Re: [Dovecot] FreeBSD tuning for a dovecot + postfix server ?

[mouss]

Le 14/02/2011 11:08, Frank Bonnet a écrit :
> Hello
> 
> I've googled around  to tune a bit my mailhub ( AMD64 FreeBSD 8.1, 12 Gb
> RAM,

I guess you mean 12 Go (or 12 GB) ;-p

> 2 Tb raid5 disks , ~4000 mailboxes unix users )
> but I am a bit confused,
> 
> All my clients use thunderbird as MUA ( IMAP, IMAPS ) to connect to the
> mailhub
> no direct access to the machine.
> 
> Any of you guys has some pointer to give ?

the answer is: when tuning is needed, you will know it: you will have
concrete problems.

if you observe no problem, tune your week-end instead. as the saying
goes: "premature optimisation is the root of all evil".

Re: [Dovecot] dovecot@dovecot.org

[mouss]

Le 29/01/2011 21:15, Veronese Claudio a écrit :
> I apologize, but I can not find a complete list of directives in
> dovecot.conf possible. where can I find? thanks

dunno if it's complete, but
http://wiki.dovecot.org/MainConfig

Re: [Dovecot] Keep a copy of email.

[mouss]

Le 05/11/2010 19:02, Henrique Fernandes a écrit :

Can dovecot-lda, keep a copy of any email that it receives in a diferente
folder ?


Like if u...@domain.com get an email. It goes to u...@domain.com inbox and
goes to other folder..diferente that his mailboxes ?

I want this with all users. Can it be done ?

If not, does any one have any ideia how could it be done ?

We are having serius problems with backups, with this  we gona be able to at
least save one or two days of each emails, than rotate them again.

I though about using postfix always_bcc, but would be everyones emails only
in one account.


recipient_bcc_maps = pcre:/etc/postfix/recipient_bcc.pcre

== recipient_bcc.pcre
/^(.*)@(example\.com)/$1...@bcc.example.org



  Though in migh use sieve for filter this acount and separete
it for each folder.. but i don't guess sieve could get a parameter from the
email to make a filter.. or can it ?

like, if email from us...@domain.com it goes to user2 folder, but this user2
would be variable, otherwise i have to create a sieve too bigm and would
work i guess.

Well, i am open to ideas.

Thanks!

[]'sf.rique

Re: [Dovecot] Mailing lists in Dovecot?

[mouss]

Le 01/11/2010 14:44, Peter Reinhold a écrit :

Hi all,

I was wondering if anyone could recommend a simple mailing list manager that 
plays well with a Postfix/Dovecot setup, with virtual domains?

It really just has to be very simple, basically, an alias would work, if I 
could rewrite the sender address/name, and I don't really need the possibility 
for users to subscribe via e-mail based commands.


depends on what you exactly needs. postfix alone may do the job, or it 
may not. anyway, post to the postfix-users list with more details.


Otherwise, mailman isn't hard to setup. and you get the benefits of a 
"real" list manager.



I've looked at the XEXEC plugin as a possible method of doing this, via some 
Perl perhaps, anyone has any experience using this they would like to share?


Mvh,

Peter Reinhold / pe...@reinhold.dk

Re: [Dovecot] dovecot dead but subsys locked: auth process died to early, error 127

[mouss]

Andy Yen a écrit :
> I am having trouble starting up dovecot on my RHEL5 server.
> 
> When starting the dovecot service, I get:
> 
> dovecot dead but subsys locked
> 

To force dovecot startup, then look for the lock file under
/var/lock/subsys/ and delete it. then start doevcot again (using RH
startup script I mean).

> Looking into the mail logs, I find:
> 
> dovecot: Auth process died too early - shutting down
> dovecot: child 4165 (auth) returned error 127
> 
> Does anybody know how I can fix this?
> 

For that, I guess you need to provide more infos to the list.

Re: [Dovecot] Migrating mail between servers

[mouss]

Knute Johnson a écrit :
> I've currently got dovecot running on a Fedora server and I want to move
> all my mail to my new server running ubuntu.  Both use mbox and I have
> IMAP working in both.  Can I just copy the ~user/mail directory and
> /var/mail/user file and replace them in the new server?
> 

you need to stop any mail delivery or access to avoid corruption or mail
loss. This is one of advantages of maildir over mbox.

while copying between servers, use temp files that are on the same
partitions as the source/dest files. this way, "mv" is
quasi-instantaneous (no file copy).

Re: [Dovecot] Script: Moving Maildirs between servers

[mouss]

Peter Lindgren a écrit :
> Hi,
> I just migrated from dovecot 1.0.rc29 to 1.1.7, from Sparc platform to
> Intel, it went very well.
> In the process I merged folders and excluded folders from being copied.
> User rights on folders were kept/set.
> I thought I'd share my migration script with you folks. If there's an
> interest to put it on the wiki I can do that, but I'm not sure in what
> page.
> Use it as a starter if you need to do this yourselves.
> Prerequisites:
>  * User names are local unix accounts
>  * Old server's /home must be mounted with nfs
>  * Structure and user names must match between the two systems
>  * Source dovecot must be at least version 1.0.x
>  * Destination dovecot must be 1.1.x
>  * Only dovecot data folders and files are copied, neither dovecot
> indices nor Sieve scripts etc.
> 
> Here it goes, have fun!
> /Peter
> 
> 
> #!/bin/sh
> #
> # Migrates dovecot Maildir folders and settings from older dovecot on
> # old server to new dovecot on new server.
> # Prerequisites:
> # * User names are local unix accounts
> # * Old server's /home must be mounted with nfs
> # * Structure and user names must match between the two systems
> # * Source dovecot must be at least version 1.0.x
> # * Destination dovecot must be 1.1.x
> # * Only dovecot data folders and files are copied, neither dovecot
> indices nor Sieve scripts etc.
> #

rsync would be simpler.

Re: [Dovecot] TLS / SSL login with Thunderbird very slow ?

[mouss]

Matthias Andree a écrit :
> On Sat, 24 Jan 2009, Marko Weber | Salondigital.de wrote:
> 
>> Hi ,
>> i use dovecoz 1.1.4 with TLS / SSL only.
>> i takes up to ~10 seconds that Thunderbird login and send the mail.
> 
> "send the mail" has nothing to do with Dovecot, but with the SMTP
> server, such as Exim (which may try ident queries that your client
> possibly firewalls) or Postfix.
> 

including reverse dns lookup problems.

>> why is this so slow?
>> any chance to speed up this ?
> 
> Figure out what takes so long (Wireshark or tcpdump) - do not only log
> Dovecot queries.
> 

Re: [Dovecot] Postfix and Dovecot

[mouss]

Leonardo Coelho a écrit :
> Hi Everybody,
> I'm mount two failover servers which use Postfix and Dovecot but the
> hostname of the machines r diferent:
> first node
> # uname -n
> # mail
> secound node
> #uname -n
> #mail2
> So far so good, the real problem is that the e-mail file name on server is
> like this:
> 
> 1232449377.P31789Q0M963611.mail2
> 
> and when I using the server called mail the file stay like this:
> 
> 1232449377.P31789Q0M963611.mail
> 
> I'm using drbd disk for the mailboxes and when I'm using the server called
> mail the files with mail2 on the end is not read for the dovecot when the
> user turn on the mail client but if I change the end from mail2 to mail
> that's ok the dovecot can read.
> 
> How can I make dovecot read both files or any name on the end?
> 

As Timo said, the file names do not matter. I have files from an old
server that was running courier and they are read without problems.

what makes you believe that dovecot does not "read" the files? and more
precisely, what do you mean by "read" exactly?

Re: [Dovecot] help on writing a rule for perventing spam

[mouss]

Giuliano Gavazzi a écrit :
> 
> On T 22 Jan, 2009, at 11:49 , Charles Marcus wrote:
> 
>> On 1/21/2009, Giuliano Gavazzi (dev+li...@humph.com) wrote:
>>>> The postfix backscatter readme is a good start, esppecially is you are
>>>> using postfix - and if you aren't, why aren't you? ;) ... but the
>>>> concepts can be applied to any MTA...
>>
>>> I don't use postfix, because I use exim...
>>
>> And as I said... the CONCEPTS can be applied to ANY MTA...
> 
> 
> well, first of all backscatter is not really the issue of this thread.

agreed.

> Secondly the concepts are not all that good.

They are ;-p

> In particular the one
> entitled:
> 
> Blocking backscatter mail with forged sender information
> 
> that states:
> 
> "Like many people I still have a few email addresses in domains that I
> used in the past. Mail for those addresses is forwarded to my current
> address. Most of the backscatter mail that I get claims to be sent from
> these addresses. Such mail is obviously forged and is very easy to stop."
> From what I understand he is rejecting backscatter that is sent to some
> of his old addresses (with an identical forged sender,

Note the "from" in "claims to be sent FROM...".

> but this is
> irrelevant) and from there forwarded to his mail server. Very bad. If
> you have configured forwarding somewhere you must be prepared to accept
> anything from there, or else you will be the cause of backscatter as the
> peer server is a genuine server and not a spambot.

you misunderstd ;-p

the idea is:

if I get a bounce caused by a message sent with j...@example.com as
sender, and I know j...@example.com is never used as a sender (because I
own that address and I don't use it as a sender), then I can block the
message.

here's another example. while my Reply-To is set to
mouss+nob...@netoyen.net, I don't use this address in From: or envelope
sender. so if someone bounces a mail supposedly sent from this address,
_I_ know the "original" message was a forgery and I can reject the bounce.


> [snip]

Re: [Dovecot] Dovecot discards mail over quota

[mouss]

Sahil Tandon a écrit :
> On Sun, 18 Jan 2009, Gary V wrote:
> 
>> On 1/17/09, Timo Sirainen wrote:
>>  > On Jan 17, 2009, at 2:36 PM, Gary V wrote:
>>  > > Then a bounce is created stating the mail was rejected:
>>  > >
>>  > > Your message to  was automatically rejected:
>>  > > Quota exceeded (mailbox for user is full).
>>  > >
>>  > > Question: is it possible (without changing code) to alter this to
>>  > > where deliver would instead tempfail or something. Somehow it seems
>>  > > wrong to me to tell the MTA that everything is good, and then silently
>>  > > discard messages - regardless of the fact dovecot creates a bounce.
>>  > > This is not necessarily ideal either, but I _am_ wondering if this is
>>  > > configurable or not.
>>  > >
>>  >
>>  > a) deliver -e
>>  >
>>  > b) quota_full_tempfail=yes
>>  >
>>  > c) a+b
>>  >
>>
>> Just as a matter of interest. On my Postfix system:
>>
>> a) Using deliver -e, Postfix bounces the message immediately 5.7.0 ->
>> Subject: Undelivered Mail Returned to Sender. Partial body:
>> ": permission denied. Command output: Quota exceeded
>> (mailbox for user is full)". Postfix does not retain the message.
>>
>> b) quota_full_tempfail=yes: defers the message with 4.3.0. If the user
>> makes room for the message, then it will eventually be delivered. If
>> they don't, then _eventually_ a bounce will be sent. In this case the
>> bounce is less informative. Partial body: ":
>> temporary failure". In the case where the message is not delivered,
>> using default settings in Postfix, the sender will be notified 5 days
>> after they sent the message.
>>
>> c) For over quota with a+b, it behaves the same way as b, but the
>> bounce notice will be more informative: Partial body:
>> ": temporary failure. Command output: Quota exceeded
>> (mailbox for user is full)".
>>
>> I would say this is expected.
>>
>> Each of the four possibilites has advantages and disadvantages, and
>> personally I think a) might be closest to "doing the right thing", but
>> it would be cool to have the option of deferring the mail (using
>> option a+b) and additionally have deliver immediately send a message
>> to the sender notifying them that their mail has been delayed due to
>> the recipient being over quota. Something like:
> 
> I prefer a) because it does not involve backscatter in the case of spoofed
> sender addresses.
> 

that doesn't help. postfix has already accepted and queued the message.
so there be backscatter...

This brings one issue: a bounce should not be generated if the message
was tagged as spam by a content filter (X-Spam-Flag, X-Bogosity,
X-DSPAM-Result, ...).

Re: [Dovecot] Dovecot handling of over quota messages

[mouss]

Andrzej Adam Filip a écrit :
> Timo Sirainen  wrote:
> 
>> On Jan 17, 2009, at 2:36 PM, Gary V wrote:
>>
>>> Then a bounce is created stating the mail was rejected:
>>>
>>> Your message to  was automatically rejected:
>>> Quota exceeded (mailbox for user is full).
>>>
>>> Question: is it possible (without changing code) to alter this to
>>> where deliver would instead tempfail or something. Somehow it seems
>>> wrong to me to tell the MTA that everything is good, and then silently
>>> discard messages - regardless of the fact dovecot creates a bounce.
>>> This is not necessarily ideal either, but I _am_ wondering if this is
>>> configurable or not.
>> a) deliver -e
>>
>> b) quota_full_tempfail=yes
>>
>> c) a+b
> 
> Are there any plans to allow MTA check recipient over quota status?
> 
> Sendmail support simple "socket map" protocol that can be used for 
> such queries.
> 
> It should allow to reject (not all) messages 
> a) in replies to "RCPT TO:"
>for messages with right message size passed in "MAIL FROM:"
> b) in replies to "the final dot" for single recipient messages.
> 
> P.S.
> Cyrus IMAP supports "socket map" :-)
> 


This is a difficult problem:
- with aliases and virtual aliases, you don't know which quota to check
unless you expand aliases during the smtp transaction.
- since many messages may be received at small intervals, and delivery
is not atomic (mail may be passed to a spam filter, ... etc). dealing
with this is not easy in the general case.

That said, a solution that "mostly works" may be good enough.

Re: [Dovecot] convert non-standard mbox to maildir

[mouss]

Maarten Bezemer a écrit :
> Hi,
> 
> On Sat, 3 Jan 2009, mouss wrote:
> 
>> did you try:
>> mb2md -R -s /path/to/your/pst/INBOX -d /path/to/Maildir
> 
> I did not, but did now, and it didn't work... As expected, it creates
> empty folders with the right name, containing sub folders named
> 'mailbox' with the contents of the original folder in the PST.
> 
> But, then I came across the -r switch, and added a -r mailbox. Then, it
> put the contents into the right folder, but still created empty mailbox
> sub-folders. I can live with that.. writing a script to just remove the
> empty mailbox folders (including the cur,new,tmp below it) took just
> about 2 minutes.
> 
> Now to find the best version of mb2md ;-)
> (There's a few pointers in the wiki page, but I don't like all the
> adaptations by Julian Fitzell, so I think I'll be patching my own
> version after all)
> 

if you can perl, you can write a converter from scratch. you know the
format of your "mailbox" file, so you can do whatever you want...

Re: [Dovecot] convert non-standard mbox to maildir

[mouss]

Maarten Bezemer a écrit :
> Hi,
> 
> Let me start with wishing you all the best for this new year, and I hope
> we'll see a lot of new features and not so much new bugs ;-)
> 
> I'm trying to convert a number of PSTs to maildir. Just plain drag&drop
> in Outlook doesn't work (gives a very cryptic error message in a certain
> folder, but that folder is perfectly all right), and using the import
> option also barfs when it's not even half-way through the PST.
> So, I took aid4mail and it converted the PST to mbox wihtout any problem.
> 
> But now, I have a directory structure, filled with mbox mailboxes.
> Like:
> INBOX
> INBOX/mailbox
> INBOX/subfolder
> INBOX/subfolder/mailbox
> INBOX/subfolder/subsubfolder
> INBOX/subfolder/subsubfolder/mailbox
> INBOX/subfolder2
> INBOX/subfolder2/mailbox
> etc.
> 
> This differs from normal mbox setup, but given the fact that there are
> both folders AND messages below inbox, this is indeed the only useful
> way to do it.
> But now I cannot convert this to maildir using either dovecot or mb2md,
> since it's not the usual mbox setup.
> 
> Any suggestions would be greatly appreciated!
> 

did you try:
mb2md -R -s /path/to/your/pst/INBOX -d /path/to/Maildir

Re: [Dovecot] Password field limitations

[mouss]

Charles Marcus a écrit :
> On 12/23/2008 12:25 PM, Luigi Rosa wrote:
>>> If I'm not mistaken, dovecot doesn't care - this will be a limitation of
>>> your Filesystem and/or password storage tool... in this case, MySQL...
> 
>> I Use MySQL and I don't have such kind of limitations.
>>
>> I would blame Tom's MySQL interface or implementation, but not MySQL itself.
> 
> I certainly didn't intend to mean it was a Mysql limitation in general -
> I'm using it too for my user/password backend, and have all of these
> characters available in passwords:
> 
> `...@#$%^&*()_-+={}|[]:;<>?,.
> 
> More than likely it is a system library or charset issue, or something
> like that...
> 

that would be really surprising. I am most inclined to think that the
password change is done via a (buggy) web interface or a buggy script.
or maybe it is a PEBCAK?

so Tom needs to

- reproduce the problem (to confirm the customer claim or to detect the
PEBCAK)

- describe how exactly the password is changed (what programs are involved)

- describe what OS and software is being used.

