Re: Bug: Shared Mailbox - Case Sensitivity
Am I missing something, or might this be a bug as it seems to me? Am 16.09.16 um 14:21 schrieb Leander Schäfer: Hi Aki, Thanks for your advice. Yes, I'm aware of this. Yet lowercasing should be the default since Dovecot 2.1.x., isn't it? Yet I wouldn't know where exactly to implement this %L, since the ACLs are set through IMAP commands through the users mailclient like Thunderbird. So in other words, the email address to whom the user want to grant ACLs provided by the user's mailclient, has nothing to do with my auth backend where e.g. %u => %Lu would apply. PLease correct me if I'm wrong here. It clearly looks like a bug of the internal processing of the "dovecot-acl-list" files. It simply lacks on a lowercase enforcement in the code, like it already seems to do for the "dovecot-acl" file. Best regards Leander Schäfer Am 16.09.16 um 12:53 schrieb Aki Tuomi: On 16.09.2016 12:54, Leander Schäfer wrote: Hi, unfortunately I found a bug in Dovecot's ACL handling for shared mailboxes. It turns out Dovecot doesn't enforce lower casing the privileged username to whom the mailbox should be shared to. This results in a invalid configuration. Users get confused, since they passed on a valid email address in their ACL setup. /usr/local/www/default/mail/test@mydomain.localdomain/maildir/.Spam/dovecot-acl user=leander@mydomain.localdomain eilrwts ^^ works /usr/local/www/default/mail/leander@mydomain.localdomain/maildir/dovecot-acl user=test@mydomain.localdomain eilrwts ^^ works /usr/local/www/default/mail/test@mydomain.localdomain/maildir/.Drafts/dovecot-acl user=Leander@MyDomain.LocalDomain eilrwts ^^ Doesn't work Best regards Leander Schäfer Hi! Did you know you can use %Lu instead of %u to force lowercasing? Aki
Re: acl_group not working not working correctly
Any idea? Am 17.09.16 um 00:44 schrieb Leander Schäfer: Hi, I'm trying to setup group based ACLs coming from OpenLDAP. My setup doesn't require a POSIX Group match. In the Dovecot configuration file I have this: "user_attrs = [...], mailAclGroups=acl_groups" as well as "acl = vfile:/usr/local/etc/dovecot/global-acls:cache_secs=300". The user has "public" in the LDAP attribute "mailAclGroups". It seems to get everything right. I checked with doveadm - and I see public ist listed as expected: cat /var/log/debug.log [...] Sep 16 23:39:04 WM-01 dovecot: auth: Debug: client passdb out: OK 1 user=leander@mydomain.localdomain acl_groups=public [...] cat /usr/local/etc/dovecot/global-acls INBOX owner lrwstipekxa Drafts owner lrwstipeka Sent owner lrwstipeka Spam owner lrwstipeka Trash owner lrwstipeka Public authenticated l Public group-override=public lrwstipekx Public/* group-override=public lrwstipekx doveadm mailbox list -u leander@mydomain.localdomain Drafts Sent Trash Spam Shared Public Public/Service Center Shared/test@mydomain.localdomain Shared/test@mydomain.localdomain/Drafts Shared/test@mydomain.localdomain/Sent Shared/test@mydomain.localdomain/Trash Shared/test@mydomain.localdomain/Spam INBOX But here comes the strange thing: telnet equal to Thunderbird: . LIST "" "*" * LIST (\HasNoChildren \Drafts) "/" Drafts * LIST (\HasNoChildren \Sent) "/" Sent * LIST (\HasNoChildren \Trash) "/" Trash * LIST (\HasNoChildren \Junk) "/" Spam * LIST (\Noselect \HasChildren) "/" Shared * LIST (\HasChildren) "/" Shared/test@mydomain.localdomain * LIST (\HasNoChildren) "/" Shared/test@mydomain.localdomain/Drafts * LIST (\HasNoChildren) "/" Shared/test@mydomain.localdomain/Sent * LIST (\HasNoChildren) "/" Shared/test@mydomain.localdomain/Trash * LIST (\HasNoChildren) "/" Shared/test@mydomain.localdomain/Spam * LIST (\HasNoChildren) "/" INBOX . OK List completed (0.000 + 0.000 + 0.092 secs). Public and Public/* shoul be listed as well, but it isn't. Any idea why it is behaving like this? Thanks Best regards Leander Schäfer
Re: BUG - DELETE Public/Folder not working with Thunderbird
Alright. Thank you Am 17.09.16 um 17:20 schrieb Anton Yuzhaninov: On 2016-09-16 16:13, Leander Schäfer wrote: Thank you very much for your helpful hint. Thunderbird clearly wants to move Public/Test to the Trash of the user who subscribed the Public folder. Question is how to solve this from a Dovecot point of a view, so a user can also delete folders? 31432704[11f53e080]: 1f581800:192.168.10.52:A:SendData: 17 rename "Public/Test" "Trash/Test" 31432704[11f53e080]: ReadNextLine [stream=2ac7e870 nb=91 needmore=0] 31432704[11f53e080]: 1f581800:192.168.10.52:A:CreateNewLineFromSocket: 17 NO [CANNOT] Renaming not supported across non-private namespaces (0.000 + 0.000 secs). I don't sure something can be done by dovecot in this situation. You have to try workarounds in Thunderbird: http://kb.mozillazine.org/IMAP_folder_cannot_be_deleted I personally think, that MUA should delete folder (not rename) if folder is empty.
acl_group not working not working correctly
Hi, I'm trying to setup group based ACLs coming from OpenLDAP. My setup doesn't require a POSIX Group match. In the Dovecot configuration file I have this: "user_attrs = [...], mailAclGroups=acl_groups" as well as "acl = vfile:/usr/local/etc/dovecot/global-acls:cache_secs=300". The user has "public" in the LDAP attribute "mailAclGroups". It seems to get everything right. I checked with doveadm - and I see public ist listed as expected: cat /var/log/debug.log [...] Sep 16 23:39:04 WM-01 dovecot: auth: Debug: client passdb out: OK 1 user=leander@mydomain.localdomain acl_groups=public [...] cat /usr/local/etc/dovecot/global-acls INBOX owner lrwstipekxa Drafts owner lrwstipeka Sent owner lrwstipeka Spam owner lrwstipeka Trash owner lrwstipeka Public authenticated l Public group-override=public lrwstipekx Public/* group-override=public lrwstipekx doveadm mailbox list -u leander@mydomain.localdomain Drafts Sent Trash Spam Shared Public Public/Service Center Shared/test@mydomain.localdomain Shared/test@mydomain.localdomain/Drafts Shared/test@mydomain.localdomain/Sent Shared/test@mydomain.localdomain/Trash Shared/test@mydomain.localdomain/Spam INBOX But here comes the strange thing: telnet equal to Thunderbird: . LIST "" "*" * LIST (\HasNoChildren \Drafts) "/" Drafts * LIST (\HasNoChildren \Sent) "/" Sent * LIST (\HasNoChildren \Trash) "/" Trash * LIST (\HasNoChildren \Junk) "/" Spam * LIST (\Noselect \HasChildren) "/" Shared * LIST (\HasChildren) "/" Shared/test@mydomain.localdomain * LIST (\HasNoChildren) "/" Shared/test@mydomain.localdomain/Drafts * LIST (\HasNoChildren) "/" Shared/test@mydomain.localdomain/Sent * LIST (\HasNoChildren) "/" Shared/test@mydomain.localdomain/Trash * LIST (\HasNoChildren) "/" Shared/test@mydomain.localdomain/Spam * LIST (\HasNoChildren) "/" INBOX . OK List completed (0.000 + 0.000 + 0.092 secs). Public and Public/* shoul be listed as well, but it isn't. Any idea why it is behaving like this? Thanks Best regards Leander Schäfer
Re: BUG - DELETE Public/Folder not working with Thunderbird
Hi Anton, Thank you very much for your helpful hint. Thunderbird clearly wants to move Public/Test to the Trash of the user who subscribed the Public folder. Question is how to solve this from a Dovecot point of a view, so a user can also delete folders? 2020200448[10053c700]: proposed url = Public/Test folder for connection INBOX has To Wait = FALSE can run = FALSE 2020200448[10053c700]: proposed url = Public/Test folder for connection Public/Test has To Wait = FALSE can run = TRUE 31432704[11f53e080]: 1f581800:192.168.10.52:S-Public/Test:SendData: DONE 31432704[11f53e080]: ReadNextLine [stream=2ac7e870 nb=52 needmore=0] 31432704[11f53e080]: 1f581800:192.168.10.52:S-Public/Test:CreateNewLineFromSocket: 14 OK Idle completed (0.001 + 6.435 + 6.434 secs). 31432704[11f53e080]: 1f581800:192.168.10.52:S-Public/Test:ProcessCurrentURL: entering 31432704[11f53e080]: 1f581800:192.168.10.52:S-Public/Test:ProcessCurrentURL:imap://leander%40mydomain%2Elocaldomain@192.168.10.52:143/movefolderhierarchy%3E%5EPublic/Test%3E%5ETrash: = currentUrl 31432704[11f53e080]: 1f581800:192.168.10.52:S-Public/Test:SendData: 15 list (subscribed) "" "Public/Test/*" return (special-use) 31432704[11f53e080]: ReadNextLine [stream=2ac7e870 nb=44 needmore=0] 31432704[11f53e080]: 1f581800:192.168.10.52:S-Public/Test:CreateNewLineFromSocket: 15 OK List completed (0.000 + 0.000 secs). 31432704[11f53e080]: 1f581800:192.168.10.52:S-Public/Test:SendData: 16 close 31432704[11f53e080]: ReadNextLine [stream=2ac7e870 nb=45 needmore=0] 31432704[11f53e080]: 1f581800:192.168.10.52:S-Public/Test:CreateNewLineFromSocket: 16 OK Close completed (0.000 + 0.000 secs). 31432704[11f53e080]: 1f581800:192.168.10.52:A:SendData: 17 rename "Public/Test" "Trash/Test" 31432704[11f53e080]: ReadNextLine [stream=2ac7e870 nb=91 needmore=0] 31432704[11f53e080]: 1f581800:192.168.10.52:A:CreateNewLineFromSocket: 17 NO [CANNOT] Renaming not supported across non-private namespaces (0.000 + 0.000 secs). Best regards Leander Schäfer Am 16.09.16 um 21:33 schrieb Anton Yuzhaninov: On 2016-09-16 15:20, Leander Schäfer wrote: Unfortunately it looks like the parameter: "imap_client_workarounds = tb-extra-mailbox-sep" does not work. Neither inside nor outside "protocol imap {}" configuration section. ACLs are set correctly. Manual "DELETE Public/Test" via telnet is working as expected. Is this a known bug? It will be useful to run Thunderbird with debug log and see which command Thunderbird sends and how dovecot reply. Example of script to run TB with debug log: https://bitbucket.org/snippets/citrin/Bp5Xa (don't share full log, it contain auth info, search for the command with error).
BUG - DELETE Public/Folder not working with Thunderbird
Hi, Unfortunately it looks like the parameter: "imap_client_workarounds = tb-extra-mailbox-sep" does not work. Neither inside nor outside "protocol imap {}" configuration section. ACLs are set correctly. Manual "DELETE Public/Test" via telnet is working as expected. Is this a known bug? See: - https://help.ubuntu.com/community/Dovecot#Thunderbird - http://wiki.dovecot.org/Clients#Thunderbird # 2.2.25 (7be1766): /usr/local/etc/dovecot/dovecot.conf # Pigeonhole version 0.4.15 (97b3da0) # OS: FreeBSD 10.3-RELEASE amd64 [...] imap_client_workarounds = delay-newmail tb-extra-mailbox-sep tb-lsub-flags [...] namespace { list = children location = maildir:%%h/maildir:INDEX=~/maildir/Shared/%%u:CONTROL=~/maildir/Shared/%%u:INDEXPVT=~/maildir/Shared prefix = Shared/%%u/ separator = / subscriptions = no type = shared } namespace { hidden = no list = children location = maildir:~/../Public:LAYOUT=fs:INDEX=~/../Public:CONTROL=~/../Public:INDEXPVT=~/maildir/Public prefix = Public/ separator = / subscriptions = no type = public } [...] Best regards Leander Schäfer
Re: Bug: Shared Mailbox - Case Sensitivity
Hi Aki, Thanks for your advice. Yes, I'm aware of this. Yet lowercasing should be the default since Dovecot 2.1.x., isn't it? Yet I wouldn't know where exactly to implement this %L, since the ACLs are set through IMAP commands through the users mailclient like Thunderbird. So in other words, the email address to whom the user want to grant ACLs provided by the user's mailclient, has nothing to do with my auth backend where e.g. %u => %Lu would apply. PLease correct me if I'm wrong here. It clearly looks like a bug of the internal processing of the "dovecot-acl-list" files. It simply lacks on a lowercase enforcement in the code, like it already seems to do for the "dovecot-acl" file. Best regards Leander Schäfer Am 16.09.16 um 12:53 schrieb Aki Tuomi: On 16.09.2016 12:54, Leander Schäfer wrote: Hi, unfortunately I found a bug in Dovecot's ACL handling for shared mailboxes. It turns out Dovecot doesn't enforce lower casing the privileged username to whom the mailbox should be shared to. This results in a invalid configuration. Users get confused, since they passed on a valid email address in their ACL setup. /usr/local/www/default/mail/test@mydomain.localdomain/maildir/.Spam/dovecot-acl user=leander@mydomain.localdomain eilrwts ^^ works /usr/local/www/default/mail/leander@mydomain.localdomain/maildir/dovecot-acl user=test@mydomain.localdomain eilrwts ^^ works /usr/local/www/default/mail/test@mydomain.localdomain/maildir/.Drafts/dovecot-acl user=Leander@MyDomain.LocalDomain eilrwts ^^ Doesn't work Best regards Leander Schäfer Hi! Did you know you can use %Lu instead of %u to force lowercasing? Aki
Bug: Shared Mailbox - Case Sensitivity
