Re: JMAP support?
Em 08/03/2021 16:43, @lbutlr escreveu: On 08 Mar 2021, at 02:15, Mark Constable wrote: There doesn't seem to be much interest in JMAP ou there, which means it is going to be pretty hard to get something working well unless you write it yourself. Or sponsor its development, if the OP is so interested on it! -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: Trying to install certbot on CentOS
Em 12/11/2020 13:44, Raymond Herrera escreveu: Apparently, RedHat/CentOS are not supporters of snap. You can always install the certbot RPM package for the CentOS 7, it's on the epel repository. [root@firewall ~]# cat /etc/redhat-release CentOS Linux release 7.8.2003 (Core) [root@firewall ~]# yum info certbot [ ]Available Packages Name : certbot Arch : noarch Version : 1.9.0 Release : 1.el7 Size : 46 k Repo : epel/x86_64 Summary : A free, automated certificate authority client URL : https://pypi.python.org/pypi/certbot License : ASL 2.0 Description : certbot is a free, automated certificate authority that aims : to lower the barriers to entry for encrypting all HTTP traffic on the internet. -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
ports with different crypto settings
Hello Everyone, Is it possible, with latest dovecot, to have different crypto settings on different pop/imap ports? Basically i'm looking to have one port with TLSv1 enabled, which will be exposed to internal networks only, and other ports with TLSv1.2+ only, which will be exposed to the external networks. The internal one will likely be running on a different port and traffic will be redirected to it via iptables, so user doesn't need to care about it. Is that possible? I haven't found anything similar on the documentations, it seems to me that crypto settings are global ... -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: Using SHA256/512 for SQL based password
Here i have SSHA256 working with:
default_pass_scheme = PLAIN
and my database scheme just received the hashed password prefixed
by the SSHA indicator, just like:
mysql> select * from emails where endereco = 'solutti@X'\G
*** 1. row ***
endereco: solutti@XX
password:
{SSHA256.HEX}d90bac4
quota: 51200
Em 12/02/2019 14:05, Robert Moskowitz via dovecot escreveu:
I have trying to find how to set the dovecot-sql.conf for using
SHA256/512. I am going to start clean with the stronger format, not
migrate from the old MD5. It seems all I need is:
driver = mysql connect = host=/var/lib/mysql/mysql.sock dbname=postfix
user=postfix password=$Postfix_Database_Password default_pass_scheme =
SHAxxx-CRYPT # following should all be on one line. password_query =
SELECT username as user, password, concat('/home/vmail/', maildir) as
userdb_home, concat('maildir:/home/vmail/', maildir) as userdb_mail,
101 as userdb_uid, 12 as userdb_gid FROM mailbox WHERE username = '%u'
AND active = '1' # following should all be on one line user_query =
SELECT concat('/home/vmail/', maildir) as home,
concat('maildir:/home/vmail/', maildir) as mail, 101 AS uid, 12 AS
gid, CONCAT('*:messages=3:bytes=', quota) as quota_rule FROM
mailbox WHERE username = '%u' AND active = '1'
where xxx is either 256 or 512. All the rest I have been finding in my
searches concern converting the format and are not needed for a clean
start?
thanks
--
Atenciosamente / Sincerily,
Leonardo Rodrigues
Solutti Tecnologia
http://www.solutti.com.br
Minha armadilha de SPAM, NÃO mandem email
gertru...@solutti.com.br
My SPAMTRAP, do not email it
Re: Log authentication attempts
Em 12/06/17 09:39, j.emerlik escreveu: Failed login attempts information may be useful in the fight with bruteforce attacks. fail2ban is your friend, it can analyze the logs, no need for saving that on database. -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: Backing up and restoring maildir folders
Backing up maildir is easy, just backup (and restore) the whole thing and, usually, that's as simple as that. However, for saving some backup space if that's a matter, i would exclude only the 'dovecot.index.cache*' files, as these can be rebuilt (some performance hit after the restore, of course) but, in some servers, that makes almost a 10% difference to me. Besides the cache files, you really should backup everything inside the maildir folders. Em 22/05/17 13:40, Timothy D Legg escreveu: Hello, I am migrating to a different distribution of Linux that involves changing to an earlier version of dovecot (2.2.22 to 2.2.13). As part of this process, I will be copying several maildirs to the new machine. One of these has a number of files and directories that resemble this one example: -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: CPU for Dovecot
Em 25/11/16 11:29, Miloslav Hůla escreveu: Hi, we are planning to change hardware for our standalone Dovecot instance handling ~5800 IMAP users with 1TB mailboxes on local RAID. Is there some recommendation about CPU? We can choose from: - Intel Xeon E5-2620v4 - 2,1GHz@8,0GT 20MB cache, 8core, HT, 85W, LGA2011 - Intel Xeon E5-2623v4 - 2,6GHz@8,0GT 10MB cache, 4core, HT, 85W, LGA2011 The difference is about more cores vs. hi frequency. Generally speaking, servers will benefith from more cores instead of faster cores. Servers usually are doing LOTS of things, and thus more cores use to be better. Unless you know you'll be doing something heavily CPU intensive, which generally mail related things are not. Even more important than choosing more cores x higher frequency, you should focus on faster I/O. This, specially on mail servers, can do a REAL difference ! -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: overview zlib efficiency?
Em 15/03/16 12:01, Götz Reinicke - IT Koordinator escreveu: Hi, may be someone has already done that: Do you have a script(?) tool which shows the efficiency of the mail compression if zlib is used? Something that shows the uncompressed size vrs. the compressed. While i dont have the data you're looking for, i do have lots of servers running with zlib enabled and, if someone makes the script, i can run on some servers and provide the results ! -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [patch] TLS Handshake failures can crash imap-login
On 24/04/15 18:17, Hanno Böck wrote: Hi, I tracked down a tricky bug in dovecot that can cause the imap-login and pop3-login processes to crash on handshake failures. This can be tested by disabling SSLv3 in the dovecot config (ssl_protocols = !SSLv2 !SSLv3) and trying to connect with openssl and forced sslv3 (openssl s_client -ssl3 -connect localhost:995). This would cause a crash. I couldnt reproduce that on a fully patched CentOS 6.6 box [root@correio ~]# cat /etc/redhat-release CentOS release 6.6 (Final) [root@correio ~]# openssl version OpenSSL 1.0.1e-fips 11 Feb 2013 [root@correio ~]# dovecot --version 2.2.16 (compiled from sources, not from any binary package) [root@correio ~]# grep ssl_proto /etc/dovecot/extras/10-ssl.conf ssl_protocols = !SSLv2 !SSLv3 from dovecot logs when running the openssl command: Apr 24 21:36:38 correio dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=, rip=127.0.0.1, lip=127.0.0.1, TLS handshaking: Disconnected dont know if it matters, but i'm running signed certificated from RapidSSL, not self-signed ones The openssl command returns an error but i see no crash at all [root@correio ~]# openssl s_client -ssl3 -connect localhost:995 CONNECTED(0003) 140022021363528:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1259:SSL alert number 40 140022021363528:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:598: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 7 bytes and written 0 bytes --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE SSL-Session: Protocol : SSLv3 Cipher: Session-ID: Session-ID-ctx: Master-Key: Key-Arg : None Krb5 Principal: None PSK identity: None PSK identity hint: None Start Time: 1429922121 Timeout : 7200 (sec) Verify return code: 0 (ok) --- [root@correio ~]# -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: Performance
On 24/04/15 08:26, absolutely_f...@libero.it wrote: My question is: is better to use SQLite instead of MySQL? Should I prefer dbox format? Thank you in advance for your opinion! While 10k accounts is not a few accounts, i wouldn't call that a LOT of accounts neither. Assuming that the query cache is active on MySQL, probably almost all your queries are being answered directly from the cache and, if not that, your tables shouldnt be that big and after a few queries should be all in cache memory of the Linux system. Your I/O costs on the MySQL should be very very very low, o i really doubt that MySQL is being part of your problem here. Unless, of course, that you have other heavy databases running on the MySQL instance your mail system is using... -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
check if anvil is working
Hi,
Is there any way of making sure the anvil service, used to penalty
login fails, is working ? I dont see anything on the logs regarding it
neither have it configured. It's not on my configuration files, but it
can be seen on a 'dovecot -a' dump. Should it be logging something ?
Should i have enabled it somehow ?
Thanks for the answers.
[root@correio log]# dovecot --version
2.2.13
(from dovecot -a dump)
service anvil {
chroot = empty
client_limit = 0
drop_priv_before_exec = no
executable = anvil
extra_groups =
group =
idle_kill = 4294967295 secs
privileged_group =
process_limit = 1
process_min_avail = 1
protocol =
service_count = 0
type = anvil
unix_listener anvil-auth-penalty {
group =
mode = 0600
user =
}
unix_listener anvil {
group =
mode = 0600
user =
}
user = $default_internal_user
vsz_limit = 18446744073709551615 B
}
--
Atenciosamente / Sincerily,
Leonardo Rodrigues
Solutti Tecnologia
http://www.solutti.com.br
Minha armadilha de SPAM, NÃO mandem email
gertru...@solutti.com.br
My SPAMTRAP, do not email it
Re: special what's my ip pop account
On 22/10/14 16:16, A. Schulze wrote: Reindl Harald: why that complex? just point them to a website webtraffic goes other ways via proxy server then pop3 so just get that fixed !!! Every good proxy solution can work in ways of exposing the real user IP to the internet. Just get that configured ! -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: question on lmtp logged message
Em 03/07/14 14:31, Timo Sirainen escreveu: On 25.6.2014, at 18.45, Leonardo Rodrigues leolis...@solutti.com.br wrote: I have dovecot running for IMAP4/POP3 and also local delivery through LMTP. It's working just fine, absolutely no problem on that, setup is fine. Anyway, sometimes LMTP seems to not be able to deliver some messages and keep them on postfixqueue. And on the next or third try, the message gets delivered successfully. The logged message, however, is not helping me identify what is happening.Example: (error - message was expunged) Jun 25 11:49:39 correio postfix/lmtp[21835]: ADB0A1AC05108: to=vanilson.parre...@domain.com.br, relay=correio.domain.com.br[private/dovecot-lmtp], conn_use=6, delay=13, delays=0.07/0/0/13, dsn=4.2.0, status=deferred (host correio.domain.com.br[private/dovecot-lmtp] said: 451 4.2.0 vanilson.parre...@domain.com.br Message was expunged (received-date) (in reply to end of DATA command)) I guess the only good fix for this is to just get rid of this deduplication feature for now: http://hg.dovecot.org/dovecot-2.2/rev/51274bf2a47d Hopefully people don't rely on this feature too much. Timo, Is it expected deliveries through LMTP to get slower with this patch ? I mean ... despite i was seeing the 'message was expunged' some few times a day, after applying the patch they really dissapear, but my deliveries starts to apparently get slower. I dont have real numbers to prove that, i can only guanratee that my queues are starting to grow up a lot with to-be-local-delivered messages. I experienced that last week after running the patched version for some hours. Reverted to plain 2.2.13 and queues were successfully emptied after some minutes. This weekend i installed the 2.2.13 patched one again and, by this morning, queues are growing again. I really do not understand dovecot internals and, sincerily, dont even know if i'm using some feature that depends on deduplication. Fact is that i'm running a pretty busy server and those 'message was expunged' situations werent a real problem. When it happened, message would be on the queue and probably delivered some minutes later, on the 1st or 2nd queue run after that. But if removing this deduplication tests/feature will slow down that much the deliveries, i'm afraid that, overall, the non-patched version is better to me. -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: question on lmtp logged message
Em 03/07/14 14:31, Timo Sirainen escreveu: On 25.6.2014, at 18.45, Leonardo Rodrigues leolis...@solutti.com.br wrote: I have dovecot running for IMAP4/POP3 and also local delivery through LMTP. It's working just fine, absolutely no problem on that, setup is fine. Anyway, sometimes LMTP seems to not be able to deliver some messages and keep them on postfixqueue. And on the next or third try, the message gets delivered successfully. The logged message, however, is not helping me identify what is happening.Example: (error - message was expunged) Jun 25 11:49:39 correio postfix/lmtp[21835]: ADB0A1AC05108: to=vanilson.parre...@domain.com.br, relay=correio.domain.com.br[private/dovecot-lmtp], conn_use=6, delay=13, delays=0.07/0/0/13, dsn=4.2.0, status=deferred (host correio.domain.com.br[private/dovecot-lmtp] said: 451 4.2.0 vanilson.parre...@domain.com.br Message was expunged (received-date) (in reply to end of DATA command)) I guess the only good fix for this is to just get rid of this deduplication feature for now: http://hg.dovecot.org/dovecot-2.2/rev/51274bf2a47d Hopefully people don't rely on this feature too much. Hi Timo, I patched the 2.2.13 tree source, recompiled and installed. I'll let it run for some days and look again if the messages dissapeared. I'm still getting some few of these everyday, so noticing if they dissapeared or continue to happen will be easy. -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: Mailboxes are in Maildir format. Any good backup tips? Had success with version control?
Em 01/07/14 00:16, Charles Cazabon escreveu: deoren dovecot-mailing-l...@whyaskwhy.org wrote: Right now I'm using LVM snapshots + tarballs for daily backups, but I'd like to get better coverage for incremental changes that occur throughout the day. The size of existing content is low, but (small) changes are frequent. If you actually want to preserve those increments (as opposed to just keeping an rsync mirror up-to-date), I like rdiff-backup. It handles maildirs well because of the one-message-per-file design. Some may agree with me, some may disagree. But for my Maildir backups, i usually exclude the files dovecot.index*. On the most common situations, you'll need to restore just one or other mailbox, so rebuilding those indexes wont kill the server. And by excluding these, i could save 10-15% of backup space on some cases with virtually no disadvantage. And on a worst case scenario, where i would need to restore the whole server and mailboxes, things will already be screwed, so knowing that dovecot would be harder on I/O for rebuilding the indexes will be just another problem :) -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: Mailboxes are in Maildir format. Any good backup tips? Had success with version control?
Em 01/07/14 09:06, Jiri Bourek escreveu: And on a worst case scenario, where i would need to restore the whole server and mailboxes, things will already be screwed, so knowing that dovecot would be harder on I/O for rebuilding the indexes will be just another problem :) That really depends, rebuilding indexes can increase your downtime for hours, so it may be better to pay a bit for extra storage space instead of not being paid at all by your customers. Anyway, for those not running a that critical system and can afford for an extra half hour of slowness, i really think the tip worths. And for those who, by any reason, cannot afford that extra storage space as well. But you're right, it's all a matter of calculating how critical your mission is and take the correct decisions for it. -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: Mailboxes are in Maildir format. Any good backup tips? Had success with version control?
