.sieve?) That is the path that mail_home should be set to.

It's /var/spool/vhosts/xyz.de/archiv . It's one file, a mbox. There is no
.dovecot.sieve. This mbox is flushed various times a day by a MUA.
This user archiv is a virtual user and has no home directory, just a mbox.

 Ben
 
  Andreas

Re: [Dovecot] need help with dovecot-lda

[Andreas Meyer]

Hello!

Ben Morrow b...@morrow.me.uk wrote:

 At  5PM +0100 on 14/12/12 Andreas Meyer wrote:

  dovecot   unix  -   n   n   -   -   pipe
flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/dovecot-lda -f
${sender} -d ${recipient}

 What happens if you run
 
 echo foo | /usr/libexec/dovecot/dovecot-lda \
 -f x...@anup.de -d x...@anup.de

# id vmail
uid=5000(vmail) gid=5000(vmail) Gruppen=5000(vmail)

# su vmail echo foo | /usr/libexec/dovecot/dovecot-lda -f anme...@anup.de -d 
anme...@anup.de
an empty email with 0 B gets delivered to the maildir of anme...@anup.de

# echo foo | /usr/libexec/dovecot/dovecot-lda -f anme...@anup.de -d 
anme...@anup.de
email with foo in the body is delivered to the maildir.

# delta:/var/spool/vhosts/anup.de/anmeyer/new # ll
insgesamt 4
-rw--- 1 vmail vmail 0 15. Dez 11:26 1355567160.M902698P23725.delta,S=0,W=0
-rw--- 1 vmail vmail 4 15. Dez 11:26 1355567171.M334599P23728.delta,S=4,W=5

 in the shell (as the vmail user)? Does it fail with exit code 67? This
 is EX_NOUSER, and is the standard way for LDAs to signal 'I don't know
 how to deliver to this user'. Either x...@anup.de is not a valid address
 at that domain, or you haven't made the auth-userdb socket available to
 the vmail user. See http://wiki2.dovecot.org/LDA, under the section
 'Virtual users'.

I already added

service auth {
unix_listener auth-userdb {
  mode = 0600
  user = vmail # User running dovecot-lda
  group = vmail # Or alternatively mode 0660 + dovecot-lda user in this 
group
}
}

to the dovecot.conf. How does dovecot know there is a socket in
/var/spool/postfix/private/dovecot? And how does dovecot-lda know
to look there. Am I missunderstanding something?

If I send an email from the desktop I have in the mail.log
Dec 15 11:35:25 delta postfix/virtual[23910]: E0BC61B3128A: 
to=anme...@anup.de, relay=virtual, delay=0.18, delays=0.09/0.01/0/0.09, 
dsn=4.1.1, status=SOFTBOUNCE (unknown user: anme...@anup.de)

and the mail is stuck in the queue
# mailq
-Queue ID- --Size-- Arrival Time -Sender/Recipient---
E0BC61B3128A  559 Sat Dec 15 11:35:24  anme...@anup.de
 (unknown user: anme...@anup.de)
 anme...@anup.de

I am lost. I don't if the mail is handed over to dovecot-lda and if so
why it can't find the passwd-file.

 
 Ben
 

   Andreas

Re: [Dovecot] need help with dovecot-lda

[Andreas Meyer]

Hello!

  I already added
  
  service auth {
  unix_listener auth-userdb {
mode = 0600
user = vmail # User running dovecot-lda
group = vmail # Or alternatively mode 0660 + dovecot-lda user in
this group
 
 You're supposed to understand the comments and then remove them, not
 copy them blindly without reading them.

That's ok, I'll remove the comments. But there is no auth-userdb socket
in the sockets directtory of dovecot.

  }
  }
  
  to the dovecot.conf.
 
 Well, that looks OK to me; but the only way to test it is to manually
 run dovecot-lda as vmail. Is there an auth-userdb socket in your dovecot
 sockets directory? Does it have the right permissions?

No, no such socket in /var/run/dovecot

# ll
insgesamt 4
srwxrwxrwx 1 root root   0  8. Jun 2012  dict-server
drwxr-x--- 2 root dovecot 4096 22. Jun 19:58 login
 
  How does dovecot know there is a socket in
  /var/spool/postfix/private/dovecot? And how does dovecot-lda know to
  look there. Am I missunderstanding something?
 
 Yes, you are misunderstanding something. It works (something) like this:
 
 - A mail comes in to Postfix.
 - Postfix decides this mail is local.
 - Postfix sends the mail through /var/spool/postfix/private/dovecot
   to a Postfix pipe(8) process on the other end.
 - That pipe(8) process runs dovecot-lda, as the vmail user.
 - dovecot-lda reads dovecot.conf.
 - dovecot-lda contacts the Dovecot auth process using the
   auth-userdb socket.
 - If the user exists, it delivers the mail to their mailbox.
 
 No Dovecot process needs to know anything at all about the Postfix
 socket, it's just for internal communication between different bits of
 Postfix. Have you read the Postfix documentation?

Thank you for that explanation!

  I am lost. I don't if the mail is handed over to dovecot-lda and if so
  why it can't find the passwd-file.
 
 If the mail was handed over to dovecot-lda, it ought to be logging
 *something*. Find out where those logs should go; if they aren't
 appearing, you need to fix that. Syslog is IMHO a better bet than custom
 log files.

I have a dovecot-lda-errors.log and a dovecot-lda.log

# cat dovecot-lda-errors.log
Dec 14 23:28:20 lda: Error: userdb lookup: 
connect(/var/run/dovecot/auth-userdb) failed: No such file or directory
Dec 14 23:28:20 lda: Fatal: Internal error occurred. Refer to server log for 
more information.

# echo foo | /usr/libexec/dovecot/dovecot-lda -f anme...@anup.de -d 
anme...@anup.de

# cat dovecot-lda.log
Dec 14 21:04:07 lda(anme...@anup.de): Info: sieve: msgid=unspecified: stored 
mail into mailbox 'INBOX'
Dec 14 21:16:46 lda(anme...@anup.de): Info: sieve: msgid=unspecified: stored 
mail into mailbox 'INBOX'
Dec 14 21:18:25 lda(anme...@anup.de): Info: sieve: msgid=unspecified: stored 
mail into mailbox 'INBOX'
Dec 14 21:20:44 lda(anme...@anup.de): Info: sieve: msgid=unspecified: stored 
mail into mailbox 'INBOX'
Dec 14 21:58:13 lda(anme...@anup.de): Info: sieve: msgid=unspecified: stored 
mail into mailbox 'INBOX'
Dec 15 10:14:50 lda(anme...@anup.de): Info: sieve: msgid=unspecified: stored 
mail into mailbox 'INBOX'
Dec 15 10:14:59 lda(anme...@anup.de): Info: sieve: msgid=unspecified: stored 
mail into mailbox 'INBOX'
Dec 15 10:24:19 lda(anme...@anup.de): Info: sieve: msgid=unspecified: stored 
mail into mailbox 'INBOX'
Dec 15 10:24:27 lda(anme...@anup.de): Info: sieve: msgid=unspecified: stored 
mail into mailbox 'INBOX'
Dec 15 11:14:58 lda(anme...@anup.de): Info: sieve: msgid=unspecified: stored 
mail into mailbox 'INBOX'
Dec 15 11:26:01 lda(anme...@anup.de): Info: sieve: msgid=unspecified: stored 
mail into mailbox 'INBOX'
Dec 15 11:26:11 lda(anme...@anup.de): Info: sieve: msgid=unspecified: stored 
mail into mailbox 'INBOX'
Dec 15 14:07:40 lda(anme...@anup.de): Info: sieve: msgid=unspecified: stored 
mail into mailbox 'INBOX'

So the question is how do I get this auth-userdb socket?

 
 Ben
 

Andreas

Re: [Dovecot] need help with dovecot-lda

[Andreas Meyer]

Andreas Meyer anme...@anup.de wrote:

  Well, that looks OK to me; but the only way to test it is to manually
  run dovecot-lda as vmail. Is there an auth-userdb socket in your dovecot
  sockets directory? Does it have the right permissions?
 
