Re: Dovecot Replication Errors (only) when using tcps: as the mail_replica Protocol
On 18/11/2020 19:37, Aakash Patel wrote:
Hello,
I have two mail servers and am also experiencing sporadic replication
errors over tcps, similar to Reuben. Each server is running Dovecot
2.3.11.3 (502c39af9) on Debian 10.6.
*Log entries from MX1*
Nov 18 00:39:26 mx1 dovecot:
dsync-local(u...@example.com): Error:
dsync(mx2.example.com): I/O has stalled, no activity for 600 seconds
(last sent=mailbox, last recv=mailbox_state)
Nov 18 00:39:26 mx1 dovecot:
dsync-local(u...@example.com): Error: Timeout
during state=sync_mails (send=mailbox recv=mailbox)
Nov 18 06:39:32 mx1 dovecot:
dsync-local(u...@example.com)<6bScGpwFtV+vEQAAPHKnuQ>: Error:
dsync(mx2.example.com): I/O has stalled, no activity for 600 seconds
(last sent=mailbox, last recv=mailbox_state)
Nov 18 06:39:32 mx1 dovecot:
dsync-local(u...@example.com)<6bScGpwFtV+vEQAAPHKnuQ>: Error: Timeout
during state=sync_mails (send=mailbox recv=mailbox)
*End*
*Log entries from MX2*
Nov 18 00:29:55 mx2 dovecot:
dsync-local(u...@example.com): Error: Couldn't
lock /var/vmail/u...@example.com/.dovecot-sync.lock:
fcntl(/var/vmail/u...@example.com/.dovecot-sync.lock, write-lock,
F_SETLKW) locking failed: Timed out after 30 seconds (WRITE lock held
by pid 628)
Nov 18 00:34:56 mx2 dovecot:
dsync-local(u...@example.com)<9IKaB2KytF92AgAA5XpYKg>: Error: Couldn't
lock /var/vmail/u...@example.com/.dovecot-sync.lock:
fcntl(/var/vmail/u...@example.com/.dovecot-sync.lock, write-lock,
F_SETLKW) locking failed: Timed out after 30 seconds (WRITE lock held
by pid 628)
Nov 18 00:39:26 mx2 dovecot: doveadm: Error: dsync(mx1.example.com):
I/O has stalled, no activity for 600 seconds (last sent=mail_change
(EOL), last recv=mailbox)
Nov 18 06:39:32 mx2 dovecot: doveadm: Error: dsync(mx1.example.com):
I/O has stalled, no activity for 600 seconds (last sent=mail_change
(EOL), last recv=mailbox)
*End*
I have configured "replication_full_sync_interval = 1 hours", which
explains why some of the sync errors occur at the same increment on
the hour (if the error does occur).
I've tested replication over tcps using either IPv6 or IPv4 -- this
did not appear to make a difference.
Changing replication to occur over tcp solves the issue (with "ssl =
yes" commented out, as well).
IMAP clients are primarily connecting to MX1 using SSL, which works
well (SSL connections to MX2 also work). These are very low traffic
machines at the moment (just 1 user as I continue testing).
I've attached the output of "dovecot -n" from each server.
Are there known bugs with replication using SSL? I'd appreciate any
guidance.
Thank you,
AP
For what it's worth, I had the same issue when setting this up a few
weeks ago. I switched to using SSH based transport and it's been great
ever since. Is that an option for you?
dsync_remote_cmd = ssh -l%{login} %{host} doveadm dsync-server -u%u
mail_replica = remote:r...@xx.xx.xx.xx
Cheers
James
Re: Odd replication behaviour
Solved. I knew this would happen. The act of writing it all out and including
the configuration output gave me the solution.
I am using lmtp to deliver mail from postfix to Dovecot. I was missing the
notify and replication plugins from 20-lmtp.conf
They were only present in 10-mail.conf as
mail_plugins = notify replication
Now, adding to 20-lmtp.conf:
protocol lmtp {
mail_plugins = sieve notify replication
}
Works fine now. Hope this helps someone else.
Cheers
James
> On 31 Oct 2020, at 14:40, James Pattinson wrote:
>
> Hi,
>
> I have just built a new pair of similar machines both running CentOS 8.2
> (selinux disabled) and Dovecot 2.3.8 (9df20d2db).
>
> One machine is a VPS (host A) and one is on my home network (host B). The
> idea is that they are set up in a master/master config with Dovecot
> replication.
>
> I seem to have this 95% working but there is one strange issue I can’t work
> out.
>
> Currently B is a perfect replica of A. I have pointed an instance of
> Thunderbird at it, and I can see all my mails. If I delete any mails or
> change any flags, I see the same changes almost instantly on the A side.
>
> PROBLEM: if host A receives a new mail, I don’t see it on B until I do
> ‘something’ to change metadata, for example deleting any random email, or
> marking an email as read on EITHER side causes the new email to appear almost
> instantly on the B side.
>
> I would have expected emails on B to appear immediately. Am I doing something
> wrong?
>
> Extra info - my mailboxes are in Maildir format with single OS user (vmail).
> I have about 4000 emails in the Inbox and about 30k in other folders.
>
> There are only 5 users and I’m using passdb as the very simple backend.
>
> Replication is via doveadm on a specified port (not SSH). Some output from
> dovecot -n is below.
