[dovecot 2.3.4.1] Pigeonhole sieve: Howto use vacation extension with virtual users and subject/message stored in database?

[phren--- via dovecot]

Hi,

we're about to replace our current auto-responder with pigeonhole sieve 
vacation extension.

Currently the (virtual) users are able to enable and disable the 
auto-responder, besides subject and message, in the webinterface and the 
setting is stored in a database.

Now we're looking for a way for the vacation extension to use the database as 
source for enabled/disabled/subject/message. The goal is *not* to use the 
virtual home directory as storage.

On the first sight the extdata plugin seems to have an interface to the 
database, but I'm unable to find a way for conditional SQL statements.

Our last resort could be the extprograms plugin, but we try to avoid shell 
scripts.

Virtual users are common usage and so we're pretty sure that there is a way to 
use pigeonhole sieve vacation extension with database storage.
But we're unable to find it.

Can please someone point to us to the right direction?

Every hint is appreciated.
--
Phren





___
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org

Re: Emails automatically thread by subject, no matter how old or unrelated

[Aki Tuomi via dovecot]

> On 01/02/2024 03:49 EET wakod67943--- via dovecot  wrote:
> 
>  
> To preface, I’m using the Crossbox mail client hosted by MXroute. I was 
> directed to Dovecot support when I made my inquiry to the former’s developers.
> 
> Apparently, when you write an email subject that is verbatim to another, 
> previously sent email, the two become linked in a conversation thread.
> 
> I could have an email from 1996 titled “Groceries” and if I make one today 
> titled “Groceries” my inbox would have them connected as one long thread. I’m 
> getting email threads in the 100s because of this.
> 
> Crossbox people have told me it’s not something they have control over. They 
> mentioned it being a Dovecot problem. Has anyone encountered this?
> 
> It would be tremendously inconvenient to ensure that every email I ever send 
> from now on has a unique subject so to as not have them threaded together. 
> Let me be clear, email threading and conversation views are extremely useful. 
> I just want them to be…relevant to the chain of emails that are being looked 
> at.
> 
> Is there a way to group threads by unique header information? It is becoming 
> borderline unusable to sift through invoices.

You could take a look at https://datatracker.ietf.org/doc/html/rfc5256 which 
explains two threading algoritms, ORDEREDSUBJECT and REFERENCES. ORDEREDSUBJECT 
is probably what you are using now, and REFERENCES is the one you'd want to use?

Aki
___
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org

Re: Emails automatically thread by subject, no matter how old or unrelated

[Chad Wallace via dovecot]

On Thu, 01 Feb 2024 01:49:16 -
wakod67943--- via dovecot  wrote:

> To preface, I’m using the Crossbox mail client hosted by MXroute. I
> was directed to Dovecot support when I made my inquiry to the
> former’s developers.
> 
> Apparently, when you write an email subject that is verbatim to
> another, previously sent email, the two become linked in a
> conversation thread.

This is not done by dovecot.  I just sent myself two test emails with
the exact same subject, and they did not appear threaded.  

The threading is controlled by specific headers:  "References" and
"In-Reply-To".  If dovecot were to group the messages by subject, I
would see one of those headers in the second email.  They are not there.

My mail client has a setting called "Attract by subject" that enables
the behaviour you describe.  Check your settings.  Perhaps Crossbox has
something similar.

___
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org

Emails automatically thread by subject, no matter how old or unrelated

[wakod67943--- via dovecot]

To preface, I’m using the Crossbox mail client hosted by MXroute. I was 
directed to Dovecot support when I made my inquiry to the former’s developers.

Apparently, when you write an email subject that is verbatim to another, 
previously sent email, the two become linked in a conversation thread.

I could have an email from 1996 titled “Groceries” and if I make one today 
titled “Groceries” my inbox would have them connected as one long thread. I’m 
getting email threads in the 100s because of this.

Crossbox people have told me it’s not something they have control over. They 
mentioned it being a Dovecot problem. Has anyone encountered this?

It would be tremendously inconvenient to ensure that every email I ever send 
from now on has a unique subject so to as not have them threaded together. Let 
me be clear, email threading and conversation views are extremely useful. I 
just want them to be…relevant to the chain of emails that are being looked at.

Is there a way to group threads by unique header information? It is becoming 
borderline unusable to sift through invoices.
___
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org

Re: Inaccurate results while searching for a phrase in subject (fts-flatcurve)

[ss17]

Thanks Michael for that explanation. So with the addition of tokenization has 
Dovecot lost the ability to search phrases, irrespective of FTS engine. That 
would be a real bummer if true.
___
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org

Re: Inaccurate results while searching for a phrase in subject (fts-flatcurve)

[Michael Slusarz via dovecot]

See below.

> On 05/23/2023 2:14 AM MDT s...@fea.st wrote:
> 
> I had been using the lucene FTS plugin since a decade now and it has done me 
> well. Thought of upgrading to the new & current stuff and came across the 
> flatcurve plugin which seems very promising (xapian on the other hand was 
> creating indexes larger than my mailboxes themselves). I am using following 
> configuration in dovecot.conf:
> 
> fts = flatcurve
> fts_filters_en = lowercase english-possessive stopwords
> fts_languages = en
> fts_tokenizers = generic email-address

^^^ FTS input is being tokenized, so the phrase "/home/johndoe/render.php" will 
be indexed not as a full string but instead separately as "home", "johndoe", 
"render", and "php".

See: 
https://doc.dovecot.org/settings/plugin/fts-plugin/#plugin_setting-fts-fts_tokenizers

This has nothing to do with flatcurve (or any FTS driver) - Dovecot will never 
send the full "/home/johndoe/render.php" to the driver to be indexed.


> fts_autoindex = no
> fts_enforced = yes
> 
> A search command like this:
> 
> doveadm -D search -u j...@doe.com mailbox INBOX SUBJECT 
> "/home/johndoe/render.php"
> 
> should show the messages with subject: "CRON: /home/johndoe/render.php OK" 
> but produces a lot of extra undesired results and I think the second line in 
> this debug output indicates the reason:
> 
> May 23 07:44:13 doveadm(j...@doe.com): Debug: fts-flatcurve(INBOX): Query 
> (hdr_subject:/home/johndoe/render.php*) matches=0 uids=

This is correct, since "/home/johndoe/render.php" was not indexed so there 
should be zero results.


> May 23 07:44:13 doveadm(j...@doe.com): Debug: fts-flatcurve(INBOX): Query 
> (hdr_subject:php* AND hdr_subject:render* AND hdr_subject:johndoe* AND 
> hdr_subject:home*) matches=272 

And this is also correct, as the search phrase is attempted by searching both 
its full string and also all of its tokenized components.  (Both the original 
text and all search terms are processed through the tokenizer before passing to 
a FTS driver.)


> I tried rebuilding the indexes with "fts_flatcurve_substring_search = yes" 
> too but that didn't change anything. It works as expected with lucene plugin 
> because in that case header search is performed via dovecot indexes instead 
> of FTS. May be I am not doing something right in configuring this new FTS? 