Em 01/07/14 10:06, Eliezer Croitoru escreveu: On 07/01/2014 03:06 PM, Jiri Bourek wrote: That really depends, rebuilding indexes can increase your downtime for hours, so it may be better to pay a bit for extra storage space instead of not being paid at all by your customers. Building the index as far as I remember doesn't cost in downtime but in higher I/O usage which slows down the server. That's my knowledge as well. Rebuilt of indexes are done on-the-fly when the account is accessed and, thus, there's no downtime involved on that. Of course, with lots of big accounts and lots of initial accesses on the scenario where ALL accounts were restored without indexes, the I/O increase can be so high that the server will be basically unresponsive. That can happen for sure. But on the more common case, which will be restoring just a few accounts, that I/O increase will probably be unnoticable. -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: question on lmtp logged message
Em 26/06/14 03:32, Steffen Kaiser escreveu: On Wed, 25 Jun 2014, Leonardo Rodrigues wrote: Anyway, sometimes LMTP seems to not be able to deliver some messages and keep them on postfixqueue. And on the next or third try, the message gets delivered successfully. The logged message, however, is not helping me identify what is happening.Example: (error - message was expunged) Jun 25 11:49:39 correio postfix/lmtp[21835]: ADB0A1AC05108: to=vanilson.parre...@domain.com.br, relay=correio.domain.com.br[private/dovecot-lmtp], conn_use=6, delay=13, delays=0.07/0/0/13, dsn=4.2.0, status=deferred (host correio.domain.com.br[private/dovecot-lmtp] said: 451 4.2.0 vanilson.parre...@domain.com.br Message was expunged (received-date) (in reply to end of DATA command)) What does the Dovecot log says for the delivery attempt? exactly what's reported by postfix, no extra information there Jun 25 11:49:39 correio dovecot: lmtp(766, vanilson.parre...@domain.com.br): 645hNV7hqlP+AgAAHvf8vg: msgid=f12dac80721942c1842481355a0d0...@corporate.ad: save failed to INBOX: Message was expunged (received-date) How many recipients does the message has and, if so, what about the other recipients? After analyzing lots of cases (made a script for doing that), this seems to occur only on messages with more than 1 recipient, usually on messages with lots of recipients (10) altough i got some on messages with 2 or 3. Some days ago, when trying to optimize somethings on the server, i changed two dovecot parameters: maildir_copy_with_hardlinks to yes pop3_fast_size_lookups to yes previously, both were no. I have returned both values to 'no' and this situation, 'message was expunged' seems to not be occurring anymore. Can this behavior by any chance related to these settings ? -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: question on lmtp logged message
...@domain.com.br j1dRAU/IqlN6QAAAHvf8vg Saved) 1st recipient in fact checked email (and deleted the message) right after the delivery. Actual log sequence is: Jun 25 10:00:40 correio dovecot: pop3-login: Login: user=marcos.pere...@domain.com.br, method=PLAIN, rip=10.253.22.56, lip=10.252.38.2, mpid=7233 Jun 25 10:00:47 correio postfix/lmtp[6549]: EFEB31A4BB227: to=marcos.pere...@domain.com.br, relay=correio.domain.com.br[private/dovecot-lmtp], delay=16, delays=0/0/0/16, dsn=2.0.0, status=sent (250 2.0.0 marcos.pere...@domain.com.br uTsNO+/HqlOHGQAAHvf8vg Saved) Jun 25 10:00:48 correio dovecot: pop3(marcos.pere...@domain.com.br), rip=10.253.22.56, lip=10.252.38.2: Disconnected: Logged out top=0/0, retr=1/26872, del=1/1, size=26849 2nd recipient did NOT checked email near the delivery Jun 25 09:54:08 correio dovecot: pop3-login: Login: user=mario.cabre...@domain.com.br, method=PLAIN, rip=10.253.22.72, lip=10.252.38.2, mpid=29125 Jun 25 09:54:12 correio dovecot: pop3(mario.cabre...@domain.com.br), rip=10.253.22.72, lip=10.252.38.2: Disconnected: Logged out top=0/0, retr=11/1408320, del=11/11, size=1408058 Jun 25 10:06:49 correio dovecot: pop3-login: Login: user=mario.cabre...@domain.com.br, method=PLAIN, rip=10.253.22.72, lip=10.252.38.2, mpid=13391 Jun 25 10:06:50 correio dovecot: pop3(mario.cabre...@domain.com.br), rip=10.253.22.72, lip=10.252.38.2: Disconnected: Logged out top=0/0, retr=10/1923222, del=10/10, size=1923004 this is interesting ... logs seems to show clearly that right after the message was delivered to the 1st recipient, it was checked and deleted. Despite of that, 2nd recipient got the message successfully delivered. But we have also a delay=22 ... maybe lmtp instance had already opened the message BEFORE it was erased by the 1st user ? this delay is high, i know that and, usually, server do NOT suffer from this delays on deliveries. Anyway, during this problem period, queues were pretty large and, thus, load was very high, which i think explains this unusual delays. With these two cases, it really seems that this is somehow related to: - lmtp as delivery agent - multiple recipient messages - first (or previous users in fact) checked and deleted the message before all the recipients got the message delivery About the two parameters, maildir_copy_with_hardlinks and pop3_fast_size_lookups, i'll try to change them one at a time and try to reproduce the problems. Fact is i only had the problem with both set to yes and problems were completly vanished when both were set to no. -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
question on lmtp logged message
Hi, I have dovecot running for IMAP4/POP3 and also local delivery through LMTP. It's working just fine, absolutely no problem on that, setup is fine. Anyway, sometimes LMTP seems to not be able to deliver some messages and keep them on postfixqueue. And on the next or third try, the message gets delivered successfully. The logged message, however, is not helping me identify what is happening.Example: (error - message was expunged) Jun 25 11:49:39 correio postfix/lmtp[21835]: ADB0A1AC05108: to=vanilson.parre...@domain.com.br, relay=correio.domain.com.br[private/dovecot-lmtp], conn_use=6, delay=13, delays=0.07/0/0/13, dsn=4.2.0, status=deferred (host correio.domain.com.br[private/dovecot-lmtp] said: 451 4.2.0 vanilson.parre...@domain.com.br Message was expunged (received-date) (in reply to end of DATA command)) (successfull delivery) Jun 25 12:34:42 correio postfix/lmtp[6411]: ADB0A1AC05108: to=vanilson.parre...@domain.com.br, relay=correio.domain.com.br[private/dovecot-lmtp], delay=2716, delays=2714/0/0/2.3, dsn=2.0.0, status=sent (250 2.0.0 vanilson.parre...@domain.com.br U7pOLAHsqlPvMgAAHvf8vg Saved) During these two log entries, absolutely nothing was changed, no configuration, absolutely nothing. Everything is local, i mean, no NFS involved. So, finally, question is: what does the 'message was expunged' message given from LMTP means ??? This is happening quite often but, as i mentionted, sooner or later all messages are getting delivered. It's working despite the delay this is causing. [root@correio log]# dovecot --version 2.2.13 -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] maildir backup
Em 31/03/14 12:07, Nikolaos Milas escreveu: On 31/3/2014 10:52 πμ, Ramon Orrù wrote: Hi everybody, I'm trying to backup a dovecot instance, and i'm looking for a method to snapshot dovecot maildir in a properly way, and backup whole snapshot in a second step (tar). I read about dsync, end, if i'm not going wrong, it dumps correctly also dovecot indexes; is it the tool i need? Thank you for any hint. Ramon You could use dsync Replication (http://wiki2.dovecot.org/Replication) to another server. Then, you already have a real time backup! If you need a consistent backup instance, I guess you could stop the mirror server for a while to tar your mail directory. or you can use rsync for that ... get your slave server to rsync from the master one and, after rsync is finished, you can tar the folders and have a perfectly valid snapshot of your Maildirs ! -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] Not backing up cache files
i'm not the expert you're looking for, so dont take my word as one. And i'm basically using Maildir instead of mdbox ... Anyway, i have dropped 'dovecot.index*' from some backups, full and incremental ones, action which made me save some Gbs of space on them. I already restored some accounts from these backups and had absolutely no problem at all ! Em 26/03/14 05:05, Jesus Cea escreveu: I am using mdbox for dovecot storage. I wonder if I could skip dovecot.index.cache files and, in general, *.cache files when doing mail backup. Those files are big and change frequently. What I feel from reading documentation [1][2] is that they could be dropped in the backups, to be recreated on the fly if needed. But I would like expert confirmation. -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
[Dovecot] SMTP Proxy
Hi,
I have found a message on this mailing list dated August/2012 in
which is said that dovecot could not (at least at that time) do SMTP
Authentication using Proxy Features.
http://www.dovecot.org/list/dovecot/2012-August/067998.html
is this still true, given i'm using latest stable dovecot, v2.2.5 ?
extra informations ... smtp authentication is done by postfix using:
dovecot:
service auth {
unix_listener /var/spool/postfix/private/auth {
mode = 0660
user = postfix
group = postfix
}
}
postfix:
smtpd_sasl_type = dovecot
smtpd_sasl_path = /var/spool/postfix/private/auth
Thanks !
--
Atenciosamente / Sincerily,
Leonardo Rodrigues
Solutti Tecnologia
http://www.solutti.com.br
Minha armadilha de SPAM, NÃO mandem email
gertru...@solutti.com.br
My SPAMTRAP, do not email it
Re: [Dovecot] SMTP Proxy
Em 26/08/13 11:58, /dev/rob0 escreveu: On Mon, Aug 26, 2013 at 11:49:50AM -0300, Leonardo Rodrigues wrote: I have found a message on this mailing list dated August/2012 in which is said that dovecot could not (at least at that time) so SMTP Authentication using Proxy Features. http://www.dovecot.org/list/dovecot/2012-August/067998.html is this still true, given i'm using latest stable dovecot, v2.2.5 ? I believe it is. extra informations ... smtp authentication is done by postfix using: A bit of extra information which might help: what is the goal? Exactly what problem are you trying to solve? You have given us nothing to go on here. Well, actually i have already done a well detailed post on the dovecot mailing list some days ago explaining my whole problem, but got no answers on that. If you'd like to check it, it's archived on: http://dovecot.org/list/dovecot/2013-August/092012.html Thanks for your attention ! -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] SMTP Proxy
Em 26/08/13 13:05, /dev/rob0 escreveu: Well, actually i have already done a well detailed post on the dovecot mailing list some days ago explaining my whole problem, but got no answers on that. If you'd like to check it, it's archived on: http://dovecot.org/list/dovecot/2013-August/092012.html So you did. I didn't have an opinion on that at first sight, but on review, perhaps this is an idea for you: http://wiki2.dovecot.org/PasswordDatabase/IMAP remote authentication using IMAP ... it might work. I'll take a closer look on that and, if i can acchieve some useful configuration scenario, i'll update the other thread for archiving purposes :) thanks again ! -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
[Dovecot] weird situation with pop3/imap proxy and postfix authentication
Hello dovecot mailing list,
I have a server running postfix and dovecot. I havea configuration
on dovecot that allows me to provide imap4/pop3 messages for local
hosted users as well as for proxied users on other servers.
Basically, i have a simple MySQL table (imapproxy) with two fields,
'domain' and 'host'. My password_query isa 'UNION' query, exactly like:
password_query=select endereco as user, password, '/var/spool/mail/%u'
as userdb_home, 'maildir:/var/spool/mail/%u' as userdb_mail, 8 as
userdb_uid, 12 as userdb_gid, concat('*:storage=', quota) as
userdb_quota_rule, 'Trash:storage=+100M' as userdb_quota_rule2, 'Y' as
proxy_maybe, '10.252.38.2' as host from emails where endereco = '%u' and
ativa = '1' UNION select NULL as user, '%w' as password, NULL as
userdb_home, NULL as userdb_mail, NULL as userdb_uid, NULL as
userdb_gid, NULL as userdb_quota_rule, NULL as userdb_quota_rule2, 'Y'
as proxy_maybe, imapproxy.host as host from imapproxy where
imapproxy.dominio = '%d'
the 10.252.38.2 address, on the query, is my local server
when this query received a local user, from a domain that is NOT listed
on the imapproxy table, results are like:
*** 1. row ***
user: localu...@domain.com.br
password: (SSHA256 encrypted password)
userdb_home: /var/spool/mail/localu...@domain.com.br
userdb_mail: maildir:/var/spool/mail/localu...@domain.com.br
userdb_uid: 8
userdb_gid: 12
userdb_quota_rule: *:storage=51200
userdb_quota_rule2: Trash:storage=+100M
proxy_maybe: Y
host: 10.252.38.2
when it receives a proxied domain, results are:
*** 1. row ***
user: NULL
password: password
userdb_home: NULL
userdb_mail: NULL
userdb_uid: NULL
userdb_gid: NULL
userdb_quota_rule: NULL
userdb_quota_rule2: NULL
proxy_maybe: Y
host: 10.254.116.9
This is working just fine for IMAP4 and POP3 proxying. Local users
(which domains are NOT listed on imapproxy table) can successfully login
to their accountsas well as users from domains listed on imapproxy table
can successfully login to their accounts.
On SMTP authentication, tough, things are not so fine. SMTP
authentication is provided by dovecot to postfix:
[root@correio dovecot]# postconf mail_version
mail_version = 2.7.1
[root@correio dovecot]#
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_path = /var/spool/postfix/private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
service auth is defined on dovecot confs as:
service auth {
unix_listener auth-userdb {
mode = 0600
user = mail
group = mail
}
# Postfix smtp-auth
unix_listener /var/spool/postfix/private/auth {
mode = 0660
user = postfix
group = postfix
}
}
and it seems to be allowing ANYuser on any domain listed on the
imapproxy table domains to login, even if the user does not exists or
provides wrong password. In fact, it seems dovecot returns OK to postfix
even without trying to contact the assigned server to that domain, as i
cannot find any password-failed-specific log to that user on the
specific server. Example:
(a proxied domain)
[root@correio dovecot]# telnet mail.proxieddomain.com.br 110
Trying 10.254.116.9...