Re: [Dovecot] /etc/dovecot.conf says mkcert.sh is in doc/mkcert.sh but instead it is in /usr/libexec/dovecot/mkcert.sh

[mouss]

Michael McNamara a écrit :
> Perhaps this is an issue unique to installing from an RPM, but:
> 
> % dovecot -n
> # 1.1.7: /etc/dovecot.conf
> # OS: Linux 2.6.27.7-134.fc10.i686 i686 Fedora release 10 (Cambridge)
> 
> /etc/dovecot.conf says:
> ...
> ##
> ## SSL settings
> ##
> 
> # IP or host address where to listen in for SSL connections. Defaults
> # to above if not specified.
> #ssl_listen =
> 
> # Disable SSL/TLS support.
> #ssl_disable = no
> 
> # PEM encoded X.509 SSL/TLS certificate and private key. They're opened
> before
> # dropping root privileges, so keep the key file unreadable by anyone but
> # root. *Included doc/mkcert.sh can be used to easily generate self-signed*
> # certificate, just make sure to update the domains in dovecot-openssl.cnf
> #ssl_cert_file = /etc/pki/dovecot/certs/dovecot.pem
> #ssl_key_file = /etc/pki/dovecot/private/dovecot.pem
> 
> However, installing dovecot from an rpm places mkcert.sh in:
> % rpm -qv dovecot
> dovecot-1.1.7-1.fc10.i386
> % rpm -V -v dovecot
> S.5T  c /etc/dovecot.conf
>   c /etc/pam.d/dovecot
> /etc/pki/dovecot
> ...
> /usr/libexec/dovecot/logview
> /usr/libexec/dovecot/maildirlock
> */usr/libexec/dovecot/mkcert.sh   *
> /usr/libexec/dovecot/pop3
> /usr/libexec/dovecot/pop3-login
> 

Different packagers put files in different places. for example, freebsd
ports put this in
/usr/local/share/examples/dovecot/mkcert.sh
but the comments are the same.

debian removes the comments (and I don't see any mkcert.sh).

This is not considered essential, because there are many scripts/tools
around to help generate certificates.

that said, you could ping the package maintainer so that he removes or
updates the comments (but don't say it is critical as this would make
him angry!).

Re: [Dovecot] SIEVE resources ?

[mouss]

Xavier Maillard a écrit :
> Hi,
> 
> Do you any good SIEVE resources for a poor beginnner ? I'd to
> translate some of my current procmail rules into SIEVE. 

http://www.fastmail.fm/docs/sieve/


> I have,
> for example, a "generic" rule that is able to sort almost any
> message from/to a mailing-list into a dedicated folder -i.e one
> rule for almost all my lists.
> 

AFAIK, It is not possible to use a "generic" rule with sieve (there is
no variable expansion), but you can use a script to generate sieve
rules. see example below.



 example
require "fileinto";

if header :contains "List-Id" "" {
 fileinto "List.mail.dovecot";
 stop;
}

if header :contains "List-Id" "" {
 fileinto "List.mail.dovecot-news";
 stop;
}


if header :contains "List-Id" "" {
 fileinto "List.mail.amavis";
 stop;
}

...

# Unfortunately, some lists don't have a List-Id
if header :contains "Sender" "owner-postfix-us...@postfix.org" {
 fileinto "List.mail.postfix-users";
 stop;
}

...

if header :contains "List-Owner"
"" {
 fileinto "List.mail.spam-l";
 stop;
}

...

if header :contains "List-Post" "" {
   fileinto "List.dnsbl.phishtank";
   stop;
}


...

if header :contains "List-Post" "" {
 fileinto "List.secu.secureshell";
 stop;
}


...

Re: [Dovecot] can deliver filter through spamc?

[mouss]

Neal Becker a écrit :
> I'm using maildrop to filter mail like:
> 
> xfilter "/usr/bin/spamc"
> xfilter "/usr/bin/bogofilter -ep"
> 
> I want to change to deliver (so I can use sieve) but can deliver do this?
> 

After mail has been filtered by spamassassin and/or bogofilter, you can
use the
To "|someprogram"
syntax to pass it to dovecot LDA.

don't use xfilter to deliver to dovecot. xfilter expects mail back to
maildrop, not delivered without maildrop knowing...

Re: [Dovecot] Source patches from Apple

[mouss]

Charles Marcus a écrit :
> On 12/13/2008, Dave McGuire (mcgu...@neurotica.com) wrote:
>> and I'm not interested in running a firewall on my mail server. 
> 
> Wow.. I can't imagine NOT running a mail server without a firewall...
> 
> Different strokes for different folks I guess... :)
> 

He said "_ON_ my mail server". he didn't say that he doesn't have a
firewall between the mail server and the jungle notwork ;-p

Re: [Dovecot] Dovecot and Bogofilter

[mouss]

Matthias-Christian Ott wrote:

Hi,
on my small Xen-virtualised server with 48 MiB RAM I use Postfix and
Dovecot, because the Debian administrators dislike qmail [1], which is in
my opinion despite some maintainability and code quality issues a quite
well designed software, because it mostly follows the UNIX principles.

Postfix is not able to sort my E-Mail into different Maildir folders 


postfix can, with the help of other programs. "unix principles", you 
know ;-p


postfix can pass mail to any program you want. A wrapper would do 
something like


- pass the message to a filter.
- save the filtered message to a temp file
- parse the temp file to determine the destination folder
- run dovecot deliver with the -m option to specify the destination folder

of course, you need to catch errors.

maildrop may be a better tool at this job, though.



and
after I looked at procmail's source code, I decided to use Dovecot's LDA,
because it supports sieve via a plugin.

All in all it worked after some tweaking and Dovecot is now responsible
for authentication and delivery.

Furthermore I want to setup a spam filter and due to the memory
constraints I decided in favour of bogofilter (I made no real world tests,
but the authors claim that it's fast and has a small memory footprint).

My first idea was train bogofilter via a cronjob that runs bogofilter
for each E-Mail in my spam folder and deletes them afterwards.  Then I
stumbled upon the dovecot antispam [2] plugin and quickly wrote a backend
for bogofilter. During the development I realised that bogofilter has
to update the X-Bogosity header of the reclassified E-Mails. Johannes
Berg told me that he wasn't sure whether dovecot would be able to do
this and recommended to ask this on the mailing list.



one possibility would be
- deliver the reclassified message
- if ok, delete the original one. this means the plugin needs to know 
the file location.





An other problem is that each mail needs to be initially classified and
due to the fact that sieve is not able to execute external programmes,
deliver has to do this task. I'm currently thinking of possibilities to
implement this, so far I came up with the following:

  1. Write a generic pipe plugin which can execute an arbitrary number of
 programmes. The problem with this is that I'm not sure how to
 integrate this is in Dovecot's configuration file. I thought of
 something like this: pipe = prg1 | prg2
 


keep it simple ... if you need to pipe between multiple programs, just 
use shell wrappers.



  2. Write a bogofilter-specific plugin for this.



I guess we will end up with a foo-specific plugin, for every possible 
foo filter. A generic plugin is better even if that means executing 
shell wrappers.



Anyhow I would like to take this opportunity to criticise Dovecot
for being a bloated (unnecessary abstractions, verbose, pseudo
object-oriented, ...), non-suckless [3] and non-unixish (plugin
architecture, monolithic design, ...) software which in return works
quite well and stable so far.




non-unixish? well
- plugins are simply loadable libraries. if you think they are 
windowish, you are wrong. They fit perfectly into the "simple pieces of 
code to do fewtasks" philosophy. just because dynamic libs weren't 
usable a long time ago doesn't mean unix should stick with old stuff.


- the unix kernel is monolithic. loadable modules support has been added 
 but the kernel is still a large piece of code.


- and before I forget, my favourite provaction: unix is obsolete ;-p




I appreciate any suggestions, ideas or criticism. I would really like
to finish configuring my mail server as soon as possible.

Regards,
Matthias-Christian

[1] http://smarden.org/pape/Debian/1215531259.4854_332.werc
[2] http://johannes.sipsolutions.net/Projects/dovecot-antispam
[3] http://www.suckless.org/common/

Re: [Dovecot] How do I use plus-addressing in Dovecot 1.1.x?

[mouss]

Jon Fullmer wrote:
I'm using Postfix, Amavisd-new/SpamAssassin, and Dovecot. They all run 
on the same server (running Linux). The mailboxes are stored on the same 
server in maildir format.


The logical path for incoming messages (as I understand it) is:

1) received by Postfix; handed off to Amavisd-new
2) Amavisd-new checks to see whether or not it's spam/undesirable; hands 
off to Dovecot deliver

3) Dovecot deliver delivers the message to the local mailbox

Under each of my user's mailbox is a submailbox called "spam". Just so I 
don't confuse terminologies (I'm no IMAP/maildir expert), for example, 
we have [EMAIL PROTECTED] My configured mail_location is 
"maildir:/srv/mail/%d/%n", so this person's mailbox is located here:  
/srv/mail/domain.com/someone/   Within this directory is another 
mailbox:  /srv/mail/domain.com/someone/.spam/


[snip]

Or is there a better way?




you can use something like this (in master.cf):

dovecot unix-   n   n   -   -  pipe
flags=DRhu user=_mailbox
argv=/path/to/dovecot/deliver
-d [EMAIL PROTECTED] -n -m ${extension}

(-n prevents dovecot from creating the folder if it doesn't exist. 
otherwise, strangers can create random folders in your mailbox!).


Alternatively, you can use sieve:

require "fileinto";

if header :contains "X-Spam-Flag" "YES" {
 fileinto "Junk";
 stop;
}

#if header :contains "X-Amavis-Alert" "BANNED" {
#fileinto "Junk";
#stop;
#}

#if header :contains "X-Spam-Status" "BOUNCE_MESSAGE" {
#fileinto "Junk.Bounce";
#stop;
#}




Thanks so much for your help, and thanks for a great product!

 - Jon

Re: [Dovecot] Maildir connection issues

[mouss]

Albert E. Whale a écrit :
> I recently am attempting a mbox to Maildir conversion, initially for a
> single email address, and then for everyone.
> 
> To further this diagnostic here is the dovecot -n:
> 
>  dovecot -n
> # 1.1.4: /etc/dovecot.conf
> base_dir: /var/run/dovecot/
> protocols: imap pop3
> ssl_disable: yes
> disable_plaintext_auth: no
> login_dir: /var/run/dovecot/login
> login_executable(default): /usr/libexec/dovecot/imap-login
> login_executable(imap): /usr/libexec/dovecot/imap-login
> login_executable(pop3): /usr/libexec/dovecot/pop3-login
> login_greeting: SpamZapper Email ready.
> mail_max_userip_connections(default): 10
> mail_max_userip_connections(imap): 10
> mail_max_userip_connections(pop3): 3
> mail_privileged_group: mail
> mail_location: mbox:~/mail:INBOX=/var/spool/mail/%u

so you're still using mbox.


> mmap_disable: yes
> mail_nfs_storage: yes
> mail_nfs_index: yes
> lock_method: dotlock
> mail_executable(default): /usr/libexec/dovecot/imap
> mail_executable(imap): /usr/libexec/dovecot/imap
> mail_executable(pop3): /usr/libexec/dovecot/pop3
> mail_plugin_dir(default): /usr/lib/dovecot/imap
> mail_plugin_dir(imap): /usr/lib/dovecot/imap
> mail_plugin_dir(pop3): /usr/lib/dovecot/pop3
> pop3_uidl_format(default): %08Xu%08Xv
> pop3_uidl_format(imap): %08Xu%08Xv
> pop3_uidl_format(pop3): %08Xv%08Xu
> auth default:
>   username_format: %Lu
>   passdb:
> driver: passwd-file
> args: /home/dovecot.passwd
>   passdb:
> driver: pam
>   userdb:
> driver: passwd
> ns6.ABS-CompTech.com root
> [/root] ll /home/dovecot.passwd
> -rw-r--r--  1 418 418 95 Oct 22 22:18 /home/dovecot.passwd
> 
> The problem I am having is that the user health cannot get new email
> messages.
> 
> Suggestions?
> 

Re: [Dovecot] dovecot deliver mail bounce problem

[mouss]

Dhaval Thakar a écrit :
> Hi list,
> 
> I am using dovecot deliver for the local mail delivery with qmail.
> this is working fine.
> 
> but when mail is sent to invalid user, it gets bounced back with error
> "I'm not going to try again; this message has been in the queue too
> long." rather "no mailbox here by that name"
> 


if there is "no mailbox here by that name", then you should reject at
smtp time (in your MTA: postfix, sendmail, whatever).

do not bounce after accepting mail. Search for "backscatter" to learn more.


> I could find proper solution,
> kindly guide to resolve it.
> 
> /var/log/maillog
> Oct 24 23:03:27 backup dovecot: auth(default): master in: USER  1  
> [EMAIL PROTECTED]   service=deliver
> Oct 24 23:03:27 backup dovecot: auth(default): vpopmail([EMAIL PROTECTED]):
> lookup user=d domain=arch.xyz.com
> Oct 24 23:03:27 backup dovecot: auth(default): vpopmail([EMAIL PROTECTED]):
> unknown user
> Oct 24 23:03:27 backup dovecot: auth(default): prefetch([EMAIL PROTECTED]):
> passdb didn't return userdb entries, trying the next userdb
> Oct 24 23:03:27 backup dovecot: auth(default): master out: NOTFOUND 1
> 
> no logs in /var/log/dovecot-deliver.log
> 
> following is the configuration
> .qmail-default
> |/var/qmail/bin/preline -f /usr/local/libexec/dovecot/deliver -n -e -d
> [EMAIL PROTECTED]
> 
> 
> 
> dovecot -n
> # 1.1.5: /etc/dovecot/dovecot.conf
> protocols: imap
> ssl_disable: yes
> disable_plaintext_auth: no
> login_dir: /usr/local/var/run/dovecot/login
> login_executable: /usr/local/libexec/dovecot/imap-login
> login_greeting: mail ready.
> mail_plugins: quota imap_quota trash
> imap_client_workarounds: delay-newmail outlook-idle
> namespace:
>  type: private
>  prefix: INBOX.
>  inbox: yes
>  list: yes
>  subscriptions: yes
> auth default:
>  mechanisms: plain login
>  verbose: yes
>  debug: yes
>  debug_passwords: yes
>  passdb:
>driver: checkpassword
>args: /home/vpopmail/bin/vchkpw
>  userdb:
>driver: vpopmail
>  userdb:
>driver: prefetch
>  socket:
>type: listen
>master:
>  path: /var/run/dovecot/auth-master
>  mode: 384
>  user: vpopmail
>  group: vchkpw
> plugin:
>  quota: maildir
>  quota_rule: Trash:ignore
> 

Re: [Dovecot] Sendmail and deliver LDA exits with EX_TEMPFAIL on overquota

[mouss]

Sotiris Tsimbonis a écrit :
> I confirm, that the above config does produce bounces (possibly forged
> i.e. backscatter) and it's bad ..
> 
> But how do we move the rejection at smtp level using sendmail+dovecot lda?
> 

for that you need to detect over quota during the smtp transaction, but
in general, MTAs queue mail first, and deliver later.

There is no "perfect" way to deal with this issue. even if you use a
milter (or policy server or proxy_filter...), you will find it hard to
take into account mail that is still in the MTA queue (for that, you
would need to detect which mail was delivered since you started
counting, ... etc). really not something you should go for.

You can however mitigate the problem.

- you can populate an access list to reject mail to users who are over
quota. you need some way to remove them from the list once they purge
their mailbox (web ui, cron, dovecot plugin, ...).

- filter spam (as much as you can) and don't bounce if the message is
spam. The issue here is what to do with the message (because of FPs, you
can't simply discard it). on the other hand, you can reject junk
transactions at smtp time (well, at least some volume of junk)


My preference for quota handling is this:

- user has two quotas. say 100 Mo and 150 Mo.
- if he reaches 100 Mo, he is warned. he should purge his mailbox.
- if he reaches 150 Mo, his address is blocked. He will need to purge
his mailbox and ask to be delisted (maybe via a web UI).
- when mail is received, users who are between 100 and 150 are checked
in real time. if this shows them reaching 150, they are added to the
"block list". otherwise, mail is delivered as usual.

with this, no real time quota checks are done for users under the "low"
threshold. if most of your users fall in this category, this means that
real time checks are relatively rare.