Hi, unfortunately I found a bug in Dovecot's ACL handling for shared mailboxes. It turns out Dovecot doesn't enforce lower casing the privileged username to whom the mailbox should be shared to. This results in a invalid configuration. Users get confused, since they passed on a valid email address in their ACL setup. /usr/local/www/default/mail/test@mydomain.localdomain/maildir/.Spam/dovecot-acl user=leander@mydomain.localdomain eilrwts ^^ works /usr/local/www/default/mail/leander@mydomain.localdomain/maildir/dovecot-acl user=test@mydomain.localdomain eilrwts ^^ works /usr/local/www/default/mail/test@mydomain.localdomain/maildir/.Drafts/dovecot-acl user=Leander@MyDomain.LocalDomain eilrwts ^^ Doesn't work Best regards Leander Schäfer
Re: Content-Enconding
Thank you for your quick feedback. I added it to my plugins in the config. How can I make sure my mailclients are using it? Is there a way to check this like I can check headers with additional Firefox plug-in you may recomment? Kind regards Leander Am 04.12.15 um 15:30 schrieb Michael Slusarz: On 12/4/2015 6:11 AM, Leander Schäfer wrote: With Apache one may use "mod_deflate" in order to reduce bandwidth by using e.g. gzip to compress the http traffic. I would like to use something similar for email traffic between mail clients to dovecote and postfix. My questions are: https://tools.ietf.org/html/rfc4978 michael
Content-Enconding
Hi, With Apache one may use "mod_deflate" in order to reduce bandwidth by using e.g. gzip to compress the http traffic. I would like to use something similar for email traffic between mail clients to dovecote and postfix. My questions are: a) Is this established well enough in most mail clients? b) Can you recomment a good tutorial for this? Thank you very much
Re: imap-login: Fatal: pipe() failed: Too many open files
It turns out, that this errors "too many open files ..." occurred because a) missing "index ATTRIBUTE eq" for username and password in slapd.conf as well as b) password attribute was not read properly by dovecot from LDAP - I had to remove it from my schema and instead use "userPassword" from "objectclass: simpleSecurityObject" This two changes made the "too many open files ..." errors disapear. BUT, I still have the problem of receiving all those "dovecot: auth: Error:" lines in my maillog. I know I could turn them off by reducing debug parameters - but why is it declared as error in the first place - even though user authentication is working fine? Thanks & Best Regards, Leander Am 26.01.15 um 12:16 schrieb Leander Schäfer: I also keep on getting funny errors of dovecot EVEN THOUGH I authenticated successfully through SMTP (Dovecto SASL) ?!?! Just for debugging this entire issue I set those parameters: debug_level = -1 auth_verbose = yes auth_verbose_passwords = yes auth_debug = yes auth_debug_passwords = yes mail_debug = yes verbose_ssl = yes cat /var/loca/maillog Jan 26 12:08:22 WM-01 postfix/postfix-script[97931]: starting the Postfix mail system Jan 26 12:08:22 WM-01 postfix/master[97933]: daemon started -- version 1.0, configuration /usr/local/etc/postfix Jan 26 12:08:22 WM-01 dovecot: master: Dovecot v2.2.15 starting up for imap, pop3, lmtp Jan 26 12:08:59 WM-01 postfix/smtpd[99014]: connect from localhost[127.0.0.1] Jan 26 12:08:59 WM-01 dovecot: auth: Error: ldap_extended_operation_s Jan 26 12:08:59 WM-01 dovecot: auth: Error: ldap_extended_operation Jan 26 12:08:59 WM-01 dovecot: auth: Error: ldap_send_initial_request Jan 26 12:08:59 WM-01 dovecot: auth: Error: ldap_new_connection 1 1 0 Jan 26 12:08:59 WM-01 dovecot: auth: Error: ldap_int_open_connection Jan 26 12:08:59 WM-01 dovecot: auth: Error: ldap_connect_to_host: TCP 127.0.0.1:389 Jan 26 12:08:59 WM-01 dovecot: auth: Error: ldap_new_socket: 32 Jan 26 12:08:59 WM-01 dovecot: auth: Error: ldap_prepare_socket: 32 Jan 26 12:08:59 WM-01 dovecot: auth: Error: ldap_connect_to_host: Trying 127.0.0.1:389 Jan 26 12:08:59 WM-01 dovecot: auth: Error: ldap_pvt_connect: fd: 32 tm: -1 async: 0 Jan 26 12:08:59 WM-01 dovecot: auth: Error: attempting to connect: Jan 26 12:08:59 WM-01 dovecot: auth: Error: connect success Jan 26 12:08:59 WM-01 dovecot: auth: Error: ldap_open_defconn: successful Jan 26 12:08:59 WM-01 dovecot: auth: Error: ldap_send_server_request Jan 26 12:08:59 WM-01 dovecot: auth: Error: ldap_result ld 0x1245e100 msgid 1 Jan 26 12:08:59 WM-01 dovecot: auth: Error: wait4msg ld 0x1245e100 msgid 1 (infinite timeout) Jan 26 12:08:59 WM-01 dovecot: auth: Error: wait4msg continue ld 0x1245e100 msgid 1 all 1 Jan 26 12:08:59 WM-01 dovecot: auth: Error: ** ld 0x1245e100 Connections: Jan 26 12:08:59 WM-01 dovecot: auth: Error: * host: 127.0.0.1 port: 389 (default) Jan 26 12:08:59 WM-01 dovecot: auth: Error: refcnt: 2 status: Connected Jan 26 12:08:59 WM-01 dovecot: auth: Error: last used: Mon Jan 26 12:08:59 2015 Jan 26 12:08:59 WM-01 dovecot: auth: Error: Jan 26 12:08:59 WM-01 dovecot: auth: Error: Jan 26 12:08:59 WM-01 dovecot: auth: Error: ** ld 0x1245e100 Outstanding Requests: Jan 26 12:08:59 WM-01 dovecot: auth: Error: * msgid 1, origid 1, status InProgress Jan 26 12:08:59 WM-01 dovecot: auth: Error:outstanding referrals 0, parent count 0 Jan 26 12:08:59 WM-01 dovecot: auth: Error: ld 0x1245e100 request count 1 (abandoned 0) Jan 26 12:08:59 WM-01 dovecot: auth: Error: ** ld 0x1245e100 Response Queue: Jan 26 12:08:59 WM-01 dovecot: auth: Error:Empty Jan 26 12:08:59 WM-01 dovecot: auth: Error: ld 0x1245e100 response count 0 Jan 26 12:08:59 WM-01 dovecot: auth: Error: ldap_chkResponseList ld 0x1245e100 msgid 1 all 1 Jan 26 12:08:59 WM-01 dovecot: auth: Error: ldap_chkResponseList returns ld 0x1245e100 NULL Jan 26 12:08:59 WM-01 dovecot: auth: Error: ldap_int_select Jan 26 12:08:59 WM-01 dovecot: auth: Error: read1msg: ld 0x1245e100 msgid 1 all 1 Jan 26 12:08:59 WM-01 dovecot: auth: Error: read1msg: ld 0x1245e100 msgid 1 message type extended-result Jan 26 12:08:59 WM-01 dovecot: auth: Error: read1msg: ld 0x1245e100 0 new referrals Jan 26 12:08:59 WM-01 dovecot: auth: Error: read1msg: mark request completed, ld 0x1245e100 msgid 1 Jan 26 12:08:59 WM-01 dovecot: auth: Error: request done: ld 0x1245e100 msgid 1 Jan 26 12:08:59 WM-01 dovecot: auth: Error: res_errno: 0, res_error: <>, res_matched: <> Jan 26 12:08:59 WM-01 dovecot: auth: Error: ldap_free_request (origid 1, msgid 1) Jan 26 12:08:59 WM-01 dovecot: auth: Error: ldap_parse_extended_result Jan 26 12:08:59 WM-01 dovecot: auth: Error: ldap_parse_result Jan 26 12:08:59 WM-01 dovecot: auth: Error: ldap_msgfree Jan 26 12:08:59 WM-01 dovecot: auth: Error: TLS trace: SSL_connect:before/connect initialization Jan 26 12:08:59 WM-01 dovecot: aut
Re: Postfix , Dovecot & the Spam fight
Hi Harald puuhh - thank you for your positive feedback. I'm really relieved ;) It's been a pleasure to write batch scripts for configurin SpamAssassin - and it has also been running like a charm the past 6 years. Go to hell AmaViS ! Crap ;) Best regards Leander Am 09.02.15 um 22:33 schrieb Reindl Harald: Am 09.02.2015 um 22:29 schrieb Leander Schäfer: I'm currently busy with a substiution of my current mail server. I'm currently using * Clam-SMTP and * SpamAssassin to fight Spam. I wonder if it is worth implementing AmaViS with SpamAssassin backend instead and also using AmaViS to speak to clamd directly. But I more and more wonder wether AmaViS is even worth it?! It currently looks to me as if AmaViS is eating LOTS of ressources and it is very uncomfortable for automated installations if you have to do dynamic batch changes on the AmaViS configs - sed(1) is your friend but this hectic escaping and workarrounds is really not sustainable to maintain. So my question is: Does AmaViS have any advantages compared to the current setup? I don't seem to find lots of qualified discussions for this on the net. The AmaViS related articles I found are freaking old. Would be nice the get your best practice as a change i don't see advantages but issues if you ask something on the SA list and finally find out that amavis handles configurations different ressource usage is mostly the same, amavis is only the glue the hard work is done anyways by spamassassin and clamav for both milters exists so you can reject spam instead only flag and deliver or even more worse silently discard it - not a real problem with postscreen and RBL scroing in front, happy running here since 2014/08 with zero load even at peaks of 400 junk attempts per minute smtpd_milters = unix:/run/spamass-milter/spamass-milter.sock, unix:/run/clamav-milter/clamav-milter.socket