Connected to mail.proxieddomain.com.br (10.254.116.9).
Escape character is '^]'.
+OK Dovecot ready.
user te...@proxieddomain.com.br
+OK
pass password
-ERR Authentication failed.
(i can successfully find this auth trial and fail on 10.254.116.9 logs)
but on SMTP authentication, i have:
[root@correio dovecot]# perl -MMIME::Base64 -e \ 'print
encode_base64(teste\@proxieddomain.com.br\0teste\@proxieddomain.com.br\0password);'
x(not the real encoded pass)=
[root@correio dovecot]#
[root@correio dovecot]# telnet localhost 587
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 mail.domain.com.br ESMTP
EHLO test
250-mail.domain.com.br
[ ... ]
AUTH PLAIN (encoded string returned by perl encode_base64)
235 2.7.0 Authentication successful
(and i cannot even find any authentication log, fail or success, on the
specific server for proxieddomain.com.br)
dovecot version is:
[root@correio dovecot]# dovecot --version
2.2.2
[root@correio dovecot]#
what am i doing wrong here ? How to have dovecot to really check users
before giving OK to postfix on SMTP authentications ?
Thanks for any hints !
--
Atenciosamente / Sincerily,
Leonardo Rodrigues
Solutti Tecnologia
http://www.solutti.com.br
Minha armadilha de SPAM, NÃO mandem email
gertru...@solutti.com.br
My SPAMTRAP, do not email it
Re: [Dovecot] ntlm_auth in Dovecot
On Fri, 2012-06-08 at 16:53 +0200, Leonardo wrote: Hi, I'm trying getting NTLM auth working against AD in my Dovecot 2.0.15. I'm getting the following error: Jun 08 14:18:11 auth: Info: winbind(?,10.44.3.151): user not authenticated: NT_STATUS_UNSUCCESSFUL BTW I forgot to say that I've already disjoined and rejoined the server to the domain. I saw someone suggested that on the list (I wasn't subscribe until now). -- leonardo
Re: [Dovecot] ntlm_auth in Dovecot
On Fri, 2012-06-08 at 16:53 +0200, Leonardo wrote: Hi, I'm trying getting NTLM auth working against AD in my Dovecot 2.0.15. I'm getting the following error: Jun 08 14:18:11 auth: Info: winbind(?,10.44.3.151): user not authenticated: NT_STATUS_UNSUCCESSFUL wbinfo -u reports all the users of the domain and ntlm_auth --username=%name% --domain=%domain% gets authenticated successfully. Debugging winbind I can see the following error: [2012/06/08 14:18:11.129611, 10] winbindd/winbindd.c:651(process_request) process_request: unknown request fn number 14 [2012/06/08 14:18:11.129671, 10] winbindd/winbindd.c:738(winbind_client_response_written) winbind_client_response_written[2822:unknown request]: delivered response to client Upgrading to Dovecot 2.1.5 did not help. -- leo
[Dovecot] ntlm_auth in Dovecot
Hi,
I'm trying getting NTLM auth working against AD in my Dovecot 2.0.15.
I'm getting the following error:
Jun 08 14:18:11 auth: Info: winbind(?,10.44.3.151): user not
authenticated: NT_STATUS_UNSUCCESSFUL
wbinfo -u reports all the users of the domain and ntlm_auth
--username=%name% --domain=%domain% gets authenticated successfully.
Debugging winbind I can see the following error:
[2012/06/08 14:18:11.129611, 10]
winbindd/winbindd.c:651(process_request)
process_request: unknown request fn number 14
[2012/06/08 14:18:11.129671, 10]
winbindd/winbindd.c:738(winbind_client_response_written)
winbind_client_response_written[2822:unknown request]: delivered
response to client
My dovecot.conf is the following:
auth_mechanisms = plain ntlm login
auth_username_format = %n
auth_verbose = yes
auth_winbind_helper_path = /usr/bin/ntlm_auth
auth_use_winbind = yes
auth_debug = yes
disable_plaintext_auth = no
info_log_path = /var/log/dovecot-info.log
log_path = /var/log/dovecot.log
mail_location = maildir:/var/mail/domains/%d/%n
plugin {
autocreate = Trash
autocreate2 = Spam
autocreate3 = Sent
autosubscribe = Trash
autosubscribe2 = Spam
autosubscribe3 = Sent
}
protocols = imap
ssl = no
userdb {
driver = static
args = uid=100 gid=101 home=/var/mail/domains/%d/%n
first_valid_uid=100
}
passdb ldap {
driver = ldap
args = /etc/dovecot/dovecot-ldap.conf
}
protocol imap {
mail_plugins = autocreate
}
Sounds like there is an issue when Dovecot runs ntlm_auth. It doesn't
appear to be a permission issue (perms are 755).
Any help is appreciated. Thank you in advance.
-- leonardo.
[Dovecot] Reading Mutt mboxes from Thunderbird
Hi, I'm a user of Mutt, and before moving to Thunderbird I'm trying to share mboxes between them. To do this, I installed Dovecot to create an IMAP server in my local machine, to serve mutt mboxes to be read by Thunderbird. So far, I can read my inbox from /var/mail/%u, but in mutt, I have many folders in ~/mail, like 2010-mails, 2011-mails, mailing-list-x, mailing-list-y, and so on. How can I configure Dovecot to read them?. In /etc/dovecot/conf.d/10-mail.conf I have this: mail_location = mbox:~/Mail:INBOX=/var/mail/%u I'm using Ubuntu 11.10, and Dovecot 2.0.13. Regards, -- Leonardo M. Ramé Medical IT - Griensu S.A. Av. Colón 636 - Piso 8 Of. A X5000EPT -- Córdoba Tel.: +54(351)4246924 +54(351)4247788 +54(351)4247979 int. 19 Cel.: +54(351)156629292
Re: [Dovecot] Why imap_open function doesn't work while getting a mailbox through telnet works perfectly?
if it works through telnet, so dovecot is working and you probably have a PHP problem, which should be probably pointed to a PHP related mailing list. Em 20/12/11 17:20, I M escreveu: Hi, everybody! Question: Why imap_open function doesn't work while getting a mailbox through telnet works perfectly? Note: imap.so is loaded! imap.ini is parsed!php flags is checked! Is it a bug? -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] Quota warnings not being sent
Em 14/12/11 10:24, Patrick Westenberg escreveu:
This is what works for me:
service quota-warning {
executable = script /usr/local/etc/dovecot/quota-warning.sh
unix_listener quota-warning {
user = vmail
}
user = vmail
}
My configurations are similar to Patrick ones and works just fine:
service quota-warning {
executable = script /etc/dovecot/aviso-quota.sh
user = dovecot
unix_listener quota-warning {
user = mail
}
}
plugin {
quota_warning = storage=95%% quota-warning 95 %u
quota_warning2 = storage=85%% quota-warning 85 %u
quota_warning3 = storage=70%% quota-warning 70 %u
quota_exceeded_message = Quota excedida (caixa postal cheia) / Quota
exceeded (mailbox is full)
}
--
Atenciosamente / Sincerily,
Leonardo Rodrigues
Solutti Tecnologia
http://www.solutti.com.br
Minha armadilha de SPAM, NÃO mandem email
gertru...@solutti.com.br
My SPAMTRAP, do not email it
Re: [Dovecot] Quota warnings not being sent
Em 14/12/11 15:52, Nikolaos Milas escreveu: I think I'll now open a new thread on how to send rich/UTF-8 mail warnings. Probably you just need to format/encode it properly ... no big deal on that. -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
[Dovecot] dovecot penalties and anvil
Hi, I'm strugling to find some documentation on dovecot's anvil service and/or its penalties (that can be checked with doveadm penalty) ... but i'm not finding anything on that. is there any documentation on anvil/penalties that i should check other than a few messages on the mailing list archive ? thanks ! -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] compressed mailboxes ?
Em 08/03/11 12:57, Frank Bonnet escreveu: On 03/08/2011 04:54 PM, Frank Bonnet wrote: Hello Is it possible to use compressed mailboxes ( MBOX format ) with dovecot using a plugin ? Thanks I found the doc about zlib plugin ... so it is only possible with read only mailboxes huh ? the problem here is the mbox format the zlib plugin works flawlessly to store compressed files with Maildir mailboxes. I'm using it on several servers to serve some thousand mailboxes. -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] utility to copy/sync IMAP mailboxes
i have used imapsync on several migrations and it works flawlessly ! Try it ... Em 06/01/11 17:54, Rick Romero escreveu: Quoting Don Buchholz buchh...@easystreet.net: Any suggestions for a stable, reliable (copy/duplicate/mirror/sync) tool that can do the job using only IMAP access? (No SSL support required.) I've used IMAPSync fairly successfully (Perl), though I hear iSync is supposed to be better (C).. http://www.linux-france.org/prj/imapsync/ http://isync.sourceforge.net/ -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] Deliver limit based of number of destination recipients and size of mails, any option to do that?
policyd is a policy server, which can be used in postfix, and can be used to acchieve quota limitations to help you solve this kind of situations. you should take a look in it: http://www.policyd.org/ Making this limitation on dovecot, if possible, would limit the delivery only for your local users. And i'm sure your employees are also sending those powerpoint stuff to outside users as well. So, the right place to limit this is postfix, which handles all users, local and remote ones. Em 23/12/10 11:14, Andrés Yacopino escreveu: I have a mail server with postfix, dovecot (1.2.15) and deliver lda (dovecot) with 350 users. I have the problem that in this christmas the employees are sending some big files (mainly powerpoints files) to a lot of recipients, because of that the server get a lot of charge (is a Xeon quad core 5405 with 4GB of Ram), i have four disks in Raid 5 configuration (HP E200 controller, not very fast) Is there any option to limit this type of delivery, the total size of the mails delivered to each user (total recipients * size of mail), in dovecot deliver. I don't want to limit the concurrent delivery more lower than 350 recipients and the max size of the mail we can send is 15M. Thanks a lot, -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] Filtering IP address connections ?
why not make things easier and use your OS packet filter for that ? iptables for linux, for example Em 18/10/2010 10:22, Frank Bonnet escreveu: Hello Is it possible to refuse connections from some IP address in Dovecot configuration ? -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] question on quota configuration on 2.0.5
Hi Timo,
Em 04/10/2010 11:19, Timo Sirainen escreveu:
On Sun, 2010-10-03 at 16:09 -0300, Leonardo Rodrigues wrote:
password_query = select endereco as user, password, '/var/spool/mail/%u'
as userdb_home, 'maildir:/var/spool/mail/%u' as userdb_mail, 8 as
userdb_uid, 12 as userdb_gid, concat('*:storage=', quota) as
userdb_quota_rule, 'Trash:storage=100M' as userdb_quota_rule2 from
emails where endereco = '%u' and ativa = '1'
You have only one user? Maybe you should be using passwd-file instead of
SQL..
No, i have a lot of users users are replaced bu the %u
variable and are stored on my column field named 'endereco'
Oct 3 16:08:09 ns2 dovecot: imap(u...@domain.com), rip=127.0.0.1,
lip=127.0.0.1: Error: quota: Unknown namespace: Trash
about changing 100M to +100M, that's OK, no problem but even
after changing that, i still keep getting the 'unknown namespace' message.
What kind of namespace configuration do you have? (dovecot -n)
on 1.2 it was:
namespace:
type: private
prefix: INBOX.
inbox: yes
list: yes
subscriptions: yes
on 2.0 with that same configuration, i got the errors i posted before.
question: what's the correct way of doing this configuration on
dovecot 2.0 ? The idea of this configuration is to give plus 100M of the
user's quota on the Trash folder, thus avoiding problems with out
webmail which copies messages to trash before erasing from the actual
folder.
Are you sure it worked in v1.2? I'm rather guessing that v1.2 just
didn't give an error about it.
you seem to be completly right things wasnt working as
expected on 1.2 altough there were no errors and warnings.
to get things working on 2.0 as they were working on 1.2, i had to
configure like this:
namespace {
hidden = no
inbox = yes
list = yes
location =
prefix = INBOX.
separator = .
type = private
}
namespace {
inbox = no
location =
prefix =
separator = .
}
and now things are working exactly as i expected and exactly they
worked on 1.2.
--
Atenciosamente / Sincerily,
Leonardo Rodrigues
Solutti Tecnologia
http://www.solutti.com.br
Minha armadilha de SPAM, NÃO mandem email
gertru...@solutti.com.br
My SPAMTRAP, do not email it
[Dovecot] question on quota configuration on 2.0.5
Hi,
On dovecot 1.2 i had the following configuration on my
dovecot-sql.conf file:
password_query = select endereco as user, password, '/var/spool/mail/%u'
as userdb_home, 'maildir:/var/spool/mail/%u' as userdb_mail, 8 as
userdb_uid, 12 as userdb_gid, concat('*:storage=', quota) as
userdb_quota_rule, 'Trash:storage=100M' as userdb_quota_rule2 from
emails where endereco = '%u' and ativa = '1'
special attention to
'Trash:storage=100M' as userdb_quota_rule2
after migrating to 2.0.5, i got this warning on the logs:
Oct 3 16:06:41 ns2 dovecot: imap(u...@domain.com), rip=127.0.0.1,
lip=127.0.0.1: Warning: quota root User quota rule Trash:storage=100M:
obsolete configuration for rule 'storage=100M' should be changed to
'storage=+100M'
Oct 3 16:08:09 ns2 dovecot: imap(u...@domain.com), rip=127.0.0.1,
lip=127.0.0.1: Error: quota: Unknown namespace: Trash
about changing 100M to +100M, that's OK, no problem but even
after changing that, i still keep getting the 'unknown namespace' message.
question: what's the correct way of doing this configuration on
dovecot 2.0 ? The idea of this configuration is to give plus 100M of the
user's quota on the Trash folder, thus avoiding problems with out
webmail which copies messages to trash before erasing from the actual
folder.
