Problems To Get Dovecot Running On FreeBSD: auth process crashes
Hello, I ran into problems to get Dovecot running on FreeBSD. Steps for reproduction. Start Docot with dovecot -F (same result if started by rc script) telnet 192.168.116.38 110 Trying 192.168.116.38... Connected to freebsd. Escape character is '^]'. -ERR Disconnected: Auth process broken Connection closed by foreign host. logfile shows following: May 22 11:41:24 freebsd dovecot: master: Dovecot v2.2.18 starting up for imap, pop3, lmtp, sieve May 22 11:41:27 freebsd dovecot: auth: Error: auth: environment corrupt; missing value for DOVECOT_ May 22 11:41:27 freebsd dovecot: auth: Fatal: unsetenv(RESTRICT_SETUID) failed: Bad address May 22 11:41:27 freebsd dovecot: master: Error: service(auth): command startup failed, throttling for 2 secs May 22 11:41:27 freebsd dovecot: pop3-login: Disconnected: Auth process broken (disconnected before auth was ready, waited 1 secs): user=, rip=192.168.116.1, lip=192.168.116.38, session=cBLNdqgWWADAqHQB May 22 11:41:32 freebsd dovecot: master: Warning: Killed with signal 2 (by pid=0 uid=0 code=kernel) Error message is quite meaningless regarding reason for crash. I am running same config on a Linux (Debian 8) host w/o problems. Is it a problem specific to FreeBSD? Christian ---cut here--- [root@freebsd /usr/local/etc/dovecot]# doveconf -n # 2.2.18: /usr/local/etc/dovecot/dovecot.conf # Pigeonhole version 0.4.8 (0c4ae064f307+) # OS: FreeBSD 10.1-RELEASE-p10 amd64 auth_debug = yes auth_debug_passwords = yes auth_master_user_separator = * auth_mechanisms = plain login auth_ssl_username_from_cert = yes auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@# auth_username_translation = @# auth_verbose = yes base_dir = /var/run/dovecot/ disable_plaintext_auth = no first_valid_uid = 124 hostname = mail.taunusstein.net last_valid_uid = 124 lda_mailbox_autocreate = yes listen = 192.168.116.38 log_timestamp = %Y-%m-%d %H:%M:%S login_greeting = mail.taunusstein.net imap4/pop3 ready. mail_gid = 124 mail_location = maildir:~/Maildir mail_privileged_group = vmail mail_uid = 124 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate imapflags notify namespace { list = children location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u prefix = shared/%%u/ separator = / subscriptions = no type = shared } namespace inbox { inbox = yes list = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox Sent Messages { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / type = private } passdb { args = /usr/local/etc/dovecot/passwd.masterusers driver = passwd-file master = yes } passdb { driver = pam } plugin { acl = vfile:/etc/dovecot/global-acls:cache_secs=300 acl_shared_dict = file:/var/lib/dovecot/shared-mailboxes autocreate = Trash autocreate2 = Drafts autosubscribe = Trash autosubscribe2 = Drafts fts = solr fts_solr = break-imap-search url=http://solr.lan:8983/solr/ quota = maildir:User quota quota_rule = *:storage=500M quota_rule2 = Trash:storage=+100M quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u recipient_delimiter = + sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_extensions = +notify +imapflags } postmaster_address = postmas...@taunusstein.net protocols = imap pop3 lmtp sieve sendmail_path = /usr/lib/sendmail service anvil { client_limit = 4000 } service auth-worker { group = vmail } service auth { client_limit = 8000 unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-master { group = vmail mode = 0660 user = vmail } unix_listener auth-userdb { group = postfix mode = 0666 user = postfix } user = root } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } process_limit = 1024 } service imap-postlogin { executable = script-login /opt/dovecot-cf/bin/lastlogin.py } service imap { executable = imap imap-postlogin } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0660 user = postfix } } service managesieve-login { inet_listener sieve { port = 4190 } inet_listener sieve_deprecated { port = 2000 } } service pop3-login { inet_listener pop3 { port = 110 } inet_listener pop3s { port = 995 ssl = yes } process_limit = 1024 } service pop3-postlogin { executable = script-login /opt/dovecot-cf/bin/lastlogin.py } service pop3 { executable = pop3 pop3-postlogin } service quota-warning
Schema Patch to get Dovecot running with Solr 4.10.3
Hello, AFAIK a known problem with newer Apache Solr versions. If you patch Dovecots solr-schema.xml Dovecot will work with Solr 4.10.3: --- solr-schema.xml 2015-01-05 09:12:51.080196122 +0100 +++ /home/solr/solr/example/solr/collection1/conf/schema.xml2015-01-05 09:31:48.320206660 +0100 @@ -51,6 +51,7 @@ field name=cc type=text indexed=true stored=false / field name=bcc type=text indexed=true stored=false / field name=subject type=text indexed=true stored=false / + field name=text type=text indexed=true stored=false / !-- Used by Solr internally: -- field name=_version_ type=long indexed=true stored=true/ This patch was created regarding Dovecot 2.2.15, for Dovecot configuration please follow instructions at http://wiki2.dovecot.org/Plugins/FTS/Solr Christian
[Dovecot] Multiple Instances Of Dovecot On One Messagebase
Hello, I would like to run multiple instances of Dovecot with same message base (maildir format) Will this set up work or would that destroy message base? Intention is to offer different authentication methods to users, username/password and client certificates. Those instances should run on different IP addresses which is supported by Dovecot. Unfortunately Dovecot does not allow different auth configs in local ip {} sections. best regards Christian
[Dovecot] Incompatibility Thunderbirds Auth Mech TLS-Certificate - Dovecot