 No, no such socket in /var/run/dovecot

I just found out the sockets of dovecot reside in /usr/var/run/dovecot

# ll
insgesamt 16
srw--- 1 rootroot0 15. Dez 11:14 anvil
srw--- 1 rootroot0 15. Dez 11:14 anvil-auth-penalty
srw--- 1 rootroot0 15. Dez 11:14 auth-client
srw--- 1 dovecot root0 15. Dez 11:14 auth-login
srw--- 1 rootroot0 15. Dez 11:14 auth-master
srw--- 1 vmail   vmail   0 15. Dez 11:14 auth-userdb
srw--- 1 dovecot root0 15. Dez 11:14 auth-worker
srw--- 1 rootroot0 15. Dez 11:14 config
srw--- 1 rootroot0 15. Dez 11:14 dict
srw--- 1 rootroot0 15. Dez 11:14 director-admin
srw-rw-rw- 1 rootroot0 15. Dez 11:14 dns-client
srw--- 1 rootroot0 15. Dez 11:14 doveadm-server
lrwxrwxrwx 1 rootroot   29 15. Dez 11:14 dovecot.conf - 
/usr/etc/dovecot/dovecot.conf
drwxr-xr-x 2 rootroot 4096  8. Jun 2012  empty
srw-rw-rw- 1 rootroot0 15. Dez 11:14 indexer
srw--- 1 dovecot root0 15. Dez 11:14 indexer-worker
srw--- 1 rootroot0 15. Dez 11:14 ipc
srw-rw-rw- 1 rootroot0 15. Dez 11:14 lmtp
srw--- 1 rootroot0 15. Dez 11:14 log-errors
drwxr-x--- 2 rootdovenull 4096 15. Dez 11:14 login
-rw--- 1 rootroot6 15. Dez 11:14 master.pid
-rw-r--r-- 1 rootroot   37 15. Dez 11:14 mounts
srw--- 1 rootroot0 15. Dez 11:14 replication-notify
prw--- 1 rootroot0 15. Dez 11:14 replication-notify-fifo
srw--- 1 dovecot root0 15. Dez 11:14 replicator
srw--- 1 rootroot0 15. Dez 11:14 stats
prw--- 1 rootroot0 15. Dez 11:14 stats-mail

the auth-userdb is there and vmail is the owner. What problem do I have
that dovecot-lda does not find the users?

Andreas

Re: [Dovecot] need help with dovecot-lda

[Andreas Meyer]

Ben Morrow b...@morrow.me.uk wrote:

 At 2PM +0100 on 15/12/12 Andreas Meyer wrote:
  [Ben Morrow wrote:]
   
   Well, that looks OK to me; but the only way to test it is to manually
   run dovecot-lda as vmail. Is there an auth-userdb socket in your dovecot
   sockets directory? Does it have the right permissions?
  
  No, no such socket in /var/run/dovecot
  
  # ll
  insgesamt 4
  srwxrwxrwx 1 root root   0  8. Jun 2012  dict-server
  drwxr-x--- 2 root dovecot 4096 22. Jun 19:58 login
 
 If I were to ask 'is anything listening on those sockets?' is there any
 chance you could answer that?

Nothing is listening on /var/run/dovecot. It must be a relict from the
old version 1.x

# netstat -lnp |grep dovecot
tcp0  0 0.0.0.0:993 0.0.0.0:*   LISTEN  
25542/dovecot   
tcp0  0 0.0.0.0:995 0.0.0.0:*   LISTEN  
25542/dovecot   
tcp0  0 0.0.0.0:110 0.0.0.0:*   LISTEN  
25542/dovecot   
tcp0  0 0.0.0.0:143 0.0.0.0:*   LISTEN  
25542/dovecot   
tcp0  0 0.0.0.0:41900.0.0.0:*   LISTEN  
25542/dovecot   
tcp0  0 :::993  :::*LISTEN  
25542/dovecot   
tcp0  0 :::995  :::*LISTEN  
25542/dovecot   
tcp0  0 :::110  :::*LISTEN  
25542/dovecot   
tcp0  0 :::143  :::*LISTEN  
25542/dovecot   
tcp0  0 :::4190 :::*LISTEN  
25542/dovecot   
unix  2  [ ACC ] STREAM HÖRT 3425398 24015/master
private/dovecot
unix  2  [ ACC ] STREAM HÖRT 3441242 25542/dovecot   
/usr/var/run/dovecot/login/sieve
unix  2  [ ACC ] STREAM HÖRT 3441249 25542/dovecot   
/usr/var/run/dovecot/login/ssl-params
unix  2  [ ACC ] STREAM HÖRT 3441260 25542/dovecot   
/usr/var/run/dovecot/login/pop3
unix  2  [ ACC ] STREAM HÖRT 3441278 25542/dovecot   
/usr/var/run/dovecot/login/ipc-proxy
unix  2  [ ACC ] STREAM HÖRT 3441288 25542/dovecot   
/usr/var/run/dovecot/login/imap
unix  2  [ ACC ] STREAM HÖRT 3441302 25542/dovecot   
/usr/var/run/dovecot/login/dns-client
unix  2  [ ACC ] STREAM HÖRT 3441316 25542/dovecot   
/usr/var/run/dovecot/login/login
unix  2  [ ACC ] STREAM HÖRT 3441246 25542/dovecot   
/usr/var/run/dovecot/stats
unix  2  [ ACC ] STREAM HÖRT 3441253 25542/dovecot   
/usr/var/run/dovecot/replicator
unix  2  [ ACC ] STREAM HÖRT 3441257 25542/dovecot   
/usr/var/run/dovecot/replication-notify
unix  2  [ ACC ] STREAM HÖRT 3441268 25542/dovecot   
/usr/var/run/dovecot/log-errors
unix  2  [ ACC ] STREAM HÖRT 3441272 25542/dovecot   
/usr/var/run/dovecot/lmtp
unix  2  [ ACC ] STREAM HÖRT 3441276 25542/dovecot   
/usr/var/run/dovecot/ipc
unix  2  [ ACC ] STREAM HÖRT 3441282 25542/dovecot   
/usr/var/run/dovecot/indexer-worker
unix  2  [ ACC ] STREAM HÖRT 3441286 25542/dovecot   
/usr/var/run/dovecot/indexer
unix  2  [ ACC ] STREAM HÖRT 3441296 25542/dovecot   
/usr/var/run/dovecot/doveadm-server
unix  2  [ ACC ] STREAM HÖRT 3441300 25542/dovecot   
/usr/var/run/dovecot/dns-client
unix  2  [ ACC ] STREAM HÖRT 3441306 25542/dovecot   
/usr/var/run/dovecot/director-admin
unix  2  [ ACC ] STREAM HÖRT 3441310 25542/dovecot   
/usr/var/run/dovecot/dict
unix  2  [ ACC ] STREAM HÖRT 3441314 25542/dovecot   
/usr/var/run/dovecot/config
unix  2  [ ACC ] STREAM HÖRT 3441320 25542/dovecot   
/usr/var/run/dovecot/auth-login
unix  2  [ ACC ] STREAM HÖRT 3441324 25542/dovecot   
/usr/var/run/dovecot/auth-client
unix  2  [ ACC ] STREAM HÖRT 3441328 25542/dovecot   
/usr/var/run/dovecot/auth-userdb
unix  2  [ ACC ] STREAM HÖRT 3441332 25542/dovecot   
/usr/var/run/dovecot/auth-master
unix  2  [ ACC ] STREAM HÖRT 3441336 25542/dovecot   
/usr/var/run/dovecot/auth-worker
unix  2  [ ACC ] STREAM HÖRT 3441340 25542/dovecot   
/usr/var/run/dovecot/anvil
unix  2  [ ACC ] STREAM HÖRT 3441344 25542/dovecot   
/usr/var/run/dovecot/anvil-auth-penalty

 snip
   If the mail was handed over to dovecot-lda, it ought to be logging
   *something*. Find out where those logs should go; if they aren't
   appearing, you need to fix

Re: [Dovecot] need help with dovecot-lda

[Andreas Meyer]

Ben Morrow b...@morrow.me.uk wrote:

 That's not where dovecot-lda is looking, at least not according to the
 log above. Is the vmail user able to read dovecot.conf? Do you have more
 than one dovecot.conf, with different settings in? I would ask you to
 run
 
 doveconf -m lda base_dir auth_socket_path
 
 as the vmail user, but I'm not convinced you know how.

I managed to su to vmail by giving it a shell.

# su - vmail
vmail@delta:~ doveconf -m lda base_dir auth_socket_path
base_dir = /usr/var/run/dovecot
auth_socket_path = auth-userdb

But I don't know how to tell dovecot-lda to listen on sockets
in /usr/var/run/dovecot

 
 Ben
 

Andreas

Re: [Dovecot] need help with dovecot-lda

[Andreas Meyer]

Ben Morrow b...@morrow.me.uk wrote:

  # su - vmail
  vmail@delta:~ doveconf -m lda base_dir auth_socket_path
  base_dir = /usr/var/run/dovecot
  auth_socket_path = auth-userdb
  
  But I don't know how to tell dovecot-lda to listen on sockets
  in /usr/var/run/dovecot
 
 Do you mean 'connect to'? It's important to be clear.

hm, what does dovecot-lda do? I think it tries to connect to
/usr/var/run/dovecot/auth-userdb ?