--
Atenciosamente / Sincerily,
Leonardo Rodrigues
Solutti Tecnologia
http://www.solutti.com.br
Minha armadilha de SPAM, NÃO mandem email
gertru...@solutti.com.br
My SPAMTRAP, do not email it
Re: [Dovecot] [Dovecot-news] v2.0.4 released
Hi Timo, i couldnt compile 2.0.4 anymore after applying the 2 proposed patches. Without them, 2.0.4 builds just fine. ./configure was issued AFTER the patches were applied ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var \ INSTALL_DATA=install -c -p -m644 --with-mysql --with-sql=plugin \ --with-ssl=openssl --with-notify=inotify --with-zlib --with-bzlib \ --with-pic \ --without-nss \ --without-shadow \ --without-gssapi \ --without-ldap \ --without-vpopmail \ --without-pam \ --without-bsdauth \ --without-sia \ --without-ldap compilation halts on /bin/sh ../../../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -I../../.. -I../../../src/lib -I../../../src/lib-mail -I../../../src/lib-index -I../../../src/lib-storage -I../../../src/lib-storage/index -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -Wstrict-aliasing=2 -I/usr/kerberos/include-MT zlib-plugin.lo -MD -MP -MF .deps/zlib-plugin.Tpo -c -o zlib-plugin.lo zlib-plugin.c libtool: compile: gcc -DHAVE_CONFIG_H -I. -I../../.. -I../../../src/lib -I../../../src/lib-mail -I../../../src/lib-index -I../../../src/lib-storage -I../../../src/lib-storage/index -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -Wstrict-aliasing=2 -I/usr/kerberos/include -MT zlib-plugin.lo -MD -MP -MF .deps/zlib-plugin.Tpo -c zlib-plugin.c -fPIC -DPIC -o .libs/zlib-plugin.o mv -f .deps/ostream-zlib.Tpo .deps/ostream-zlib.Plo In file included from zlib-plugin.c:8: ../../../src/lib-storage/index/dbox-single/sdbox-storage.h:5:26: error: dbox-storage.h: No such file or directory In file included from zlib-plugin.c:8: ../../../src/lib-storage/index/dbox-single/sdbox-storage.h:19: error: field 'storage' has incomplete type ../../../src/lib-storage/index/dbox-single/sdbox-storage.h:37: warning: 'struct dbox_file' declared inside parameter list ../../../src/lib-storage/index/dbox-single/sdbox-storage.h:37: warning: its scope is only this definition or declaration, which is probably not what you want ../../../src/lib-storage/index/dbox-single/sdbox-storage.h:37: warning: 'struct dbox_mail' declared inside parameter list In file included from zlib-plugin.c:9: ../../../src/lib-storage/index/dbox-multi/mdbox-storage.h:5:26: error: dbox-storage.h: No such file or directory In file included from zlib-plugin.c:9: ../../../src/lib-storage/index/dbox-multi/mdbox-storage.h:23: error: field 'storage' has incomplete type ../../../src/lib-storage/index/dbox-multi/mdbox-storage.h:68: warning: 'struct dbox_mail' declared inside parameter list mv -f .deps/istream-bzlib.Tpo .deps/istream-bzlib.Plo make[4]: *** [zlib-plugin.lo] Error 1 make[4]: *** Waiting for unfinished jobs mv -f .deps/istream-zlib.Tpo .deps/istream-zlib.Plo make[4]: Leaving directory `/root/disco-linuxrouter/dovecot2/dovecot-2.0.4/src/plugins/zlib' make[3]: *** [all-recursive] Error 1 make[3]: Leaving directory `/root/disco-linuxrouter/dovecot2/dovecot-2.0.4/src/plugins' make[2]: *** [all-recursive] Error 1 make[2]: Leaving directory `/root/disco-linuxrouter/dovecot2/dovecot-2.0.4/src' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/root/disco-linuxrouter/dovecot2/dovecot-2.0.4' make: *** [all] Error 2 [r...@ns2 dovecot-2.0.4]# Em 27/09/2010 09:46, Timo Sirainen escreveu: Whops. This fixes it: http://hg.dovecot.org/dovecot-2.0/rev/c359ee549df7 (and also making sure it won't happen again: http://hg.dovecot.org/dovecot-2.0/rev/a3c8026d0305) -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] [Dovecot-news] v2.0.4 released
Em 27/09/2010 12:37, Timo Sirainen escreveu: On Mon, 2010-09-27 at 12:32 -0300, Leonardo Rodrigues wrote: Hi Timo, i couldnt compile 2.0.4 anymore after applying the 2 proposed patches. Without them, 2.0.4 builds just fine. Apply only the first patch, that's enough. yes it compiled fine with the first patch only. Thanks ! -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] Support for spaces in plaintext passwords?
did you tried a password with space in the middle, not in the beggining or end ? Maybe it's just trimming at the beginning and end. Can you try it with space in the middle of the password, like pass word Em 22/09/2010 08:52, Simon escreveu: Well, kind off. I found that it had been reported earlier but with insufficient information. So I just updated http://code.google.com/p/android/issues/detail?id=11064#c8 and hopes some one responsible reads it again. -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] SSHA256 password too short
Em 13/09/2010 06:33, Patrick Westenberg escreveu:
Osvaldo Alvarez Pozo schrieb:
ssha256_verify(u...@domain.tld): SSHA256 password too short
and my default_schema is md5
if your passwords are stored in ssha256 you have to change
default_schema to ssha256.
not completly true if passwords are stored with the {SSHA256}
or {SSHA256.HEX} prefix, or the prefix was added by sql query with some
concat('{SSHA256}',password), then default_schema is not needed. Its
only needed if there's no prefix on the password.
I, for example, have lots of servers where password is stored with
the prefix on the database and default_schema points to plain. It works
perfectly.
however, if your password are not stored with prefix nor prefix is
being added by concat, then setting the correct default_schema can solve
your actual problem.
--
Atenciosamente / Sincerily,
Leonardo Rodrigues
Solutti Tecnologia
http://www.solutti.com.br
Minha armadilha de SPAM, NÃO mandem email
gertru...@solutti.com.br
My SPAMTRAP, do not email it
Re: [Dovecot] Standards of expectations for software installs
Em 16/08/2010 11:23, Marc Perkel escreveu: Timo's software standards, and mine, are higher than the average open source project. When an install id done right then you don't have to go to the wiki for anything. You run it and it just works. That's why people pay for Windows and Macs and more people use it than Linux because it just works. You start an upgrade anf click NEXT AGREE NEXT NEXT NEXT FINISH and everything just works. That's the way Linux should be. So - even though something might be a minor detail, when you get the minor details right then you get software the it just works which is in my opinion the highest thing one can say about a program. And it's who dovecot is so popular. hey Marc, you're not alone !!! As well as you, i also expect software updates to be always perfect and magic so i dont have to have a clue of what i'm real doing, as softwares will take care of all the inteligence that i should have. but, i think different from you, i understand and accept that there's no magic. upgrades on complex environment MUST be planned, new version features should be understood and in almost all cases, including some M$ updates of complex software/ environment, lots of pre-upgrade and post-upgrades actions should be taken. i would love to just click yes yes and everything works as magic but, unfortunelly, i accept that wont happen in the real (and most all the times complex) scenarios we have. -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] salted passwords
Em 31/07/2010 18:51, Patrick Westenberg escreveu:
Leonardo Rodrigues schrieb:
that's all because i already have a account manager system,
written on PHP, which i had to kept. So i was trying to understand
how that's work to make it work on my system i couldnt stop using.
but after some tryings i got everything running. All my passwords
were already migrated from plaintext to Salted-SHA2-256.
Hi Leonardo,
can you tell me how you solved your problem with creating salted
passwords via PHP?
Hi yes i've acchieved some PHP routines for creating the
salted SHA256 password with random salt and also comparing a stored
hashed password with a plaintext supplied one.
encoded passwords will be exited as:
{SSHA256.HEX}acf5ce0f51cca2077e27884a7cec385c430bb402c2f961b02bfa779c18aaf9a373772d99
encoded password strings is 85-char length with the SSHA.256 prefix and
72 without it
as i'm storing passwords with the SSHA256.HEX prefix, my dovecot
conf has:
default_pass_scheme = PLAIN
so i can have any dovecot-supported encoded password on the
database as well as plaintext ones
code may not be very beautiful, i do admit that i'm not good on
making beautiful codes but its working nice in several places :)
http://pastebin.com/fzDGE561
the VerifyHashedPassword routine can receive passwords with the
{SSHA256.HEX} string and without as well. That makes easier to just
compare database stored passwords as well as the newly generated ones to
compare with newly encoded ones based on the plaintext supplied.
usage is pretty simple something like:
$hashedpwd = HashedPassword($plainpwd);
and store $hashedpwd whatever you want to store it
checking the stored password against a supplied password would be
something like:
if ( VerifyHashedPassword($hashedpwd,$plainpwd) )
{
// supplied plaintext password MATCH with supplied hashed password
do whatever you want if passwords matches
} else {
// supplied plaintext password DO NOT MATCH with supplied hashed
password
do whatever you want if passwords DO NOT match
}
Hope this helps you :)
--
Atenciosamente / Sincerily,
Leonardo Rodrigues
Solutti Tecnologia
http://www.solutti.com.br
Minha armadilha de SPAM, NÃO mandem email
gertru...@solutti.com.br
My SPAMTRAP, do not email it
Re: [Dovecot] Feature request: usernames and passwords
Em 21/07/2010 09:18, Timo Sirainen escreveu: I think this is one of the tons of different possible password policies and isn't really Dovecot's job. It really should be enforced while setting the password, not while checking it. i completly agree that dovecot is not the place for enforcing password policies nor checking them. but, still on the subject, maybe dovecot could have some features for helping sysadmins to avoid/mitigate brute-force attacks. As told, some bots tries username=password, but those fuckers (the bots) also tries lots of common passwords, 123, 1234, the username followed by some numbers, and lots of others. of course, if the provided password is not correct, dovecot denies access as it should but in those situations, logs can get pretty filled with login failed messages, specially on servers with lots of accounts. And, in some cases, after lots of tries, the bot can found the correct username/password combination. i was thinking on something like ... 1) after N tries (lets say 10 for example) of wrong username/password combinations, dovecot could start delaying the answers for wrong authentications coming from that specific IP address or IP/username, thus slowing down the brute-force attacks; 1.1) or even, after some M (lets say 20 for example) wrong username/password combinations, dovecot could ban that IP address (or IP address/username combination to avoid problem with big networks with NAT access) for XX seconds/minutes, also slowing down the brute-force attack tries 1.2) this could probably be implemented using some in-memory internal backend, so it would be absolutely independent on passdb schema and would require no modifications on passdb schema. the original message says about bot brute-force attacks, but we can be facing REAL brute-force attacks against a specific account and i think that some features to help mitigate those could indeed be interesting. And if those features exists, they could surely help on those brute-force attacks coming from dumb bots as well. it wont solve the username=password specific case, but could help on real or bot brute-force attacks. what do you think on that Timo ? -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] Feature request: usernames and passwords
Em 21/07/2010 10:08, Martijn de Munnik escreveu: the original message says about bot brute-force attacks, but we can be facing REAL brute-force attacks against a specific account and i think that some features to help mitigate those could indeed be interesting. And if those features exists, they could surely help on those brute-force attacks coming from dumb bots as well. it wont solve the username=password specific case, but could help on real or bot brute-force attacks. what do you think on that Timo ? Have a look at fail2ban, this is exactly what you need. no, fail2ban is not exactly what i need. fail2ban is FAR from acchieving what i wrote ... yes, fail2ban can ban an IP after wrong trials . but simply banning the IP (and maybe not the IP/username combination) can be a problem for companies that have lots of computers and access through NAT, ie, a single internet IP address. fail2ban also cannot slow down replies for wrong username/password combinations. fail2ban is a nice add-on for any system, but having something done by the daemon and not by some third-party log analyzer can make things MUCH smarter and MUCH more flexible. thanks for your tip, i already use fail2ban ... but that's far from acchieving some more flexible rules that can be done when the daemon has some anti-brute-force features. -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] Feature request: usernames and passwords
Em 21/07/2010 10:32, Pascal Volk escreveu: Install dovecot 2.0.rc3 and try to 'break in'. You will see how dovecot slows down your 'attack'. When you test it with your botnet ( ;-) ), use `doveadm penalty` to see current penalties. wooow nice to hear that i have not tried 2.0RC yet, but i'm glad on hearing that some 'penalty' policies were introduced !!! thanks for your tip Pascal !!! -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] Feature request: usernames and passwords
Em 21/07/2010 10:30, Eduardo M KALINOWSKI escreveu: I think none of this is dovecot's function. Let's keep the UNIX filosophy: one tool does one function, and does that function well. Dovecot is an execellent mail server. It should not be turned into a monster Windows-like application that does dozens of not-really-quite-related things. the idea of 'one tool does one function (OTDOF) ' is indeed interesting, but can be interpreted by several ways. for instance, dovecot does NOT 'one function only'. It does a REAL LOT of functions. It's a pop3 server as well as imap4 one, with or without SSL for both protocols. It can read mailboxes, maildirs and some others i've never used myself. It can even deliver messages to mailboxes/maildirs, having the password backend in several different ways (passwd file, MySQL, LDAP, etc etc). It can check and enforce quotas. It's not a completly mail server, as you regarded, because it cannot do the SMTP part, which is pretty important for a mail server to fully operate. Even tough, it does a LOT of things. i completly agree that dovecot should not try to have, for example, a builtin admin interface for managing users ... because managing users is completly dependable on the password backend used, and schemas can be VERY different from one user to another. It would be nonsense trying to have that, a builtin interface for managing user. That i agree would not fit the 'one tool does one function'. Managing user is not dovecot's problem as well as checking/enforcing password policies, as discussed before on this thread. but, regarding what it already do, delivering messages by pop3/imap4 protocol for users, i really think adding security features wouldnt be bad idea. And indeed, as confirmed by Pascal, some of those are already built in dovecot 2.0 RCs. the OTDOF is really hard to apply on some full-feature daemons we're used to have on unix world, for example: dovecot, postfix/qmail/exim, apache, clamav, etc etc etc. All of them (and lots of other daemons) does a LOT of things, all of them as a part of the main daemon goal. It's really hard to stay on the OTDOF on those full-featured daemons. It's easy to keep the OTDOF idea on basic and small command-line utilities, like cat cp rm but not on the full-featured modern daemons. and, in the real world we live, having security features do not brake the 'one tool does one function' at all on my understandings of that. In fact, if those security features are there to help the security of the daemon main goal, whatever the main goal is, they're VERY welcome to me. we dont need to carry this on anymore, as seems lots of good things are already on dovecot 2.0 RCs proving that dovecot authors do think that increasing security is in the main goal of dovecot development plans. thanks for all who help dovecot being each day a better software, those who code things as well as those who test new features on the RCs, those who make new features requests, those who help others here on the mailing list thanks for all. -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
