Re: Dovecot proxy ignores trusted root certificate store

2015-09-21 Thread Andrew McN 

On 21/09/15 17:28, Alex Bulan wrote:
> The result is the same with or without "<" before the file path.  With
> "<" the inode atime is updated at Dovecot startup, so the file is at
> least opened, but Dovecot still can't verify the cert.
> 
> The only place in the Wiki that shows an example of ssl_client_ca_file
> is on this page, and there's no "<" in front of the file path:
> 
> http://wiki2.dovecot.org/Replication
> 
> (quote)
> The client must be able to verify that the SSL certificate is valid, so
> you need to specify the directory containing valid SSL CA roots:
> 
> ssl_client_ca_dir = /etc/ssl/certs # Debian/Ubuntu
> ssl_client_ca_file = /etc/pki/tls/cert.pem # RedHat
> (end quote)
> 

Suggesting that on Redhat you should specify "the directory containing
valid SSL CA roots" by setting ssl_client_ca_file sounds kinda crazy.
Sounds like setting a file instead.  So that bit of documentation should
be treated as rather suspect.

Regards,
Andrew

Re: imap segfaults when using antispam plugin, and moving mail to an 'unsure' folder.

2015-09-02 Thread Andrew McN 

I've had no responses to this bug report.  Does anyone have any ideas on
how I can move it forward?

Regards,
Andrew

On 13/08/15 06:08, Andrew McN wrote:
> 
> I put up a question on serverfault first, which has the details,
> including a stack trace:
> http://serverfault.com/questions/713687/dovecot-antispam-error-storing-mail
> .  Details also copied below.
> 
> Is this a known bug?  If I built dovecot from source rather than using
> the Ubuntu 14.04 packages, would I expect that to help?  Are there any
> configuration details that might be relevant?  (dovecot -n output shown
> 
> Any help much appreciated.
> 
> Andrew McNaughton
> 
> 
> 
> 
> Details on the serverfault page repeated below, plus a little more.
> 
> -
> 
> Ubuntu 14.04.3   x86_64
> Running inside lxc-docker 1.7.0
> dovecot-imapd 1:2.2.9-1ubuntu2
> dovecot-antispam 2.0+20130822-2build1
> 
> Filesystem is via docker, so aufs is involved, and under that on the
> host systems is ext4
> 
> -
> 
> I know mail is not supposed to be moved into a mailbox of type 'unsure'.
> The server should refuse this action. What actually happens though is
> that the imap process throws an error and dies:
> 
> Aug 12 17:53:07 255c7fc2d2f0 imap: antispam:
> mailbox_is_unsure(Review-Classification): 1
> Aug 12 17:53:07 255c7fc2d2f0 dovecot: imap(u...@example.com): Panic:
> file mail-storage.c: line 2141 (mailbox_copy): assertion failed:
> (!ctx->unfinished)
> Aug 12 17:53:07 255c7fc2d2f0 dovecot: imap(u...@example.com): Error: Raw
> backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x5e271) [0x7f718e7dd271]
> -> /usr/lib/dovecot/libdovecot.so.0(+0x5e34e) [0x7f718e7dd34e] ->
> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7f718e798a9e] ->
> /usr/lib/dovecot/libdovecot-storage.so.0(+0x7196f) [0x7f718eab896f] ->
> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_move+0x15)
> [0x7f718eab8985] -> dovecot/imap(+0xded5) [0x7f718ef84ed5] ->
> dovecot/imap(command_exec+0x3c) [0x7f718ef8f6dc] ->
> dovecot/imap(+0x176cf) [0x7f718ef8e6cf] -> dovecot/imap(+0x17785)
> [0x7f718ef8e785] -> dovecot/imap(client_handle_input+0x125)
> [0x7f718ef8eaa5] -> dovecot/imap(client_input+0x75) [0x7f718ef8ee35] ->
> /usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x27) [0x7f718e7ed247]
> -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xd7)
> [0x7f718e7edfd7] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x38)
> [0x7f718e7ecde8] ->
> /usr/lib/dovecot/libdovecot.so.0(master_service_run+0x13)
> [0x7f718e79dc93] -> dovecot/imap(main+0x2c4) [0x7f718ef832f4] ->
> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf5) [0x7f718e3dbec5]
> -> dovecot/imap(+0xc460) [0x7f718ef83460]
> Aug 12 17:53:07 255c7fc2d2f0 dovecot: imap(u...@example.com): Fatal:
> master: service(imap): child 58 killed with signal 6 (core dumped)
> 
> ---
> 
> root@8ec9579667fc:/# gdb /usr/lib/dovecot/imap /tmp/61
> GNU gdb (Ubuntu 7.7.1-0ubuntu5~14.04.2) 7.7.1
> Copyright (C) 2014 Free Software Foundation, Inc.
> License GPLv3+: GNU GPL version 3 or later
> <http://gnu.org/licenses/gpl.html>
> This is free software: you are free to change and redistribute it.
> There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
> and "show warranty" for details.
> This GDB was configured as "x86_64-linux-gnu".
> Type "show configuration" for configuration details.
> For bug reporting instructions, please see:
> <http://www.gnu.org/software/gdb/bugs/>.
> Find the GDB manual and other documentation resources online at:
> <http://www.gnu.org/software/gdb/documentation/>.
> For help, type "help".
> Type "apropos word" to search for commands related to "word"...
> Reading symbols from /usr/lib/dovecot/imap...Reading symbols from
> /usr/lib/debug//usr/lib/dovecot/imap...done.
> done.
> [New LWP 61]
> Core was generated by `dovecot/imap'.
> Program terminated with signal SIGABRT, Aborted.
> #0  0x7f5dd5394cc9 in __GI_raise (sig=sig@entry=6) at
> ../nptl/sysdeps/unix/sysv/linux/raise.c:56
> 56  ../nptl/sysdeps/unix/sysv/linux/raise.c: No such file or directory.
> (gdb) bt full
> #0  0x7f5dd5394cc9 in __GI_raise (sig=sig@entry=6) at
> ../nptl/sysdeps/unix/sysv/linux/raise.c:56
> resultvar = 0
> pid = 61
> selftid = 61
> #1  0x7f5dd53980d8 in __GI_abort () at abort.c:89
> save_stage = 2
> act = {__sigaction_handler = {sa_handler = 0x800, sa_sigaction