 The first thing is to see what actually happens when you invoke
 dovecot-lda as vmail. Remember to check the logs as well as the
 mailboxes.

vmail@delta:~ echo foo | /usr/libexec/dovecot/dovecot-lda -f anme...@anup.de 
-d anme...@anup.de

The email with body foo in it is delivered to the mailbox.
Dec 15 16:37:27 lda(anme...@anup.de): Info: sieve: msgid=unspecified: stored 
mail into mailbox 'INBOX'

Sending an email from the desktop results in the same error:

# mailq
-Queue ID- --Size-- Arrival Time -Sender/Recipient---
CB9771B3025F  559 Sat Dec 15 16:39:48  anme...@anup.de
 (unknown user: anme...@anup.de)
 anme...@anup.de

I looked at the makefiles in the sources of the installed version
of dovecot and found that dovecot-lda is like everything compiled
with
localstatedir = ${prefix}/var
rundir = ${prefix}/var/run/dovecot
statedir = ${prefix}/var/lib/dovecot
where prefix = /usr

I don't know why dovecot-lda is not connecting? to 
/usr/var/run/dovecot/auth-userdb
and instead uses /var/run/dovecot. I delete /var/run/dovecot meanwhile.

 
 Ben
 

Andreas

Re: [Dovecot] need help with dovecot-lda

[Andreas Meyer]

Hello!

Daniel Parthey daniel.part...@informatik.tu-chemnitz.de wrote:

 Andreas Meyer wrote:
  Ben Morrow b...@morrow.me.uk wrote:
  
# su - vmail
vmail@delta:~ doveconf -m lda base_dir auth_socket_path
base_dir = /usr/var/run/dovecot
auth_socket_path = auth-userdb

But I don't know how to tell dovecot-lda to listen on sockets
in /usr/var/run/dovecot
   
   Do you mean 'connect to'? It's important to be clear.
  
  hm, what does dovecot-lda do? I think it tries to connect to
  /usr/var/run/dovecot/auth-userdb ?
 
 Try to trace the open syscalls of dovecot-lda and its children:
 
 strace -f -eopen /usr/libexec/dovecot/dovecot-lda -f anme...@anup.de -d 
 anme...@anup.de
 

# strace -f -eopen /usr/libexec/dovecot/dovecot-lda -f anme...@anup.de -d 
anme...@anup.de
open(/usr/lib/dovecot/tls/i686/sse2/libdovecot-lda.so.0, O_RDONLY) = -1 
ENOENT (No such file or directory)
open(/usr/lib/dovecot/tls/i686/libdovecot-lda.so.0, O_RDONLY) = -1 ENOENT (No 
such file or directory)
open(/usr/lib/dovecot/tls/sse2/libdovecot-lda.so.0, O_RDONLY) = -1 ENOENT (No 
such file or directory)
open(/usr/lib/dovecot/tls/libdovecot-lda.so.0, O_RDONLY) = -1 ENOENT (No such 
file or directory)
open(/usr/lib/dovecot/i686/sse2/libdovecot-lda.so.0, O_RDONLY) = -1 ENOENT 
(No such file or directory)
open(/usr/lib/dovecot/i686/libdovecot-lda.so.0, O_RDONLY) = -1 ENOENT (No 
such file or directory)
open(/usr/lib/dovecot/sse2/libdovecot-lda.so.0, O_RDONLY) = -1 ENOENT (No 
such file or directory)
open(/usr/lib/dovecot/libdovecot-lda.so.0, O_RDONLY) = 3
open(/usr/lib/dovecot/libdovecot-storage.so.0, O_RDONLY) = 3
open(/usr/lib/dovecot/libdovecot.so.0, O_RDONLY) = 3
open(/usr/lib/dovecot/libc.so.6, O_RDONLY) = -1 ENOENT (No such file or 
directory)
open(/etc/ld.so.cache, O_RDONLY)  = 3
open(/lib/libc.so.6, O_RDONLY)= 3
open(/usr/lib/dovecot/librt.so.1, O_RDONLY) = -1 ENOENT (No such file or 
directory)
open(/lib/librt.so.1, O_RDONLY)   = 3
open(/usr/lib/dovecot/libssl.so.0.9.8, O_RDONLY) = -1 ENOENT (No such file or 
directory)
open(/usr/lib/libssl.so.0.9.8, O_RDONLY) = 3
open(/usr/lib/dovecot/libcrypto.so.0.9.8, O_RDONLY) = -1 ENOENT (No such file 
or directory)
open(/usr/lib/libcrypto.so.0.9.8, O_RDONLY) = 3
open(/usr/lib/dovecot/libz.so.1, O_RDONLY) = -1 ENOENT (No such file or 
directory)
open(/lib/libz.so.1, O_RDONLY)= 3
open(/usr/lib/dovecot/libdl.so.2, O_RDONLY) = -1 ENOENT (No such file or 
directory)
open(/lib/libdl.so.2, O_RDONLY)   = 3
open(/lib/libpthread.so.0, O_RDONLY)  = 3
open(/var/log/dovecot-lda-errors.log, O_WRONLY|O_CREAT|O_APPEND|O_LARGEFILE, 
0600) = 6
open(/var/log/dovecot-lda.log, O_WRONLY|O_CREAT|O_APPEND|O_LARGEFILE, 0600) = 
7
open(/usr/lib/dovecot, O_RDONLY|O_NONBLOCK|O_LARGEFILE|O_DIRECTORY) = 8
open(/usr/lib/dovecot/lib90_sieve_plugin.so, O_RDONLY) = 8
open(/usr/lib/dovecot/libdovecot-sieve.so.0, O_RDONLY) = 8
open(/var/log/dovecot-lda-errors.log, O_WRONLY|O_CREAT|O_APPEND|O_LARGEFILE, 
0600) = 6
open(/var/log/dovecot-lda.log, O_WRONLY|O_CREAT|O_APPEND|O_LARGEFILE, 0600) = 
7

 This should give you an idea about which files
 dovecot-lda really tries to open.

Can't really say there is something wrong. It seems to find everything
it is looking for.

 
 Regards
 Daniel

Andreas

Re: [Dovecot] need help with dovecot-lda

[Andreas Meyer]

Ben Morrow b...@morrow.me.uk wrote:

 At  5PM +0100 on 15/12/12 Daniel Parthey wrote:
  Andreas Meyer wrote:
   I managed to su to vmail by giving it a shell.
   # su - vmail
  
  For security reasons, you should rather not give a login shell
  to non-interactive users.
 
 [This is good advice.]
 
  You can temporarily pass a shell to su:
  
  su -s /bin/sh - vmail
 
 That depends on your su. Mine won't do that. I believe your assumption
 that Andreas is on Linux, and therefore has a su that does do that, is
 correct, but I don't know. (I might assume that since I said earlier
 'read your system's su(1)' that it doesn't; but then again I might
 not...)

Yes it does. man su says so too.

 
 Ben
 

Re: [Dovecot] need help with dovecot-lda

[Andreas Meyer]

Daniel Parthey daniel.part...@informatik.tu-chemnitz.de wrote:

 Andreas Meyer wrote:
hm, what does dovecot-lda do? I think it tries to connect to
/usr/var/run/dovecot/auth-userdb ?
   
   Try to trace the open syscalls of dovecot-lda and its children:
   
   strace -f -eopen /usr/libexec/dovecot/dovecot-lda -f anme...@anup.de -d 
   anme...@anup.de
  
   This should give you an idea about which files
   dovecot-lda really tries to open.
  
  Can't really say there is something wrong. It seems to find everything
  it is looking for.
 
 You can also replace the -eopen with -efile to trace all file syscalls.
 
 echo foo | strace -f -efile /usr/libexec/dovecot/dovecot-lda -f 
 anme...@anup.de -d anme...@anup.de