[Dovecot] help on migrating some old Maildirs
Hi, i need to restore some old mail backups from a system i wasnt the admin. Emails are on Maildir, which i'm using on the actual server, so should be no big deal. I'm just thinking of copying files from the folders i need, from the old backup, to the specific dirs on the actual system. bt, watching the backup, i noticed that LOTS of files on the Maildirs do not have the S= parameters on its name nor W=. For example: 1230230396.V80bI4e007fM790805.correio.domain.com.br:2, 1230463524.V80bI4e0080M837823.correio.domain.com.br:2, 1230571206.V80bI4e0081M519106.correio.domain.com.br:2, 1231170098.V80bI4e0083M519957.correio.domain.com.br:2, 1231682500.V80bI4e0084M584988.correio.domain.com.br:2, files from the actual system looks like: 1278311553.M754372P13693.correio.domain.com.br,S=5742,W=5864:2, 1278668323.M110437P31421.correio.domain.com.br,S=4489,W=4590:2, 1278311669.M981814P13835.correio.domain.com.br,S=7404,W=7563:2, 1278669074.M556000P31506.correio.domain.com.br,S=4397,W=4504:2, i've already tested copying those files to a current Maildir and it works just fine, no problem at all on that. There's no problem on the restore of those messages itself. Anyway, my questions are 1) do the lack of S= and W= parameters will negatively impact on something ? Quota calculation comes to my head about that as i'll have to restore several thousands of messages, i'm worried about negative impacts on anything 2) is there any way of having dovecot to calculating the S= and W= parameters and renaming those files and, thus, avoiding some negative impact caused by the lack of them ? i'm using dovecot 1.2.11 .. thanks ! -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] help on migrating some old Maildirs
Hi People, Em 14/07/2010 17:20, Timo Sirainen escreveu: If he's restoring from an old machine (they're not currently indexed by Dovecot on the new server), they're going to get a new UID when Dovecot finds them anyway, right? Yes. But I was thinking he had already moved them and they had already got new UIDs :) i have NOT restored them yet i have restored a few ones just to test if it would work and indeed it works. anything that can be done, during the real restoration of them, to get their 'base filenames' renamed and getting the S= and W= parameters are completly acceptable, as messages are NOT indexed by dovecot yet. -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] help on migrating some old Maildirs
Em 14/07/2010 19:30, Timo Sirainen escreveu: Maybe the easiest would be: for file in *; do deliver -u username -m dest-mailbox -p $file done that would through everything on INBOX there are some folders on user's Maildir's that i'd like to maintain. Timo ... is the S= parameter simple the filesize or is there any other calculation on that ? If i'm not mistaken, the W= is the filesize CR+LFed, which is probably not the real size on Unix filesystems, which is not CR+LFed getting some script that simply rename the files, adding the S=xxx being xxx the filesize ... would that be ok ? -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] Removing Duplicates
Em 14/03/2010 08:21, Sabahattin Gucukoglu escreveu: Hi all, I am starting fresh with a local repository of mails, which almost certainly have duplicates in them. I am going to use maildirs, and ensure all mails are input with CRLFs. The question is: does anybody know how I can find and remove duplicates, either while injecting mail with IMAP, or afterward? I can use tools to find duplicate Message-IDs, but don't know of a way to remove duplicates in mailboxes that are already imported as opposed to incoming mail. Perhaps there is a way to use the IMAP protocol for this? i've used console tool named fdupes to find duplicate messages on Maildirs. That's done directly on the filesystem, there's no IMAP or dovecot involved. for a user way of doing that, i've used the excellent Thunderbird add-on called 'Remove Duplicated Messages' https://addons.mozilla.org/en-US/thunderbird/addon/956 it's SUPER fast and can check parameters that fdupes cannot. In fact fdupes search for duplicated FILES while the add-on can be configured to really find duplicated MESSAGES, based on Message-ID and other things. -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] IMAP proxy configuration
Em 13/03/2010 18:17, Timo Sirainen escreveu: Basically add to your password_query something like: .., domains.host as host, 'Y' as proxy_maybe, .. from emails, domains where domains.domain = '%d', .. So it's really exactly the same as per-user quota, except you're just returning it per-domain in the query. but if i simply add that, query will always return nothing when user is not local. where endereco='%u' will make it return an empty resultset when user does not exists locally. i'm really strugling to discover how, probably with MySQL select syntax, to return one resultset if CONDITION1 (where endereco='%u' exists) and another resultset if CONDITION2 (where domains.domain = '%d' exists) i really dont know to acchieve that imap proxying is clear to me, but i couldnt get how to acchieve it for users that does not exists in my local email table ... -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] IMAP proxy configuration
Em 13/03/2010 21:23, Timo Sirainen escreveu: So are you saying that the users table contains only local users, while some domain table contains all domains and their destination servers? Then you'll just need to do outer join. Something like: .., domains.host as host, 'Y' as proxy_maybe, .. from domains outer join emails on (username = '%u') where domain.domain = '%d' Timo i've tried JOINs, but i've never really understood those crazy things (i'm really very far from being a SQL expert). but seems i got the expected results using UNION and adjusting queries to have the same number of columns. First i tried union with normal queries but couldnt get it because queries must have the same number of rows. Then i adjusted it ... and seems its OK. Please check resultsets when querying a LOCAL user and when querying with a NON-local (to be proxied) user. Do you think this query will make things work as i need ? querying a LOCAL user: http://pastebin.com/L3q6HGrA querying a NON-local (to be proxied) user: http://pastebin.com/fV91LB0x querying a NON-local and NOT-to be proxied user (correctly returns an empty resultset) http://pastebin.com/SBwCEVEm -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] IMAP proxy configuration
Em 13/03/2010 23:12, Leonardo Rodrigues escreveu:
Timo i've tried JOINs, but i've never really understood those
crazy things (i'm really very far from being a SQL expert).
but seems i got the expected results using UNION and adjusting
queries to have the same number of columns. First i tried union with
normal queries but couldnt get it because queries must have the same
number of rows. Then i adjusted it ... and seems its OK.
got it working with few tweaks i had to return '127.0.0.1' as
host for local users ... without that, login process was segfaulting.
And had to return %w as password for the proxied-domains query.
query is: (with linebreaks for easy understanding)
password_query =
select
endereco as user,
password,
'/var/spool/mail/%u' as userdb_home,
'maildir:/var/spool/mail/%u' as userdb_mail,
8 as userdb_uid,
12 as userdb_gid,
concat('*:storage=', quota) as userdb_quota_rule,
'Trash:storage=100M' as userdb_quota_rule2,
'Y' as proxy_maybe,
'127.0.0.1' as host
from emails
where
endereco = '%u' and ativa = '1'
union
select
NULL as user,
'%w' as password,
NULL as userdb_home,
NULL as userdb_mail,
NULL as userdb_uid,
NULL as userdb_gid,
NULL as userdb_quota_rule,
NULL as userdb_quota_rule2,
'Y' as proxy_maybe,
imapproxy.host as host
from imapproxy
where
imapproxy.dominio = '%d'
that worked flawlessly :) And i didnt had to use JOINs hehehehe
log from the main server, for a proxied user:
Mar 13 23:48:48 correio dovecot: imap-login:
proxy(s...@proxieddomain.com.br): started proxying to 10.252.25.2:143:
user=s...@proxieddomain.com.br, method=PLAIN, rip=127.0.0.1,
lip=127.0.0.1, secured
log from the 10.252.25.2 server:
Mar 13 23:48:31 correio dovecot: imap-login: Login:
user=s...@proxieddomain.com.br, method=PLAIN, rip=192.168.1.2,
lip=10.252.25.2
the only minor problem is that when local users get logged in on
the main server, logs shows that they were proxied to 127.0.0.1
Mar 13 23:33:52 correio dovecot: pop3-login: Login:
user=localu...@localdomain.com.br, method=PLAIN, rip=127.0.0.1,
lip=127.0.0.1, secured
Mar 13 23:33:52 correio dovecot: pop3-login:
proxy(localu...@localdomain.com.br): started proxying to 127.0.0.1:110:
user=localu...@localdomain.com.br, method=PLAIN, rip=10.255.176.67,
lip=192.168.1.2
i can easily live with that but i would like to see local
users logged as local connections not proxied to 127.0.0.1.
--
Atenciosamente / Sincerily,
Leonardo Rodrigues
Solutti Tecnologia
http://www.solutti.com.br
Minha armadilha de SPAM, NÃO mandem email
gertru...@solutti.com.br
My SPAMTRAP, do not email it
Re: [Dovecot] Quota plugin and SQL
Em 06/03/2010 19:12, David escreveu:
Is there any way to modify the queries used to split out username into
localpart and domain? This would enable me to put the current quota
information in my main mailbox table and display it to users in my
admin interface.
i'm successfully using a PHP script for displaying a graph with
current quota information in my admin interface. Is this what you're
looking for ? Quota usage is taken directly from IMAP server, through
IMAP commands.
http://img707.imageshack.us/img707/9551/quota.jpg
i'm actually using a script based on the one found here:
http://lists.horde.org/archives/imp/Week-of-Mon-20040816/038902.html
the original script grabs the current usage from database, and i
dont have the information there. So i changed it to use imap_open and
grab quota directly from IMAP server. Something like:
Changes would be something like:
function draw_bar($mailbox, $width, $height) {
global $imaphost, $usuario, $senha;
$mbox = @imap_open($imaphost, $usuario, $senha, OP_HALFOPEN);
$q = @imap_get_quotaroot($mbox, 'INBOX');
imap_close($mbox);
if ($q) {
$taken = $q['usage'];
$total = $q['limit'];
quota_bar($taken, $total, $width, $height);
}
}
that's pretty straightforward when your passwords are stored in
clear-text. In my cases password is SSHA256-hashed before storing, so i
had to configure a masteruse on dovecot to acchieve that.
http://wiki.dovecot.org/Authentication/MasterUsers
so i have something:
$user = $realuser . *mymasteru...@local
$password = mypasteruserpassword
--
Atenciosamente / Sincerily,
Leonardo Rodrigues
Solutti Tecnologia
http://www.solutti.com.br
Minha armadilha de SPAM, NÃO mandem email
gertru...@solutti.com.br
My SPAMTRAP, do not email it
Re: [Dovecot] enabling IMAP SORT and THREAD extensions
Em 21/02/2010 11:51, Colin Brace escreveu: $ telnet localhost imap Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE STARTTLS AUTH=PLAIN] Dovecot ready. dovecot do not show ALL its capabilities before the login successfully happens. try this telnet localhost imap . login u...@name.com password (after the Logged in) . capability and search for SORT and THREAD in the new capabilities banner -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
[Dovecot] using signed certificates for TLS/SSL
Hi, I have, in one customer, a web server running on a Verisign-signed certificate SSL certificate. Everything works fine, IE and Firefox connects on https without asking anything, which usually happens on self-signed certificates. I'm trying to use that certificate on dovecot, but clients (Thunderbird basically) keeps saying the certificate is not valid. yes i'm using, when configuring Thunderbird, the same CN that was signed by Verisign for the web usage i've enabled verbose_ssl and got when thunderbird tries to connect: Feb 18 12:32:02 correio dovecot: imap-login: Disconnected (no auth attempts): rip=201.86.xxx.xxx, lip=192.168.1.2, TLS handshaking: SSL_accept() failed: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca unknown CA ??? is that Thunderbird that is not recognizing the Verisign-signed certificate ? Do i need to, somehow, install some Verisign CA certificate in dovecot.conf ? when using a self-signed certificate, i also get an SSL_accept failed, but with different message: Feb 18 12:41:45 correio dovecot: imap-login: Disconnected (no auth attempts): rip=201.86.191.114, lip=192.168.1.2, TLS handshaking: SSL_accept() failed: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate despite the fact my certificates were generated for use with Apache, i can 'print' them, both of them, with the same commands i use to print dovecot generated certificates, with mkcert.sh. So, it seems they are compatible. if i click OK on Thunderbird, when using my Verisign-signed certificates, everything works and i do got TLS logs: Feb 18 12:23:36 correio dovecot: imap-login: Login: user=u...@domain.com.br, method=PLAIN, rip=201.86.xx.xx, lip=192.168.1.2, TLS, TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits) Feb 18 12:31:43 correio dovecot: imap-login: Login: user=u...@domain.com.br, method=PLAIN, rip=201.86.xx.xx, lip=192.168.1.2, TLS, TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits) what am i doing wrong ?? or using a signed-certificate for WEB usage is not possible on dovecot ? -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] using signed certificates for TLS/SSL
and another interesting information . Thunderbird claims the certificate is not valid, but Windows Mail accepts it without any warnings and works just fine. I've tested on a new machine just to make sure i havent previously accepted it on that machine/Windows Mail. another minor difference is that when logging from Windows Mail and Thunderbird, the cipher used seems to be a little different Windows Mail - AES128-SHA Feb 18 12:56:04 correio dovecot: imap-login: Login: user=dom...@user.com.br, method=PLAIN, rip=201.86.xx.xx, lip=192.168.1.2, TLS, TLSv1 with cipher AES128-SHA (128/128 bits) Thunderbird 3.0.1 - DHE-RSA-AES256-SHA Feb 18 12:58:41 correio dovecot: imap-login: Login: user=dom...@user.com.br, method=PLAIN, rip=201.86.xx.xx, lip=192.168.1.2, TLS, TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits) if it works flawlessly on Windows Mail, i think i should point now my searching to Thunderbird . what do you think on that ? Em 18/02/2010 11:58, Arne K. Haaje escreveu: Put all the certificates in the ssl_cert_file file. For example when using a certificate signed by TDC the correct order is: 1. Dovecot's public certificate 2. TDC SSL Server CA 3. TDC Internet Root CA 4. Globalsign Partners CA -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] configuring overquota message
Em 18/02/2010 13:10, Timo Sirainen escreveu:
On Tue, 2010-02-16 at 15:18 -0200, Leonardo Rodrigues wrote:
but i havent found, in all the sources, where the
QUOTA_EXCEEDED_MESSAGE is feeded by something from dovecot.conf or
anywhere else.
plugin {
quota_exceeded_message = stuff
}
Yeah ... it worked. Thanks.