Re: plugin antispam sa-learn run program failed with exit code -1

2015-08-21 Thread Andrew McN 


On 21/08/15 19:49, Guillaume Lakano - DOVECOT wrote:
> Aug 20 20:21:14 mail imap: antispam: running mailtrain backend program 
> parameter 1 -D --username=guillaume.x...@mydomain.com
> Aug 20 20:21:14 mail imap: antispam: running mailtrain backend program 
> parameter 2 --spam

That looks like it should be three parameters, not two?

Also, read this:


http://wiki2.dovecot.org/Plugins/Antispam#Backend_-_mailtrain_realtime_sa-learn


Andrew

sieve and antispam

2015-08-14 Thread Andrew McN 

I have a fairly standard antispam/dspam setup: postfix delivers to
dspam, which classifies and tags the mail, and then passes it to postfix
which uses sieve to put mail into the appropriate folders based on
dspam's classification.  I also have the antispam plugin watching mail
being moved between folders and re-training dpsam accordingly.

If I now add some sieve filter rules which put incoming mail into
appropriate folders, possibly overriding what would normally result from
dspam's classification, will that be seen by the antispam plugin and
used for training dspam?

Regards,
Andrew McNaughton

imap segfaults when using antispam plugin, and moving mail to an 'unsure' folder.

2015-08-12 Thread Andrew McN 

I put up a question on serverfault first, which has the details,
including a stack trace:
http://serverfault.com/questions/713687/dovecot-antispam-error-storing-mail
.  Details also copied below.

Is this a known bug?  If I built dovecot from source rather than using
the Ubuntu 14.04 packages, would I expect that to help?  Are there any
configuration details that might be relevant?  (dovecot -n output shown

Any help much appreciated.

Andrew McNaughton




Details on the serverfault page repeated below, plus a little more.

