Change password schema and post-login script
Hello,
Question #1:
For version 2.3.19.1 these commands use BLF-CRYPT, right?
doveadm pw
doveadm pw -s CRYPT
Question #2:
I want to change password schema for current users.
For users using POP3 or IMAP I can do it using a post-login script.
I have some accounts used only to send e-mails using Postfix, so no POP3/IMAP
logins for these accounts.
Is any way to change password schema for these accounts?
My config:
# 2.3.19.1 (9b53102964): /usr/local/etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.19 (4eae2f79)
# OS: FreeBSD 13.1-RELEASE-p2 amd64 zfs
# Hostname: server2.example.com
auth_master_user_separator = *
auth_mechanisms = plain login
auth_verbose = yes
default_process_limit = 225
disable_plaintext_auth = no
first_valid_gid = 0
first_valid_uid = 1001
mail_location =
maildir:/home/mail/%d/%n:INDEX=/tmpfs/dovecot_%u:CONTROL=/var/mail/%d/%n
mail_privileged_group = mail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy
include variables body enotify environment mailbox date index ihave duplicate
mime foreverypart extracttext imapsieve vnd.dovecot.imapsieve
namespace inbox {
inbox = yes
location =
mailbox Drafts {
auto = subscribe
special_use = \Drafts
}
mailbox Junk {
auto = subscribe
special_use = \Junk
}
mailbox Sent {
auto = subscribe
special_use = \Sent
}
mailbox "Sent Messages" {
auto = no
special_use = \Sent
}
mailbox Trash {
auto = subscribe
special_use = \Trash
}
prefix =
}
passdb {
args = /usr/local/etc/dovecot/passwd.master
driver = passwd-file
master = yes
result_success = continue
}
passdb {
args = /usr/local/etc/dovecot/passwd.suspended
deny = yes
driver = passwd-file
}
passdb {
args = /usr/local/etc/dovecot/passwd
driver = passwd-file
}
plugin {
imapsieve_mailbox1_before =
file:/usr/local/lib/dovecot/sieve/report-spam.sieve
imapsieve_mailbox1_causes = COPY
imapsieve_mailbox1_name = Junk
imapsieve_mailbox2_before = file:/usr/local/lib/dovecot/sieve/report-ham.sieve
imapsieve_mailbox2_causes = COPY
imapsieve_mailbox2_from = Junk
imapsieve_mailbox2_name = *
quota = maildir:User quota
quota_max_mail_size = 100M
quota_rule = *:storage=2048M
quota_status_nouser = DUNNO
quota_status_overquota = 552 5.2.2 Mailbox is full
quota_status_success = DUNNO
quota_warning = storage=80%% quota-warning 80 %u
sieve = file:~/sieve;active=~/sieve.active
sieve_before = /usr/local/lib/dovecot/sieve/antispam.sieve
sieve_global_extensions = +vnd.dovecot.pipe
sieve_pipe_bin_dir = /usr/local/lib/dovecot/sieve
sieve_plugins = sieve_imapsieve sieve_extprograms
}
protocols = imap pop3 lmtp sieve
service auth {
client_limit = 1125
unix_listener auth-client {
group = postfix
mode = 0660
user = postfix
}
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0600
user = postfix
}
}
service managesieve-login {
inet_listener sieve {
address = 127.0.0.1
port = 4190
}
}
service quota-status {
client_limit = 1
executable = quota-status -p postfix
inet_listener {
port = 12340
}
}
service quota-warning {
executable = script /root/cretapanel/quota-warning.sh
unix_listener quota-warning {
mode = 0666
user = dovecot
}
}
ssl_cert =
Re: IMAP Migration Tools
> On 28 Nov 2019, at 18:21, Dean via dovecot wrote: > > On 2019-11-28 10:47 am, Julian Kippels via dovecot wrote: >> Hi, >> I am looking for tools to migrate Mails from one IMAP-Server to >> another. Until now I have always used imapsync, but it seems very >> slow. Even over a 2x10GB/s connection I only get speeds of about >> 600KiB/s, because the programm always pauses betweeen every single >> mail. >> Does anyone here have a suggestion for an alternative? > > Take a look at mbsync (isync). Very flexible and quite fast. I've also used > offlineimap for a long time. > > DC Here is an .offlineimaprc example : [general] accounts = main [Account main] localrepository = dstAccount remoterepository = sourceAccount [Repository sourceAccount] type = IMAP remotehost = old.server.hostname.com remoteuser = o...@example.com remotepass = oldpass ssl = no readonly = true [Repository dstAccount] type = IMAP remotehost = new.server.hostname.com remoteuser = n...@example.com remotepass = newpass ssl = no
Dovecot v2.3.7 - TLS/SSL issue
I use a helpdesk system that connects to dovecot using POP3 with SSL enabled to fetch the e-mails. After I upgrade to v2.3.7 the helpdesk randomly (some times it works, some times not) doesn't fetch the e-mails. If I configure the e-mail accounts with SSL/TLS disabled then it works. Any idea about this?