--
Atenciosamente / Sincerily,
Leonardo Rodrigues
Solutti Tecnologia
http://www.solutti.com.br
Minha armadilha de SPAM, NÃO mandem email
gertru...@solutti.com.br
My SPAMTRAP, do not email it
Re: [Dovecot] quota problem
Em 16/02/2010 09:18, Andre Hübner escreveu:
dovecot 1.0.15
Hello,
i try to set quota settings for my users.
currentyl i use a mysql table for auth process and now i want to add
quotasettings for each individual user.
Mine is working flawlesslly with the following configuration
but i think that's only 1.1+ compatible, because of the Trash thing.
Anyway, seems the big difference from my conf to your is that
you're using
concat('dirsize:storage=', quota_kb)
while i'm using
concat('*:storage=', quota)
try to change that 'dirsize' to '*' and see what happens ...
my actual working conf for dovecot 1.2.10
# Get the mailbox
user_query = select '/var/spool/mail/%u' as home,
'maildir:/var/spool/mail/%u' as mail, 8 as uid, 12 as gid,
concat('*:storage=', quota) as quota_rule, 'Trash:storage=100M' as
quota_rule2 from emails where endereco = '%u' and ativa = '1'
# Get the password
password_query = select endereco as user, password, '/var/spool/mail/%u'
as userdb_home, 'maildir:/var/spool/mail/%u' as userdb_mail, 8 as
userdb_uid, 12 as userdb_gid, concat('*:storage=', quota) as
userdb_quota_rule, 'Trash:storage=100M' as userdb_quota_rule2 from
emails where endereco = '%u' and ativa = '1'
--
Atenciosamente / Sincerily,
Leonardo Rodrigues
Solutti Tecnologia
http://www.solutti.com.br
Minha armadilha de SPAM, NÃO mandem email
gertru...@solutti.com.br
My SPAMTRAP, do not email it
Re: [Dovecot] quota problem
Em 16/02/2010 10:48, Andre Hübner escreveu: this is unfortunately not compatible with dovecot 1.0, is not working But i noticed that user-quota is working when copying/moving mails within imap-account. But is it not working at incoming mails. any idea? so seems your quota is working What are you using as your Local Delivery Agent (LDA) ?? Is it dovecot LDA ? Is it some MTA LDA, like Postfix ? Maybe quota is not working on your LDA ... not on IMAP4/POP3. -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] zlib plugin trouble
Em 16/02/2010 12:30, Stéphane Cottin escreveu: Hi, I have error with dovecot 1.2.10 + compress on deliver patch and zlib plugin. logfile sample: [...] mail.err: Feb 16 14:22:25 dovecot: IMAP(hid...@domain.com): zlib_istream.seek() failed: Invalid argument mail.err: Feb 16 14:22:25 dovecot: IMAP(hid...@domain.com): FETCH for mailbox Meursault UID 101 failed to read message input: Invalid argument mail.err: Feb 16 14:22:26 dovecot: IMAP(hid...@domain.com): gzread() failed: DATA_ERROR_MAGIC mail.err: Feb 16 14:22:26 dovecot: IMAP(hid...@domain.com): zlib_istream.seek() failed: Invalid argument mail.err: Feb 16 14:22:26 dovecot: IMAP(hid...@domain.com): FETCH for mailbox Meursault UID 101 failed to read message input: Invalid argument mail.err: Feb 16 14:22:26 dovecot: IMAP(hid...@domain.com): gzread() failed: DATA_ERROR_MAGIC [...] i have already reported some similar errors when messages are compressed with bzip. I couldnt reproduce with gzip, which you appears to be using: zlib_save: gz do you used some script for compressing your existing messages, those who were delivered before you getting LDA to do that automatically ? If yes, is there any chance that you used bzip2 instead of gzip on that script ? -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] zlib plugin trouble
Em 16/02/2010 13:27, Timo Sirainen escreveu: Yeah, bzip2 code is broken in v1.2. I fixed it in v2.0 by basically rewriting the whole thing. Maybe I should just disable bzip2 support in v1.2. will dovecot 2.0 be able to handling mixed maildirs with gzip and bzip2 compressed messages, or all messages should use just one or the other ? -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
[Dovecot] configuring overquota message
From dovecot 1.2.10 sources i have:
src/plugins/quota/quota.c
#define DEFAULT_QUOTA_EXCEEDED_MSG \
Quota exceeded (mailbox for user is full)
struct quota_settings *quota_settings_init(void)
{
[ ]
quota_set-quota_exceeded_msg = getenv(QUOTA_EXCEEDED_MESSAGE);
if (quota_set-quota_exceeded_msg == NULL)
quota_set-quota_exceeded_msg = DEFAULT_QUOTA_EXCEEDED_MSG;
[ ]
but i havent found, in all the sources, where the
QUOTA_EXCEEDED_MESSAGE is feeded by something from dovecot.conf or
anywhere else.
question is: isnt it possible to configure the quota exceeded
message from dovecot.conf ?? Do i really need to rebuild dovecot
changing the message on quota.c for acchieving that ?
--
Atenciosamente / Sincerily,
Leonardo Rodrigues
Solutti Tecnologia
http://www.solutti.com.br
Minha armadilha de SPAM, NÃO mandem email
gertru...@solutti.com.br
My SPAMTRAP, do not email it
Re: [Dovecot] salted passwords
that's all because i already have a account manager system, written on PHP, which i had to kept. So i was trying to understand how that's work to make it work on my system i couldnt stop using. but after some tryings i got everything running. All my passwords were already migrated from plaintext to Salted-SHA2-256. Thanks for all the help :) Em 16/02/2010 17:47, Patrick Domack escreveu: Why not make it easy on yourself. Just let dovecot use crypt, and use whatever format your system crypt supports. Personally I'm using 16byte salt, sha512 for mine this way. Seems should work with everything, that lets you use the system's crypt. -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] wish now I'd not upgraded...
Em 15/02/2010 12:14, Stan Hoeppner escreveu: WTF is going on? Why won't they stay marked as read? I've got over 25,000 emails in these folders and I get a few hundred list mails a day. I really need to get this read/unread business straightened out. What the heck am I missing? Is this a bug in the Debian backport? Good thing I have no hair or I'd have pulled half of it out by now... before blaming dovecot, you could have checked the mailing list archives and found that's a KNOWN bug on Thunderbird 3 (until 3.0.1) which was already fixed and will be published on TB 3.0.2. if you had searched the archives, you could also have find a workaround for that on thunderbird side. there's also a workaround on the dovecot side but i'll let you learn how to search the archives and find that :) -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] salted passwords
Em 14/02/2010 04:53, to...@tuxteam.de escreveu:
No, just let Dovecot's algorithm do the generation (and later checking)
of the password? (I might be misunderstanding your problem, though).
unfortunelly i cant do that. I have my own accounts admin system,
written in PHP, which does mail management (creating accounts, changing
passwords) ... so i'm afraid i'll have to know exactly how to generate
them in a way dovecot is able to handle too.
from sources on src/auth i can find some interesting informations:
/* format: SHA1 hashsalt */
and
#define SSHA256_SALT_LEN 4
so the salt really seems to be 4-byte (which in fact are 8 when watching
in hexadecimal), the exact difference on dovecotpw non-salted and salted
generated passwords.
So it would be enough to generate the password, SHA256 salted, and store
the salt as the last 8 hexadecimal digits ?
SHA256 hash is 64-characteres in hexadecimal, which can be base64
encoded for being stored shorter.
SHA256 salt is 8-characters in hexadecimal, which should be added to the
end of the SHA256 hash
so stored password would be:
{SSHA256.hex}GENERATEDSALTEDHASH+GENERATEDSALT
or having the GENERATEDSALTEDHASH+GENERATEDSALT base64 encoded and
stored as:
{SSHA256.b64}BASE64ENCODEDGENERATEDSALTEDHASH+GENERATEDSALT
is that OK ?
--
Atenciosamente / Sincerily,
Leonardo Rodrigues
Solutti Tecnologia
http://www.solutti.com.br
Minha armadilha de SPAM, NÃO mandem email
gertru...@solutti.com.br
My SPAMTRAP, do not email it
[Dovecot] salted passwords
The idea of salted hash algorithms is to generate a different hash
even if the same text is entered. That can be easily seen with dovecotpw:
using NON-salted SHA256, same hash is generated for a given password
[r...@correio ~]# dovecotpw -s SHA256 -p 123
{SHA256}pmWkWSBCL51Bfkhn79xPuKBKHz//H6B+mY6G9/eieuM=
[r...@correio ~]# dovecotpw -s SHA256 -p 123
{SHA256}pmWkWSBCL51Bfkhn79xPuKBKHz//H6B+mY6G9/eieuM=
[r...@correio ~]# dovecotpw -s SHA256 -p 123
{SHA256}pmWkWSBCL51Bfkhn79xPuKBKHz//H6B+mY6G9/eieuM=
[r...@correio ~]#
using SALTED SHA256, a different hash is generated for the same given
password
[r...@correio ~]# dovecotpw -s SSHA256 -p 123
{SSHA256}FpJZqafpEVKp2heepp9Z7+OeHaX+DBVpLzd6GKg3BW1XqDS0
[r...@correio ~]# dovecotpw -s SSHA256 -p 123
{SSHA256}6lWmvtO3SKG5RMET5n89WMIp0xeCg3U14xH1xnAXbvkr8Yjk
[r...@correio ~]# dovecotpw -s SSHA256 -p 123
{SSHA256}7fXVjC7Iiu0Ko9SgyBpbDvbwMSkoxMILRjDUE0nNpCHBFaIa
[r...@correio ~]#
This ideia is OK to me ...
but i'm having a hard time trying to figure out how my
dovecot-sql.conf would be in the case i store salted SHA256 passwords on
the database. The idea is to use a RANDOM salt, not a fixed one, just
like dovecotpw does.
would it be as simple as changing the 'password', which today is
plaintext, by something like
concat('{SHA256}',password) ???
dont i have to give the salt, somehow ?? Or should i store the salt
used in the password, for example first or last N characters
is there anyone using dovecot with MySQL and SSHA256 passwords that
can share me the dovecot-sql.conf file ?
--
Atenciosamente / Sincerily,
Leonardo Rodrigues
Solutti Tecnologia
http://www.solutti.com.br
Minha armadilha de SPAM, NÃO mandem email
gertru...@solutti.com.br
My SPAMTRAP, do not email it
[Dovecot] problem with deliver segfaulting
i'm facing a pretty hard to debug problem when trying to use dovecot LDA (deliver) from postfix. After having all configured, mail deliver fails. This is from my maillog: Feb 12 21:27:54 correio postfix/pipe[12484]: 930F9F6105: to=solu...@domain.com.br, relay=dovecot, delay=0.21, delays=0.03/0.01/0/0.18, dsn=4.3.0, status=SOFTBOUNCE (Command died with signal 11: /usr/libexec/dovecot/deliver) at the same time, i have from my /var/log/messages: Feb 12 21:27:54 correio kernel: deliver[12485]: segfault at 0 ip 4c1be763 sp bff64c28 error 4 in libc-2.5.so[4c193000+13f000] so, seems deliver segfaults. so i tried enabling mail_debug=yes on dovecot.conf for getting some debug . and, with mail_debug enabled, deliver WORKS Feb 12 21:28:41 correio postfix/pipe[12748]: 1A969F6105: to=solu...@domain.com.br, relay=dovecot, delay=0.28, delays=0.03/0.01/0/0.24, dsn=2.0.0, status=sent (delivered via dovecot service) disabling mail_debug makes the segfault happens again and reenabling mail_debug make it works again ! how can i debug this !?!?!? -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] problem with deliver segfaulting
Em 12/02/2010 22:35, Leonardo Rodrigues escreveu: Feb 12 21:28:41 correio postfix/pipe[12748]: 1A969F6105: to=solu...@domain.com.br, relay=dovecot, delay=0.28, delays=0.03/0.01/0/0.24, dsn=2.0.0, status=sent (delivered via dovecot service) disabling mail_debug makes the segfault happens again and reenabling mail_debug make it works again ! how can i debug this !?!?!? and now the most weird thing i found ... COMMENTING out the mail_debug line on dovecot.conf make it works Having 'mail_debug=no' makes it segfaults, having it mail_debug=yes make it works and commenting out the mail_debug line makes it works too !!! i have found something mentioning postfix and mail_debug on http://wiki.dovecot.org/LDA/Postfix but that says about dovecot older than 1.0.1, which is not my case, i'm running 1.2.10. that was weird . -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] problem with deliver segfaulting
/run/dovecot//login login_executable(default): /usr/libexec/dovecot/imap-login login_executable(imap): /usr/libexec/dovecot/imap-login login_executable(pop3): /usr/libexec/dovecot/pop3-login login_log_format_elements: user=%u method=%m rip=%r lip=%l %c %k mail_max_userip_connections: 100 verbose_proctitle: yes first_valid_uid: 8 last_valid_uid: 8 first_valid_gid: 12 last_valid_gid: 12 mail_access_groups: mail mail_privileged_group: mail mail_uid: mail mail_gid: mail mail_location: maildir:/var/spool/mail/%u maildir_copy_with_hardlinks: no mail_executable(default): /usr/libexec/dovecot/imap mail_executable(imap): /usr/libexec/dovecot/imap mail_executable(pop3): /usr/libexec/dovecot/pop3 mail_plugins(default): quota imap_quota trash lazy_expunge expire autocreate zlib mail_plugins(imap): quota imap_quota trash lazy_expunge expire autocreate zlib mail_plugins(pop3): quota lazy_expunge expire autocreate zlib mail_plugin_dir(default): /usr/lib/dovecot/imap mail_plugin_dir(imap): /usr/lib/dovecot/imap mail_plugin_dir(pop3): /usr/lib/dovecot/pop3 mail_log_prefix: %Us(%u), rip=%r, lip=%l: imap_client_workarounds(default): delay-newmail imap_client_workarounds(imap): delay-newmail imap_client_workarounds(pop3): pop3_client_workarounds(default): pop3_client_workarounds(imap): pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh namespace: type: private prefix: INBOX. inbox: yes list: yes subscriptions: yes lda: postmaster_address: postmas...@domain.com.br mail_plugins: quota trash expire autocreate mail_plugin_dir: /usr/lib/dovecot/lda quota_full_tempfail: no deliver_log_format: msgid=%m: %$ sendmail_path: /usr/lib/sendmail rejection_subject: Rejected: %s rejection_reason: Your message to %t was automatically rejected:%n%r auth_socket_path: /var/run/dovecot/auth-master auth default: mechanisms: plain login user: nobody username_format: %Lu passdb: driver: sql args: /etc/dovecot/dovecot-sql.conf userdb: driver: prefetch userdb: driver: sql args: /etc/dovecot/dovecot-sql.conf socket: type: listen client: path: /var/spool/postfix/private/auth mode: 432 user: postfix group: postfix master: path: /var/run/dovecot/auth-master mode: 384 user: mail group: mail plugin: quota: maildir [r...@correio dovecot]# -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] problem with deliver segfaulting
Em 12/02/2010 23:43, Timo Sirainen escreveu: Oh, this one. It's a libc bug.. I reported it to Ubuntu people already: https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/380487 Wouldn't hurt to report it elsewhere too :) Anyway, it crashes only if the problematic setting is first in the config file. Also the attached patch probably helps? why i'm always that lucky to hit this weird bugs :) mail_debug was really the first option on dovecot.conf. i've moved base_dir to the first option and deliver works just fine, even having mail_debug = no .. well ... dovecot LDA is running and will be, from now on, my official delivery agent !!! I'm ready to try out that patch you commited to enable lda zlib compression but after patching and compiling, i cannot start dovecot anymore. I've just sent you an email some hours ago with that i dont know what to do by now, i'm stuck on that. -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] Compressing Maildir mails on delivery
