Problems To Get Dovecot Running On FreeBSD: auth process crashes
Hello,
I ran into problems to get Dovecot running on FreeBSD. Steps for
reproduction.
Start Docot with dovecot -F (same result if started by rc script)
telnet 192.168.116.38 110
Trying 192.168.116.38...
Connected to freebsd.
Escape character is '^]'.
-ERR Disconnected: Auth process broken
Connection closed by foreign host.
logfile shows following:
May 22 11:41:24 freebsd dovecot: master: Dovecot v2.2.18 starting up for
imap, pop3, lmtp, sieve
May 22 11:41:27 freebsd dovecot: auth: Error: auth: environment corrupt;
missing value for DOVECOT_
May 22 11:41:27 freebsd dovecot: auth: Fatal: unsetenv(RESTRICT_SETUID)
failed: Bad address
May 22 11:41:27 freebsd dovecot: master: Error: service(auth): command
startup failed, throttling for 2 secs
May 22 11:41:27 freebsd dovecot: pop3-login: Disconnected: Auth process
broken (disconnected before auth was ready, waited 1 secs): user=,
rip=192.168.116.1, lip=192.168.116.38, session=cBLNdqgWWADAqHQB
May 22 11:41:32 freebsd dovecot: master: Warning: Killed with signal 2
(by pid=0 uid=0 code=kernel)
Error message is quite meaningless regarding reason for crash.
I am running same config on a Linux (Debian 8) host w/o problems. Is it
a problem specific to FreeBSD?
Christian
---cut here---
[root@freebsd /usr/local/etc/dovecot]# doveconf -n
# 2.2.18: /usr/local/etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.8 (0c4ae064f307+)
# OS: FreeBSD 10.1-RELEASE-p10 amd64
auth_debug = yes
auth_debug_passwords = yes
auth_master_user_separator = *
auth_mechanisms = plain login
auth_ssl_username_from_cert = yes
auth_username_chars =
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@#
auth_username_translation = @#
auth_verbose = yes
base_dir = /var/run/dovecot/
disable_plaintext_auth = no
first_valid_uid = 124
hostname = mail.taunusstein.net
last_valid_uid = 124
lda_mailbox_autocreate = yes
listen = 192.168.116.38
log_timestamp = %Y-%m-%d %H:%M:%S
login_greeting = mail.taunusstein.net imap4/pop3 ready.
mail_gid = 124
mail_location = maildir:~/Maildir
mail_privileged_group = vmail
mail_uid = 124
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date index ihave duplicate imapflags notify
namespace {
list = children
location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u
prefix = shared/%%u/
separator = /
subscriptions = no
type = shared
}
namespace inbox {
inbox = yes
list = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox Sent Messages {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
separator = /
type = private
}
passdb {
args = /usr/local/etc/dovecot/passwd.masterusers
driver = passwd-file
master = yes
}
passdb {
driver = pam
}
plugin {
acl = vfile:/etc/dovecot/global-acls:cache_secs=300
acl_shared_dict = file:/var/lib/dovecot/shared-mailboxes
autocreate = Trash
autocreate2 = Drafts
autosubscribe = Trash
autosubscribe2 = Drafts
fts = solr
fts_solr = break-imap-search url=http://solr.lan:8983/solr/
quota = maildir:User quota
quota_rule = *:storage=500M
quota_rule2 = Trash:storage=+100M
quota_warning = storage=95%% quota-warning 95 %u
quota_warning2 = storage=80%% quota-warning 80 %u
recipient_delimiter = +
sieve = ~/.dovecot.sieve
sieve_dir = ~/sieve
sieve_extensions = +notify +imapflags
}
postmaster_address = postmas...@taunusstein.net
protocols = imap pop3 lmtp sieve
sendmail_path = /usr/lib/sendmail
service anvil {
client_limit = 4000
}
service auth-worker {
group = vmail
}
service auth {
client_limit = 8000
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
}
unix_listener auth-master {
group = vmail
mode = 0660
user = vmail
}
unix_listener auth-userdb {
group = postfix
mode = 0666
user = postfix
}
user = root
}
service imap-login {
inet_listener imap {
port = 143
}
inet_listener imaps {
port = 993
ssl = yes
}
process_limit = 1024
}
service imap-postlogin {
executable = script-login /opt/dovecot-cf/bin/lastlogin.py
}
service imap {
executable = imap imap-postlogin
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0660
user = postfix
}
}
service managesieve-login {
inet_listener sieve {
port = 4190
}
inet_listener sieve_deprecated {
port = 2000
}
}
service pop3-login {
inet_listener pop3 {
port = 110
}
inet_listener pop3s {
port = 995
ssl = yes
}
process_limit = 1024
}
service pop3-postlogin {
executable = script-login /opt/dovecot-cf/bin/lastlogin.py
}
service pop3 {
executable = pop3 pop3-postlogin
}
service quota-warning
Schema Patch to get Dovecot running with Solr 4.10.3
Hello, AFAIK a known problem with newer Apache Solr versions. If you patch Dovecots solr-schema.xml Dovecot will work with Solr 4.10.3: --- solr-schema.xml 2015-01-05 09:12:51.080196122 +0100 +++ /home/solr/solr/example/solr/collection1/conf/schema.xml2015-01-05 09:31:48.320206660 +0100 @@ -51,6 +51,7 @@ field name=cc type=text indexed=true stored=false / field name=bcc type=text indexed=true stored=false / field name=subject type=text indexed=true stored=false / + field name=text type=text indexed=true stored=false / !-- Used by Solr internally: -- field name=_version_ type=long indexed=true stored=true/ This patch was created regarding Dovecot 2.2.15, for Dovecot configuration please follow instructions at http://wiki2.dovecot.org/Plugins/FTS/Solr Christian
[Dovecot] Multiple Instances Of Dovecot On One Messagebase
Hello,
I would like to run multiple instances of Dovecot with same message base
(maildir format)
Will this set up work or would that destroy message base?
Intention is to offer different authentication methods to users,
username/password and client certificates. Those instances should run on
different IP addresses which is supported by Dovecot.