Re: [Dovecot] Sendmail and deliver LDA exits with EX_TEMPFAIL on overquota

[mouss]

Charles Marcus a écrit :
> On 10/18/2008 3:04 PM, Sotiris Tsimbonis wrote:
>> deliver(stsimb.t157.forthnet.gr): Oct 18 21:56:30 Info:
>> msgid=<[EMAIL PROTECTED]>: save failed
>> to INBOX: Quota exceeded (mailbox for user is full)
>> deliver(stsimb.t157.forthnet.gr): Oct 18 21:56:30 Info:
>> msgid=<[EMAIL PROTECTED]>: rejected:
>> Quota exceeded (mailbox for user is full)
>> deliver(stsimb.t157.forthnet.gr): Oct 18 21:56:30 Info: Sending a
>> rejection to stsimb.t157.forthnet.gr: Quota exceeded (mailbox for user
>> is full)
> 
> I'm by no means sure, but this looks like you are BOUNCING a message due
> to over quota AFTER having already ACCEPTED it... can you confirm/deny this?
> 

yes he does. I hope he has a good spam filter! sending bounces to forged
senders isn't a good practice...

Re: [Dovecot] Feature wish: "Virtual" POP3 folder with IMAP

[mouss]

James Barrante wrote:

Guten Morgen Heiko,

I think you misunderstood.  I'm not after a way of simulating IMAP via POP3,
which would certainly violate RFCs.  I'm looking for a way to make *all*
messages accessible to a POP3 client, regardless a message is inside the
INBOX folder or not.  To illustrate:

 IMAP/Webmail view:  #  Current POP3   #  Intended
 #   implementation#"POP3 view":
   - INBOX folder# #   
   + message a   #   + message a   #  + message a

   + message b   #   + message b   #  + message b
   - Spam folder # #  + message c
   + message c   # #  + message d
   - Work folder # # 
   + message d   # # 
   - SENT folder # # 
   + message e   # # 


Message "e" isn't part of the "POP3 view" as the SENT and the TRASH folders
are special.  So it would boil down to a virtual folder view a POP3 client
gets.  Is that possible?




just an idea, not sure it would work correctly: create a second account 
which mailboxes are folders of the "normal" account.


an alternative (not what you want, but may be related), if the user has 
few folders, create one POP3 account per folder. This would allow a user 
to see two specific folders if he connects with a "small device".

Re: [Dovecot] client certs with godaddy ssl cert

[mouss]

Harondel J. Sibble wrote:


On 27 Sep 2008 at 13:22, mouss wrote:

if you have a commercial cert, you don't need a self signed cert. self 
signed certs are for people who don't want to get a cert signed by a 3d 
party (commercial or other). For email, you generally don't need a 
commercial certificate because your users know you and you know them, 
and because users don't connect to thousand imap servers.


Huh? I am looking to implement client side certificates which have to be 
installed on the end user device before they are able to connect to my 
mailserver.




sorry, I missed the "client" part.

but if you sign the client certificate, the commercial CA becomes 
irrelevant.


I already have a commercial cert on the mailserver so that's a moot point.  
Secondly a client cert allows me to verify that the device connecting is 
allowed, this is secondary to any login info the user may have, ie 2 factor 
authentication, something you know (uid/password) and something you have 
(certificate).



Will you consider any certificate signed by the commercial CA as valid? 
if so, then you don't need to sign the certificates if you use only one CA.



what would be nice would be the support of a db of fingerprints (as in 
postfix) so that one can accept certificates independently of the CA, 
and only accept "authorized" ones.

Re: [Dovecot] client certs with godaddy ssl cert

[mouss]

Harondel J. Sibble wrote:
I've read the client ssl cert section in the wiki and it talks about using a 
self signed cert, if I am using a commercial cert, in this case godaddy, how 
do I implement a self signed cert for the client side and have dovecot make 
use of this?  I know the mechanics of setting up the self signed ca, the 
question is more what configuration changes do I need to make in dovecot to 
handle both godaddy and the self signed ca functionality?




if you have a commercial cert, you don't need a self signed cert. self 
signed certs are for people who don't want to get a cert signed by a 3d 
party (commercial or other). For email, you generally don't need a 
commercial certificate because your users know you and you know them, 
and because users don't connect to thousand imap servers.

Re: [Dovecot] Using deliver with postfix

[mouss]

Rich Winkel wrote:

Thanks for your help mouss!

On Fri, Sep 19, 2008 at 10:22:40AM +0200, mouss wrote:

Rich Winkel wrote:

Hi, I'm trying to set up dovecot 1.1.2 and postfix 2.5.4 on freebsd 7.0.
I'm getting permissions problems on auth-master and I'm not sure of the
correct settings to use.

In postfix's main.cf I have
mailbox_command=/usr/local/libexec/dovecot/deliver -d $USER

In dovecot.conf I have:
socket listen {
  master {
path = /var/run/dovecot/auth-master
mode = 0660
user = dovecot
group = postfix
  }

leave the master as it was and add a client for postfix:
client {
  path = /var/spool/postfix/private/dovecot
  mode = 0660
  user = postfix
  group = postfix
}


I'm confused.  So deliver doesn't need access to the master socket?
Because it uses the master (not the client) in the default setup ...


oops. ignore my garbage. for some reason, I thought your problem with 
dovecot auth. Now that I reread your post, I don't see where I got that!


in your case, see the "Multiple UIDs" section in
http://wiki.dovecot.org/LDA
(you need setuid...).




Also how does this differ in terms of permissions from my current
setup?  In both cases you would have group postfix rw perms on the
socket.  And looking at the docs, I'm doubly confused!  It says mailbox_command
runs with the userid of the recipient.  So how is it supposed to access
this socket in any case?  I take it I don't want to give 666 perms to
the socket ...

Sorry for my ignorance ...

Rich

Re: [Dovecot] Using deliver with postfix

[mouss]

Rich Winkel wrote:

Hi, I'm trying to set up dovecot 1.1.2 and postfix 2.5.4 on freebsd 7.0.
I'm getting permissions problems on auth-master and I'm not sure of the
correct settings to use.

In postfix's main.cf I have
mailbox_command=/usr/local/libexec/dovecot/deliver -d $USER

In dovecot.conf I have:
socket listen {
   master {
 path = /var/run/dovecot/auth-master
 mode = 0660
 user = dovecot
 group = postfix
   }
...


leave the master as it was and add a client for postfix:


client {
  path = /var/spool/postfix/private/dovecot
  mode = 0660
  user = postfix
  group = postfix
}

then configure your postfix to use private/dovecot




# ls -l /var/run/dovecot/auth-master
srw-rw  1 dovecot  postfix  0 Sep 18 18:26 /var/run/dovecot/auth-master=

In maillog I'm getting:
deliver(sumbuddy): Can't connect to auth server at 
/var/run/dovecot//auth-master: Permission denied
(I'm not sure where it's getting the "//" in the path either ...)


Also I'm confused about whether I need the postfix options:
maildrop_destination_recipient_limit=1
dovecot_destination_concurrency_limit=1


Assuling "dovecot" is the name of the corresponsing transport in 
master.cf, use

dovecot_destination_recipient_limit = 1



or even whether these are current options in my version of postfix (they don't
appear in main.cf.default)


they won't even appear in postconf output. Unlike most postfix 
parameters, these have a "free" prefix. if you have a transport named 
FOOBAR in master.cf, you can use FOOBAR_destination_recipient_limit in 
main.cf.




Does deliver require such limits on concurrency or # of recipients?



when delivering mail to a mailbox with a command, you need to pass one 
recipient at a time. This is because if delivery fails for one recipient 
and succeeds for another, the command has no way to tell postfix about 
this (you need LMTP for such a functionality). so the choice is between: 
saying "OK" and losing mail for one recipient, or saying "not ok" and 
delivering multiple copies to the other.

Re: [Dovecot] Output of dovecot -a not sorted

[mouss]

Charles Marcus wrote:

Hey Timo,

I think I've asked you about this before, and I'm sure its not a big
priority, but this is really a pain when trying to check default settings...

The output of dovecot -a  is huge, and the fact that it is not sorted
alphabetically (nor is dovecot -n, but thats not as big of a problem,
although I'd like to see that sorted as well for consistency) makes it
really difficult to find certain settings you are looking for.

Any chance of fixing this so it sorts the output alphabetically?



I guess they are sorted logically.

you can use the perl script below:

# dovecot -n | /path/to/dovesort.pl
auth default:
  mechanisms: ...
  ...

verbose_proctitle: yes


#!/usr/bin/perl

use strict;

my %out = ();
my $curline = "";

while (<>) {
chomp;
if (/^\S/) {
$curline = $_;
} elsif ($curline !~ /\S/) {
print "$_\n";
next;
}
$out{$curline} .= "$_\n";
}
close(DOVE);

foreach (sort keys %out) {
print $out{$_};
}

Re: [Dovecot] antispam plugin problem with dspam

[mouss]

Harlan Stenn wrote:

Would it be better if the antispam plugin logged whatever stderr output
came from the dspam invocation?


I'd say yes. I don't seen any kind of error that should be shown to a 
"normal" user.

Re: [Dovecot] antispam plugin problem with dspam

[mouss]

Harlan Stenn wrote:

I'm trying to use the dovecot antispam plugin with dspam.

I'm running dovecot 1.1.2.

Using thunderbird and IMAP, when I drag a spam message from the inbox
into the SPAM folder, I get a popup saying "The current command did not
succeed.  The mail server responded: antispam signature not found.

When I look at the message in the maildir folder, I see the dspam
signature both in the header of the message and at the end of the body.

What's a good way to debug this situation and figure things out?  I'm
not seeing anything in any log files, and I'm not seeing much in the way
of debug capability in the dovecot antispam plugin.




save the message to a file and pass it to dspam on the console.

Re: [Dovecot] mailbox lock

[mouss]

Thiago Monaco Papageorgiou wrote:

Hello!

I need to use my lock method into the dovecot to block a mailbox. I am 
using maildir format, is there an API that I can implement? I need it 
because there are others systems which already use my lock method.


why would you lock in a maildir? maildir was designed to avoid locks. do 
you have an external app that "plays" with mail files? in a maildir, it 
may be as easy as:


# mkdir mydir
# mv cur/$filename mydir/
# do what you want in mydir/

Re: [Dovecot] How Can I Tell How Dovecot Was Installed?

[mouss]

Scott Silva wrote:

on 8-20-2008 2:47 PM Kenneth Porter spake the following:


All of these prelink errors suggest that your binaries were 
overwritten from a tarball installation. The easy fix is to erase 
("rpm -e") the package and re-install it, likely upgrading to a newer 
package at the same time.
But a rpm install will not overwrite the tarball install since tarball 
installs usually go to /usr/local or under /opt while rpm installs will 
go into /usr directly.


sure, but
- if you intend to always build from sources, you don't really care 
about packages. it's only once you get a problem that you start becoming 
more careful.
- however you do it, init scripts generally go under /etc (at least 
under Linux).


I don't know if the tarball has a make uninstall 


This almost never exists. it is not easy to implement (because you don't 
want to remove files installed otherwise) without implementing a package 
manager. an install.log would be nice though...


command, but the previous admin "should" have left the unpacked source 
around from the install somewhere in either /root or in his home 
directory. That can give more clues.




well, he could "should", but "he" generally would never :-)

OP can try to find the distribution that was installed from source and 
use it to determine which files it installs, or he could ignore it and 
only remove the files that create problems with a new version. if he is 
motivated enough, reinstalling the whole system may be worth the pain.





 d /usr/share/doc/dovecot-1.0/REDHAT-FAQ.txt


"d" files are documentation, and if you're tight on disk space, you 
can suppress installation of documentation when the package is installed.


or buy more disk ;-p

Re: [Dovecot] Sent Date/time vs Received Date/time

[mouss]

Charles Marcus wrote:

Hey mouss,





Still waiting on your comments on the new vacation.pl for postfixadmin -
had a chance to take a look yet?



not yet. sorry.



On 8/20/2008, mouss ([EMAIL PROTECTED]) wrote:

So, where does this 'Order Received' column in TBird get its info from?
I'm guessing it is a TBird thing, like an internal index number?



the order of putting the message in the folder. this has nothing to
do with dates contained in the message. if you manually move an old
message to another folder, you'll see it last in the new folder.


If you sort them by 'Order Received'. If you sort them by the standard
'Date' column (I'm talking TBird-speak here), then they are sorted by
the Date/time that the Senders CLIENT thought it was when they sent
their message. I am on more than a few lists where people have their
clocks screwed up - most often its a DST issue, but sometimes its a
time-zone issue - and more rare, their clock is off by weeks or more -
and these messages get sorted OUT of order.



same problem with spam sent with ratware. I rarely use "sort by date". 
on list folders, I generally use a threading view.


Anyway, I don't find this to be a critical problem, so I don't really care.


When I enable the 'Order Received' column, that will fix those issues,
but then - as you pointed out - messages that have been moved from one
folder to another are now out of order.



yes. I didn't check other MUAs.


Again... this is why I mentioned using the actual date/time that MY
MAILSERVER received the message (of course this requires that its clock
be correct, but it always is, so not an issue for me).


Parsing Received headers is not a science. so this would create
unnecessary (IMHO) problems for MUA developpers. the "delivery" time
is sufficient (if all mail goes to the same fielsystem).


For the reasons I outlined above, I disagree...

I think having an MUA with the ability to parse the actual Received
date/time would be very handy...



you are saying so because you use postfix which Received headers are 
easy to parse. Now take a look at the spamassassin code that parses 
received headers and you'll see what nightmare it is. not something a 
developper would "expose" to users (we're talking about TB, which is 
intended for the "general public").




[snip]

It sounds like this INTERNALDATE changes... I'd like something that is
from the message headers - ie, that doesn't change - so that sorting
will *always* be what I want/expect, even if I move messages from one
IMAP server to another...



If I'm not wrong, TB (and maybe other MUAs) implements "move" by 
creating a new  copy (so a new and unrelated file is created) and then 
deleting the old one. This explains why one sometimes gets out of quota 
(or disk space) when trying to "delete" mail ("move" to Trash). anyway, 
this causes a new filename, which breaks the order (even if you do ls in 
your cur/ subdir).

Re: [Dovecot] Sent Date/time vs Received Date/time

[mouss]

Charles Marcus wrote:

On 8/20/2008, Nicolas KOWALSKI ([EMAIL PROTECTED]) wrote:

The alpine documentation states about 'Arrival' sorting:

" The Arrival sort option arranges messages in the MESSAGE INDEX in 
the order that they exist in the folder. This is usually the same as

the order in which they arrived. This option is comparable to not
sorting the messages at all. "

It is the same (non-)ordering available in Mozilla mail clients, with
the 'Order Received' option.


Ok, this is something that I have thought about from time to time.

I know that every message has a 'received' header, which is basically
the date/time stamp of the SENDERS CLIENT - so if their system's time is
off, that date/time header will be off.

So, where does this 'Order Received' column in TBird get its info from?
I'm guessing it is a TBird thing, like an internal index number?


the order of putting the message in the folder. this has nothing to do 
with dates contained in the message. if you manually move an old message 
to another folder, you'll see it last in the new folder.




In my mind, there should be two primary date/time columns:

Sent Date/Time = Date/time of the Client system when message was sent
(this is already there as the plain 'Date' column)

and

Received Date/Time = Date/time the receiving SERVER DELIVERED it



Parsing Received headers is not a science. so this would create 
unnecessary (IMHO) problems for MUA developpers. the "delivery" time is 
sufficient (if all mail goes to the same fielsystem).



I can see the benefit for the third 'Client' side Date/time stamp, which
is the current 'Order Received' in TBird.

I'd like to see support added for grabbing the last date/time from the
LDA that delivers the message, but that obviously request is for the
TBird devs (or most likely an extension request), but...

The main question is - is there a proper IMAP/RFC for providing/getting
this date/time?

Re: [Dovecot] How Can I Tell How Dovecot Was Installed?

