real duplicates of some e-mails / dovecot-2.3.19

[Götz Reinicke]

Hi,

we have the issue, that some(!) e-mails we receive are duplicated when 
processed by dovecot and stored to the users inbox.

The mails are binary identical, same message ID, same size etc. diff sees no 
difference ….

For now we only see that it happens do small mails max. +- 5k in size.

And in dose not happen for all mails, but some are spam, some are internal 
mails some are newsletter which are expected…. and it happens for different 
users.

Dose anyone have/had a similar issue?

Any suggestion or idea would be helpful. Thanks . Götz

smime.p7s
Description: S/MIME cryptographic signature

Re: CVE-2021-33515: SMTP Submission service STARTTLS injection

[Götz Reinicke]

> Am 22.06.2021 um 11:11 schrieb li...@lazygranch.com:
> 
> 
> 
> On Mon, 21 Jun 2021 13:51:30 +0200
> Timo Sirainen  wrote:
> 
>> Open-Xchange Security Advisory 2021-06-21
>> 
>> Product: Dovecot
>> Vendor: OX Software GmbH
>> Internal reference: DOV-4583 (Bug ID)
>> Vulnerability type: CWE-74: Failure to Sanitize Data into a Different
>> Plane ('Injection') Vulnerable version: 2.3.0-2.3.14
>> Vulnerable component: submission
>> Report confidence: Confirmed
>> Solution status: Fixed by Vendor
>> Fixed version: 2.3.14.1
>> Vendor notification: 2021-05-21
>> Solution date: 2021-05-22
>> Public disclosure: 2021-06-21
>> CVE reference: CVE-2021-33515
>> CVSS: 4.2 (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N)
>> Researcher credit: Fabian Ising and Damian Poddebniak of Münster
>> University of Applied Sciences
>> 
>> Vulnerability Details:
>> 
>> On-path attacker could inject plaintext commands before STARTTLS
>> negotiation that would be executed after STARTTLS finished with the
>> client. Only the SMTP submission service is affected.
>> 
>> Risk:
>> 
>> Attacker can potentially steal user credentials and mails. The
>> attacker needs to have sending permissions on the submission server
>> (a valid username and password).
>> 
>> Workaround:
>> 
>> None.
>> 
>> Solution:
>> 
>> Operators should update to 2.3.14.1 or later version.
>> 
> 
> Centos 7 has no repo with 2.3.15. I am using 2.2.36 (1f10bfa63). Is
> this OK?
> 

check https://repo.dovecot.org

/Götz

smime.p7s
Description: S/MIME cryptographic signature

Re: Is is possible to log TLS client versions - Solved

[Götz Reinicke]

> Am 13.12.2019 um 15:08 schrieb Alexander Dalloz :
> 
> Am 13.12.2019 um 15:00 schrieb Götz Reinicke:
>> Hi, is it possible to log the version of TLS a clients is using to connect 
>> to dovecot?
>> I’v not found any switch to do that.
>>  Thanks and regards . Götz
> 
> 
> Not sure why you haven't found

I’d guess I was looking for a log-option not the log format. :-/

Lesson learned.

Thanks very much! /Götz



smime.p7s
Description: S/MIME cryptographic signature

Is is possible to log TLS client versions

[Götz Reinicke]

Hi, is it possible to log the version of TLS a clients is using to connect to 
dovecot?

I’v not found any switch to do that.

Thanks and regards . Götz




smime.p7s
Description: S/MIME cryptographic signature

Re: Dovecot and Solr on the same server or on different

[Götz Reinicke via dovecot]

Hi Christian,

> Am 20.06.2019 um 18:05 schrieb Christian Kivalo via dovecot 
> :
> 
> 
> 
>> So if dovecot and Solr are good with a host each, I m fine with
>> managing two VMs.
> They do. I'm using such a setup for some years now.

May be you you could give me some suggestions on how to proceed after having 
the Solr up and running?

What is the best procedure to move all mailbox search index from the current 
(old) style to Solr?

Like: doveadm index -A -q '*'

May I adjust some Sorl defaults for memory/cahces etc to suite my setup?

Thanks fro feedback and regards . Götz

smime.p7s
Description: S/MIME cryptographic signature

Re: Dovecot and Solr on the same server or on different

[Götz Reinicke via dovecot]

> Am 21.06.2019 um 00:13 schrieb @lbutlr via dovecot :
> 
> On 20 Jun 2019, at 07:45, Götz Reinicke via dovecot  
> wrote:
>> Yes, we are on VMs. Of course I could extend the resources for the dovecot 
>> VM (more CPU, more RAM) but as mentioned having separate VMs/systems is in 
>> some situations the preferred way.
> 
> Yep, that totally makes sense. I am Old™ and still think of “server” as a 
> physical box sitting in a rack.

For me, it is often a „it depends, if …“. Take my current setup. I want to add 
Solr to a up-and-running dovecot system. In my VM I would have to add CPU and 
RAM, which I just can when rebooting the dovecot server. This is a (little) 
downtime, but is is a downtime.

So adding a Solr VM is currently the better choice regarding the uptime.

Thanks for your feedback and regards . Götz




smime.p7s
Description: S/MIME cryptographic signature

Re: Dovecot and Solr on the same server or on different

[Götz Reinicke via dovecot]

> Am 20.06.2019 um 12:27 schrieb @lbutlr via dovecot :
> 
> On 20 Jun 2019, at 04:12, Riccardo Bicelli via dovecot  
> wrote:
>> I agree that is a small mail load.
>> But I mean, if you are running virtual machines (like me)  it is
>> better to split the roles and leave solr on its own.
> 
> Oh, right. I thought we were talking about actual hardware separation.

Hi and thanks for all feedback.

Yes, we are on VMs. Of course I could extend the resources for the dovecot VM 
(more CPU, more RAM) but as mentioned having separate VMs/systems is in some 
situations the preferred way.

So if dovecot and Solr are good with a host each, I m fine with managing two 
VMs.

Regards . Götz




smime.p7s
Description: S/MIME cryptographic signature

Dovecot and Solr on the same server or on different

[Götz Reinicke via dovecot]

Hi.

what would you suggest? What are the pros and cons  for having dovecot and Solr 
on the same or different hots?

I have about 800 accounts, some millions of mails and about 2 TB of zipped 
mails.

From the recent experiences regarding maintenance I’d prefer different hosts 
for each.

Thanks for suggestions and feedback . Götz

smime.p7s
Description: S/MIME cryptographic signature

Confusing search / caps - non caps different results

[Götz Reinicke]

Hi,

I have some troubles with searching and could not find an answer yet.  The 
search term is „istop“ in the subject. The client was SOGo.

We run the recent dovecot, with solr backend and milder with zlib compression.

Searching for all small letters „istop“ shows up no hit.

Searching with a capital „S“ „iStop“ shows all messages back 10 years ago.

Sprachig for „istopmotion“ all messages show up, wether the subject contains 
caps or non caps at all.

I did a telnet to our dovecot and searched by hand for all three terms:

8 search Subject istop   
* SEARCH
8 OK Search completed (0.025 + 0.000 + 0.022 secs).

9 search subject iStop
* SEARCH 544 604 654 662 910 1394 1471 1474 5493
9 OK Search completed (0.028 + 0.000 + 0.023 secs).

10 search subject istopmotion
* SEARCH 544 604 654 662 910 1471 1472 1474 5493
10 OK Search completed (0.027 + 0.000 + 0.023 secs).


Any hints or suggestion is welcome as I m very confused and lost. 
Thanks and regards . Götz




smime.p7s
Description: S/MIME cryptographic signature

Optimizing search performance for mobile devices / web mailer / general - solr plugin config

[Götz Reinicke]

Hi all,

we run dovecot for a long time now with no complains from the users … until 
this week. Some users say, the search in mailfolders from iPhone (which only 
stores a few mails and search most on the server as I know) or our web mailer 
(SOGo, which I currently search also on the imap server) is „slow“.

As this is sort of individual experience, I was thinking of ways to speed up 
the search and came across the fts_solr plugin.

My question is, can I „just“ configure the its_solg plugin as described at the 
dovecot wiki? https://wiki.dovecot.org/Plugins/FTS/Solr 


How difficult is is to set up a solr server for that purpose? As our current 
mail hardware is not busy at all, is it ok to install Solr on the same 
hardware/server?

May be someone using that setup can give me some hints?

And: How hard is it to switch back to the „build in“ default search if we don’t 
see any benefit from hosting a solr server too.


Thanks for feedback and suggestions . Regards . Götz




smime.p7s
Description: S/MIME cryptographic signature

rescann / reindex / rebuild a subfolder structure

[Götz Reinicke - IT Koordinator]

Hi,

an user is missing all mail from a folder and all subfolders which are 
still saved in the users maildir directory on the dovecot server.


From an imap client she sees the main folder but empty. No subfolders.

She told me with an other imap client and a new created account she has 
the same problem.


Question: Can I resync / regenerate some folder... index 
something-files from the dovecot side?


Thanks for hints and regards . Götz





smime.p7s
Description: S/MIME Cryptographic Signature

help needed configuration of quota warning mails

[Götz Reinicke]

Hi,

we run dovecot 2.2.24 and from what I see, quota management with warning 
message is configured currently with "noenforcing".

Our individual quota limit is stored in the users ldap DN which is fetched as I 
see from the logs and by "doveadm quota get -u"

I tried to trigger the warning mail by going over the limit on my account step 
by step and can see that values are counted with the command above and in 
thunderbird by showing the orange and than red warning symbol at the bottom for 
me.

But the warning mail script is not triggert. How may I debug this?

/usr/local/bin/quota-warning.sh is owned currently by vmail and executable by 
vmail.


Thanks for feedback and suggestion . /Götz

Re: Login just at special timeslots / working hours

[Götz Reinicke - IT Koordinator]

Hi thanks,

Am 27.09.16 um 17:07 schrieb Tom Hendrikx:
>
> On 27-09-16 17:03, Aki Tuomi wrote:
>>> On September 27, 2016 at 5:42 PM Götz Reinicke - IT Koordinator 
>>> <goetz.reini...@filmakademie.de> wrote:
>>>
>>>
>>> Hi,
>>>
>>> is there a dovecot feature I did not found yet, which can limit the
>>> access to the server to special timeslots like working hours?
>>>
>>> Or is that a serverside / sssd / auth / pam / account feature?
>>>
>>> Thanks for hints to some helpfull documentation and sugesstions.
>>>
>>> Regards . Götz
>>>
>>>
>> At least this is doable with PAM. See 
>> http://www.linux-pam.org/Linux-PAM-html/sag-pam_time.html
>>
>> Aki
>>
>
> You could also use http://wiki.dovecot.org/PostLoginScripting . There is
> a nice example named 'Denying connection from some IP/User'.
>
> Regards,
>   Tom

the PostLoginScripting looks like the best option right now. Our Users
aren't authenticated by pam on the dovecot server, so I'll check the script.

Regards . Götz





smime.p7s
Description: S/MIME Cryptographic Signature

Login just at special timeslots / working hours

[Götz Reinicke - IT Koordinator]

Hi,

is there a dovecot feature I did not found yet, which can limit the
access to the server to special timeslots like working hours?

Or is that a serverside / sssd / auth / pam / account feature?

Thanks for hints to some helpfull documentation and sugesstions.

Regards . Götz





smime.p7s
Description: S/MIME Cryptographic Signature

Error: Timeout (180s) while waiting for lock for transaction log file dovecot.index.log

[Götz Reinicke - IT Koordinator]

Hi,

our maildir store is on a NFS share which was working fine for some time
with the recommended setting from the dovecot wiki; suddenly today i got
informed that one user has login problems to his mails and I have some
messages in the logs:

Error: Timeout (180s) while waiting for lock for transaction log file
../Maildir/dovecot.index.log

My current guess is a hick up in the network during a router
configuration this weekend.

My question:

How to solve the problem? I can restart the nfs service/server later
this day, as well as the mailserver ... as there is a kernel update too.

Do I have to initiate some resync or deletion of index or whatsoever files?