# echo foo | strace -f -efile /usr/libexec/dovecot/dovecot-lda -f 
anme...@anup.de -d anme...@anup.de
execve(/usr/libexec/dovecot/dovecot-lda, [/usr/libexec/dovecot/dovecot-lda, 
-f, anme...@anup.de, -d, anme...@anup.de], [/* 57 vars */]) = 0
access(/etc/ld.so.preload, R_OK)  = -1 ENOENT (No such file or directory)
open(/usr/lib/dovecot/tls/i686/sse2/libdovecot-lda.so.0, O_RDONLY) = -1 
ENOENT (No such file or directory)
stat64(/usr/lib/dovecot/tls/i686/sse2, 0xbf901578) = -1 ENOENT (No such file 
or directory)
open(/usr/lib/dovecot/tls/i686/libdovecot-lda.so.0, O_RDONLY) = -1 ENOENT (No 
such file or directory)
stat64(/usr/lib/dovecot/tls/i686, 0xbf901578) = -1 ENOENT (No such file or 
directory)
open(/usr/lib/dovecot/tls/sse2/libdovecot-lda.so.0, O_RDONLY) = -1 ENOENT (No 
such file or directory)
stat64(/usr/lib/dovecot/tls/sse2, 0xbf901578) = -1 ENOENT (No such file or 
directory)
open(/usr/lib/dovecot/tls/libdovecot-lda.so.0, O_RDONLY) = -1 ENOENT (No such 
file or directory)
stat64(/usr/lib/dovecot/tls, 0xbf901578) = -1 ENOENT (No such file or 
directory)
open(/usr/lib/dovecot/i686/sse2/libdovecot-lda.so.0, O_RDONLY) = -1 ENOENT 
(No such file or directory)
stat64(/usr/lib/dovecot/i686/sse2, 0xbf901578) = -1 ENOENT (No such file or 
directory)
open(/usr/lib/dovecot/i686/libdovecot-lda.so.0, O_RDONLY) = -1 ENOENT (No 
such file or directory)
stat64(/usr/lib/dovecot/i686, 0xbf901578) = -1 ENOENT (No such file or 
directory)
open(/usr/lib/dovecot/sse2/libdovecot-lda.so.0, O_RDONLY) = -1 ENOENT (No 
such file or directory)
stat64(/usr/lib/dovecot/sse2, 0xbf901578) = -1 ENOENT (No such file or 
directory)
open(/usr/lib/dovecot/libdovecot-lda.so.0, O_RDONLY) = 3
open(/usr/lib/dovecot/libdovecot-storage.so.0, O_RDONLY) = 3
open(/usr/lib/dovecot/libdovecot.so.0, O_RDONLY) = 3
open(/usr/lib/dovecot/libc.so.6, O_RDONLY) = -1 ENOENT (No such file or 
directory)
open(/etc/ld.so.cache, O_RDONLY)  = 3
open(/lib/libc.so.6, O_RDONLY)= 3
open(/usr/lib/dovecot/librt.so.1, O_RDONLY) = -1 ENOENT (No such file or 
directory)
open(/lib/librt.so.1, O_RDONLY)   = 3
open(/usr/lib/dovecot/libssl.so.0.9.8, O_RDONLY) = -1 ENOENT (No such file or 
directory)
open(/usr/lib/libssl.so.0.9.8, O_RDONLY) = 3
open(/usr/lib/dovecot/libcrypto.so.0.9.8, O_RDONLY) = -1 ENOENT (No such file 
or directory)
open(/usr/lib/libcrypto.so.0.9.8, O_RDONLY) = 3
open(/usr/lib/dovecot/libz.so.1, O_RDONLY) = -1 ENOENT (No such file or 
directory)
open(/lib/libz.so.1, O_RDONLY)= 3
open(/usr/lib/dovecot/libdl.so.2, O_RDONLY) = -1 ENOENT (No such file or 
directory)
open(/lib/libdl.so.2, O_RDONLY)   = 3
open(/lib/libpthread.so.0, O_RDONLY)  = 3
open(/var/log/dovecot-lda-errors.log, O_WRONLY|O_CREAT|O_APPEND|O_LARGEFILE, 
0600) = 8
open(/var/log/dovecot-lda.log, O_WRONLY|O_CREAT|O_APPEND|O_LARGEFILE, 0600) = 
9
open(/usr/lib/dovecot, O_RDONLY|O_NONBLOCK|O_LARGEFILE|O_DIRECTORY) = 10
open(/usr/lib/dovecot/lib90_sieve_plugin.so, O_RDONLY) = 10
open(/usr/lib/dovecot/libdovecot-sieve.so.0, O_RDONLY) = 10
open(/var/log/dovecot-lda-errors.log, O_WRONLY|O_CREAT|O_APPEND|O_LARGEFILE, 
0600) = 8
open(/var/log/dovecot-lda.log, O_WRONLY|O_CREAT|O_APPEND|O_LARGEFILE, 0600) = 
9
chdir(/var/spool/vhosts/anup.de/anmeyer) = 0
stat64(/var/spool/vhosts/anup.de/anmeyer, {st_mode=S_IFDIR|0700, 
st_size=4096, ...}) = 0
open(/etc/localtime, O_RDONLY)= 11
stat64(/etc/localtime, {st_mode=S_IFREG|0644, st_size=2295, ...}) = 0
lstat64(/var/spool/vhosts/anup.de/anmeyer/.dovecot.sieve, 
{st_mode=S_IFLNK|0777, st_size=25, ...}) = 0
stat64(/var/spool/vhosts/anup.de/anmeyer/.dovecot.sieve, 
{st_mode=S_IFREG|0600, st_size=111, ...}) = 0
open(/var/spool/vhosts/anup.de/anmeyer/.dovecot.svbin, O_RDONLY|O_LARGEFILE) 
= 11
stat64(/var/spool/vhosts/anup.de/anmeyer/tmp, {st_mode=S_IFDIR|0700, 
st_size=4096, ...}) = 0
stat64(/var/spool/vhosts/anup.de/anmeyer, {st_mode=S_IFDIR|0700, 
st_size=4096, ...}) = 0
stat64(/var/spool/vhosts/anup.de/anmeyer, {st_mode=S_IFDIR|0700, 
st_size=4096, ...}) = 0
open(/var/spool/vhosts/anup.de/anmeyer/dovecot.index.log, O_RDWR|O_LARGEFILE) 
= 12
open(/var/spool/vhosts/anup.de/anmeyer/dovecot.index, O_RDWR|O_LARGEFILE) = 13
open(/var/spool/vhosts/anup.de/anmeyer/tmp/1355597452.M328355P30049.delta, 
O_WRONLY

Re: [Dovecot] need help with dovecot-lda

[Andreas Meyer]

Ben Morrow b...@morrow.me.uk wrote:

  Sending an email from the desktop results in the same error:
  
  # mailq
  -Queue ID- --Size-- Arrival Time -Sender/Recipient---
  CB9771B3025F  559 Sat Dec 15 16:39:48  anme...@anup.de
   (unknown user: 
  anme...@anup.de)
   anme...@anup.de
 
 *Right*. Now we're getting somewhere: it looks like the problem is in
 your Postfix configuration.
 
 Create a script something like this
 
 #!/bin/sh
 
 echo --- FROM [$1] TO [$2] /tmp/lda-log
 /usr/bin/id /tmp/lda-log
 /usr/bin/env /tmp/lda-log
 exec /usr/libexec/dovecot/dovecot-lda -f $1 -d $2
 
 (you may need to adjust the paths to id and env; the point is to avoid
 relying on $PATH) and change the master.cf entry to invoke
 
 /path/to/script ${sender} ${recipient}
 
 instead of dovecot-lda. Then deliver some mail and see what, if
 anything, gets written to /tmp/lda-log.

Done that, made the script executable, restarted postfix and sent
two mails from the desktop. The stuck in the queue, no file lda-log
in /tmp.

dovecot   unix  -   n   n   -   -   pipe
   flags=DRhu user=vmail:vmail argv=/etc/postfix/script.sh ${sender} 
${recipient}

 Ben
 

Andreas

Re: [Dovecot] need help with dovecot-lda

[Andreas Meyer]

Ben Morrow b...@morrow.me.uk wrote:

  dovecot   unix  -   n   n   -   -   pipe
 flags=DRhu user=vmail:vmail argv=/etc/postfix/script.sh ${sender}
 ${recipient}
 
 OK, then I think the problem is entirely on the Postfix side: it's not
 even attempting to deliver the mail to Dovecot. You need to ask on a
 Postfix list.

And finally I think I found the problem. There is a transportmap in postfix
integrated that says:

anup.devirtual
.anup.de   virtual

I chanched this to

anup.dedovecot
.anup.de   dovecot

and mail gets delivered. Even when I comment that map, mail is
delivered because of virtual_transport = dovecot. Mail never reached
the service dovecot because of that transportmap.

You are so great! Thank you all for being so patient and for your help!
Now I can go on.

 
 Ben
 

Andreas

Re: [Dovecot] need help with dovecot-lda

[Andreas Meyer]

Ben Morrow b...@morrow.me.uk wrote:

  And finally I think I found the problem. There is a transportmap in postfix
  integrated that says:
  
  anup.devirtual
  .anup.de   virtual
  
  I chanched this to
  
  anup.dedovecot
  .anup.de   dovecot
  
  and mail gets delivered. Even when I comment that map, mail is
  delivered because of virtual_transport = dovecot. Mail never reached
  the service dovecot because of that transportmap.
 
 Before you go any further, please put the virtual_mailbox_maps parameter
 back with a map of the valid virtual addresses. Otherwise you'll become
 a backscatter source.

Do you mean the old virtual_mailbox_maps = hash:/etc/postfix/vmailbox ?
But wouldn't that mean I have to care for two user files? vmailbox and
the passwd-file of dovecot?