[mouss]

Blake Carver wrote:

Thanks Rod,

So I guess my big question here is, how do I upgrade this sucker?
I'd love to just use an RPM, but if this was originally installed via
source will I mess it up?
When I do rpm -qa | grep dovecot I get dovecot-1.0-1.2.rc15.el5
BUT
dovecot --version shows me a different #

On Tue, Aug 19, 2008 at 5:15 PM, Roderick A. Anderson <[EMAIL PROTECTED]> wrote:

Unless, like he said above it may have been installed via a tarball.
 dovecot --version
You should and see if there is more than one installed and


So --version shows just one version, 1.0.3 (pretty damn old)


So try a 'which dovecot' to see if you have more than one installed. And if
there is more than one look in /etc/init.d (for SysV-type systems - YMMV)
for a dovecot file and see which one it is calling.


 'which dovecot' just gives me /usr/local/sbin/dovecot

Taking a look at /etc/init.d/dovecot shows me it's staring Dovecot
using /usr/local/sbin/dovecot
and
ps auxw | grep dovecot does show that's the one that's running
/usr/local/sbin/dovecot


so you're somewhat lucky: the software was installed (probably from 
source) in a well known place (/usr/local). you can remove this by 
looking at all dovecot and postfix files under /usr/local/. you can do 
the same for other software. yum and rpm don't install software in 
/usr/local/. you'll have to remove startup scripts as well.


once you've removed all the "old" stuff, you can install new packages 
(if you have a development env somewhere, you can build recent SRPMs 
instead of using the old available ones).

Re: [Dovecot] How Can I Tell How Dovecot Was Installed?

[mouss]

Blake Carver wrote:

I'm trying to help someone with Dovecot, and it looks like this one is
a few versions behind.

They say that they're not sure if it was installed Via an RPM or a
source tarball. Dovecot is use MySQL.

This is a RHEL5 server. There are RPMs listed as installed (rpm -qa)
but I don't know how I can tell what was used to install the currently
used set up. (also asking on the Postifix list)

Is there something in a conf file or something that shows me how it
was installed?



same method as for postfix :)

more generally,
# rpm -qa
lists all the installed packages

see the rpm man page for more options/functionalities (you can check 
which package "owns" a file, and you can get the list of files installed 
by a pckage, ... etc).

Re: [Dovecot] SpamAssassin and Maildir with Dovecot

[mouss]

Timo Sirainen wrote:

On Fri, 2008-08-15 at 09:57 -0700, Kenneth Porter wrote:
A patch has been proposed for SpamAssassin to process Maildir folders of 
spam:




Is this patch compatible with Dovecot's implementation of Maildir? For 
example, is anything needed to avoid stepping on Dovecot's metadata?


Does it modify any messages? 


no, it's a read-only operation. it does not re-evaluate the message nor 
mark it as trained (it stores the message-id in the bayes db for this).




If not, there shouldn't be any problems.

Re: [Dovecot] POP3 dictionary attacks

[mouss]

Bruce Bodger wrote:


On Aug 15, 2008, at 5:39 PM, Charles Marcus wrote:


You're kidding, right?

Dictionary attacks are a fact of life these days.

Just install some kind of blocking on your firewall (fail2ban is a good
one), and let it take care of the worst of it...




just make sure to get the expressions right.

fail2ban will not work for this as the incoming ip addresses are 
spoofed.  fail2ban would end up blocking legitimate servers.


It doesn't matter. if a tcp attack involves a (remote) IP, you can block 
that IP (for some period of time). there's nothing else you can do 
unless you're ready to let it test all possible login:password pairs 
until it succeeds.


in particular, if this is an asymetric routing attack, then the attacker 
has some control of the remote IP or of its network. in which case, the 
IP is "dirty".


as for tcp hijacking, this is not so simple, and if it becomes easy, 
then we have a more serious problem than pop or smtp security...

Re: [Dovecot] SpamAssassin and Maildir with Dovecot

[mouss]

Kenneth Porter wrote:
A patch has been proposed for SpamAssassin to process Maildir folders of 
spam:




Is this patch compatible with Dovecot's implementation of Maildir? For 
example, is anything needed to avoid stepping on Dovecot's metadata?


I always used sa-learn with maildir (without the patch) with no 
problems. the only thing the patch adds is to visit the new/ and cur/ 
subdirs. thus no problems.

Re: [Dovecot] Error - Dovecot Permission denied

[mouss]

kbajwa wrote:

Mouss:

Here is the information you asked for:

[EMAIL PROTECTED] ~]# ls -1 / | grep /etc 


no, it's a '-l' (letter l => L), not '-1' (number 1). I hate these fonts!

[EMAIL PROTECTED] ~]# ls -l /etc/dovecot.conf 
-rw-r- 1 dovecot mail 46723 Jul 26 20:09 /etc/dovecot.conf 


so the delivery agent can't read the file since it is executed as the 
user who gets mail. thus "permission denied".

Re: [Dovecot] Error - Dovecot Permission denied

[mouss]

kbajwa wrote:

Hello:

Since I posted this original messages, I have installed, re-installed
Postfix-2.3.3, Dovecot-1.1.1 & Dovecot-Sieve-1.1.5 over and over & still got
the "Permission Denied" error (see "/var/log/maillog" logs below).

Here what I found! If I add the following in "/etc/postfix/main.cf";

Mailbox_command = /usr/libexec/dovecot/deliver

Then the "Permission Denied" error appears and all mail is bounced back with
error message.

If I remove this line, all emails are delivered fine. No error.

This problem started when I switched dovecot from Ver# 1.0.7 to 1.1.1

So my question is: 


(1) has something changed in Dovecot V# 1.1.1 to cause this error?
(2) what if I leave this line out? Would it cause problem with either
Dovecot or Dovecot-Sieve?


if you remove it, mail will be directly delivered by postfix. so no 
dovecot-sieve for example.




(3) Any other solution.

FYI, I have already included Postfix, Dovecot & Dovecot-Sieve configuration
in my previous post.


FYI, I have asked for the output of two commands:


# ls -l / | grep /etc
# ls -l /etc/dovecot.conf

in my previous post :)



HELP. I have spent 20 days on this problem.


if you ignore our posts, you may as well spend another 20 days ;-p

Re: [Dovecot] Error - Dovecot Permission denied

[mouss]

kbajwa wrote:

CentOS 5.2
Postfix 2.3.3 (Came Packed with CentOS)
Dovecot 1.1.1
Dovecot-Sieve 1.1.5

Did a complete new fresh install. When I send a message to:
[EMAIL PROTECTED], I get two error messages as listed in the
/var/log/maillog:

(1) (lost connection with mail.tibonline.net[12.179.81.11] while receiving
the initial server greeting)


your postfix cannot connect to mail.tiboline.net. check if anything is 
breaking the connection (firewall, pix, ..., etc).





(2) status=bounced (local configuration error. Command output: Fatal:
open(/etc/dovecot.conf) failed: Permission denied )




# ls -l / | grep /etc
# ls -l /etc/dovecot.conf

and if you have selinux, apparmor or such beasts, make sure they are not 
 preventing deliver from accessing /etc and/or to /etc/dovecot.conf.

Re: [Dovecot] Delivery notifications

[mouss]

Brandon Keepers wrote:
I'm working on an application that is backed by Postfix 2.3.8 and 
Dovecot 1.0.13, configured with virtual domains, for handling messaging.


I need to be able to send the notification (such as "You've received a 
new message on SomeAwesomeService. Click here to check it out", It's 
evil, I know) to a different email address, such as a mobile device. 
Eventually, we want to do other things like clear web page caches when a 
message is received, or sending IM notifications, but that's for another 
day.


as you say, it's evil... you can try to reduce the "evilness" by not 
doing the notification in real time. I mean take few minutes so that you 
send one notification if you get multiple messages during a short period 
of time.




So basically, we want to notify our application whenever a new mail is 
received, and it can do all the magical things that it needs to do.


I was hoping to get some feedback on the different approaches I'm 
looking at. From what I can tell, there's not a way to deliver to 
multiple virtual transports in postfix, so here's the options I see:


you can use virtual_alias_maps or one of the bcc options to deliver a 
copy of the message to a mailbox that does what you want.





* Content filter
I could set up a "content filter" that just delivers the mail to the 
application, and then re-injects it back into postfix. This seems like 
more work than the other options just because I have to worry about 
re-injecting the message


* Intercept delivery
Replace the dovecot deliver command with a custom one that calls the 
dovecot deliver and then passes the message on to the application.  I've 
written a little proof of concept for this and it seems to work, but 
just seem shady.


This is better. just make sure to pass arguments "securely". once you do 
your notification, simply run dovecot with the same command line args as 
you would use in master.cf.




* Sieve
Dovecot supports Sieve, so I could just have a global sieve script that 
sends the notifications.  This is definitely the solution I'm leaning 
towards.



I don't know if you can exec from dovecot-sieve.



Are there any better options?  Do you think this will have a significant
impact on performance?   Am I crazy?


depends on how much they pay :)

Re: [Dovecot] Postfix+maildrop+deliver?

[mouss]

Tom Fernandes wrote:

Hello,

I currently use procmail without the deliver LDA but would like to switch to 
using deliver. I also would like to get away from procmail for various 
reasons. Otherwise I could use the procmail-patch from 


http://dovecot.org/pipermail/dovecot/2006-July/014656.html

AFAICS.

I don't want to use sieve because it's too limited 


one thing I'm lacking is variable expansion, something like:

if header matches foostring-(.*), then deliver in folder bar.$1.


and can't see a similar 
patch like the one for procmail available for maildrop.


why would you need such a patch for maildrop?



What setup would I use for Postfix+maildrop+deliver? 


you can build maildrop without authlib if you don't want authdaemon.

if you mailstore is "static/simple", you can then deliver directly with 
maildrop.


Otherwise, use the -m flag to specify the target folder.

Re: [Dovecot] Problem of using dovecot as sasl implement for postfix

[mouss]

sosogh wrote:
> mouss  HI：
>
> Thank you for your hint
>
> I checked the dovecot log,found the following errors 
>
> dovecot: Apr 23 02:27:45 Info: Dovecot v1.0.rc15 starting up
> dovecot: Apr 23 02:27:46 Error: Auth process died too early - shutting down
> dovecot: Apr 23 02:27:46 Error: auth(default): You'll need to add at least 
> one userdb
> dovecot: Apr 23 02:27:46 Error: child 3146 (auth) returned error 89
>
> and then I added 
> userdb sql {
> args = /etc/dovecot/dovecot-sql.conf
> }
> into block of auth default{}
>
> And now dovecot has started
>
>
> 
>
>  THANK YOU！

so is everything running fine?

Re: [Dovecot] Problem of using dovecot as sasl implement for postfix

[mouss]

sosogh wrote:
> Hi list
>
> I install postfix dovecot on my debian etch box
> I install them via apt-get
>
> I want to use dovecot to be postfix sasl implement,but i got the following 
> error message
> in the mail log:
>
> Apr 27 21:28:39 sosogh postfix/smtpd[19776]: warning: SASL: Connect to 
> private/auth failed: No such file or directory
> Apr 27 21:28:39 sosogh postfix/smtpd[19776]: fatal: no SASL authentication 
> mechanisms
> Apr 27 21:28:40 sosogh postfix/master[19765]: warning: process 
> /usr/lib/postfix/smtpd pid 19776 exit status 1
>
>
> my configuration:
>
> [snip]
> Mail:/etc/dovecot# more dovecot.conf
> protocols = imap imaps pop3 pop3s
> auth_debug = yes
> auth_verbose = yes
> log_path = /var/log/dovecot.log
> disable_plaintext_auth = no
> auth default {
> mechanisms = plain login
> user = postfix
> passdb sql {
> args = /etc/dovecot/dovecot-sql.conf
> }
> user = root
> socket listen {
> client {
> path = /var/spool/postfix/private/auth
> mode = 0660
> user = postfix
> group = postfix
> }
> }
>
> }
>
> I wonder why private/auth does not exsit
> 

did you start dovecot?

Re: [Dovecot] Disallow folder delete

[mouss]

Kenneth Porter wrote:
On Monday, May 19, 2008 9:43 PM -0400 Charles Marcus 
<[EMAIL PROTECTED]> wrote:



Thats pretty drastic - I'd have a rebellion on my hands if I tried that
here.


The userbase is small, and I'd even be willing to set this up for one 
user were that to happen. Most users aren't that sophisticated and 
aren't creating folders in the first place. (Their inboxes tend to be 
horribly huge because of it.)


a probably better approach is to backup the mailstore and let users do 
what they want in their mailer.



I'm using 1.2.rc15 from CentOS 5 (RHEL5 equivalent).


Actually, that would be 1.0rc15 - and it is way old, time to upgrade...
atrpms.net has current versions...


How hard is the upgrade? Just install the new RPM, or is there any 
configuration to update? (I'm currently using a pretty stock 
installation that uses mbox in /var/spool/mail (for inbox) and 
/home/user/mail.


I did see 1.0.13 in Rawhide, so I figure I'd just grab the SRPM and 
build/package against the RHEL libraries.

Re: [Dovecot] Looking for suggestions: How to strip attachments from mails

[mouss]

Patrick Nagel wrote:

Hi,

I know this is not 100% on-topic, but I'll try anyway...

I'm looking for a way to strip attachments from incoming mails on the server. 
The attachments should be stored on a file server (where users have access 
via SAMBA) and only a link to the file (UNC path) should remain in the mail 
body. This is to prevent the mail storage from filling up with a large amount 
of big mails where at the same time the 'payload' (attached file) is not 
conveniently accessible by the users.


The current setup is postfix / dovecot deliver / dovecot (with sieve plugin). 
I'm considering piping the mails through something like mimeStrip.pl 
(http://freshmeat.net/projects/mimestrip.pl/), but therefore I'd probably 
need to bring procmail/maildrop into the game, right?


Or are there other (better) ways to accomplish this?
  


if you're ready to script a little, you can use
   http://www.pldaniels.com/ripmime/
to "extract" the attachments...

Re: [Dovecot] Dovecot/postfix to do 'copy to sent' ?

[mouss]

Ed W wrote:

mouss wrote:


there are two cases:
- you enforce authentication and sender-login match. in this case, 
you detect forgeries


Lots of people like to allow authenticated users to send messages out 
with their own choice of FROM address (you paid for an smtp service - 
my opinion is that you should be allowed to use it for all your 
messages...).  Possibly I misunderstand sender-login maps on postfix 
though and this is actually allowed (does it work by stopping you 
pretending to be another local user, but NOT limiting you from being a 
random other user, eg [EMAIL PROTECTED] ?)


you can use a map of allowed (login, sender) pairs. so a single login 
can have many authorized addresses.


if you allow any address, then that user can forge the address of 
someone else (including in yahoo, hotmail, ...). in this case, smtp is 
not the right way to implement the "copy to Sent" feature under discussion.


- you don't. in this case, you can't detect forgeries. and a header 
won't help. the whole approach breaks.


His point was that the header could be added at the client end - not 
all that scalable, but a good idea.


headers may be forged, so it's not secure either. but even if this is 
not a concern, you are asking users to add a header in their MUA! That's 
beyond the capacities of most users.


What seems to be missing from postfix (my understanding), but would be 
very useful, is a map which is based on authenticated sender name (we 
have maps based on FROM, but not authenticated user...) - this would 
allow stuff like more flexible restrictions on what a user can do 
based on the user themselves rather than the FROM address they are 
using... Possibly my misunderstanding though?




if you want access per login, then you need to implement this in a 
policy service. but in general, you don't want to allow a user to use an 
arbitrary sender address.


in an ISP environment, it is easier to setup multiple MSAs to implement 
different user classes.




The extra header field was being added presumably to identify real 
sent mail from faked spam and hence only add real sent messages to 
the sent folder?



and how do you add a header only to "really" sent mail? and anyway, 
how do you deliver a _copy_? remember that this is outgoing mail and 
won't naturally go through dovecot.


Perhaps I misunderstand the idea - but what I think was wanted was 
that every sent email from an authenticated sender would be bcc'd back 
to the person it came from. Then when it's being delivered back to the 
person who sent it (ie deliberate mail loop back) we detect that it's 
our own message "bouncing" back and stick it in the sent items folder 
instead of the inbox.  The finesse is then reliably detecting which is 
which


if mail is delivered to Sent folder instead of intended recipients, 
users will break your bones.


you can try whatever approach, but a COPY is needed so that the message 
goes both to the intended recipient AND to the Sent folder. and since 
the folder depends on the sender address, you need either sender bcc or 
pass all mail to a script or an LDA that will do the copy and resubmit 
the mail. but resubmitting mail this way is suboptimal.




The point raised later in the thread is that it's quite hard to detect 
mail being bcc'd back to us for putting in sent items and mail being 
dropped onto the server with a forged FROM address.  As you correctly 
point out some restrictions on authenticated user help.  The previous 
poster pointed out that hard to guess client headers inserted in all 
genuine email are also useful



you can put a header to detect forgeries if you like, but you should 
still use sender bcc to create a copy of outgoing mail.

Re: [Dovecot] Dovecot/postfix to do 'copy to sent' ?

[mouss]

Ed W wrote:


Personally I don't like fake "senderbcc" address for every user. 
This my

catch a lots of spam in "sent" folders.


you are confusing sender bcc with virtual aliases.



What about spam with a faked FROM address which seems to be from a 
local user?  I think the point is that this strategy can cause a copy 
of the spam to end up being added as a sent item.


there are two cases:
- you enforce authentication and sender-login match. in this case, you 
detect forgeries
- you don't. in this case, you can't detect forgeries. and a header 
won't help. the whole approach breaks.


The extra header field was being added presumably to identify real 
sent mail from faked spam and hence only add real sent messages to the 
sent folder?



and how do you add a header only to "really" sent mail? and anyway, how 
do you deliver a _copy_? remember that this is outgoing mail and won't 
naturally go through dovecot.

Re: [Dovecot] Dovecot/postfix to do 'copy to sent' ?

[mouss]

Uldis Pakuls wrote:

mouss wrote:

[snip]


This has been asked more than once here and elsewhere, and sadly 
the short answer is 'no'... I'd love to see support for this too, 
but it just has to do with how smtp works.


A couple of options...

If you use postfix for your MTA, you could simply disable saving 
sent messages in tbird, and set up sender BCC maps in postfix so 
that a copy of each users sent mail is dumped into their Sent folder.


But it won't be saved in the Sent folder, will it? It will just be 
delivered to the mailbox?



you can have it delivered wherever you want, provided you configure 
that.


with a pcre sender bcc like this:
/(.*)@example\.com$/  [EMAIL PROTECTED]

postfix will deliver a copy to [EMAIL PROTECTED] Then 
deliver this with


1- dovecot LDA and use Sieve to store the message in the folder you want
2- maildrop and configure it to store the message where you like, or
3- directly with postfix, provided you configure the right 
virtual_mailbox_maps

or.. just add custom header line like "X-Save-Sent: 1" and use dovecot's
LDA + sieve script to store message in "sent" folder.


The discussion is about outgoing mail. Outgoing mail doesn't go to 
dovecot unless you copy it.



Personally I don't like fake "senderbcc" address for every user. This my
catch a lots of spam in "sent" folders.


you are confusing sender bcc with virtual aliases.

Re: [Dovecot] Dovecot/postfix to do 'copy to sent' ?

[mouss]

Zbigniew Szalbot wrote:

Hi there,

Charles Marcus pisze:


On 5/8/2008 5:22 AM, Bob Gustafson wrote:

I always keep a copy of messages sent.

With a particularly large message (pictures etc), being sent from a 
far remote location, I noticed that the message and the copy were 
both sent from the client - rather than having the message sent 
(through my mail server) and then copied locally within the mail 
server.


Is there a way to configure Dovecot (or postfix?) so the local copy 
is done?


This has been asked more than once here and elsewhere, and sadly the 
short answer is 'no'... I'd love to see support for this too, but it 
just has to do with how smtp works.


A couple of options...

If you use postfix for your MTA, you could simply disable saving sent 
messages in tbird, and set up sender BCC maps in postfix so that a 
copy of each users sent mail is dumped into their Sent folder.


But it won't be saved in the Sent folder, will it? It will just be 
delivered to the mailbox?





you can have it delivered wherever you want, provided you configure that.

with a pcre sender bcc like this:
/(.*)@example\.com$/  [EMAIL PROTECTED]

postfix will deliver a copy to [EMAIL PROTECTED] Then deliver 
this with


1- dovecot LDA and use Sieve to store the message in the folder you want
2- maildrop and configure it to store the message where you like, or
3- directly with postfix, provided you configure the right 
virtual_mailbox_maps

Re: [Dovecot] thunderbird sane config (OT)

[mouss]

Charles Marcus wrote:

On 5/7/2008, [EMAIL PROTECTED] ([EMAIL PROTECTED])
wrote:

What I had in mind was more like:
1. I install Thunderbird.
2. I create an account named .
3. I modify TLS and other settings to work better.
4. I click magic button.
5. Thunderbird creates a new thunderbird_mycfg.exe.
6. User downloads and runs thunderbird_mycfg.exe, which installs
Thunderbird, asks the user his/her account name and applies the
configuration from step (3), and everything magically works.

Hmm.


Heh... yeah, thats one of the things lacking in both TBird and FFox is 
enterprise feature support like this...


Its supposedly in the works though... and when it happens, you'll be 
able to push it out even easier than you descibe above (assuming 
you're using WPKG, Active Dirdctory, or something similar ...




you may want to look at

   http://developer.mozilla.org/en/docs/Thunderbird_ISP_hooks
   https://spaces.mtu.edu/clearspace/docs/DOC-1403
   http://wiki.mozilla.org/Thunderbird:Autoconfiguration
   http://wiki.mozilla.org/Thunderbird:Autoconfiguration:ConfigFileFormat

Re: [Dovecot] Question about Maildir automatic cleanup.

[mouss]

Jose Celestino wrote:

Words by José Ildefonso Camargo Tolosa [Tue, May 06, 2008 at 12:47:30PM -0700]:
  

Hi!

I want to automatically delete old messages from one user's Maildir, and I was 
thinking on running something like this:

find /home/user/Maildir/cur/ /home/user/Maildir/new/ -daystart -mtime +15 
-delete

but I'm not sure if by deleting messages "manually" I will break the 
dovecot.index* files.

What do you think?




The index files will "auto-fix".

  


that said, deleting messages from the new/ directory is a bit risky...

also, for safety, better move the messages to another place (in the same 
partition, to avoid a copy) and have another job delete them from that 
place (maybe few days later).

Re: [Dovecot] Manual thread breaking from Thunderbird

[mouss]

Christian Jaeger wrote:

[EMAIL PROTECTED] wrote:

Christian Jaeger wrote:
 

 I'm looking for a way to manually break threads apart when independent
threads are mixed up, mostly by users which aren't aware that they 
should

not be replying to existing threads when starting a new one.



Sounds like a great idea!

I'm curious though, how do convince your Thunderbird and Dovecot to
work like Gmail and keep everything threaded in the same folder in the
first place?
  


I'm not sure whether I understand you correctly: are you asking how to 
turn on threading in Thunderbird? (That would be in the menu View -> 
Sort by -> Threaded.) But that's Thunderbird's doing, Dovecot isn't 
really involved afaik, I assume Thunderbird will look at the 
message-id and in-reply-to headers of the mails.


and References and few other heuristics.



Or are you asking about the Gmail feature of not using subfolders but 
keep everything in the same place and only use search to find your stuff? 


I guess that's what he means. In short, how to have the same message 
appear in different folder (be them "virtual" or not). and I guess, if 
you delete a message, you no more see it in the said folders.


I believe the right place for this feature is in the MUA (thunderbird) 
to avoid downloading the same message N times.


(Well, I haven't used Gmail much, one of the reason being that when I 
tried it I thought how would you keep mailing lists separated sanely? 
(Without having to create separate custom queries for each of them or 
so.))


Christian.

Re: [Dovecot] dovecot shows inbox of different user wher logged from the same host twice

[mouss]

Anselmo Rosa herlen wrote:

I have squirrenmail 1.4.13 configured on FC8 with sendmail,procmail as
delivery agent, dovecot(imap) ,Using MAILDIR, enabled secure_login 
plugin, and using password/shadow and system user .


 When I
login through squirrelmail every thing works fine . But when I login
again from the same host  as a different user  with new browser
session,  the  mailbox  of the new user  displays correctly  but  the 
first user session  displays the inbox of the second user . ie  if I

have two https sessions from a single machine and login as two
different users the inbox of the later user is displayed in both the
sessions.

   I checked the logs of dovecot and the following is noticed


dovecot:
May 06 11:12:25 Info: imap-login: Login: user=,
method=PLAIN, rip=:::127.0.0.1, lip=:::127.0.0.1, secured
dovecot: May 06 11:12:25 Info: IMAP(ath): Disconnected: Logged out

there
are lots of messages for a single login . Also the  USER  shown above
is the user of the second session and is displayed when i try to access
the first htts session
  


cookies...

Use different browsers (firefox, opera, ... etc) or multiple browser 
instances.

Re: [Dovecot] Can't receive mail for virtual user

[mouss]

Jeremy Gillick wrote:

I followed the dovecot instructions (
http://wiki.dovecot.org/HowTo/SimpleVirtualInstall) to create a simple
virtual user installation with the /etc/dovecot/passwd file.  However,
whenever I try to send a message to the virtual user, Postfix has a problem
delivering it.  Postfix is delivering messages to ~/Maildir, but Dovecot is
trying to use /home/vmail/.  How can I get the 2 apps to work together?

  


use dovecot LDA to deliver mail
virtual_transport = dovecot


Alternatively, configure postfix to use the same Maildir as dovecot 
using virtual_mailbox_maps.



[snip]
  

Re: [Dovecot] Client can't connect to SMTP

[mouss]

Jeremy Gillick wrote:

I've just installed Dovecot and Postfix and my email client (Mac Mail)
cannot authenticate with the SMTP server.  The error I receive says that
"The SMTP server doesn't support SSL (TLS) on port 465" -- yet, I've
installed SSL.  Is there any good way to test or debug this?
  


465 is the obsolete "smtps". if you want it, you need to enable it in 
master.cf (look for "smtps").


The standard is to use the STARTTLS command over whatever smtp port.


[snip]
  

Re: [Dovecot] sieve doesn't sift yet

[mouss]

cbrace wrote:

Timo Sirainen wrote:
  

Most likely deliver is never even run then.




Do I need to add an entry to Postfix's main.conf? Something like this?

dovecot unix - n n - - pipe flags=DRhu user=mail
argv=/usr/lib/dovecot/mail/deliver -f ${sender} -d ${recipient} 

  


(I know you meant to master.cf).

if you enable extensions in postfix, you can replace -d ${recipient} with
   -d [EMAIL PROTECTED] -n -m ${extension}
with recent postfix, you can use ${domain} instead of ${nexthop}. see 
pipe manpage.


now this only defines a dovecot transport. you still need to use it for 
delivery. how to do this depends on domain classes (local or virtual). 
for example, to use it for virtual delivery, just run

# postconf -e virtual_transport=dovecot

or you can manually edit main.cf but make sure to remove or comment out 
a "duplicate" setting (last setting wins).

Re: [Dovecot] sieve doesn't sift yet

[mouss]

Colin Brace wrote:

Hi all,

I am having difficulty getting sieve working. I created a simple set of
rules which I've validated on the sieve-php page at SF. I placed this file,
.dovecot.sieve, in the root of my maildir, which I understand is the
default location. 


what is the root of a maildir? it is often better to give examples 
instead of (ambiguous) descriptions. I guess you mean the maildir 
itself. the expected location is the "home" directory of the user. so if 
the maildir is the same as the home dir, that's the right place (except 
that it is recommended to make the maildir a sub directory of the home 
dir, so that files such as the sieve script are not mixed with folders).


Note that you need to deliver with "dovecot deliver" (postfix does not 
do sieve) and you need to enable sieve in your configuration (see the 
wiki for more).



I also created a logfile in /var/log, but nothing has
gotten written to it yet. Here is my configuration:

$ sudo dovecot -n
# 1.0.13: /usr/local/etc/dovecot.conf
base_dir: /var/run/dovecot/
log_path: /var/log/dovecot
info_log_path: /var/log/dovecot.info
ssl_disable: yes
disable_plaintext_auth: no
login_dir: /var/run/dovecot/login
login_executable: /usr/local/libexec/dovecot/imap-login
verbose_proctitle: yes
first_valid_gid: 0
mail_access_groups: mail
mail_location: maildir:/var/spool/vmail/%n
mail_debug: yes
pop3_uidl_format: %08Xu%08Xv
auth default:
  verbose: yes
  passdb:
driver: passwd-file
args: /usr/local/etc/dovecot-passwd
  userdb:
driver: passwd
  userdb:
driver: static
args: uid=vmail gid=vmail home=/var/spool/vmail/%n

What piece of the puzzle am I still missing?

Running dovecot-sieve-1.0.2, postfix, etc under FreeBSD v7.

TIA

  

Re: [Dovecot] antispam plugin ehancement

[mouss]

ML wrote:


Le 21 avr. 08 à 13:58, Johannes Berg a écrit :


On Mon, 2008-04-21 at 12:18 +0200, ML wrote:

I'm not a developper so I can't do it by myself,
# msgtag.spam
If this message was classified SPAM by mistake, please click here : 
http://example.com/dspam-retrain.cgi?sig=

{DSPAM_SIG}

# msgtag.nonspam
If this message should have been classified SPAM, please click here 
: http://example.com/dspam-retrain.cgi?sig=

{DSPAM_SIG}

I think a click is easier and faster than a forward, what do you think
of such an implementation ?


This has nothing at all to do with dovecot or the antispam plugin for
dovecot.



Ok, I've also read several articles since my post and it seem this is 
a DSPAM-only issue... sorry for the noise





and altering mail is generally a bad idea. it's also less simple than it 
sounds.

Re: [Dovecot] Moving Maildir email messages and backing things up.

[mouss]

Asheesh Laroia wrote:

On Mon, 21 Apr 2008, mouss wrote:


Karl Schmidt wrote:

mouss wrote:

karl wrote:
What would happen if I ran a script that did this:

mv ~/Maildir/.folder_one/cur/* ~/Maildir/.folder_two/cur/

My hunch is it might break things.


shouldn't break anything. if the MUA is caching "actions" (happens 
with thunderbird at least), then the view in the client will be 
different but this is not a big problem (at least for me).


So on the server I could run something simple like:

#!/bin/bash
bogofilter  -Ns  -B /home/karl/Maildir/.s-2B-scaned_spam
mv ~/Maildir/.s-2B-scaned_spam/cur/* ~/Maildir/.archived_spam/cur/


you'd better use an "axuiliary" directory:


mv $dir/.Junk.Trash/cur/* $dir/.Junk.Trash/todo/
$learn_spam $dir/.Junk.Trash/todo/  && mv $dir/.Junk.Trash/todo/* 
$dir/.Corpus.junk/cur/


I think you could get away with using the Maildir built-in "tmp" 
directory if you wanted for this.



no, because you don't want the mv .../tmp/* while mail is being delivered.

better use your own dir. it costs nothing.

Re: [Dovecot] Moving Maildir email messages and backing things up.

[mouss]

Karl Schmidt wrote:

mouss wrote:

karl wrote:
What would happen if I ran a script that did this:

mv ~/Maildir/.folder_one/cur/* ~/Maildir/.folder_two/cur/

My hunch is it might break things.


shouldn't break anything. if the MUA is caching "actions" (happens 
with thunderbird at least), then the view in the client will be 
different but this is not a big problem (at least for me).


So on the server I could run something simple like:

#!/bin/bash
bogofilter  -Ns  -B /home/karl/Maildir/.s-2B-scaned_spam
mv ~/Maildir/.s-2B-scaned_spam/cur/* ~/Maildir/.archived_spam/cur/


you'd better use an "axuiliary" directory:


mv $dir/.Junk.Trash/cur/* $dir/.Junk.Trash/todo/
$learn_spam $dir/.Junk.Trash/todo/  && mv $dir/.Junk.Trash/todo/* 
$dir/.Corpus.junk/cur/


in short, first move the messages out of "imap" and then learn them.

check the right option for bogofilter so that it doesn't want the 
learned messages to stay in the same place.




Afterwards the MUA 'view' of the folder might not be correct until 
thunderbird re-caches the folder?


I just don't care since this is nothing more than a Junk folder!


Is there a command line tool that would allow for moving emails that 
would do it in a way that dovecot and the MUA would know to update 
caches? 


the MUA will eventually "update" its view. so this is not really a problem.


.,.,

If I have two users share a mail folder, I would think the MUA 'view' 
would also get behind. Is there a way to get thunderbird to re-cache a 
folder?


> but if it's for backup, why are you moving files?

I'm looking into three separate issues: automating spam training, 
backup issues, and sharing folders.


you'd better divide and conquer. you can find good solutions for each 
problem. if you try to find a single solution for all the problems, 
you'll have less choices and you run the risk to get it wrong.


I really wish I could see a list of the ~/Maildir indexing files and 
what they do - probably I don't need to know, but it might help me 
understand what problems I might run into restoring a backup.


metoo:) but given that I could copy mail from courier to dovecot, I took 
it that I don't care much about the "administrative" files.

