Re: EXPUNGED Folder Always Visible
On Jun 5, 2024, at 12:21 AM, Pete Long via dovecot wrote: > After a restart of Dovecot, I see this in the logs: > > Jun 05 08:12:07 imap(pete)<19761>: Error: Mailbox Deleted > Messages: Lazy-expunge transaction failed: Mailbox Deleted Messages: UID=1 > 67: lazy_expunge: Couldn't open expunge mailbox: Failed to open mailbox > .EXPUNGED: Invalid mailbox name: Begins with hierarchy separator Hmmm, I'm not sure about that -- in my setup I have something different, with no actual mailbox for it: namespace { hidden = yes inbox = no list = no location = maildir:~/expunged prefix = .EXPUNGED/ separator = . type = private } plugin { lazy_expunge = .EXPUNGED/ lazy_expunge_only_last_instance = yes ... Perhaps someone else who has a similar setup to you with it as a mailbox can offer more advice, sorry! -- Robert L Mathews ___ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-le...@dovecot.org
Re: EXPUNGED Folder Always Visible
On Jun 4, 2024, at 8:40 AM, Pete Long via dovecot wrote: > > I'm having a bit of a time trying to get the EXPUNGED mailbox to not display > when any mail is moved or deleted. You should make the name start with a dot like ".EXPUNGED" to hide it from normal folders. See the "example configuration" at <https://doc.dovecot.org/configuration_manual/lazy_expunge_plugin/>, where it shows, for example: namespace inbox { mailbox .EXPUNGED { ... lazy_expunge = .EXPUNGED > Here is the information I think is relevant: As a tip, rather than doing this, send the output of "doveconf -n" to the list in the future. That way other people can see what your full configuration is, rather than guessing. -- Robert L Mathews ___ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-le...@dovecot.org
Re: Preventing deletion of mails in some directories?
On 5/17/22 1:12 PM, Philip Rhoades wrote: I can't get the system "chattr" to do what I want so I am wondering if there is some way to prevent deletion of mails in the INBOX and the Sent folders? Have you looked at ACLs: https://doc.dovecot.org/configuration_manual/acl/#acl -- Robert L Mathews
Re: ok replication does not work
On 3/24/22 1:49 PM, Paul Kudla (SCOM.CA Internet) wrote: and it just simply DOES NOT WORK > ... p...@scom.ca incremental Waiting for dsync to finish Have you tried debugging dsync to see what it's doing? https://doc.dovecot.org/configuration_manual/replication/ "If you want to debug the dsync, you can manually trigger it with..." -- Robert L Mathews
Re: Lucene support for FTS - EOL date.
On 2/6/22 12:05 AM, Alessio Cecchi wrote: I'm testing it and is almost "ready for production". Out of interest, why "almost"? Can you share what problems you've encountered with it? -- Robert L Mathews, Tiger Technologies, http://www.tigertech.net/
Re: Mailbox connection fails: Connection closed (No commands sent) Help please
On 12/7/21 2:49 PM, Alexander Dalloz wrote: Use a not expired certificate. $ openssl s_client -connect 194.163.45.150:993 CONNECTED(0003) depth=3 O = Digital Signature Trust Co., CN = DST Root CA X3 verify error:num=10:certificate has expired notAfter=Sep 30 14:01:15 2021 GMT That error's happening because you (Alexander) are using an old openssl version that has the problem described on: https://www.openssl.org/blog/blog/2021/09/13/LetsEncryptRootCertExpire/ That's not the problem that the original poster is having unless Thunderbird also has the same problem, which it may; see: https://community.letsencrypt.org/t/note-regarding-transition-to-r3-intermediate-with-firefox-or-thunderbird/140049 https://www.arcanoae.com/adding-lets-encrypts-new-root-and-intermediate-certificates-to-mozilla-applications/ In any case, this works fine with OpenSSL 1.1 or later: $ openssl s_client -connect mail.sizzelicks.com:993 ... * OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN AUTH=LOGIN] Dovecot (Ubuntu) ready. -- Robert L Mathews, Tiger Technologies, http://www.tigertech.net/
Re: sieve match with contain asterisk