 Ben
 

Andreas

Re: [Dovecot] need help with dovecot-lda

[Andreas Meyer]

Ben Morrow b...@morrow.me.uk wrote:

 At  9PM +0100 on 15/12/12 Andreas Meyer wrote:
  Ben Morrow b...@morrow.me.uk wrote:
  
   Before you go any further, please put the virtual_mailbox_maps parameter
   back with a map of the valid virtual addresses. Otherwise you'll become
   a backscatter source.
  
  Do you mean the old virtual_mailbox_maps = hash:/etc/postfix/vmailbox ?
  But wouldn't that mean I have to care for two user files? vmailbox and
  the passwd-file of dovecot?
 
 It doesn't matter how you do it, but you need to reject invalid users
 during the SMTP transaction rather than allowing the mail to bounce
 later. (This is really basic stuff: have you read through the Postfix
 documentation? It make this pretty clear.)

Yes, this is clear to me and I also read through the dovecot-wiki a bit
and especially LDA and LDA-Posfix. ;)

 If you're using a passwd-file userdb in Dovecot, you need to write a
 script to convert it to a Postfix map, and make sure that script gets
 run whenever the source file is updated. (Makefiles are good for that
 sort of thing.) Alternatively, you could switch to keeping your userdb
 in an SQL or LDAP database, and have Postfix query it directly. If all
 else fails, you can arrange to pass the output of 'doveadm user *' to
 postmap, though depending on your Dovecot setup you may need to append a
 domain.

Thank you for your hints, Ben! I am glad I have that thing up and running
at least. And I already converted the old vmailbox file that postfix used
to a new one with the valid users so postfix knows them too.

Thinking about SQL or LDAP database is one of the next steps I am considering.
We don't have that much users and taking care of them is not that much work.

Next thing is I want to implement Quota. We are running users with maildir
and mboxes. And of course I want to realize sieve filtering soon or later.

I am glad I got this right now with your help. And learned much again.

 
 Ben
 

Andreas

[Dovecot] need help with dovecot-lda

[Andreas Meyer]

Hello all!

Some month ago I upgraded our dovecot installation from version 1.0.5
to version 2.1.7 without having any trouble. Postfix is delivering
email directly per virtual transport to the maildirs and mailboxes of
the users in /var/spool/vhosts/domains/

Now I want to use dovecot-lda and created a new entry in the master.cf
of postfix.

dovecot   unix  -   n   n   -   -   pipe
  flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/dovecot-lda -f 
${sender} -d ${recipient}

It is not clear to me, how the dovecot-lda is started bei dovecot and
you it finds the socket dovecot postfix created.

The dovecot.conf looks like this;

# 2.1.7: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.22.5-31-bigsmp i686 openSUSE 10.3 (i586) ext3

auth_verbose = yes
disable_plaintext_auth = no
log_path = /var/log/dovecot1

mail_location = 
mbox:/var/spool/vhosts/%d/dovecotprivate/%n:INBOX=/var/spool/vhosts/%d/%n

!include /etc/dovecot/conf.d/*.conf

passdb {
  args = /etc/dovecot/passwd
  driver = passwd-file
}
userdb {
  args = /etc/dovecot/passwd
  driver = passwd-file
}

ssl_cert =  /etc/dovecot/ssl/hostcert.pem
ssl_key =  /etc/dovecot/ssl/hostkey.pem
#verbose_ssl = yes

plugin {
quota = maildir:User quota
quota_rule = *:storage=500MB
# 10% of 1GB = 100MB
quota_rule2 = Trash:storage=+10%%
# 20% of 1GB = 200MB
# quota_rule3 = Spam:storage=+20%%

autocreate = Trash
autocreate2 = Drafts
autocreate3 = Sent

autosubscribe = Trash
autosubscribe2 = Drafts
autosubscribe3 = Sent
}

I set soft_bounce = yes in main.cf of postfix and delivery of mail fails with
 
Dec 14 16:13:34 delta postfix/virtual[14082]: BBC0F1B31294: to=x...@anup.de, 
relay=virtual, delay=395, delays=395/0.01/0/0.13, dsn=4.1.1, status=SOFTBOUNCE 
(unknown user: x...@anup.de)

This is the relevant part of the main.cf:

dovecot_destination_recipient_limit = 1

virtual_mailbox_domains = anup.de bit-corner.de bitcorner.de 
baubetreuung-meyer.de saxelektro.de
virtual_mailbox_base = /var/spool/vhosts
#virtual_mailbox_maps = hash:/etc/postfix/vmailbox
#virtual_minimum_uid = 100
#virtual_uid_maps = static:5000
#virtual_gid_maps = static:5000
virtual_mailbox_limit = 524288000
virtual_transport = dovecot

I don't get it right. As far as I understand postfix uses virtual_transport = 
dovecot
and hands the mail over to the socket dovecot. But how does dovecot know where 
to look
for the socket. I am missing somthing but don't know what.

Any help is appreciated!

  Andreas

Re: [Dovecot] need help with dovecot-lda

[Andreas Meyer]

Hello!

Ben Morrow b...@morrow.me.uk wrote:

 At  5PM +0100 on 14/12/12 Andreas Meyer wrote:
  
  Some month ago I upgraded our dovecot installation from version 1.0.5
  to version 2.1.7 without having any trouble. Postfix is delivering
  email directly per virtual transport to the maildirs and mailboxes of
  the users in /var/spool/vhosts/domains/
  
  Now I want to use dovecot-lda and created a new entry in the master.cf
  of postfix.
  
  dovecot   unix  -   n   n   -   -   pipe
flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/dovecot-lda -f
${sender} -d ${recipient}
  
  It is not clear to me, how the dovecot-lda is started bei dovecot and
  you it finds the socket dovecot postfix created.
 
 The process listening on that 'dovecot' pipe is a Postfix pipe(8)
 process. When a delivery request comes in from elsewhere in Postfix, it
 invokes /usr/libexec/dovecot/dovecot-lda as a new child process. This
 new lda process will contact the dovecot-auth service if it needs to,
 but is otherwise not connected to the running Dovecot server at all.
 
 If you want Dovecot to listen for deliveries (which has some efficiency
 advantages), you want to use LMTP.
 
  I set soft_bounce = yes in main.cf of postfix and delivery of mail fails 
  with
   
  Dec 14 16:13:34 delta postfix/virtual[14082]: BBC0F1B31294:
  to=x...@anup.de, relay=virtual, delay=395, delays=395/0.01/0/0.13,
  dsn=4.1.1, status=SOFTBOUNCE (unknown user: x...@anup.de)
 
 What happens if you run
 
 echo foo | /usr/libexec/dovecot/dovecot-lda \
 -f x...@anup.de -d x...@anup.de
 
 in the shell (as the vmail user)? Does it fail with exit code 67? This
 is EX_NOUSER, and is the standard way for LDAs to signal 'I don't know
 how to deliver to this user'. Either x...@anup.de is not a valid address
 at that domain, or you haven't made the auth-userdb socket available to
 the vmail user. See http://wiki2.dovecot.org/LDA, under the section
 'Virtual users'.

I did this in the shell:

delta:/ # su vmail
delta:/ # whoami
root
delta:/ # echo test | /usr/libexec/dovecot/dovecot-lda -f anme...@anup.de -d 
anme...@anup.de

and the mail was delivered to the mailbox without error. Maybe the vmail user
is the problem?
When I send an email from my desktop I get this in the mail.log:
Dec 14 21:19:42 delta postfix/virtual[16185]: A6E511B3128A: 
to=anme...@anup.de, relay=virtual, delay=0.15, delays=0.08/0.01/0/0.06, 
dsn=4.1.1, status=SOFTBOUNCE (unknown user: anme...@anup.de)

The line of the /etc/shadow for vmail looks like this:
vmail::13940:0:9:7:::

Why is root not switching to vmail? May vmail be the problem?

delta:/ # id vmail
uid=110(vmail) gid=110(vmail) Gruppen=110(vmail)

  Andreas

[Dovecot] imap_idle_notify_interval

[Andreas Meyer]

Hi!

I want to change the imap_idle_notify_interval t0 29 minutes and have
edited the 20-imap.conf with imap_idle_notify_interval = 29 mins and
restarted the server.

doveconf -n shows me this:

protocol imap {
  imap_idle_notify_interval = 29 mins
  mail_max_userip_connections = 10
  mail_plugins =  quota imap_quota autocreate
}


doveconf |grep idle shows me the following output:
default_idle_kill = 1 mins
imap_idle_notify_interval = 2 mins
mailbox_idle_check_interval = 30 secs
  idle_kill = 0
  idle_kill = 4294967295 secs
  idle_kill = 0
  idle_kill = 0
  idle_kill = 0
  idle_kill = 0
  idle_kill = 4294967295 secs
  idle_kill = 0
  idle_kill = 0
  idle_kill = 0
  idle_kill = 0
  idle_kill = 0
  idle_kill = 0
  idle_kill = 0
  idle_kill = 0
  idle_kill = 4294967295 secs
  idle_kill = 0
  idle_kill = 0
  idle_kill = 0
  idle_kill = 0
  idle_kill = 4294967295 secs
  idle_kill = 0
  idle_kill = 4294967295 secs
  imap_idle_notify_interval = 29 mins

I see two line of imap_idle_notify_interval. What is the right one?

Greetings

  Andreas

Re: [Dovecot] imap_idle_notify_interval

[Andreas Meyer]

Hi!

Timo Sirainen t...@iki.fi wrote:

 On 11.9.2012, at 17.00, Andreas Meyer wrote:
 
  protocol imap {
   imap_idle_notify_interval = 29 mins
   mail_max_userip_connections = 10
   mail_plugins =  quota imap_quota autocreate
  }
  
  
  doveconf |grep idle shows me the following output:
  imap_idle_notify_interval = 2 mins
   imap_idle_notify_interval = 29 mins
  
  I see two line of imap_idle_notify_interval. What is the right one?
 
 One is used by IMAP processes, the other is used by non-IMAP processes. Of 
 course, non-IMAP processes don't use that setting.

So everthing is fine and the imap_idle_notify_interval = 29 mins
Thank you!

  Andreas

Re: [Dovecot] v2.0.21 released

[Andreas Meyer]

Timo Sirainen t...@iki.fi wrote:

 http://dovecot.org/releases/2.0/dovecot-2.0.21.tar.gz
 http://dovecot.org/releases/2.0/dovecot-2.0.21.tar.gz.sig
 
 + dict: file backend supports now also fcntl/flock locking optionally
 - imap-login: Memory leak fixed
 - imap: Non-UTF8 input on SEARCH command parameters could have crashed
 - auth: Fixed crash with DIGEST-MD5 when attempting to do master user
   login without master passdbs. 
 - sdbox: Don't use more fds than necessary when copying mails.
 - mdbox kept the user's storage locked a bit longer than it needed to
 

Please can some soul explain the naming conventions used to release this 
software?

Tue Jun 12 00:51:56 EEST 2012
Released v2.0.21.
Tue May 29 22:24:49 EEST 2012
Released v2.1.7.

I don't understand the numbering.

  Andreas

Re: [Dovecot] per user quota

[Andreas Meyer]

Daniel Parthey daniel.part...@informatik.tu-chemnitz.de wrote:

 Hello Andreas,
 
 Andreas Meyer wrote:
  I activated quota
  
  plugin {
  quota = maildir:User quota
  quota_rule = *:storage=1GB
  # 10% of 1GB = 100MB
  quota_rule2 = Trash:storage=+10%%
  }
  
  But when I want to do per user quota in the passwd-file
  ...vhosts/anup.de/anmeyer::userdb_mail=maildir:~/userdb_quota_rule=*:bytes=10G
 
 It looks like you are at least missing a space between userdb_mail=maildir:~/
 and userdb_quota_rule.

Wow, great! The space was missing and now it works.

 You forgot to attach your doveconf -n output.

ok, next time.
 
 Regards,
 Daniel

   Andreas

[Dovecot] upgrade from 1.0.5 to 2.1.7

[Andreas Meyer]

Hello!

I want to upgrade the docevot-installation from v 1.0.5 to 2.1..7

Now I get the following executing
doveconf -n -c /etc/dovecot/dovecot.conf  /home/mail1/dovecot-2.conf

doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:217: add auth_ 
prefix to all settings inside auth {} and remove the auth {} section completely
doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:219: passdb 
passwd-file {} has been replaced by passdb { driver=passwd-file }
doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:222: userdb 
passwd-file {} has been replaced by userdb { driver=passwd-file }

The section  at line 217 looks like this:

auth default {
  mechanisms = plain
  passdb passwd-file {
  args = /etc/dovecot/passwd
  }
  userdb passwd-file {
  args = /etc/dovecot/passwd
  }

How do I change it to fullfill the new needs?

And how do I handle line 217?
add auth_ prefix to all settings inside auth {} and remove the auth {} section 
completely
?

Thanks for help!

 Andreas

Re: [Dovecot] upgrade from 1.0.5 to 2.1.7

[Andreas Meyer]

Reindl Harald h.rei...@thelounge.net wrote:

 
 
 Am 08.06.2012 13:05, schrieb Andreas Meyer:
  I want to upgrade the docevot-installation from v 1.0.5 to 2.1..7
  Now I get the following executing
  doveconf -n -c /etc/dovecot/dovecot.conf  /home/mail1/dovecot-2.conf
  
  doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:217: add 
  auth_ prefix to all settings inside auth {} and remove the auth {} section 
  completely
  doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:219: 
  passdb passwd-file {} has been replaced by passdb { driver=passwd-file }
  doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:222: 
  userdb passwd-file {} has been replaced by userdb { driver=passwd-file }
  
  The section  at line 217 looks like this:
  
  auth default {
mechanisms = plain
passdb passwd-file {
args = /etc/dovecot/passwd
}
userdb passwd-file {
args = /etc/dovecot/passwd
}
  
  How do I change it to fullfill the new needs?
  
  And how do I handle line 217?
  add auth_ prefix to all settings inside auth {} and remove the auth {} 
  section completely
 
 what exactly are you not understanding here?
 this is a very clear message

I find the message very confusing. It says to do all settings inside auth {} and
then to remove the auth {} section. With v1.0.5 I do have an auth default {} 
section
and a section ## Authentication processes.

 below a partly output from a working 2.1.7
 
 auth_mechanisms= CRAM-MD5 DIGEST-MD5 APOP LOGIN PLAIN
 auth_worker_max_count  = 100
 auth_cache_size= 32768
 auth_cache_ttl = 1800
 auth_cache_negative_ttl= 1800
 auth_username_chars= 
 abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@%
 auth_username_translation  = 
 %@AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz
 auth_debug = no
 auth_debug_passwords   = no
 auth_verbose   = no
 

Thank you! I found section ## Authentication processes but when I add

auth_passdb {
args = /etc/dovecot/passwd
  driver = passwd-file
}
auth_userdb {
args = /etc/dovecot/passwd
  driver = passwd-file
}

I get an error:
doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf line 
709: Unknown setting: auth_passdb

Where do I put the passdb and userdb sections?

  Andreas

Re: [Dovecot] upgrade from 1.0.5 to 2.1.7

[Andreas Meyer]

Reindl Harald h.rei...@thelounge.net wrote:

  The section  at line 217 looks like this:
 
  auth default {
mechanisms = plain
passdb passwd-file {
args = /etc/dovecot/passwd
}
userdb passwd-file {
args = /etc/dovecot/passwd
}
 
  How do I change it to fullfill the new needs?
 
  And how do I handle line 217?
  add auth_ prefix to all settings inside auth {} and remove the auth {} 
  section completely
 
  what exactly are you not understanding here?
  this is a very clear message
  
  I find the message very confusing. It says to do all settings inside auth 
  {} and
  then to remove the auth {} section.
 
 no, it says you should MOVE all settings OUT from auth {}
 in the main part and add a prefix auth_ to them
 
 you quoted your auth{} section
 
 in a pure 2.x setup this would not exist
 

I get this output when I move the passwd settings to the main section:

# doveconf -n -c /etc/dovecot/dovecot.conf  /home/mail1/dovecot-2.conf
doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf line 
710: Unknown setting: auth_passdb

Also if I use !include /etc/dovecot/auth-passwdfile.conf in the main section,
the auth-passwdfile.conf weems to be ignored. It has the following content:

passdb {
  driver = passwd-file
  #args = scheme=CRYPT username_format=%u /etc/dovecot/passwd
  args = /etc/dovecot/passwd
}

userdb {
  driver = passwd-file
  #args = username_format=%u /etc/dovecot/passwd
  args = /etc/dovecot/passwd

  # Default fields that can be overridden by passwd-file
  #default_fields = quota_rule=*:storage=1G
  
  # Override fields from passwd-file
  #override_fields = home=/home/virtual/%u
}

I don't know where to put the passwd section.

  Andreas

Re: [Dovecot] upgrade from 1.0.5 to 2.1.7

[Andreas Meyer]

Reindl Harald h.rei...@thelounge.net wrote:

 Am 08.06.2012 16:50, schrieb Andreas Meyer:
  Reindl Harald h.rei...@thelounge.net wrote:

  you quoted your auth{} section
 
  in a pure 2.x setup this would not exist
 
  
  I get this output when I move the passwd settings to the main section:
  
  # doveconf -n -c /etc/dovecot/dovecot.conf  /home/mail1/dovecot-2.conf
  doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf line 
  710: Unknown setting: auth_passdb
 
 because this does not belong here
 consider take a look at dovecot2 manuals
 
 http://wiki2.dovecot.org/AuthDatabase/
 http://wiki2.dovecot.org/AuthDatabase/PasswdFile

thanks again! I think I got this one right now.

I risked to restat dovecot with the new version and got this
in the logfile now:

Jun 08 17:20:19 imap: Error: 
dlopen(/usr/lib/dovecot/modules/imap/lib10_quota_plugin.so) failed: 
/usr/lib/dovecot/modules/imap/lib10_quota_plugin.so: 
undefined symbol: mail_storage_module_id
Jun 08 17:20:19 imap: Fatal: Couldn't load required plugins
Jun 08 17:20:19 imap-login: Warning: SSL alert: where=0x4008, ret=256: warning 
close notify [84.179.59.203]

The /usr/lib/dovecot/modules/imap/lib10_quota_plugin.so is a symlink to
/usr/lib/dovecot/modules/lib10_quota_plugin.so

What can I do? Wouldn't it be great to get the new dovecot working with
my users and the old passwd file?

  Andreas

Re: [Dovecot] upgrade from 1.0.5 to 2.1.7

[Andreas Meyer]

Timo Sirainen t...@iki.fi wrote:

 On 8.6.2012, at 14.05, Andreas Meyer wrote:
 
  I want to upgrade the docevot-installation from v 1.0.5 to 2.1..7
  
  Now I get the following executing
  doveconf -n -c /etc/dovecot/dovecot.conf  /home/mail1/dovecot-2.conf
 
 Didn't this command produce a working dovecot-2.conf file? If not, it's 
 probably a bug.

Yes, it did. I was wondering, it just containes a few lines. ;) Took it
and placed it in /usr/etc as dovecot.conf. But then I got this error with
the quota_plugin, see they other thread.

  doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:217: add 
  auth_ prefix to all settings inside auth {} and remove the auth {} section 
  completely
  doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:219: 
  passdb passwd-file {} has been replaced by passdb { driver=passwd-file }
  doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:222: 
  userdb passwd-file {} has been replaced by userdb { driver=passwd-file }
 ..
  How do I change it to fullfill the new needs?
 
 doveconf should have done all of those changes for you and placed them to 
 dovecot-2.conf
 

Yes, it did.

  Andreas

Re: [Dovecot] upgrade from 1.0.5 to 2.1.7

[Andreas Meyer]

Timo Sirainen t...@iki.fi wrote:

 On 8.6.2012, at 18.36, Andreas Meyer wrote:
 
  Jun 08 17:20:19 imap: Error: 
  dlopen(/usr/lib/dovecot/modules/imap/lib10_quota_plugin.so) failed: 
  /usr/lib/dovecot/modules/imap/lib10_quota_plugin.so: 
  
  What can I do? Wouldn't it be great to get the new dovecot working with
  my users and the old passwd file?
 
 The quota plugin isn't against the same version of Dovecot.. So you have two 
 Dovecot versions now somehow all mixed up. One solution would be to delete 
 all files related to Dovecot and install 2.1.7 again.
 

I wonder ./configure, make and make install went through, but for some
reason the /usr/lib/dovecot/modules directory was not updated. Could
it be because there was the old version 1.0.5 still running while
installing the new one?

I'll try to do a make install again while the dovecot is stopped
and then start the new version and see what happens.

  Andreas

Re: [Dovecot] upgrade from 1.0.5 to 2.1.7

[Andreas Meyer]

Reindl Harald h.rei...@thelounge.net wrote:

  I wonder ./configure, make and make install went through, but for some
  reason the /usr/lib/dovecot/modules directory was not updated. Could
  it be because there was the old version 1.0.5 still running while
  installing the new one?
 
 ouch - why are you doing such rough installs instead taking some time
 to learn how to build packages for your OS?
 
 the benefit of package-systems like rpm/deb is that obsolete files
 are removed on updates and you have clean installs over many years
 and major upgrades of any software
 
 as example for FedoraRHEL it is quite easy to setup rpmbuild, install a
 recent src.rpm and replace rebuild new versions for older releases
 
 the additional benefit is that you can do this on  a dedicated virtual
 machine with devel-packages, GCC and so on which is all not needed on
 the production systems AND you can easily use this packages on
 testing machines followed by a crontrolled rollout
 
 even for software with a handful of scripts - on my servers and
 workstations NEVER get any software installed without a package
 and there are only two exceptions: VMware Workstation and ZendStudio

;-) I never ever built a rpm using sources since years. I always
build and install from the sources.

So ok, made a fresh make install and found out that the directory
/usr/lib/dovecot/modules and its contents were not created after
deleting manually the old /usr/lib/dovecot directory.

Got this snipped from the make install output:

make[4]: Leaving directory `/home/mail1/dovecot-2.1.7/src/plugins/imap-stats'
make[3]: Leaving directory `/home/mail1/dovecot-2.1.7/src/plugins/imap-stats'
Making install in trash
make[3]: Entering directory `/home/mail1/dovecot-2.1.7/src/plugins/trash'
make[4]: Entering directory `/home/mail1/dovecot-2.1.7/src/plugins/trash'
make[4]: Für das Ziel »install-exec-am« ist nichts zu tun.
test -z /usr/lib/dovecot || /bin/mkdir -p /usr/lib/dovecot
 /bin/sh ../../../libtool   --mode=install /usr/bin/install -c   
lib11_trash_plugin.la '/usr/lib/dovecot'
libtool: install: warning: relinking `lib11_trash_plugin.la'
libtool: install: (cd /home/mail1/dovecot-2.1.7/src/plugins/trash; /bin/sh 
/home/mail1/dovecot-2.1.7/libtool  --tag CC --mode=relink gcc -std=gnu99 -g -O2 
-Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith 
-Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime 
-Wstrict-aliasing=2 -module -avoid-version -o lib11_trash_plugin.la -rpath 
/usr/lib/dovecot trash-plugin.lo ../quota/lib10_quota_plugin.la -lrt )

*** Warning: Linking the shared library lib11_trash_plugin.la against the 
loadable module
*** lib10_quota_plugin.so is not portable!
libtool: relink: gcc -shared  -fPIC -DPIC  .libs/trash-plugin.o   -Wl,-rpath 
-Wl,/usr/lib/dovecot -L/usr/lib/dovecot -l10_quota_plugin -lrt  -O2   
-Wl,-soname -Wl,lib11_trash_plugin.so -o .libs/lib11_trash_plugin.so
libtool: install: /usr/bin/install -c .libs/lib11_trash_plugin.soT 
/usr/lib/dovecot/lib11_trash_plugin.so
libtool: install: /usr/bin/install -c .libs/lib11_trash_plugin.lai 
/usr/lib/dovecot/lib11_trash_plugin.la
libtool: install: /usr/bin/install -c .libs/lib11_trash_plugin.a 
/usr/lib/dovecot/lib11_trash_plugin.a
libtool: install: chmod 644 /usr/lib/dovecot/lib11_trash_plugin.a
libtool: install: ranlib /usr/lib/dovecot/lib11_trash_plugin.a
libtool: finish: 
PATH=/usr/local/bin:/usr/bin:/sbin:/usr/sbin:/bin:/usr/X11R6/bin:/usr/games:/usr/lib/mit/bin:/usr/lib/mit/sbin:/sbin
 ldconfig -n /usr/lib/dovecot

  Andreas

Re: [Dovecot] upgrade from 1.0.5 to 2.1.7

[Andreas Meyer]

Reindl Harald h.rei...@thelounge.net wrote:

  ;-) I never ever built a rpm using sources since years. I always
  build and install from the sources
 
 a good time to start again :-)
 
 i missed to tell another benefit: you have to specify every
 installed file in the %files section, so you are aware of
 changes in any folder-structure, as long it builds wtihout
 complaining with a new source-version you can be pretty sure
 all is sane
 
 this time virtualization is a real improvement
 
 * build packages outside production environment
 * provide local repos in the own LAN
 * setup testing machins with real data
 * test upgrades with real data
 
 in this life i will never ever setup a server on bare metal
 without having VMware ESXi as backend (clone, snapshots..)
 

I have that beast running. There was an entry in the docecot.conf
like this, created by
doveconf -n -c /etc/dovecot/dovecot.conf  /home/mail1/dovecot-2.conf

protocol imap {
  mail_plugin_dir = /usr/lib/dovecot/modules/imap
  mail_plugins = quota imap_quota
}
protocol pop3 {
  mail_plugin_dir = /usr/lib/dovecot/modules/pop3
  mail_plugins = quota
  pop3_uidl_format = %08Xu%08Xv
}


I commented it out and I can retrieved mail furthermore. :-)
Now I want to install dovecot-2.1-pigeonhole-0.3.1 to get sieve
running.