Re: [Dovecot] Moving Maildir email messages and backing things up.

[mouss]

Karl Schmidt wrote:
I just moved to dovecot with Maildir. I think this is probably a 
stupid question, but I couldn't find an answer after an hour of 
googling and searching the wiki.


What would happen if I ran a script that did this:

mv ~/Maildir/.folder_one/cur/* ~/Maildir/.folder_two/cur/

My hunch is it might break things.


shouldn't break anything. if the MUA is caching "actions" (happens with 
thunderbird at least), then the view in the client will be different but 
this is not a big problem (at least for me).


but if it's for backup, why are you moving files?


What if dovecot was stopped?


,.,.,.


Where can I find a list of files in ~/Maildir/ and a note on what they 
are? (And similarly for a ~/Maildir/.folder)


I'm wondering if everything needs to be backed up, or if I can/should 
skip the indexes. What happens if any of these files changes during 
the backup? (I'm thinking I shouldn't have to stop dovecot for a backup).

Re: [Dovecot] How to deal with mail to unknown virtual recipients?

[mouss]

Andreas Ntaflos wrote:
Thank you for your reply! Reading through it and re-reading the Postfix 
documentation gave me the clue I needed. 

Unfortunately I forgot to mention that I didn't have a virtual_mailbox_maps 
directive defined in Postfix's main.cf, so Postfix couldn't know anything 
about which virtual recipients were valid and which weren't. Since that 
particular map was optional and everything worked fine during my tests (which 
didn't include sending mail to an invalid virtual recipient, shame on me) I 
quickly forgot about it.


Naturally that was the root of problem I was facing.

Defining a virtual_mailbox_maps file with all valid virtual users solves the 
problem in principle, however now I need to maintain two files with valid 
virtual users for valid virtual domains: the passwd-file for Dovecot 
(/etc/dovecot/passwd) plus the vmailbox file for Postfix 
(hash:/etc/postfix/vmailbox).
  


use a script to generate the virtual mailbox maps files from a single 
source file. you can use a Makefile to rebuild only when the source file 
changed.


I suppose this is unavoidable when using flat files and would be better solved 
using a real database backend, but it makes me wonder if there really isn't 
anything Dovecot could do about this?


Seeing as Dovecot recognises when a virtual recipient is invalid, couldn't it 
somehow put the to-be-rejected mail back to Postfix (or whichever MTA)?



as already said, you should reject invalid recipient during the smtp 
transaction. there's already too much backscatter out there, and the 
borked sites are listed in backscatterer.org.



 Or 
should it just drop it?


No, because people sometimes mistype addresses and you don't want to 
blackhole such mail. if I send mail to [EMAIL PROTECTED], and you discard 
that mail, I'll assume that you received it. now suppose this mail is 
important ("Hi Andreas, there is a problem at foo bar, tell me if I 
should handle it...").


 I don't know what the SMTP (whichevery protocol is to 
be followed here) says about this, so I pose the question again: 
  


if you accept the message during the smtp transaction, you take 
responsibility and you should not lose it "frivoulously". This 
requirement is what makes email as reliable as it is, at the expense of 
disk IO overhead (before saying "ok", the MTA must sync the file to 
permanent storage, so that it survives server crashes... etc).


of course, servers should never bounce spam and viruses. as a result, it 
is important to reject as much junk during the smtp transaction and to 
minimize failures after a message was accepted. In particular, it is no 
more acceptable to bounce mail because the recipient is invalid. quota 
bounces and exceptional server errors are still acceptable because they 
don't occur too often.


Note that this also applies to auto-responders (vacation, ...). 
auto-responders must follow the recommendations of rfc3834 as well as 
other best practices.



Is there anything Dovecot itself can do to reject or handle mail to invalid 
virtual users? Or does this situation *have* to be dealt with earlier, by the 
MTA?
  


yes. see www.backscatterer.org for an incentive ;-p

Re: [Dovecot] How to deal with mail to unknown virtual recipients?

[mouss]

Andreas Ntaflos wrote:
Hello list, 

I am not quite sure whether this is a questions for Dovecot or Postfix. I have 
set up, virtual hosting for one domain (for test purposes) using a 
passwd-file as passdb and a static userdb (see dovecot -n at the end) along 
with Postfix in a manner described in [1], i.e. a non-Postfix mail store. 
Other than that I also do hosting for the canonical domain which is for users 
with a regular Unix account on the system (looked up via PAM)


The virtual domain shall be "example.org", with two users "[EMAIL PROTECTED]" 
and "[EMAIL PROTECTED]". 

But today I received spam mail (which was correctly identified as such by 
amavisd-new) for "[EMAIL PROTECTED]" and "[EMAIL PROTECTED]", two recipient 
addresses that do not exist. According to [1] "it's left up to the 
non-Postfix delivery agent to reject non-existent recipients from local 
submission or from local alias expansion." 
  


note that this is about local submission and local alias expansion. it 
is not about mail received from outside.
How to deal with such a situation? 

  


this is postfix issue. postfix will reject mail to invalid local and 
virtual users unless you rebak recipient validation. a common error is 
to use wildcard virtual aliases or wildcard canonical mapping.


Followup on the postfix list, but do show enough informations:
- output of 'postconf -n'
- logs of the transaction (from reception until error)
- do you have a wildcard alias or canonical.

The sender address was clearly forged so returning a failed delivery message 
is pointless. The messages are now hanging around in the queue with a status 
of "deferred: temporary failure". 


The logs show:

dovecot: auth(default): passwd([EMAIL PROTECTED]): unknown user
dovecot: auth(default): passwd-file([EMAIL PROTECTED]): unknown user
dovecot: auth(default): static([EMAIL PROTECTED]): passdb doesn't support 
lookups, can't verify user's existence


postfix/pipe[25328]: C7EA18BC0B5: to=<[EMAIL PROTECTED]>, relay=dovecot, 
delay=1.4, delays=0.07/0.02/0/1.3, dsn=4.3.0, status=deferred (temporary 
failure)


The dovecot relay is defined in /etc/postfix/master.cf:

dovecot unix - n n - - pipe
  flags=DRhu user=vmail:vmail argv=/usr/local/libexec/dovecot/deliver -f 
${sender} -d ${recipient}


The question, once again, is: what to do in such a situation? A catch-all 
address could be set up, but to what end? It would just catch a lot of spam 
over time. What is the correct way to deal with this? 

More importantly: is there even anything Dovecot could (or should) do? 

Thanks in advance, 


Andreas

[1] http://www.postfix.org/VIRTUAL_README.html#in_virtual_other

# 1.0.10: /usr/local/etc/dovecot.conf
base_dir: /var/run/dovecot/
protocols: imap imaps pop3 pop3s managesieve
listen(default): *
listen(imap): *
listen(pop3): *
listen(managesieve): *:2000
ssl_cert_file: /path/to/ssl_cert
ssl_key_file: /path/to/private_key
login_dir: /var/run/dovecot//login
login_executable(default): /usr/local/libexec/dovecot/imap-login
login_executable(imap): /usr/local/libexec/dovecot/imap-login
login_executable(pop3): /usr/local/libexec/dovecot/pop3-login
login_executable(managesieve): /usr/local/libexec/dovecot/managesieve-login
mail_extra_groups: mail
mail_location: maildir:~/Maildir
maildir_copy_with_hardlinks: yes
mail_executable(default): /usr/local/libexec/dovecot/imap
mail_executable(imap): /usr/local/libexec/dovecot/imap
mail_executable(pop3): /usr/local/libexec/dovecot/pop3
mail_executable(managesieve): /usr/local/libexec/dovecot/managesieve
mail_plugin_dir(default): /usr/local/lib/dovecot/imap
mail_plugin_dir(imap): /usr/local/lib/dovecot/imap
mail_plugin_dir(pop3): /usr/local/lib/dovecot/pop3
mail_plugin_dir(managesieve): /usr/local/lib/dovecot/managesieve
imap_client_workarounds(default): outlook-idle delay-newmail 
tb-extra-mailbox-sep

imap_client_workarounds(imap): outlook-idle delay-newmail tb-extra-mailbox-sep
imap_client_workarounds(pop3): outlook-idle
imap_client_workarounds(managesieve): outlook-idle
pop3_uidl_format(default):
pop3_uidl_format(imap):
pop3_uidl_format(pop3): %08Xu%08Xv
pop3_uidl_format(managesieve):
sieve_storage(default):
sieve_storage(imap):
sieve_storage(pop3):
sieve_storage(managesieve): ~/sieve
sieve(default):
sieve(imap):
sieve(pop3):
sieve(managesieve): ~/.dovecot.sieve
namespace:
  type: public
  separator: /
  prefix: Public/
  location: 
maildir:/var/mail/public:CONTROL=~/Maildir/control/public:INDEX=~/Maildir/index/public

namespace:
  type: private
  separator: /
  inbox: yes
auth default:
  mechanisms: plain login
  verbose: yes
  passdb:
driver: passwd-file
args: /etc/dovecot/passwd
  passdb:
driver: pam
  userdb:
driver: passwd
  userdb:
driver: static
args: uid=vmail gid=vmail home=/home/vmail/%d/%u
  socket:
type: listen
client:
  path: /var/spool/postfix/private/auth
  mode: 432
  user: postfix
  group: postfix
master:
  path: /var/run/dovecot/auth-master
  mode:

Re: [Dovecot] How to fetch mails in Spam dir by MUA via POP3?

[mouss]

Scott Silva wrote:

on 4-2-2008 5:02 AM Zhang Huangbin spake the following:

Hi, all.

How can i fetch mails in Spam directory by MUA (Such as Thunderbird) 
via POP3?


Thanks very much.

If you want to use pop3, you might need to mark mails instead of 
moving them to another box. I don't think pop3 has any concept of 
multiple mailboxes.




or he can create specific users (such as user-junk) whose mail location 
points to the Junk folder...


maybe a better solution would to provide a web interface that allows 
"releasing" false positives (which would then be moved to the Inbox) and 
"confirming" spam. Users can eaisly spot junk and confirm it without 
downloading it.

Re: [Dovecot] Lmtp between hosts? (postfix/dovecot/ldap)

[mouss]

k bah wrote:

I have 2 hosts:

(a)
- dovecot-1.0.5-6
- postfix-2.4.5-20
-> It's not the mx record for the domain, just holds the mailboxes
-> Postfix uses LDAP for user lookup, dovecot too.
-> Works ok if I set it to be the final mail destination, with Cyrus and 
Dovecot LDA (mailbox_transport).
-> Has no domain associated (dns) with this ip address

(b)
- postfix-2.3.2-28
-> Has the mx record for that domain, has ip address that the domain points to. 
(users @ domain.org)
-> Works ok if I install dovecot and set the mailbox_transport to be on this 
machine, both with dovecot and cyrus.


 What I'm trying to do:

 Have host (b) to receive mails for that domain, and by setting it's 
transport_maps to be /etc/postfix/transport, and there (tranport maps) point to 
host (a), using ltmp:

 "domain.org  lmtp:ip_address_machine_A:24"

 ("domain.org  lmtp:inet:ip_address_machine_A:24" does not work, gives me

 "fatal: valid hostname or network address required in server description: 
inet:ip_address_machine_A:24")


 Both machines have /etc/services with lmtp to port 24 tcp/udp.
 http://www.postfix.org/transport.5.html was not so clear to me.
 Ok, when I took out the "inet" part on the transport maps file, it connected 
to the host (a), which has this on master.cf:

 "machine_A_ip_address:24  inet  n   -   n   -   -   
lmtp"
  


what's this supposed to do? lmtp is a transport, it doesn't listen on an 
IP:port.


use smtp to pass mail to the other machine.

 it "worked", since machine (b) (received the mail and has mx record) delivered 
the mail to machine (a) (holds mailboxes, runs dovecot), but that stopped, machine (b) 
connects to port 24 on machine (a), and stays there, connected, without saying nothing 
(sniffed it). When I kill the connection (kill postfix on machine (a)), machine (b) 
complains on the log file:

 postfix/lmtp[704]: msg_id: to=<[EMAIL PROTECTED]>, 
relay=machine_A[machine_A]:24, delay=223, delays=0.08/0.01/223/0, dsn=4.4.2, 
status=deferred (lost connection with machine_A[machine_A] while receiving the 
initial server greeting).


-- questions --

 I don't know if I'm doing things wrong (configuration error) or the wrong 
thing (should try other ways), so my questions:

 1) Is this setup going to work ever, or it's wrong to try to get it to work? I want to 
hold mailboxes on a different host, and now I got to use dovecot (in case I hear: 
"try it with cyrus instead" =o)).
 
 2) Viewing from the machine that receives the mail, and has mx record, the transport should be lmtp, right? Since it's now a matter of "delivery".


  Postfix:
<...> ->  -> ( or  or )

When using lmtp, I'm in ??

 I mean, to get the message to the other machine (just mailboxes, no mx) I 
SHOULD USE LMTP(?)

 3) Viewing from the machine holding the mailboxes, is there a way to make 
dovecot listen on that port? Or should I continue to use Postfix, and use 
postfix on this machine to deliver to dovecot (dovecot lda config works ok if 
using 1 and only 1 machine for everything - mx record, mailboxes). With Cyrus I 
talked lmtp directly, Postfix receives the mail and uses lmtp to talk to cyrus, 
using a unix socket.


 If anyone replies to the topic, and the discussion goes deeper on some of the 
alternatives, I paste my configs and come with further details, since what's working 
isolated I didn't paste here. Previous tests with just Cyrus or Dovecot on 1 machine 
setup worked, so I think it would just "bloat" the mail with information.


 thanks

=


  

Re: [Dovecot] Dovecot and kmail IMAP resources

[mouss]

Charles Marcus wrote:

On 3/24/2008, Bill Cole ([EMAIL PROTECTED]) wrote:
FWIW, I don't use KMail, but every contact I've had as a mail admin 
with people trying to do so has persuaded me that it is not yet ready 
for serious use. On this list you are about the third person in the 
past year to seek help here with some KMail-specific problem that 
doesn't seem possible unless KMail itself is fundamentally broken, 
and implies that the software is horrendously documented.


I have read numerous stories of IMAP problems with KMail...



We've read numerous stories about outlook, thunderbird, netscape, ... 
and even about imap itself.


Last time I tried kmail, it didn't have the old problems that used to 
annoy me. I don't use it regularly though.

Re: [Dovecot] Question about log entry?

[mouss]

Knute Johnson wrote:

dovecot: POP3(knute): mbox sync: Expunged message reappeared in
mailbox /var/mail/knute (UID 585 < 379664, seq=2, idx_msgs=0): 1
Time(s) dovecot: POP3(knute): mbox sync: UID inserted in the 
middle of
mailbox /var/mail/knute (379664 > 585, seq=2, idx_msgs=1): 1 
Time(s)


I've been getting these lately.  Any idea what causes them?  Should I 
worry about it?
  



http://www.dovecot.org/list/dovecot/2006-November/017360.html

Re: [Dovecot] How LDA deliver mail

[mouss]

alex_dovecot wrote:

 hi,all
 
 
I read some part of the source code for studying and interesting. But i face trouble when I read the 'deliver.c'.

In file 'deliver.c' on line 812 , there is a function named 'deliver_mail', 
see below:
deliver_mail(storage, mail, destination, mailbox)
 
I couldn't find out where is this function defined and how it was linked.
 


the function is defined by plugins. look at dovecot-sieve source code 
for example.

Re: [Dovecot] Help! OT: Blackberry IMAP client suggestions/experience needed

[mouss]

Scott Silva wrote:

on 3-13-2008 12:58 PM Stewart Dean spake the following:
I didn't field DC until 1.0 and have kept pretty much up to 
date...these problems were present with UWIMAP but got somewhat 
better since the switchover to DC.
I can't imagine how DC could deal with two clients working on the 
same mbox inbox, where the first instance has changes that are local 
to the PC and not yet put on the server without DC breaking the lock 
of the first instance (and thus invalidating the incomplete changes 
on the PC) and giving it to the second...or is there some magic?


I just tried to do a mass move on a mailbox with thunderbird, and 
tried to access the same box with outlook and it just took a little 
while to show up, then refreshed the headers and showed the deleted 
messages marked as deleted.


try the same while receiving mail... also trying moving messages one at 
a time, not a "mass move".

And nothing unusual in the logs.
Strange.


(The mbox) size may matter...  Usage too.

I've already seen mbox files being corrupted.