Hello, it seems there there is an issue regarding TLS-Certtificate authentication in Thunderbird and Dovecot. Obviously client certificate is recognized by Dovecot: Apr 25 14:29:01 dovecot dovecot: imap-login: Valid certificate: /emailAddress=christian.fels...@example.net/CN=Christian Felsing (Test)/OU=CF Certificates/O=example.net/C=DE AFAIK Dovecot always requires IMAP login, even in static passdb config. Static means arbitrary password is ok, but not no login I hope, I am wrong, following log entry gave a hint, what Thunderbird does or more precisely - not do: Apr 25 14:29:01 dovecot dovecot: imap-login: Disconnected (no auth attempts in 5 secs): user=, rip=192.168.1.99, lip=192.168.42.1, TLS, session=3+1THN33NQBtWq5D Dovecot wants an IMAP login, but Thunderbird does not so. I am not sure if that is a bug (or feature) of Dovecot or Thunderbird. Thunderbird does several strange things on client certificates: 1st) If Dovecot is configured to request a client certificate and Thunderbird is configured to use plain text auth, Thunderbird offers a client certificate and login succeeds as configured in Dovecot. Unfortunately Thunderbird uses same certificate for all configured accounts to that host. Very bad if Dovecot reads username from certificate attributes. 2nd) If Dovecot is configured to request a client certificate and Thunderbird is configured to use TLS-Certificate, Thunderbird also offers a client certificate, but Dovecot requests login from Thunderbird. That fails, because Thunderbird assumes TLS-Certificate is enough for successful log. If it is true that Dovecot is not compatible to Thunderbirds way of TLS-Certificate Authentication, I consider to set up a proxy, which supports that way. May be Nginx would be a solution, it supports IMAP and LUA module plus some LUA code will fake the authentication. This is an ugly hack so I would like to avoid that, if anybody has a better solution. Thunderbird is a very widespread IMAP client so it should not be ignored. best regards Christian ---Dovecot config--- # /opt/dovecot/bin/doveconf -n # 2.2.12: /opt/dovecot/etc/dovecot-cert/dovecot.conf # OS: Linux 3.2.0-4-amd64 x86_64 Debian 7.4 auth_debug = yes auth_debug_passwords = yes auth_master_user_separator = * auth_ssl_require_client_cert = yes auth_ssl_username_from_cert = yes auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@# auth_username_translation = @# base_dir = /var/run/dovecot-cert first_valid_uid = 124 last_valid_uid = 124 listen = 192.168.42.1 log_timestamp = %Y-%m-%d %H:%M:%S login_greeting = example.net imap4/pop3 (cert only) ready. mail_gid = 124 mail_location = maildir:~/Maildir mail_privileged_group = vmail mail_uid = 124 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave imapflags notify namespace { list = children location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u prefix = shared/%%u/ separator = / subscriptions = no type = shared } namespace inbox { inbox = yes list = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox Sent Messages { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / type = private } passdb { args = password=test driver = static } plugin { acl = vfile:/etc/dovecot/global-acls:cache_secs=300 acl_shared_dict = file:/var/lib/dovecot/shared-mailboxes autocreate = Trash autocreate2 = Drafts autosubscribe = Trash autosubscribe2 = Drafts quota = maildir:User quota quota_rule = *:storage=500M quota_rule2 = Trash:storage=+100M quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u recipient_delimiter = + sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_extensions = +notify +imapflags } protocols = imap pop3 lmtp sieve service anvil { client_limit = 4000 } service auth-worker { group = vmail } service auth { client_limit = 8000 unix_listener auth-master { group = vmail mode = 0660 user = vmail } unix_listener auth-userdb { group = vmail mode = 0660 user = dovecot } user = root } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } process_limit = 1024 } service imap-postlogin { executable = script-login /opt/cfbin/lastlogin.sh } service imap { executable = imap imap-postlogin } service managesieve-login { inet_listener sieve { port = 4190 } inet_listener sieve_deprecated { port = 2000 } } service pop3-login { inet_listener pop3 { port = 110 } inet_listener pop3s { port = 995 ssl = yes } process_limit = 1024
[Dovecot] AD Kerberos and Dovecot
Hello, I got stucked on Kerberos auth with Dovecot: Jan 22 17:48:36 test dovecot: auth: Error: LDAP: binding failed (dn cn=AUTH\_ldap): Local error, SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Credentials cache file '/tmp/krb5cc_1003' not found) kinit and and ldapsearch with gssapi auth are working. Are there instructions how to set up Kerberos auth with Dovecot and Active Directory? How does Dovecot handle Kerberos tickets? best regards Christian
Re: [Dovecot] Dovecot MTA
Hi Timo, Am 08.11.2013 14:07, schrieb Timo Sirainen: I've never really wanted to create my own MTA, because I like Postfix quite a lot. And I always thought it would require a horribly lot of ...and there virtually nothing which could not be built with Postfix. Maybe a Postfix addon/proxy for easier integration of Dovecot would help. If I need a very fast MTA for e.g. a Raspberry based mail system I would prefer qmail as MTA. My main design goals for the MTA are: ... hmm - I consider still to use Postfix as MTA, because it is a nightmare to replace all those MTA monitoring tools, log analyzer and other support tools. Did you asked Wietse for those improvements in Postfix? So perhaps something like this could be done in time for Dovecot v2.4. Any thoughts/ideas/suggestions? To the risk to become off topic: Please consider to add server side private/public key encryption for incoming mails. If client logs on, the password is used to unlock users server side private key. If mail arrives from MTA or any other source, mail is encrypted with users public key. Key pair should be located in LDAP or SQL server. PGP and S/MIME should be supported. This is for the situation if NSA or other organizations asks admin for users mail insistently, see http://xkcd.com/538/ A much better solution would be to improve IMAP protocol to allow user to use his client certificate not only for authentication on IMAP server but decrypt his mails also. Dovecot needs only public key and client does decryption. This should not replace end-to-end encryption provided by enigmail etc. Christian
Re: [Dovecot] pigeonhole sources no more available
Hello, until problem is resolved, I provide that on https://x.ip6.li/dovecot-2.2-pigeonhole-0.4.2.tar.gz best regards Christian Felsing Am 29.10.13 04:05, schrieb m...@electronico.nc: Please excuse me for this message but I can't find the pigeonhole sources available anymore. Points to (for latest sources) : http://www.rename-it.nl/dovecot/2.2/dovecot-2.2-pigeonhole-0.4.2.tar.gz
[Dovecot] Problems with openssl library path
Hello, I tried to compile Dovecot 2.2.5 on Debian 6 with an alternate OpenSSL installation located at /usr/local/ssl A compilation with CPPFLAGS=-I/usr/local/ssl/include \ LDFLAGS=-L/usr/local/ssl/lib -Wl,-rpath=/usr/local/ssl/lib \ SSL_LIBS=-L/usr/local/ssl/lib -Wl,-rpath=/usr/local/ssl/lib \ ./configure \ --prefix=/opt/dovecot-2.2.5 \ --enable-asserts \ --enable-largefile \ --with-ldap=yes \ --with-zlib \ --with-bzlib \ --with-libcap \ --with-ssl=openssl \ --with-gc \ --with-storages=maildir,mbox,mdbox,cydir \ create a working Dovecot, but it still uses the very old Debian 6 OpenSSL 0.9.8 instead my OpenSSL 1.0.1e LD_LIBRARY_PATH has also no effect, because Dovecot strips it out. Any hints? regards Christian
Re: [Dovecot] Dovecot 2.2rc3 Client Cert Auth and Webmail - auth_ssl_require_client_cert problem
Hi Timo, thank you for that hint. SELECT NULL AS password, 'Y' as nopassword, userid AS user FROM users WHERE userid = '%u' does not work, seems Dovecot 2.2rc3 ignores nopassword, so my solution is: password_query = SELECT MD5('%w') AS password, userid AS user FROM users WHERE (userid = '%u') and (('%k' = 'valid') or ('%r' = '192.168.116.30')); so Dovecot accepts any password provided by user. This solution works now for users which are directily using imap or pop3 _and_ for users which are using Horde webmail frontend backed by Dovecot. This is now a configuration which does not need any passwords stored on server which provides IMHO more security. best regards Christian Am 31.03.2013 10:29, schrieb Timo Sirainen: Is there any way to turn off client certs for specific local or remote IP addresses? In your passdb you can use %r = remote IP and %k = certificate valid to figure out if the user is allowed or not. For example with SQL passdb that would be possible, or checkpassword. http://wiki2.dovecot.org/Variables
Re: [Dovecot] Dovecot 2.2rc3 Client Cert Auth and Webmail - auth_ssl_require_client_cert problem
There were log entries regarding that problem: Mar 25 11:05:21 dovecot dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=imap#011secured#011valid-client-cert#011sessi on=J8pV8bzYIACwxigG#011cert_username=u...@example.net#011lip=192.168.200.22#011rip=192.168.200.6#011lport=993#011rport=8480 Mar 25 11:05:21 dovecot dovecot: auth: Debug: client passdb out: CONT#0111#011 Mar 25 11:05:21 dovecot dovecot: auth: Debug: client in: CONThidden Mar 25 11:05:21 dovecot dovecot: auth: Debug: sql(u...@example.net,192.168.200.6,J8pV8bzYIACwxigG): query: SELECT NULL AS password, 'Y' as nopassword, userid AS user FROM users WHERE userid = 'u...@example.net' Mar 25 11:05:21 dovecot dovecot: auth: Debug: client in: CONThidden Mar 25 11:05:21 dovecot dovecot: auth: sql(u...@example.net,192.168.200.6,J8pV8bzYIACwxigG): Empty password returned without nopassword Mar 25 11:05:23 dovecot dovecot: auth: Debug: client passdb out: FAIL#0111#011user=u...@example.net Dovecot got nopassword but does still not accept an empty password. Christian Am 31.03.2013 15:18, schrieb Timo Sirainen: On 31.3.2013, at 15.47, Christian Felsing hostmas...@taunusstein.net wrote: thank you for that hint. SELECT NULL AS password, 'Y' as nopassword, userid AS user FROM users WHERE userid = '%u' does not work, seems Dovecot 2.2rc3 ignores nopassword, so my solution is: I don't understand. I remember some other mail about this as well. It works fine with my tests.. What does it log with you?
Re: [Dovecot] Dovecot 2.2rc3 Client Cert Auth and Webmail - auth_ssl_require_client_cert problem [solved]
Thank you, works now with 'Y' as nopassword :-) best regards Christian Am 31.03.2013 17:16, schrieb Timo Sirainen: On 31.3.2013, at 17.38, Christian Felsing hostmas...@taunusstein.net wrote: There were log entries regarding that problem: Ah, you were using PostgreSQL and I tested MySQL. They are handled somewhat differently. This should fix it: http://hg.dovecot.org/dovecot-2.2/rev/37cd62516b37
[Dovecot] Dovecot 2.2rc3 Client Cert Auth and Webmail - auth_ssl_require_client_cert problem
Hello, I would like to set up a Dovecot based mail system which uses X.509 Client Certificates for authentication. A webmail system based on Horde5 should use Dovecot as backend. For now Dovecot works with client certificates issued by my CA and Horde authenticates also with same client certs. Due to protocol it is impossible to use client certs presented by user to Horde for authentication at Dovecot, so Horde should be allowed to authenticate itself without or an arbitrary password to Dovecot. Horde and Dovecot are running in same protected LAN. Unfortunately Dovecot does not support different authentication methods on different IP addresses or ports. This does not work: remote 192.168.116.28/32 { auth_ssl_require_client_cert = no auth_ssl_username_from_cert = yes disable_plaintext_auth = no ssl = yes } Result is doveconf: Fatal: Error in configuration file /opt/dovecot-2.2.rc3/etc/dovecot/conf.d/10-auth.conf line 103: Auth settings not supported inside local/remote blocks: auth_ssl_require_client_cert Replacing auth_ssl_require_client_cert = no by ssl_verify_client_cert = no does not yield in an error, but it does nothing, Dovecot still insists for a client certificate. I afraid that I am trapped by this problem: http://dovecot.2317879.n4.nabble.com/Problem-with-requiring-client-certificates-for-external-connections-tp475.html Is there any way to turn off client certs for specific local or remote IP addresses? best regards Christian
[Dovecot] nopassword not working in Dovecot 2.2rc3?
Hello, I got some problems while set up a test system for Client Cert Auth, therefore passwords are not requred. SELECT NULL AS password, 'Y' as nopassword, userid AS user FROM users WHERE userid = 'u...@example.net' shows exactly what is expected, bur Dovecot does net regongnize 'Y' as nopassword: Mar 25 11:18:04 dovecot dovecot: auth: Debug: sql(u...@example.net,192.168.200.6,gndyHr3Y/gCwxigG): query: SELECT NULL AS password, 'Y' as nopassword, userid AS user FROM users WHERE userid = 'u...@example.net' Mar 25 11:18:04 dovecot dovecot: auth: sql(u...@example.net,192.168.200.6,gndyHr3Y/gCwxigG): Empty password returned without nopassword Mar 25 11:18:06 dovecot dovecot: auth: Debug: client passdb out: FAIL#0112#011user=u...@example.net Mar 25 11:18:07 dovecot dovecot: imap-login: Disconnected (auth failed, 2 attempts in 9 secs): user=u...@example.net, method=PLAIN, rip=192.168.200.6, lip=192.168.200.22, TLS As shown on http://wiki2.dovecot.org/AuthDatabase/SQL select statement above should prevent Dovecot from verifying password. any hints? best regards Christian
[Dovecot] Crash while moving mail between private folder and shared folder
Hello, while moving a mail from a private folder (inbox) to a shared folder and back to private folder Dovecot 2.2rc3 crashes: ---cut here--- Mar 23 09:57:44 dovecot dovecot: imap-login: Login: user=john@example.net, method=PLAIN, rip=192.168.200.6, lip=192.168.200.22, mpid=19423, TLS Mar 23 09:57:44 dovecot dovecot: imap(john@example.net): Panic: file mail-namespace.c: line 654 (mail_namespace_find): assertion failed: (ns != NULL) Mar 23 09:57:44 dovecot dovecot: imap(john@example.net): Error: Raw backtrace: /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(+0x608fa) [0x7f82f65b28fa] - /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(+0x6093e) [0x7f82f65b293e] - /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7f82f657435b] - /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot-storage.so.0(mail_namespace_find_unalias+0) [0x7f82f686b590] - /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot-storage.so.0(mail_namespace_find_unalias+0x19) [0x7f82f686b5a9] - /opt/dovecot-2.2.rc3/lib/dovecot/lib10_quota_plugin.so(+0x57bd) [0x7f82f51127bd] - /opt/dovecot-2.2.rc3/lib/dovecot/lib10_quota_plugin.so(quota_test_alloc+0xcb) [0x7f82f511424b] - /opt/dovecot-2.2.rc3/lib/dovecot/lib10_quota_plugin.so(quota_try_alloc+0x3d) [0x7f82f511445d] - /opt/dovecot-2.2.rc3/lib/dovecot/lib10_quota_plugin.so(+0xb00b) [0x7f82f511800b] - /opt/dovecot-2.2.rc3/lib/dovecot/lib01_acl_plugin.so(+0xc7cb) [0x7f82f552d7cb] - /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot-storage.so.0(mailbox_copy+0x5f) [0x7f82f687274f] - /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot-storage.so.0(mailbox_move+0x10) [0x7f82f6872810] - dovecot-01/imap() [0x40d29d] - dovecot-01/imap(command_exec+0x3c) [0x4161ec] - dovecot-01/imap() [0x415250] - dovecot-01/imap() [0x41530a] - dovecot-01/imap(client_handle_input+0x115) [0x4155c5] - dovecot-01/imap(client_input+0x72) [0x415972] - /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x36) [0x7f82f65c20e6] - /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xd7) [0x7f82f65c2f37] - /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(io_loop_run+0x28) [0x7f82f65c1c28] - /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f82f6579473] - dovecot-01/imap(main+0x270) [0x40b950] - /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xfd) [0x7f82f61e6ead] - dovecot-01/imap() [0x40baad] Mar 23 09:57:44 dovecot dovecot: imap(john@example.net): Fatal: master: service(imap): child 19423 killed with signal 6 (core dumps disabled) Mar 23 09:57:44 dovecot dovecot: imap-login: Login: user=john@example.net, method=PLAIN, rip=192.168.200.6, lip=192.168.200.22, mpid=19425, TLS Mar 23 09:57:44 dovecot dovecot: imap(john@example.net): Panic: file mail-namespace.c: line 654 (mail_namespace_find): assertion failed: (ns != NULL) Mar 23 09:57:44 dovecot dovecot: imap(john@example.net): Error: Raw backtrace: /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(+0x608fa) [0x7f66ed9a58fa] - /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(+0x6093e) [0x7f66ed9a593e] - /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7f66ed96735b] - /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot-storage.so.0(mail_namespace_find_unalias+0) [0x7f66edc5e590] - /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot-storage.so.0(mail_namespace_find_unalias+0x19) [0x7f66edc5e5a9] - /opt/dovecot-2.2.rc3/lib/dovecot/lib10_quota_plugin.so(+0x57bd) [0x7f66ec5057bd] - /opt/dovecot-2.2.rc3/lib/dovecot/lib10_quota_plugin.so(quota_test_alloc+0xcb) [0x7f66ec50724b] - /opt/dovecot-2.2.rc3/lib/dovecot/lib10_quota_plugin.so(quota_try_alloc+0x3d) [0x7f66ec50745d] - /opt/dovecot-2.2.rc3/lib/dovecot/lib10_quota_plugin.so(+0xb00b) [0x7f66ec50b00b] - /opt/dovecot-2.2.rc3/lib/dovecot/lib01_acl_plugin.so(+0xc7cb) [0x7f66ec9207cb] - /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot-storage.so.0(mailbox_copy+0x5f) [0x7f66edc6574f] - /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot-storage.so.0(mailbox_move+0x10) [0x7f66edc65810] - dovecot-01/imap() [0x40d29d] - dovecot-01/imap(command_exec+0x3c) [0x4161ec] - dovecot-01/imap() [0x415250] - dovecot-01/imap() [0x41530a] - dovecot-01/imap(client_handle_input+0x115) [0x4155c5] - dovecot-01/imap(client_input+0x72) [0x415972] - /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x36) [0x7f66ed9b50e6] - /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xd7) [0x7f66ed9b5f37] - /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(io_loop_run+0x28) [0x7f66ed9b4c28] - /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f66ed96c473] - dovecot-01/imap(main+0x270) [0x40b950] - /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xfd) [0x7f66ed5d9ead] - dovecot-01/imap() [0x40baad] Mar 23 09:57:44 dovecot dovecot: imap(john@example.net): Fatal: master: service(imap): child 19425 killed with signal 6 (core dumps disabled) Mar 23 09:57:46 dovecot dovecot: imap(john@example.net): Disconnected: Logged out in=192 out=1118 ---cut here---
[Dovecot] Dovecot 2.2, Thunderbird And Client Certificates - Login fails
Hello, I stucked in Thunderbird authentication with X.509 client certs. This is my config (dovecot -n): $ /opt/dovecot/sbin/dovecot -n # 2.2.rc3: /opt/dovecot-2.2.rc3/etc/dovecot/dovecot.conf # OS: Linux 3.2.0-4-amd64 x86_64 Debian 7.0 auth_debug = yes auth_ssl_require_client_cert = yes auth_ssl_username_from_cert = yes auth_verbose = yes base_dir = /home/dovecot/ hostname = mail.ip6.li instance_name = dovecot-01 lda_mailbox_autocreate = yes mail_gid = dovecot mail_uid = dovecot managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace { list = children location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u prefix = shared/%%u/ separator = / subscriptions = no type = shared } namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox Sent Messages { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / type = private } passdb { args = scheme=CRYPT username_format=%u /opt/dovecot/etc/dovecot/mailusers.993 driver = passwd-file } plugin { acl = vfile:/etc/dovecot/global-acls:cache_secs=300 acl_shared_dict = file:/home/dovecot/shared-mailboxes sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } postmaster_address = postmas...@ip6.li protocols = imap pop3 lmtp sieve quota_full_tempfail = yes sendmail_path = /usr/lib/sendmail service managesieve-login { inet_listener sieve { port = 4190 } inet_listener sieve_deprecated { port = 2000 } } ssl_ca = /opt/dovecot/etc/dovecot/ip6li-user-ca.pem ssl_cert = /opt/dovecot/etc/dovecot/mail.taunusstein.net.crt ssl_cert_username_field = emailAddress ssl_key = /opt/dovecot/etc/dovecot/mail.taunusstein.net.key ssl_require_crl = no ssl_verify_client_cert = yes userdb { args = username_format=%u /opt/dovecot/etc/dovecot/mailusers.993 driver = passwd-file } verbose_ssl = yes protocol lda { auth_socket_path = /var/run/dovecot/auth-master mail_plugin_dir = /opt/dovecot/lib/dovecot/lda mail_plugins = } protocol imap { mail_plugins = } protocol lmtp { mail_plugins = } protocol sieve { managesieve_implementation_string = Dovecot Pigeonhole managesieve_logout_format = bytes ( in=%i : out=%o ) } protocol pop3 { mail_plugins = pop3_uidl_format = %08Xu%08Xv } Logfile shows this after Thunderbirds tries to get access: Mar 22 19:22:32 dovecot dovecot: imap-login: Debug: SSL: where=0x10, ret=1: before/accept initialization [192.168.200.6] Mar 22 19:22:32 dovecot dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: before/accept initialization [192.168.200.6] Mar 22 19:22:32 dovecot dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read client hello A [192.168.200.6] Mar 22 19:22:32 dovecot dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write server hello A [192.168.200.6] Mar 22 19:22:32 dovecot dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write certificate A [192.168.200.6] Mar 22 19:22:32 dovecot dovecot: auth: Debug: Loading modules from directory: /opt/dovecot-2.2.rc3/lib/dovecot/auth Mar 22 19:22:32 dovecot dovecot: auth: Debug: Read auth token secret from /home/dovecot//auth-token-secret.dat Mar 22 19:22:32 dovecot dovecot: auth: Debug: passwd-file /opt/dovecot/etc/dovecot/mailusers.993: Read 1 users in 0 secs Mar 22 19:22:32 dovecot dovecot: auth: Debug: auth client connected (pid=20082) Mar 22 19:22:32 dovecot dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write key exchange A [192.168.200.6] Mar 22 19:22:32 dovecot dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write certificate request A [192.168.200.6] Mar 22 19:22:32 dovecot dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 flush data [192.168.200.6] Mar 22 19:22:32 dovecot dovecot: imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client certificate A [192.168.200.6] Mar 22 19:22:32 dovecot dovecot: imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client certificate A [192.168.200.6] Mar 22 19:22:32 dovecot dovecot: imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client certificate A [192.168.200.6] Mar 22 19:22:32 dovecot dovecot: imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client certificate A [192.168.200.6] Mar 22 19:22:32 dovecot dovecot: imap-login: Valid certificate: /CN=IP6LI Root Certification Authority Mar 22 19:22:32 dovecot dovecot: imap-login: Valid certificate: /CN=Intermediate CA for ip6.li users/OU=ip6.li Certificates/O=ip6.li/C=DE Mar 22 19:22:32 dovecot dovecot: imap-login: Valid certificate: /emailAddress=christ...@felsing.lan/CN=Christian Felsing/OU=ip6.li Certificates/O=ip6.li/C=DE Mar 22 19:22:32 dovecot dovecot: imap-login: Debug: SSL: where
Re: [Dovecot] v2.1.11 released
Hi, seems v2.1.11 has broken Pigeonhole 0.3.3 Christian Am 29.11.2012 07:44, schrieb Timo Sirainen: http://dovecot.org/releases/2.1/dovecot-2.1.11.tar.gz http://dovecot.org/releases/2.1/dovecot-2.1.11.tar.gz.sig * lmtp/lda: dovecot.index.cache file is no longer fully mapped to memory, allowing mail deliveries to work even if the file is huge. * auth: userdb passwd lookups are now done by auth worker processes instead of auth master process (as it was documented, but accidentally didn't work that way). + lmtp: lmtp_rcpt_check_quota=yes setting checks quota on RCPT TO. - lmtp: After successful proxying RCPT TO, the next one to a nonexistent user gave tempfail error instead of user not found. - lmtp proxy: Fixed hanging if remote server was down. - imap: Fixed crash when SEARCH contained multiple KEYWORD parameters. - doveadm: Various fixes to handling doveadm-server connections. - -i instance name parameter for Dovecot tools didn't work correctly. - director was somewhat broken in v2.1.10. This version also includes various reliability enhancements. - auth: passdb imap was broken in v2.1.10.
[Dovecot] Update 2.0.12 - 2.0.13 is broken
Hello, today I tried to update 2.0.12 to 2.0.13, but I got those messages, only: Aug 1 10:20:27 mail dovecot: master: Dovecot v2.0.13 starting up (core dumps disabled) Aug 1 10:20:33 mail dovecot: imap-login: Login: user=***@***.**, method=PLAIN, rip=192.168.1.99, lip=192.168.1.1 , mpid=5123, TLS Aug 1 10:20:33 mail dovecot: imap-postlogin: Error: script-login: Error: user ***@***.**: Error reading configurati on: net_connect_unix(/opt/dovecot-2.0.13/var/run/dovecot/config) failed: Permission denied Aug 1 10:20:33 mail dovecot: imap-postlogin: Error: script-login: Fatal: Internal error occurred. Refer to server log for more info rmation. Aug 1 10:20:33 mail dovecot: log: Error: service(imap-postlogin): child 5124 returned error 89 (Fatal failure) What has happened ? Christian
Re: [Dovecot] Pointers for developing a proper encryption plugin?
Am 04.01.2011 07:38, schrieb to...@tuxteam.de: The idea upthread (Jan-Frode) to keep a public key server-side and encrypt messages on arrival seems to me the way to go. I would support that idea. Private key should be encrypted with users passphrase. If user changes password privet key needs to be decrypted with old password and reencrypted with new password. Public key never changes, so maildir is never required to be touched, if user changes password and server does not need to know users secret to receive mail. I would wish that Timo would consider to implement required functions to plugin API, so such a plugin would be possible without massive patching Dovecot source code. Christian
Re: [Dovecot] Pointers for developing a proper encryption plugin?
Am 04.01.2011 00:58, schrieb Timo Sirainen: a) yeah, if you lost your private key or its password, they're lost If users are aware of that, that will be ok. b) but you can change the private key's password private key should be encrypted with users password. A change password tool must change passphrase for users private key. c) and you could also sign the messages with a 3rd admin-key and admin would be able to decrypt them, but this would make it all pretty much pointless. This may be desirable in enterprise environments, but not for public mail services. Admin shoud decide to do so or nor. Christian
[Dovecot] Error: Opening INBOX failed: Mailbox doesn't exist: INBOX
Hello, there is one user which has a Error: Opening INBOX failed: Mailbox doesn't exist: INBOX problem: doveadm mailbox status -u u...@foo.local -t all \* doveadm(u...@foo.local): Error: Opening INBOX failed: Mailbox doesn't exist: INBOX doveadm(u...@foo.local): Error: Opening mailbox INBOX failed: Mailbox doesn't exist: INBOX doveadm -v force-resync -u u...@foo.local INBOX doveadm(u...@foo.local): Error: Opening INBOX failed: Mailbox doesn't exist: INBOX doveadm(u...@foo.local): Error: Opening mailbox INBOX failed: Mailbox doesn't exist: INBOX doveadm mailbox list -u u...@foo.local Archiv Old Gesendete Objekte INBOX INBOX.old INBOX.ix INBOX.ct INBOX.telepolis INBOX.bild INBOX.fotos.highres INBOX.computerbild Junk-E-Mail Trash Gesendet System has several hundred users, but this is the only user on which that happens. Users client is Microsoft Outlook 2003, but there are more users which are using Microsoft Outlook 2003. dovecot -n (some parts masked with *** for privacy reasons): # 2.0.3: /opt/dovecot/etc/dovecot/dovecot.conf # OS: Linux 2.6.26-2-amd64 x86_64 Debian 5.0.6 xfs auth_master_user_separator = * auth_mechanisms = plain login auth_realms = *** auth_username_format = %Lu disable_plaintext_auth = no first_valid_uid = 124 last_valid_uid = 124 listen = [::], * log_timestamp = %Y-%m-%d %H:%M:%S login_greeting = imap4/pop3 ready. mail_location = maildir:/mail/%d/%u/Maildir mail_privileged_group = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date imapflags notify passdb { args = *** driver = passwd-file master = yes } passdb { args = /opt/dovecot/etc/dovecot/dovecot-ldap.conf driver = ldap } plugin { quota = maildir:User quota quota_rule = *:storage=500M quota_rule2 = Trash:storage=+100M quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_extensions = +imapflags +notify } protocols = imap pop3 sieve lmtp service auth { client_limit = 8000 unix_listener /var/run/dovecot/auth-master { group = vmail mode = 0660 user = vmail } unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } user = vmail } service imap-login { process_limit = 1024 } service imap-postlogin { executable = script-login /opt/dovecot-cf/lastlogin.sh user = cadm } service imap { executable = imap imap-postlogin } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0660 user = postfix } } service managesieve-login { inet_listener sieve-obsolete { port = 2000 } inet_listener sieve { port = 4190 } process_limit = 1024 } service pop3-login { process_limit = 1024 } service pop3-postlogin { executable = script-login /opt/dovecot-tools/lastlogin.sh user = cadm } service pop3 { executable = pop3 pop3-postlogin } service quota-warning { executable = script /opt/dovecot-tools/quota-warning.sh user = vmail } ssl_ca = /opt/dovecot/etc/cacert.pem ssl_cert = /opt/apache/apache/conf/ssl/cert.crt ssl_cipher_list = HIGH:MEDIUM:!SSLv2:!ADH:!aNULL:!eNULL:!NULL ssl_key = /opt/apache/apache/conf/ssl/cert.key userdb { args = /opt/dovecot/etc/dovecot/dovecot-ldap.conf driver = ldap } protocol lmtp { mail_plugins = quota sieve } protocol sieve { managesieve_logout_format = bytes ( in=%i : out=%o ) } protocol imap { imap_client_workarounds = tb-extra-mailbox-sep mail_plugins = quota imap_quota } protocol pop3 { mail_plugins = quota pop3_uidl_format = %08Xu%08Xv } protocol lda { auth_socket_path = /var/run/dovecot/auth-master hostname = mail.foo.local lda_mailbox_autocreate = yes mail_plugin_dir = /opt/dovecot/lib/dovecot/lda mail_plugins = $mail_plugins sieve postmaster_address = postmas...@foo.local sendmail_path = /usr/lib/sendmail } dovecot-ldap.conf omitted, because auth works flawless. Homedir etc. looks like other users homedirs: tsnetMailHomeDir: /mail/foo.local/u...@foo.local tsnetMailMessageStore: /mail/foo.local/u...@foo.local/Maildir As temporary workaround user set a sieve rule to forward mail to other account. This Sieve script works. Is there a way to fix that w/o deleting that mailbox ? Christian
Re: [Dovecot] Error: Opening INBOX failed: Mailbox doesn't exist: INBOX
Hello Timo, tmp/ was missing. Creating tmp/ and chown/chmod to dovecot user solved doveadm issue. If that user reports successful access to his maildir this issue is definitely solved. I did not delete dovecot.index* files. many thanks to you Christian Am 26.09.2010 19:29, schrieb Timo Sirainen: Does this user have Maildir/cur/, new/ and tmp/ directories? Does it help if you delete Maildir/dovecot.index* files?
[Dovecot] Problems Converting Maildir to mdbox
Hello, I would like to convert all users mail from maildir to mdbox. My Dovecot version is 2.0.1, converted from 1.2.13 but config was rewritten from scratch. http://wiki2.dovecot.org/Migration/MailFormat says following: maildir - mdbox migration. Set mail_location=mdbox:~/mdbox and run doveadm convert -u username maildir:~/Maildir but doveadm does not know a command like convert. Is there a _working_ way to convert maildir to mdbox ? How to do that with all Dovecot mail users (about 1) ? Christian
Re: [Dovecot] v1.2.7 released
Hello Timo, unfortunally dovecot-1.2.6-managesieve-0.11.9.diff is not applicable to Dovecot 1.2.7. After patching dovecot-1.2.6-managesieve-0.11.9.diff from: @@ -619,7 +635,13 @@ *set-imap_capability != '\0' ? set-imap_capability : set-imap_generated_capability, NULL)); if (*set-imap_capability != '\0') env_put(CAPABILITY_STRING_OVERRIDDEN=1); + } else if (group-mail_process_type == PROCESS_TYPE_MANAGESIEVE) { + env_put(t_strconcat(CAPABILITY_STRING=, + set-managesieve_generated_capability, NULL)); + env_put(t_strconcat(MANAGESIEVE_IMPLEMENTATION_STRING=, + set-managesieve_implementation_string, NULL)); } + if (*set-login_trusted_networks != '\0') { env_put(t_strconcat(TRUSTED_NETWORKS=, set-login_trusted_networks, NULL)); to @@ -619,9 +635,15 @@ *set-imap_capability != '\0' ? set-imap_capability : set-imap_generated_capability, NULL)); if (*set-imap_capability != '\0') env_put(CAPABILITY_STRING_OVERRIDDEN=1); + } else if (group-mail_process_type == PROCESS_TYPE_MANAGESIEVE) { + env_put(t_strconcat(CAPABILITY_STRING=, + set-managesieve_generated_capability, NULL)); + env_put(t_strconcat(MANAGESIEVE_IMPLEMENTATION_STRING=, + set-managesieve_implementation_string, NULL)); } + if (*set-login_trusted_networks != '\0') { env_put(t_strconcat(TRUSTED_NETWORKS=, set-login_trusted_networks, NULL)); this patch works with Dovecot 1.2.7. Christian
Re: [Dovecot] v1.2.4 released
dovecot-1.2-managesieve-0.11.8 fails to compile with dovecot 1.2.4 and sieve 0.1.11, following versions were used: drwxrwxrwx 4 root root 4096 18. Aug 07:31 dovecot-1.2.4 drwxrwxrwx 4 root root 4096 18. Aug 07:34 dovecot-1.2-managesieve-0.11.8 drwxrwxrwx 6 root root 4096 18. Aug 07:33 dovecot-1.2-sieve-0.1.11 config was created as follows: ./configure \ --prefix=/opt/dovecot \ --with-dovecot=/usr/src/dovecot-1.2.4 \ --with-dovecot-sieve=/usr/src/dovecot-1.2-sieve-0.1.11 \ host:/usr/src/dovecot-1.2-managesieve-0.11.8# make make all-recursive make[1]: Entering directory `/usr/src/dovecot-1.2-managesieve-0.11.8' Making all in src make[2]: Entering directory `/usr/src/dovecot-1.2-managesieve-0.11.8/src' Making all in lib-managesieve make[3]: Entering directory `/usr/src/dovecot-1.2-managesieve-0.11.8/src/lib-managesieve' make[3]: Für das Ziel »all« ist nichts zu tun. make[3]: Leaving directory `/usr/src/dovecot-1.2-managesieve-0.11.8/src/lib-managesieve' Making all in lib-sievestorage make[3]: Entering directory `/usr/src/dovecot-1.2-managesieve-0.11.8/src/lib-sievestorage' make[3]: Für das Ziel »all« ist nichts zu tun. make[3]: Leaving directory `/usr/src/dovecot-1.2-managesieve-0.11.8/src/lib-sievestorage' Making all in managesieve make[3]: Entering directory `/usr/src/dovecot-1.2-managesieve-0.11.8/src/managesieve' make[3]: Für das Ziel »all« ist nichts zu tun. make[3]: Leaving directory `/usr/src/dovecot-1.2-managesieve-0.11.8/src/managesieve' Making all in managesieve-login make[3]: Entering directory `/usr/src/dovecot-1.2-managesieve-0.11.8/src/managesieve-login' gcc -DHAVE_CONFIG_H -I. -I../.. -I/usr/src/dovecot-1.2.4 -I/usr/src/dovecot-1.2.4/src/lib -I/usr/src/dovecot-1.2.4/src/lib-auth -I/usr/src/dovecot-1.2.4/src/lib-mail -I/usr/src/dovecot-1.2.4/src/lib-index -I/usr/src/dovecot-1.2.4/src/lib-storage -I/usr/src/dovecot-1.2.4/src/login-common -I../../src/lib-managesieve -I/usr/src/dovecot-1.2-sieve-0.1.11 -I/usr/src/dovecot-1.2-sieve-0.1.11/src/lib-sieve -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -Wstrict-aliasing=2 -MT managesieve-proxy.o -MD -MP -MF .deps/managesieve-proxy.Tpo -c -o managesieve-proxy.o managesieve-proxy.c managesieve-proxy.c:492:40: error: macro login_proxy_new requires 7 arguments, but only 6 given managesieve-proxy.c: In function ‘managesieve_proxy_new’: managesieve-proxy.c:491: warning: assignment from incompatible pointer type make[3]: *** [managesieve-proxy.o] Fehler 1 make[3]: Leaving directory `/usr/src/dovecot-1.2-managesieve-0.11.8/src/managesieve-login' make[2]: *** [all-recursive] Fehler 1 make[2]: Leaving directory `/usr/src/dovecot-1.2-managesieve-0.11.8/src' make[1]: *** [all-recursive] Fehler 1 make[1]: Leaving directory `/usr/src/dovecot-1.2-managesieve-0.11.8' make: *** [all] Fehler 2 host:/usr/src/dovecot-1.2-managesieve-0.11.8# config dovecot 1.2.4: ./configure \ --prefix=/opt/dovecot \ --enable-asserts \ --enable-header-install \ --enable-largefile \ --with-ldap=yes \ --with-zlib \ --with-bzlib \ --with-libcap \ --with-ssl=openssl \ --with-gc \ --with-storages=maildir,mbox,dbox,cydir \ config dovecot-1.2-sieve-0.1.11: ./configure \ --prefix=/opt/dovecot \ --with-dovecot=/usr/src/dovecot-1.2.4 \ Of cource diff for dovecot 1.2.4 was applied. That patch was for 1.2.3, but patch did not complain. Is there any reason not to include that patch into Dovecot with option to select/deselect by configure ? regards Christian Powered bei http://freemail.taunusstein.net