I'm not a lucene expert... but with the old lucene plugin, you were almost 
certainly using it without Dovecot tokenization support, since the plugin 
predates it (I think) - using Dovecot tokenization would have required 
'use_libfts' to be present in the fts_lucene setting (which I doubt was ever 
documented).  I believe Dovecot was just doing simple white-space tokenization 
instead, so lucene code/library was likely receiving the full string and doing 
internal tokenization.

michael
___
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org

Inaccurate results while searching for a phrase in subject (fts-flatcurve)

[ss17]

Hi,

I had been using the lucene FTS plugin since a decade now and it has done me 
well. Thought of upgrading to the new & current stuff and came across the 
flatcurve plugin which seems very promising (xapian on the other hand was 
creating indexes larger than my mailboxes themselves). I am using following 
configuration in dovecot.conf:

fts = flatcurve
fts_filters_en = lowercase english-possessive stopwords
fts_languages = en
fts_tokenizers = generic email-address
fts_autoindex = no
fts_enforced = yes

A search command like this:

doveadm -D search -u j...@doe.com mailbox INBOX SUBJECT 
"/home/johndoe/render.php"

should show the messages with subject: "CRON: /home/johndoe/render.php OK" but 
produces a lot of extra undesired results and I think the second line in this 
debug output indicates the reason:

May 23 07:44:13 doveadm(j...@doe.com): Debug: fts-flatcurve(INBOX): Query 
(hdr_subject:/home/johndoe/render.php*) matches=0 uids=
May 23 07:44:13 doveadm(j...@doe.com): Debug: fts-flatcurve(INBOX): Query 
(hdr_subject:php* AND hdr_subject:render* AND hdr_subject:johndoe* AND 
hdr_subject:home*) matches=272 
uids=67041,67085,67188,67223,67257,67290,67323,67355,67395,67564,67770,67817,67863,67985,68819,69512,69572,69635,69737,70017,70058,70086,70125,70147,70191,70296,70304,70331,70340,70350,70354,70375,70407,70417,70427,70449,70499,70521:70522,70535:70550,70555,70561:70563,70591,70597:70599,70662,70685,70702,70708,70718:70719,70724,70727:70728,70730:70733,70735,70746:70747,70754,70775,70777,70794,70811:70812,70822,70866,70942,70948,70971,71017,71021,71040,71042,71075,71079,71084,71113,71128:71129,71131,71152,71160,71184,71188,71208,71214,71225,71255,71269,71297,71300,71331,71375,71422,71449,71457,71467,71469,71495,71515,71605,71626,71632,71649,71672,71681:71682,71689,71692,71699,71716,71757,71770,71777,71782:71785,71790,71795,71797,71814,71818:71819,71828,71838:71842,71845,71859:71860,71937,71947,71954,71960,71963:7
 
1964,71977,71990,72014,72021:72022,72030,72034:72042,72045:72046,72049,72056,72061,72063,72073:72074,72083,72088,72090,72092,72101,72108,72129,72131:72132,72134,72136:72140,72159,72163,72172:72173,72186,72212,72218:72223,72237,72239,72246,72267,72288,72387,72410,72446,72469,72476:72477,72514,72541,72543,72568:72569,72572:72574,72598,72604,72606,72609,72644,72674,72687,72691,72694,72734,72772,72791,72797,72799,72803,72832:72833,72835:72841,72856:72857,72866:72867,72873:72874,72901,72930,72938,72948,72960,72965,72976,73018,73037,73071,73081,73116,73158,73249,73307,73352,73392,73466,73533,73601,73670,73733,73775,73784:73786,73804,73807,73811,73815,73819,73823,73825,73831,73842,73846,74005,74199,74390,74540,74684,74854,75017,75192,75354,75525,75710,75839:75843,75845,75903,75984:75985,76091,76263,76447,76624,76816,76989,77091:77092,77097,77119,77155,77293,77460,77608,77761,77908,78066,78218,78393,78400:78401,78522:78523,78560,78728,78921,79104,79298,79504,79555,79898,80027,80031:80032,80
 034:80035,80037,80056,80071,80073,80077:80079,80082:80084,80086,80089

I tried rebuilding the indexes with "fts_flatcurve_substring_search = yes" too 
but that didn't change anything. It works as expected with lucene plugin 
because in that case header search is performed via dovecot indexes instead of 
FTS. May be I am not doing something right in configuring this new FTS? Will 
really appreciate some pointers here.

Thanks,
Sam
___
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org

sieve script to alter subject of incoming message after lookup

[Marc]

Is it possible with sieve to :

1. get sender of an email
2. lookup if this sender is present in an mailbox
3. if the sender is known, change the subject of the email.
   if the sender is not known, do nothing.
4. put/leave message in inbox.


or maybe use dictionary (not really familiar with this)

1. get sender of an email
2. lookup if this sender is present in an dictionary
3. if the sender is known, change the subject of the email.
   if the sender is not known, do nothing.
4. put/leave message in inbox.

But then I need something like
1. if message is dragged into a specific mailbox/folder
2. add sender to dictionary

1. if message is removed from a specific mailbox/folder
2. remove sender from dictionary

Re: how to delete attachment and replace some words in subject

[Aki Tuomi]

> On 10/12/2021 10:08 lujie  wrote:
> 
> 
> hi, all,
> I need to filter email as follow rules:
> 1, delete the attachments;
> 2, replace some word in subject with code;
> 3, redirect to other email with the modified subject and original text in 
> body.
> 
> sieve and exrprograms used in my script. But error in run sieve script while 
> try to set body text , which contains invalid character "cr lf".
> 
> Thanks.
> 
> 
> --
> Best Regards,
> 
> Jessica
> 

Sieve extprograms is the way to go, can you provide your configuration & 
scripts so we can maybe see what's going wrong?

Aki

how to delete attachment and replace some words in subject

[lujie]

hi, all,
I need to filter email as follow rules:
1, delete the attachments;
2, replace some word in subject with code;
3, redirect to other email with the modified subject and original text in body.


sieve and exrprograms used in my script. But error in run sieve script while 
try to set body text , which contains invalid character "cr lf".




Thanks.







--

Best Regards,


Jessica

[no subject]

[Stephen Blackwell]

I want to disable the time penalty for dovecot imap authentication. When
receiving a valid user-password combo the server responds in .04 seconds.
When I send in an invalid comination it will either respond in 1.544 or
2.044 seconds += .002

I am using dovecot to test a program that sends a login request to a server
and processes the response. I want to be able to send a series of valid and
invalid login attempts.

The issue is that with the 2 seconds delay for a bad login attempt, the
tests are too slow to run in production

I can see that the delay is defined in auth-penalty.h Is there a way, in
the config file, to set AUTH_PENALTY_INIT_SECS = 0, or any other way to
remove the time delay for an invalid login.

I am running dovecot version 2.2.33.2
I am running without root permissions
I do not want to make changes outside of the dovecot config file, password
file, or run folder.