Thank you everybody for the help and that great piece of software!

  Andreas

[Dovecot] per user quota

[Andreas Meyer]

Hello!

I activated quota

plugin {
quota = maildir:User quota
quota_rule = *:storage=1GB
# 10% of 1GB = 100MB
quota_rule2 = Trash:storage=+10%%
}

But when I want to do per user quota in the passwd-file
...vhosts/anup.de/anmeyer::userdb_mail=maildir:~/userdb_quota_rule=*:bytes=10G

I get this in the logfile and can't login:

Jun 08 22:25:52 imap(anme...@anup.de): Error: user anme...@anup.de: 
Initialization failed: Initializing mail storage from mail_location setting 
failed: Unknown setting: bytes
Jun 08 22:25:52 imap(anme...@anup.de): Error: Invalid user settings. Refer to 
server log for more information.

Same with 'storage' in the passwd-file. What's wrong?

  Andreas

[Dovecot] sieve with dovecot v1.x

[Andreas Meyer]

Hello!

Is there a chance to have sieve working with dovecot version 1.0.5?

/usr/lib/dovecot looks like this:

-rwxr-xr-x 1 root root  43932 22. Sep 2007  checkpassword-reply
-rwxr-xr-x 1 root root 538996 22. Sep 2007  deliver
-rwxr-xr-x 1 root root 127728 22. Sep 2007  dict
-rwxr-xr-x 1 root root 270248 22. Sep 2007  dovecot-auth
-rwxr-xr-x 1 root root  43952 22. Sep 2007  gdbhelper
-rwxr-xr-x 1 root root  48080 22. Sep 2007  idxview
-rwxr-xr-x 1 root root 596364 22. Sep 2007  imap
-rwxr-xr-x 1 root root 135912 22. Sep 2007  imap-login
-rwxr-xr-x 1 root root  43952 22. Sep 2007  logview
drwxr-xr-x 5 root root   4096 23. Dez 2008  modules
-rwxr-xr-x 1 root root 529512 22. Sep 2007  pop3
-rwxr-xr-x 1 root root 127660 22. Sep 2007  pop3-login
-rwxr-xr-x 1 root root  69056 22. Sep 2007  rawlog
-rwxr-xr-x 1 root root 134748 22. Sep 2007  sievec
-rwxr-xr-x 1 root root  68748 22. Sep 2007  sieved
-rwxr-xr-x 1 root root  44116 22. Sep 2007  ssl-build-param

so there is a sievec and a sieved, but in the dovecot.conf there
is no mention about sieve.

I would compile the latest version of dovecot if I knew, how the
running 1.0.5 was built. I need it for an openSUSE 10.3

Kind regards

  Andreas

Re: [Dovecot] sieve with dovecot v1.x

[Andreas Meyer]

Hello!

Stephan Bosch step...@rename-it.nl wrote:

 On 6/2/2012 1:43 PM, Andreas Meyer wrote:
  Hello!
 
  Is there a chance to have sieve working with dovecot version 1.0.5?
 
 Yes, the old CMUSieve plugin should work for that. By the looks of it, 
 it is already installed, so you'll only need to configure it:
 
 http://wiki1.dovecot.org/LDA/Sieve/CMU#Configuring

Ok, I have done that. How can I know, if sieve now works with dovecot?
When I login with roundcube, in the settings I have a Filter-Tab but
when I click on it it says not possible to connect to server or somesuch.

 Regards,
 
 Stephan.

  Andreas

Re: [Dovecot] sieve with dovecot v1.x

[Andreas Meyer]

Hello!

Stephan Bosch step...@rename-it.nl wrote:

 Oh, you didn't mention using RoundCube earlier. That implies the need of 
 ManageSieve. You'll need to configure the following as well:
 
 http://wiki1.dovecot.org/ManageSieve
 
 Your earlier directory listing indicates that it is not installed on 
 your system; the managesieve and managesieve-login binaries would be 
 located there if it were. Check whether that version of opensuse has a 
 package for dovecot-managesieve or compile it yourself if it is missing. 
 If that is difficult, the following could be an alternative:
 
 http://www.gitorious.net/pysieved/pages/Home

I think pysieved is the only chance I have. I have installed it and
activated by xinetd. But now I have the problem that the dovecot.conf
says:

auth default {
  mechanisms = plain
  passdb passwd-file {
  args = /etc/dovecot/passwd
  }

and the install howto of pysieved says:

   auth default {
  socket listen {
client {
  path = /var/run/dovecot/auth-client
  mode = 0666
}
  }
}

pysieved.ini :
[Dovecot]
mux = /var/run/dovecot/auth-client

what can I do now?

 
 Regards,
 
 Stephan.

  Andreas

Re: [Dovecot] dovecot with IMAP and POP3 mixed

[Andreas Meyer]

Hello!

Mark Sapiro m...@msapiro.net schrieb:

 On Sun, Mar 22, 2009 at 12:27:54PM +0100, Andreas Meyer wrote:
  
  Yes, this is what I get too and the default_folder_prefix is empty.
 
 
 I run dovecot with pop3, imap and squirrelmail with no problems.
 
 The major difference I see between your dovecot -n and mine other than
 the fact that you have 1.0.5 and I have 1.2.beta3 is that I have

Yes, this is a SuSE-rpm from openSuSE10.3

 mail_location: mbox:~/Mail:INBOX=/var/spool/mail/%u
 
 In other words, I specify one file for the INBOX and another directory
 for everything else. I don't think this works with maildir though.

I have the beast running. I found out that I had to create a directory
where dovecot can write indexes and such things to. 

# dovecot -n
# 1.0.5: /etc/dovecot/dovecot.conf
log_path: /var/log/dovecot1
protocols: imap imaps pop3
ssl_disable: yes
disable_plaintext_auth: no
login_dir: /var/run/dovecot/login
login_executable(default): /usr/lib/dovecot/imap-login
login_executable(imap): /usr/lib/dovecot/imap-login
login_executable(pop3): /usr/lib/dovecot/pop3-login
mail_location: 
mbox:/var/spool/vhosts/%d/dovecotprivate/%n:INBOX=/var/spool/vhosts/%d/%n
mail_debug: yes
mail_executable(default): /usr/lib/dovecot/imap
mail_executable(imap): /usr/lib/dovecot/imap
mail_executable(pop3): /usr/lib/dovecot/pop3
mail_plugin_dir(default): /usr/lib/dovecot/modules/imap
mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap
mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3
pop3_uidl_format(default):
pop3_uidl_format(imap):
pop3_uidl_format(pop3): %08Xu%08Xv
auth default:
  passdb:
driver: passwd-file
args: /etc/dovecot/passwd
  userdb:
driver: passwd-file
args: /etc/dovecot/passwd

So in dovecotprivate directories for the indexes are stored for mbox-users.
This works, I had to set permissions to 777 for dovecotprivate so that dovecot
can write into it. I don't know if this is a security-risk.

The /etc/dovecot/passwd then looks like this:

# anup.de (maildir)
m...@anup.de:{PLAIN}passwd:5000:5000::/var/spool/vhosts/anup.de/mail::userdb_mail=maildir:~/
u...@anup.de:{PLAIN}passwd:5000:5000::/var/spool/vhosts/anup.de/user::userdb_mail=maildir:~/

# anup.de (mbox)
us...@anup.de:{PLAIN}passwd7:5000:5000
us...@anup.de:{PLAIN}passwd8:5000:5000

Works great and dovecot can handle both maildir and mbox for one domain.
And this solved also the problem with Squirrelmail. The setup is not fully
testet yet.

Thank you all!
-- 
   Andreas Meyer

A man, a miss, a car -- a curve,
He kissed the miss and missed the curve -- Burma Shave (1948)

Mein öffentlicher GPG-Schlüssel unter:
http://gpg-keyserver.de/pks/lookup?search=anmeyerfingerprint=onop=index

Re: [Dovecot] dovecot with IMAP and POP3 mixed

[Andreas Meyer]

Hello!

Seth Mattinen se...@rollernet.us schrieb:

 Bill Cole wrote:

  There *should* be some way to make SquirrelMail stop trying to create
  its folders under INBOX, but I have no idea if there actually *is* one.
  Some IMAP servers only allow the creation of folders as children of
  INBOX, and as a result some (broken) IMAP clients only know how to
  create folders that way. You can accommodate such software in Dovecot by
  using namespaces.
  
 
 Run the squirrelmail configure program and change the default folder
 prefix to blank under folder defaults.

The default folder prefix is empty.

 
 ~Seth
 

-- 
   Andreas Meyer

A man, a miss, a car -- a curve,
He kissed the miss and missed the curve -- Burma Shave (1948)

Mein öffentlicher GPG-Schlüssel unter:
http://gpg-keyserver.de/pks/lookup?search=anmeyerfingerprint=onop=index