On 7/3/21 12:36 AM, Hardy Flor wrote: > Thanks for the hint. But that means the keyword can be within the > subject. I actually only wanted to look for it at the beginning. Ah. In that case, you want: if header :matches "Subject" "\\*xyz\\**" I tested this and it works; see <https://datatracker.ietf.org/doc/html/rfc5228#section-2.7.1>: "?" and "*" may be escaped as "\\?" and "\\*" in strings to match against themselves. The first backslash escapes the second backslash; together, they escape the "*". This is awkward, but it is commonplace in several programming languages that use globs and regular expressions. -- Robert L Mathews, Tiger Technologies, http://www.tigertech.net/
Re: sieve match with contain asterisk
On 7/2/21 4:43 AM, Hardy Flor wrote: > I want to find a keyword in the subject between two "*". > How do I have to mask the "*" correctly? > > I tried: > if header :matches "subject" "\*xyz\**" > if header :matches "subject" "\\*xyz\\**" Use ":contains" instead of ":matches": if header :contains "Subject" "*xyz*" In ":contains", asterisks aren't wildcards and don't need escaping. -- Robert L Mathews, Tiger Technologies, http://www.tigertech.net/
Re: What imap ssl/auth settings work best with MS Outlook?
On 4/29/21 2:22 AM, Steve Dondley wrote: > Some more nuttiness: I bit the bullet and downloaded a trial version of > MS 365 and downloaded the Outlook desktop. On my mac, at least, there > are two different interfaces/version of Outlook: the "old" Outlook and a > "new," more minimalist version. You can switch between the versions easily. > > On the "old" outlook, I was able to get things set up without issue. But > with the "new" outlook, I couldn't send email or set up a new account. I also have seen this. We had a customer within the last month report that the "new Outlook" did not work on port 143 with STARTTLS -- it shows a generic error that it has "a connection problem". I was able to buy a copy of it and duplicate it. Switching back to "old Outlook" fixes it. Switching "new Outlook" to port 993 with forced TLS/SSL also solves it. So does disabling STARTTLS on port 143 in "new Outlook". The "new Outlook" is labeled as a work in progress -- it only received IMAP support at all within the last couple of months! -- so maybe they will fix this. That said, there's a trend nowadays to avoid STARTTLS due to "STRIPTLS" attacks -- see the "Weaknesses and mitigations" section on <https://en.wikipedia.org/wiki/Opportunistic_TLS>. Port 993 with forced TLS is immune to this. Because of this, I've changed my company's various email autoconfigure/autodiscover hints and help pages to recommend configuring new clients using port 993 for IMAP and port 465 for SMTP submission (rather than 143 and 587 with STARTTLS). I don't need the hassle of finding out the hard way that new programs are deprecating STARTTLS, if that's what they're doing. -- Robert L Mathews, Tiger Technologies, http://www.tigertech.net/
Re: POP3 server fails to replicate deletions
On 4/17/21 11:10 AM, Stephen Gildea wrote: > run the pop3 server from the command line, type this to it: > > DELE 1 > QUIT > > This correctly deletes the first message on the local server, but it > does not send a replication notify message. This problem, and possible solutions, are discussed in the "Issues > Deleted Messages" section of: https://wiki.dovecot.org/Replication -- Robert L Mathews, Tiger Technologies, http://www.tigertech.net/
Re: Master user password mismatch
On 2/1/21 12:46 PM, Gregory Sloop wrote: > I was never able to get it to work using the htpasswd utility as > suggested in the Wiki. I'd guess that's due to this from "man htpasswd" on my system: > htpasswd encrypts passwords using either bcrypt, a version > of MD5 modified for Apache, SHA1, or the system's crypt() > routine [... MD5] is the default (since version 2.2.18). So it's emitting something weird that's now specific to Apache only. You can pass htpasswd flags to emit SHA passwords and so on, but "doveadm pw" probably makes more sense. -- Robert L Mathews, Tiger Technologies, http://www.tigertech.net/
Re: IMAP from localhost (Squirrelmail) works, IMAP from remote (Outlook) does not authenticate