-- 
Stephen

[no subject]

[??????]

hello  I have some error by LMTP:
Mar 09 13:26:42 imap-hibernate(q...@a.com)<90154

[no subject]

[Guillaume via dovecot]

--- Begin Message ---
OK I find out how to extract core dump (sorry), hope this will help you.

gdb /usr/lib/dovecot/auth /var/core/core.28304
GNU gdb (Debian 7.12-6) 7.12.0.20161007-git
Copyright (C) 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later 
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
.
Find the GDB manual and other documentation resources online at:
.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /usr/lib/dovecot/auth...Reading symbols from 
/usr/lib/debug/.build-id/ba/4974feed8c926e0d6e8d26659c583048a500f4.debug...done.
done.
[New LWP 28304]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Core was generated by `dovecot/auth -w'.
Program terminated with signal SIGABRT, Aborted.
#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
51  ../sysdeps/unix/sysv/linux/raise.c: Aucun fichier ou dossier de ce type.
(gdb) bt full
#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
set = {__val = {0, 2319406792476865588, 3472328228581767026, 
3472310704041635888, 3966017812923691066, 7148958857402934374, 
7089904100555370544, 3472328519666906169, 3472310978869031456, 
3467824696600506928, 3979267959132535352, 
2314885638479426609, 2314885530818453536, 2314885530818453536, 
3907004821653777455, 8461816663211521631}}
pid = 
tid = 
#1  0x7fdb930a642a in __GI_abort () at abort.c:89
save_stage = 2
act = {__sigaction_handler = {sa_handler = 0x7220303030373836, 
sa_sigaction = 0x7220303030373836}, sa_mask = {__val = {3472328295963438381, 
4192904167887482928, 2314885531086893104, 2314885530818453536, 
2314885530818453536, 8528445641706184736, 
  7378645557150114166, 3472336027269751652, 3774971303630941488, 
8223625903104145462, 3472328295963457581, 4192904167887482928, 
2314885531086893104, 2314885530818453536, 2314885530818453536, 
140727898588176}}, sa_flags = 89, 
  sa_restorer = 0x7ffdc467c410}
sigs = {__val = {32, 0 }}
#2  0x7fdb930e2c00 in __libc_message (do_abort=do_abort@entry=2, 
fmt=fmt@entry=0x7fdb931d7d98 "*** Error in `%s': %s: 0x%s ***\n") at 
../sysdeps/posix/libc_fatal.c:175
ap = {{gp_offset = 40, fp_offset = 0, overflow_arg_area = 
0x7ffdc467c420, reg_save_area = 0x7ffdc467c3b0}}
fd = 2
on_2 = 
list = 
nlist = 
cp = 
written = 
#3  0x7fdb930e8fc6 in malloc_printerr (action=3, str=0x7fdb931d7ef0 "double 
free or corruption (fasttop)", ptr=, ar_ptr=) at 
malloc.c:5049
buf = "562c3664bf70"
cp = 
ar_ptr = 
ptr = 
str = 0x7fdb931d7ef0 "double free or corruption (fasttop)"
action = 3
#4  0x7fdb930e980e in _int_free (av=0x7fdb9340bb00 , 
p=0x562c3664bf60, have_lock=0) at malloc.c:3905
size = 
fb = 
nextchunk = 
nextsize = 
nextinuse = 
prevsize = 
bck = 
fwd = 
errstr = 
locked = 
__func__ = "_int_free"
#5  0x7fdb923e978f in mysql_close (mysql=0x562c3662f9b0) at 
./libmariadb/libmariadb/mariadb_lib.c:1939
No locals.
#6  0x562c3457868c in driver_sqlpool_disconnect (_db=0x562c3662ea80) at 
driver-sqlpool.c:590
conn__foreach_end = 0x562c3662f160
db = 0x562c3662ea80
conn = 0x562c3662f150
#7  0x562c3456e0b5 in db_sql_unref (_conn=0x562c36624ff0) at db-sql.c:128
conn = 0x562c3662e6b8
#8  0x562c345669d9 in userdb_deinit (userdb=0x562c36624fc8) at userdb.c:191
idx = 0
__func__ = "userdb_deinit"
#9  0x562c3454ac89 in auth_deinit (auth=0x562c36624d28) at auth.c:335
passdb = 
userdb = 0x562c36624ee8
#10 auths_deinit () at auth.c:433
auth__foreach_end = 0x562c3662e628
auth = 0x562c3662e620
#11 0x562c34549800 in main_deinit () at main.c:271
l = 
#12 main (argc=, argv=) at main.c:398
c = 

gdb /usr/lib/dovecot/auth /var/core/core.28358
GNU gdb (Debian 7.12-6) 7.12.0.20161007-git
Copyright (C) 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later 
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:

[no subject]

[Guillaume via dovecot]

--- Begin Message ---
Hi !

First of all thanks for all your doing :)

I also have this kind of segfault since the update :

Dec  2 21:12:11 xxx dovecot: auth-worker: Error: *** Error in 
`dovecot/auth': double free or corruption (fasttop): 0x55573bb99f70 ***
Dec  2 21:12:11 xxx dovecot: auth-worker: Error: === Backtrace: 
=
Dec  2 21:12:11 xxx dovecot: auth-worker: Error: 
/lib/x86_64-linux-gnu/libc.so.6(+0x70bfb)[0x7f961ab00bfb]
Dec  2 21:12:11 xxx dovecot: auth-worker: Error: 
/lib/x86_64-linux-gnu/libc.so.6(+0x76fc6)[0x7f961ab06fc6]
Dec  2 21:12:11 xxx dovecot: auth-worker: Error: 
/lib/x86_64-linux-gnu/libc.so.6(+0x7780e)[0x7f961ab0780e]
Dec  2 21:12:11 xxx dovecot: auth-worker: Error: 
/usr/lib/x86_64-linux-gnu/libmariadbclient.so.18(mysql_close+0x12f)[0x7f9619e0778f]
Dec  2 21:12:11 xxx dovecot: auth-worker: Error: 
dovecot/auth(+0x3f68c)[0x55573b84a68c]
Dec  2 21:12:11 xxx dovecot: auth-worker: Error: 
dovecot/auth(db_sql_unref+0x15)[0x55573b8400b5]
Dec  2 21:12:11 xxx dovecot: auth-worker: Error: 
dovecot/auth(userdb_deinit+0x99)[0x55573b8389d9]
Dec  2 21:12:11 xxx dovecot: auth-worker: Error: 
dovecot/auth(auths_deinit+0x79)[0x55573b81cc89]
Dec  2 21:12:11 xxx dovecot: auth-worker: Error: 
dovecot/auth(main+0x3d0)[0x55573b81b800]
Dec  2 21:12:11 xxx dovecot: auth-worker: Error: 
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf1)[0x7f961aab02e1]
Dec  2 21:12:11 xxx dovecot: auth-worker: Error: 
dovecot/auth(_start+0x2a)[0x55573b81ba0a]
Dec  2 21:12:11 xxx dovecot: auth-worker: Error: === Memory map: 