Postfix , Dovecot & the Spam fight
Hi, I'm currently busy with a substiution of my current mail server. I'm currently using * Clam-SMTP and * SpamAssassin to fight Spam. I wonder if it is worth implementing AmaViS with SpamAssassin backend instead and also using AmaViS to speak to clamd directly. But I more and more wonder wether AmaViS is even worth it?! It currently looks to me as if AmaViS is eating LOTS of ressources and it is very uncomfortable for automated installations if you have to do dynamic batch changes on the AmaViS configs - sed(1) is your friend but this hectic escaping and workarrounds is really not sustainable to maintain. So my question is: Does AmaViS have any advantages compared to the current setup? I don't seem to find lots of qualified discussions for this on the net. The AmaViS related articles I found are freaking old. Would be nice the get your best practice as a change. Thanks a lot Best regards Leander
LDAP: "unused" & "uid missing"
Does someone know what this means? It looks to me like it got the UID, yet it complains ... ? Also, why does it complain about attributes being unused, yet I use prefetch, so they will be used?! Log: [...] dovecot: auth: Debug: ldap(t...@mydomain.tld,192.168.10.233,): result: mailStorageDirectory=/var/vmail mailUidNumber=2110 mailGidNumber=2110 mailQuotaStorage=10240 mailQuotaMessages=20; mailQuotaMessages,mailStorageDirectory,mailUidNumber,mailQuotaStorage,mailGidNumber unused dovecot: auth: Debug: ldap(t...@mydomain.tld,192.168.10.233,): result: mailStorageDirectory=/var/vmail mailUidNumber=2110 mailGidNumber=2110 mailQuotaStorage=10240 mailQuotaMessages=20; uid missing [...] As mentioned, I use prefetch, so this is how my dovecot/dovecot-ldap.conf.ext is looking: [...] #user_attrs = mailStorageDirectory=home=%$/%u, mailStorageDirectory=mail=maildir:%$/%u/maildir, mailUidNumber=uid, mailGidNumber=gid, mailQuotaStorage=quota_rule=*:storage=%$, mailQuotaMessages=quota_rule2=*:messages=%$ pass_attrs = uid=user, userPassword=password, mailStorageDirectory=userdb_home=%$/%u, mailStorageDirectory=userdb_mail=maildir:%$/%u/maildir, mailUidNumber=userdb_uid, mailGidNumber=userdb_gid, mailQuotaStorage=userdb_quota_rule=*:storage=%$, mailQuotaMessages=userdb_quota_rule2=*:messages=%$ [...] Thanks
LDAP Quota Limits & Warnings
I found this on the dovecot wiki: The following limit names are supported: * *storage*: Quota limit in kilobytes, 0 means unlimited. * *bytes*: Quota limit in bytes, 0 means unlimited. * *messages*: Quota limit in number of messages, 0 means unlimited. This probably isn't very useful. * *backend*: Quota backend-specific limit configuration. * *ignore*: Don't include the specified mailbox in quota at all. As I understood it, all 5 limit categories are valid to use with maildir format while only "storage" and "messages" are valid to use with dmbox format, right? Also the "ignore" limit may appear more than one time for a user - like Trash:ignore and Spam:ignore, right? So I assumed following should work - and it does - except for "ignore" - even though LDAP does not hold multiple values for it - only a single one for each limit: user_attrs = [...] mailQuotaStorage=quota_rule=*:storage=%$, mailQuotaMessages=quota_rule2=*:messages=%$, mailQuotaIgnore=quota_rule3=*:ignore=%$ pass_attrs = [...] mailQuotaStorage=userdb_quota_rule=*:storage=%$, mailQuotaMessages=userdb_quota_rule2=*:messages=%$, mailQuotaIgnore=userdb_quota_rule3=*:ignore=%$ And unfortunately /var/log/maillog tells me: dovecot: imap(abuse@netocean.local): Error: user abuse@netocean.local: Initialization failed: Failed to initialize quota: Invalid quota root quota: Invalid rule *:ignore=Trash: Unknown rule limit name: ignore Yet /var/log/debug.log sounds a bit more promising ... but then again not really ... dovecot: imap: Debug: Added userdb setting: mail=maildir:/usr/local/www/default/mail/u...@mydomain.tld dovecot: imap: Debug: Added userdb setting: plugin/quota_rule=*:storage=1048576 dovecot: imap: Debug: Added userdb setting: plugin/quota_rule2=*:messages=10 dovecot: imap: Debug: Added userdb setting: plugin/quota_rule3=*:ignore=Trash dovecot: imap(abuse@netocean.local): Debug: Effective uid=2110, gid=2110, home=/var/vmail/u...@mydomain.tld/mail dovecot: imap(abuse@netocean.local): Debug: Quota root: name=User quota backend=maildir args= dovecot: imap(abuse@netocean.local): Debug: Quota rule: root=User quota mailbox=* bytes=1073741824 messages=0 dovecot: imap(abuse@netocean.local): Debug: Quota rule: root=User quota mailbox=* bytes=1073741824 messages=10 dovecot: imap(abuse@netocean.local): Debug: Quota rule: root=User quota mailbox=* bytes=1073741824 messages=10 Additionally, if one of the two working quotas (storage & messages) is exceeded than Dovecot sends out a warning from this setting: plugin { quota_warning = storage=90%% quota-warning 90 %u quota_warning2 = storage=75%% quota-warning 75 %u # What message to send to IMAP clients (and SMTP senders) when quota is exceeded? quota_exceeded_message = Quota exceeded, please go to http://MyDomain.TLD for instructions on how to fix this. } No my question is how to provide two different warnings. One for storage like: Sorry, you're mail storage is full. Please delete some. And a second for messages like: Sorry, you've too many messages. Please delete some. Thanks & Best Regards Leander
Re: Thunderbird: improper command pipelining after EHLO
I'll check my master.cf again. I'm also more and more sure the mistake is hiding in there. Thanks Am 26.01.15 um 15:29 schrieb Reindl Harald: Am 26.01.2015 um 15:22 schrieb Leander Schäfer: I couldn't find working solutions for this anomalie on the net. What does this mean and does someone know how to fix this? postfix/smtpd[18757]: improper command pipelining after EHLO from unknown[192.168.10.233]: QUIT\r\n that's hardly a dovecot topic and without "postconf -n", in doubt with content of "master.cf" and more informations nobody can help you at all On Mon, Jan 26, 2015 at 9:29 AM, Reindl Harald wrote: Am 26.01.2015 um 15:22 schrieb Leander Schäfer: I couldn't find working solutions for this anomalie on the net. What does this mean and does someone know how to fix this? postfix/smtpd[18757]: improper command pipelining after EHLO from unknown[192.168.10.233]: QUIT\r\n that's hardly a dovecot topic and without "postconf -n", in doubt with content of "master.cf" and more informations nobody can help you at all Agreed. smtpd means mail going out. Unless you setup dovecot to help with the authentication, it could not care less about how your email leaves your server. If you control your postfix server, crank up debugging and see if that helps. If you can't, try the thunderbird list/forum; it too has a debugging mode (https://wiki.mozilla.org/MailNews:Logging).