Thanks for any feedback and regards . Götz





smime.p7s
Description: S/MIME Cryptographic Signature

Re: any news Enterprise Repository Access?

[Götz Reinicke - IT Koordinator]

Am 26.07.16 um 21:12 schrieb Alexander Dalloz:
> Am 26.07.2016 um 14:41 schrieb Sami Ketola:
>>
>>> On 26 Jul 2016, at 09:18, Götz Reinicke - IT Koordinator
>>> <goetz.reini...@filmakademie.de> wrote:
>>>
>>> Hi,
>>> we had access to the repository and it was working fine. But as we cant
>>> get the 2.2.25 update I was looking into the repofolders and there are
>>> RPMs "just" for RHEL 6// but not 5 any more.
>>>
>>> My be I missed the latest discussions or announcements? Could you give
>>> me an update on information and may be the RHEL 5 RPMs too?
>>>
>>> Thanks a lot and regards . Götz
>>
>>
>> Dovecot EE build support for RHEL 5 / CentOS 5 is going away soon
>> even if we still made one more build for CentOS 5. Please upgrade
>> your system.
>>
>> Sami
>
> Not only because of dovecot
>
> [21:09:27 CEST]  CentOS 5 will go EOL on 31 March, 2017 -- in
> 35 weeks, 2 days, 4 hours, 50 minutes, and 47 seconds but be aware
> that it is now in production phase 3 and only receives critical updates
>
> Alexander
Thx for your both feedback, and yes, it is EOL but as you mentioned in
35+ weeks. O.K. Redhat never did a dovecot update to the current version
and as a lot of customers we think the update policy for some software
should be changed too to support more modern versions of "core" server
services. But that's not a dovecot topic ;)

That dovecot offers still  EE build for free is great, but a road map on
what the future subscription plans are would be nice; e.g low cost fee
for just the repos, higher fees for support etc. That's what I missed.

Regards . Götz



 



smime.p7s
Description: S/MIME Cryptographic Signature

any news Enterprise Repository Access?

[Götz Reinicke - IT Koordinator]

Hi,
we had access to the repository and it was working fine. But as we cant
get the 2.2.25 update I was looking into the repofolders and there are
RPMs "just" for RHEL 6// but not 5 any more.

My be I missed the latest discussions or announcements? Could you give
me an update on information and may be the RHEL 5 RPMs too?

Thanks a lot and regards . Götz





smime.p7s
Description: S/MIME Cryptographic Signature

quota config - when is the warning messag send?

[Götz Reinicke - IT Koordinator]

Hi,

we run dovecot 2.2.24 and from what I see, quota management with warning
message is configured currently with "noenforcing".

Our individual quota limit is stored in the users ldap DN which is
fetched as I see from the logs and by "doveadm quota get -u"

I tried to trigger the warning mail by going over the limit on my
account step by step and can see that values are counted with the
command above and in thunderbird by showing the orange and than red
warning symbol at the bottom for me.

But the warning mail script is not triggert. How may I debug this?

from 90-quota.conf:

service quota-warning {
  executable = script /usr/local/bin/quota-warning.sh
  user = vmail # dovecot
  unix_listener quota-warning {
user = vmail
  }
}

/usr/local/bin/quota-warning.sh is owned currently by vmail and
executable by vmail.


Thanks for feedback and suggestion . /Götz




smime.p7s
Description: S/MIME Cryptographic Signature

Suggestions? Moving maildir to new storage and may be switch to mdbox

[Götz Reinicke - IT Koordinator]

Hi,

we got a new storage for our mails and now we think about the best way
to use it.

Currently about 1TB is stored in maildirs, some mail has been moved to
client side local storage temporarily to get space on the old storage.

I think of different options, some downtime in mind:

a) stay with maildir and just rsync/move all mail to the new storage,
mount the new storage at the old mountpoint (or may be new mountpoint
and edit the dovecot config).

b) "dsync backup" users maildir to mdboxes at a temp mountpoint and
change the dovecot config afterwords.

c) your suggestions or best practice


Thanks for feedback . Götz





smime.p7s
Description: S/MIME Cryptographic Signature

Re: Mailboxes on NFS or iSCSI

[Götz Reinicke - IT Koordinator]

Hi,

Am 22.06.16 um 16:40 schrieb Miloslav Hůla:
> Hello,
>
> we are running Dovecot (2.2.13-12~deb8u1) on Debian stable. Configured
> with Mailbox++, IMAP, POP3, LMTPD, Managesieved, ACL. Mailboxes are on
> local 1.2TB RAID, it's about 5310 accounts.
>
> We are slowly getting out of space and we are considering to move
> Mailboxes onto Netapp disk array with two independent network
> connections.
>
> Are there some pitfalls? Not sure we should use NTP or iSCSI mounts
> (both open implementations are not so shiny).
>
> Thanks for sharing any experiences.

have a look at my question and the answers from the yesterday posting
"Storage upgrade maildir suggestions". May be they help you too.

Regards . Götz





smime.p7s
Description: S/MIME Cryptographic Signature

Re: Storage upgrade maildir suggestions?

[Götz Reinicke - IT Koordinator]

Hi Daniel,

thanks for your feedback. Adding more disks is adding a new shelf as all
slots are in use and this is a sun/intel server with all slots already
in use.

Ceph is our goal for this year for some filestorages but for mail I'll
need space now xD ... O.K. I'll check some storage with a bigger disk;
may be some small "iscsi-box".

Regards . Götz

Am 21.06.16 um 21:53 schrieb Daniel van Ham Colchete:
> Gotz,
>
> at that level of usage I would just add more drives. Working with
> NFS/clustering is not worth it when you are at that level. In the following
> months I'll send a e-mail to the list here talking about how I'm using Ceph
> FS successfully with Dovecot, but it's a lot of trouble. At the 1TB/2TB/4TB
> level, just go out and buy a bigger disk.
>
> As a side note, with too may emails it is always a problem to have too many
> small files. I would recommend taking a look at mdbox.
>
> Best,
> Daniel Colchete
>
> On Tue, Jun 21, 2016 at 4:17 AM, Götz Reinicke - IT Koordinator <
> goetz.reini...@filmakademie.de> wrote:
>
>> Hi,
>>
>> we start to run out of diskspace soon as our users start to keep mails
>> for longer time periods. That's fine, but space consuming.
>>
>> The maildirs are about 1 TB in total, and not long ago we enabled zlib
>> which is very nice.
>>
>> Now I have some thoughts about the next steps:
>>
>> a) Migrating the whole system to a new server with more storage?
>>
>> b) Install a virtual server for the mailsystem and an extra storage
>> system may be NFS?
>>
>> c) Stay with the current server and move all mails to a bigger NFS storage.
>>
>> The last option c) would be the most easy one for me as I currently have
>> NFS space.
>>
>> Any thoughts? Hints regarding the NFS storage? Pros Cons?
>>
>> I have seen the dovecot wiki on NFS already and for now we will stay
>> with one single dovecot server.
>>
>>
>> Thanks and regards . Götz
>>
>>
>>
>>



smime.p7s
Description: S/MIME Cryptographic Signature

Re: Storage upgrade maildir suggestions?

[Götz Reinicke - IT Koordinator]

Am 21.06.16 um 16:09 schrieb Marcus Rueckert:
> On 2016-06-21 07:17, Götz Reinicke - IT Koordinator wrote:
>> Hi,
>>
>> we start to run out of diskspace soon as our users start to keep mails
>> for longer time periods. That's fine, but space consuming.
>>
>> The maildirs are about 1 TB in total, and not long ago we enabled zlib
>> which is very nice.
>>
>> Now I have some thoughts about the next steps:
>>
>> a) Migrating the whole system to a new server with more storage?
>>
>> b) Install a virtual server for the mailsystem and an extra storage
>> system may be NFS?
>>
>> c) Stay with the current server and move all mails to a bigger NFS
>> storage.
>>
>> The last option c) would be the most easy one for me as I currently have
>> NFS space.
>>
>> Any thoughts? Hints regarding the NFS storage? Pros Cons?
>>
>> I have seen the dovecot wiki on NFS already and for now we will stay
>> with one single dovecot server.
>
> FC or iSCSI as storage.
>
> and always have a lvm layer between your HW and the FS. that way you
> can easily attach
> more disk to the stripe set and grow your storage that way.
>
>darix
>
Hi Darix,

thanks for that feedback. Currently we are moving away in lot of areas
from iscsi as it is to mutch maintenance for us. But may be we go with a
small one for the mailsystem ...

Regards . Götz



smime.p7s
Description: S/MIME Cryptographic Signature

Storage upgrade maildir suggestions?

[Götz Reinicke - IT Koordinator]

Hi,

we start to run out of diskspace soon as our users start to keep mails
for longer time periods. That's fine, but space consuming.

The maildirs are about 1 TB in total, and not long ago we enabled zlib
which is very nice.

Now I have some thoughts about the next steps:

a) Migrating the whole system to a new server with more storage?

b) Install a virtual server for the mailsystem and an extra storage
system may be NFS?

c) Stay with the current server and move all mails to a bigger NFS storage.

The last option c) would be the most easy one for me as I currently have
NFS space.

Any thoughts? Hints regarding the NFS storage? Pros Cons?

I have seen the dovecot wiki on NFS already and for now we will stay
with one single dovecot server.


Thanks and regards . Götz





smime.p7s
Description: S/MIME Cryptographic Signature

Re: overview zlib efficiency? Summary and added note

[Götz Reinicke - IT Koordinator]

Am 15.03.16 um 16:01 schrieb Götz Reinicke - IT Koordinator:
> Hi,
> 
> may be someone has already done that: Do you have a script(?) tool which
> shows the efficiency of the mail compression if zlib is used?
> 
> Something that shows the uncompressed size vrs. the compressed.

Hi,

maybe my question was a bit misleading. But anyway thanks for your
feedback regarding your experiences and compression rates.

We already thought about the benefit of less IO and more CPU power,
which is no concern.

The mailboxes I checked also go with 40-60% compression rate.

But what I was looking for was a tool or way to see what volume would be
used if we where not using compression.

e.g. "du -hs --without-zlib"

Our management would like to see a graph one day which shows the volume
uncompressed and compressed ...

Adding zlib with mdbox or maildir - as we do it currently - is from my
POV if you have the CPU power a MUST :)

happy dovecoting - Götz





smime.p7s
Description: S/MIME Cryptographic Signature

overview zlib efficiency?

[Götz Reinicke - IT Koordinator]

Hi,

may be someone has already done that: Do you have a script(?) tool which
shows the efficiency of the mail compression if zlib is used?

Something that shows the uncompressed size vrs. the compressed.

Thanks for hints! /Götz




smime.p7s
Description: S/MIME Cryptographic Signature

questions regarding zlib plugin

[Götz Reinicke - IT Koordinator]

Hi,

faced with a current space problem on our dovecot 2.2.18 server, I
thought about using the zlib plugin.

My questions:

- is it really as simple as adding the options to the conf files as
described in the docs :) ? http://wiki2.dovecot.org/Plugins/Zlib

- As this just compresses new messages; dose anybody has a sort of
simple cron or whatever script or best practice how to compress existing
maildir mails? The doc is a bit complicated to me at that point...

Thanks a lot and regards . Götz



smime.p7s
Description: S/MIME Cryptographic Signature

Re: v2.2.20 released

[Götz Reinicke - IT Koordinator]

Hi,
Am 07.12.15 um 20:13 schrieb Timo Sirainen:
> http://dovecot.org/releases/2.2/dovecot-2.2.20.tar.gz
> http://dovecot.org/releases/2.2/dovecot-2.2.20.tar.gz.sig
> 
> This could be (one of) the last v2.2.x release. We're starting v2.3 
> development soon.

<...>


May be I missed something, we are on the rpm release channel
yum.dovecot.fi on centos 5.11

The most recent rpm is 2.2.18

Has 2.2.19 not been released? So will 2.2.20?

Thanks for feedback and regards . Götz



smime.p7s
Description: S/MIME Cryptographic Signature

Re: sieve is working/forwarding mail - but not for all users - SOLVED

[Götz Reinicke - IT Koordinator]

Thanks all,

found a config file with the adjusted sieve_max_redirects which was
saved during an update.