Hi Timo, OK, patching is fine ... but how am i supposed to enable that ? is there some new config option, or applying the patch will automatically and irreversible enabling it ? How to choose between gzip and bzip2 compression ? is there anything special to configure on LDA protocol to get that working ? Em 05/02/2010 21:32, Timo Sirainen escreveu: Now supported by v2.0. Also as a patch to v1.2: http://dovecot.org/patches/1.2/zlib-compress.diff I'm not really sure if I should commit it to v1.2 code tree. The code contains ugly copypasted io_stream_copy() and v1.2 is supposed to be feature complete.. -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] [BUG] problem with zlib plugin
i've successfully reproduced that. Feb 3 12:44:45 correio dovecot: IMAP(solu...@domain.com.br), rip=127.0.0.1, lip=127.0.0.1: gzread() failed: UNEXPECTED_EOF Feb 3 12:44:45 correio dovecot: IMAP(solu...@domain.com.br), rip=127.0.0.1, lip=127.0.0.1: copy: i_stream_read() failed: No such file or directory Feb 3 12:44:45 correio dovecot: IMAP(solu...@domain.com.br), rip=127.0.0.1, lip=127.0.0.1: gzread() failed: UNEXPECTED_EOF dovecot 1.2.9 i could reproduce that when files are bzip2ed. When files are gzipped, dovecot behaves correctly and i couldnt reproduce any kind of error. Em 03/02/2010 11:19, s...@abma.de escreveu: Hi, i think i've the same problem as described here: http://www.dovecot.org/list/dovecot/2009-June/040687.html when opening a folder without an index (?) and bzip-compressed files i get following error message: 2010-02-03T14:12:10.026452+01:00 server dovecot: IMAP(user): gzread() failed: PARAM_ERROR 2010-02-03T14:12:10.026477+01:00 server dovecot: IMAP(user): FETCH for mailbox folder UID 105 failed to read message input: Invalid argument -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] [BUG] problem with zlib plugin
i've successfully reproduced that. Feb 3 12:44:45 correio dovecot: IMAP(solu...@domain.com.br), rip=127.0.0.1, lip=127.0.0.1: gzread() failed: UNEXPECTED_EOF Feb 3 12:44:45 correio dovecot: IMAP(solu...@domain.com.br), rip=127.0.0.1, lip=127.0.0.1: copy: i_stream_read() failed: No such file or directory Feb 3 12:44:45 correio dovecot: IMAP(solu...@domain.com.br), rip=127.0.0.1, lip=127.0.0.1: gzread() failed: UNEXPECTED_EOF dovecot 1.2.9 i could reproduce that when files are bzip2ed. When files are gzipped, dovecot behaves correctly and i couldnt reproduce any kind of error. Em 03/02/2010 11:19, s...@abma.de escreveu: Hi, i think i've the same problem as described here: http://www.dovecot.org/list/dovecot/2009-June/040687.html when opening a folder without an index (?) and bzip-compressed files i get following error message: 2010-02-03T14:12:10.026452+01:00 server dovecot: IMAP(user): gzread() failed: PARAM_ERROR 2010-02-03T14:12:10.026477+01:00 server dovecot: IMAP(user): FETCH for mailbox folder UID 105 failed to read message input: Invalid argument -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] Forcibly emptying a POP3 mailbox
you can always use softquotas (or Maildir quotas) for acchieving quotas on a virtual environment ... which dovecot can handle pretty well. http://wiki.dovecot.org/Quota/Maildir Em 03/02/2010 14:41, Răzvan Sandu escreveu: Filesystem quotas are not an option in this scenario, since the UID/GID is the same for all virtual users. -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] feature question: local delivery from SMTP
Veiko Kukk escreveu: Or can it receive SMTP directly if there is no forwarding to do? What about spam/virus filtering in that case? Dovecot has nothing to do with smtp. You need MTA like postfix or exim to deliver mail to mbox/maildir. Then dovecot can show those mailboxes to client. just a small correction dovecot has its own delivery agent, which means it (dovecot) can handle the 'deliver mail to maildir' part. I'm not sure about mailbox, but maildir i'm sure dovecot delivery agent can handle. anyway, you'll still need an MTA to collect data from the network (via SMTP) and then forward it to dovecot delivery agent. dovecot is not an MTA so it cannot talk SMTP. -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] handling filename of compressed messages
Leonardo Rodrigues escreveu: Curtis Maloney escreveu: Timo -- any tips on helping dovecot deliver compress mails on delivery? It would solve a lot of problems here, from what I can see, to have a deliver plugin that compresses on delivery and sets the Z flag in the filename. that would be indeed lovely when this feature gets implemented on dovecot delivery agent, i'll definitely stop using postfix virtual delivery agent. again on this subject of compressing files . i understand perfectly that i really dont want the '.gz' or '.bz2' filename. I dont want anything more than adding the Z flag to the compressed file. The 'script compress idea' from the Wiki page sais: Dovecot can now read the file, but to avoid compressing it again on the next run, you'll probably want to rename it again to include e.g. a Z flag in the file name to mark that it was compressed (e.g. 1223212411.M907959P17184.host,S=3271:2,SZ). If i rename the file and add the Z flag, i will be braking the dovecot-uidlist file, which contain the filenames without the Z flag. Users would have to download the compressed files again because the filename was changed. That on big mailboxes and slow connections (specially after the very 1st compression routine run) can be a BIG problem. keeping the filename intact, not even adding the Z flag, would be a great idea to avoid clients from redownloading messages ??? Compression routines would probably have to use file command to identify already compressed files, which would badly impact on the performance of its run ... not being able to identify already compressed files based on its filename would be very bad -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] handling filename of compressed messages
Pascal Volk escreveu: No, you don't wont to have such file names. http://wiki.dovecot.org/Plugins/Zlib: … Dovecot can now read the file, but to avoid compressing it again … include e.g. a Z flag in the file name … (e.g. 1223212411.M907959P17184.host,S=3271:2,SZ) The article links also to: http://cr.yp.to/proto/maildir.html: … What can I put in info? When you move a file from new to cur, you have to change its name from uniq to uniq:info … info starting with 2,: Each character after the comma is an independent flag. … In short: You want to rename 1263436052.V6814I43300b4M146002.correio.domain.com.br,S=238207 to 1263436052.V6814I43300b4M146002.correio.domain.com.br,S=238207:2,Z got it so, basically, i shouldnt be using .gz at all, is that ok ? i understood that, when moving from new to cur, filename should be appended of ':2,'. But filenames on new, as i understood, should never be changed. As soon as they are read there (on new), they should be moved to cur. what would be the correct way of compressing messages on the new directory and adding the Z flag ? Would be any problem if, when compressing on new, add the ':2,' suffix ? Indeed it would be ':2,Z' suffix one i tried it ... gzipped the file new/1263462832.V6814I43300c8M993425.correio.domain.com.br,S=10137 and got the gzipped file to be named new/1263462832.V6814I43300c8M993425.correio.domain.com.br,S=10137:2,Z and excluded the original file when checked mail, file was correctly moved to cur when replied to that mail, file was correctly renamed to cur/1263462832.V6814I43300c8M993425.correio.domain.com.br,S=10137:2,RSZ is that OK to have filenames on new with the ':2,Z' suffix ? -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] handling filename of compressed messages
Timo Sirainen escreveu: Maildir spec says files in new/ shouldn't have the :2, part, but Dovecot is fine with it. i'm trying to get the sample script for compressing maildirs from http://wiki.dovecot.org/Plugins/Zlib (right on the end of the page) but link seems to be not accessible. https://abma.de/node/449 is this script available somewhere else ? -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] handling filename of compressed messages
Curtis Maloney escreveu: Timo -- any tips on helping dovecot deliver compress mails on delivery? It would solve a lot of problems here, from what I can see, to have a deliver plugin that compresses on delivery and sets the Z flag in the filename. that would be indeed lovely when this feature gets implemented on dovecot delivery agent, i'll definitely stop using postfix virtual delivery agent. -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
[Dovecot] handling filename of compressed messages
i'm running dovecot 1.2.9 and, among other things, i have the zlib plugin enabled. A shell script runs once a day to compresses all not still compressed files on the users maildirs. so far so good, it works fine, there's no problem on that. what i think is not happening 100% correctly is the following: 1) user receives a message 2) BEFORE the compress routine runs, filename is: new/1263436052.V6814I43300b4M146002.correio.domain.com.br,S=238207 3) AFTER the compress routine, filename is now: new/1263436052.V6814I43300b4M146002.correio.domain.com.br,S=238207.gz 4) user check his mail and now the filename is cur/1263436052.V6814I43300b4M146002.correio.domain.com.br,S=238207.gz:2,S 5) user replies that mail and now the filename is cur/1263436052.V6814I43300b4M146002.correio.domain.com.br,S=238207.gz:2,RS i'm aware that dovecot doesnt need the '.gz' extension on the file to recognize that as a gzipped file. Even without the .gz extension, dovecot is correctly reading the file. the '.gz' is not even necessary on the filename and still dovecot can handle it fine. anyway, i would like to suggest dovecot to handle the filename to keep the .gz extension, if that exists. This could help sysadmins to easily identify gzipped files on the maildirs and make anything with them, if that's desired. i would like to see dovecot changing filenames properly and keeping the .gz extension always, for example cur/1263436052.V6814I43300b4M146002.correio.domain.com.br,S=238207:2,S.gz instead of cur/1263436052.V6814I43300b4M146002.correio.domain.com.br,S=238207.gz:2,S cur/1263436052.V6814I43300b4M146002.correio.domain.com.br,S=238207:2,RS.gz instead of cur/1263436052.V6814I43300b4M146002.correio.domain.com.br,S=238207.gz:2,RS -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] compressed IMAP traffic
well . here for me, with 'openssl s_client', i cant even connect when using -ssl2: [r...@correio ~]# openssl s_client -connect localhost:993 -ssl2 [ ... ] 27110:error:1406D0B8:SSL routines:GET_SERVER_HELLO:no cipher list:s2_clnt.c:450: [r...@correio ~]# but that's probably because i have on dovecot.conf: ssl_cipher_list = ALL:!LOW:!SSLv2 with ssl3 and tls1 i can connect and see the zlib compression being enabled. SSL-Session: Protocol : SSLv3 Cipher: DHE-RSA-AES256-SHA [ . ] Compression: 1 (zlib compression) SSL-Session: Protocol : TLSv1 Cipher: DHE-RSA-AES256-SHA [ . ] Compression: 1 (zlib compression) Thunderbird has the options to enable/disable each cipher of ssl2/ssl3/tls1 as well as disable them completly too. Here in my Thunderbird 2.0.0.23, SSLv2 is disabled, and this is certainly the default configs, as i never tweaked this. http://img43.imageshack.us/img43/7937/thunderbirdssl2.jpg logging from dovecot shows clearly that i'm using TLSv1 to connect ... it also shows that TLSv1 connections from thunderbird do not use compression, and connections from gnutls-cli correctly enables that thunderbird 2.0.0.23 Sep 29 07:12:02 correio dovecot: imap-login: Login: user=m...@box.com.br, method=PLAIN, rip=189.114.xx.xx, lip=200.140.xx.xx, TLS, TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits) gnutls-cli Sep 28 18:36:54 correio dovecot: imap-login: Login: user=m...@box.com.br, method=PLAIN, rip=189.11.xx.xx, lip=200.140.xx.xx, TLS, TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits) zlib compression wireshack confirms i'm using TLSv1 and also shows Thunderbird is announcing no compression is supported. http://img33.imageshack.us/img33/9011/wiresharktlsv1.jpg so . despite the known fact that SSLv2 cant be used if compression is wanted, using SSLv3 and TLSv1 apparently does not automatically guarantees that . Patrick Domack escreveu: More testing, seems all my imap clients attempt to use ssl2 first, and from the openssl mailing list: Oops, should've made this clearer. It is only clients than need to avoid the old SSLv2 compatible methods and only use SSLv3/TLSv1. Nothing needs to be done to a server. http://www.mail-archive.com/openssl-us...@openssl.org/msg49926.html This is confirmed using openssl s_client -connect host:993 (-ssl3|-tls1|-ssl2) I don't see any way around this globally, unless each program has a config option to disable ssl2. -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] compressed IMAP traffic
Ed W escreveu: I notice that the openssl docs require compression to be specifically enabled and are somewhat scathing about support... http://www.openssl.org/docs/ssl/SSL_COMP_add_compression_method.html Anyone care to comment further? When i created this thread, some weeks ago, i have also made some tests with recent versions (OpenSSL, dovecot, Thunderbird) and couldnt get compression. I didnt any kind of tracing debug or similar, i just created some IP accounting rules and watchs it when downloading a know set of emails with a know size. There was no difference when downloading through unsecure IMAP or secured (TLS) IMAP. So, there's no compression being activated. When searching for that, i found that there's already a RFC for a COMPRESS imap extension ... as imagined, there are pretty few clients that supports it Thunderbird 3 Beta supports it but asking customers to use a Beta software is not acceptable. So, we'll probably need some more years to have this extensions widely deployed and supported by clients. http://www.ietf.org/rfc/rfc4978.txt -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it smime.p7s Description: S/MIME Cryptographic Signature
Re: [Dovecot] compressed IMAP traffic
Timo Sirainen escreveu: And DEFLATE gives the exact same error? LZO isn't supported by OpenSSL. yes ... error from DEFLATE and LZO are exactly the same on gnutls-cli output and maillog on the CentOS 5.3 box. Well, not the same server but looks like this one works too: gnutls-cli --priority NORMAL:+COMP-DEFLATE -p 993 secure.emailsrvr.com And just for fun I tried imap.gmail.com, that didn't support compression. i had tried imap.gmail.com too :) interesting findings . from CentOS 5.3, i cant get any compression method to work: [r...@correio dovecot]# gnutls-cli --insecure -p 993 -p 993 secure.emailsrvr.com --comp LZO DEFLATE NULL [ ..] - Version: TLS 1.0 - Key Exchange: DHE RSA - Cipher: AES 256 CBC - MAC: SHA - Compression: NULL but from a Fedora 8 box: [r...@correio ~]# gnutls-cli --insecure -p 993 -p 993 secure.emailsrvr.com --comp LZO DEFLATE NULL [ ..] - Version: TLS 1.0 - Key Exchange: DHE RSA - Cipher: AES 256 CBC - MAC: SHA - Compression: DEFLATE and Fedora 8 OpenSSL is even older than CentOS 5.3 one: CentOS 5.3: [r...@correio dovecot]# rpm -qi openssl Name: openssl Relocations: (not relocatable) Version : 0.9.8eVendor: CentOS Release : 12.el5Build Date: Fri 04 Sep 2009 09:33:56 AM BRT Fedora 8: [r...@correio ~]# rpm -qi openssl Name: openssl Relocations: (not relocatable) Version : 0.9.8bVendor: Fedora Project Release : 17.fc8Build Date: Mon 15 Oct 2007 07:56:22 PM BRST probably there's some build option on CentOS that is disabling compression. If 0.9.8b on Fedora8 built in October/2007 can do it, so 0.9.8e on CentOS 5.3 built on September/2009 should be able to do it too ... oh boy, i really hate those weirds compilation options from Redhat :\ -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] compressed IMAP traffic