Thunderbird: improper command pipelining after EHLO
I couldn't find working solutions for this anomalie on the net. What does this mean and does someone know how to fix this? postfix/smtpd[18757]: improper command pipelining after EHLO from unknown[192.168.10.233]: QUIT\r\n Thanks Best Regards, Leander
Re: imap-login: Fatal: pipe() failed: Too many open files
ons: Jan 26 12:09:09 WM-01 dovecot: auth: Error: * host: 127.0.0.1 port: 389 (default) Jan 26 12:09:09 WM-01 dovecot: auth: Error: refcnt: 1 status: Connected Jan 26 12:09:09 WM-01 dovecot: auth: Error: last used: Mon Jan 26 12:09:09 2015 Jan 26 12:09:09 WM-01 dovecot: auth: Error: Jan 26 12:09:09 WM-01 dovecot: auth: Error: Jan 26 12:09:09 WM-01 dovecot: auth: Error: ** ld 0x1245e100 Outstanding Requests: Jan 26 12:09:09 WM-01 dovecot: auth: Error:Empty Jan 26 12:09:09 WM-01 dovecot: auth: Error: ld 0x1245e100 request count 0 (abandoned 0) Jan 26 12:09:09 WM-01 dovecot: auth: Error: ** ld 0x1245e100 Response Queue: Jan 26 12:09:09 WM-01 dovecot: auth: Error:Empty Jan 26 12:09:09 WM-01 dovecot: auth: Error: ld 0x1245e100 response count 0 Jan 26 12:09:09 WM-01 dovecot: auth: Error: ldap_chkResponseList ld 0x1245e100 msgid -1 all 0 Jan 26 12:09:09 WM-01 dovecot: auth: Error: ldap_chkResponseList returns ld 0x1245e100 NULL Jan 26 12:09:09 WM-01 dovecot: auth: Error: ldap_int_select Jan 26 12:09:20 WM-01 postfix/smtpd[99014]: lost connection after AUTH from localhost[127.0.0.1] Jan 26 12:09:20 WM-01 postfix/smtpd[99014]: disconnect from localhost[127.0.0.1] Am 26.01.15 um 11:27 schrieb Leander Schäfer: Am 26.01.15 um 02:24 schrieb Edgar Pettijohn: Sorry didn't scroll to the bottom to see the dovecot -n. I'm assuming freebsd has an /etc/login.conf similiar to openbsd. If so you may need to do something similiar to this: dovecot:\ :openfiles-cur=512:\ :openfiles-max=2048:\ :tc=daemon: Rebuild the login.conf.db file if necessary: # [ -f /etc/login.conf.db ] && cap_mkdb /etc/login.conf Hope this helps. Thanks for the hint. FreeBSD takes sysctl(8) settings as a base to ulimit(3). I even tried tuning on those values. sysctl kern.maxfilesperproc=405587 sysctl kern.maxfiles=428433 Unfortunately this does not solve the problem. I don't think it is the root of the problem. The current value - even with Dovecot and Postfix already running is: kern.openfiles: 675 It is just, that Dovecot is kind of in a frozen condition when trying to login to it via telnet(1). Am 26.01.15 um 02:20 schrieb Reindl Harald: Am 26.01.2015 um 02:13 schrieb Leander Schäfer: I just checked my ulimit again and it really seems like it has more than enough - so I still don't understand what I've configured wrong here ;/ root@WM-01 [~]$ su -m dovecot -c "ulimit -a" socket buffer size (bytes, -b) unlimited core file size (blocks, -c) unlimited data seg size (kbytes, -d) 33554432 file size (blocks, -f) unlimited max locked memory (kbytes, -l) 131072 max memory size (kbytes, -m) 7067352 open files (-n) 205587 pipe size(512 bytes, -p) 1 stack size (kbytes, -s) 8192 cpu time (seconds, -t) unlimited max user processes (-u) 11278 virtual memory (kbytes, -v) unlimited swap size (kbytes, -w) unlimited besides that "imap-login" typically does *not* run under the same user (here dovenull versus dovecot) who tells you that 205587 is "more than enough" just because it is a high value? Yes, because I am monitoring those values via Munin. I can clearly see that my system does not require a value even close to this. By average my system has 673 files open. In FreeBSD sysctl(8) is the base for ulimit(3) - meaning since I don't maintain user specific ulimit(3) - it is also the same values for dovenull, postfix, vmail and every other user on the system. My current sysctl(8) values should provide way enough space to grow super large: sysctl kern.maxfilesperproc=205587 sysctl kern.maxfiles=228433 And this is where it becomes so absurd to me. I don't see where I should tune anymore. I more and more get the feeling it is a configuration error of dovecot itself?! Thanks & Best Regards, Leander
Re: imap-login: Fatal: pipe() failed: Too many open files
Am 26.01.15 um 02:24 schrieb Edgar Pettijohn: Sorry didn't scroll to the bottom to see the dovecot -n. I'm assuming freebsd has an /etc/login.conf similiar to openbsd. If so you may need to do something similiar to this: dovecot:\ :openfiles-cur=512:\ :openfiles-max=2048:\ :tc=daemon: Rebuild the login.conf.db file if necessary: # [ -f /etc/login.conf.db ] && cap_mkdb /etc/login.conf Hope this helps. Thanks for the hint. FreeBSD takes sysctl(8) settings as a base to ulimit(3). I even tried tuning on those values. sysctl kern.maxfilesperproc=405587 sysctl kern.maxfiles=428433 Unfortunately this does not solve the problem. I don't think it is the root of the problem. The current value - even with Dovecot and Postfix already running is: kern.openfiles: 675 It is just, that Dovecot is kind of in a frozen condition when trying to login to it via telnet(1). Am 26.01.15 um 02:20 schrieb Reindl Harald: Am 26.01.2015 um 02:13 schrieb Leander Schäfer: I just checked my ulimit again and it really seems like it has more than enough - so I still don't understand what I've configured wrong here ;/ root@WM-01 [~]$ su -m dovecot -c "ulimit -a" socket buffer size (bytes, -b) unlimited core file size (blocks, -c) unlimited data seg size (kbytes, -d) 33554432 file size (blocks, -f) unlimited max locked memory (kbytes, -l) 131072 max memory size (kbytes, -m) 7067352 open files (-n) 205587 pipe size(512 bytes, -p) 1 stack size (kbytes, -s) 8192 cpu time (seconds, -t) unlimited max user processes (-u) 11278 virtual memory (kbytes, -v) unlimited swap size (kbytes, -w) unlimited besides that "imap-login" typically does *not* run under the same user (here dovenull versus dovecot) who tells you that 205587 is "more than enough" just because it is a high value? Yes, because I am monitoring those values via Munin. I can clearly see that my system does not require a value even close to this. By average my system has 673 files open. In FreeBSD sysctl(8) is the base for ulimit(3) - meaning since I don't maintain user specific ulimit(3) - it is also the same values for dovenull, postfix, vmail and every other user on the system. My current sysctl(8) values should provide way enough space to grow super large: sysctl kern.maxfilesperproc=205587 sysctl kern.maxfiles=228433 And this is where it becomes so absurd to me. I don't see where I should tune anymore. I more and more get the feeling it is a configuration error of dovecot itself?! Thanks & Best Regards, Leander
Re: imap-login: Fatal: pipe() failed: Too many open files