Regards . Götz
Am 25.11.15 um 15:32 schrieb Urban Loesch:
> Hi,
> 
> to how many addresses do you redirect the incoming mails?
> Could it be that you hit the "sieve_max_redirects = n" configuration 
> parameter?
> 
> Regards
> Urban
> 
> Am 25.11.2015 um 15:05 schrieb Götz Reinicke - IT Koordinator:
>> Hi,
>>
>> we have dovecot-ee-2.2.18.2 and pigeonhole/managesieve 0.4.8 running for
>> some time.
>>
>> Today some users informed us that they did not get mails from one
>> project account forwarded to there personal accounts any more.
>>
>> This worked till one week ago and I cant think of any changes we made...
>>
>> The project account keeps a copy of received mails.
>>
>> I tried two different accounts to configure forwarding to internal and
>> external mail addresses which is working.
>>
>> Question: Any hint or idea? How may I debug sieve forwarding?
>>
>>  Thanks and regards . Götz
>>





smime.p7s
Description: S/MIME Cryptographic Signature

sieve is working/forwarding mail - but not for all users

[Götz Reinicke - IT Koordinator]

Hi,

we have dovecot-ee-2.2.18.2 and pigeonhole/managesieve 0.4.8 running for
some time.

Today some users informed us that they did not get mails from one
project account forwarded to there personal accounts any more.

This worked till one week ago and I cant think of any changes we made...

The project account keeps a copy of received mails.

I tried two different accounts to configure forwarding to internal and
external mail addresses which is working.

Question: Any hint or idea? How may I debug sieve forwarding?

Thanks and regards . Götz



smime.p7s
Description: S/MIME Cryptographic Signature

Re: updating and wsitching repo to yum.dovecot.fi - Unknown protocol: sieve

[Götz Reinicke - IT Koordinator]

Am 30.10.15 um 11:49 schrieb Teemu Huovila:
> 
> 
> On 30.10.2015 12:18, Götz Reinicke - IT Koordinator wrote:
>> Hi,
>>
>> winter is coming and so I start to clean up some left overs of the year.
>>
>> One thing is to use the yum.dovecot.fi repository.
>>
>> After installing the current availabel dovecot and dovecot-ee-pigeonhole
>> package and restarting dovecot I do get the error:
>>
>>
>> doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf:
>> protocols: Unknown protocol: sieve
> Could you please reply with the output of doveconf -n


my guess: in the currently used rpms the "managesieve" libs are
included; for the official dovecot repo I do have to install the
dovecot-ee-managesieve.rpm too...


# 2.2.18.2 (866bffbafde7): /etc/dovecot/dovecot.conf
# OS: Linux 2.6.18-371.6.1.el5xen x86_64 CentOS release 5.11 (Final)
auth_debug = yes
auth_master_user_separator = *
auth_mechanisms = plain login
auth_verbose = yes
default_client_limit = 4000
default_process_limit = 4000
disable_plaintext_auth = no
log_path = /var/log/dovecot.log
login_trusted_networks = 193.196.129.21
mail_debug = yes
mail_location = maildir:~/Maildir
mail_plugins = mail_log notify quota acl
mail_privileged_group = mail
mdbox_rotate_size = 10 M
namespace {
  list = children
  location = maildir:%%h/Maildir:INDEX=%h/shared/%%u:CONTROL=%h/shared/%%u
  prefix = shared/%%u/
  separator = /
  subscriptions = yes
  type = shared
}
namespace inbox {
  inbox = yes
  location =
  mailbox Drafts {
special_use = \Drafts
  }
  mailbox Junk {
special_use = \Junk
  }
  mailbox Sent {
special_use = \Sent
  }
  mailbox "Sent Messages" {
special_use = \Sent
  }
  mailbox Trash {
special_use = \Trash
  }
  prefix =
  separator = /
}
passdb {
  args = /etc/dovecot/master-users
  driver = passwd-file
  master = yes
}
passdb {
  args = /etc/dovecot/dovecot-ldap.conf.ext
  driver = ldap
}
plugin {
  acl = vfile
  acl_shared_dict = file:/var/lib/dovecot/db/shared-mailboxes
  quota = dict:User quota::noenforcing:file:%h/dovecot-quota
  quota_rule = *:storage=5G
  quota_rule2 = Trash:storage=+100M
  quota_warning = storage=95%% quota-warning 95 %u
  quota_warning2 = storage=80%% quota-warning 80 %u
  sieve = ~/.dovecot.sieve
  sieve_dir = ~/sieve
}
postmaster_address = postmas...@filmakademie.de
protocols = imap pop3 lmtp sieve sieve
quota_full_tempfail = yes
service auth {
  unix_listener /var/spool/postfix/private/auth {
mode = 0666
  }
  unix_listener auth-userdb {
group = vmail
user = vmail
  }
  user = root
}
service imap-login {
  process_limit = 1024
  process_min_avail = 16
  service_count = 0
}
service imap {
  process_limit = 1024
}
service lmtp {
  inet_listener lmtp {
address = 127.0.0.1
port = 24
  }
}
service managesieve-login {
  inet_listener sieve {
port = 4190
  }
  service_count = 1
}
service managesieve {
  process_limit = 1024
}
service pop3-login {
  process_limit = 1024
  process_min_avail = 16
  service_count = 0
}
service pop3 {
  process_limit = 1024
}
service quota-warning {
  executable = script /usr/local/bin/quota-warning.sh
  unix_listener quota-warning {
user = vmail
  }
  user = dovecot
}
ssl_ca = 

smime.p7s
Description: S/MIME Cryptographic Signature

Re: updating and wsitching repo to yum.dovecot.fi - Unknown protocol: sieve

[Götz Reinicke - IT Koordinator]

Am 30.10.15 um 15:44 schrieb Teemu Huovila:
> 
> 
> On 30.10.2015 15:35, Götz Reinicke - IT Koordinator wrote:
>> Am 30.10.15 um 11:49 schrieb Teemu Huovila:
>>>
>>>
>>> On 30.10.2015 12:18, Götz Reinicke - IT Koordinator wrote:
>>>> Hi,
>>>>
>>>> winter is coming and so I start to clean up some left overs of the year.
>>>>
>>>> One thing is to use the yum.dovecot.fi repository.
>>>>
>>>> After installing the current availabel dovecot and dovecot-ee-pigeonhole
>>>> package and restarting dovecot I do get the error:
>>>>
>>>>
>>>> doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf:
>>>> protocols: Unknown protocol: sieve
>>> Could you please reply with the output of doveconf -n
>>
>>
>> my guess: in the currently used rpms the "managesieve" libs are
>> included; for the official dovecot repo I do have to install the
>> dovecot-ee-managesieve.rpm too...
> Yes, if you have "protocols = sieve .." then you need the managesieve package 
> too. Also, to use sieve filtering, you need to load the sieve plugin in 
> mail_plugins for lmtp or lda. Please refer to 
> http://wiki2.dovecot.org/Pigeonhole/Sieve/Configuration
> http://wiki2.dovecot.org/Pigeonhole/ManageSieve/Configuration

Hi,

currently sieve filtering is working (sieve plugin in mail_plugins for
lmtp is enabled) with the old repo packages; do I have to install an
other something-plugin.rpm from the dovecot repo?

Thanks & Regards . Götz

-- 
Götz Reinicke
IT-Koordinator

Tel. +49 7141 969 82420
E-Mail goetz.reini...@filmakademie.de

Filmakademie Baden-Württemberg GmbH
Akademiehof 10
71638 Ludwigsburg
www.filmakademie.de

Eintragung Amtsgericht Stuttgart HRB 205016

Vorsitzender des Aufsichtsrats: Jürgen Walter MdL
Staatssekretär im Ministerium für Wissenschaft,
Forschung und Kunst Baden-Württemberg

Geschäftsführer: Prof. Thomas Schadt



smime.p7s
Description: S/MIME Cryptographic Signature

updating and wsitching repo to yum.dovecot.fi - Unknown protocol: sieve

[Götz Reinicke - IT Koordinator]

Hi,

winter is coming and so I start to clean up some left overs of the year.

One thing is to use the yum.dovecot.fi repository.

After installing the current availabel dovecot and dovecot-ee-pigeonhole
package and restarting dovecot I do get the error:


doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf:
protocols: Unknown protocol: sieve


Is the sieve protocol an extra package? I thought in the 2.2. tree I
dont have to do bigger config changes.

We run already 2.2.something from city-fan.org and the switch was also
the idea of going to the most recent release.


Thanks for hints and feedback . Götz

-- 
Götz Reinicke
IT-Koordinator

Tel. +49 7141 969 82420
E-Mail goetz.reini...@filmakademie.de

Filmakademie Baden-Württemberg GmbH
Akademiehof 10
71638 Ludwigsburg
www.filmakademie.de

Eintragung Amtsgericht Stuttgart HRB 205016

Vorsitzender des Aufsichtsrats: Jürgen Walter MdL
Staatssekretär im Ministerium für Wissenschaft,
Forschung und Kunst Baden-Württemberg

Geschäftsführer: Prof. Thomas Schadt



smime.p7s
Description: S/MIME Cryptographic Signature

Re: backing up email / saving maildir on external hard drives

[Götz Reinicke - IT Koordinator]

Hi Kevin,

if you use maildir, I bet there is not a single mail bigger than 100 MB.
So ALL mails are 40 GB, but may be hundreds and thousands small ones ...?

Or did you compress all files in one 40GB tar/gz/zip/... ?

So fat32 is good for small files.

BUT if you like to transfer as well e.g. DVD iso images larger than  4
GB that might be a problem.

From what I think is good for you to go with, you could do a rsync ...
magic needed options that maildir to the FAT32 Disk.

So you can read it on all systems without extra tools.

Furthermore if you want to do an other backup or update your files run
an other rsync ... so you dont have to compress a big archive all the time.

As the others pointed out, what do you want to do, what is your requirement?

Especially in a Linux/Mac/Win World there is no one sizes fits all.

An other thing is: If you dont need to move your external disk around a
lot or take it with you on the go, think of a NAS; e.g. two disks,
mirrored raid so you can access it without big problems from all OSs ..


my2cents. /Götz



Am 08.08.15 um 18:15 schrieb Kevin Laurie:
 Dear Christian,
 Thanks for your feedback.
 The HDD will not accept larger than 4GB (as its in FAT format). Its a new
 external HDD. Thinking of the best format(that would work with Mac , Win
 and Linux) .seems like a challenge.
 What's your view on NTFS? And why not exFAT?
 
 Thanks
 Kevin
 
 On Saturday, August 8, 2015, Christian Kivalo ml+dove...@valo.at wrote:
 


 Am 08. August 2015 06:56:55 MESZ, schrieb Kevin Laurie 
 superinterstel...@gmail.com javascript:;:
 Hello,
 Yesterday I tried to back up a 40GB maildir .
 I tried to move the maildir from home to external HDD but failed.
 Decided
 then to compress it(which took several hours). Now changing the disk
 format
 from FAT to exFAT to allow the transfer for the large compressed file.

 How does one back up emails on a external drive?
 Some advice would be greatly appreciated.

 i backup my maildir with rsync to my home nas.

 i assume you are using linux or similar, so when backing up to an external
 hdd i'd also use rsync to copy over the maildir as is to the external hdd
 but use a different filesystem n that hdd like ext4 or xfs or anything else
 than fat/vfat/exfat.

 when something goes wrong you can just copy the files back.

 what was the error message you got when you tried to copy to the ext. hdd?

 regards
 - c






smime.p7s
Description: S/MIME Cryptographic Signature

Re: backing up email / saving maildir on external hard drives

[Götz Reinicke - IT Koordinator]

Hi,

talking of rsync and compression is may be also a bit misleading.

On the destination there will be no compressed files if you transfer
with rsync! The transfere on the network by rsync might be compressed!