On 12/24/20 3:56 PM, Wayne Carrel wrote: > From maillog: > > (Successful login from localhost via squirrel mail) > > Dec 24 16:14:19 mail dovecot: imap-login: Login: user=, > method=PLAIN, rip=::1, lip=::1, mpid=2279, secured, > session= > > (Unsuccessful login from remote ip via Outlook) > > Dec 24 16:13:53 mail dovecot: imap-login: Disconnected (auth failed, 1 > attempts in 4 secs): user=, method=PLAIN, > rip=75.xx.xx.xx, lip=198.xx.xx.xx, session=<1s/i9T23yspLRsWA> The username is different. Squirrelmail is using username "terry"; Outlook is using "te...@mydomainname.com". -- Robert L Mathews, Tiger Technologies, http://www.tigertech.net/
Re: Understanding matches in sieve
On 10/21/20 11:15 AM, @lbutlr wrote: > RFC 5229 gives the following example: > > if address :matches ["To", "Cc"] ["coyote@**.com", > "wile@**.com"] { > # ${0} is the matching address > # ${1} is always the empty string > # ${2} is part of the domain name ("ACME.Example") > fileinto "INBOX.business.${2}"; stop; > > And I do not understand why ${1} is always the empty string. This is because of the text above that: "The wildcards match as little as possible (non-greedy matching)." This example has two wildcards in a row (""**" doesn't mean anything special beyond that) -- and because the first "*" matches as little as possible, it matches nothing (the empty string). The second "*" matches everything between "@" and ".com". The same thing happens with real regexps: #!/usr/bin/perl $x = 'coy...@acme.example.com'; $x =~ /coyote\@(.*?)(.*?)\.COM/; printf '$1 is "%s"; $2 is "%s"', $1, $2; This will print: $1 is ""; $2 is "ACME.Example" > I am laso not sure why the first example used **.com instead of *.com (or is > that the reason $1 doesn't contain anything because it is the first * of **?). Yes. The example is confusing because it makes it look like "**" is some magic thing you might want to use. It's not. -- Robert L Mathews, Tiger Technologies, http://www.tigertech.net/
Re: What causes mails to get striked-over only, and not deleted?
On 5/22/20 4:01 PM, Sebastian Nielsen wrote: > and this sieve file (sent.sieve): > > discard; > > This should clearly cause the mail to be deleted right? > But whats happen, is that the mail is not deleted, its just marked for > deletion (gets a strike-through in Microsoft Outlook). That means the message has had its "\Deleted" flag set, which is what the discard command does: https://tools.ietf.org/html/rfc6785#section-3.5 But the mailbox has not been "expunged". You probably want to set "imapsieve_expunge_discarded=yes"; see: https://github.com/dovecot/pigeonhole/blob/master/doc/plugins/imapsieve.txt#L125 -- Robert L Mathews, Tiger Technologies, http://www.tigertech.net/
Re: Is there a way to hide the top level virtual IMAP folder when using the virtual plugin?
As a quick followup to this, I didn't receive any replies to the message below, so I'm assuming it's currently impossible to "mix" virtual folders in with "real" top level folders at the top level of the IMAP hierarchy. If I'm wrong, a pointer to how to do so would be much appreciated! On 12/17/19 11:20 AM, Robert L Mathews wrote: I'm experimenting with the Virtual plugin to give users access to folders like "All Mail", "Recent" and so on, similar to Gmail. Something like this works properly: mail_location = maildir:~/ namespace { inbox = yes location = prefix = INBOX. separator = . type = private } namespace { prefix = INBOX.virtual. separator = . location = virtual:virtual list = children ignore_on_failure = yes } I can then create "virtual/All Mail/dovecot-virtual" and "virtual/Recent/dovecot-virtual" in the maildir directory, and it works. However, when accessed using IMAP, an IMAP folder named "virtual" shows in the folder hierarchy, with "All Mail" and "Recent" descended from "virtual". It looks like: INBOX Drafts Sent Trash virtual All Mail Recent I'd prefer the virtual folders to be a level up the hierarchy without the "virtual" parent visible, like: INBOX All Mail Drafts Recent Sent Trash Is that possible? I've tried changing the "prefix = INBOX.virtual." on the virtual namespace to just "prefix = INBOX.", but that causes a "Duplicate namespace prefix" error. I also tried using "alias_for" to merge the namespaces, but that causes "namespace configuration error: Namespace virtual. can't have alias_for=INBOX. to a different storage type (virtual vs maildir)". -- Robert L Mathews, Tiger Technologies, http://www.tigertech.net/
Is there a way to hide the top level virtual IMAP folder when using the virtual plugin?
I'm experimenting with the Virtual plugin to give users access to folders like "All Mail", "Recent" and so on, similar to Gmail. Something like this works properly: mail_location = maildir:~/ namespace { inbox = yes location = prefix = INBOX. separator = . type = private } namespace { prefix = INBOX.virtual. separator = . location = virtual:virtual list = children ignore_on_failure = yes } I can then create "virtual/All Mail/dovecot-virtual" and "virtual/Recent/dovecot-virtual" in the maildir directory, and it works. However, when accessed using IMAP, an IMAP folder named "virtual" shows in the folder hierarchy, with "All Mail" and "Recent" descended from "virtual". It looks like: INBOX Drafts Sent Trash virtual All Mail Recent I'd prefer the virtual folders to be a level up the hierarchy without the "virtual" parent visible, like: INBOX All Mail Drafts Recent Sent Trash Is that possible? I've tried changing the "prefix = INBOX.virtual." on the virtual namespace to just "prefix = INBOX.", but that causes a "Duplicate namespace prefix" error. I also tried using "alias_for" to merge the namespaces, but that causes "namespace configuration error: Namespace virtual. can't have alias_for=INBOX. to a different storage type (virtual vs maildir)". -- Robert L Mathews
Re: Overrideing pop delete?
On 12/15/18 8:09 AM, @lbutlr wrote: > I have a question about the namespace section. > >> You create only a single namespace. > [...] > First all, that shows two namespace sections. When it says "You create only a single namespace", it means you would create a single extra namespace for the lazy expunge plugin (instead of creating *three* new namespaces just for the plugin, as in the later example on that page). This extra single lazy expunge namespace would be in addition to any normal namespaces you already have. > Am I just adding the new namespace for lazy_expunge inside that? No. Do not touch your existing namespaces at all. You add a new one for lazy expunge. > And, finally, is there any way to limit this to only POP3 delete instead of > all IMAP? Haven't tried that, but perhaps you could experiment with adding it to mail_plugins in only the "protocol pop3" section, like: protocol pop3 { mail_plugins = $mail_plugins lazy_expunge } -- Robert L Mathews, Tiger Technologies, http://www.tigertech.net/
Re: Overrideing pop delete?