Unfortunately Dovecot does not allow different auth configs in local
ip {} sections.
best regards
Christian
[Dovecot] Incompatibility Thunderbirds Auth Mech TLS-Certificate - Dovecot
Hello,
it seems there there is an issue regarding TLS-Certtificate
authentication in Thunderbird and Dovecot. Obviously client certificate
is recognized by Dovecot:
Apr 25 14:29:01 dovecot dovecot: imap-login: Valid certificate:
/emailAddress=christian.fels...@example.net/CN=Christian Felsing
(Test)/OU=CF Certificates/O=example.net/C=DE
AFAIK Dovecot always requires IMAP login, even in static passdb
config. Static means arbitrary password is ok, but not no login
I hope, I am wrong, following log entry gave a hint, what Thunderbird
does or more precisely - not do:
Apr 25 14:29:01 dovecot dovecot: imap-login: Disconnected (no auth
attempts in 5 secs): user=, rip=192.168.1.99, lip=192.168.42.1, TLS,
session=3+1THN33NQBtWq5D
Dovecot wants an IMAP login, but Thunderbird does not so. I am not sure
if that is a bug (or feature) of Dovecot or Thunderbird. Thunderbird
does several strange things on client certificates:
1st) If Dovecot is configured to request a client certificate and
Thunderbird is configured to use plain text auth, Thunderbird offers a
client certificate and login succeeds as configured in Dovecot.
Unfortunately Thunderbird uses same certificate for all configured
accounts to that host. Very bad if Dovecot reads username from
certificate attributes.
2nd) If Dovecot is configured to request a client certificate and
Thunderbird is configured to use TLS-Certificate, Thunderbird also
offers a client certificate, but Dovecot requests login from
Thunderbird. That fails, because Thunderbird assumes TLS-Certificate is
enough for successful log.
If it is true that Dovecot is not compatible to Thunderbirds way of
TLS-Certificate Authentication, I consider to set up a proxy, which
supports that way. May be Nginx would be a solution, it supports IMAP
and LUA module plus some LUA code will fake the authentication. This is
an ugly hack so I would like to avoid that, if anybody has a better
solution. Thunderbird is a very widespread IMAP client so it should not
be ignored.
best regards
Christian
---Dovecot config---
# /opt/dovecot/bin/doveconf -n
# 2.2.12: /opt/dovecot/etc/dovecot-cert/dovecot.conf
# OS: Linux 3.2.0-4-amd64 x86_64 Debian 7.4
auth_debug = yes
auth_debug_passwords = yes
auth_master_user_separator = *
auth_ssl_require_client_cert = yes
auth_ssl_username_from_cert = yes
auth_username_chars =
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@#
auth_username_translation = @#
base_dir = /var/run/dovecot-cert
first_valid_uid = 124
last_valid_uid = 124
listen = 192.168.42.1
log_timestamp = %Y-%m-%d %H:%M:%S
login_greeting = example.net imap4/pop3 (cert only) ready.
mail_gid = 124
mail_location = maildir:~/Maildir
mail_privileged_group = vmail
mail_uid = 124
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date ihave imapflags notify
namespace {
list = children
location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u
prefix = shared/%%u/
separator = /
subscriptions = no
type = shared
}
namespace inbox {
inbox = yes
list = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox Sent Messages {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
separator = /
type = private
}
passdb {
args = password=test
driver = static
}
plugin {
acl = vfile:/etc/dovecot/global-acls:cache_secs=300
acl_shared_dict = file:/var/lib/dovecot/shared-mailboxes
autocreate = Trash
autocreate2 = Drafts
autosubscribe = Trash
autosubscribe2 = Drafts
quota = maildir:User quota
quota_rule = *:storage=500M
quota_rule2 = Trash:storage=+100M
quota_warning = storage=95%% quota-warning 95 %u
quota_warning2 = storage=80%% quota-warning 80 %u
recipient_delimiter = +
sieve = ~/.dovecot.sieve
sieve_dir = ~/sieve
sieve_extensions = +notify +imapflags
}
protocols = imap pop3 lmtp sieve
service anvil {
client_limit = 4000
}
service auth-worker {
group = vmail
}
service auth {
client_limit = 8000
unix_listener auth-master {
group = vmail
mode = 0660
user = vmail
}
unix_listener auth-userdb {
group = vmail
mode = 0660
user = dovecot
}
user = root
}
service imap-login {
inet_listener imap {
port = 143
}
inet_listener imaps {
port = 993
ssl = yes
}
process_limit = 1024
}
service imap-postlogin {
executable = script-login /opt/cfbin/lastlogin.sh
}
service imap {
executable = imap imap-postlogin
}
service managesieve-login {
inet_listener sieve {
port = 4190
}
inet_listener sieve_deprecated {
port = 2000
}
}
service pop3-login {
inet_listener pop3 {
port = 110
}
inet_listener pop3s {
port = 995
ssl = yes
}
process_limit = 1024
[Dovecot] AD Kerberos and Dovecot
Hello, I got stucked on Kerberos auth with Dovecot: Jan 22 17:48:36 test dovecot: auth: Error: LDAP: binding failed (dn cn=AUTH\_ldap): Local error, SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Credentials cache file '/tmp/krb5cc_1003' not found) kinit and and ldapsearch with gssapi auth are working. Are there instructions how to set up Kerberos auth with Dovecot and Active Directory? How does Dovecot handle Kerberos tickets? best regards Christian
Re: [Dovecot] Dovecot MTA
Hi Timo, Am 08.11.2013 14:07, schrieb Timo Sirainen: I've never really wanted to create my own MTA, because I like Postfix quite a lot. And I always thought it would require a horribly lot of ...and there virtually nothing which could not be built with Postfix. Maybe a Postfix addon/proxy for easier integration of Dovecot would help. If I need a very fast MTA for e.g. a Raspberry based mail system I would prefer qmail as MTA. My main design goals for the MTA are: ... hmm - I consider still to use Postfix as MTA, because it is a nightmare to replace all those MTA monitoring tools, log analyzer and other support tools. Did you asked Wietse for those improvements in Postfix? So perhaps something like this could be done in time for Dovecot v2.4. Any thoughts/ideas/suggestions? To the risk to become off topic: Please consider to add server side private/public key encryption for incoming mails. If client logs on, the password is used to unlock users server side private key. If mail arrives from MTA or any other source, mail is encrypted with users public key. Key pair should be located in LDAP or SQL server. PGP and S/MIME should be supported. This is for the situation if NSA or other organizations asks admin for users mail insistently, see http://xkcd.com/538/ A much better solution would be to improve IMAP protocol to allow user to use his client certificate not only for authentication on IMAP server but decrypt his mails also. Dovecot needs only public key and client does decryption. This should not replace end-to-end encryption provided by enigmail etc. Christian
Re: [Dovecot] pigeonhole sources no more available
Hello, until problem is resolved, I provide that on https://x.ip6.li/dovecot-2.2-pigeonhole-0.4.2.tar.gz best regards Christian Felsing Am 29.10.13 04:05, schrieb m...@electronico.nc: Please excuse me for this message but I can't find the pigeonhole sources available anymore. Points to (for latest sources) : http://www.rename-it.nl/dovecot/2.2/dovecot-2.2-pigeonhole-0.4.2.tar.gz
[Dovecot] Problems with openssl library path
Hello, I tried to compile Dovecot 2.2.5 on Debian 6 with an alternate OpenSSL installation located at /usr/local/ssl A compilation with CPPFLAGS=-I/usr/local/ssl/include \ LDFLAGS=-L/usr/local/ssl/lib -Wl,-rpath=/usr/local/ssl/lib \ SSL_LIBS=-L/usr/local/ssl/lib -Wl,-rpath=/usr/local/ssl/lib \ ./configure \ --prefix=/opt/dovecot-2.2.5 \ --enable-asserts \ --enable-largefile \ --with-ldap=yes \ --with-zlib \ --with-bzlib \ --with-libcap \ --with-ssl=openssl \ --with-gc \ --with-storages=maildir,mbox,mdbox,cydir \ create a working Dovecot, but it still uses the very old Debian 6 OpenSSL 0.9.8 instead my OpenSSL 1.0.1e LD_LIBRARY_PATH has also no effect, because Dovecot strips it out. Any hints? regards Christian
Re: [Dovecot] Dovecot 2.2rc3 Client Cert Auth and Webmail - auth_ssl_require_client_cert problem
Hi Timo,
thank you for that hint.