I just checked my ulimit again and it really seems like it hhas more than enough - so I still don't understand what I've configured wrong here ;/ root@WM-01 [~]$ su -m dovecot -c "ulimit -a" socket buffer size (bytes, -b) unlimited core file size (blocks, -c) unlimited data seg size (kbytes, -d) 33554432 file size (blocks, -f) unlimited max locked memory (kbytes, -l) 131072 max memory size (kbytes, -m) 7067352 open files (-n) 205587 pipe size(512 bytes, -p) 1 stack size (kbytes, -s) 8192 cpu time (seconds, -t) unlimited max user processes (-u) 11278 virtual memory (kbytes, -v) unlimited swap size (kbytes, -w) unlimited Best Regards, Leander Am 26.01.15 um 01:50 schrieb Leander Schäfer: Hi I keep on getting errors and can't connect/login to Dovecot. I did my research but unfortunately without success. It is for sure not ulimit because ulimit is set to unlimited per default already. Still , it complains about "Too many open files" but this is a test system and the service dovecot and postfix have just been started. No one except me is testing on this system. This is very weired ;/ root@WM-01 [~]$ service dovecot stop; service postfix stop ; echo "" > /var/log/maillog ; echo "" > /var/log/slapd.log ; service postfix start ; service dovecot start Stopping dovecot. Waiting for PIDS: 3245. postfix/postfix-script: stopping the Postfix mail system postfix/postfix-script: starting the Postfix mail system Starting dovecot. root@WM-01 [~]$ telnet 127.0.0.1 143 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. Connection closed by foreign host. root@WM-01 [~]$ cat /var/log/mail Jan 26 01:39:12 WM-01 dovecot: imap-login: Fatal: pipe() failed: Too many open files Jan 26 01:39:12 WM-01 dovecot: master: Error: service(imap-login): command startup failed, throttling for 4 secs If I uncoment port = 0 in POP and IMAP then it looks even worse then above. Telnet is not even closed by remote host and three of the "Too many open files" errors are showing up in maillog: root@WM-01 [~]$ telnet 127.0.0.1 143 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. ^] telnet> Connection closed. root@WM-01 [~]$ cat /var/log/maillog Jan 26 01:45:19 WM-01 postfix/postfix-script[60560]: starting the Postfix mail system Jan 26 01:45:19 WM-01 postfix/master[60562]: daemon started -- version 1.0, configuration /usr/local/etc/postfix Jan 26 01:45:19 WM-01 dovecot: master: Dovecot v2.2.15 starting up for imap, pop3, lmtp Jan 26 01:45:24 WM-01 dovecot: imap-login: Error: socket(login) failed: Too many open files Jan 26 01:45:24 WM-01 dovecot: imap-login: Error: auth: connect(login) failed: Too many open files Jan 26 01:45:24 WM-01 dovecot: imap-login: Error: net_accept() failed: Too many open files root@WM-01 [~]$ Does anyone have an idea what could be wrong here? I attached the relevant configuration below. I use OpenLDAP as backend. Please let me know if you need more information. Thank you very much. Best Regards, Leander # == dovecot -n == # # 2.2.15: /usr/local/etc/dovecot/dovecot.conf # Pigeonhole version 0.4.6 (3e924b1b6c5c+) # OS: FreeBSD 10.1-RELEASE amd64 ufs auth_debug = yes auth_debug_passwords = yes auth_failure_delay = 3 secs auth_mechanisms = plain login auth_verbose = yes auth_verbose_passwords = yes base_dir = /var/run/dovecot/ disable_plaintext_auth = no imap_client_workarounds = delay-newmail tb-extra-mailbox-sep tb-lsub-flags lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes login_greeting = Welcome to Mail Server. login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c %k mail_debug = yes mail_gid = vmail mail_location = maildir:/var/mail/%d/%n mail_plugins = quota expire mail_log notify mail_privileged_group = mail mail_temp_dir = /tmp/Dovecot mail_uid = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave duplicate namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { expire = Trash mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = uid box msgid size quota = maildir:User quota quota_exceeded_
imap-login: Fatal: pipe() failed: Too many open files
Hi I keep on getting errors and can't connect/login to Dovecot. I did my research but unfortunately without success. It is for sure not ulimit because ulimit is set to unlimited per default already. Still , it complains about "Too many open files" but this is a test system and the service dovecot and postfix have just been started. No one except me is testing on this system. This is very weired ;/ root@WM-01 [~]$ service dovecot stop; service postfix stop ; echo "" > /var/log/maillog ; echo "" > /var/log/slapd.log ; service postfix start ; service dovecot start Stopping dovecot. Waiting for PIDS: 3245. postfix/postfix-script: stopping the Postfix mail system postfix/postfix-script: starting the Postfix mail system Starting dovecot. root@WM-01 [~]$ telnet 127.0.0.1 143 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. Connection closed by foreign host. root@WM-01 [~]$ cat /var/log/mail Jan 26 01:39:12 WM-01 dovecot: imap-login: Fatal: pipe() failed: Too many open files Jan 26 01:39:12 WM-01 dovecot: master: Error: service(imap-login): command startup failed, throttling for 4 secs If I uncoment port = 0 in POP and IMAP then it looks even worse then above. Telnet is not even closed by remote host and three of the "Too many open files" errors are showing up in maillog: root@WM-01 [~]$ telnet 127.0.0.1 143 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. ^] telnet> Connection closed. root@WM-01 [~]$ cat /var/log/maillog Jan 26 01:45:19 WM-01 postfix/postfix-script[60560]: starting the Postfix mail system Jan 26 01:45:19 WM-01 postfix/master[60562]: daemon started -- version 1.0, configuration /usr/local/etc/postfix Jan 26 01:45:19 WM-01 dovecot: master: Dovecot v2.2.15 starting up for imap, pop3, lmtp Jan 26 01:45:24 WM-01 dovecot: imap-login: Error: socket(login) failed: Too many open files Jan 26 01:45:24 WM-01 dovecot: imap-login: Error: auth: connect(login) failed: Too many open files Jan 26 01:45:24 WM-01 dovecot: imap-login: Error: net_accept() failed: Too many open files root@WM-01 [~]$ Does anyone have an idea what could be wrong here? I attached the relevant configuration below. I use OpenLDAP as backend. Please let me know if you need more information. Thank you very much. Best Regards, Leander # == dovecot -n == # # 2.2.15: /usr/local/etc/dovecot/dovecot.conf # Pigeonhole version 0.4.6 (3e924b1b6c5c+) # OS: FreeBSD 10.1-RELEASE amd64 ufs auth_debug = yes auth_debug_passwords = yes auth_failure_delay = 3 secs auth_mechanisms = plain login auth_verbose = yes auth_verbose_passwords = yes base_dir = /var/run/dovecot/ disable_plaintext_auth = no imap_client_workarounds = delay-newmail tb-extra-mailbox-sep tb-lsub-flags lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes login_greeting = Welcome to Mail Server. login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c %k mail_debug = yes mail_gid = vmail mail_location = maildir:/var/mail/%d/%n mail_plugins = quota expire mail_log notify mail_privileged_group = mail mail_temp_dir = /tmp/Dovecot mail_uid = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave duplicate namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { expire = Trash mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = uid box msgid size quota = maildir:User quota quota_exceeded_message = Storage quota for this account has been exceeded, please try again later. quota_rule = *:storage=1G quota_rule2 = Trash:storage=+30%% quota_rule3 = Sent:storage=+30%% quota_warning = storage=90%% quota-warning 90 %u quota_warning2 = storage=75%% quota-warning 75 %u } pop3_client_workarounds = outlook-no-nuls oe-ns-eoh postmaster_address = i...@netocean.de sendmail_path = /usr/local/sbin/sendmail service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-userdb { group = vmail mode = 0600 user = vmail } } service imap-login { inet_listener imaps { port = 0 } } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0660 user = postfix } user = vmail } service pop3-login { inet_listener pop3s { port = 0 } } service quota-warning { executable = script /usr/local/bin