On 12/14/18 3:34 PM, @lbutlr wrote: > Now that I think about it, even better would be a way to move the messages > into an archive box when they are downloaded, this way they will be entirely > invisible from the POP3 access, and I can use normal expiry functions to > clean out that archive after backup. We do exactly this using the "Lazy Expunge" plugin: https://wiki.dovecot.org/Plugins/Lazyexpunge Despite the IMAP-sounding "expunge" in the name, it works for all deletions, including POP3. -- Robert L Mathews, Tiger Technologies, http://www.tigertech.net/
Re: "failed to map segment from shared object" in sieve pipe
On 3/21/18 5:28 PM, Dorian Taylor wrote: > 1) I previously had the vsz_limit unset, and subsequently set to 256M; > neither worked. > > 2) I wrote a test script that just ran in a loop appending to a string and > printing to stderr how long the string was; it was killed after it reported > accumulating about 2MB. > > Weird? or normal? Probably normal. VSZ includes the total size of all shared objects mapped into the process address space, whether it's actually used or not; it's much larger than the memory actively used (which is somewhat related to "RSS"). We had to increase the Dovecot vsz_limit to 1 GB (!!!) because it would occasionally run out of 256 MB VSZ memory when doing FTS indexing at delivery time. A bunch of large Perl modules could conceivably do that, too. I'd set it to 1 GB instead of zero, though, and see if that works. You probably want *SOME* limit in case of real problems. -- Robert L Mathews, Tiger Technologies, http://www.tigertech.net/
Re: v2.2.28 released
On 3/6/17 2:30 PM, Timo Sirainen wrote: > I don't see anything critical. A couple of bugs that might or might > not affect you. We'll have 2.2.29 soon enough, so no plans for other > releases before that. As a comment: When trying to choose which version of Dovecot to use in production, I've found it difficult that minor point releases add new features and make other changes, as well as purely fixing bugs. It's a challenge to find a Dovecot version that fixes known issues without introducing other (possibly problematic) changes. As a result, I end up using what seems to be a mostly stable version, plus "extra patches I grabbed from reading the mailing list". I'm grateful for all the effort put into the code, but for me, at least, it would be easier to work with if new features and changes were only in new versions like 2.3, with 2.2.x only fixing bugs. (And when 2.3 is stable, new features would be in 2.4, with 2.3.x just fixing bugs, and so on.) This is the model used in Postfix development, for example, and I find it easier to work with in terms of finding a known stable version. But again, this could be just me, and I apologize if this has already been suggested and found inappropriate. As I said, I definitely appreciate that the code is constantly being improved. -- Robert L Mathews, Tiger Technologies, http://www.tigertech.net/
Re: Problem with Let's Encrypt Certificate
On 2/17/17 1:38 PM, chaouche yacine wrote: > Seems wrong to me too, Robert. If you put your private key inside > your certificate, won't it be sent to the client along with it ? No; any SSL software that uses the file will extract the parts it needs from it and convert them to its internal format for future use. It never literally sends the file contents anywhere. It's common and often recommended for a PEM file to contain everything needed; see, for example, the bottom section of: https://www.digicert.com/ssl-support/pem-ssl-creation.htm Doing this avoids the key and certificate files getting out of sync later. -- Robert L Mathews, Tiger Technologies, http://www.tigertech.net/
Re: Problem with Let's Encrypt Certificate
On 2/17/17 8:58 AM, Bastian Sebode wrote: > I uploaded two Wireshark tracefiles, further logs and dovecot -n Looking at your dovecot -n, you're using two different files here: ssl_cert = http://www.tigertech.net/
Re: [feature suggestion] pigeonhole - sendmail path for outgoing email
On 10/6/16 2:19 AM, Stephan Bosch wrote: > The sendmail_path setting is documented here (not Sieve-specific): > > http://wiki.dovecot.org/LDA And I can confirm that it works; we've been using this for a long time and it correctly affects Sieve: protocol lda { # used if sieve resends a message: sendmail_path = /usr/local/bin/dovecot-sendmail-wrapper } -- Robert L Mathews, Tiger Technologies, http://www.tigertech.net/
Re: Dovecot delete and expunge loop
On 7/5/16 3:37 PM, Il Neofita wrote: > I am using dovecot 2.0.9 with redhat 6.8 > One client with Outlook 2013 is deleting and expunging and email over and > over changing the uid. > I am not able to understand how to solve it. Is this by any chance happening with the "Junk Email" folder? If so: I've been seeing it happen occasionally with our customers for a couple of years, and have never found any solution. I suspect it to be a bug in Outlook (both 2013 and 2016), where it incorrectly re-detects mail it finds in that folder as Junk again, and then re-APPENDs it to the same folder, and so on. But I've never been able to find any other reports of it, on any mail server software. Disabling all the Junk controls in Outlook stops it. So does "chmod 0500 tmp" in the ".Junk E-mail" directory on the server. :-) -- Robert L Mathews, Tiger Technologies, http://www.tigertech.net/
Re: overview zlib efficiency?