Leonardo Rodrigues escreveu: probably there's some build option on CentOS that is disabling compression. If 0.9.8b on Fedora8 built in October/2007 can do it, so 0.9.8e on CentOS 5.3 built on September/2009 should be able to do it too ... oh boy, i really hate those weirds compilation options from Redhat :\ and most interesting seems the problem is probably with openssl client or gnutls-cli on CentOS 5.3. From the same Fedora 8 box i done the previous tests, i pointed gnutls-cli to my CentOS 5.3 box with dovecot 1.2.5 and the zlib logging patch. And i have: - Version: TLS 1.0 - Key Exchange: DHE RSA - Cipher: AES 256 CBC - MAC: SHA - Compression: DEFLATE from maillog: Sep 28 18:36:54 correio dovecot: imap-login: Login: user=m...@box.com.br, method=PLAIN, rip=189.11.xx.xx, lip=200.140.xx.xx, TLS, TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits) zlib compression so, it seems server has the needed support for compression on TLS connections. Despite of that, connections from Thunderbird 2.0 and Windows Live Mail does not requests compression . -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it smime.p7s Description: S/MIME Cryptographic Signature
[Dovecot] compressed IMAP traffic
Simply (and maybe stupid) question .. is there anything that can be easily used to automatically compress IMAP traffic between client and server ? I was thinking if the SSL/TLS code enables some kind of compression as well. the idea is to reduce IMAP traffic between server and clients and not using VPN-like solutions, the idea is just some IMAP4 standard client (compatible with SSL/TLS if that's the case) and nothing else. can something like that be done ? -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] compressed IMAP traffic
Timo Sirainen escreveu: If your OpenSSL supports it, Dovecot supports it. I recently tested this with gnutls-cli program, openssl s_client for some reason didn't support it. I've no idea if any actual IMAP clients support it. i'm using OpenSSL shipped from CentOS 5.3 . is there any easy to check if the shipped OpenSSL supports that ??? -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
[Dovecot] simple feature request: IMAP logged out message
i'd like to make a simple feature request on dovecot i'm using v1.2.4 (latest one) and IMAP logout message, by default is: Sep 18 14:26:27 correio dovecot: IMAP(u...@domain.com): Disconnected: Logged out bytes=384/93 the message can be a little customized with: # IMAP logout format string: # %i - total number of bytes read from client # %o - total number of bytes sent to client imap_logout_format = bytes=%i/%o The remote IP address, the IP which the user is coming from, can only be seen on the login message: Sep 14 09:09:12 correio dovecot: imap-login: Login: user=u...@domain.com, method=PLAIN, rip=187.6.xx.xx, lip=200.140.yy.yy the feature request is that the remote IP address could be added on the Logout message too, that would make much easier to watch connections from some specific user and from some specific ip address, regarding traffic of the connection. For example, something like: Sep 18 14:26:27 correio dovecot: IMAP(u...@domain.com): Disconnected: Logged out bytes=384/93, rip=187.6.xx.xx, lip=200.140.yy.yy -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] simple feature request: IMAP logged out message
David Warden escreveu: I was looking for the same thing earlier this month. I'm not on v1.2.4 but that should have the mail_log_prefix option which lets you add something to the start of every log line, including logouts. I use that to put the username and remote IP in every log line. It has helped out quite a bit with troubleshooting. That's it .. i was using a simplified dovecot.conf and couldnt find mail_log_prefix. But then i searched on the default file and there it was. Now i'm using: mail_log_prefix = %Us(%u), rip=%r, lip=%l: with that, i have: Sep 18 15:43:45 correio dovecot: IMAP(u...@domain.com), rip=189.31.xx.xx, lip=200.140.yy.yy: Disconnected in IDLE bytes=1761/3265 thanks !!! -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] fixing deleted-to-trash-plugin
Lex Brugman escreveu: I have updated the wiki page: http://wiki.dovecot.org/Plugins/deleted-to-trash and attached the source to it, I hope this will help some other desperate people wanting to use Dovecot but missing this feature. Any feedback is welcome. just for curiosity the ' ... people wanting to use Dovecot but missing this feature' called my attention. This seems, IMHO, more a client-side feature missing than a server-side one. is there any other IMAP server with similar 'feature' ??? I have never seen any but i confess i have seen pretty few different imap server running do any other IMAP software daemon (like courier, for example) or any other full email package (like Zimbra or even Exchange, for example) have this feature in server-side fashion ??? I'm not starting a flame war on this plugin should exist or not, people should or not using it i really just wanna know if any other email systems/IMAP server have this feature for fixing a client-side feature lacking with some server-side workaround. -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] Question about the pop3 feature leave messages on server for a certain period of time
Axel Luttgens escreveu: No, I don't think to have omitted anything: I already replied to the OP wrt the 'leave messages on server' matter. Here, I was replying to Leonardo (who's not the OP) who started a new idea (a potentially misleading POP vs IMAP debate) within the original thread. Starting the POP vs IMAP war was not my intention and i really would like to say i'm sorry for that. My intention was to show the OP that, in the proposed scenario (same user with multiple MUAs trying to use leave message on server and have a intelligent behavior of that client-side feature), working with IMAP would a better choice (and smart one, in MY opinion), because keeping messages synced between several MUAs (let's not forget webmail is a pretty common second MUA used by users, usually a IMAP MUA) and server is part of IMAP protocol and does not depends on MUA behaviors or 'algorithms'. Everything is part of IMAP protocol, the $imapuser could even change MUA how many times he wants to and there would be no accidental loss of messages. Of course if some IMAP MUA has some client-side feature configured, like 'delete messages older than N days' configured, we can have some messages being deleted despite of user's will ... but that would NOT be an accidental loss of messages, that would be a EXPECTED loss of messages because of some MUA configuration. All the 'leave message on server' used by POP clients is NOT part of the POP protocol (yes i know POP is pretty well RFC-defined, but not those client-side features, as well as some IMAP client-side features are not RFC-defined as well). The major problem here seems to be the fact that for the POP3 server (dovecot or any other), the 'leave messages on server' feature simply does not exists. It may be guessed by the 'RETR' not followed by 'DELE' which usually happens, but that would be just a guess. There's no way to the server to control what will happen with that client-side feature and different MUAs accessing the same mailbox with POP3. The proposed of used the expire plugin would solve a different situation, not the initially proposed one. I use IMAP4 in some situations and use POP3 in others as well. I think IMAP4 is a better protocol nowadays, with fast internet connections and storages on server becaming cheaper each day. But it doesnt means POP3 is dead. But in some situations, like users who really needs the 'leave messages on server' feature, using pop3 is not a smart decision anymore. Which doesnt means everybody should stop using POP3 and changing to IMAP4 Dimitrios, i really think you'll have a hard time trying to find a server-side feature to control that mess of using leave messages on server with different MUAs by the simply fact that, in the server side, that thing simply does not exist. -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] Question about the pop3 feature leave messages on server for a certain period of time
Δημήτριος Καραπιπέρης escreveu: Hi I can clearly understand this, but what if we have two MUAs with different time period settings on the same account , 10 days the first and 20 days the second. The first when it will be connected on the 10th day it will delete on server all messages, so the second will not get anything at all Correct? IMHO, the 'leave messages on server' is a completly fucked up and stupid way of trying to do something that IMAP4 does very well, intelligently and RFC-based. If you need to use different MUAs to check the same account, you really should consider using IMAP4. You'll have message flagging stored on server (read messages, new messages, replied ones) ... you can even configure your MUA to store sent messages on a IMAP4 folder and see those sent messages from MUA1 when you access the mailbox on MUA2 !!! -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
[Dovecot] compression script for use with zlib module
Hi, I'm wondering if someone already implemented a compression script (and would like to share it) based on the step-by-step provided on wiki page of Zlib module. I can already do some find|xargs gzip but couldnt implement it completly as described on the wiki page. I know the suggested step-by-step is very detailed and probably a must simplier will be enough for almost anyone anyway, if someone have the full script and would like to share it, i would be glad to get it :) http://wiki.dovecot.org/Plugins/Zlib 1) Find the mails you want to compress in a single maildir. 2) Compress the mails to tmp/ * Update the compressed files' mtimes to be the same as they were in the original files (e.g. touch command) 3) Run maildirlock path timeout. It writes PID to stdout, save it. * path is path to the Maildir's dovecot-uidlist (the control directory, if it's separate) * timeout specifies how long to wait for the lock before failing. 4) If maildirlock grabbed the lock successfully (exit code 0) you can continue. 5) For each mail you compressed: 1. Verify that it still exists where you last saw it. 2. If it doesn't exist, delete the compressed file. Its flags may have been changed or it may have been expunged. This happens rarely, so just let the next run handle it. 3. If the file does exist, rename() (mv) the compressed file over the original file. * Dovecot can now read the file, but to avoid compressing it again on the next run, you'll probably want to rename it again to include e.g. a Z flag in the file name to mark that it was compressed (e.g. 1223212411.M907959P17184.host,S=3271:2,SZ). Remember that the Maildir specifications require that the flags are sorted by their ASCII value, although Dovecot itself doesn't care about that. 6) Unlock the maildir by sending a TERM signal to the maildirlock process (killing the PID it wrote to stdout). -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertru...@solutti.com.br My SPAMTRAP, do not email it
Re: [Dovecot] Postfix and Dovecot
the problem is when i change the node (machine) the hostname changes and even the user having e-mail on the mailbox the users can't download them. Machine: mail and the files have the mail2 in the end. About the dovecot log i will see this later cause I don't have the access now. Thanks! On Fri, Jan 23, 2009 at 6:28 PM, Timo Sirainen t...@iki.fi wrote: On Fri, 2009-01-23 at 09:47 -0200, Leonardo Coelho wrote: So far so good, the real problem is that the e-mail file name on server is like this: 1232449377.P31789Q0M963611.mail2 and when I using the server called mail the file stay like this: 1232449377.P31789Q0M963611.mail I'm using drbd disk for the mailboxes and when I'm using the server called mail the files with mail2 on the end is not read for the dovecot when the user turn on the mail client but if I change the end from mail2 to mail that's ok the dovecot can read. How can I make dovecot read both files or any name on the end? The file name makes absolutely no difference to Dovecot. Your problem is something else. How exactly does the problem show up? Does Dovecot log something? -- First they ignore you, then they laugh at you, then they fight you, then you win. - Mahatma Gandhi Linux User #373408 cabelohw.blogspot.com GPGkey ID 8AEEAAEB -- http://pgp.mit.edu
Re: [Dovecot] Postfix and Dovecot
Change the hostname parameters on server mail2 to mail the email files keep
the mail2 on the end.
On Fri, Jan 23, 2009 at 10:01 AM, Robert Schetterer
rob...@schetterer.orgwrote:
Leonardo Coelho schrieb:
Hi Everybody,
I'm mount two failover servers which use Postfix and Dovecot but the
hostname of the machines r diferent:
first node
# uname -n
# mail
secound node
#uname -n
#mail2
So far so good, the real problem is that the e-mail file name on server
is
like this:
1232449377.P31789Q0M963611.mail2
and when I using the server called mail the file stay like this:
1232449377.P31789Q0M963611.mail
I'm using drbd disk for the mailboxes and when I'm using the server
called
mail the files with mail2 on the end is not read for the dovecot when the
user turn on the mail client but if I change the end from mail2 to mail
that's ok the dovecot can read.
How can I make dovecot read both files or any name on the end?
Thanks
Hi i may fail here, but
wouldnt it be better to have real loadbalancing
( which includes failover ) on a loadbalanced shared ip
an configure postfix and dovecot using same hostname ?
then there should not be any differnce in a mails filename
but evtl this solves your problem more easy
depends on your setup if using lda
from example
##
## LDA specific settings
##
protocol lda {
# Address to use when sending rejection mails.
postmaster_address = postmas...@example.com
# Hostname to use in various parts of sent mails, eg. in Message-Id.
# Default is the system's real hostname.
#hostname =
--
Best Regards
MfG Robert Schetterer
Germany/Munich/Bavaria
--
First they ignore you, then they laugh at you, then they fight you, then
you win. - Mahatma Gandhi
Linux User #373408
cabelohw.blogspot.com
GPGkey ID 8AEEAAEB -- http://pgp.mit.edu