>
> Cheers
> James
>
> HOST A
>
> # 2.3.8 (9df20d2db): /etc/dovecot/dovecot.conf
> # Pigeonhole version 0.5.8 (b7b03ba2)
> # OS: Linux 4.18.0-193.28.1.el8_2.x86_64 x86_64 CentOS Linux release 8.2.2004
> (Core) xfs
> # Hostname: hosta.domain
> auth_mechanisms = plain login
> doveadm_password = # hidden, use -P to show it
> doveadm_port = 4040
> first_valid_uid = 1000
> mail_debug = yes
> mail_home = /srv/vmail/%u
> mail_location = maildir:/srv/vmail/%u
> mail_plugins = notify replication
> managesieve_notify_capability = mailto
> managesieve_sieve_capability = fileinto reject envelope encoded-character
> vacation subaddress comparator-i;ascii-numeric relational regex imap4flags
> copy include variables body enotify environment mailbox date index ihave
> duplicate mime foreverypart extracttext
> mbox_write_locks = fcntl
> namespace inbox {
> inbox = yes
> location =
> mailbox Drafts {
>auto = subscribe
>special_use = \Drafts
> }
> mailbox Junk {
>auto = subscribe
>special_use = \Junk
> }
> mailbox Sent {
>special_use = \Sent
> }
> mailbox "Sent Messages" {
>special_use = \Sent
> }
> mailbox Trash {
>auto = subscribe
>special_use = \Trash
> }
> prefix =
> }
> passdb {
> args = scheme=BLF-CRYPT username_format=%u /etc/dovecot/users
> driver = passwd-file
> }
> plugin {
> mail_replica = tcp:b.b.b.b:4040
> sieve = file:~/sieve;active=~/.dovecot.sieve
> sieve_before = /var/mail/SpamToJunk.sieve
> }
> protocols = imap lmtp
> service aggregator {
> fifo_listener replication-notify-fifo {
>group = root
>mode = 0660
>user = vmail
> }
> unix_listener replication-notify {
>group = root
>mode = 0660
>user = vmail
> }
> }
> service auth {
> unix_listener /var/spool/postfix/private/auth {
>group = postfix
>mode = 0600
>user = postfix
> }
> }
> service doveadm {
> inet_listener {
>port = 4040
> }
> }
> service lmtp {
> unix_listener /var/spool/postfix/private/dovecot-lmtp {
>group = postfix
>mode = 0600
>user = postfix
> }
> }
> service replicator {
> process_min_avail = 1
> unix_listener replicator-doveadm {
>mode = 0600
>user = vmail
> }
> }
> ssl = required
> ssl_cert = ssl_cipher_list = PROFILE=SYSTEM
> ssl_dh = # hidden, use -P to show it
> ssl_key = # hidden, use -P to show it
> ssl_min_protocol = TLSv1.2
> ssl_prefer_server_ciphers = yes
> userdb {
> args = username_format=%u /etc/dovecot/users
> default_fields = uid=vmail gid=mail home=/srv/vmail/%u
> driver = passwd-file
> }
> protocol lmtp {
> mail_plugins = sieve
> }
> protocol lda {
> mail_plugins = notify replication sieve
> }
>
> HOST B
>
Odd replication behaviour
Hi,
I have just built a new pair of similar machines both running CentOS 8.2
(selinux disabled) and Dovecot 2.3.8 (9df20d2db).
One machine is a VPS (host A) and one is on my home network (host B). The idea
is that they are set up in a master/master config with Dovecot replication.
I seem to have this 95% working but there is one strange issue I can’t work out.
Currently B is a perfect replica of A. I have pointed an instance of
Thunderbird at it, and I can see all my mails. If I delete any mails or change
any flags, I see the same changes almost instantly on the A side.
PROBLEM: if host A receives a new mail, I don’t see it on B until I do
‘something’ to change metadata, for example deleting any random email, or
marking an email as read on EITHER side causes the new email to appear almost
instantly on the B side.
I would have expected emails on B to appear immediately. Am I doing something
wrong?
Extra info - my mailboxes are in Maildir format with single OS user (vmail). I
have about 4000 emails in the Inbox and about 30k in other folders.
There are only 5 users and I’m using passdb as the very simple backend.
Replication is via doveadm on a specified port (not SSH). Some output from
dovecot -n is below.
Cheers
James
HOST A
# 2.3.8 (9df20d2db): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.8 (b7b03ba2)
# OS: Linux 4.18.0-193.28.1.el8_2.x86_64 x86_64 CentOS Linux release 8.2.2004
(Core) xfs
# Hostname: hosta.domain
auth_mechanisms = plain login
doveadm_password = # hidden, use -P to show it
doveadm_port = 4040
first_valid_uid = 1000
mail_debug = yes
mail_home = /srv/vmail/%u
mail_location = maildir:/srv/vmail/%u
mail_plugins = notify replication
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy
include variables body enotify environment mailbox date index ihave duplicate
mime foreverypart extracttext
mbox_write_locks = fcntl
namespace inbox {
inbox = yes
location =
mailbox Drafts {
auto = subscribe
special_use = \Drafts
}
mailbox Junk {
auto = subscribe
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
auto = subscribe
special_use = \Trash
}
prefix =
}
passdb {
args = scheme=BLF-CRYPT username_format=%u /etc/dovecot/users
driver = passwd-file
}
plugin {
mail_replica = tcp:b.b.b.b:4040
sieve = file:~/sieve;active=~/.dovecot.sieve
sieve_before = /var/mail/SpamToJunk.sieve
}
protocols = imap lmtp
service aggregator {
fifo_listener replication-notify-fifo {
group = root
mode = 0660
user = vmail
}
unix_listener replication-notify {
group = root
mode = 0660
user = vmail
}
}
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0600
user = postfix
}
}
service doveadm {
inet_listener {
port = 4040
}
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0600
user = postfix
}
}
service replicator {
process_min_avail = 1
unix_listener replicator-doveadm {
mode = 0600
user = vmail
}
}
ssl = required
ssl_cert =