SELECT NULL AS password, 'Y' as nopassword, userid AS user FROM users
WHERE userid = '%u'
does not work, seems Dovecot 2.2rc3 ignores nopassword, so my solution is:
password_query = SELECT MD5('%w') AS password, userid AS user FROM users
WHERE (userid = '%u') and (('%k' = 'valid') or ('%r' = '192.168.116.30'));
so Dovecot accepts any password provided by user. This solution works
now for users which are directily using imap or pop3 _and_ for users
which are using Horde webmail frontend backed by Dovecot. This is now a
configuration which does not need any passwords stored on server which
provides IMHO more security.
best regards
Christian
Am 31.03.2013 10:29, schrieb Timo Sirainen:
Is there any way to turn off client certs for specific local or remote
IP addresses?
In your passdb you can use %r = remote IP and %k = certificate valid to
figure out if the user is allowed or not. For example with SQL passdb that
would be possible, or checkpassword. http://wiki2.dovecot.org/Variables
Re: [Dovecot] Dovecot 2.2rc3 Client Cert Auth and Webmail - auth_ssl_require_client_cert problem
There were log entries regarding that problem: Mar 25 11:05:21 dovecot dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=imap#011secured#011valid-client-cert#011sessi on=J8pV8bzYIACwxigG#011cert_username=u...@example.net#011lip=192.168.200.22#011rip=192.168.200.6#011lport=993#011rport=8480 Mar 25 11:05:21 dovecot dovecot: auth: Debug: client passdb out: CONT#0111#011 Mar 25 11:05:21 dovecot dovecot: auth: Debug: client in: CONThidden Mar 25 11:05:21 dovecot dovecot: auth: Debug: sql(u...@example.net,192.168.200.6,J8pV8bzYIACwxigG): query: SELECT NULL AS password, 'Y' as nopassword, userid AS user FROM users WHERE userid = 'u...@example.net' Mar 25 11:05:21 dovecot dovecot: auth: Debug: client in: CONThidden Mar 25 11:05:21 dovecot dovecot: auth: sql(u...@example.net,192.168.200.6,J8pV8bzYIACwxigG): Empty password returned without nopassword Mar 25 11:05:23 dovecot dovecot: auth: Debug: client passdb out: FAIL#0111#011user=u...@example.net Dovecot got nopassword but does still not accept an empty password. Christian Am 31.03.2013 15:18, schrieb Timo Sirainen: On 31.3.2013, at 15.47, Christian Felsing hostmas...@taunusstein.net wrote: thank you for that hint. SELECT NULL AS password, 'Y' as nopassword, userid AS user FROM users WHERE userid = '%u' does not work, seems Dovecot 2.2rc3 ignores nopassword, so my solution is: I don't understand. I remember some other mail about this as well. It works fine with my tests.. What does it log with you?
Re: [Dovecot] Dovecot 2.2rc3 Client Cert Auth and Webmail - auth_ssl_require_client_cert problem [solved]
Thank you, works now with 'Y' as nopassword :-) best regards Christian Am 31.03.2013 17:16, schrieb Timo Sirainen: On 31.3.2013, at 17.38, Christian Felsing hostmas...@taunusstein.net wrote: There were log entries regarding that problem: Ah, you were using PostgreSQL and I tested MySQL. They are handled somewhat differently. This should fix it: http://hg.dovecot.org/dovecot-2.2/rev/37cd62516b37
[Dovecot] Dovecot 2.2rc3 Client Cert Auth and Webmail - auth_ssl_require_client_cert problem
Hello,
I would like to set up a Dovecot based mail system which uses X.509
Client Certificates for authentication. A webmail system based on Horde5
should use Dovecot as backend.
For now Dovecot works with client certificates issued by my CA and Horde
authenticates also with same client certs. Due to protocol it is
impossible to use client certs presented by user to Horde for
authentication at Dovecot, so Horde should be allowed to authenticate
itself without or an arbitrary password to Dovecot. Horde and Dovecot
are running in same protected LAN.
Unfortunately Dovecot does not support different authentication methods
on different IP addresses or ports. This does not work:
remote 192.168.116.28/32 {
auth_ssl_require_client_cert = no
auth_ssl_username_from_cert = yes
disable_plaintext_auth = no
ssl = yes
}
Result is doveconf: Fatal: Error in configuration file
/opt/dovecot-2.2.rc3/etc/dovecot/conf.d/10-auth.conf line 103: Auth
settings not supported inside local/remote blocks:
auth_ssl_require_client_cert
Replacing auth_ssl_require_client_cert = no by ssl_verify_client_cert =
no does not yield in an error, but it does nothing, Dovecot still
insists for a client certificate.
I afraid that I am trapped by this problem:
http://dovecot.2317879.n4.nabble.com/Problem-with-requiring-client-certificates-for-external-connections-tp475.html
Is there any way to turn off client certs for specific local or remote
IP addresses?
best regards
Christian
[Dovecot] nopassword not working in Dovecot 2.2rc3?
Hello, I got some problems while set up a test system for Client Cert Auth, therefore passwords are not requred. SELECT NULL AS password, 'Y' as nopassword, userid AS user FROM users WHERE userid = 'u...@example.net' shows exactly what is expected, bur Dovecot does net regongnize 'Y' as nopassword: Mar 25 11:18:04 dovecot dovecot: auth: Debug: sql(u...@example.net,192.168.200.6,gndyHr3Y/gCwxigG): query: SELECT NULL AS password, 'Y' as nopassword, userid AS user FROM users WHERE userid = 'u...@example.net' Mar 25 11:18:04 dovecot dovecot: auth: sql(u...@example.net,192.168.200.6,gndyHr3Y/gCwxigG): Empty password returned without nopassword Mar 25 11:18:06 dovecot dovecot: auth: Debug: client passdb out: FAIL#0112#011user=u...@example.net Mar 25 11:18:07 dovecot dovecot: imap-login: Disconnected (auth failed, 2 attempts in 9 secs): user=u...@example.net, method=PLAIN, rip=192.168.200.6, lip=192.168.200.22, TLS As shown on http://wiki2.dovecot.org/AuthDatabase/SQL select statement above should prevent Dovecot from verifying password. any hints? best regards Christian
[Dovecot] Crash while moving mail between private folder and shared folder
Hello, while moving a mail from a private folder (inbox) to a shared folder and back to private folder Dovecot 2.2rc3 crashes: ---cut here--- Mar 23 09:57:44 dovecot dovecot: imap-login: Login: user=john@example.net, method=PLAIN, rip=192.168.200.6, lip=192.168.200.22, mpid=19423, TLS Mar 23 09:57:44 dovecot dovecot: imap(john@example.net): Panic: file mail-namespace.c: line 654 (mail_namespace_find): assertion failed: (ns != NULL) Mar 23 09:57:44 dovecot dovecot: imap(john@example.net): Error: Raw backtrace: /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(+0x608fa) [0x7f82f65b28fa] - /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(+0x6093e) [0x7f82f65b293e] - /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7f82f657435b] - /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot-storage.so.0(mail_namespace_find_unalias+0) [0x7f82f686b590] - /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot-storage.so.0(mail_namespace_find_unalias+0x19) [0x7f82f686b5a9] - /opt/dovecot-2.2.rc3/lib/dovecot/lib10_quota_plugin.so(+0x57bd) [0x7f82f51127bd] - /opt/dovecot-2.2.rc3/lib/dovecot/lib10_quota_plugin.so(quota_test_alloc+0xcb) [0x7f82f511424b] - /opt/dovecot-2.2.rc3/lib/dovecot/lib10_quota_plugin.so(quota_try_alloc+0x3d) [0x7f82f511445d] - /opt/dovecot-2.2.rc3/lib/dovecot/lib10_quota_plugin.so(+0xb00b) [0x7f82f511800b] - /opt/dovecot-2.2.rc3/lib/dovecot/lib01_acl_plugin.so(+0xc7cb) [0x7f82f552d7cb] - /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot-storage.so.0(mailbox_copy+0x5f) [0x7f82f687274f] - /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot-storage.so.0(mailbox_move+0x10) [0x7f82f6872810] - dovecot-01/imap() [0x40d29d] - dovecot-01/imap(command_exec+0x3c) [0x4161ec] - dovecot-01/imap() [0x415250] - dovecot-01/imap() [0x41530a] - dovecot-01/imap(client_handle_input+0x115) [0x4155c5] - dovecot-01/imap(client_input+0x72) [0x415972] - /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x36) [0x7f82f65c20e6] - /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xd7) [0x7f82f65c2f37] - /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(io_loop_run+0x28) [0x7f82f65c1c28] - /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f82f6579473] - dovecot-01/imap(main+0x270) [0x40b950] - /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xfd) [0x7f82f61e6ead] - dovecot-01/imap() [0x40baad] Mar 23 09:57:44 dovecot dovecot: imap(john@example.net): Fatal: master: service(imap): child 19423 killed with signal 6 (core dumps disabled) Mar 23 09:57:44 dovecot dovecot: imap-login: Login: user=john@example.net, method=PLAIN, rip=192.168.200.6, lip=192.168.200.22, mpid=19425, TLS Mar 23 09:57:44 dovecot dovecot: imap(john@example.net): Panic: file mail-namespace.c: line 654 (mail_namespace_find): assertion failed: (ns != NULL) Mar 23 09:57:44 dovecot dovecot: imap(john@example.net): Error: Raw backtrace: /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(+0x608fa) [0x7f66ed9a58fa] - /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(+0x6093e) [0x7f66ed9a593e] - /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7f66ed96735b] - /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot-storage.so.0(mail_namespace_find_unalias+0) [0x7f66edc5e590] - /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot-storage.so.0(mail_namespace_find_unalias+0x19) [0x7f66edc5e5a9] - /opt/dovecot-2.2.rc3/lib/dovecot/lib10_quota_plugin.so(+0x57bd) [0x7f66ec5057bd] - /opt/dovecot-2.2.rc3/lib/dovecot/lib10_quota_plugin.so(quota_test_alloc+0xcb) [0x7f66ec50724b] - /opt/dovecot-2.2.rc3/lib/dovecot/lib10_quota_plugin.so(quota_try_alloc+0x3d) [0x7f66ec50745d] - /opt/dovecot-2.2.rc3/lib/dovecot/lib10_quota_plugin.so(+0xb00b) [0x7f66ec50b00b] - /opt/dovecot-2.2.rc3/lib/dovecot/lib01_acl_plugin.so(+0xc7cb) [0x7f66ec9207cb] - /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot-storage.so.0(mailbox_copy+0x5f) [0x7f66edc6574f] - /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot-storage.so.0(mailbox_move+0x10) [0x7f66edc65810] - dovecot-01/imap() [0x40d29d] - dovecot-01/imap(command_exec+0x3c) [0x4161ec] - dovecot-01/imap() [0x415250] - dovecot-01/imap() [0x41530a] - dovecot-01/imap(client_handle_input+0x115) [0x4155c5] - dovecot-01/imap(client_input+0x72) [0x415972] - /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x36) [0x7f66ed9b50e6] - /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xd7) [0x7f66ed9b5f37] - /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(io_loop_run+0x28) [0x7f66ed9b4c28] - /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f66ed96c473] - dovecot-01/imap(main+0x270) [0x40b950] - /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xfd) [0x7f66ed5d9ead] - dovecot-01/imap() [0x40baad] Mar 23 09:57:44 dovecot dovecot: imap(john@example.net): Fatal: master: service(imap): child 19425 killed with signal 6 (core dumps disabled) Mar 23 09:57:46 dovecot dovecot: imap(john@example.net): Disconnected: Logged out in=192 out=1118 ---cut here---
[Dovecot] Dovecot 2.2, Thunderbird And Client Certificates - Login fails
Hello,
I stucked in Thunderbird authentication with X.509 client certs.
This is my config (dovecot -n):
$ /opt/dovecot/sbin/dovecot -n
# 2.2.rc3: /opt/dovecot-2.2.rc3/etc/dovecot/dovecot.conf
# OS: Linux 3.2.0-4-amd64 x86_64 Debian 7.0
auth_debug = yes
auth_ssl_require_client_cert = yes
auth_ssl_username_from_cert = yes
auth_verbose = yes
base_dir = /home/dovecot/
hostname = mail.ip6.li
instance_name = dovecot-01
lda_mailbox_autocreate = yes
mail_gid = dovecot
mail_uid = dovecot
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date ihave
namespace {
list = children
location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u
prefix = shared/%%u/
separator = /
subscriptions = no
type = shared
}
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox Sent Messages {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
separator = /
type = private
}
passdb {
args = scheme=CRYPT username_format=%u
/opt/dovecot/etc/dovecot/mailusers.993
driver = passwd-file
}
plugin {
acl = vfile:/etc/dovecot/global-acls:cache_secs=300
acl_shared_dict = file:/home/dovecot/shared-mailboxes
sieve = ~/.dovecot.sieve
sieve_dir = ~/sieve
}
postmaster_address = postmas...@ip6.li
protocols = imap pop3 lmtp sieve
quota_full_tempfail = yes
sendmail_path = /usr/lib/sendmail
service managesieve-login {
inet_listener sieve {
port = 4190
}
inet_listener sieve_deprecated {
port = 2000
}
}
ssl_ca = /opt/dovecot/etc/dovecot/ip6li-user-ca.pem
ssl_cert = /opt/dovecot/etc/dovecot/mail.taunusstein.net.crt
ssl_cert_username_field = emailAddress
ssl_key = /opt/dovecot/etc/dovecot/mail.taunusstein.net.key
ssl_require_crl = no
ssl_verify_client_cert = yes
userdb {
args = username_format=%u /opt/dovecot/etc/dovecot/mailusers.993
driver = passwd-file
}
verbose_ssl = yes
protocol lda {
auth_socket_path = /var/run/dovecot/auth-master
mail_plugin_dir = /opt/dovecot/lib/dovecot/lda
mail_plugins =
}
protocol imap {
mail_plugins =
}
protocol lmtp {
mail_plugins =
}
protocol sieve {
managesieve_implementation_string = Dovecot Pigeonhole
managesieve_logout_format = bytes ( in=%i : out=%o )
}
protocol pop3 {
mail_plugins =
pop3_uidl_format = %08Xu%08Xv
}
Logfile shows this after Thunderbirds tries to get access:
Mar 22 19:22:32 dovecot dovecot: imap-login: Debug: SSL: where=0x10,
ret=1: before/accept initialization [192.168.200.6]
Mar 22 19:22:32 dovecot dovecot: imap-login: Debug: SSL: where=0x2001,
ret=1: before/accept initialization [192.168.200.6]
Mar 22 19:22:32 dovecot dovecot: imap-login: Debug: SSL: where=0x2001,
ret=1: SSLv3 read client hello A [192.168.200.6]
Mar 22 19:22:32 dovecot dovecot: imap-login: Debug: SSL: where=0x2001,
ret=1: SSLv3 write server hello A [192.168.200.6]
Mar 22 19:22:32 dovecot dovecot: imap-login: Debug: SSL: where=0x2001,
ret=1: SSLv3 write certificate A [192.168.200.6]
Mar 22 19:22:32 dovecot dovecot: auth: Debug: Loading modules from
directory: /opt/dovecot-2.2.rc3/lib/dovecot/auth
Mar 22 19:22:32 dovecot dovecot: auth: Debug: Read auth token secret
from /home/dovecot//auth-token-secret.dat
Mar 22 19:22:32 dovecot dovecot: auth: Debug: passwd-file
/opt/dovecot/etc/dovecot/mailusers.993: Read 1 users in 0 secs
Mar 22 19:22:32 dovecot dovecot: auth: Debug: auth client connected
(pid=20082)
Mar 22 19:22:32 dovecot dovecot: imap-login: Debug: SSL: where=0x2001,
ret=1: SSLv3 write key exchange A [192.168.200.6]
Mar 22 19:22:32 dovecot dovecot: imap-login: Debug: SSL: where=0x2001,
ret=1: SSLv3 write certificate request A [192.168.200.6]
Mar 22 19:22:32 dovecot dovecot: imap-login: Debug: SSL: where=0x2001,
ret=1: SSLv3 flush data [192.168.200.6]
Mar 22 19:22:32 dovecot dovecot: imap-login: Debug: SSL: where=0x2002,
ret=-1: SSLv3 read client certificate A [192.168.200.6]
Mar 22 19:22:32 dovecot dovecot: imap-login: Debug: SSL: where=0x2002,
ret=-1: SSLv3 read client certificate A [192.168.200.6]
Mar 22 19:22:32 dovecot dovecot: imap-login: Debug: SSL: where=0x2002,
ret=-1: SSLv3 read client certificate A [192.168.200.6]
Mar 22 19:22:32 dovecot dovecot: imap-login: Debug: SSL: where=0x2002,
ret=-1: SSLv3 read client certificate A [192.168.200.6]
Mar 22 19:22:32 dovecot dovecot: imap-login: Valid certificate:
/CN=IP6LI Root Certification Authority
Mar 22 19:22:32 dovecot dovecot: imap-login: Valid certificate:
/CN=Intermediate CA for ip6.li users/OU=ip6.li Certificates/O=ip6.li/C=DE
Mar 22 19:22:32 dovecot dovecot: imap-login: Valid certificate:
/emailAddress=christ...@felsing.lan/CN=Christian Felsing/OU=ip6.li
Certificates/O=ip6.li/C=DE
Mar 22 19:22:32 dovecot dovecot: imap-login: Debug: SSL: where
Re: [Dovecot] v2.1.11 released
Hi, seems v2.1.11 has broken Pigeonhole 0.3.3 Christian Am 29.11.2012 07:44, schrieb Timo Sirainen: http://dovecot.org/releases/2.1/dovecot-2.1.11.tar.gz http://dovecot.org/releases/2.1/dovecot-2.1.11.tar.gz.sig * lmtp/lda: dovecot.index.cache file is no longer fully mapped to memory, allowing mail deliveries to work even if the file is huge. * auth: userdb passwd lookups are now done by auth worker processes instead of auth master process (as it was documented, but accidentally didn't work that way). + lmtp: lmtp_rcpt_check_quota=yes setting checks quota on RCPT TO. - lmtp: After successful proxying RCPT TO, the next one to a nonexistent user gave tempfail error instead of user not found. - lmtp proxy: Fixed hanging if remote server was down. - imap: Fixed crash when SEARCH contained multiple KEYWORD parameters. - doveadm: Various fixes to handling doveadm-server connections. - -i instance name parameter for Dovecot tools didn't work correctly. - director was somewhat broken in v2.1.10. This version also includes various reliability enhancements. - auth: passdb imap was broken in v2.1.10.