/Götz


Am 09.08.15 um 18:33 schrieb Kevin Laurie:
 Dear Steve,
 Very valuable info. Appreciate it and will be careful when using terms.
 Actually I think I should just use rsync without compressing. The reason
 why I started compressing was because the GUI gave some errors when I was
 trying to copy then files.
 
 I'll just rsync the data from my laptop HDD to my external drive(without
 compressing)
 
 Thanks
 Kevin
 
 On Sunday, August 9, 2015, Steve Litt sl...@troubleshooters.com wrote:
 
 On Sat, 8 Aug 2015 10:26:55 +0530
 Kevin Laurie superinterstel...@gmail.com javascript:; wrote:

 Hello,
 Yesterday I tried to back up a 40GB maildir .
 I tried to move the maildir from home to external HDD but failed.

 If you tried to *move* it it's an archive, not a backup. If you tried
 to *copy* it, with the intent of keeping the original on the original
 hard disk and using it further, and keeping today's copy on some other
 media, *that's* a backup. I'm not trying to be pedantic, but there are
 many distinctions between the two. Archives must be re-transferred
 frequently: Backups merely need to be redone at intervals.

 Decided then to compress it(which took several hours). Now changing
 the disk format from FAT to exFAT to allow the transfer for the large
 compressed file.

 Reading https://en.wikipedia.org/wiki/File_Allocation_Table#exFAT , I
 personally wouldn't use exFAT. Regular FAT32 has a max filesize of
 2GB-1, which is 50 times the size of your whole uncompressed maildir.


 How does one back up emails on a external drive?
 Some advice would be greatly appreciated.

 Check this out:

 
 slitt@mydesq2:~$ df -h ~/mail/Maildir
 Filesystem  Size  Used Avail Use% Mounted on
 /dev/sdb8   116G   11G  100G  10% /home/slitt/mail/Maildir
 slitt@mydesq2:~$
 

 I don't have 40 GB, but * have 11, which is less than an order of
 magnitude away. I just back up this puppy to my backup server with my
 normal rsync based backup procedures, which you can read about here:

 * http://www.troubleshooters.com/lpm/200609/200609.htm

 * http://www.troubleshooters.com/linux/blu-ray-backup.htm

 * http://www.troubleshooters.com/lpm/201408/201408.htm

 The stuff about Blu-Ray is important only if you back up to blu-ray. I
 like to keep some backups on write-once media, because kept in the
 shade at reasonable temperatures and humidities, it tends to last
 longer. And spinning disks that spend the majority of their time not
 spinning tend to have problems.

 If this is a *backup*, I'd leave it uncompressed so you can take
 incremental backups regularly. If it's an *archive*, meaning that the
 data is immediately removed from your computer after copy, compression
 might be in order, but you should make two copies and test them both
 thoroughly before deleting the original, and you should test them every
 couple months and if either goes bad, copy the other one to something
 good. Archives are a PITA. For 40GB in these days of $150 2TB drives,
 I'd keep the data intact, back it up, and when you outgrow your hard
 drive, just get a bigger one.

 In other parts of this thread you ask how to separate backups from
 different accounts from different computers. As far as accounts, I
 think that Maildir directory structures would take care of that. As far
 as different machines, just put the hostname at the front of each
 destination directory.



 SteveT

 Steve Litt
 July 2015 featured book: Rapid Learning for the 21st Century
 http://www.troubleshooters.com/rl21



-- 
Götz Reinicke
IT-Koordinator

Tel. +49 7141 969 82420
E-Mail goetz.reini...@filmakademie.de

Filmakademie Baden-Württemberg GmbH
Akademiehof 10
71638 Ludwigsburg
www.filmakademie.de

Eintragung Amtsgericht Stuttgart HRB 205016

Vorsitzender des Aufsichtsrats: Jürgen Walter MdL
Staatssekretär im Ministerium für Wissenschaft,
Forschung und Kunst Baden-Württemberg

Geschäftsführer: Prof. Thomas Schadt



smime.p7s
Description: S/MIME Cryptographic Signature

Re: backing up email / saving maildir on external hard drives

[Götz Reinicke]

 Am 11.08.2015 um 17:56 schrieb Christian Schmidt 
 christian.schm...@chemie.uni-hamburg.de:
 
 On 11.08.2015 15:45, Götz Reinicke - IT Koordinator wrote:
 talking of rsync and compression is may be also a bit misleading.
 
 On the destination there will be no compressed files if you transfer
 with rsync!
 
 ...unless your dovecot is working with compressed maildir files. ;-)
 

I was talking about the rsync file transfer, which will not compress the output 
on the backup server…. not about anything dovecote has configured … may be uhh 
he uses a filesystem compression too ? Or some rsync piping trough gzip?

kidding :)

/Götz

how to recover mails - dovecot 2.2.13

[Götz Reinicke - IT Koordinator]

Hi,

I still have a messed up user account, with no mail client (appl mail,
thunderbird, sogo) mails show up as expected. Folders look empty, some
have something in it, but cant access the mails.

My idea is, to move the users mal folder, let him regenerate the
folderstructure from scratch and than reimport the old mails.

Question: We use maildir. Can I just copy the old mails from e.g.

user-backup/Maildir/curl/*

to

user/Maildir/curl/*

Or which steps are needed? rebuilding any index or something etc ?


Thanks very much for any suggestion!

Regards . Götz
-- 
Götz Reinicke
IT-Koordinator

Tel. +49 7141 969 82 420
E-Mail goetz.reini...@filmakademie.de

Filmakademie Baden-Württemberg GmbH
Akademiehof 10
71638 Ludwigsburg
www.filmakademie.de

Eintragung Amtsgericht Stuttgart HRB 205016

Vorsitzender des Aufsichtsrats: Jürgen Walter MdL
Staatssekretär im Ministerium für Wissenschaft,
Forschung und Kunst Baden-Württemberg

Geschäftsführer: Prof. Thomas Schadt



smime.p7s
Description: S/MIME Cryptographic Signature

help by recovering a mailbox - maildir and dovecot 2.2.13

[Götz Reinicke - IT Koordinator]

Hi,

an user screwd up his mailbox in such a way, that I dont see how to get
it back in the right order.

E.g. in the subcriptions file there is a folder

Studienjahr 2014 - 2015.Pitchings

in the filesystem there this folder is in trash and without spaces
between the years:

.Trash.Studienjahr 2014-2015.Pitchings

in the Filesystem ther is no folder

Studienjahr 2014-2015

Currently he uses our sogo as email client ant there are some folders to
showing up but some are empty, some cant be deleted ...


So any help and suggestion in recovering this structure is welcome!

Regards . Götz

-- 
Götz Reinicke
IT-Koordinator

Tel. +49 7141 969 82 420
E-Mail goetz.reini...@filmakademie.de

Filmakademie Baden-Württemberg GmbH
Akademiehof 10
71638 Ludwigsburg
www.filmakademie.de

Eintragung Amtsgericht Stuttgart HRB 205016

Vorsitzender des Aufsichtsrats: Jürgen Walter MdL
Staatssekretär im Ministerium für Wissenschaft,
Forschung und Kunst Baden-Württemberg

Geschäftsführer: Prof. Thomas Schadt



smime.p7s
Description: S/MIME Cryptographic Signature

Re: Master user and invalid credentials dovecot-2.2.13

[Götz Reinicke - IT Koordinator]

Hi,

on the console:

telnet localhost 143
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
IDLE STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready.


in the logs:


Sep 30 08:56:23 auth: Debug: client in: AUTH2936PLAIN   service=imap
secured session=fOCd4UIEMAB/AAABlip=127.0.0.1   rip=127.0.0.1
lport=143   rport=54320 resp=hidden
Sep 30 08:56:23 auth: Debug:
passwd-file(user,127.0.0.1,master,fOCd4UIEMAB/AAAB): Master user
lookup for login: testma
Sep 30 08:56:23 auth: Debug:
passwd-file(user,127.0.0.1,master,fOCd4UIEMAB/AAAB): lookup: user=user
file=/etc/dovecot/master-users
Sep 30 08:56:23 auth: Info:
passwd-file(user,127.0.0.1,master,fOCd4UIEMAB/AAAB): Master user
logging in as testma
Sep 30 08:56:23 auth: Info: ldap(testma,127.0.0.1,fOCd4UIEMAB/AAAB):
invalid credentials


/Götz
Am 29.09.14 um 15:04 schrieb Clovis Tristao:
 Hi,
 
 As you are performing the tests?
 Would post the debug log?
 Cheers,
 
 Clóvis
 
 Em 29-09-2014 05:08, Götz Reinicke - IT Koordinator escreveu:
 Hi,

 I followed the docs from the dovecot wiki
 (http://wiki2.dovecot.org/Authentication/MasterUsers) and still have
 some problem:

 1. uncommented !include auth-ldap.conf.ext in 10-auth.conf
 2. htpasswd -b -c -s  to create user/password for a masteruseruser
 3. checked auth-master.conf.ext

 When I try to test the login, I always get an invalid credentials in
 the logs with auth_debug=yes set.

 dovecot can read /etc/dovecot/master-users

 The users are in ldap.

 The example wiki shows the passwords {SHA1}, in my password file
 they are {SHA}

 The master user posting in september gave some clues what might be
 wrong, but did not help to solve my problem.


 Any suggestions are welcome! Thanks and regards. Götz
 


-- 
Götz Reinicke
IT-Koordinator

Tel. +49 7141 969 82 420
E-Mail goetz.reini...@filmakademie.de

Filmakademie Baden-Württemberg GmbH
Akademiehof 10
71638 Ludwigsburg
www.filmakademie.de

Eintragung Amtsgericht Stuttgart HRB 205016

Vorsitzender des Aufsichtsrats: Jürgen Walter MdL
Staatssekretär im Ministerium für Wissenschaft,
Forschung und Kunst Baden-Württemberg

Geschäftsführer: Prof. Thomas Schadt



smime.p7s
Description: S/MIME Cryptographic Signature

Master user and invalid credentials dovecot-2.2.13

[Götz Reinicke - IT Koordinator]

Hi,

I followed the docs from the dovecot wiki
(http://wiki2.dovecot.org/Authentication/MasterUsers) and still have
some problem:

1. uncommented !include auth-ldap.conf.ext in 10-auth.conf
2. htpasswd -b -c -s  to create user/password for a masteruseruser
3. checked auth-master.conf.ext

When I try to test the login, I always get an invalid credentials in
the logs with auth_debug=yes set.

dovecot can read /etc/dovecot/master-users

The users are in ldap.

The example wiki shows the passwords {SHA1}, in my password file
they are {SHA}

The master user posting in september gave some clues what might be
wrong, but did not help to solve my problem.


Any suggestions are welcome! Thanks and regards. Götz
-- 
Götz Reinicke
IT-Koordinator

Tel. +49 7141 969 82 420
E-Mail goetz.reini...@filmakademie.de

Filmakademie Baden-Württemberg GmbH
Akademiehof 10
71638 Ludwigsburg
www.filmakademie.de

Eintragung Amtsgericht Stuttgart HRB 205016

Vorsitzender des Aufsichtsrats: Jürgen Walter MdL
Staatssekretär im Ministerium für Wissenschaft,
Forschung und Kunst Baden-Württemberg

Geschäftsführer: Prof. Thomas Schadt



smime.p7s
Description: S/MIME Cryptographic Signature

Re: [Dovecot] Error Initializing mail storage ... after upgrading to 2.2.10 - BUG? - Solution

[Götz Reinicke - IT Koordinator]

Am 28.02.14 09:19, schrieb Götz Reinicke - IT Koordinator:
...

Hi, thanks to all suggestions, but it looks like the long username (35
letters) causes that problem, that just one out of about 1.000 users
cant log in.

We shorted/changed the username to less than 35 letters and every thing
is fine now.

dovecot-2.2.10-1_14.el5
Red Hat Enterprise Linux Server release 5.10
CPU architecture x86_64 SMP
Local Filesystem ext3
PAM authentication with ldap backend.

May be that's a bug? Or feature?