Dec  2 21:12:11 xxx dovecot: auth-worker: Error: 55573b80b000-55573b865000 
r-xp  08:02 42337430   /usr/lib/dovecot/auth
Dec  2 21:12:11 xxx dovecot: auth-worker: Error: 55573ba64000-55573ba67000 
r--p 00059000 08:02 42337430   /usr/lib/dovecot/auth
Dec  2 21:12:11 xxx dovecot: auth-worker: Error: 55573ba67000-55573ba69000 
rw-p 0005c000 08:02 42337430   /usr/lib/dovecot/auth
Dec  2 21:12:11 xxx dovecot: auth-worker: Error: 55573bb64000-55573bbaf000 
rw-p  00:00 0  [heap]
Dec  2 21:12:11 xxx dovecot: auth-worker: Error: 7f961400-7f9614021000 
rw-p  00:00 0
Dec  2 21:12:11 xxx dovecot: auth-worker: Error: 7f9614021000-7f961800 
---p  00:00 0
Dec  2 21:12:11 xxx dovecot: auth-worker: Error: 7f9618d98000-7f9618dae000 
r-xp  08:02 39714820   
/lib/x86_64-linux-gnu/libgcc_s.so.1
Dec  2 21:12:11 xxx dovecot: auth-worker: Error: 7f9618dae000-7f9618fad000 
---p 00016000 08:02 39714820   
/lib/x86_64-linux-gnu/libgcc_s.so.1
Dec  2 21:12:11 xxx dovecot: auth-worker: Error: 7f9618fad000-7f9618fae000 
r--p 00015000 08:02 39714820   
/lib/x86_64-linux-gnu/libgcc_s.so.1
Dec  2 21:12:11 xxx dovecot: auth-worker: Error: 7f9618fae000-7f9618faf000 
rw-p 00016000 08:02 39714820   
/lib/x86_64-linux-gnu/libgcc_s.so.1
Dec  2 21:12:11 xxx dovecot: auth-worker: Error: 7f9618faf000-7f9618fb9000 
r-xp  08:02 39714834   
/lib/x86_64-linux-gnu/libnss_files-2.24.so
Dec  2 21:12:11 xxx dovecot: auth-worker: Error: 7f9618fb9000-7f96191b9000 
---p a000 08:02 39714834   
/lib/x86_64-linux-gnu/libnss_files-2.24.so
Dec  2 21:12:11 xxx dovecot: auth-worker: Error: 7f96191b9000-7f96191ba000 
r--p a000 08:02 39714834   
/lib/x86_64-linux-gnu/libnss_files-2.24.so
Dec  2 21:12:11 xxx dovecot: auth-worker: Error: 7f96191ba000-7f96191bb000 
rw-p b000 08:02 39714834   
/lib/x86_64-linux-gnu/libnss_files-2.24.so
Dec  2 21:12:11 xxx dovecot: auth-worker: Error: 7f96191bb000-7f96191c1000 
rw-p  00:00 0
Dec  2 21:12:11 xxx dovecot: auth-worker: Error: 7f96191c1000-7f961942b000 
r-xp  08:02 41813615   
/usr/lib/x86_64-linux-gnu/libcrypto.so.1.1
Dec  2 21:12:11 xxx dovecot: auth-worker: Error: 7f961942b000-7f961962b000 
---p 0026a000 08:02 41813615   
/usr/lib/x86_64-linux-gnu/libcrypto.so.1.1
Dec  2 21:12:11 xxx dovecot: auth-worker: Error: 7f961962b000-7f9619649000 
r--p 0026a000 08:02 41813615   
/usr/lib/x86_64-linux-gnu/libcrypto.so.1.1
Dec  2 21:12:11 xxx dovecot: auth-worker: Error: 7f9619649000-7f9619657000 
rw-p 00288000 08:02 41813615   
/usr/lib/x86_64-linux-gnu/libcrypto.so.1.1
Dec  2 21:12:11 xxx dovecot: auth-worker: Error: 7f9619657000-7f961965a000 
rw-p  00:00 0
Dec  2 21:12:11 xxx dovecot: auth-worker: Error: 7f961965a000-7f96196bd000 
r-xp  08:02 41814649   
/usr/lib/x86_64-linux-gnu/libssl.so.1.1
Dec  2 21:12:11 xxx dovecot: auth-worker: Error: 7f96196bd000-7f96198bc000 
---p 00063000 08:02 41814649   
/usr/lib/x86_64-linux-gnu/libssl.so.1.1
Dec  2 21:12:11 xxx 

[no subject]

[Pavel Stratil via dovecot]

--- Begin Message ---

Hi everyone,

after switching to ubuntu (from debian) and running a newer dovecot 
--version 2.2.33.2 (d6601f4ec) i encountered a problem with configuring 
sieve. The mailserver has virtual maila accounts stored in /decrypted/%d/%n


Prior, i used

plugin {
  sieve = ~/.dovecot.sieve
  sieve_dir = ~/sieve
  sieve_before = /etc/dovecot/sieve/before.d
}

after the upgrade, I moved the sieve_before location on disk and changed 
this to


plugin {
  sieve = file:~/sieve;active=~/.dovecot.sieve
  sieve_before = /var/lib/dovecot/sieve/before.d
}

only to see that sieve didnt forward e-mails anymore. Looking at the 
logs below, i suspect, that I didnt understood the meaning of sieve = 
file:~/sieve;active=~/.dovecot.sieve correctly:



Dec  2 16:01:57 vao01 dovecot: lmtp(events@industra.space): Debug: 
Module loaded: /usr/lib/dovecot/modules/lib90_sieve_plugin.so
Dec  2 16:01:57 vao01 dovecot: lmtp(events@industra.space): Debug: 
sieve: Pigeonhole version 0.4.21 (92477967) initializing
Dec  2 16:01:57 vao01 dovecot: lmtp(events@industra.space): Debug: 
sieve: include: sieve_global is not set; it is currently not possible to 
include `:global' scripts.
Dec  2 16:01:57 vao01 dovecot: lmtp(events@industra.space): Debug: 
gPtsCPUBBFwMFQAA9mr2oQ: sieve: file storage: Using active Sieve script 
path: /decrypted/industra.space/events/.dovecot.sieve
Dec  2 16:01:57 vao01 dovecot: lmtp(events@industra.space): Debug: 
gPtsCPUBBFwMFQAA9mr2oQ: sieve: file storage: Using script storage path: 
/decrypted/industra.space/events/sieve
Dec  2 16:01:57 vao01 dovecot: lmtp(events@industra.space): Debug: 
gPtsCPUBBFwMFQAA9mr2oQ: sieve: file storage: Relative path to sieve 
storage in active link: sieve/
Dec  2 16:01:57 vao01 dovecot: lmtp(events@industra.space): Debug: 
gPtsCPUBBFwMFQAA9mr2oQ: sieve: file storage: Using Sieve script path: 
/decrypted/industra.space/events/.dovecot.sieve
Dec  2 16:01:57 vao01 dovecot: lmtp(events@industra.space): Debug: 
gPtsCPUBBFwMFQAA9mr2oQ: sieve: file storage: Storage path 
`/decrypted/industra.space/events/.dovecot.sieve' not found
Dec  2 16:01:57 vao01 dovecot: lmtp(events@industra.space): Debug: 
gPtsCPUBBFwMFQAA9mr2oQ: sieve: User has no active script in storage 
`/decrypted/industra.space/events/sieve'
Dec  2 16:01:57 vao01 dovecot: lmtp(events@industra.space): Debug: 
gPtsCPUBBFwMFQAA9mr2oQ: sieve: User has no personal script
Dec  2 16:01:57 vao01 dovecot: lmtp(events@industra.space): Debug: 
gPtsCPUBBFwMFQAA9mr2oQ: sieve: file storage: Using script storage path: 
/var/lib/dovecot/sieve/before.d
Dec  2 16:01:57 vao01 dovecot: lmtp(events@industra.space): Debug: 
gPtsCPUBBFwMFQAA9mr2oQ: sieve: file script: Opened script `move-spam' 
from `/var/lib/dovecot/sieve/before.d/move-spam.sieve'
Dec  2 16:01:57 vao01 dovecot: lmtp(events@industra.space): Debug: 
gPtsCPUBBFwMFQAA9mr2oQ: sieve: Executed before user's personal Sieve 
script(1): /var/lib/dovecot/sieve/before.d/move-spam.sieve
Dec  2 16:01:57 vao01 dovecot: lmtp(events@industra.space): Debug: 
gPtsCPUBBFwMFQAA9mr2oQ: sieve: Opening script 1 of 1 from 
`/var/lib/dovecot/sieve/before.d/move-spam.sieve'
Dec  2 16:01:57 vao01 dovecot: lmtp(events@industra.space): Debug: 
gPtsCPUBBFwMFQAA9mr2oQ: sieve: Loading script 
/var/lib/dovecot/sieve/before.d/move-spam.sieve
Dec  2 16:01:57 vao01 dovecot: lmtp(events@industra.space): Debug: 
gPtsCPUBBFwMFQAA9mr2oQ: sieve: Script binary 
/var/lib/dovecot/sieve/before.d/move-spam.svbin successfully loaded
Dec  2 16:01:57 vao01 dovecot: lmtp(events@industra.space): Debug: 
gPtsCPUBBFwMFQAA9mr2oQ: sieve: binary save: not saving binary 
/var/lib/dovecot/sieve/before.d/move-spam.svbin, because it is already 
stored
Dec  2 16:01:57 vao01 dovecot: lmtp(events@industra.space): Debug: 
gPtsCPUBBFwMFQAA9mr2oQ: sieve: Executing script from 
`/var/lib/dovecot/sieve/before.d/move-spam.svbin'
Dec  2 16:01:57 vao01 dovecot: lmtp(events@industra.space): 
gPtsCPUBBFwMFQAA9mr2oQ: sieve: 
msgid=: stored mail into 
mailbox 'INBOX'


After changing this to

sieve = file:/decrypted/%d/%n/sieve;active=/decrypted/%d/%n/.dovecot.sieve

I got working sieve rules that forward mails correctly again, but at the 
same time I loose the ability to let users edit their sieve scripts via 
the roundcube managesieve plugin (roundcube reported an unknown error), 
but dovecot complained that the active file wasnt a symlink. I tried 
several combinations of configuring this, but I seem to miss some 
important point. Would you kindly help me get this right? Configs are 
attached.


Thanks in advance, Pavel


root@vao01:/var/www/roundcube/plugins/managesieve# cat config.inc.php 
http://php.net/manual/en/context.ssl.php
// The example below enables server certificate validation
//$config['managesieve_conn_options'] = array(
//  'ssl' => array(
// 'verify_peer'  => true,
// 'verify_depth' => 3,
// 'cafile'   => '/etc/openssl/certs/ca.crt',
//   ),
// );
$config['managesieve_conn_options'] = null;

[no subject]

[Joan Moreau via dovecot]

--- Begin Message ---
Hi 

How to solve this ? 

So many similar segfaults 

Thank you 


On 2018-11-30 06:11, Joan Moreau wrote:

ANother (very very long) example : 


# gdb /usr/libexec/dovecot/indexer-worker 
core.indexer-worker.0.3a33f56105e043de802a7dfcee265a07.21017.154353342400
GNU gdb (GDB) 8.2
Copyright (C) 2018 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later 
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-pc-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
.
Find the GDB manual and other documentation resources online at:
. 


For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /usr/libexec/dovecot/indexer-worker...done.
[New LWP 21017]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/usr/lib/libthread_db.so.1".
Core was generated by `dovecot/indexer-worker'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0x7f768b62b13e in file_lock_do (fd=18, path=0x564540376790 "/data/mail/grosjo.net/admin/mailboxes/QoS/dbox-Mails/dovecot.index.search", lock_type=0, 
lock_method=FILE_LOCK_METHOD_FCNTL, timeout_secs=60, error_r=0x7fff045010b0) at file-lock.c:173

173 {
(gdb) bt full
#0 0x7f768b62b13e in file_lock_do (fd=18, path=0x564540376790 "/data/mail/grosjo.net/admin/mailboxes/QoS/dbox-Mails/dovecot.index.search", lock_type=0, 
lock_method=FILE_LOCK_METHOD_FCNTL, timeout_secs=60, error_r=0x7fff045010b0) at file-lock.c:173

lock_type_str = 
started = 
ret = 
__func__ = "file_lock_do"
#1 0x7f768b62b5b6 in file_wait_lock_error (fd=18, path=0x564540376790 "/data/mail/grosjo.net/admin/mailboxes/QoS/dbox-Mails/dovecot.index.search", lock_type=0, 
lock_method=FILE_LOCK_METHOD_FCNTL, timeout_secs=, lock_r=0x7fff04501118, error_r=0x7fff045010b0) at file-lock.c:318

lock = 
ret = 
#2 0x7f768b62b660 in file_wait_lock (fd=, path=, lock_type=lock_type@entry=0, lock_method=, timeout_secs=timeout_secs@entry=60, 
lock_r=lock_r@entry=0x7fff04501118) at file-lock.c:303