[Dovecot] Update 2.0.12 - 2.0.13 is broken
Hello, today I tried to update 2.0.12 to 2.0.13, but I got those messages, only: Aug 1 10:20:27 mail dovecot: master: Dovecot v2.0.13 starting up (core dumps disabled) Aug 1 10:20:33 mail dovecot: imap-login: Login: user=***@***.**, method=PLAIN, rip=192.168.1.99, lip=192.168.1.1 , mpid=5123, TLS Aug 1 10:20:33 mail dovecot: imap-postlogin: Error: script-login: Error: user ***@***.**: Error reading configurati on: net_connect_unix(/opt/dovecot-2.0.13/var/run/dovecot/config) failed: Permission denied Aug 1 10:20:33 mail dovecot: imap-postlogin: Error: script-login: Fatal: Internal error occurred. Refer to server log for more info rmation. Aug 1 10:20:33 mail dovecot: log: Error: service(imap-postlogin): child 5124 returned error 89 (Fatal failure) What has happened ? Christian
Re: [Dovecot] Pointers for developing a proper encryption plugin?
Am 04.01.2011 07:38, schrieb to...@tuxteam.de: The idea upthread (Jan-Frode) to keep a public key server-side and encrypt messages on arrival seems to me the way to go. I would support that idea. Private key should be encrypted with users passphrase. If user changes password privet key needs to be decrypted with old password and reencrypted with new password. Public key never changes, so maildir is never required to be touched, if user changes password and server does not need to know users secret to receive mail. I would wish that Timo would consider to implement required functions to plugin API, so such a plugin would be possible without massive patching Dovecot source code. Christian
Re: [Dovecot] Pointers for developing a proper encryption plugin?
Am 04.01.2011 00:58, schrieb Timo Sirainen: a) yeah, if you lost your private key or its password, they're lost If users are aware of that, that will be ok. b) but you can change the private key's password private key should be encrypted with users password. A change password tool must change passphrase for users private key. c) and you could also sign the messages with a 3rd admin-key and admin would be able to decrypt them, but this would make it all pretty much pointless. This may be desirable in enterprise environments, but not for public mail services. Admin shoud decide to do so or nor. Christian
[Dovecot] Error: Opening INBOX failed: Mailbox doesn't exist: INBOX
Hello,
there is one user which has a Error: Opening INBOX failed: Mailbox
doesn't exist: INBOX problem:
doveadm mailbox status -u u...@foo.local -t all \*
doveadm(u...@foo.local): Error: Opening INBOX failed: Mailbox doesn't
exist: INBOX
doveadm(u...@foo.local): Error: Opening mailbox INBOX failed: Mailbox
doesn't exist: INBOX
doveadm -v force-resync -u u...@foo.local INBOX
doveadm(u...@foo.local): Error: Opening INBOX failed: Mailbox doesn't
exist: INBOX
doveadm(u...@foo.local): Error: Opening mailbox INBOX failed: Mailbox
doesn't exist: INBOX
doveadm mailbox list -u u...@foo.local
Archiv Old
Gesendete Objekte
INBOX
INBOX.old
INBOX.ix
INBOX.ct
INBOX.telepolis
INBOX.bild
INBOX.fotos.highres
INBOX.computerbild
Junk-E-Mail
Trash
Gesendet
System has several hundred users, but this is the only user on which
that happens. Users client is Microsoft Outlook 2003, but there are more
users which are using Microsoft Outlook 2003.
dovecot -n (some parts masked with *** for privacy reasons):
# 2.0.3: /opt/dovecot/etc/dovecot/dovecot.conf
# OS: Linux 2.6.26-2-amd64 x86_64 Debian 5.0.6 xfs
auth_master_user_separator = *
auth_mechanisms = plain login
auth_realms = ***
auth_username_format = %Lu
disable_plaintext_auth = no
first_valid_uid = 124
last_valid_uid = 124
listen = [::], *
log_timestamp = %Y-%m-%d %H:%M:%S
login_greeting = imap4/pop3 ready.
mail_location = maildir:/mail/%d/%u/Maildir
mail_privileged_group = vmail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date imapflags notify
passdb {
args = ***
driver = passwd-file
master = yes
}
passdb {
args = /opt/dovecot/etc/dovecot/dovecot-ldap.conf
driver = ldap
}
plugin {
quota = maildir:User quota
quota_rule = *:storage=500M
quota_rule2 = Trash:storage=+100M
quota_warning = storage=95%% quota-warning 95 %u
quota_warning2 = storage=80%% quota-warning 80 %u
sieve = ~/.dovecot.sieve
sieve_dir = ~/sieve
sieve_extensions = +imapflags +notify
}
protocols = imap pop3 sieve lmtp
service auth {
client_limit = 8000
unix_listener /var/run/dovecot/auth-master {
group = vmail
mode = 0660
user = vmail
}
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
}
user = vmail
}
service imap-login {
process_limit = 1024
}
service imap-postlogin {
executable = script-login /opt/dovecot-cf/lastlogin.sh
user = cadm
}
service imap {
executable = imap imap-postlogin
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0660
user = postfix
}
}
service managesieve-login {
inet_listener sieve-obsolete {
port = 2000
}
inet_listener sieve {
port = 4190
}
process_limit = 1024
}
service pop3-login {
process_limit = 1024
}
service pop3-postlogin {
executable = script-login /opt/dovecot-tools/lastlogin.sh
user = cadm
}
service pop3 {
executable = pop3 pop3-postlogin
}
service quota-warning {
executable = script /opt/dovecot-tools/quota-warning.sh
user = vmail
}
ssl_ca = /opt/dovecot/etc/cacert.pem
ssl_cert = /opt/apache/apache/conf/ssl/cert.crt
ssl_cipher_list = HIGH:MEDIUM:!SSLv2:!ADH:!aNULL:!eNULL:!NULL
ssl_key = /opt/apache/apache/conf/ssl/cert.key
userdb {
args = /opt/dovecot/etc/dovecot/dovecot-ldap.conf
driver = ldap
}
protocol lmtp {
mail_plugins = quota sieve
}
protocol sieve {
managesieve_logout_format = bytes ( in=%i : out=%o )
}
protocol imap {
imap_client_workarounds = tb-extra-mailbox-sep
mail_plugins = quota imap_quota
}
protocol pop3 {
mail_plugins = quota
pop3_uidl_format = %08Xu%08Xv
}
protocol lda {
auth_socket_path = /var/run/dovecot/auth-master
hostname = mail.foo.local
lda_mailbox_autocreate = yes
mail_plugin_dir = /opt/dovecot/lib/dovecot/lda
mail_plugins = $mail_plugins sieve
postmaster_address = postmas...@foo.local
sendmail_path = /usr/lib/sendmail
}
dovecot-ldap.conf omitted, because auth works flawless. Homedir etc.