dovecot-uidlist path
When I use this: mail_location = maildir:/home/mail/%d/%n the dovecot-uidlist file is located in: /home/mail/example.com/user/dovecot-uidlist But when I change it to: mail_location = maildir:/home/mail/%d/%n:CONTROL=/var/mail/%d/%n then it's stored in: /var/mail/example.com/user/.INBOX/dovecot-uidlist Any idea why is not stored in: /var/mail/example.com/user/dovecot-uidlist ?
dovecot lmtp and drop privileges to specific user
Is it possible when dovecot LMTP to drop privileges to a specific user instead of the e-mail account user?
Re: 2.3.1 with quota and lmtp; message may be sent more than once
I had the same problem and the only workaround I found was to change this to
postfix main.cf :
default_destination_recipient_limit = 1
> On 1 May 2018, at 11:12, Frank Ebert wrote:
>
> Hi,
>
> I have another problem with dovecot 2.3.1 on FreeBSD (smtpd is postfix
> 3.3.0). When one mail is sent with different recipients and the quota
> limit of one user is exceeded, the message will be delivered repeatedly
> to all users. The queue from postfix says:
>
> (lost connection with mailserver.foo.bar[private/lmtp-dovecot] while
> sending end of data -- message may be sent more than once)
>
> The problem started with dovecot 2.3.1. With 2.2.3x everything was fine.
>
> Any ideas?
>
> Thanx
> Frank
>
> doveconf -n:
>
> auth_mechanisms = plain login
> auth_use_winbind = yes
> auth_winbind_helper_path = /usr/local/bin/ntlm_auth
> disable_plaintext_auth = no
> info_log_path = /var/log/dovecot
> listen = *
> mail_location = mdbox:~/mdbox
> mail_plugins = zlib quota acl mail_log notify
> managesieve_notify_capability = mailto
> managesieve_sieve_capability = fileinto reject envelope
> encoded-character vacati on subaddress comparator-i;ascii-numeric
> relational regex imap4flags copy includ e variables body enotify
> environment mailbox date index ihave duplicate mime for everypart
> extracttext
> namespace {
> location = mdbox:/home/vmail/foo.domain/foo/mdbox
> prefix = Foo/
> separator = /
> subscriptions = yes
> type = public
> }
> namespace {
> location = mdbox:/home/vmail/bar.domain/bar/mdbox
> prefix = Bar/
> separator = /
> subscriptions = yes
> type = public
> }
> namespace {
> location = mdbox:/home/vmail/foobar.domain/foobar/mdbox
> prefix = Foobar/
> separator = /
> subscriptions = yes
> type = public
> }
> namespace inbox {
> inbox = yes
> location =
> mailbox Drafts {
> auto = subscribe
> special_use = \Drafts
> }
> mailbox Junk {
> special_use = \Junk
> }
> mailbox Sent {
> auto = subscribe
> special_use = \Sent
> }
> mailbox "Sent Messages" {
> special_use = \Sent
> }
> mailbox Trash {
> auto = subscribe
> special_use = \Trash
> }
> prefix = INBOX/
> separator = /
> }
> passdb {
> args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext
> driver = ldap
> }
> plugin {
> acl = vfile:/usr/local/etc/dovecot/global-acls
> acl_shared_dict = file:/var/lib/dovecot/shared-mailboxes
> mail_log_events = flag_change delete undelete expunge copy
> mailbox_delete mail box_rename
> mail_log_fields = uid box msgid size flags
> quota = dict:User quota::file:%h/dovecot-quota
> quota_warning = storage=95%% quota-warning 95 %u
> quota_warning2 = storage=80%% quota-warning 80 %u
> sieve = ~/.dovecot.sieve
> sieve_dir = ~/sieve
> stats_command_min_time = 1 mins
> stats_domain_min_time = 12 hours
> stats_ip_min_time = 12 hours
> stats_memory_limit = 16 M
> stats_refresh = 30
> stats_session_min_time = 15 mins
> stats_track_cmds = yes
> stats_user_min_time = 1 hours
> zlib_save = gz
> zlib_save_level = 6
> }
> postmaster_address = postmas...@foo.bar
> protocols = imap lmtp sieve
> service auth {