error = 0x564540376490 ""
ret = 
#3 0x7f768a976c87 in squat_trie_lock (trie=0x564540376490, lock_type=0, 
file_lock_r=0x7fff04501118, dotlock_r=0x7fff04501120) at squat-trie.c:294
ret = 
dotlock_r = 0x7fff04501120
file_lock_r = 0x7fff04501118
trie = 0x564540376490
ret = 
__func__ = "squat_trie_lock"
lock_type = 0
ret = 
__func__ = "squat_trie_lock"
#4 0x7f768a978627 in squat_trie_map (trie=0x564540376490, building=) at squat-trie.c:1487
file_lock = 0x0
dotlock = 0x0
changed = 
ret = 
#5 0x7f768a97b19d in squat_uidlist_map_header (uidlist=0x5645403767f0) at 
squat-uidlist.c:378
No locals.
#6 squat_uidlist_map (uidlist=0x5645403767f0) at squat-uidlist.c:477
mmap_hdr = 
ret = 
#7 0x7f768a97b432 in squat_uidlist_open (uidlist=0x5645403767f0) at 
squat-uidlist.c:546
No locals.
#8 0x7f768a97b5aa in squat_uidlist_refresh (uidlist=) at 
squat-uidlist.c:569
No locals.
#9 0x7f768a9787c2 in squat_trie_map (trie=0x564540376490, building=) at squat-trie.c:1526
file_lock = 0x56454210c850
dotlock = 0x0
changed = 
ret = 
#10 0x7f768a97b19d in squat_uidlist_map_header (uidlist=0x5645403767f0) at 
squat-uidlist.c:378
No locals.
#11 squat_uidlist_map (uidlist=0x5645403767f0) at squat-uidlist.c:477
mmap_hdr = 
ret = 
#12 0x7f768a97b432 in squat_uidlist_open (uidlist=0x5645403767f0) at 
squat-uidlist.c:546
No locals.
#13 0x7f768a97b5aa in squat_uidlist_refresh (uidlist=) at 
squat-uidlist.c:569
No locals.
#14 0x7f768a9787c2 in squat_trie_map (trie=0x564540376490, building=) at squat-trie.c:1526
file_lock = 0x56454210c7b0
dotlock = 0x0
changed = 
ret = 
#15 0x7f768a97b19d in squat_uidlist_map_header (uidlist=0x5645403767f0) at 
squat-uidlist.c:378
No locals.
#16 squat_uidlist_map (uidlist=0x5645403767f0) at squat-uidlist.c:477
mmap_hdr = 
ret = 
#17 0x7f768a97b432 in squat_uidlist_open (uidlist=0x5645403767f0) at 
squat-uidlist.c:546
No locals.
#18 0x7f768a97b5aa in squat_uidlist_refresh (uidlist=) at 
squat-uidlist.c:569
No locals.
#19 0x7f768a9787c2 in squat_trie_map (trie=0x564540376490, building=) at squat-trie.c:1526
file_lock = 0x56454210c710
dotlock = 0x0
changed = 
ret = 
#20 0x7f768a97b19d in squat_uidlist_map_header (uidlist=0x5645403767f0) at 
squat-uidlist.c:378
No locals.
#21 squat_uidlist_map (uidlist=0x5645403767f0) at squat-uidlist.c:477
mmap_hdr = 
ret = 
#22 0x7f768a97b432 in squat_uidlist_open (uidlist=0x5645403767f0) at 
squat-uidlist.c:546
No locals.
#23 0x7f768a97b5aa in squat_uidlist_refresh (uidlist=) at 
squat-uidlist.c:569
No locals.
#24 0x7f768a9787c2 in squat_trie_map (trie=0x564540376490, 

[no subject]

[Root Kev]

Dovecot Version: 2.3.2.1

Hello Mailing List,

We are having a random issue in a couple of our production servers, where
one of the child processes randomly dies with an out of memory error (see
below):

Nov 26 11:58:17 config: Fatal: pool_system_malloc(8192): Out of memory
Nov 26 11:58:17 pop3-login: Fatal: Error reading configuration:
read(/var/run/dovecot/config) failed: EOF
Nov 26 11:58:17 config: Fatal: master: service(config): child 29696
returned error 83 (Out of memory (service config { vsz_limit=2048 MB }, you
may need to increase it) - set CORE_OUTOFMEM=1 environment to get core dump)

We only use dovecot for internal application POP3 mail access from a
mailbox, and there is under 10 connecting applications.  Have have
gradually increased the vsz_limit from the default of 256mb up to 2GB now.
Is there anything else that should/could be changed instead of continuing
to through memory at it?



# dovecot -n
# 2.3.2.1 (0719df592): /etc/dovecot/dovecot.conf
# OS: Linux 3.10.0-862.11.6.el7.x86_64 x86_64 CentOS Linux release 7.5.1804
(Core)
# Hostname: 
doveconf: Warning: please set ssl_dh= /etc/dovecot/dh.pem
auth_cache_size = 10 M
auth_verbose = yes
base_dir = /var/run/dovecot/
default_vsz_limit = 2 G
instance_name = EMX Pop Mailstore
listen = 
log_path = /var/log/dovecot-echo.log
login_greeting = Pop3 MailServer Ready.
login_trusted_networks = 
mail_location = maildir:~/Maildir
namespace inbox {
  inbox = yes
  location =
  mailbox Drafts {
special_use = \Drafts
  }
  mailbox Junk {
special_use = \Junk
  }
  mailbox Sent {
special_use = \Sent
  }
  mailbox "Sent Messages" {
special_use = \Sent
  }
  mailbox Trash {
special_use = \Trash
  }
  prefix =
}
passdb {
  args = cache_key=%u
  driver = pam
}
protocols = pop3
ssl_cert = 

[no subject]

[Jarrad]

Unsubscribe

[no subject]

[Aki Tuomi]

---Aki TuomiDovecot oy

Dovecot Quota and subject utf-8

[Danilo G. Baio]

Hi.

When a user is over quota and a message is rejected, it sends a message back
changing partially the subject (depending on the size). 

With utf-8 it breaks the information, we noticed this behavior when the subject
line uses utf-8 and it is broken in more than one line:

Subject:
Quêm casé erat vim id, vix ín dicit putânt, minim çónsequuntur ea iús. Agam
cetêro tê eôs, ád vim ipsum tantâs expetêndis. Ut prõ vidit diçit iudicabit,
cum út çômmódo

Subject of a delivered message:
Subject: =?UTF-8?Q?Qu=C3=AAm_cas=C3=A9_erat_vim_id=2C_vix_=C3=ADn_dicit_p?=
 =?UTF-8?Q?ut=C3=A2nt=2C_minim_=C3=A7=C3=B3nsequuntur_ea_i=C3=BAs=2E_Agam_?=
 =?UTF-8?Q?cet=C3=AAro_t=C3=AA_e=C3=B4s=2C_=C3=A1d_vim_ipsum_tant=C3=A2s_e?=
 =?UTF-8?Q?xpet=C3=AAndis=2E_Ut_pr=C3=B5_vidit_di=C3=A7it_iudicabit=2C_cum?=
 =?UTF-8?Q?_=C3=BAt_=C3=A7=C3=B4mm=C3=B3do?=

Subject of a message rejected with Dovecot Quota:
Subject: Rejected: 
=?UTF-8?Q?Qu=C3=AAm_cas=C3=A9_erat_vim_id=2C_vix_=C3=ADn_dicit_p?=? =?...
Auto-Submitted: auto-replied (rejected)
Precedence: bulk

https://pastebin.com/raw/SWJJARga

Regards.
-- 
Danilo G. Baio (dbaio)


signature.asc
Description: PGP signature

[no subject]

[Rebel Mee]

Is FTS needed for Subject/Recipient/Sender server-side searches?

[Sebastian Arcus]

I've had a number of Dovecot installs happily running for quite a few 
years now, but I've just stumbled over a new issue. I am trying to get 
some iPhones to do server-side email searches through 
ActiveSync/Exchange protocol -> Horde -> Dovecot.