Regards . Götz

-- 
Götz Reinicke
IT-Koordinator

Tel. +49 7141 969 82 420
E-Mail goetz.reini...@filmakademie.de

Filmakademie Baden-Württemberg GmbH
Akademiehof 10
71638 Ludwigsburg
www.filmakademie.de

Eintragung Amtsgericht Stuttgart HRB 205016

Vorsitzender des Aufsichtsrats: Jürgen Walter MdL
Staatssekretär im Ministerium für Wissenschaft,
Forschung und Kunst Baden-Württemberg

Geschäftsführer: Prof. Thomas Schadt



smime.p7s
Description: S/MIME Cryptographic Signature

Re: [Dovecot] Error Initializing mail storage ... after upgrading to 2.2.10 - BUG? - Solution

[Götz Reinicke - IT Koordinator]

Am 04.03.14 09:24, schrieb Robert Schetterer:
 Am 04.03.2014 09:03, schrieb Götz Reinicke - IT Koordinator:
 Am 28.02.14 09:19, schrieb Götz Reinicke - IT Koordinator:
 ...

 Hi, thanks to all suggestions, but it looks like the long username (35
 letters) causes that problem, that just one out of about 1.000 users
 cant log in.

 We shorted/changed the username to less than 35 letters and every thing
 is fine now.

 dovecot-2.2.10-1_14.el5
 Red Hat Enterprise Linux Server release 5.10
 CPU architecture x86_64 SMP
 Local Filesystem ext3
 PAM authentication with ldap backend.

 May be that's a bug? Or feature?

  Regards . Götz62

 
 reading this
 
 http://www.rfc-editor.org/errata_search.php?rfc=3696eid=1690
 
 it should be a bug , until you did not go over the total max limit
 but you may look in ldap problems too, perhaps there is a limit too

Thanks for your feedback,

from that RFC Document it looks like we are save. 35  64 characters.

However, the problem is solved when WE change the users login name, so
for curiosity: what has been changed in the dovecot code?

Regards . Götz


-- 
Götz Reinicke
IT-Koordinator

Tel. +49 7141 969 82 420
E-Mail goetz.reini...@filmakademie.de

Filmakademie Baden-Württemberg GmbH
Akademiehof 10
71638 Ludwigsburg
www.filmakademie.de

Eintragung Amtsgericht Stuttgart HRB 205016

Vorsitzender des Aufsichtsrats: Jürgen Walter MdL
Staatssekretär im Ministerium für Wissenschaft,
Forschung und Kunst Baden-Württemberg

Geschäftsführer: Prof. Thomas Schadt



smime.p7s
Description: S/MIME Cryptographic Signature

Re: [Dovecot] Error Initializing mail storage ... after upgrading to 2.2.10

[Götz Reinicke - IT Koordinator]

Am 28.02.14 08:37, schrieb Steffen Kaiser:
 On Thu, 27 Feb 2014, Götz Reinicke - IT Koordinator wrote:
 
 Am 27.02.14 17:06, schrieb Steffen:
 Götz Reinicke - IT Koordinator wrote:
 Am 27.02.14 09:41, schrieb Steffen Kaiser:
 I suggest to turn on mail_debug, then you see all paths a.s.o.

 Switched it on, but there are no more error messages.

 But you'll see lines with home= mail= a.s.o. Are these settings
 correct? Maybe, post them, too.
 
 I just realised, that I used just a basic configuration (from the
 migration); I just added and started with the big conf.d and added my
 setting.
 
 There is still the same problem/error in the log, but with some more
 text:
 
 E.g. the rechnungseingang-finanzbuchhaltung looks like:
 
 Feb 27 16:59:55 imap(rechnungseingang-finanzbuchhaltung): Debug:
 Effective uid=3473, gid=1182,
 home=/home/misc_accounts/rechnungseingang-finanzbuchhaltung
 
 Feb 27 17:02:11 imap(rechnungseingang-animationsinstitut): Debug:
 Effective uid=3474, gid=1182, home=
 
 list=yes, subscriptions=yes
 location=mbox:~/:INBOX=/var/mail/rechnungseingang-animationsinstitut
 
 See that next Info line:
 
 
 Home directory not set for user. Can't expand ~/ for mail root dir
 in: ~/
 
 
 In contrast to rechnungseingang-finanzbuchhaltung your userdb does not
 return no home dir for rechnungseingang-animationsinstitut, therefore
 your mail_location ~/ expands to the root directory /.
 
 You have to correct your userdb. Maybe you need to clean the cache:
 
 doveadm auth cache flush

Hi,

[root@mail ~]# doveadm auth cache flush
doveadm(root): Error: userdb lookup:
connect(/var/run/dovecotauth-master) failed: No such file or directory
0 cache entries flushed

On the other hand I can confirm, that the user has a homedirectory which
he can access and write to. (e.g. there is a .forward file written by
that user.)

Strange. Cheers . Götz

-- 
Götz Reinicke
IT-Koordinator

Tel. +49 7141 969 82 420
E-Mail goetz.reini...@filmakademie.de

Filmakademie Baden-Württemberg GmbH
Akademiehof 10
71638 Ludwigsburg
www.filmakademie.de

Eintragung Amtsgericht Stuttgart HRB 205016

Vorsitzender des Aufsichtsrats: Jürgen Walter MdL
Staatssekretär im Ministerium für Wissenschaft,
Forschung und Kunst Baden-Württemberg

Geschäftsführer: Prof. Thomas Schadt



smime.p7s
Description: S/MIME Cryptographic Signature

[Dovecot] Error Initializing mail storage ... after upgrading to 2.2.10

[Götz Reinicke - IT Koordinator]

Hi,

I did the upgrade frpom 1.2.x to 2.2.10 and had some warnings/errors on
a very few accounts/mailboxes. All of them where permission related and
solved.

Dovecot rocks again.

But on one mailbox I do get an error:

Error: user rechnnugseingang-animationsinstitut: Initialization failed:
Initializing mail storage from mail_location setting failed

Error: Invalid user settings. Refer to server log for more information.

There is a homedirectory and the permissions are set like on all other
accounts.

The username is quite long (35 characters) but an other one with 34 is
working fine.

And before the upgrade there was no error.


Thnaks for any help or hint. Regards . Götz

-- 
Götz Reinicke
IT-Koordinator

Tel. +49 7141 969 82 420
E-Mail goetz.reini...@filmakademie.de

Filmakademie Baden-Württemberg GmbH
Akademiehof 10
71638 Ludwigsburg
www.filmakademie.de

Eintragung Amtsgericht Stuttgart HRB 205016

Vorsitzender des Aufsichtsrats: Jürgen Walter MdL
Staatssekretär im Ministerium für Wissenschaft,
Forschung und Kunst Baden-Württemberg

Geschäftsführer: Prof. Thomas Schadt



smime.p7s
Description: S/MIME Cryptographic Signature

Re: [Dovecot] Error Initializing mail storage ... after upgrading to 2.2.10

[Götz Reinicke - IT Koordinator]

Am 27.02.14 09:31, schrieb Joseph Tam:
 G?tz Reinicke - IT Koordinator goetz.reini...@filmakademie.de wrote:
 
 But on one mailbox I do get an error:

 Error: user rechnnugseingang-animationsinstitut: Initialization failed:
 Initializing mail storage from mail_location setting failed

 Error: Invalid user settings. Refer to server log for more information.
 
 And the server logs says ...?  Maybe the '-' is not one of the allowed
 characters (is there a missing 'e' at the end?)

Oops missed something may be, but I dont see anything in the dovecot.log
or syslogs.

The '-' is allowed as we do have other accounts with that character and
there is no typo.

May be i can increase the logging level ...

/Götz

-- 
Götz Reinicke
IT-Koordinator

Tel. +49 7141 969 82 420
E-Mail goetz.reini...@filmakademie.de

Filmakademie Baden-Württemberg GmbH
Akademiehof 10
71638 Ludwigsburg
www.filmakademie.de

Eintragung Amtsgericht Stuttgart HRB 205016

Vorsitzender des Aufsichtsrats: Jürgen Walter MdL
Staatssekretär im Ministerium für Wissenschaft,
Forschung und Kunst Baden-Württemberg

Geschäftsführer: Prof. Thomas Schadt



smime.p7s
Description: S/MIME Cryptographic Signature

Re: [Dovecot] Error Initializing mail storage ... after upgrading to 2.2.10

[Götz Reinicke - IT Koordinator]

Am 27.02.14 09:41, schrieb Steffen Kaiser:
 On Thu, 27 Feb 2014, Götz Reinicke - IT Koordinator wrote:
 
 But on one mailbox I do get an error:
 
 Error: user rechnnugseingang-animationsinstitut: Initialization failed:
 Initializing mail storage from mail_location setting failed
 
 Error: Invalid user settings. Refer to server log for more information.
 
 Is above error the only error in the log?


Yes, thats the only log for about 8 hours +- now.


 There is a homedirectory and the permissions are set like on all other
 accounts.
 
 The username is quite long (35 characters) but an other one with 34 is
 working fine.
 
 I do not have such long names ...
 
 I suggest to turn on mail_debug, then you see all paths a.s.o.

Switched it on, but there are no more error messages.

/Götz
-- 
Götz Reinicke
IT-Koordinator

Tel. +49 7141 969 82 420
E-Mail goetz.reini...@filmakademie.de

Filmakademie Baden-Württemberg GmbH
Akademiehof 10
71638 Ludwigsburg
www.filmakademie.de

Eintragung Amtsgericht Stuttgart HRB 205016

Vorsitzender des Aufsichtsrats: Jürgen Walter MdL
Staatssekretär im Ministerium für Wissenschaft,
Forschung und Kunst Baden-Württemberg

Geschäftsführer: Prof. Thomas Schadt



smime.p7s
Description: S/MIME Cryptographic Signature

Re: [Dovecot] Error Initializing mail storage ... after upgrading to 2.2.10

[Götz Reinicke - IT Koordinator]

Am 27.02.14 13:27, schrieb Charles Marcus:
 On 2/27/2014 3:48 AM, Götz Reinicke - IT Koordinator
 goetz.reini...@filmakademie.de wrote:
 Am 27.02.14 09:41, schrieb Steffen Kaiser:
 On Thu, 27 Feb 2014, Götz Reinicke - IT Koordinator wrote:
 But on one mailbox I do get an error:
 Error: user rechnnugseingang-animationsinstitut: Initialization failed:
 Initializing mail storage from mail_location setting failed
 Error: Invalid user settings. Refer to server log for more information.
 Is above error the only error in the log?
 
 Yes, thats the only log for about 8 hours +- now.
 
 There is a homedirectory and the permissions are set like on all other
 accounts.
 The username is quite long (35 characters) but an other one with 34 is
 working fine.
 
 I do not have such long names ...

 I suggest to turn on mail_debug, then you see all paths a.s.o.
 
 Switched it on, but there are no more error messages.
 
 doveconf -n output?

[root@mail ~]# doveconf -n
# 2.2.10: /etc/dovecot/dovecot.conf
doveconf: Warning: service auth { client_limit=1000 } is lower than
required under max. load (2148)
doveconf: Warning: service anvil { client_limit=1000 } is lower than
required under max. load (2151)
# OS: Linux 2.6.18-371.4.1.el5 x86_64 Red Hat Enterprise Linux Server
release 5.10 (Tikanga)
auth_mechanisms = plain login
auth_verbose = yes
disable_plaintext_auth = no
log_path = /var/log/dovecot.log
mail_location = mbox:~/:INBOX=/var/mail/%u
mail_privileged_group = mail
passdb {
  driver = pam
}
protocols = imap pop3
service auth {
  user = root
}
service imap-login {
  process_limit = 1024
  process_min_avail = 10
  service_count = 1
}
service imap {
  process_limit = 1024
  vsz_limit = 1 G
}
service pop3-login {
  process_limit = 1024
  process_min_avail = 10
  service_count = 1
}
service pop3 {
  process_limit = 1024
  vsz_limit = 1 G
}
ssl_ca = /etc/pki/tls/certs/ca-bundle_all.crt
ssl_cert = /etc/pki/tls/certs/mail_filmakademie_de.crt
ssl_cipher_list = ALL:!LOW:!SSLv2
ssl_key = /etc/pki/tls/private/mail_filmakademie_de.key
userdb {
  driver = passwd
}
protocol imap {
  mail_max_userip_connections = 20
}



-- 
Götz Reinicke
IT-Koordinator

Tel. +49 7141 969 82 420
E-Mail goetz.reini...@filmakademie.de

Filmakademie Baden-Württemberg GmbH
Akademiehof 10
71638 Ludwigsburg
www.filmakademie.de

Eintragung Amtsgericht Stuttgart HRB 205016

Vorsitzender des Aufsichtsrats: Jürgen Walter MdL
Staatssekretär im Ministerium für Wissenschaft,
Forschung und Kunst Baden-Württemberg

Geschäftsführer: Prof. Thomas Schadt



smime.p7s
Description: S/MIME Cryptographic Signature

Re: [Dovecot] Error Initializing mail storage ... after upgrading to 2.2.10

[Götz Reinicke - IT Koordinator]

Am 27.02.14 17:06, schrieb Steffen:
 Götz Reinicke - IT Koordinator wrote:
 Am 27.02.14 09:41, schrieb Steffen Kaiser:
 I suggest to turn on mail_debug, then you see all paths a.s.o.
 