-

Ubuntu 14.04.3   x86_64
Running inside lxc-docker 1.7.0
dovecot-imapd 1:2.2.9-1ubuntu2
dovecot-antispam 2.0+20130822-2build1

Filesystem is via docker, so aufs is involved, and under that on the
host systems is ext4

-

I know mail is not supposed to be moved into a mailbox of type 'unsure'.
The server should refuse this action. What actually happens though is
that the imap process throws an error and dies:

Aug 12 17:53:07 255c7fc2d2f0 imap: antispam:
mailbox_is_unsure(Review-Classification): 1
Aug 12 17:53:07 255c7fc2d2f0 dovecot: imap(u...@example.com): Panic:
file mail-storage.c: line 2141 (mailbox_copy): assertion failed:
(!ctx->unfinished)
Aug 12 17:53:07 255c7fc2d2f0 dovecot: imap(u...@example.com): Error: Raw
backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x5e271) [0x7f718e7dd271]
-> /usr/lib/dovecot/libdovecot.so.0(+0x5e34e) [0x7f718e7dd34e] ->
/usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7f718e798a9e] ->
/usr/lib/dovecot/libdovecot-storage.so.0(+0x7196f) [0x7f718eab896f] ->
/usr/lib/dovecot/libdovecot-storage.so.0(mailbox_move+0x15)
[0x7f718eab8985] -> dovecot/imap(+0xded5) [0x7f718ef84ed5] ->
dovecot/imap(command_exec+0x3c) [0x7f718ef8f6dc] ->
dovecot/imap(+0x176cf) [0x7f718ef8e6cf] -> dovecot/imap(+0x17785)
[0x7f718ef8e785] -> dovecot/imap(client_handle_input+0x125)
[0x7f718ef8eaa5] -> dovecot/imap(client_input+0x75) [0x7f718ef8ee35] ->
/usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x27) [0x7f718e7ed247]
-> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xd7)
[0x7f718e7edfd7] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x38)
[0x7f718e7ecde8] ->
/usr/lib/dovecot/libdovecot.so.0(master_service_run+0x13)
[0x7f718e79dc93] -> dovecot/imap(main+0x2c4) [0x7f718ef832f4] ->
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf5) [0x7f718e3dbec5]
-> dovecot/imap(+0xc460) [0x7f718ef83460]
Aug 12 17:53:07 255c7fc2d2f0 dovecot: imap(u...@example.com): Fatal:
master: service(imap): child 58 killed with signal 6 (core dumped)

---

root@8ec9579667fc:/# gdb /usr/lib/dovecot/imap /tmp/61
GNU gdb (Ubuntu 7.7.1-0ubuntu5~14.04.2) 7.7.1
Copyright (C) 2014 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later

This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
.
Find the GDB manual and other documentation resources online at:
.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /usr/lib/dovecot/imap...Reading symbols from
/usr/lib/debug//usr/lib/dovecot/imap...done.
done.
[New LWP 61]
Core was generated by `dovecot/imap'.
Program terminated with signal SIGABRT, Aborted.
#0  0x7f5dd5394cc9 in __GI_raise (sig=sig@entry=6) at
../nptl/sysdeps/unix/sysv/linux/raise.c:56
56  ../nptl/sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) bt full
#0  0x7f5dd5394cc9 in __GI_raise (sig=sig@entry=6) at
../nptl/sysdeps/unix/sysv/linux/raise.c:56
resultvar = 0
pid = 61
selftid = 61
#1  0x7f5dd53980d8 in __GI_abort () at abort.c:89
save_stage = 2
act = {__sigaction_handler = {sa_handler = 0x800, sa_sigaction =
0x800}, sa_mask = {__val = {140041026109520, 178, 140041026077952, 512,
  140040990095251, 140041026077952, 140041026077952, 512,
140040990087565, 140734823456136, 140040990231826, 140041026077952,
140734823456040, 0,
  140040990231929, 140041026077952}}, sa_flags = -713567062,
sa_restorer = 0x7fff6128dd01}
sigs = {__val = {32, 0 }}
#2  0x7f5dd5781298 in default_fatal_finish (type=,
status=status@entry=0) at failures.c:192
backtrace = 0x7f5dd79d0538
"/usr/lib/dovecot/libdovecot.so.0(+0x5e271) [0x7f5dd5781271] ->
/usr/lib/dovecot/libdovecot.so.0(+0x5e34e) [0x7f5dd578134e] ->
/usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7f5dd573ca9e] ->
/usr/lib/d"...
#3  0x7f5dd578134e in i_internal_fatal_handler (ctx=0x7fff6128dd70,
format=, args=) at failures.c: