Re: IMAP copy stopped copying flags

[Andrzej A. Filip]

Timo Sirainen  wrote:
> On 9 Jul 2018, at 16.49, Andrzej A. Filip  wrote:
>> 
>> Is it intended behavior?
>
> No.
>
>> It seems to be caused by upgrade to 1:2.3.2-2 on Debian/Testing.
>
> What was the old version? What's your doveconf -n? How are you testing
> that it's not working?

It seems that the problem occurred after Debian/Testing dovecot's upgrade
from 1:2.2.36-1 to 1:2.3.2-2.  I have fixed the problem by downgrading
dovecot to version provided by Debian/Stable (1:2.2.27-3+deb9u2).

I use dovecot in "server less" mode (IMAP via stdin+stdout) with maildir.

mail_location = maildir:~/Maildir:LAYOUT=fs

-- 
A. Filip

IMAP copy stopped copying flags

[Andrzej A. Filip]

Is it intended behavior?

It seems to be caused by upgrade to 1:2.3.2-2 on Debian/Testing.

-- 
A. Filip

Re: Can Dovecot replace fetchmail?

[Andrzej A. Filip]

Peter Chiochetti  wrote:
> Am 2017-07-13 um 09:34 schrieb Kenneth Porter:
>> I'm using fetchmail to grab mail for multiple accounts from an
>> external IMAP server and drop it into local mailboxes via SMTP. It
>> polls the remote server every two minutes. Can Dovecot replace this
>> functionality more elegantly, using IDLE to avoid the polling
>> necessary with fetchmail? I'd like to designate that mail for
>> specific accounts on the external server be moved to specific local
>> mailboxes.
>
> Just in case: fetchmail can /idle/ on an IMAP server as well, though
> with multiple accounts that needs some tuning, see
> eg. https://bugs.launchpad.net/bugs/1021699 or
> http://fnxweb.com/blog/2012/07/14/using-multiple-fetchmail-instances-for-instant-gratification/

fetchmail 6.3.4 supports option for pid-file location.
It simplifies the configuration.

-- 
A. Filip

Re: Dovecot user lookup from sendmail

[Andrzej A. Filip]

Garry Glendown  wrote:
> after trying everything I could think of and find on the web, I'm
> totally stumped ... maybe someone give me some hints on what I'm doing
> wrong, or where to look ...
>
> I have an ancient customer box with sendmail & cyrus imap, with imap
> using an LDAP database of users (no locally configured users), all of
> which is working fine.
>
> This machine needs to be replaced by a new installation, which -
> regrettably - is supposed to use SLES 12. Which does not have any Cyrus
> IMAP packages available anymore, so I had to use the Dovecot imap
> instead. I've already got the LDAP auth working, as well as the imap
> storage of mails (used imapsync to copy all of the old mailboxes to the
> new machine), everything fine so far.
>
> Anyway, I'm running into problems getting sendmail to check whether a
> recipient actually exists. Any local user is correctly identified, but
> all virtual users are constantly rejected. I tried finding anything on
> how sendmail actually does the user check ... on the cyrus install, all
> I had to do is
>
> define(`confLOCAL_MAILER',`cyrusv2')dnl
> define(`CYRUSV2_MAILER_ARGS',`FILE /var/lib/imap/socket/lmtp')dnl
> MAILER(cyrusv2)dnl
>
> and both user checks and local delivery worked. What's the appropriate
> config entry in the .mc for dovecot?
>
> I tried settings like:
>
> FEATURE(`local_lmtp',`[IPC]',`FILE /var/run/dovecot/lmtp')dnl
>
> and used the dovecot.m4 file together with
>
> MAILER(`dovecot')dnl
>
> but couldn't see anything happening - or improve.
>
> Hints and help greatly appreciated!

Does you old sendmail config use FEATURE(`stickyhost')?
[ It would explain working virtual addresses ]

-- 
A. Filip

Re: sieve: filtering based on default destination/folder [closed]

[Andrzej A. Filip]

Stephan Bosch  wrote:
> Op 3/24/2016 om 4:45 PM schreef Andrzej A. Filip:
>> Is it possible to make sieve filter based on default destination/folder?
>>
>> How to trigger special processing/filtering rules when deliver has been 
>> executed as
>> 'deliver -m archive ...' ?
>>
> Not in any standard way.
>
> Dovecot has a vendor-specific extension for this:
>
> https://raw.githubusercontent.com/dovecot/pigeonhole/master/doc/rfc/spec-bosch-sieve-dovecot-environment.txt
>
> But only for fairly recent versions.
>
> You need to enable this extension using the sieve_extensions setting (or
> sieve_global_extensions).

Thank you!
It DOES work with my precompiled dovecot package provided by my linux 
distribution.
[I had to "mistype something" in sieve_extensions config option during previous 
tests]

-- 
A. Filip

Re: sieve: filtering based on default destination/folder

[Andrzej A. Filip]

Stephan Bosch  wrote:
> Op 3/24/2016 om 4:45 PM schreef Andrzej A. Filip:
>> Is it possible to make sieve filter based on default destination/folder?
>>
>> How to trigger special processing/filtering rules when deliver has been 
>> executed as
>> 'deliver -m archive ...' ?
>>
> Not in any standard way.
>
> Dovecot has a vendor-specific extension for this:
>
> https://raw.githubusercontent.com/dovecot/pigeonhole/master/doc/rfc/spec-bosch-sieve-dovecot-environment.txt
>
> But only for fairly recent versions.
>
> You need to enable this extension using the sieve_extensions setting (or
> sieve_global_extensions).
>
> Regards,
>
> Stephan.

It seems to be what I have wanted.  Precompiled dovecot package I use
does not support it (yet).

Thank you for the hint what I should wait for :-)

-- 
A. Filip

sieve: filtering based on default destination/folder

[Andrzej A. Filip]

Is it possible to make sieve filter based on default destination/folder?

How to trigger special processing/filtering rules when deliver has been 
executed as
'deliver -m archive ...' ?

-- 
A. Filip

Re: Option to not add "Received" header ?

[Andrzej A. Filip]

Timo Sirainen  wrote:
> On 21 Mar 2016, at 22:08, Tom Sommer  wrote:
>> 
>> On 2015-03-24 12:27, Florent B wrote:
>> 
>>> I use Dovecot in lmtp mode to receive mails.
>>> I would like an option to tell Dovecot to not add a "Reveived" header on
>>> each server (I use a director, so Director also adds this header).
>> 
>> I would love this as well.
>
> How about the other way around: Does anybody want Dovecot LMTP to add
> a Received header? dovecot-lda doesn't. And proxy/director logs
> nowadays about what goes through them. Dovecot itself doesn't check
> the Received headers in any way for looping or other purposes. Maybe
> Dovecot v2.3 shouldn't add any Received headers at all?

IMHO The "Received:" may be handy for purposes of debugging delivery.
I can easily agree with your "suggestion" that it should not be added
_by default_ .

Re: Configure the sendmail with the dovecot.

[Andrzej A. Filip]

"Lucky ."  wrote:
> Can you please provide the step for configure sendmail with dovecot.
>
> We could not understand the parameter which mention in sendmail.cf
> file. Please provide the parameter description as well as where need
> to change exactly in sendmail.cf file.

Have you seen the wiki page below?

  http://wiki2.dovecot.org/LDA/Sendmail

Which part of it is unclear?

Re: multiple messages per second to a single mailbox

[Andrzej A. Filip]

Chad M Stewart  wrote:
> On Aug 14, 2015, at 1:01 PM, Andrzej A. Filip  wrote:
>
>> 
>> 
>> Are docecot and postfix located on the same server?
>> Can postfix access (deliver) directly maildir file directory dovecot uses?
>> 
>
> For the moment yes they are on the same server.  I designed it to be
> modular, the various components can be placed on different systems
> with no configuration changes required, should it be necessary.
>
> I'll note that Postfix does not appear to have any problems writing
> the files to its queue as fast as they are being delivered to it.
> Postfix and Dovecot are writing to different disks, though both are on
> the SAN, and both have noatime set.

As I understand:
*  maildir is designed for allowing fast "lockless" parallel deliveries
*  dovecot's LDA updates some dovecot specific index/cache files even for
   deliveries to maildir
=> making postfix deliver to maildir without updating dovecot specific files
   may solve your performance problems

-- 
A. Filip

Re: multiple messages per second to a single mailbox

[Andrzej A. Filip]

Chad M Stewart  wrote:
> On Aug 12, 2015, at 11:04 AM, Andrzej A. Filip  
> wrote:
>> 
>> 
>
> <..snip..>
>
>> Could you provide the following info:
>> a) mailbox type (maildir/mbox/dbox/...)
>
> maildir
>
>> [mail_location in dovecot's config]
>
> /srv/mail///
>
>> b) file system type (ext2/ext3/ext4/fat32/...)
>> [provided by "df -T" command on my system]
>
> As I said ext4.  
>
> Since I posted I've changed a couple of things: ulimit -n 8192, and
> disabled fsync as in mail_fsync = never.  I'm not sure if I'll put it
> back in the LMTP section or not.  Given all the hardware abstraction
> layers.

Are docecot and postfix located on the same server?
Can postfix access (deliver) directly maildir file directory dovecot uses?

-- 
A. Filip

Re: multiple messages per second to a single mailbox

[Andrzej A. Filip]

Chad M Stewart  wrote:
> Dovecot 2.2.18 on CentOS 6
>
> I have a pair of servers setup with MySQL, Postfix, and Dovecot.  Replication 
> is setup and working between the two dovecot instances. 
>
> The problem I'm running into is that a single mailbox receives a lot
> of messages, at times the rate is multiple messages per
> second. Delivery from Postfix to Dovecot is via tcp based LMTP.  When
> I do 'ps -aef|grep lmtp|wc -l' I get 62 and does not appear to go
> higher than that. At the moment I have 4500 and 8300 messages queued
> on two Postfix instances waiting to deliver via LMTP to the same
> dovecot instance.  Deliveries only happen via LMTP and only one of the
> two nodes actually gets the deliveries.
>
> What I'm seeing is very high load on the system (40) and queues
> building on the Postfix side.  Replication is keeping up.  Looking at
> the logs now I see anywhere from 4-7 messages per second delivered to
> this single mailbox.  I would like to increase that rate a lot.
>
> These machines are VMs hosted on Xenserver 6.x.  I have them setup
> with 8 vCPUs (2 sockets with 4 cores per socket), the dom0 machines
> have dual HBA connectors back to a SAN and have 128 CPUs and 256GB of
> RAM and are not taxed.  I added a 2nd virtual disk that is used for
> storing mailbox data.  It is ext4 and has noatime set during
> mount. /var is also mounted with noatime.
>
> The performance graphs in XenCenter show nearly all 8 vCPUs at about
> 50%, and the writes on the mailbox data disk are about 20%.  iostat is
> showing mostly <5 for await times for the disks, though I do see a 10
> now and again.
>
>
> I'm guessing that maybe I'm hitting a mailbox locking issue and not sure how
> to reduce the contention and thereby increase the delivery rate to this
> mailbox.

Could you provide the following info:
a) mailbox type (maildir/mbox/dbox/...)
[mail_location in dovecot's config]
b) file system type (ext2/ext3/ext4/fat32/...)
[provided by "df -T" command on my system]

-- 
A. Filip

Re: Defer email via LMTP when there is 'no space left on device' instead of rejecting it

[Andrzej A. Filip]

On 08/10/2014 12:31 AM, Timo Sirainen wrote:
> On 10 Aug 2014, at 01:19, Timo Sirainen  wrote:
> 
>>> I'd really like to hear Timo's view on having lmtp do a (configurable)
>>> DEFER when the disk is full which is, most likely, a "temporary" error.
>>
>> My opinion: It shouldn't be configurable - it should always cause temporary 
>> error. The only thing I'm slightly worried about is if write failures 
>> because of "user's filesystem quota full" will always return EDQUOT error 
>> for write() instead of ENOSPC, but I suppose they will in any modern OS. And 
>> it would require changing MAIL_ERROR_NOSPACE definition a bit inside 
>> Dovecot, but that's less of an issue.
> 
> And a bit more generic statement about anything related to errors in Dovecot:
> 
> Problems that admins can solve are temporary errors for users and the'll need 
> an error logged. Problems that are caused by users themselves (like over 
> quota) are usually not temporary errors and they shouldn't have errors logged 
> (since admin can't usually do anything about them anyway).

Do you plan to support MTA queries about mailbox status (overquota,no
space left on device)?  It would allow MTA to deploy its own policies
before sending "RCPT TO:" reply. "Socket map" protocol may be handy.

Converting maildir files from quoted-printable to 8bit

[Andrzej A. Filip]

How to easily convert maildir files from (single part) quoted-printable
to 8bit encoding? [I would like to ease access to sent/posted archives.]

Re: [Dovecot] Dovecot MSA -> Simple MTA -> MTA

[Andrzej A. Filip]

On 11/10/2013 12:59 AM, Reindl Harald wrote:
> 
> 
> Am 10.11.2013 00:48, schrieb Andrzej A. Filip:
>> On 11/08/2013 02:07 PM, Timo Sirainen wrote:
>>> [...]
>>> So perhaps something like this could be done in time for Dovecot v2.4. Any 
>>> thoughts/ideas/suggestions?
>>
>> Have you considered creating SMTP MSA (port 587) server as "step one"?
>>
>> Making dovecot itself handle SMTP AUTH may help to better integrate
>> dovecot with a few more MTA servers.
> 
> hardly - only in very small environments this could work
> 
> everywhere else you have sender-dependent relay hosts, RCPT dependent 
> relayhosts
> and all sort of aliases which you *do not* want treated different between
> incoming mail from outside or a internal server and submission mail
> 
> the only real difference between submission is that it is authenticated
> and because the authentication a few restrictions are not applied
> 
> but in usual there is and must not be any difference in the mail-routing
> 
> so no - make it complete or not at all

Would "simple MTA" make more sense to you?
* MSA
* sending out via smart host
* accepting incoming from email gateway

It may make sense for organizations with geographically distributed
branches.

Re: [Dovecot] Dovecot MSA -> MTA

[Andrzej A. Filip]

On 11/08/2013 02:07 PM, Timo Sirainen wrote:
> [...]
> So perhaps something like this could be done in time for Dovecot v2.4. Any 
> thoughts/ideas/suggestions?

Have you considered creating SMTP MSA (port 587) server as "step one"?

Making dovecot itself handle SMTP AUTH may help to better integrate
dovecot with a few more MTA servers.

Re: [Dovecot] separate mail_location for system and normal users

[Andrzej A. Filip]

On 10/28/2013 09:29 AM, Steffen Kaiser wrote:
> On Fri, 25 Oct 2013, Andrzej A. Filip wrote:
> 
>> How to configure dovecot to use different default mail_location for
>> system (uid<1_000) and normal users (uid>=1_000)?
> 
>> I want to to use by default
>> * classic mailbox in standard location for system users
>> * maildir in $HOME subdirectory for normal users
> 
> That depends :-)
> 
> If you have just one userdb, configure the default mail_location for
> most users and return a mail extra field for the other ones.
> 
> You use passwd? This probably will not work, see
> http://wiki2.dovecot.org/UserDatabase/ExtraFields about the syntax
> 
> You could probably copy the set of users, that requires extra fields,
> from your /etc/passwd to somewhere else, adding the extra field. Then
> configure the copy as userdb { driver passwd-file } _before_ the userdb
> { passwd }. That way, the entries in the passwd-file override the ones
> in /etc/passwd, because they are found first.

I have used userdb/passwd fix for a system with a few "real user
mailboxes". I wanted something better fit for larger systems.

[Dovecot] separate mail_location for system and normal users

[Andrzej A. Filip]

How to configure dovecot to use different default mail_location for
system (uid<1_000) and normal users (uid>=1_000)?

I want to to use by default
* classic mailbox in standard location for system users
* maildir in $HOME subdirectory for normal users

Re: [Dovecot] Transparent IMAP proxy

[Andrzej A. Filip]

On 06/16/2013 03:42 PM, Yonatan Broza wrote:
> I'm considering patching Dovecot to work as a transparent (and virus
> scanning) IMAP proxy.
> [...]

Have you considered non transparent caching proxy?

Re: [Dovecot] Reading dovecot-uidlist by external program (locking)

[Andrzej A. Filip]

On 04/11/2013 10:39 PM, Andrzej A. Filip wrote:
> How to lock dovecot-uidlist file before reading by an external program?
> [perl script]

I have been too "sending happy".

http://wiki2.dovecot.org/MailboxFormat/Maildir
  The dovecot-uidlist file doesn't need to be locked for reading.

[Dovecot] Reading dovecot-uidlist by external program (locking)

[Andrzej A. Filip]

How to lock dovecot-uidlist file before reading by an external program?
[perl script]

Re: [Dovecot] Dovecot Virtual Users with Sendmail

[Andrzej A. Filip]

On 01/03/2013 06:37 AM, dormitionsk...@hotmail.com wrote:
> 
> On Jan 2, 2013, at 4:14 PM, Andrzej A. Filip wrote:
> 
>> On 01/02/2013 08:46 PM, dormitionsk...@hotmail.com wrote:
>>> On Jan 2, 2013, at 11:12 AM, Andrzej A. Filip wrote:
>>>
>>>> On 01/02/2013 06:53 PM, dormitionsk...@hotmail.com wrote:
>>>>> [...]
>>>>> This is the mail header from the mqueue:
>>>>>
>>>>> [...]
>>>>> MDeferred: dovecot mailer (/usr/local/libexec/dovecot/dovecot-lda) exited 
>>>>> with EX_TEMPFAIL
>>>>> [...]
>>>>
>>>> Check dovecot's logs
>>>> If it does not help the push delivery of messages ni sendmail's queue in
>>>> verbose mode: "sendmail -Am -v -q"
>>>
>>> Well, the logs showed this:
>>>
>>> Sep 21 21:47:08 openindiana sendmail[1208]: [ID 702911 mail.warning] 
>>> gethostbyaddr(10.211.55.6) failed: 2
>>> Sep 21 21:47:08 openindiana sendmail[1208]: [ID 702911 mail.warning] 
>>> gethostbyaddr(IPv6:fec0::fea9:21c:42ff:feed:5f38) failed: 2
>>
>> I have asked for _dovecot's_ logs. Your problem may be caused e.g. by
>> sendail executing dovecot-lda "as wrong user".
>>
>>> So I put this in my /etc/hosts file:
>>>
>>> 10.211.55.6 localhost
>>>
>>> And I added DOVECOT to my /etc/hosts 127.0.0.1 line.  
>>
>> *DO NOT* add DOVECOT (magic word in sendail config) to /etc/hosts.
>>
>>> This cleared the queue, but now all of the mail for the virtual users 
>>> bounces with this:
>>> The original message was received at Wed, 2 Jan 2013 11:16:27 -0700 (MST)
>>> from openindiana [IPv6:::1]
>>>
>>>   - The following addresses had permanent fatal errors -
>>> 
>>>(reason: 550 5.1.1 User unknown)
>>> hacwebstore@DOVECOT
>>>(reason: 550 5.1.1 User unknown)
>>>(expanded from: )
>>>
>>>   - Transcript of session follows -
>>> 550 5.1.1 hacwebstore@DOVECOT... User unknown
>>> 550 5.1.1 ... User unknown
>>>
>>>
>>>
>>> Then I took the DOVECOT out of the 127.0.0.1 line, and it still bounces 
>>> with the same error.
>>>
>>> How would I invoke this:  "sendmail -Am -v -q"  ?  Change my startup script?
>>
>> It is intended as one time debug help. It should show in more verbose
>> way delivery attempts of messages staying in sendail's queue.
>>
>>
>> Another test: As root try to deliver message to virtual dovecot mailbox:
>> /usr/lib/dovecot-lda -d hacwebstore
>>
> 
> 
> Please forgive me, Andrzej.  I did not realize you wanted me to actually send 
> you the logs.  I thought you only meant for me to look to see if there was 
> anything helpful in them.
> 
> They do not show much.  If I restart dovecot and sendmail, this is basically 
> what I get.  If I try to send any mail, nothing shows up in dovecot's log.  
> All that shows up anywhere is my logging into squirrelmail.
> 
> 
> network-dovecot-default.log
> 
> [ Jan  2 21:52:07 Stopping because service restarting. ]
> [ Jan  2 21:52:07 Executing stop method ("/lib/svc/method/dovecot.sh stop"). ]
> [ Jan  2 21:52:07 Method "stop" exited with status 0. ]
> [ Jan  2 21:52:07 Executing start method ("/lib/svc/method/dovecot.sh 
> start"). ]
> [ Jan  2 21:52:07 Method "start" exited with status 0. ]
> 
> dovecot-info.log
> 
> Jan 02 21:54:48 master: Info: Dovecot v2.1.12 starting up
> 
> dovecot.log
> 
> Jan 02 21:54:48 master: Warning: Killed with signal 2 (by pid=2587 uid=0 
> code=kill)
> 
> syslog
> 
> Sep 21 21:47:08 openindiana sendmail[1208]: [ID 702911 mail.warning] 
> gethostbyaddr(10.211.55.6) failed: 2
> Sep 21 21:47:08 openindiana sendmail[1208]: [ID 702911 mail.warning] 
> gethostbyaddr(IPv6:fec0::fea9:21c:42ff:feed:5f38) failed: 2
> 
> ---
> 
> systemuser@openindiana:~# /usr/local/libexec/dovecot/dovecot-lda -d 
> hacwebstore
> 
> I had to modify the path to get it to work in Solaris.  When I ran it as 
> above, it sent a blank email to hacwebstore.  
> 
> So, lda appears to be working, but sendmail doesn't?
> 
> ---
> 
> Here is the dovecot portion of my sendmail.cf file again, for your 
> convenience.  Does it appear ok to you?
> 
> 
> ##*##
> ###   DOVECOT Mailer specification  ###
> ##*##
> Mdovecot,   P=/usr/lo

Re: [Dovecot] Dovecot Virtual Users with Sendmail

[Andrzej A. Filip]

On 01/02/2013 06:53 PM, dormitionsk...@hotmail.com wrote:
> [...]
> This is the mail header from the mqueue:
> 
> [...]
> MDeferred: dovecot mailer (/usr/local/libexec/dovecot/dovecot-lda) exited 
> with EX_TEMPFAIL
> [...]

Check dovecot's logs
If it does not help the push delivery of messages ni sendmail's queue in
verbose mode: "sendmail -Am -v -q"

Re: [Dovecot] From Sendmail to Dovecot mdbox, what is missing.

[Andrzej A. Filip]

On 01/01/2013 03:44 PM, Torpey List wrote:
> [...]
> Thanks for the information.
> The email is not being delivered by LTMP because there are no logs.
> 
> The most documentation that I have found is using dovecot-lda, 
> but as you said there are permissions issues.  The wiki implied 
> that LTMP is the best solution but I am not understanding enough
> to get it set up.
> [...]

The quick fix for a few system accounts may be use users' ~/.forward
file to execute dovecot-lda.

You may execute as root the test command below to trace (eventual) problems:
sendmail -d44.4 -d 27.2 -bv user

[Dovecot] map_uid/GUID at IMAP level (IMAP extension?)

[Andrzej A. Filip]

Is map_uid/guid going to be supported at IMAP protocol level? [via IMAP
protocol extension]

Specifically I would like to be able to:
a) ask for mail_uid/GUID of specific message in mail store
b) get list of folders containing copies of message with given mail_uid/GUID

http://wiki2.dovecot.org/MailboxFormat/dbox#Multi-dbox

Related:
https://developers.google.com/google-apps/gmail/imap_extensions#access_to_the_gmail_unique_message_id_x-gm-msgid
[message to guid mapping]

https://developers.google.com/google-apps/gmail/imap_extensions#access_to_gmail_labels_x-gm-labels
[message to list of folders mapping]

Re: [Dovecot] Dovecot Virtual Users with Sendmail

[Andrzej A. Filip]

On 01/02/2013 12:09 AM, dormitionsk...@hotmail.com wrote:
> [...]
> I ran it without making any changes.  This is the output.
>
> systemuser@openindiana:~/Downloads/Sendmail# sendmail -d60.5 -d27.2 -bv 
> hacwebstore
> map_lookup(dequote, systemuser, %0=systemuser) => NOT FOUND (0)
> map_lookup(dequote, hacwebstore, %0=hacwebstore) => NOT FOUND (0)
> alias(hacwebstore)
> aliaswait: sleeping for 2 seconds (loopcount = 1)
> aliaswait: sleeping for 4 seconds (loopcount = 2)
> aliaswait: sleeping for 8 seconds (loopcount = 3)
> aliaswait: sleeping for 16 seconds (loopcount = 4)
> aliaswait: sleeping for 32 seconds (loopcount = 5)
> aliaswait: sleeping for 60 seconds (loopcount = 6)
> ^Csystemuser@openindiana:~/Downloads/Sendmail# 
> [...]
Have you executed newaliases command after modifying aliases file?
The command adds special "magic" entry to the compiled version of
aliases file used by sendmail.

URL(s):
http://etutorials.org/Server+Administration/Sendmail/Part+III+The+Configuration+File/Chapter+24.+The+O+Options+Configuration+Command/AliasWait/

Re: [Dovecot] Dovecot Virtual Users with Sendmail

[Andrzej A. Filip]

On 01/01/2013 10:18 PM, dormitionsk...@hotmail.com wrote:
> Thank you, Andrzej, for helping us.  I really appreciate it.
>
> It no longer rejects the mail that I try to send to the virtual users.  It 
> just tries to send it for eternity.  SquirrelMail says, "Waiting for 
> localhost".  It does not get rejected.  It does not get sent.  It does not 
> leave anything in any log that I can find.  It does not even seem to time 
> out.  I think I waited at least five minutes while it tried to send a message 
> to a virtual user @localhost.
>
> I'm not sure if I did this right.  Below are my sendmail files.  Of course, I 
> rebuilt the .mc -> .cf file, and all of the .db files.
>
> ---
>
> sendmail.mc
>
> divert(-1)
> #
> # Copyright (c) 1983 Eric P. Allman
> # Copyright (c) 1988, 1993
> # The Regents of the University of California.  All rights reserved.
> #
> # Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
> # Use is subject to license terms.
> #
> #  This is a configuration file for SunOS 5.8 (a.k.a. Solaris 8) and later
> #  subsidiary machines.  It has support for local and SMTP mail.  The
> #  confFALLBACK_SMARTHOST macro is enabled, which means that messages will
> #  be sent to that host (which is set to mailhost.$m [$m is the local domain])
> #  if MX records are unavailable.  A short-cut rule is also defined, which
> #  says if the recipient host is in the local domain, send to it directly
> #  instead of the smart host.
> #
> #  If you want to customize this further, copy it to a name appropriate
> #  for your environment and do the modifications there.
> #
>
> divert(0)dnl
> VERSIONID(`sendmail.mc (Sun)')
> OSTYPE(`solaris8')dnl
> DOMAIN(`solaris-generic')dnl
> define(`confFALLBACK_SMARTHOST', `mailhost$?m.$m$.')dnl
>
> define(`PROCMAIL_MAILER_PATH',`/usr/bin/procmail')dnl
> FEATURE(local_procmail,`',`procmail -t -Y -a $h -d $u')dnl
>
> FEATURE(`mailertable')
>
> FEATURE(`access_db')
> FEATURE(`blacklist_recipients')
>
>
> MAILER(`local')dnl
> MAILER(`smtp')dnl
>
> MAILER(`procmail')dnl
> MAILER(`dovecot')dnl
>
>
> LOCAL_CONFIG
> # declare DOVECOT "magic word"
> CPDOVECOT
>
> LOCAL_NET_CONFIG
> R$* < @ $* .$m. > $*  $#esmtp $@ $2.$m $: $1 < @ $2.$m. > $3
>
>
> ---
>
> access -- I am wondering if this is the problem?
>
> # Check the /usr/share/doc/sendmail/README.cf file for a description
> # of the format of this file. (search for access_db in that file)
> # The /usr/share/doc/sendmail/README.cf is part of the sendmail-doc
> # package.
> #
>
> to:DOVECOT REJECT
>
> # by default we allow relaying from localhost...
> localhost.localdomain RELAY
> localhost RELAY
> 127.0.0.1 RELAY
> dsicons.net   RELAY
> dormitionskete.netRELAY
> holyapostlesconvent.org   RELAY
> dormitionskete.info   RELAY
> 174.32.127.90 RELAY
> 174.32.127.91 RELAY
> 174.32.127.92 RELAY
> 174.32.127.93 RELAY
> 174.32.127.94 RELAY
>
>
> ---
>
> aliases
>
> #
> # Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
> # Use is subject to license terms.
> #
> # CDDL HEADER START
> #
> # The contents of this file are subject to the terms of the
> # Common Development and Distribution License, Version 1.0 only
> # (the "License").  You may not use this file except in compliance
> # with the License.
> #
> # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
> # or http://www.opensolaris.org/os/licensing.
> # See the License for the specific language governing permissions
> # and limitations under the License.
> #
> # When distributing Covered Code, include this CDDL HEADER in each
> # file and include the License file at usr/src/OPENSOLARIS.LICENSE.
> # If applicable, add the following below this CDDL HEADER, with the
> # fields enclosed by brackets "[]" replaced with your own identifying
> # information: Portions Copyright [] [name of copyright owner]
> #
> # CDDL HEADER END
> #
> #
> #ident"%Z%%M% %I% %E% SMI"
>
> ##
> #  Aliases can have any mix of upper and lower case on the left-hand side,
> # but the right-hand side should be proper case (usually lower)
> #
> # >>  The program "newaliases" must be run after
> # >> NOTE >>  this file is updated for any changes to
> # >>  show through to sendmail.
> ##
>
> # The following alias is required by the mail protocol, RFC 2821
> # Set it to the address of a HUMAN who deals with this system's mail problems.
> postmaster: root
>
> # Alias for mailer daemon; returned messages from our MAILER-DAEMON
> # should be routed to our local Postmaster.
> MAILER-DAEMON: postmaster
>
> # General redirections for pseudo accounts.
> bin:  root
> daemon:   root
> system:   root
> toor: root
> uucp: root
>
> # Well-known aliases.
> manager:  root
> dumper:   root
> operator: 

Re: [Dovecot] Dovecot Virtual Users with Sendmail

[Andrzej A. Filip]

On 01/01/2013 06:40 PM, dormitionsk...@hotmail.com wrote:
> On Jan 1, 2013, at 10:31 AM, Andrzej A. Filip wrote:
>
>> On 12/31/2012 04:19 AM, dormitionsk...@hotmail.com wrote:
>>> [...]
>> 1) Do you use virtual users with or without domain part?
>> [virtual-user or virtual-u...@exaple.net ]
>
> Without.
>
> virtual-user
>
>
>> 2) How many entries do you have in paswdb/userdb files?
>> [<100,<1000,]
> <100
>
> Around 10.
>
>
>> 3) Is SMTP AUTH crucial for virtual users?
>>
> No.  I'd like it, but it's not crucial.
>
> We don't have it now for anyone.  The only way we access our email outside 
> the monastery is through SquirrelMail.  I was hoping to add that with this 
> server upgrade.  It'd be nice to open our email access up more, but we can 
> live without it if we have to.
Based on the above replies I would suggest first modified version of the
recipe below. There are many other ways but it seems to best fit your
case with simple and stable changes to sendmail.mc/sendmail.cf.
  http://anfi.homeunix.org/sendmail/localNalias.html

1) In *.mc file add
LOCAL_CONFIG
# declare DOVECOT "magic word"
CPDOVECOT

2) Deliver messages to *@DOVECOT using dovecot mailer [requires
FEATURE(`mailertable')].
mailertable:
DOVECOT dovecot:localhost

3) Do not accept messages to *@DOVECOT via SMTP [requires
FEATURE(`access_db') and FEATURE(`blacklist_recipients')] access:
to:DOVECOT REJECT

4) create aliases for virtualusers (one alias per one virtual user)
aliases:
virtualuser1: virtualuser1@DOVECOT
virtualuser2: virtualuser2@DOVECOT

Comments about "narrowing" questions:
1) case with domain part is usually more complex
2) sendmail may be configured to check recipient existence in dovecot's
userdb/paswdb files but it would use method I would not recommend for
bigger userdb/passwd files
3) sendmail supports cyrus-sasl, sendmail does not support dovecot-sasl

Re: [Dovecot] Dovecot Virtual Users with Sendmail

[Andrzej A. Filip]

On 12/31/2012 04:19 AM, dormitionsk...@hotmail.com wrote:
> [...]

1) Do you use virtual users with or without domain part?
[virtual-user or virtual-u...@exaple.net ]
2) How many entries do you have in paswdb/userdb files?
[<100,<1000,]
3) Is SMTP AUTH crucial for virtual users?

Re: [Dovecot] find virtual users [sendmail]

[Andrzej A. Filip]

On 08/06/2012 10:09 AM, Rafael Nathan wrote:
> Can sendmail find virtual users in /etc/dovecot/passwd ?
> If yes, what are the necesary changes I have to make ?
>
> Urgent help needed. Thanks in advance.
Sendmail/sendmail.cf can do lookups in passwd like files => It should be
possible to check recipient existence before "RCPT TO:" reply.
SMTP AUTH is another story.

There are a few+ ways to integrate sendmail and dovecot.
Which one do you use?

Re: [Dovecot] what best for anti-spam filter? [greylisting]

[Andrzej A. Filip]

On 07/24/2012 11:45 AM, Emmanuel Dreyfus wrote:
> On Tue, Jul 24, 2012 at 03:38:00AM -0500, Stan Hoeppner wrote:
>> Greylisting only stops bots.  It is resource intensive, and causes
>> delivery delays.  There exist bot spam killing solutions that are just
>> as effective, with less downside.  Two are Postfix' postscreen daemon,
>> and fqrdns.pcre, which rejects based on consumer/dynamic looking rDNS.
> I use that in order to decide the greylisting delay: suspect IP get a
> 12 hours greylist, everyone else gets 15 mn, or 0 if whitelisted by 
> recipeients. It works quite well. 
Have you considered using some dnswl (whitelist) to turn off greylisting
for some hosts?
e.g. dnswl.org. Greylisting for dnswl.org "none" level (the lowest
trust) makes (some) sense only if you use bulk detectors like
razor/pyzor/DCC.

Re: [Dovecot] postfix/sendmail configuration

[Andrzej A. Filip]

On 07/20/2012 05:31 PM, Gary Partis wrote:
> I have searched the net and cant find anything relating to this.
>
> In 15-lda.conf, the default sendmail is used to send messges from
> Dovecot, such as "out of hours" and "redirected" emails controlled by
> sieves.
>
> However, postfix/sendmail is looking in /etc/postfix/main.cf for the
> configuration file (as logged in /var/log/maillog), but I have the
> config file elsewhere, and I even have MAIL_CONFIG setup to point to
> the true config directory.
>
> Is there a method of setting 15-lda.conf sendmail config to ensure it
> uese the correct postfix config file?
Have you considered setting "sendmail_path" to your custom "sendmail
wrapper" script?
It should allow you to pass extra command line options to
sendmail/postfix [e.g. non standard location of the configuration file].

IMHO on long run docvecot configuration should support passing extra
command line parameters to sendmail  (e.g. via "sendmail_options").

Re: [Dovecot] ot: execute a script via email? [procmail]

[Andrzej A. Filip]

On 07/13/2012 09:06 PM, Reindl Harald wrote:
>
> Am 13.07.2012 20:46, schrieb Wojciech Puchar:
>>> Stable release
>>>  3.22 /
>>> September 10, 2001
>>> [...]
>>> Procmail is widely used on Unix
>>> -based systems and stable, but no
>>> longer maintained; users who wish to use a maintained
>>> program are advised to use an alternative MDA, 
>>>
>> can you explain what is wrong in using greatly working program just because 
>> there are no new versions?
>>
>> What kind of external "maintenance" you need for it?
>> Sorry but your warning is a pure nonsense. procmail is mature software and 
>> that's adventage
> http://www.cvedetails.com/product/392/Procmail-Procmail.html?vendor_id=225
>
> hopefully there will be not found any new
> security problem now withut get fixed
1) IMHO Stable stream of new versions usually indicate maintenance group
ready to fix would be vulnerabilities.
2) I miss LMTP support in procmail. AFAIR it has been supported in some
versions but current Debian version no longer mentions it in the man page.

10 years old version is something that IMHO must be mentioned when
recommending procmail. For some people it is not important, for some
people it is important information/hint.

Re: [Dovecot] ot: execute a script via email? [procmail]

[Andrzej A. Filip]

On 07/13/2012 11:14 AM, Wojciech Puchar wrote:
>> anyone has any tips what's best way to execute a script via email ?
>
> use procmail - it's easy and actually works. you can do basically
> everything with procmail.
>
> This question is off topic, dovecot is not SMTP agent.
>
>> I have a wget script that fetches some pages, and, emails me the output,
>> there is no paramters passed, it's all in the script
>> I'll like to email in and action the script to get the results email
>>
>
> use procmail and possibly formail to execute anything and optionally
> reply the result
>
> man procmailrc
> man procmailex
> man formail
>
> make sure procmail is actually executed on your mail system. depends
> of your MTA.

Are you willing to recommend procmail without any warnings/disclaimers
whatsoever?

http://en.wikipedia.org/wiki/Procmail ">
Stable release
 3.22 /
September 10, 2001
[...]
Procmail is widely used on Unix
-based systems and stable, but no
longer maintained; users who wish to use a maintained
program are advised to use an alternative MDA, 

Re: [Dovecot] ot: execute a script via email?

[Andrzej A. Filip]

On 07/13/2012 03:42 AM, Ken Anderson wrote:
>
> Voytek Eymont  wrote:
>
>> anyone has any tips what's best way to execute a script via email ?
>>
>> I have a wget script that fetches some pages, and, emails me the
>> output,
>> there is no paramters passed, it's all in the script
>> I'll like to email in and action the script to get the results email
>>
>>
>> -- 
>> Voytek
> Old school - in /etc/aliases you can set:
> user  "|/home/user/script"
> And read the mail from stdin. 
> Ken

There is available dovecot specific sieve extension (vnd.dovecot.pipe
)
to pipe messages to a pre-defined set of external programs.

http://wiki2.dovecot.org/Pigeonhole/Sieve

Re: [Dovecot] getting rid of old spam from +spam Maildir ? [ auto purging spambox]

[Andrzej A. Filip]

On 07/12/2012 12:29 PM, Wojciech Puchar wrote:
>>> is spam, but provide proper SMTP response.
>>
>> I personally do not recommend rejecting cases (very) close to spam/ham
>> border in SMTP session
> well i have very very low amount of misses
>
> but consider generating meaningful SMTP response like "if you are not
> spammer call us, so we will fix it"
1) I personally do not like using ONLY binary choice [accept/reject (in
SMTP session)]. I personally do prefer something for (small) range in
between.
2) IMHO senders' opinions are much less relevant than recipients'
opinions for postmaster of receiving server.
[received e.g. via antispam plug-in of dovecot (moving messages in/out
spambox folder]

Re: [Dovecot] getting rid of old spam from +spam Maildir ? [ auto purging spambox]

[Andrzej A. Filip]

On 07/10/2012 07:11 PM, Wojciech Puchar wrote:
>>> if I simply delete mail files from the file system, is that a 'bad
>>> thing' ?
>>> [...]
>> IMHO 7 days is dangerously too short. False positives during vacations
>> happen too ;-)
>>
>> I would suggest at least 30 days (as used by Gmail).
>>
> or use spam system that NEVER actually receive something it thinks it
> is spam, but provide proper SMTP response.

I personally do not recommend rejecting cases (very) close to spam/ham
border in SMTP session
BUT IMHO
accepting to many spams into spambox makes "final check by the
recipient" a laughing stock/dangerous illusion.

Re: [Dovecot] getting rid of old spam from +spam Maildir ? [ auto purging spambox]

[Andrzej A. Filip]

On 07/10/2012 01:25 PM, Voytek Eymont wrote:
> I'm trying to setup per user '+spam' delivery from amavis tags, so that
> each user gets any mails tagged as spam to 'spam' Maildir via +spam
> Dovecot lmtp delivery.
>
> after say 7 days I want to delete all spams older than 7 days,
> if I simply delete mail files from the file system, is that a 'bad thing' ?
> [...]
IMHO 7 days is dangerously too short. False positives during vacations
happen too ;-)

I would suggest at least 30 days (as used by Gmail).

Re: [Dovecot] Hardware infrastructure for email system

[Andrzej A. Filip]

On 06/23/2012 01:23 PM, Reindl Harald wrote:
>
> Am 23.06.2012 13:09, schrieb Wojciech Puchar:
>> Finally i would recommend to get rid of RAID6. It's terribly slow on writes 
>> and 
>> writes are common on mail server.
> depends, it is slower than RAID5, but safer
>
>> Buy cheapest but largest SATA drive and use RAID1 (or RAID1+0) setup.
> oh no please do not recommend SATA crap with RAID1 and think
> it is faster than RAID6 - the additional writes doe snot mat
> if the whole disk-system is much faster and RAID1 has no benefit
> in performance
>
> nobody will use SATA disks for high peformance servers in
> production - really nobody these days!
Could you specify/define your idea of "high performance servers" land
border?
It may reduce the flame war.