 Switched it on, but there are no more error messages.
 
 But you'll see lines with home= mail= a.s.o. Are these settings
 correct? Maybe, post them, too.

I just realised, that I used just a basic configuration (from the
migration); I just added and started with the big conf.d and added my
setting.

There is still the same problem/error in the log, but with some more text:

E.g. the rechnungseingang-finanzbuchhaltung looks like:

Feb 27 16:59:55 imap(rechnungseingang-finanzbuchhaltung): Debug:
Effective uid=3473, gid=1182,
home=/home/misc_accounts/rechnungseingang-finanzbuchhaltung



Feb 27 17:02:11 imap(rechnungseingang-animationsinstitut): Debug:
Effective uid=3474, gid=1182, home=



Feb 27 17:02:11 auth-worker(19896): Debug:
pam(rechnungseingang-animationsinstitut,172.17.25.85): lookup
service=dovecot
Feb 27 17:02:11 auth-worker(19896): Debug:
pam(rechnungseingang-animationsinstitut,172.17.25.85): #1/1 style=1
msg=Password:
Feb 27 17:02:11 auth: Debug: client passdb out: OK  1
user=rechnungseingang-animationsinstitut
Feb 27 17:02:11 auth-worker(19896): Debug:
passwd(rechnungseingang-animationsinstitut,172.17.25.85): lookup
Feb 27 17:02:11 auth: Debug: master userdb out: USER3536191489
rechnungseingang-animationsinstitut
system_groups_user=rechnungseingang-animationsinstitut  uid=3474
gid=1182homeauth_token=58932681706c22720023a40104779c049ae2ac42
Feb 27 17:02:11 imap-login: Info: Login:
user=rechnungseingang-animationsinstitut, method=PLAIN,
rip=172.17.25.85, lip=193.196.129.3, mpid=21531, TLS,
session=dAWscWXzyQCsERlV
Feb 27 17:02:11 imap(rechnungseingang-animationsinstitut): Debug:
Effective uid=3474, gid=1182, home=
Feb 27 17:02:11 imap(rechnungseingang-animationsinstitut): Debug:
Namespace inbox: type=private, prefix=, sep=, inbox=yes, hidden=no,
list=yes, subscriptions=yes
location=mbox:~/:INBOX=/var/mail/rechnungseingang-animationsinstitut
Feb 27 17:02:11 imap(rechnungseingang-animationsinstitut): Error: user
rechnungseingang-animationsinstitut: Initialization failed: Namespace
'': Home directory not set for user. Can't expand ~/ for mail root dir
in: ~/:INBOX=/var/mail/rechnungseingang-animationsinstitut
Feb 27 17:02:11 imap(rechnungseingang-animationsinstitut): Error:
Invalid user settings. Refer to server log for more information.


-- 
Götz Reinicke
IT-Koordinator

Tel. +49 7141 969 82 420
E-Mail goetz.reini...@filmakademie.de

Filmakademie Baden-Württemberg GmbH
Akademiehof 10
71638 Ludwigsburg
www.filmakademie.de

Eintragung Amtsgericht Stuttgart HRB 205016

Vorsitzender des Aufsichtsrats: Jürgen Walter MdL
Staatssekretär im Ministerium für Wissenschaft,
Forschung und Kunst Baden-Württemberg

Geschäftsführer: Prof. Thomas Schadt



smime.p7s
Description: S/MIME Cryptographic Signature

[Dovecot] Upgrading from 1.2.x - 2.2.x in one step possible

[Götz Reinicke - IT Koordinator]

Hi,

after some off-ML discussions to and some reconsiderations, we might do
the big jump from our current 1.2.17 to the atrpms 2.2.

From googling and reading the dovecot upgrade wiki I don't see any (big)
pitfalls.

Basically we use the default config options, mbox, pop3s/imaps on RH EL 5.

So just run the upgrade-config script, fingers crossed and thats it?

Ii it possible to do such a big step form 1.2 to 2.2?

Thanks for comments and suggestions . Götz

-- 
Götz Reinicke
IT-Koordinator

Tel. +49 7141 969 82 420
E-Mail goetz.reini...@filmakademie.de

Filmakademie Baden-Württemberg GmbH
Akademiehof 10
71638 Ludwigsburg
www.filmakademie.de

Eintragung Amtsgericht Stuttgart HRB 205016

Vorsitzender des Aufsichtsrats: Jürgen Walter MdL
Staatssekretär im Ministerium für Wissenschaft,
Forschung und Kunst Baden-Württemberg

Geschäftsführer: Prof. Thomas Schadt



smime.p7s
Description: S/MIME Cryptographic Signature

[Dovecot] Oldies but Goldies - Dovecot 1.2 and Sieve

[Götz Reinicke - IT Koordinator]

Hi,

we still run dovecot 1.2.17 and upgrading is not planed for some time.

But I'm asked to install a sieve system to be used with SOGo soon.

What do I have to install / configure?

Is installing/configuring the dovecot-sieve-0.1.19 and
dovecot-managesieve-0.11.13 enough?

We still use mostly the default settings for imaps/pop3s.

And of course configure SOGo.

Thanks for any feedback. Regards . Götz
-- 
Götz Reinicke
IT-Koordinator

Tel. +49 7141 969 82 420
E-Mail goetz.reini...@filmakademie.de

Filmakademie Baden-Württemberg GmbH
Akademiehof 10
71638 Ludwigsburg
www.filmakademie.de

Eintragung Amtsgericht Stuttgart HRB 205016

Vorsitzender des Aufsichtsrats: Jürgen Walter MdL
Staatssekretär im Ministerium für Wissenschaft,
Forschung und Kunst Baden-Württemberg

Geschäftsführer: Prof. Thomas Schadt



smime.p7s
Description: S/MIME Cryptographic Signature

Re: [Dovecot] how to calculate mail storage/traffic used

[Götz Reinicke - IT Koordinator]

Am 08.11.13 09:07, schrieb Steffen Kaiser:
 On Fri, 8 Nov 2013, Götz Reinicke - IT Koordinator wrote:
 
 We have to setup a server which gets a copy of all messages send and
 received by our mailserver as a 1:1 copy. Mails send to multiple
 recipients should be calculated and saved per user. (great if you
 usually have lost of mails send to groups of people.)
 
 So no dedublication should be used here. (e.g. save the message and
 refer the different recipients to it.)
 
 How can I calculate the current traffic in the best way to extrapolate
 the amount of space to be planed for the new server?
 
 I would check your MTA logs, if you get the size of the message and the
 [number of] recipients.  Do you really want to store outgoing mails,
 too? In mailboxes accessable by IMAP or the like?

Hi,

no, we have to put all messages in ELM / singel file format on to a
networkshare to be collected and processed by a document management system.

We need in and out mails to be saved.

I know there are better/other solutions including good dedublication for
mail archiving, but thats how it works.

Cheers . Götz

-- 
Götz Reinicke
IT-Koordinator

Tel. +49 7141 969 82 420
Fax  +49 7141 969 55 420
E-Mail goetz.reini...@filmakademie.de

Filmakademie Baden-Württemberg GmbH
Akademiehof 10
71638 Ludwigsburg
www.filmakademie.de

Eintragung Amtsgericht Stuttgart HRB 205016

Vorsitzender des Aufsichtsrats: Jürgen Walter MdL
Staatssekretär im Ministerium für Wissenschaft,
Forschung und Kunst Baden-Württemberg

Geschäftsführer: Prof. Thomas Schadt



smime.p7s
Description: S/MIME Cryptographic Signature

Re: [Dovecot] how to calculate mail storage/traffic used - SOLVED

[Götz Reinicke - IT Koordinator]

SendmailAnalyzer

http://sareport.darold.net/index.html

collects all Messaging flows like total incomming/outgoing and size in
sum and average.

and it has a graphic web interface ;)

/Götz

-- 
Götz Reinicke
IT-Koordinator

Tel. +49 7141 969 82 420
Fax  +49 7141 969 55 420
E-Mail goetz.reini...@filmakademie.de

Filmakademie Baden-Württemberg GmbH
Akademiehof 10
71638 Ludwigsburg
www.filmakademie.de

Eintragung Amtsgericht Stuttgart HRB 205016

Vorsitzender des Aufsichtsrats: Jürgen Walter MdL
Staatssekretär im Ministerium für Wissenschaft,
Forschung und Kunst Baden-Württemberg

Geschäftsführer: Prof. Thomas Schadt



smime.p7s
Description: S/MIME Cryptographic Signature

[Dovecot] how to calculate mail storage/traffic used

[Götz Reinicke - IT Koordinator]

Hi,

may be som mailserver admins on the list can give me som hint. Thats not
dovecot related, but I know the knowledg here is enormous.

We have to setup a server which gets a copy of all messages send and
received by our mailserver as a 1:1 copy. Mails send to multiple
recipients should be calculated and saved per user. (great if you
usually have lost of mails send to groups of people.)

So no dedublication should be used here. (e.g. save the message and
refer the different recipients to it.)

How can I calculate the current traffic in the best way to extrapolate
the amount of space to be planed for the new server?

We think to have a couples of days to be saved.

Thanks for any hint or comment. Regards Götz

-- 
Götz Reinicke
IT-Koordinator

Tel. +49 7141 969 82 420
Fax  +49 7141 969 55 420
E-Mail goetz.reini...@filmakademie.de

Filmakademie Baden-Württemberg GmbH
Akademiehof 10
71638 Ludwigsburg
www.filmakademie.de

Eintragung Amtsgericht Stuttgart HRB 205016

Vorsitzender des Aufsichtsrats: Jürgen Walter MdL
Staatssekretär im Ministerium für Wissenschaft,
Forschung und Kunst Baden-Württemberg

Geschäftsführer: Prof. Thomas Schadt




smime.p7s
Description: S/MIME Cryptographic Signature

Re: [Dovecot] Suggestions for upgrading dovecot 1.0.7 Redhat EL 5.x - DONE

[Götz Reinicke - IT Koordinator]

Am 26.02.13 12:08, schrieb Götz Reinicke - IT Koordinator:
...

Hi folks,

after some different considerations, we decided to do just a minor
upgrade on the old/current hardware and OS version.

We did the rpm upgrade from 1.0.x to 1.2.x and for now there are no
problems. Just a few more warnings regarding Corrupted index cache file.

But no user complains. From my POV there is a significant performance
boost on my large mailboxes...