Re: [Dovecot] Junk folder

[mouss]

[EMAIL PROTECTED] wrote:

Hi,

I'm using delivery like Postifx->Amavis->Dovecot LDA
Is there a possibility to deliver mail marked as spam (Subject, header) to
Junk folder?
  


do not hijack threads. compose a new message instead of replying to an 
unrelated one.


you need dovecot-sieve. then use something like:

if header :contains "X-Spam-Flag" "YES" {
   fileinto "Junk";
   stop;
}

Re: [Dovecot] Put existing mails (in Maildir) through sieve filter?

[mouss]

Raphael Bittencourt S. Costa wrote:

Andreas,

You can write a shell script to do this for you.

cd ~/Maildir/cur

for i in *; do /usr/local/libexec/dovecot/deliver  -d user < $i; rm -f
$i; echo "Message $i"; done
  


it would be safer to move the messages to another directory before 
running the loop, and moving the delivrered ones to another dir instead 
of deleting them.


cd ~/Maildir
mkdir todo
mkdir done
cp cur/* todo
for  i  in todo/*; do
   echo "Delivering message $i ..."
   /path/to/deliver -d user < $i && mv $i done/
done

Re: [Dovecot] sieve filtert nicht

[mouss]

Patrick Ben Koetter wrote:

 * Steffen Kaiser <[EMAIL PROTECTED]>:
On Tue, 19 Feb 2008, Carsten Henkel wrote:

>>> and you need to understand what i´m wrote *gg
Why should Patrick bother to understand _your_ request of support, do you
pay him?!

> I think this is a case of Denglish - a German writing English. I 
read the
> reply as: (You need to write it in English) and "even if I did 
someone needs

> to be able to understand what I wrote". To me it's more a "excuse my bad
> English".


and even if my german is more than ridiculous, I understood the "and" at 
the beginning of Stephen post in its "natural" meaning: the sentence is 
to be added to yours (he needs to write in english _and_ people must 
understand his english).


> Anyway. Lot's of speculation. Let's do Dovecot instead. ;)


yes, let's all have a dovecoit :)

Re: [Dovecot] procmail deliver and envelope-to

[mouss]

Klaus Ethgen wrote:

Hi mouss,

Am Mi den 20. Feb 2008 um 21:57 schrieb mouss:
>> first of all, please reply private as I am not subscribed to the list.
>> But if this question takes to much traffic I can subscribe.
> the problem with non members is that some server in the path may 
discard or

> bounce our mail, and they won't get it.

I cannot follow completely. What is the difference if the mail is
manually approved than that the people is member of the list?


the problem is not posting to the list. As long as you get the CC, it's 
ok. I only meant that it is possible that you don't receive an offlist 
message, for example because some server or gateway on your side uses a 
blocklist or play "discard me" games. I've already got bounces in such 
cases (when I post via my home ISP) and this doesn't get me in a good 
mood:)



[snip]

Ah, that's true for well formed mailing lists like made with mailman or
majordomo. But there are many mailing lists out in the wild where you
have no other change than the "plussed" address to select them out. (The
example might be unclear as the gimp-devel list is well formed.


then you'll need to find such an example :)

The following seems to work for every list I've seen (by order of my 
personal preferences):


- List-Id
- List-Post
- List-Owner
- Sender
- Return-Path
- To or Cc

Re: [Dovecot] procmail deliver and envelope-to

[mouss]

Klaus Ethgen wrote:

Hello,

first of all, please reply private as I am not subscribed to the list.
But if this question takes to much traffic I can subscribe.


the problem with non members is that some server in the path may discard 
or bounce our mail, and they won't get it.


My problem is that I have to use procmail (as it can call external
programs) which finally calls deliver. My main rules are sieve and they
work find except that I cannot use subaddress matching in envelope to
(not envelope send which has been addressed earlier). But As I use the
'+'-Feature the envelope to will be the one interesting for me.

For example, I am subscribed to the mailing list gimp-devel with
[EMAIL PROTECTED] So I want to use:
   require ["fileinto", "imapflags", "subaddress", "envelope"];
   ...
   if envelope :detail :is "To" "gdev"
   {
  fileinto "Mailinglisten.gimp-devel";
  stop;
   }


why not use a header specific to the list instead of your address? I 
mean something like:


if header :contains "List-Id" "" {
fileinto "Mailinglisten.gimp-devel";
stop;
}

This is independent on your address. so if you ever change the 
subscribed address, you won't need to change the rule. and if other 
users on your system need a similar processing, they can copy the rule.




But if I call the deliver tool from procmail this will not work and the
mail falls thought to the next matching rule or the implicit delivery.
In the resulting mail, Envelope-to: is set correctly but no sorting.

Is there any way to use the Envelope-to: header for this?

Regards
   Klaus Ethgen

Re: [Dovecot] stat failed: Not a directory

[mouss]

Benjamin R. Haskell wrote:

On Sun, 17 Feb 2008, Andrea wrote:

I have recently installed dovecot on a FreeBSD mailserver running 
postfix.
But when I try to login with imap/pop3, I always get an error "stat 
failed:

Not a directory".
I guess it is something wrong with the mail format postfix uses to 
store the

message, but I don't seem to find the correct solution.



Take a look at http://wiki.dovecot.org/MailboxFormat

The error you're getting is usually caused by treating an mbox (or 
similar format) file as a Maildir.


So, something in the path:

/usr/local/virtual/internal.domain.com/andrea

is not a directory. (Probably the whole thing -- andrea is probably a 
file.) So, when stat adds '/cur' to that path (which it needs to do if 
andrea is a Maildir), you get the 'not a directory' error.


I don't recall whether Postfix supports Maildir natively (Maildir is 
generally a better format than mbox -- by most accounts). On the 
server where I used it, we just delivered via Procmail (which does 
support Maildir).


postfix does deliver to maildir, provided the mailbox has a trailing 
slash (same note for maildrop). without a trailing slash, it's mbox.


the log suggests that he delivers to mbox. OP probably needs to append a 
slash to the mailbox lookup result in postfix (virtual_mailbox_maps).

Re: [Dovecot] Deleting messages from MailDir

[mouss]

Bill Cole wrote:

At 12:27 PM +0100 2/14/08, Edgar Fuß wrote:
  

Am 13.02.2008 um 14:56 schrieb Bill Cole:



Not on all filesystems. Note what HFS+ (MacOS) does:

~ $ ls -lc foo
-rwxr-xr-x   1 wkc  wkc  332 Jan 29 03:32 foo
~ $ mkdir foodir
~ $ mv foo foodir
~ $ ls -lc foodir/foo
-rwxr-xr-x   1 wkc  wkc  332 Jan 29 03:32 foodir/foo
~ $ date
Wed Feb 13 08:39:24 EST 2008
  

It's what I'd expect. In fact, it's what UFS does. Renaming a file doesn't 
change it's inode.



That's not true for the Solaris 9 implementation of UFS:

$ uname -a
SunOS sysadm05 5.9 Generic_118558-21 sun4u sparc SUNW,Ultra-80
$ df -k .
Filesystemkbytesused   avail capacity  Mounted on
/dev/md/dsk/d2   6050021 5050411  93911085%/
$ grep dsk/d2 /etc/mnttab
/dev/md/dsk/d2  /   ufs 
rw,intr,largefiles,logging,xattr,onerror=panic,suid,dev=1540002 1202637838
$ ls -lc jar_cache30536.tmp
-rw-r--r--   1 colewadm64258 Jan 13 22:28 jar_cache30536.tmp
$ mv $_ foo
$ ls -lc foo  
-rw-r--r--   1 colewadm64258 Feb 14 09:53 foo



  


same under *BSD (tested on FreeBSD and NetBSD):

% ll -c foo
-rw-r--r--  1 mouss mouss - 30 Jan 11 00:20 foo
% mv foo bar
% ll -lc bar
-rw-r--r--  1 mouss mouss - 30 Feb 14 18:15 bar

Re: [Dovecot] Deleting messages from MailDir

[mouss]

Bill Cole wrote:
At 11:53 PM +0100 2/13/08, mouss  imposed structure on a stream of 
electrons, yielding:

Bill Cole wrote:


[...]


Not on all filesystems. Note what HFS+ (MacOS) does:

~ $ ls -lc foo
-rwxr-xr-x   1 wkc  wkc  332 Jan 29 03:32 foo
~ $ mkdir foodir
~ $ mv foo foodir
~ $ ls -lc foodir/foo
-rwxr-xr-x   1 wkc  wkc  332 Jan 29 03:32 foodir/foo
~ $ date
Wed Feb 13 08:39:24 EST 2008




The question is whether this is because of an fs limitation or is it 
for compatibility with some old tools.


Posix says:

Upon successful completion, /rename/() shall mark for update the 
/st_ctime/ and /st_mtime/ fields of the parent directory of each file.



and ctime is the last status change time. AFAICT, an mv is certainly 
a status change.



but maybe I disgress:)


Since nothing but your POSIX quote refers to the ctime of the parent 
directory, maybe so. :)


yes, I realized that thanks to friendly heads ups :)


I think that when you rename() (i.e. 'mv') a file, its ctime should 
change, if only because that is what traditional (e.g. UFS) 
filesystems do. 


some might argue that this is not necessarily the "right" behaviour in 
the case of multiple hard links...


In the case under discussion, I think that using the last mv time is 
safer. If I move a message to the Trash, I might regret it and try to go 
save it. if the delivery date was used, the message may have been 
expunged. so updating the ctime will cause less surprises.


I know better than to argue technical issues like that with Apple, 
just as I know better than to use my head to dismantle a brick wall, 
with the main difference being that I've never actually made the brick 
wall attempt.


:)


But the relevant point is that Dovecot itself seems untroubled by this 
oddity.

Re: [Dovecot] Deleting messages from MailDir

[mouss]

Bill Cole wrote:

At 12:21 AM -0500 2/13/08, Benjamin R. Haskell  imposed structure on a stream 
of electrons, yielding:
  

On Wed, 13 Feb 2008, Rody wrote:


Op woensdag 13 februari 2008 00:43, schreef Bill Cole:
  

Yes, but you may also care that ctime is reset when a client has
Dovecot move a message from one subfolder to another within a
Maildir. I'm not sure why Dovecot does it, but a look at the messages
in the non-INBOX parts of my Maildir reveals that the ctime is always
later than the mtime, and the contents (Received headers) makes it
clear that Dovecot sets the mtime of messages to the original mtime
(i.e. original delivery time) when copying them.



I think the answer to "why Dovecot does it" is actually that Dovecot doesn't do anything with 
ctime. Under most *nix filesystems, ctime is the last time the inode underlying the file/dir was changed ('c' 
for "changed", not "created" -- [usually]). The inode gets changed when the file's moved 
from one directory to another.



Not on all filesystems. Note what HFS+ (MacOS) does:

~ $ ls -lc foo
-rwxr-xr-x   1 wkc  wkc  332 Jan 29 03:32 foo
~ $ mkdir foodir
~ $ mv foo foodir
~ $ ls -lc foodir/foo
-rwxr-xr-x   1 wkc  wkc  332 Jan 29 03:32 foodir/foo
~ $ date
Wed Feb 13 08:39:24 EST 2008


  


The question is whether this is because of an fs limitation or is it for 
compatibility with some old tools.


Posix says:

Upon successful completion, /rename/() shall mark for update the 
/st_ctime/ and /st_mtime/ fields of the parent directory of each file.



and ctime is the last status change time. AFAICT, an mv is certainly a 
status change.



but maybe I disgress:)

Re: [Dovecot] mailbox not acceced

[mouss]

Osvaldo Alvarez Pozo wrote:

i changed permissions, but  no results
So i added a field to the table mailbox like this:
alter table mailbox add last_login datetime NOT NULL default
'-00-00 00:00:00';
  


That's not a strictly valid date. better use a real date ('1970-01-01 
00:00:00' for instance). software that accesses databases in a portable 
manner may break if you use non portable dates.



for the moment I run two cron jobs
1 egrep "dovecot: (imap|pop3)-login" /var/log/mail.log >/var/log/maillog

  


since you're using perl, no need for the egrep part. see below.


2 /root/accounts
this scripts has de following content:

#!/usr/bin/perl
use DBI;
   $dbpath = "dbi:mysql:database=postfix;host=localhost";
   $dbh = DBI->connect($dbpath, "user","passwd")
 or die "Can't open database: $DBI::errstr";
   open (FICHIER ,"/var/log/maillog");
   while  () {
   ($value0,$value1,undef)=split(//,$value1);


$requete = "update mailbox set last_login =now() where  username='$user'";
$sth = $dbh->prepare($requete);

$sth->execute();
$sth -> finish;
   }
close FICHIER;
$dbh -> disconnect
  


#!/usr/bin/perl
use DBI;
use strict;
my $logfile = "/var/log/mail.log"; # or $ARGV[0]...

# syslog doesn't include a year... we could use current time or stat the 
logfile or ...

my $current_year='2008';
my %monthnum =
   qw( Jan 1 Feb 2 Mar 3 Apr 4 May 5 Jun 6 Jul 7 Aug 8 Sep 9 Oct 10 Nov 
11 Dec 12 );


my %lastaccess = ();
open(LOGFILE, "$logfile") or die "Cannot open $logfile: $!\n";
while ()
   chomp;
   if (! /dovecot: (imap|pop3)-login/) { next; }
   my ($monthname, $day, $time, $line) = split('\s+', $_, 4);
   # XXX no space in usernames...
   if ($line !~ /user=<(\S+)>/) { next;}
  
   $lastaccess{$1} = $current_year . "-" . $monthnum{$monthname} . 
"-$day $time";

}
close(LOGFILE);

#foreach (keys %lastaccess) { print "$_: $lastaccess{$_}\n"; }

now you have the timestamp of last access for each user. and you can 
update your table.


to avoid, a lot of UPDATE queries, create a temporrary table in the 
script and use INSERT with multiple values in a single query. then 
UPDATE using the temporary table.



This solution is far from being efficient.The precition is 24 hours
wich is ok for know. I would really love doing this from dovecot. I am
disapointed for not being able to make it work from dovecot.
I use debian Etch & dovecot was compiled by hand, is that important?
  

Re: [Dovecot] mailbox not acceced

[mouss]

Hugo Monteiro wrote:

Osvaldo Alvarez Pozo wrote:

i was looking your mail and as I have a data base i added a field to
de data base I modified the script so it lokks like this.

#!/bin/sh
echo "update mailbox set last_log = now() WHERE username = '$USER'" |
mysql postfix
exec /usr/dovecot/libexec/dovecot/pop3

but nothing gets written to the field.
I think there is a problem with the value of variable $USER, as this
is a shell script.
Any Ideas?

  



You should be using $UID and not $USER.


and
   mysql postfix -e "update "
instead of echo "..." | mysql ...

Re: [Dovecot] mailbox not acceced

[mouss]

Osvaldo Alvarez Pozo wrote:

Hi
I wonder how can I know if a mailbox is not beeing consulted. I mean I
have severals mailboxs but I know some account are not used. I like to
know how to determine wich mail accounts are not beeing used. Is there
any way in dovecot to know the las  time a user loged in to dovecot?
  



you can parse the logs.

Re: [Dovecot] OT: Skins for Squirrelmail - looking for a reminder

[mouss]

Mike Brudenell wrote:

Greetings -

On one of the mailing lists I'm on there was a recent-ish discussion 
about webmail clients, and someone mentioned a site selling sets of 
skins for SquirrelMail... the entire set was about $300.


I'm trying to track down the site but seem to have deleted the message 
I'd carefully been keeping.


I recall an off-topic discussion along these lines here recently, but 
can't locate anything about skins in the archives.  Can anyone recall 
this?  Or am I mis-remembering it as being here on this list?


Confused, but then it is Friday... :-)


google returns
   http://nutsmail.com/orders/browse_products.php

Re: [Dovecot] Can't get apop to work.

[mouss]

Bill Cole wrote:

At 5:20 AM -0800 2/7/08, Greg Lorriman wrote:
 I tried fiddling with PAM by adding an /etc/pam.d/apop file with 
these contents :


It's impossible to support anything but plaintext authentication with
PAM. See http://wiki.dovecot.org/Authentication/Mechanisms and
http://wiki.dovecot.org/Authentication/PasswordSchemes

  I'm not overly worried about PAM; I just want to get APOP working.
But the wiki doesn't give me even the faintest idea, keeping in mind
that I am relatively new to linux. The same applies to all the other
authentication schemes. It only tells me how to change the conf
file, which doesn't appear to be enough.

  Obviously I am missing something here. But I don't know what.