Re: [Dovecot] v1.2.2 released
I experienced a strange effect after updating from 1.2.1 to 1.2.2 with Horde. IMP 4.3.4 had problems with GnuPG handling while Dovecot 1.2.1 was installed, but IMP 4.3.3 had no problems. Now I updated to Dovecot 1.2.2 and IMP 4.3.4 is also running flawless :-) Is that an known issue ? Christian
[Dovecot] Bug in Dovecot Managesieve or Horde ?
Hello, there is a problem between Dovevot 1.2 Managesieve 0.11.7 and Horde webmail 1.2.2 (possibly also in 1.2.3) in imap4flags $ telnet localhost 2000 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. IMPLEMENTATION dovecot SIEVE fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include body variables enotify environment SASL PLAIN LOGIN STARTTLS NOTIFY mailto VERSION 1.0 OK taunusstein.net imap4/pop3 ready. This shows imap4flags, Cyrus sieve shows imapflags instead that. Horde Ingos does not like that and complains about missing imapflags. Two small patches in Horde code resolves that, but I do not know if that's the right way. cd webmail2/ingo/lib vi ./Script/sieve.php: function requires() { //return array('imapflags'); return array('imap4flags'); } vi ./tests/SieveTest.php: function testBlacklistMarker() { $bl = new Ingo_Storage_blacklist(3); $bl-setBlacklist(array('spam...@example.com')); $bl-setBlacklistFolder(INGO_BLACKLIST_MARKER); $this-store($bl); //$this-assertScript('require imapflags; $this-assertScript('require imap4flags; if address :all :comparator i;ascii-casemap :is [From, Sender, Resent-From] spam...@example.com { addflag Deleted; keep; removeflag Deleted; stop; }'); } After that, Horde Ingo likes Dovecot mailsieve. Is it a bug of mailsieve ? Regards Christian
Re: [Dovecot] Bug in Dovecot Managesieve or Horde ?
Hi Tom, thank you for that hint, before RTFM FTFM (find the manual) is the problem ;-) Obviously a better solution. My patch would be the Horde approach. Reagards Christian Tom Hendrikx schrieb: I guess Horde should be updated to handle different implementations of
[Dovecot] Client Cert Auth Problem
Hello, is there a config possible which supports both of following authentication schemes ? 1st: If user presents a client certificate, he can log in w/o username/password, where user id comes from CN. Accepting any password is not the right solution. 2nd: If user does not present a client certificate, he have to authenticate by username/password. In both cases user data is read from userdb LDAP, which is already working. I was not able to get both auth schemes working at same time. With Postfix such a config is fully operable. regards Christian
Re: [Dovecot] dsync - one or two ways?
Does this mean true multi master operation ? That would make configs with load balancers much easier :-) Timo Sirainen schrieb: dsync in Dovecot v2.0 tree is a new utility for syncing a mailbox in two locations. Some things it can be used for:
[Dovecot] E-Mail Encryption
Hello, I am new to Dovecot but installation was quite easy, so there is one more LDAP authenticated, Dovecot / Postfix mailbox online, but there is one question left: I would like to set up a configuration, which encrypts every user mail with a unique key. If user logs in, private key should be decrypted with user password and every mail user requests should be decrypted with users private key. If a mail comes in, it should be encrypted with users public key. That key pair should be used for that purpose only. Obviously a GnuPG plugin between deliver and rest of Dovecot is needed. best reagrds Christian
Re: [Dovecot] E-Mail Encryption
So I have to inspect zlib plugin (and Dovecot) code ;-) If plugin knows username, it needs a way to get user password in clear text and of course his username to find and decrypt users private key. These items have to be saved in a secure way, while user is logged in. Obviously there are several differences to zlib plugin. If plugin API supports these extra requirements, it should be possible to write such a plugin which will stay compatible to future Dovecot versions. Encryption should be done in deliver tool, so there is no requirement to touch MTA (e.g. Postfix) code. Deliver tool must know dest. mail adress, so it can ask LDAP for the right public key. Does deliver also support plugins ? Christian Timo Sirainen schrieb: Feel free to write such a plugin. :) Decryption could be done the same way as zlib plugin works. Encryption would need a bit more work.