looks like other users homedirs:
tsnetMailHomeDir: /mail/foo.local/u...@foo.local
tsnetMailMessageStore: /mail/foo.local/u...@foo.local/Maildir
As temporary workaround user set a sieve rule to forward mail to other
account. This Sieve script works.
Is there a way to fix that w/o deleting that mailbox ?
Christian
Re: [Dovecot] Error: Opening INBOX failed: Mailbox doesn't exist: INBOX
Hello Timo, tmp/ was missing. Creating tmp/ and chown/chmod to dovecot user solved doveadm issue. If that user reports successful access to his maildir this issue is definitely solved. I did not delete dovecot.index* files. many thanks to you Christian Am 26.09.2010 19:29, schrieb Timo Sirainen: Does this user have Maildir/cur/, new/ and tmp/ directories? Does it help if you delete Maildir/dovecot.index* files?
[Dovecot] Problems Converting Maildir to mdbox
Hello, I would like to convert all users mail from maildir to mdbox. My Dovecot version is 2.0.1, converted from 1.2.13 but config was rewritten from scratch. http://wiki2.dovecot.org/Migration/MailFormat says following: maildir - mdbox migration. Set mail_location=mdbox:~/mdbox and run doveadm convert -u username maildir:~/Maildir but doveadm does not know a command like convert. Is there a _working_ way to convert maildir to mdbox ? How to do that with all Dovecot mail users (about 1) ? Christian
Re: [Dovecot] v1.2.7 released
Hello Timo,
unfortunally dovecot-1.2.6-managesieve-0.11.9.diff is not applicable to
Dovecot 1.2.7. After patching dovecot-1.2.6-managesieve-0.11.9.diff from:
@@ -619,7 +635,13 @@
*set-imap_capability != '\0' ?
set-imap_capability :
set-imap_generated_capability, NULL));
if (*set-imap_capability != '\0')
env_put(CAPABILITY_STRING_OVERRIDDEN=1);
+ } else if (group-mail_process_type == PROCESS_TYPE_MANAGESIEVE) {
+ env_put(t_strconcat(CAPABILITY_STRING=,
+ set-managesieve_generated_capability, NULL));
+ env_put(t_strconcat(MANAGESIEVE_IMPLEMENTATION_STRING=,
+
set-managesieve_implementation_string, NULL));
}
+
if (*set-login_trusted_networks != '\0') {
env_put(t_strconcat(TRUSTED_NETWORKS=,
set-login_trusted_networks, NULL));
to
@@ -619,9 +635,15 @@
*set-imap_capability != '\0' ?
set-imap_capability :
set-imap_generated_capability, NULL));
if (*set-imap_capability != '\0')
env_put(CAPABILITY_STRING_OVERRIDDEN=1);
+ } else if (group-mail_process_type == PROCESS_TYPE_MANAGESIEVE) {
+ env_put(t_strconcat(CAPABILITY_STRING=,
+ set-managesieve_generated_capability, NULL));
+ env_put(t_strconcat(MANAGESIEVE_IMPLEMENTATION_STRING=,
+
set-managesieve_implementation_string, NULL));
}
+
if (*set-login_trusted_networks != '\0') {
env_put(t_strconcat(TRUSTED_NETWORKS=,
set-login_trusted_networks, NULL));
this patch works with Dovecot 1.2.7.
Christian
Re: [Dovecot] v1.2.4 released
dovecot-1.2-managesieve-0.11.8 fails to compile with dovecot 1.2.4 and sieve 0.1.11, following versions were used: drwxrwxrwx 4 root root 4096 18. Aug 07:31 dovecot-1.2.4 drwxrwxrwx 4 root root 4096 18. Aug 07:34 dovecot-1.2-managesieve-0.11.8 drwxrwxrwx 6 root root 4096 18. Aug 07:33 dovecot-1.2-sieve-0.1.11 config was created as follows: ./configure \ --prefix=/opt/dovecot \ --with-dovecot=/usr/src/dovecot-1.2.4 \ --with-dovecot-sieve=/usr/src/dovecot-1.2-sieve-0.1.11 \ host:/usr/src/dovecot-1.2-managesieve-0.11.8# make make all-recursive make[1]: Entering directory `/usr/src/dovecot-1.2-managesieve-0.11.8' Making all in src make[2]: Entering directory `/usr/src/dovecot-1.2-managesieve-0.11.8/src' Making all in lib-managesieve make[3]: Entering directory `/usr/src/dovecot-1.2-managesieve-0.11.8/src/lib-managesieve' make[3]: Für das Ziel »all« ist nichts zu tun. make[3]: Leaving directory `/usr/src/dovecot-1.2-managesieve-0.11.8/src/lib-managesieve' Making all in lib-sievestorage make[3]: Entering directory `/usr/src/dovecot-1.2-managesieve-0.11.8/src/lib-sievestorage' make[3]: Für das Ziel »all« ist nichts zu tun. make[3]: Leaving directory `/usr/src/dovecot-1.2-managesieve-0.11.8/src/lib-sievestorage' Making all in managesieve make[3]: Entering directory `/usr/src/dovecot-1.2-managesieve-0.11.8/src/managesieve' make[3]: Für das Ziel »all« ist nichts zu tun. make[3]: Leaving directory `/usr/src/dovecot-1.2-managesieve-0.11.8/src/managesieve' Making all in managesieve-login make[3]: Entering directory `/usr/src/dovecot-1.2-managesieve-0.11.8/src/managesieve-login' gcc -DHAVE_CONFIG_H -I. -I../.. -I/usr/src/dovecot-1.2.4 -I/usr/src/dovecot-1.2.4/src/lib -I/usr/src/dovecot-1.2.4/src/lib-auth -I/usr/src/dovecot-1.2.4/src/lib-mail -I/usr/src/dovecot-1.2.4/src/lib-index -I/usr/src/dovecot-1.2.4/src/lib-storage -I/usr/src/dovecot-1.2.4/src/login-common -I../../src/lib-managesieve -I/usr/src/dovecot-1.2-sieve-0.1.11 -I/usr/src/dovecot-1.2-sieve-0.1.11/src/lib-sieve -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -Wstrict-aliasing=2 -MT managesieve-proxy.o -MD -MP -MF .deps/managesieve-proxy.Tpo -c -o managesieve-proxy.o managesieve-proxy.c managesieve-proxy.c:492:40: error: macro login_proxy_new requires 7 arguments, but only 6 given managesieve-proxy.c: In function ‘managesieve_proxy_new’: managesieve-proxy.c:491: warning: assignment from incompatible pointer type make[3]: *** [managesieve-proxy.o] Fehler 1 make[3]: Leaving directory `/usr/src/dovecot-1.2-managesieve-0.11.8/src/managesieve-login' make[2]: *** [all-recursive] Fehler 1 make[2]: Leaving directory `/usr/src/dovecot-1.2-managesieve-0.11.8/src' make[1]: *** [all-recursive] Fehler 1 make[1]: Leaving directory `/usr/src/dovecot-1.2-managesieve-0.11.8' make: *** [all] Fehler 2 host:/usr/src/dovecot-1.2-managesieve-0.11.8# config dovecot 1.2.4: ./configure \ --prefix=/opt/dovecot \ --enable-asserts \ --enable-header-install \ --enable-largefile \ --with-ldap=yes \ --with-zlib \ --with-bzlib \ --with-libcap \ --with-ssl=openssl \ --with-gc \ --with-storages=maildir,mbox,dbox,cydir \ config dovecot-1.2-sieve-0.1.11: ./configure \ --prefix=/opt/dovecot \ --with-dovecot=/usr/src/dovecot-1.2.4 \ Of cource diff for dovecot 1.2.4 was applied. That patch was for 1.2.3, but patch did not complain. Is there any reason not to include that patch into Dovecot with option to select/deselect by configure ? regards Christian Powered bei http://freemail.taunusstein.net
Re: [Dovecot] v1.2.2 released
I experienced a strange effect after updating from 1.2.1 to 1.2.2 with Horde. IMP 4.3.4 had problems with GnuPG handling while Dovecot 1.2.1 was installed, but IMP 4.3.3 had no problems. Now I updated to Dovecot 1.2.2 and IMP 4.3.4 is also running flawless :-) Is that an known issue ? Christian
[Dovecot] Bug in Dovecot Managesieve or Horde ?
Hello,
there is a problem between Dovevot 1.2 Managesieve 0.11.7 and Horde
webmail 1.2.2 (possibly also in 1.2.3) in imap4flags
$ telnet localhost 2000
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
IMPLEMENTATION dovecot
SIEVE fileinto reject envelope encoded-character vacation subaddress
comparator-i;ascii-numeric relational regex imap4flags copy include body
variables enotify environment
SASL PLAIN LOGIN
STARTTLS
NOTIFY mailto
VERSION 1.0
OK taunusstein.net imap4/pop3 ready.
This shows imap4flags, Cyrus sieve shows imapflags instead that. Horde
Ingos does not like that and complains about missing imapflags. Two
small patches in Horde code resolves that, but I do not know if that's
the right way.
cd webmail2/ingo/lib
vi ./Script/sieve.php:
function requires()
{
//return array('imapflags');
return array('imap4flags');
}
vi ./tests/SieveTest.php:
function testBlacklistMarker()
{
$bl = new Ingo_Storage_blacklist(3);
$bl-setBlacklist(array('spam...@example.com'));
$bl-setBlacklistFolder(INGO_BLACKLIST_MARKER);
$this-store($bl);
//$this-assertScript('require imapflags;
$this-assertScript('require imap4flags;
if address :all :comparator i;ascii-casemap :is [From, Sender,
Resent-From] spam...@example.com {
addflag Deleted;
keep;
removeflag Deleted;
stop;
}');
}
After that, Horde Ingo likes Dovecot mailsieve.
Is it a bug of mailsieve ?
Regards
Christian
Re: [Dovecot] Bug in Dovecot Managesieve or Horde ?
Hi Tom, thank you for that hint, before RTFM FTFM (find the manual) is the problem ;-) Obviously a better solution. My patch would be the Horde approach. Reagards Christian Tom Hendrikx schrieb: I guess Horde should be updated to handle different implementations of
[Dovecot] Client Cert Auth Problem
Hello, is there a config possible which supports both of following authentication schemes ? 1st: If user presents a client certificate, he can log in w/o username/password, where user id comes from CN. Accepting any password is not the right solution. 2nd: If user does not present a client certificate, he have to authenticate by username/password. In both cases user data is read from userdb LDAP, which is already working. I was not able to get both auth schemes working at same time. With Postfix such a config is fully operable. regards Christian
Re: [Dovecot] dsync - one or two ways?
Does this mean true multi master operation ? That would make configs with load balancers much easier :-) Timo Sirainen schrieb: dsync in Dovecot v2.0 tree is a new utility for syncing a mailbox in two locations. Some things it can be used for:
[Dovecot] E-Mail Encryption
Hello, I am new to Dovecot but installation was quite easy, so there is one more LDAP authenticated, Dovecot / Postfix mailbox online, but there is one question left: I would like to set up a configuration, which encrypts every user mail with a unique key. If user logs in, private key should be decrypted with user password and every mail user requests should be decrypted with users private key. If a mail comes in, it should be encrypted with users public key. That key pair should be used for that purpose only. Obviously a GnuPG plugin between deliver and rest of Dovecot is needed. best reagrds Christian
Re: [Dovecot] E-Mail Encryption
So I have to inspect zlib plugin (and Dovecot) code ;-) If plugin knows username, it needs a way to get user password in clear text and of course his username to find and decrypt users private key. These items have to be saved in a secure way, while user is logged in. Obviously there are several differences to zlib plugin. If plugin API supports these extra requirements, it should be possible to write such a plugin which will stay compatible to future Dovecot versions. Encryption should be done in deliver tool, so there is no requirement to touch MTA (e.g. Postfix) code. Deliver tool must know dest. mail adress, so it can ask LDAP for the right public key. Does deliver also support plugins ? Christian Timo Sirainen schrieb: Feel free to write such a plugin. :) Decryption could be done the same way as zlib plugin works. Encryption would need a bit more work.