> unix_listener /var/spool/postfix/private/auth {
> mode = 0666
> }
> unix_listener auth-userdb {
> group = vmail
> user = vmail
> }
> }
> service lmtp {
> unix_listener /var/spool/postfix/private/lmtp-dovecot {
> group = postfix
> user = postfix
> }
> }
> service managesieve-login {
> inet_listener sieve {
> port = 4190
> }
> process_min_avail = 0
> service_count = 0
> }
> service managesieve {
> process_limit = 1024
> }
> service quota-warning {
> executable = script /usr/local/bin/quota-warning.sh
> unix_listener quota-warning {
> user = vmail
> }
> user = vmail
> }
> service stats {
> fifo_listener stats-mail {
> mode = 0600
> user = vmail
> }
> }
> ssl_cert = ssl_dh = # hidden, use -P to show it
> ssl_key = # hidden, use -P to show it
> userdb {
> driver = prefetch
> }
> userdb {
> args = /usr/local/etc/dovecot/dovecot-ldap-userdb.conf.ext
> driver = ldap
> }
> protocol lmtp {
> mail_plugins = zlib quota acl mail_log notify sieve
> }
> protocol lda {
> mail_plugins = zlib quota acl mail_log notify sieve
> }
> protocol imap {
> mail_plugins = zlib quota acl mail_log notify imap_zlib imap_quota
> imap_acl }
Re: lost connection while sending end of data error
# 2.3.1 (8e2f634): /usr/local/etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.1 (d9bc6dfe)
# OS: FreeBSD 11.1-RELEASE-p8 amd64 ufs
# Hostname: server2.example.com
auth_mechanisms = plain login
auth_verbose = yes
disable_plaintext_auth = no
first_valid_gid = 0
first_valid_uid = 1001
mail_location = maildir:/home/mail/%d/%n:INDEX=/tmpfs/dovecot_%u
mail_privileged_group = mail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy
include variables body enotify environment mailbox date index ihave duplicate
mime foreverypart extracttext imapsieve vnd.dovecot.imapsieve
namespace inbox {
inbox = yes
location =
mailbox Drafts {
auto = subscribe
special_use = \Drafts
}
mailbox Junk {
auto = subscribe
special_use = \Junk
}
mailbox Sent {
auto = subscribe
special_use = \Sent
}
mailbox "Sent Messages" {
auto = no
special_use = \Sent
}
mailbox Trash {
auto = subscribe
special_use = \Trash
}
prefix =
}
passdb {
args = /usr/local/etc/dovecot/passwd.suspended
deny = yes
driver = passwd-file
}
passdb {
args = /usr/local/etc/dovecot/passwd
driver = passwd-file
}
plugin {
imapsieve_mailbox1_before =
file:/usr/local/lib/dovecot/sieve/report-spam.sieve
imapsieve_mailbox1_causes = COPY
imapsieve_mailbox1_name = Junk
imapsieve_mailbox2_before = file:/usr/local/lib/dovecot/sieve/report-ham.sieve
imapsieve_mailbox2_causes = COPY
imapsieve_mailbox2_from = Junk
imapsieve_mailbox2_name = *
quota = maildir:User quota
quota_max_mail_size = 100M
quota_rule = *:storage=2048M
quota_status_nouser = DUNNO
quota_status_overquota = 552 5.2.2 Mailbox is full
quota_status_success = DUNNO
quota_warning = storage=80%% quota-warning 80 %u
sieve = file:~/sieve;active=~/sieve.active
sieve_before = /usr/local/lib/dovecot/sieve/antispam.sieve
sieve_global_extensions = +vnd.dovecot.pipe
sieve_pipe_bin_dir = /usr/local/lib/dovecot/sieve
sieve_plugins = sieve_imapsieve sieve_extprograms
}
protocols = imap pop3 lmtp sieve
service auth {
unix_listener auth-client {
group = postfix
mode = 0660
user = postfix
}
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0600
user = postfix
}
}
service managesieve-login {
inet_listener sieve {
address = 127.0.0.1
port = 4190
}
}
service quota-status {
client_limit = 1
executable = quota-status -p postfix
inet_listener {
port = 12340
}
}
service quota-warning {
executable = script /root/cretapanel/quota-warning.sh
unix_listener quota-warning {
mode = 0666
user = dovecot
}
}
ssl_cert = On 23 Apr 2018, at 16:24, Stephan Bosch wrote:
>
> What is your configuration (`dovecot -n`)?