On 3/15/16 10:13 AM, Sven Hartge wrote: > I don't have a script, but I can provide some numbers. I did a test with > a server for about 10.000 users and 2TB worth of mail, converting from > Maildir++ to mdbox with zlib (level = 6) and had a final size of 1TB, so > 2:1 reduction. These numbers roughly match my results. About 6 TB of mail compresses down to about 3 TB. The difference in ongoing CPU use for compression "on the fly" of newly arriving mail, and decompression of mail from the disk, is unnoticeable on my servers. Also keep in mind that even if it does increase CPU usage, it reduces disk usage. This is probably an excellent tradeoff for most people, since most servers are limited by disk throughput/latency more than CPU power. -- Robert L Mathews, Tiger Technologies, http://www.tigertech.net/
Re: Corrupted index cache file - migration with zlib
On 1/14/16 8:51 PM, Leon Kyneur wrote: > figured out my issue > > I changed: > protocol imap { > mail_plugins = quota imap_quota imap_zlib > } > > to this: > protocol imap { > mail_plugins = $mail_plugins imap_quota imap_zlib > } > Right. This is because it needs the "zlib" plugin enabled, and in your original configuration, the zlib plugin was enabled systemwide: > mail_plugins = quota zlib ... but these lines completely replaced the "mail_plugins" setting for imap, and didn't include zlib: > protocol imap { > mail_plugins = quota imap_quota imap_zlib > } Your fixed configuration *adds* additional plugins to the systemwide mail_plugins setting rather than replacing them, so it correctly uses zlib for IMAP. It would also work if you used: protocol imap { mail_plugins = quota zlib imap_quota imap_zlib } > No longer getting the error after migration with zlib enabled.. could there > be any kind of better warning or error handling around this? (if this is > the actual issue) Well, the documentation at <http://wiki.dovecot.org/Plugins/Zlib> does suggest doing it with "mail_plugins = $mail_plugins zlib", and it gives those errors in the log if you forget it. There's an argument to be made for "Dovecot should *always* try to uncompress 'obviously' compressed files", that apparently opens up security issues, exposing Dovecot to bugs in the system's compression libraries even if the admin intentionally doesn't use compression. -- Robert L Mathews, Tiger Technologies, http://www.tigertech.net/
Re: IMAP COPY creates invalid index data with zlib and mail_log plugins enabled but zlib_save off
On 10/30/15 3:06 PM, Robert L Mathews wrote: > I've noticed that maildir IMAP COPY commands can generate invalid > dovecot.index entries when all seven of the following are true: As a followup to my own post, I believe I've tracked this problem down to this code at lines 119-124 of /src/plugins/zlib/zlib-plugin.c: /* don't uncompress input when we are reading a mail that we're just in the middle of saving, and we didn't do the compression ourself. in such situation we're probably checking if the user-given input looks compressed */ if (_mail->saving && zuser->save_handler == NULL) return zmail->super.istream_opened(_mail, stream); When these lines are removed, the problem no longer happens. I'm guessing that an IMAP COPY with the seven circumstances I mentioned matches "we are reading a mail that we're just in the middle of saving, and we didn't do the compression ourself". But the mail apparently does need decompressing in this situation. It seems odd for the code to not simply decompress the mail in all cases. But I'm not sure what other code relies on this check, so I have no idea whether removing these lines might cause problems. -- Robert L Mathews, Tiger Technologies, http://www.tigertech.net/
IMAP COPY creates invalid index data with zlib and mail_log plugins enabled but zlib_save off
x_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0660 user = postfix } } service pop3-login { process_min_avail = 8 service_count = 0 } service pop3 { process_limit = 2000 } ssl = no userdb { args = /etc/dovecot/dovecot.users driver = passwd-file } verbose_proctitle = yes protocol imap { imap_client_workarounds = delay-newmail imap_logout_format = %i bytes in, %o bytes out } protocol pop3 { pop3_client_workarounds = outlook-no-nuls oe-ns-eoh pop3_logout_format = ; %i bytes in, %o bytes out, %t top (%p bytes), %r retr (%b bytes), %d of %m deleted, mailbox size %s bytes pop3_uidl_format = UID%u-%v } protocol lda { mail_fsync = optimized mail_plugins = mail_log notify zlib sieve } protocol lmtp { mail_fsync = optimized mail_plugins = mail_log notify zlib sieve } -- Robert L Mathews, Tiger Technologies, http://www.tigertech.net/
Re: doveadm backup doesn't work anymore after upgrading to 2.2.18
On 5/19/15 6:19 AM, Jesus Cea wrote: dsync-local(jcea): Error: Remote command returned error 65: ssh csi doveadm dsync-server dsync-server Now in 2.2.18 I get the second error and the backup is aborted. It doesn't work anymore. I don't find any reference to error 65 anywhere. Error 65 is likely the SSH process exit code. Pages like this suggest it's Host Not Allowed To Connect: http://support.attachmate.com/techdocs/2285.html If you haven't already done so, check that running the same SSH command manually (ssh csi and variations) works. -- Robert L Mathews, Tiger Technologies, http://www.tigertech.net/
Full text search indexes not used for header/body OR queries?