Re: Postfix Dovecot LDAP setup
... Silly me ... turns out I had a newline in my LDIF that's why it ignored all the attributes below. wasted 1.5 days on this flippn thing. Crap ;( Anyway .. happy to move on now ;) Am 22.01.15 um 22:19 schrieb Leander Schäfer: [EDIT]: Sorry about the second mail. ignore the first one - it had try & and error mistakes in. Problem is still the very same as explaned below. Thanks a lot. Hi, since days I'm trying to substitude my SQL based Postfix/Dovecot mail server by a LDAP based setup. Everything seems to go smooth so far - thanks to the many how to and Dovecot wiki. Unfortunately I'm struggeling, since I have to create individual a LDAP schema which suits the currently used LDAP structure. The current tructure looks like this: => dc=MyDomain,dc=TLD ==> ou=People ===> uid=User-1 > ou=mail ===> uid=User-2 > ou=mail ... and so on ... Within ou=mail should be the individual mail account(s) information of a user. So in the end I want to add a(nother) mail account by something like this: cat << EOF > ./newUser.ldif dn: mailAddress=t...@domain.tld,ou=mail,uid=User-1,ou=people,dc=MyDomain,dc=TLD objectclass: top objectclass: mailAccount mailAddress: t...@domain.tld MailPassword: {SSHA}SomePassword MailAccountStatus: active [...] EOF Therefore I setup a LDAP schema like the following, but it seems to ignore the attributes "MailPassword" and "noMailAccountStatus". Why? I don't understand what I'm missing here on my objectclass? ;/ # == LDAP schema === # # # OID Macros (10001 should be IANA-registered) # objectidentifier nameSpace 1.3.6.1.4.1.10001 objectidentifier mail nameSpace:1 objectidentifier objectClassAccount mail:1 objectidentifier objectClassAccountInfo mail:2 # # Attributes: objectClass[NAME]:1.[SERIAL] # attributetype ( objectClassAccount:1.1 NAME 'mailAddress' DESC 'The hosted mail addresses' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} SINGLE-VALUE ) attributetype ( objectClassAccount:1.2 NAME 'MailPassword' DESC 'The hosted mail password' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} ) attributetype ( objectClassAccount:1.3 NAME 'MailAccountStatus' DESC 'The status of a user account: active, noaccess, disabled, deleted' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) [...] # # Objects: objectClass[NAME]:2.[SERIAL] # objectclass ( objectClassAccount:2.1 NAME 'mailAccount' SUP ( top ) STRUCTURAL DESC 'Mail account' MUST ( mailAddress ) MAY ( MailPassword $ MailAccountStatus ) ) # == # Thanks Best Regards, Leander
Postfix Dovecot LDAP setup
[EDIT]: Sorry about the second mail. ignore the first one - it had try & and error mistakes in. Problem is still the very same as explaned below. Thanks a lot. Hi, since days I'm trying to substitude my SQL based Postfix/Dovecot mail server by a LDAP based setup. Everything seems to go smooth so far - thanks to the many how to and Dovecot wiki. Unfortunately I'm struggeling, since I have to create individual a LDAP schema which suits the currently used LDAP structure. The current tructure looks like this: => dc=MyDomain,dc=TLD ==> ou=People ===> uid=User-1 > ou=mail ===> uid=User-2 > ou=mail ... and so on ... Within ou=mail should be the individual mail account(s) information of a user. So in the end I want to add a(nother) mail account by something like this: cat << EOF > ./newUser.ldif dn: mailAddress=t...@domain.tld,ou=mail,uid=User-1,ou=people,dc=MyDomain,dc=TLD objectclass: top objectclass: mailAccount mailAddress: t...@domain.tld MailPassword: {SSHA}SomePassword MailAccountStatus: active [...] EOF Therefore I setup a LDAP schema like the following, but it seems to ignore the attributes "MailPassword" and "noMailAccountStatus". Why? I don't understand what I'm missing here on my objectclass? ;/ # == LDAP schema === # # # OID Macros (10001 should be IANA-registered) # objectidentifier nameSpace 1.3.6.1.4.1.10001 objectidentifier mail nameSpace:1 objectidentifier objectClassAccount mail:1 objectidentifier objectClassAccountInfo mail:2 # # Attributes: objectClass[NAME]:1.[SERIAL] # attributetype ( objectClassAccount:1.1 NAME 'mailAddress' DESC 'The hosted mail addresses' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} SINGLE-VALUE ) attributetype ( objectClassAccount:1.2 NAME 'MailPassword' DESC 'The hosted mail password' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} ) attributetype ( objectClassAccount:1.3 NAME 'MailAccountStatus' DESC 'The status of a user account: active, noaccess, disabled, deleted' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) [...] # # Objects: objectClass[NAME]:2.[SERIAL] # objectclass ( objectClassAccount:2.1 NAME 'mailAccount' SUP ( top ) STRUCTURAL DESC 'Mail account' MUST ( mailAddress ) MAY ( MailPassword $ MailAccountStatus ) ) # == # Thanks Best Regards, Leander
Postfix Dovecot LDAP setup
Hi, since days I'm trying to substitude my SQL based Postfix/Dovecot mail server by a LDAP based setup. Everything seems to go smooth so far - thanks to the many how to and Dovecot wiki. Unfortunately I'm struggeling, since I have to create individual a LDAP schema which suits the currently used LDAP structure. The current tructure looks like this: => dc=MyDomain,dc=TLD ==> ou=People ===> uid=User-1 > ou=mail ===> uid=User-2 > ou=mail ... and so on ... Within ou=mail should be the individual mail account(s) information of a user. So in the end I want to add a(nother) mail account by something like this: cat << EOF > ./newUser.ldif dn: mailAddress=t...@domain.tld,ou=mail,uid=User-1,ou=people,dc=MyDomain,dc=TLD objectclass: top objectclass: mailAccount mailAddress: t...@domain.tld noMailPassword: {SSHA}SomePassword noMailAccountStatus: active [...] EOF Therefore I setup a LDAP schema like the following, but it seems to ignore the attributes "MailPassword" and "noMailAccountStatus". Why? I don't understand what I'm missing here on my objectclass? ;/ # == LDAP schema === # # # OID Macros (10001 should be IANA-registered) # objectidentifier nameSpace 1.3.6.1.4.1.10001 objectidentifier mail nameSpace:1 objectidentifier objectClassAccount mail:1 objectidentifier objectClassAccountInfo mail:2 # # Attributes: objectClass[NAME]:1.[SERIAL] # attributetype ( objectClassAccount:1.1 NAME 'mailAddress' DESC 'The hosted mail addresses' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} SINGLE-VALUE ) attributetype ( objectClassAccount:1.2 NAME 'MailPassword' DESC 'The hosted mail password' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} ) attributetype ( objectClassAccount:1.3 NAME 'MailAccountStatus' DESC 'The status of a user account: active, noaccess, disabled, deleted' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) [...] # # Objects: objectClass[NAME]:2.[SERIAL] # objectclass ( objectClassAccount:2.1 NAME 'mailAccount' SUP ( top ) STRUCTURAL DESC 'Mail account' MUST ( mailAddress ) MAY ( MailPassword $ MailAccountStatus ) ) # == # Thanks Best Regards, Leander
Re: Does dovecot work OK on *BSD?