>
>
> Op 19-4-2018 om 20:45 schreef Christos Chatzaras:
>> I use dovecot-lmtp and postfix. When I send e-mail to 2 recipients (or more)
>> at the same time and if one of them is over quota (or under quota and the
>> message I send is bigger than his free space) mailq shows:
>>
>> -Queue ID- --Size-- Arrival Time -Sender/Recipient---
>> 20B03336F2226099 Thu Apr 19 18:02:47 supp...@example.com
>> (lost connection with server25.example.org[private/dovecot-lmtp] while
>> sending end of data -- message may be sent more than once)
>> us...@example.com
>> us...@example.com
>>
>> E-mails sent from the same domain on same server so it's a local delivery.
>>
>> If I send the e-mail to the over quota user ( only him on To: ) then I get a
>> bounce that says that user is over quota which is the correct behaviour.
>>
>> I think the problem started after I upgrade dovecot-2.2.35 to dovecot-2.3.1.
>>
>> Is this a known bug?
>
Re: lost connection while sending end of data error
By changing the postfix main.cf setting from the default: default_destination_recipient_limit = 50 to: default_destination_recipient_limit = 1 it solve the issue. Do you think it's a postfix issue so I have to use their mailing list? > On 19 Apr 2018, at 21:45, Christos Chatzaras wrote: > > I use dovecot-lmtp and postfix. When I send e-mail to 2 recipients (or more) > at the same time and if one of them is over quota (or under quota and the > message I send is bigger than his free space) mailq shows: > > -Queue ID- --Size-- Arrival Time -Sender/Recipient--- > 20B03336F2226099 Thu Apr 19 18:02:47 supp...@example.com > (lost connection with server25.example.org[private/dovecot-lmtp] while > sending end of data -- message may be sent more than once) >us...@example.com >us...@example.com > > E-mails sent from the same domain on same server so it's a local delivery. > > If I send the e-mail to the over quota user ( only him on To: ) then I get a > bounce that says that user is over quota which is the correct behaviour. > > I think the problem started after I upgrade dovecot-2.2.35 to dovecot-2.3.1. > > Is this a known bug?
lost connection while sending end of data error
I use dovecot-lmtp and postfix. When I send e-mail to 2 recipients (or more) at the same time and if one of them is over quota (or under quota and the message I send is bigger than his free space) mailq shows: -Queue ID- --Size-- Arrival Time -Sender/Recipient--- 20B03336F2226099 Thu Apr 19 18:02:47 supp...@example.com (lost connection with server25.example.org[private/dovecot-lmtp] while sending end of data -- message may be sent more than once) us...@example.com us...@example.com E-mails sent from the same domain on same server so it's a local delivery. If I send the e-mail to the over quota user ( only him on To: ) then I get a bounce that says that user is over quota which is the correct behaviour. I think the problem started after I upgrade dovecot-2.2.35 to dovecot-2.3.1. Is this a known bug?
issue with sieve forwarding after upgrade to 0.5.1
Finally I found a workaround to not depend on sendmail to forward messages using sieve: In postfix main.cf I have: authorized_submit_users = root, filter (I want only root and filter to use sendmail and block other users to send e-mails from system accounts. Only allow users to send e-mails from virtual accounts and after smtp authentication. Username filter is used for bogofilter and needs access to sendmail) And in dovecot.conf: submission_host = 138.201.248.xxx The same workaround maybe works for NoNewPrivileges too as the authorized_submit_users setting in postfix has similar result.