I've noticed that when using Lucene full text search, most queries use the indexes and/or header cache and are fast: . SEARCH BODY test . OK Search completed (0.001 secs). . SEARCH SUBJECT test . OK Search completed (0.053 secs). . SEARCH BODY test SUBJECT test . OK Search completed (0.002 secs). . SEARCH OR SUBJECT test FROM test . OK Search completed (0.093 secs). But an OR query that mixes headers and body does not use the available FTS indexes for the BODY part and is slow: . SEARCH OR BODY test SUBJECT test * OK Searched 62% of the mailbox, ETA 0:05 * OK Searched 70% of the mailbox, ETA 0:04 . OK Search completed (15.147 secs). Is this the expected behavior? Since the FTS code can handle an AND of header and body searches, I'm surprised it doesn't do the same for an OR. I noticed this while tracking down poor performance in Thunderbird, which issues searches like this: UID SEARCH RETURN (ALL) (OR FROM Evelyn (OR SUBJECT Evelyn (OR TO Evelyn (OR CC Evelyn BODY Evelyn NOT DELETED These are slow even with FTS enabled because of this behavior. I'm using Dovecot 2.1.7 from Debian wheezy. (I know this is outdated; however, I've examined the 2.1.x and 2.2.x changelogs and found no mention of it.) -- Robert L Mathews, Tiger Technologies, http://www.tigertech.net/
Re: Full text search indexes not used for header/body OR queries?
As a followup to my own message: On 5/8/15 1:34 PM, Robert L Mathews wrote: I've noticed that when using Lucene full text search, most queries use the indexes and/or header cache and are fast [...] But an OR query that mixes headers and body does not use the available FTS indexes for the BODY part and is slow: This turned out to be my own fault because of a foolish mistake I made when testing. Dovecot actually works fine on all the search queries I mentioned, even in version 2.1.7. My apologies for the noise on the list. (My mistake was that when switching from Squat to Lucene, I didn't remove a local patch that prevented FTS from being used for header searches, because I thought the patch was only affecting Squat. That patch was to workaround what I reported in http://www.dovecot.org/list/dovecot/2014-May/096360.html. But the patch also affected Lucene.) -- Robert L Mathews, Tiger Technologies, http://www.tigertech.net/
Re: vsz_limit is 18,447 PB
On 9/8/14 3:38 PM, Jiri Bourek wrote: Hm, I can only guess (someone with more knowledge of dovecot source code probably knows better), but it seems like that value is magic number for not set. My doveconf outputs the same thing on services which don't have vsz_limit set explicitly, but when I list /proc/[pid]/limits on such a service, the row called Max address space (which is - AFAIK - limit on vsz) shows 2GB, a value of default_vsz_limit setting. I'd say don't overthink it, just put explicit vsz_limit = 512M into service imap section (if your machine's RAM allows) and be done with it. Right. According to my notes from when I upgraded to 2.x, 18446744073709551615 means it's not set and that the default_vsz_limit will apply, which is 256 MB. To avoid the problem the original poster had, I used: default_vsz_limit = 1 G -- Robert L Mathews, Tiger Technologies, http://www.tigertech.net/
Re: Permissions with mailman
On 7/3/14, 11:03 AM, Niklas Lemcke - 林樂寬 wrote: Jul 2 15:29:39 blade01 dovecot: lda(list): Error: user list: Initialization failed: Initializing mail storage from mail_location setting failed: mkdir(/var/mail/vmail//list/mail) failed: Permission denied (euid=38(list) egid=38(list) Now since dovecot is running as user vmail According to the error, it's not running as user vmail for this delivery. It's running as uid/gid 38, list. Look at how lda gets executed for this delivery to see why it's using uid 38. -- Robert L Mathews, Tiger Technologies, http://www.tigertech.net/