Hi Steve, Go for FreeBSD ;) it offers Dovecot(2) via ports or via package. I always recommend ports though, due to the fact of being able to enable/disable options - but that's your choise. Ports: cd /usr/ports/mail/dovecot2 make install clean or via pkg(8): pkg install dovecot2 I can allway recommend to ask your friend Google: "FreeBSD + Dovecot + Tutorial" or "FreeBSD + Dovecot + How to". According to my knowledge, it works quite the same with the other BSDs in your list. It's been a while since I worked with one of them. I sticked to FreeBSD * For updating / maintenance of ports and packages, I recommend portmaster. * For System binary related updates there is freebsd-update(8). Best Regards, Leander S. Am 25.09.14 18:14, schrieb Steve Litt: Hi all, I have a dovecot server on my Debian Wheezy desktop computer. My days with Debian are limited, and I'm investigating several 'BSD's: OpenBSD FreeBSD PCBSD NetBSD DragonflyBSD etc Is there any reason Dovecot wouldn't work on any of those? Does anyone know if those OS's have packages for Dovecot, or do I need to compile it myself? Thanks, SteveT Steve Litt* http://www.troubleshooters.com/ Troubleshooting Training * Human Performance
Re: Dovecot2 Antispam MAILTRAIN backend with SpamAssassin
I remember, that I also struggled for quite a while until I figured it out. Here is what I used on my FreeBSD Dovecot installation ... Remember, that the following code is working on "dovecot --version 1.2.12" ... but it could also be valid for later versions. I simply havn't checked it out yet. ### Dovecot AntiSpam ### # mail signature (used with any backend requiring a signature) #antispam_signature = X-Spam-Status #antispam_signature_missing = move antispam_mail_sendmail = /usr/local/etc/dovecot/sa-learn-helper.sh antispam_mail_sendmail_args = --username=%Lu antispam_mail_spam = --spam antispam_mail_notspam = --ham antispam_mail_tmpdir = /tmp antispam_spam = Spam #antispam_unsure = Virus antispam_trash = Trash echo '#!/usr/local/bin/bash #/usr/local/bin/sa-learn ${1} ${2} ${3} ${4} &> /var/log/DoveDamnAntiSpam.log /usr/local/bin/sa-learn "${1}" "${2}" "${3}" "${4}" exit 0 ' > /usr/local/etc/dovecot/sa-learn-helper.sh chmod 0777 /usr/local/etc/dovecot/sa-learn-helper.sh ; chown root:wheel /usr/local/etc/dovecot/sa-learn-helper.sh ; Best regards Leander Am 15.07.14 15:00, schrieb Mohammad S. Babaei: Hi there, I've already asked this question on FreeBSD forums without getting any response. So, I thought it's a good idea to ask it again here. I've setup Dovecote2 (2.2.13) + Postfix + SpamAssassin on my FreeBSD 10 VPS and it works flawlessly. Though, I couldn't setup the Dovecot Antispam plugin to train SpamAssassin when I move mails to the Junk folder. I installed the plugin from FreeBSD ports and followed the official documentation [1] and the man page [2] without any success. This is my configuration: # 2.2.13: /usr/local/etc/dovecot/dovecot.conf # OS: FreeBSD 10.0-RELEASE-p6 i386 ufs auth_mechanisms = plain login digest-md5 disable_plaintext_auth = no first_valid_gid = 6 first_valid_uid = 26 last_valid_gid = 6 last_valid_uid = 26 lmtp_save_to_detail_mailbox = yes mail_gid = mail mail_location = mdbox:/mail/%d/%u mail_privileged_group = mail mail_uid = mailnull managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace inbox { inbox = yes location = mailbox Archive { auto = no special_use = Archive } mailbox Drafts { auto = subscribe special_use = Drafts } mailbox Flagged { auto = no special_use = Flagged } mailbox Junk { auto = subscribe special_use = Junk } mailbox Sent { auto = subscribe special_use = Sent } mailbox Trash { auto = subscribe special_use = Trash } mailbox virtual/All { auto = no special_use = All } prefix = separator = / } passdb { args = /mail/%d/dovecot_passwd driver = passwd-file } plugin { antispam_backend = MAILTRAIN antispam_mail_notspam = --ham antispam_mail_sendmail = /mail/sa-learn-pipe.sh antispam_mail_spam = --spam antispam_spam = Junk antispam_trash = Trash quota_rule = *:storage=8GB sieve = /mail/%d/%u/dovecot.sieve sieve_dir = /mail/%d/%u sieve_global_dir = /mail/sieve sieve_global_path = /mail/sieve/globalfilter.sieve } protocols = imap pop3 lmtp sieve service auth { unix_listener auth-client { group = mail mode = 0660 user = postfix } unix_listener auth-master { group = mail mode = 0600 user = mailnull } user = root } service imap-login { inet_listener imap { address = * port = 143 } inet_listener imaps { address = * port = 993 } process_limit = 32 process_min_avail = 1 } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0660 user = postfix } } service managesieve-login { inet_listener sieve { port = 4190 } process_min_avail = 0 service_count = 1 vsz_limit = 64 M } service managesieve { process_limit = 1024 } service pop3-login { inet_listener pop3 { address = * port = 110 } inet_listener pop3s { address = * port = 995 } process_limit = 32 process_min_avail = 1 } ssl_cert = > /tmp/sa-learn-pipe.log #echo $* > /tmp/sendmail-parms.txt cat<&0 >> /tmp/sendmail-msg-$$.txt /usr/local/bin/sa-learn $* /tmp/sendmail-msg-$$.txt rm -f /tmp/sendmail-msg-$$.txt echo "$$-end" >> /tmp/sa-learn-pipe.log exit 0 I made it excecutable by all users using chmod a+x /mail/sa-learn-pipe.sh The problem is, there is no log in /var/log/maillog regarding the Antispam plugin, and the script won't get called when I move any message in/out to/from Junk folder. I'll appreciate any help.