The bit I can't figure out is if I need to enable and configure FTS in 
Dovecot for that to work? I've tested server-side email searches against 
the same Dovecot server on Thunderbird - through IMAP (there is an 
option to force the search on the server in Thunderbird) - and it is 
working really well and fast. I am only really interested in 
Sender/Recipient/Subject searches.


Server-side searching is not working at the moment on the iPhones side - 
although I can see the ActiveSync commands being sent to Horde. Anyway, 
to begin with, does anybody know if server-side IMAP searches need FTS 
in Dovecot (Horde is talking to Dovecot through IMAP).


The fact that they work fine in Thunderbird would suggest the answer is 
'no' - but could someone confirm that is correct please?


Anticipated thanks for any hints. I am on Dovecot 2.2.33 if in case it 
matters.

Re: result of uid sort by subject

[TACHIBANA Masashi]

Thank you for your reply.

> > Result of uid sort by subject is not expected.
> > for example: Japanese => English => Japanese => English
> 
> you don't mean those 4 words, but phrases in these languages, right?

In my case, sorting result is something strange.

Miss-sorted subjects were as bellow (REVERSE SUBJECT):

間違ったメールアドレス指定時のエラーメールについて
[12559-2]Re:間違ったメールアドレス指定時のエラーメールについて
RE: [12559-2]Re:間違ったメールアドレス指定時のエラーメールについて
[12559-5]Re:間違ったメールアドレス指定時のエラーメールについて
開発者様限定セール： 最大 40% OFF
[10260-2]Re:開封通知メールの送信について


> Did you verified sorting here:
> 
> http://demo.icu-project.org/icu-bin/locexp?_=en_US_=en=col

Now I did check the order of these subjects at this site.
On this site, my mail subjects were sorted correctly.


- Original Message -
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
> 
> On Wed, 2 Aug 2017, TACHIBANA Masashi wrote:
> 
> > Result of uid sort by subject is not expected.
> > for example: Japanese => English => Japanese => English
> 
> you don't mean those 4 words, but phrases in these languages, right?
> 
> > I'm now using Dovecot 2.2.31.
> >
> > command example:
> > HNKK6 UID SORT (REVERSE SUBJECT) utf-7 ALL
> > * SORT 3 1 7 2 4 10 11 8 12
> > HNKK6 OK Sort completed (0.002 + 0.041 + 0.001 secs).
> >
> > Any hint?
> 
> If this is a subject sort, shouldn't you post the subjects that have been 
> mis-sorted?
> 
> Did you verified sorting here:
> 
> http://demo.icu-project.org/icu-bin/locexp?_=en_US_=en=col
> 
> - -- 
> Steffen Kaiser
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1
> 
> iQEVAwUBWYFtVHz1H7kL/d9rAQIAngf/UJRusy2fEVYCokLGHcC9XJ9M1griutr9
> ZNNfJqikfBESWaYJQ2Kp3UjxvM4CB7x8OwYr/s3FFt3Git6n+B4WqjR/JeCLunrQ
> xjh0pwhvXQYxYqWZFtTLSxxLaciUylEE+fxyG6qfjvRefy98qdPoZ2/ebPb2JpXJ
> TzwMl8B0Q5HZZu87gEM+fHNdec0AKt3YHIQY2yCsFxdoXckGJYI0nVVkfPtiPZNQ
> t+k5cmXlEwd2hFhJcdw4t0DGd6YN5q7zSZZXww56iOh+dQSvST4JMQx7S+OXv72Z
> dp+tWQHkJ99819j7M5KciqpeHxEZ/SCw9yI3FKwekTbXtso/xGL90w==
> =vzLy
> -END PGP SIGNATURE-
> 
--
Masashi Astro TACHIBANA QUALITIA CO., LTD.
mailto:tachib...@qualitia.co.jp

Re: result of uid sort by subject

[Steffen Kaiser]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Wed, 2 Aug 2017, TACHIBANA Masashi wrote:


Result of uid sort by subject is not expected.
for example: Japanese => English => Japanese => English


you don't mean those 4 words, but phrases in these languages, right?


I'm now using Dovecot 2.2.31.

command example:
HNKK6 UID SORT (REVERSE SUBJECT) utf-7 ALL
* SORT 3 1 7 2 4 10 11 8 12
HNKK6 OK Sort completed (0.002 + 0.041 + 0.001 secs).

Any hint?


If this is a subject sort, shouldn't you post the subjects that have been 
mis-sorted?


Did you verified sorting here:

http://demo.icu-project.org/icu-bin/locexp?_=en_US_=en=col

- -- 
Steffen Kaiser

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQEVAwUBWYFtVHz1H7kL/d9rAQIAngf/UJRusy2fEVYCokLGHcC9XJ9M1griutr9
ZNNfJqikfBESWaYJQ2Kp3UjxvM4CB7x8OwYr/s3FFt3Git6n+B4WqjR/JeCLunrQ
xjh0pwhvXQYxYqWZFtTLSxxLaciUylEE+fxyG6qfjvRefy98qdPoZ2/ebPb2JpXJ
TzwMl8B0Q5HZZu87gEM+fHNdec0AKt3YHIQY2yCsFxdoXckGJYI0nVVkfPtiPZNQ
t+k5cmXlEwd2hFhJcdw4t0DGd6YN5q7zSZZXww56iOh+dQSvST4JMQx7S+OXv72Z
dp+tWQHkJ99819j7M5KciqpeHxEZ/SCw9yI3FKwekTbXtso/xGL90w==
=vzLy
-END PGP SIGNATURE-

result of uid sort by subject

[TACHIBANA Masashi]

Result of uid sort by subject is not expected.
for example: Japanese => English => Japanese => English
I'm now using Dovecot 2.2.31.

command example:
HNKK6 UID SORT (REVERSE SUBJECT) utf-7 ALL
* SORT 3 1 7 2 4 10 11 8 12
HNKK6 OK Sort completed (0.002 + 0.041 + 0.001 secs).

Any hint?

--
Masashi Astro TACHIBANA QUALITIA CO., LTD.
mailto:tachib...@qualitia.co.jp

Re: Issue with parsing of forwarded messages with attachments and quotes in the subject

[Giovanni Salvatore Fois]

On 05/02/2017 11:13 AM, Timo Sirainen wrote:

On 2 May 2017, at 11.21, Giovanni Salvatore Fois 
<giovannisalvatore.f...@eng.it> wrote:


Hi all,
 at work we use Roundcube acting as a mail client for the  Dovecot Imap 
server.

In Roundube the messages are parsed through the Imap BODYSTRUCTURE command
If a message contains forwarded messages and attachments and some of the 
messages contains
a quote (") in the subject, then the resulting BODYSTRUCTURE appears to be 
malformed.
---
After some digging through the code of Dovecot, it seems to me that the problem 
is related to the function: imap_append_string_for_humans
defined at the line 120 of the file src/lib-imap/imap-quote.c  (dovecot sources 
v. 2.2.29)

Said function is supposed to return a quoted version of the input string while 
removing unwanted
characters from the input data.

But,  if I call it with a string containing quotes as argument (eg: I am a lazy 
" programmer)  in
the resulting output the quotes aren't escaped and the output string is not 
quoted.