At the time we can get new hardware and maybe change some other things
in our setup we will go wit 2.x I bet.

so thanks for al the feedback! Regards . Götz

-- 
Götz Reinicke
IT-Koordinator

Tel. +49 7141 969 82 420
Fax  +49 7141 969 55 420
E-Mail goetz.reini...@filmakademie.de

Filmakademie Baden-Württemberg GmbH
Akademiehof 10
71638 Ludwigsburg
www.filmakademie.de

Eintragung Amtsgericht Stuttgart HRB 205016

Vorsitzender des Aufsichtsrats: Jürgen Walter MdL
Staatssekretär im Ministerium für Wissenschaft,
Forschung und Kunst Baden-Württemberg

Geschäftsführer: Prof. Thomas Schadt



smime.p7s
Description: S/MIME Kryptografische Unterschrift

[Dovecot] question regarding rw-access on mailbox on creation/login (dovecot 1.2.17)

[Götz Reinicke - IT Koordinator]

Hi,

currently I have one new user with a problem. When she logs in to
dovecot with pop3 from her apple mail, dovecot tells problems with the
+w permission.

Error: open(/var/mail/**) failed: Permission denied
(euid=3462(**) egid=548(dozenten) missing +w perm: /var/mail)

/var/mail is rw by root.mail

I cant see why just this particular user has that problem/gets that
messages.

AFAIK no one changed any default permissions on directories or set
different users.

What could be wrong? Any suggestions is welcome.

Regards . Götz


-- 
Götz Reinicke
IT-Koordinator

Tel. +49 7141 969 82 420
Fax  +49 7141 969 55 420
E-Mail goetz.reini...@filmakademie.de

Filmakademie Baden-Württemberg GmbH
Akademiehof 10
71638 Ludwigsburg
www.filmakademie.de

Eintragung Amtsgericht Stuttgart HRB 205016

Vorsitzender des Aufsichtsrats: Jürgen Walter MdL
Staatssekretär im Ministerium für Wissenschaft,
Forschung und Kunst Baden-Württemberg

Geschäftsführer: Prof. Thomas Schadt



smime.p7s
Description: S/MIME Kryptografische Unterschrift

Re: [Dovecot] question regarding rw-access on mailbox on creation/login (dovecot 1.2.17) - SOLVED

[Götz Reinicke - IT Koordinator]

Thanks for all suggestions!

mail_privileged_group = mail did the magic.

I'v read the V1.0 - 1.1 - 1.2, but did not read ALL config options in
the new dovecot.conf.

/Götz

-- 
Götz Reinicke
IT-Koordinator

Tel. +49 7141 969 82 420
Fax  +49 7141 969 55 420
E-Mail goetz.reini...@filmakademie.de

Filmakademie Baden-Württemberg GmbH
Akademiehof 10
71638 Ludwigsburg
www.filmakademie.de

Eintragung Amtsgericht Stuttgart HRB 205016

Vorsitzender des Aufsichtsrats: Jürgen Walter MdL
Staatssekretär im Ministerium für Wissenschaft,
Forschung und Kunst Baden-Württemberg

Geschäftsführer: Prof. Thomas Schadt



smime.p7s
Description: S/MIME Kryptografische Unterschrift

Re: [Dovecot] Suggestions for upgrading dovecot 1.0.7 Redhat EL 5.x

[Götz Reinicke - IT Koordinator]

Am 27.02.13 16:57, schrieb Steffen Kaiser:
 On Wed, 27 Feb 2013, Götz Reinicke - IT Koordinator wrote:
 
 I don't know Redhat, but it seems to be wise to upgrade. What's the
 Known Bug List or Known Security Holes in Redhat EL 5.x?
 
 What do you mean by that? BTW it's strange to me that Redhat never
 updated the main imap server part in there lon tearm supported
 enterprice distribution ... (RH EL 6 comes with dovecot 2.0 ok ... )
 
 Are there security considerations to upgrade the base system, kernel
 remote exploits a.s.o.

I got your point. Hmm RHEL 5.9 is still well supported till Q1 2014 and
further with minor or critical updates till 2017. (O.K. no dovecot
update :D )

For now no really need for us to rush to an other major release.

 You could look into building Dovecot from source to get v2.1 or v2.2.

May be I'll give that a try.

Thanks for your suggestions and feedback . Regards . Götz

-- 
Götz Reinicke
IT-Koordinator

Tel. +49 7141 969 82 420
Fax  +49 7141 969 55 420
E-Mail goetz.reini...@filmakademie.de

Filmakademie Baden-Württemberg GmbH
Akademiehof 10
71638 Ludwigsburg
www.filmakademie.de

Eintragung Amtsgericht Stuttgart HRB 205016

Vorsitzender des Aufsichtsrats: Jürgen Walter MdL
Staatssekretär im Ministerium für Wissenschaft,
Forschung und Kunst Baden-Württemberg

Geschäftsführer: Prof. Thomas Schadt



smime.p7s
Description: S/MIME Kryptografische Unterschrift

[Dovecot] Suggestions for upgrading dovecot 1.0.7 Redhat EL 5.x

[Götz Reinicke - IT Koordinator]

Hi,

we still have our solid rock dovecot 1.0.7 Redhat el 5.x up and running.

We don't need much magic or special setups.

However we'd like to think what might be the next step in upgrading our
setup. Each user one mbox mailbox. About 500 imap/pop3 accounts, 400GB data.

First of all: to what version is a good step from 1.0?

Can we get a rpm from e.g. atrpms repository?

Dose anyone has any experiences in doing such a big step forward?

Or should we think of migrating to a total updated Redhat EL 6.x /
Dovecot 2.0.x system?

Any suggestions and comments are welcome.

Regards . G. Reinicke
-- 
Götz Reinicke
IT-Koordinator

Tel. +49 7141 969 82 420
Fax  +49 7141 969 55 420
E-Mail goetz.reini...@filmakademie.de

Filmakademie Baden-Württemberg GmbH
Akademiehof 10
71638 Ludwigsburg
www.filmakademie.de

Eintragung Amtsgericht Stuttgart HRB 205016

Vorsitzender des Aufsichtsrats: Jürgen Walter MdL
Staatssekretär im Ministerium für Wissenschaft,
Forschung und Kunst Baden-Württemberg

Geschäftsführer: Prof. Thomas Schadt



smime.p7s
Description: S/MIME Kryptografische Unterschrift

Re: [Dovecot] Suggestions for upgrading dovecot 1.0.7 Redhat EL 5.x

[Götz Reinicke - IT Koordinator]

Am 26.02.13 14:48, schrieb Steffen Kaiser:
 On Tue, 26 Feb 2013, Götz Reinicke - IT Koordinator wrote:
 
 we still have our solid rock dovecot 1.0.7 Redhat el 5.x up and running.
 
 We don't need much magic or special setups.
 
 The configuration has been split up since v1.0, but you can grep through
 the files and find the spots easily. Also, if you didn't changed much in
 v1.0 (that is how I understand your don't need much magic or special
 setups), the chances are good, that you'll not change much in v2.1 or
 v2.2.

I'd review the configfiles and especially the great update documentation
from timo. For now we look save.

As far as I remember we just adjusted the mailbox path (mail_location)
and protocols (imaps/pop3s). And we use ssl certificates.

No mysql, sieve or quota etc stuff.

 
 However we'd like to think what might be the next step in upgrading our
 setup. Each user one mbox mailbox. About 500 imap/pop3 accounts, 400GB
 data.
 
 First of all: to what version is a good step from 1.0?
 
 I would setup a Dovecot v2.2 server, it's RC2, but Dovecot is usually
 more stable than other software ... .
 
 However, I would install the whole server anew, no automatic upgrade or
 whatsoever.

That's the point :) currently I don't have the hardware and time to
install a new system. So we thought doing a minor upgrade will improve
things a bit and we can get rid of one old bug without getting to much
trouble by doing a very big step ahead.

 
 Dose anyone has any experiences in doing such a big step forward?
 
 I have upgraded a v1.0 to v2.1 now. No big deal from Dovecot.

I read something about the index and mailbox/mailstorage formats might
have changed a bit and that dovecot is converting/correcting tham on the
flight.

Did you notice something like that?

 
 Can we get a rpm from e.g. atrpms repository?
 
 Ah, OK, then use the most current version available :-) I build Dovecot
 from source.
 
 Or should we think of migrating to a total updated Redhat EL 6.x /
 Dovecot 2.0.x system?
 
 I don't know Redhat, but it seems to be wise to upgrade. What's the
 Known Bug List or Known Security Holes in Redhat EL 5.x?

What do you mean by that? BTW it's strange to me that Redhat never
updated the main imap server part in there lon tearm supported
enterprice distribution ... (RH EL 6 comes with dovecot 2.0 ok ... )

Regards . Götz


--
Götz Reinicke - IT-Koordinator - Filmakademie Baden-Württemberg GmbH



smime.p7s
Description: S/MIME Kryptografische Unterschrift

[Dovecot] OT but E-Mail related. save a copy off all mail as eml

[Götz Reinicke]

Hi,

I'm sorry to bug you with an not directly dovecot related question, but
this is for me right now the place with the best mailsystem admins I know.

I'm asked if there is a way to save a copy of all mail we send trough
our sendmail server (Red Hat EL 5.x) in and out as an .eml file for
further processing by a DMS system. The files should be saved on some
network share.

Any suggestion are welcome and thanks. Best regards Götz
-- 
Götz Reinicke
IT-Koordinator

Tel. +49 7141 969 82 420
Fax  +49 7141 969 55 420
E-Mail goetz.reini...@filmakademie.de

Filmakademie Baden-Württemberg GmbH
Akademiehof 10
71638 Ludwigsburg
www.filmakademie.de

Eintragung Amtsgericht Stuttgart HRB 205016

Vorsitzender des Aufsichtsrats:
Jürgen Walter MdL
Staatssekretär im Ministerium für Wissenschaft,
Forschung und Kunst Baden-Württemberg

Geschäftsführer:
Prof. Thomas Schadt



smime.p7s
Description: S/MIME Kryptografische Unterschrift

[Dovecot] 487 imap-login processes - is this ok

[Götz Reinicke]

Hi,

recently I checked our mailserver for some more tuning and optimizing
and noticed, that currently I do have 487 imap-login processes and I'm
asking myself if that's o.k.

We do have about 1.000 user in total and not everybody is currently
logged in.

May be this is o.k. but if not, what might I check?

We run the dovecot package provided by redhat EL 5.8 dovecot-1.0.7-7.el5_7.1

Thanks for any comment or suggestion.

Regards . Götz
-- 
Götz Reinicke
IT-Koordinator

Tel. +49 7141 969 420
Fax  +49 7141 969 55 420
E-Mail goetz.reini...@filmakademie.de

Filmakademie Baden-Württemberg GmbH
Akademiehof 10
71638 Ludwigsburg
www.filmakademie.de

Eintragung Amtsgericht Stuttgart HRB 205016

Vorsitzender des Aufsichtsrats:
Jürgen Walter MdL
Staatssekretär im Ministerium für Wissenschaft,
Forschung und Kunst Baden-Württemberg

Geschäftsführer:
Prof. Thomas Schadt



smime.p7s
Description: S/MIME Kryptografische Unterschrift

[Dovecot] more than 200 imap processes for one user

[Götz Reinicke]

HI,

recently I noticed, that our dovecot server (RH EL 5.7
dovecot-1.0.7-7.el5_7.1) 'fires' up a lot of imap processes only for one
user.

I counted 214 :-) most of tham in the 'S' state and are started nearly
at the same time within 5 minutes.

Usually users do have about 4 to 10 

Dose anyone has an idea, what could be the cause?

Thanks for any suggestion and best regards . Götz

-- 
Götz Reinicke
IT-Koordinator

Tel. +49 7141 969 420
Fax  +49 7141 969 55 420
E-Mail goetz.reini...@filmakademie.de

Filmakademie Baden-Württemberg GmbH
Akademiehof 10
71638 Ludwigsburg
www.filmakademie.de

Eintragung Amtsgericht Stuttgart HRB 205016

Vorsitzender des Aufsichtsrats:
Jürgen Walter MdL
Staatssekretär im Ministerium für Wissenschaft,
Forschung und Kunst Baden-Württemberg

Geschäftsführer:
Prof. Thomas Schadt



smime.p7s
Description: S/MIME Kryptografische Unterschrift

[Dovecot] Upgrading dovecot 1.0.7 - 2.0.14 / Redhat EL 5.7

[Götz Reinicke]

Hi,

recently I debugged some load and performance and 'log out' problems and
found an error in the dovecot logs:

Error: pipe() failed: Too many open files

Googling around and reading some posts led to the conclusion, that my
problem is a bug, which will not be removed.