Re: issue with sieve forwarding after upgrade to 0.5.1
It's similar issue but not the same. In my postfix main.cf I use: authorized_submit_users = root, filter to block users with shell access to send e-mails. I want only users root and filter to be able to send directly without using SMTP authentication. If I remove "authorized_submit_users = root, filter" then it works. The question is if something changed between postfix 2.2 and 2.3.1 which requires to drop privileges from root to user. > On 4 Apr 2018, at 12:25, B. Reino wrote: > > On 2018-04-04 11:02, Christos Chatzaras wrote: > >> Thank you for your reply. I use FreeBSD so no changes on the OS before and >> after the dovecot/pigeonhole updates. >> > Oops. I guess I assume everyone uses Linux (and Debian at that.. :) > > I don't know how dovecot is set-up with FreeBSD. The error you showed was > similar (or the same, I don't know anymore) to the one I had when I upgraded > to 2.3.1 on Debian, the root cause of which was the new restriction > disallowing dovecot to get new privileges (which meant it could not run > postdrop as root, despite being setuid). > > .. but for FreeBSD, I'll have to pass.. :) > > Good luck! > > >
Re: issue with sieve forwarding after upgrade to 0.5.1
Thank you for your reply. I use FreeBSD so no changes on the OS before and after the dovecot/pigeonhole updates. > On 4 Apr 2018, at 08:54, B. Reino wrote: > > Hello, > > The new systemd service file has NoNewPrivileges set to true. You need to > override that to false and then it should work again. > > (if you need help with that ask again.. I'm on the train now so I can't write > much comfortably..) > > Cheers. > > On April 3, 2018 10:25:22 PM GMT+02:00, Christos Chatzaras > wrote: > Hello, > > After I upgrade dovecot 2.2.35 to 2.3.1 and pigeonhole 0.4.23 to 0.5.1 when > I use sieve to forward a message to other address using "redirect :copy" I > get this: > > (host server1.myserver.com > <http://server1.myserver.com/>[private/dovecot-lmtp] said: 451 4.2.0 > mailto:ch...@mydomain.com>> Execution of Sieve filters > was aborted due to temporary failure (in reply to end of DATA command)) > > And in sieve log I see: failed to redirect message to <mailto:ch...@mydomain.com>>: Sendmail program returned error (temporary > failure). > > Any idea what is wrong? > > Kind regards, > Christos Chatzaras
Re: issue with sieve forwarding after upgrade to 0.5.1
Here are some logs: Apr 3 23:25:35 server1 dovecot: lmtp(ch...@coderz.gr)<47735>: program `/usr/sbin/sendmail' terminated with non-zero exit code 75 Apr 3 23:25:35 server1 dovecot: lmtp(ch...@coderz.gr)<47735>: Error: sieve: msgid=: failed to redirect message to : Sendmail program returned error (temporary failure) In my postfix main.cf I have this: authorized_submit_users = root, filter When I change it to: authorized_submit_users = root, filter, myUserName where myUserName is the username that owns the mailbox it works. So I guess that something changed to dovecot between 2.2.35 and 2.3.1 and is not related to pigeonhole. > On 3 Apr 2018, at 23:25, Christos Chatzaras wrote: > > Hello, > > After I upgrade dovecot 2.2.35 to 2.3.1 and pigeonhole 0.4.23 to 0.5.1 when > I use sieve to forward a message to other address using "redirect :copy" I > get this: > > (host server1.myserver.com > <http://server1.myserver.com/>[private/dovecot-lmtp] said: 451 4.2.0 > mailto:ch...@mydomain.com>> Execution of Sieve filters > was aborted due to temporary failure (in reply to end of DATA command)) > > And in sieve log I see: failed to redirect message to <mailto:ch...@mydomain.com>>: Sendmail program returned error (temporary > failure). > > Any idea what is wrong? > > Kind regards, > Christos Chatzaras
issue with sieve forwarding after upgrade to 0.5.1
Hello, After I upgrade dovecot 2.2.35 to 2.3.1 and pigeonhole 0.4.23 to 0.5.1 when I use sieve to forward a message to other address using "redirect :copy" I get this: (host server1.myserver.com <http://server1.myserver.com/>[private/dovecot-lmtp] said: 451 4.2.0 mailto:ch...@mydomain.com>> Execution of Sieve filters was aborted due to temporary failure (in reply to end of DATA command)) And in sieve log I see: failed to redirect message to mailto:ch...@mydomain.com>>: Sendmail program returned error (temporary failure). Any idea what is wrong? Kind regards, Christos Chatzaras