The way APOP works requires the POP3 server to have the user's 
unencrypted password. There is no way around that. This means that if 
you want to support APOP with Dovecot, you need to use a passdb 
configuration that offers access to the password in plaintext. In 
particular that requires using a passdb driver other than 'pam' 
because PAM by design does not provide client programs like Dovecot 
with access to plaintext passwords, and it would be an unusual system 
where PAM itself has access to passwords in any form that can readily 
be translated into plaintext.  The referenced wiki pages and the pages 
they link to explain this in detail, but they do require you to read 
carefully, absorb the meaning, and synthesize your own solution. There 
is no cookbook for getting APOP to work. It always requires a password 
database of some sort that is independent from the operating system's 
standard mechanism, i.e. PAM or /etc/{passwd,shadow}, because non-toy 
OS-level authentication systems never store passwords in any directly 
recoverable form but only in testable forms, i.e. one-way hashes.


On a general conceptual level, any password storage scheme that 
protects passwords in storage limits you to using only plaintext 
authentication mechanisms plus at most one compatible non-plaintext 
mechanism. For example, CRAM-MD5 password storage only allows you to 
support CRAM-MD5 authentication or plaintext authentication. The 
logical design of APOP precludes the use of any minimally secure (i.e. 
one-way hash) password storage scheme because the authentication check 
is based on a hash of the plaintext password and username with a 
one-time-use token.



It is probably a better idea to reconsider why you want APOP at all. 
All APOP provides is protection from someone sniffing out the password 
on the wire. That was a larger risk when APOP was devised than it 
really is today due to the fact that switches have largely supplanted 
hubs and a more complete solution is available with SSL/TLS support. 
APOP doesn't protect mail itself from being sniffed, and comes at the 
cost of requiring the server to store plaintext passwords, which in 
most modern cases is a risk of similar magnitude to the risk of having 
plaintext passwords on the wire. A far better option if your users are 
not locked into archaic clients is to only offer access over 
encrypted  (SSL/TLS) sessions, and allow plaintext (PLAIN and LOGIN) 
authentication mechanisms. That would allow you to use PAM rather than 
a free-standing password database with plaintext passwords that you 
only use for APOP because nothing else that claims to be secure in the 
modern world would ever use such a database.




regarding APOP vulnerabilty:
   http://fse2007.uni.lu/slides/rump/apop.pdf
see also:
   http://www.securityfocus.com/archive/1/464477/30/0/threaded

In particular:

   APOP should be considered broken in the man-in-the-middle setting.
   User should be encouraged to switch to another authentication
   mechanism, such as CRAM-MD5 (or use TLS...).

Re: [Dovecot] Editing sieve scripts via webmail?

[mouss]

Tobias Balle-Petersen wrote:

Hello...

I have dovecot 1.0.10 running with the sieve plugin and virtual users 
(LDAP). My webmail is squirrelmail. I want to allow the users to 
create sieve-scripts via a squirrelmail-plugin. The plugins seems to 
require that the IMAP-server is cyrus.


I don't use squirrel, but you can aks the developpers to add support for 
dovecot (sieve is the same, so this shouldn't be very hard).


What are the options for dovecot?

Thanks,
Tobias

Re: [Dovecot] sa learning from an imap spam folder

[mouss]

Evaggelos Balaskas wrote:

Just because i am too boring to fix it correctly
(move old spam to another location etc - etc),
i have just done this:

crontab -l

10 */1 * * * /bin/ls -1 /var/mail/folders/ebalaskas/.spam/cur | xargs
/usr/local/bin/sa-learn --spam

PS: sorry for being lazy


but not lazy enough to remove the ls and xargs (or do you like pipe 
rigati :)

   /usr/local/bin/sa-learn --spam /var/mail/folders/ebalaskas/.spam/cur/

but it doesn't take much more to write a script:

#!/bin/sh

learn_spam="/usr/local/bin/sa-learn --spam"
spam_dir=/var/mail/folders/ebalaskas/.spam
corpus_dir=${spam_dir}/corpus
aux_dir=${spam_dir}/tolearn

mkdir -p ${corpus_dir}
mkdir -p ${aux_dir_dir}
mv ${spam_dir}/cur/* ${aux_dir}/
${learn_spam} ${aux_dir} && mv ${aux_dir}/* ${corpus_dir}

Re: [Dovecot] Virtual Alias Forwarding

[mouss]

mouss wrote:

Eric Biondi wrote:
I'm having a problem with Dovecot and forwarding of aliases. Any help 
would

be greatly appreciated.

I'm using Postfix, Mysql, dovecot, amavis.

mysql> SELECT * FROM alias;
| address | goto | domain | created | modified | active |

It seems from the logs that incoming mail is being delivered to the 
mailbox
via dovecot. Mail gets to the correct mailbox (address field), 
however, if I
change the destination mailbox (goto) in the alias table in mysql, 
the mail

still goes to the main mailbox (address).
mysql_virtual_alias_maps.cf looks to be configured correctly but I'm
suspecting that dovecot is circumventing that file.   


dovecot does not care about virtual aliases. These are a functionality 
of postfix. The question belongs to the postfix list. post there, but 
provide more infos:

- output of 'postconf -n'
- test lookups with postmap -q. for example
   postmap -q [EMAIL PROTECTED]  
mysql:/etc/postfix/mysql_virtual_alias_maps.cf


and master.cf. My guess is that you disabled virtual aliases when 
setting up amavisd-new filtering.

Re: [Dovecot] Virtual Alias Forwarding

[mouss]

Eric Biondi wrote:

I'm having a problem with Dovecot and forwarding of aliases. Any help would
be greatly appreciated.

I'm using Postfix, Mysql, dovecot, amavis.

mysql> SELECT * FROM alias;
| address | goto | domain | created | modified | active |

It seems from the logs that incoming mail is being delivered to the mailbox
via dovecot. Mail gets to the correct mailbox (address field), however, if I
change the destination mailbox (goto) in the alias table in mysql, the mail
still goes to the main mailbox (address). 


mysql_virtual_alias_maps.cf looks to be configured correctly but I'm
suspecting that dovecot is circumventing that file. 
  


dovecot does not care about virtual aliases. These are a functionality 
of postfix. The question belongs to the postfix list. post there, but 
provide more infos:

- output of 'postconf -n'
- test lookups with postmap -q. for example
   postmap -q [EMAIL PROTECTED]  
mysql:/etc/postfix/mysql_virtual_alias_maps.cf




I'll post maillog entry, dovecot-deliver.log entry, dovecot-mysql.conf,
mysql_virtual_alias_maps.cf, and dovecot.conf below in case that helps.
Thanks in advance for anything that helps me resolve this.

Maillog:
Jan 29 17:23:04 mail postfix/pipe[29368]: D16F657804A: to=<[EMAIL PROTECTED]>,
relay=dovecot, delay=0.03, delays=0.01/0.01/0/0.01, dsn=2.0.0, status=sent
(delivered via dovecot service)

dovecot-deliver.log:
deliver([EMAIL PROTECTED]): Jan 29 17:23:04 Info:
msgid=<[EMAIL PROTECTED]>: saved mail to INBOX

dovecot-mysql.conf:
driver = mysql
connect = host=127.0.0.1 dbname=mail user=sqluser password=sqlpasswd
default_pass_scheme = MD5 # Get the mailbox user_query = SELECT
'/home/vmail/%d/%n' as home, 'maildir:/home/vmail/%d/%n' as mail, 5000 AS
uid, 5000 AS gid, concat('dirsize:storage=', quota) AS quota FROM mailbox
WHERE username = '%u' AND active = '1'
# Get the password
password_query = SELECT username as user, password, '/home/vmail/%d/%n' as
userdb_home, 'maildir:/home/vmail/%d/%n' as userdb_mail, 5000 as userdb_uid,
5000 as userdb_gid FROM mailbox WHERE username = '%u' AND active = '1'
# If using client certificates for authentication, comment the above and
uncomment the following #password_query = SELECT null AS password, '%u' AS
user

mysql_virtual_alias_maps.cf:
user = sqluser
password = sqlpasswd
hosts = 127.0.0.1
dbname = mail
#table = alias
#select_field = goto
#where_field = address
#additional_conditions = and active = '1'
query = SELECT goto FROM alias WHERE address='%s' AND active = '1'

# dovecot -n
# 1.0.7: /etc/dovecot.conf
protocols: imaps pop3s
ssl_listen(default): *:993
ssl_listen(imap): *:993
ssl_listen(pop3): *:995
ssl_cert_file: /etc/pki/tls/certs/mail.domain.com.crt
ssl_key_file: /etc/pki/tls/private/mail.domain.com.pem
disable_plaintext_auth: yes
login_dir: /var/run/dovecot/login
login_executable(default): /usr/libexec/dovecot/imap-login
login_executable(imap): /usr/libexec/dovecot/imap-login
login_executable(pop3): /usr/libexec/dovecot/pop3-login
first_valid_uid: 5000
last_valid_uid: 5000
first_valid_gid: 5000
last_valid_gid: 5000
mail_location: maildir:/home/vmail/%d/%n
mail_executable(default): /usr/libexec/dovecot/imap
mail_executable(imap): /usr/libexec/dovecot/imap
mail_executable(pop3): /usr/libexec/dovecot/pop3
mail_plugin_dir(default): /usr/lib64/dovecot/imap
mail_plugin_dir(imap): /usr/lib64/dovecot/imap
mail_plugin_dir(pop3): /usr/lib64/dovecot/pop3
namespace:
  type: private
  separator: /
  inbox: yes
auth default:
  mechanisms: plain login
  passdb:
driver: pam
  passdb:
driver: sql
args: /etc/dovecot-mysql.conf
  userdb:
driver: passwd
  userdb:
driver: static
args: uid=5000 gid=5000 home=/home/vmail/%d/%n allow_all_users=yes
  userdb:
driver: sql
args: /etc/dovecot-mysql.conf
  socket:
type: listen
client:
  path: /var/spool/postfix/private/auth
  mode: 432
  user: postfix
  group: postfix
master:
  path: /var/run/dovecot/auth-master
  mode: 384
  user: vmail



  

Re: [Dovecot] sa learning from an imap spam folder

[mouss]

[EMAIL PROTECTED] wrote:

This is my approach, stored in /etc/cron.hourly. It's very new, so I'm
still testing
it. 


The goal is to learn HAM massages only if they are a day old, so that I can
manually
remove SPAM that slipped through. Mails tagged from Spamassassin are sorted
automatically into the "Junk.Spam" mailbox and learned after 12 hours. I
manually 
move any missed SPAM into the .Junk mailbox, so I'm sure there are no
wrongly 
tagged messages there, 


what happens if you don't read your mail (vacation, ... etc)?


so I can learn those messages as soon as they are
found
by cron.

  


Consider training on errors only.

I personally use 3 folders:

Junk: tagged spam goes here
Junk/Trash: confirmed or missed spam goes here (manually). goes to 
sa-learn --spam.
Junk/Error: false positives go here (manually of course:). goes to 
sa-learn --ham





/etc/cron.hourly/sa-learn:



#!/bin/sh
 
umask 022
 
# Learn HAM messages which were roughly received between 24 and 25 hours

ago
find \
  /var/vmail/fkware.de/frank.kintrup/Maildir/ \
  -path '/var/vmail/fkware.de/frank.kintrup/Maildir/.Junk*' -prune -o \
  -path '/var/vmail/fkware.de/frank.kintrup/Maildir/.Sent'  -prune -o \
  -path '/var/vmail/fkware.de/frank.kintrup/Maildir/.Trash' -prune -o \
  -path '/var/vmail/fkware.de/frank.kintrup/Maildir/.Draft' -prune -o \
  -iname '*server.fkware.de*' -type f -mmin +1435 -mmin -1505 \
  -execdir sa-learn --username=vmail --no-sync --ham {} \; \
  /dev/nul 2>/dev/nul
 
# Learn and delete SPAM messages which were manually moved to the Junk

folder
find \
  /var/vmail/fkware.de/frank.kintrup/Maildir/.Junk/ \
  -iname '*server.fkware.de*' -type f \
  -execdir sa-learn --username=vmail --no-sync --spam {} \; \
  -execdir rm {} \; \
  >/dev/nul 2>/dev/nul
 
# Learn and delete SPAM messages which were received more than 12 hours ago

# and automatically put into the Junk.Spam folder
find \
  /var/vmail/fkware.de/frank.kintrup/Maildir/.Junk.Spam/ \
  -iname '*server.fkware.de*' -type f -mmin +720 \
  -execdir sa-learn --username=vmail --no-sync --spam {} \; \
  -execdir rm {} \; \
  >/dev/nul 2>/dev/nul
 
sa-learn --username=vmail --sync >/dev/nul
 
exit 0



  

Re: [Dovecot] Thunderbird Problem - What causes this?

[mouss]

Marc Perkel wrote:
Strange problem and I'm not sure what's causing it. I'm using IMAP. A 
new message arives in the inbox. I see it displayed in the message 
list in bold. I click on the message and it looks like it's reading it 
by the previous message that was in the window remains and the new 
message is still bold (unread). However I can then click on an old 
message and then click on the new message again and it reads.


I have also seen Thunderbird be in a somewhat unresponsive state. You 
can click on messages and they don't read. But Shutting down 
Thunderbird and restarting it make it responsive again.


Has anyone seen this?



I've seen this with avast and kaspersky (with "heuristics" enabled). 
I've moved to NOD32 since then.

Re: [Dovecot] dovecot + antispam + sendmail

[mouss]

Nikolay Shopik wrote:
 
I recommend dspam but you have to train it, I usually use spamtraps 
addresses for such job. 


That's not good enough :)

- you need ham as well
- spamtrap as a spam corpus is only ok if the recipient gets similar spam.


I like spamassassin but 95% of it job in my site is bayesian that's 
why I like dspam too.

Re: [Dovecot] dovecot + antispam + sendmail

[mouss]

Anil wrote:

Spamassassin is perl based, so anything other than that?? I want
something that is non perl based.
  



and what else? should its code not contain while loops nor underscores? 
don't get perlers to hate you;-p



both dspam and bogofilter are written in C. These are statistical 
filters that you'll have to train (correctly). They have their own lists 
should you have any questions...

Re: [Dovecot] sieve vacation

[mouss]

Asbjørn Sannes wrote:

I think sieve vacation is cutting off the last line of the vacation
message, is this a known problem?

vacation addresses: "[EMAIL PROTECTED]" "not here now"
Would return an empty message, changing it to:
vacation addresses: "[EMAIL PROTECTED]" "not here now
have a nice day"
And it would send a message with only "not here now" in it, but not
"have a nice day".

  


does your file end with a newline? text files should end with a new 
line, otherwise many line oriented utilities will break. emacs has a 
setting to ask you if you forget one.


here is an eample of a "serious" problem that happens when text files do 
not end with a newline:

# echo "var = value" >> foo.conf







For the record using:
http://dovecot.org/releases/sieve/dovecot-sieve-1.0.2.tar.gz

Mvh,
Asbjørn Sannes


  

Re: [Dovecot] Maildrop script to sieve

[mouss]

Raphael Bittencourt S. Costa wrote:

On Sat, 2008-01-19 at 13:06 +0100, mouss wrote:

  
maildrop scripts are way too flexible to write a general conversion 
program. Unless your scripts have a specific structure and logic, you 
should continue delivering with maildrop. you can build maildrop
without 
authlib (I have this running on one system).


if the scripts have a common "logic", show few of them and we'll see
if 
it is feasible to convert them.






The scripts are written by squirrel's plugin. See an example:

###TO_ '' [EMAIL PROTECTED] '' INBOX.Abuse '' m '' on '' off ''  '' Contains
if (/^(To|Cc):[EMAIL PROTECTED]/:h)
{
to "$MAILDIR/.Abuse"
}

  

did you try
   http://www.squirrelmail.org/plugin_view.php?id=73

If it doesn't do what you want, it is probably easier to start from there.

Re: [Dovecot] Maildrop script to sieve

[mouss]

Raphael Bittencourt S. Costa wrote:

Hi,

I'm working on a system that have about 350K e-mail users and 100k users
that uses maildrop scripts to make filters on their delivery. So,
changing scripts by hand can't be a choice. I  "googled" so much and I
wasn't able to find any script that converts maildrop scripts to sieve.
Does anyone knows where can I find it? 
  


maildrop scripts are way too flexible to write a general conversion 
program. Unless your scripts have a specific structure and logic, you 
should continue delivering with maildrop. you can build maildrop without 
authlib (I have this running on one system).


if the scripts have a common "logic", show few of them and we'll see if 
it is feasible to convert them.



By the way, does anyone uses dovecot-1.1-beta on a production system
with sieve+maildir+lda?