So I'm thinking of upgrading to the latest prebuild rpm from here:

http://packages.atrpms.net/dist/el5/dovecot/

As far as I understand the upgrading instructions, I'll be save as we
dont use special setting, but I'll check all changes.

My question: Dose anybody has done such an upgrade yet?

Or are there any suggestion or hints?

Thanks a lot and best regards.

Götz

-- 
Götz Reinicke
IT-Koordinator

Tel. +49 7141 969 420
Fax  +49 7141 969 55 420
E-Mail goetz.reini...@filmakademie.de

Filmakademie Baden-Württemberg GmbH
Akademiehof 10
71638 Ludwigsburg
www.filmakademie.de

Eintragung Amtsgericht Stuttgart HRB 205016

Vorsitzender des Aufsichtsrats:
Jürgen Walter MdL
Staatssekretär im Ministerium für Wissenschaft,
Forschung und Kunst Baden-Württemberg

Geschäftsführer:
Prof. Thomas Schadt




smime.p7s
Description: S/MIME Kryptografische Unterschrift

[Dovecot] Silent migration from mbox to maildir?

[Götz Reinicke - IT-Koordinator]

Hi,

after migrating to a new hardware (which is soo s mutch faster than
the old one) I start to think about migrating from mbox to maildir.

I'v read some docs and wikies and some questions are unanswered or maybe
I skip the answers:

- Is it possible to migrate the mboxes silent e.g. if a user logs in
the mbox is converted?

- regarding the Namespaces wiki article, it is possible to mix mbox and
Maildir for one user. Is it possible to use this setup for all newly
created accounts?

or

- Is it possible to have maildir set up for all newly created accounts
while the old accounts still use mbox?

Thanks for any suggestion and best regards,

Götz
-- 
Götz Reinicke
IT-Koordinator

Tel. +49 7141 969 420
Fax  +49 7141 969 55 420
E-Mail goetz.reini...@filmakademie.de

Filmakademie Baden-Württemberg GmbH
Akademiehof 10
71638 Ludwigsburg
www.filmakademie.de

Eintragung Amtsgericht Stuttgart HRB 205016
Vorsitzende des Aufsichtsrats:
Prof. Dr. Claudia Hübner
Staatsrätin für Demographischen Wandel und für Senioren im Staatsministerium

Geschäftsführer:
Prof. Thomas Schadt

[Dovecot] lot's of timeouts

[Götz Reinicke - IT-Koordinator]

Hi,

since some time ago we do have a lot of timeouts connecting to our
imap/po3 server. This week I switched the whole system to a new dual
quadcore xeon, 24GB RAM, SAS2 RAID-10. (SUN Fire 4170)

But the mailclients (mostly thunderbird and apple mail) still reporte
the timeouts by accessing the mailboxes.

The server is doing smtp, imap/pop3, webmailsystem and
spam/antivirus-checking all together. (RH EL 5, sendmail, horde, mysql,
mailscanner, spamassassin)

We use the original RH dovecot-1.0.7, mbox-format and mailboxes up to 4
GB ... (historicaly grown ...)

So where to start debugging the imap/pop3 timeouts? What information may
I provide, which doc may I read?

Thanks for helping me to find and fix the problem.


Best regards

Götz
-- 
Götz Reinicke
IT-Koordinator

Tel. +49 7141 969 420
Fax  +49 7141 969 55 420
E-Mail goetz.reini...@filmakademie.de

Filmakademie Baden-Württemberg GmbH
Akademiehof 10
71638 Ludwigsburg
www.filmakademie.de

Eintragung Amtsgericht Stuttgart HRB 205016
Vorsitzende des Aufsichtsrats:
Prof. Dr. Claudia Hübner
Staatsrätin für Demographischen Wandel und für Senioren im Staatsministerium

Geschäftsführer:
Prof. Thomas Schadt

Re: [Dovecot] lot's of timeouts

[Götz Reinicke - IT-Koordinator]

Hi Timo,

Timo Sirainen schrieb:
 On Dec 18, 2009, at 10:56 AM, Götz Reinicke - IT-Koordinator wrote:
 
 But the mailclients (mostly thunderbird and apple mail) still reporte
 the timeouts by accessing the mailboxes.

 The server is doing smtp, imap/pop3, webmailsystem and
 spam/antivirus-checking all together. (RH EL 5, sendmail, horde, mysql,
 mailscanner, spamassassin)

 We use the original RH dovecot-1.0.7, mbox-format and mailboxes up to 4
 GB ... (historicaly grown ...)
 
 Have you set mbox_very_dirty_syncs=yes?

grep mbox_very_dirty_syncs /etc/dovecot.conf
#mbox_very_dirty_syncs = no

so, I think no is the default.

Setting this to yes is may be faster?

 
 So where to start debugging the imap/pop3 timeouts? What information may
 I provide, which doc may I read?
 
 Anything in logs? Anyway my guess is that it spends all the time reading 
 those 4 GB mailboxes..
 

With that guess, you are not the only one ... beside my guts ... ;-)

If I do have the time, I'd like to switch over to e.g. maildir

/Götz
-- 
Götz Reinicke
IT-Koordinator

Tel. +49 7141 969 420
Fax  +49 7141 969 55 420
E-Mail goetz.reini...@filmakademie.de

Filmakademie Baden-Württemberg GmbH
Akademiehof 10
71638 Ludwigsburg
www.filmakademie.de

Eintragung Amtsgericht Stuttgart HRB 205016
Vorsitzende des Aufsichtsrats:
Prof. Dr. Claudia Hübner
Staatsrätin für Demographischen Wandel und für Senioren im Staatsministerium

Geschäftsführer:
Prof. Thomas Schadt

Re: [Dovecot] lot's of timeouts

[Götz Reinicke - IT-Koordinator]

Timo Sirainen schrieb:
 On Dec 18, 2009, at 11:08 AM, Götz Reinicke - IT-Koordinator wrote:
 
 We use the original RH dovecot-1.0.7, mbox-format and mailboxes up to 4
 GB ... (historicaly grown ...)
 Have you set mbox_very_dirty_syncs=yes?
 grep mbox_very_dirty_syncs /etc/dovecot.conf
 #mbox_very_dirty_syncs = no

 so, I think no is the default.

 Setting this to yes is may be faster?
 
 Are you using Dovecot deliver? If not, setting this to yes will help a lot.

Nop,

grep procmail /etc/mail/sendmail.mc

define(`PROCMAIL_MAILER_PATH', `/usr/bin/procmail')dnl
FEATURE(local_procmail, `', `procmail -t -Y -a $h -d $u')dnl
MAILER(procmail)dnl


 
 Anything in logs? Anyway my guess is that it spends all the time reading 
 those 4 GB mailboxes..

 With that guess, you are not the only one ... beside my guts ... ;-)

 If I do have the time, I'd like to switch over to e.g. maildir
 
 Yeah, maildir would be a good idea.

2010...


/Götz
-- 
Götz Reinicke
IT-Koordinator

Tel. +49 7141 969 420
Fax  +49 7141 969 55 420
E-Mail goetz.reini...@filmakademie.de

Filmakademie Baden-Württemberg GmbH
Akademiehof 10
71638 Ludwigsburg
www.filmakademie.de

Eintragung Amtsgericht Stuttgart HRB 205016
Vorsitzende des Aufsichtsrats:
Prof. Dr. Claudia Hübner
Staatsrätin für Demographischen Wandel und für Senioren im Staatsministerium

Geschäftsführer:
Prof. Thomas Schadt

Re: [Dovecot] Any suggestions for backing up an imap server and whould maildir or dbox be better than mbox?

[Götz Reinicke]

Hi,

Eduardo M KALINOWSKI schrieb:
 From: Götz Reinicke 
 Hi,

 we run a Red Hat EL 5.2 mailserver with dovecot as the imap server. 
 Mails are stored in mbox format and there are about 134GB of mail.

 At the moment users copy their importent mail to their workstation 
 accounts wich are backed up nightly.

 What are your suggestions to back up the mails not copied? Thanks for 
 any comments.
 
 You can simply rsync the whole mail store. Gets pretty efficient after the 
 first run. Or take a look at rdiff-backup if you need to store previous 
 copies.


thanks for the idea! I'll try it. I've one more question: What will
happen to files which are locked or opend; e.g. if users are still
logged in?

 
 BTW: Dose changing the mailbox format from mbox to Maildir or dbox dose 
 have any advantages?
 
 I don't think it makes any difference in this case.

I thought about the filelocking, so if the mailbox is one big file
backing up things will be different from backing up a lot of smaler
files... But may be rsync dose handel this also in a different way?

Thanks once more

Regards

Götz
-- 
Götz Reinicke
IT-Koordinator

Tel. +49 7141 969 420
Fax  +49 7141 969 55 420
E-Mail [EMAIL PROTECTED]

Filmakademie Baden-Württemberg GmbH
Mathildenstr. 20
71638 Ludwigsburg
www.filmakademie.de

Eintragung Amtsgericht Stuttgart HRB 205016
Vorsitzende des Aufsichtsrats:
Prof. Dr. Claudia Hübner
Staatsrätin für Demographischen Wandel und für Senioren im Staatsministerium

Geschäftsführer:
Prof. Thomas Schadt

[Dovecot] Any suggestions for backing up an imap server and whould maildir or dbox be better than mbox?

[Götz Reinicke]

Hi,

we run a Red Hat EL 5.2 mailserver with dovecot as the imap server. 
Mails are stored in mbox format and there are about 134GB of mail.


At the moment users copy their importent mail to their workstation 
accounts wich are backed up nightly.


What are your suggestions to back up the mails not copied? Thanks for 
any comments.


BTW: Dose changing the mailbox format from mbox to Maildir or dbox dose 
have any advantages?


Best regards

Götz Reinicke
--
Götz Reinicke
IT-Koordinator

Tel. +49 7141 969 420
Fax  +49 7141 969 55 420
E-Mail [EMAIL PROTECTED]

Filmakademie Baden-Württemberg GmbH
Mathildenstr. 20
71638 Ludwigsburg
www.filmakademie.de

Eintragung Amtsgericht Stuttgart HRB 205016
Vorsitzende des Aufsichtsrats:
Prof. Dr. Claudia Hübner
Staatsrätin für Demographischen Wandel und für Senioren im Staatsministerium

Geschäftsführer:
Prof. Thomas Schadt

Re: [Dovecot] Mails get lost - RHEL 5.1 - dovecot-1.0-1.2.rc15.el5

[Götz Reinicke]

Nikolay Shopik schrieb:
 On 04.12.2007 19:35, Götz Reinicke wrote:
 Hi,

 we do have a Voiceboxserver which forward recorded avi messages to the
 mailserver account of users. I'v tested it for my account 10 minutes ago
  and everything works.

 Some users don't get the messages shown up in there mailclient while the
 logs show a delivery of that mail.

 May be some mail caches are messed up?

 We use Thunderbird 2 and the users concerned use imap.

 Where may I look or what may I check?

 Thanks for your help!

 Regards

 Götz
   
 So you sure it was delivered, seen this on dovecot.info log? If you are
 using maildir you may check if file delivered and exist.

Hi,

has somewone done an upgrade of the red hat package from an other
source? E.g. I have rebuild the latest fedora core 8 rpm
(dovecot-1.0.7-2) without erros. But will an update to this version
break anything? May I addjust some settings?

Thanks for any suggestions!


Regards

Götz
-- 
Götz Reinicke
IT Koordinator

Tel. +49 7141 969 420
Fax  +49 7141 969 55 420
E-Mail [EMAIL PROTECTED]

Filmakademie Baden-Württemberg GmbH
Mathildenstr. 20
71638 Ludwigsburg
www.filmakademie.de

Eintragung Amtsgericht Stuttgart HRB 205016
Vorsitzender des Aufsichtsrats:
Dr. Christoph Palmer, MdL, Minister a.D.

Geschäftsführer:
Prof. Thomas Schadt