[Dovecot] Incorrect IMAP search results when FTS/Squat indexes are present with 2.1.7
wondering if anyone knows the cause of (and fix for) this. Here's my doveconf -n: # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-4-amd64 x86_64 Debian 7.4 auth_master_user_separator = * auth_mechanisms = plain login auth_username_format = default_vsz_limit = 1 G disable_plaintext_auth = no lda_mailbox_autosubscribe = yes listen = * log_timestamp = %Y-%m-%d %H:%M:%S login_log_format_elements = pid=[%p] user=%u method=%m rip=%r lip=%l %c mail_fsync = never mail_location = maildir:~/ mail_max_userip_connections = 100 mail_plugins = fts fts_squat mail_log notify managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave spamtest spamtestplus namespace { inbox = yes location = prefix = INBOX. separator = . type = private } namespace { hidden = yes inbox = no list = no location = prefix = separator = . type = private } passdb { args = /etc/dovecot/dovecot.users driver = passwd-file } passdb { args = /etc/dovecot/master-passwords driver = passwd-file master = yes pass = yes } plugin { fts = squat mail_log_events = copy expunge mail_log_fields = box msgid size from sieve = %h/mailbox.sieve sieve_after = %h/../../domain-after.sieve sieve_before = %h/../../domain-before.sieve sieve_dir = %h/sieve sieve_extensions = -reject +spamtest +spamtestplus sieve_global_dir = %h/../../sieve-global-include-scripts sieve_spamtest_max_value = 7 sieve_spamtest_status_header = X-Spam-Level sieve_spamtest_status_type = strlen } protocols = pop3 imap lmtp sieve service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } } service imap-login { process_min_avail = 8 service_count = 0 } service imap { process_limit = 2000 } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0660 user = postfix } } service pop3-login { process_min_avail = 8 service_count = 0 } service pop3 { process_limit = 2000 } ssl = no userdb { args = /etc/dovecot/dovecot.users driver = passwd-file } verbose_proctitle = yes protocol imap { imap_client_workarounds = delay-newmail imap_logout_format = %i bytes in, %o bytes out } protocol pop3 { pop3_client_workarounds = outlook-no-nuls oe-ns-eoh pop3_logout_format = ; %i bytes in, %o bytes out, %t top (%p bytes), %r retr (%b bytes), %d of %m deleted, mailbox size %s bytes pop3_uidl_format = UID%u-%v } protocol lda { mail_fsync = optimized mail_plugins = sieve postmaster_address = postmas...@tigertech.net sendmail_path = /usr/local/bin/dovecot-sendmail-wrapper } protocol lmtp { mail_fsync = optimized mail_plugins = sieve postmaster_address = postmas...@tigertech.net sendmail_path = /usr/local/bin/dovecot-sendmail-wrapper } -- Robert L Mathews, Tiger Technologies, http://www.tigertech.net/
Re: [Dovecot] Odd ownership of the dovecot-uidlist file
On 5/26/14, 6:06 PM, dclist.h...@hook.net.nz wrote: It would be great if someone can give us some hints where the problem maybe as this has us stumped. Have you tried stat dovecot-uidlist after it's changed to look at all three times of the file? The Change time is probably more interesting than the modification time. It should show the time that the ownership was altered or the file recreated, and maybe you can look at the logs to see what happened then. -- Robert L Mathews, Tiger Technologies, http://www.tigertech.net/