It's then written as a literal, so it actually looks correct to me.



I have done some further analysis of my real world cases and the problem arises when the subject 
line contains also a closed parenthesis, as in:


I'm a really ) bad "message"


In that case, part of the bodystructure is rendered as:

("Mon, 27 Mar 2017 11:18:04 +" I'm a really ) bad "message" (("First Address" NIL "username" 
"domain.com"))(( "Second Address" NIL "othername" "otherdomain.com")) ... and so on ...


That lonely parenthesis confuses the parser and so the resulting structure is 
slightly messed up.

I'm pretty positive that I can overcome the issue working on the client side.

Thank you for your time and please keep going with the good job.

Best regards,
Giovanni S. Fois

Re: Issue with parsing of forwarded messages with attachments and quotes in the subject

[Timo Sirainen]

On 2 May 2017, at 11.21, Giovanni Salvatore Fois 
<giovannisalvatore.f...@eng.it> wrote:
> 
> Hi all,
>  at work we use Roundcube acting as a mail client for the  Dovecot 
> Imap server.
> 
> In Roundube the messages are parsed through the Imap BODYSTRUCTURE command
> If a message contains forwarded messages and attachments and some of the 
> messages contains
> a quote (") in the subject, then the resulting BODYSTRUCTURE appears to be 
> malformed.
> ---
> After some digging through the code of Dovecot, it seems to me that the 
> problem is related to the function: imap_append_string_for_humans
> defined at the line 120 of the file src/lib-imap/imap-quote.c  (dovecot 
> sources v. 2.2.29)
> 
> Said function is supposed to return a quoted version of the input string 
> while removing unwanted
> characters from the input data.
> 
> But,  if I call it with a string containing quotes as argument (eg: I am a 
> lazy " programmer)  in
> the resulting output the quotes aren't escaped and the output string is not 
> quoted.

It's then written as a literal, so it actually looks correct to me.

Issue with parsing of forwarded messages with attachments and quotes in the subject

[Giovanni Salvatore Fois]

Hi all,
  at work we use Roundcube acting as a mail client for the  Dovecot 
Imap server.

In Roundube the messages are parsed through the Imap BODYSTRUCTURE command
If a message contains forwarded messages and attachments and some of the 
messages contains
a quote (") in the subject, then the resulting BODYSTRUCTURE appears to be 
malformed.
---
After some digging through the code of Dovecot, it seems to me that the problem is related to the 
function: imap_append_string_for_humans

defined at the line 120 of the file src/lib-imap/imap-quote.c  (dovecot sources 
v. 2.2.29)

Said function is supposed to return a quoted version of the input string while 
removing unwanted
characters from the input data.

But,  if I call it with a string containing quotes as argument (eg: I am a lazy 
" programmer)  in
the resulting output the quotes aren't escaped and the output string is not 
quoted.


This is related to the stated issue through the function calls in:
part_write_body   [ defined at line 142 of imap-bodystructure.c ]
which calls imap_envelope_write [defined at line 46 of imap-envelope.c]
which finally calls imap_append_string_for_humans


Thank you for your time.

Best regards,
Giovanni S. Fois

[no subject]

[Rahul Singh Badyal]

I have Centos 7 mail server installed with dovecot and postfix with
MariaDB. I am trying to add a virtual All Mails folder for every user so
that they can have all mails such as inbox, sent in a single folder,
something like gmail. Please help me for this.


*Regards,*

*Rahul*

Full subject on dovecot log

[Fabio S. Schmidt]

Hi,

I've noticed that when a subject is very long Dovecot doesn't show its full
lenght on the logs. Is there any way to always register the full subject on
the log? (I'm using dovecot 2.2)

My best regards,
Fabio S. Schmidt

Re: Subject: Re: v2.2.24 released

[Joseph Tam]

On Tue, 26 Apr 2016, Timo Sirainen wrote:


- auth: Auth cache is now disabled passwd-file. It was unnecessary and
 it broke %variables in extra fields.


So settings like

auth_cache_size = 65536
auth_cache_ttl = 86400
auth_cache_negative_ttl = 600

are ignored/useless, and passwd-file auth lookups always results in file read
operation?


passwd-files are always read fully into memory.  The file's timestamp
is checked once a second to see if anything has changed and if so the
file is reloaded.  So basically they're already cached with perfect TTL
settings.


OK, thanks.  I will comment these settings out since they're not useful.

Joseph Tam 

Re: Subject: Re: v2.2.24 released

[Timo Sirainen]

On 26 Apr 2016, at 21:09, Joseph Tam  wrote:
> 
> Timo Sirainen wrote:
> 
>> - auth: Auth cache is now disabled passwd-file. It was unnecessary and
>>  it broke %variables in extra fields.
> 
> So settings like
> 
>   auth_cache_size = 65536
>   auth_cache_ttl = 86400
>   auth_cache_negative_ttl = 600
> 
> are ignored/useless, and passwd-file auth lookups always results in file read
> operation?

passwd-files are always read fully into memory. The file's timestamp is checked 
once a second to see if anything has changed and if so the file is reloaded. So 
basically they're already cached with perfect TTL settings.

Subject: Re: v2.2.24 released

[Joseph Tam]

Timo Sirainen wrote:


- auth: Auth cache is now disabled passwd-file. It was unnecessary and
  it broke %variables in extra fields.


So settings like

auth_cache_size = 65536
auth_cache_ttl = 86400
auth_cache_negative_ttl = 600

are ignored/useless, and passwd-file auth lookups always results in file read
operation?

Joseph Tam 

[no subject]

[Hendrik Velloen]

Hi

I am new to the mailing List, and was hoping to get some assistance
migrating from an Old Cucipop + Sendmail server (running on a old Redhat v
7) to a new Dovecot setup.
My new installation is Dovecot + Postfix. All is setup and working, however
I want to trasnsfer the contents of the mailboxes from my old server to
this new Dovecot setup.

Please let me know what information will be required to transfer the
mailboxes - I have tried a number of things, but with no luck.

I think the correct method is the one below, but I am getting UIDL errors
and AUTH errors and not sure if this is the right approach   PLEASE HELP

dsync -u  mirror
mbox:~/mail:INBOX=

~#  dsync -u hendr...@tcmvpn.co.za mirror
mbox:~/mail:INBOX=/var/mail/User_mbox/hendrikv

dsync(hendr...@tcmvpn.co.za): Error: pop3c(196.26.136.162): AUTH PLAIN
failed: -ERR Invalid command, try one of: USER name, PASS string, APOP name
digest, QUIT
dsync(hendr...@tcmvpn.co.za): Error: pop3c: Disconnected from remote server
dsync(hendr...@tcmvpn.co.za): Error: pop3_migration: Couldn't sync mailbox
POP3-MIGRATION-NS/INBOX: Internal error occurred. Refer to server log for
more information. [2016-04-04 08:27:01]
dsync(hendr...@tcmvpn.co.za): Error: Mailbox INBOX: Remote didn't send mail
GUID=ddbe5c71e58919cfe2a40905bced091d (UID=3054)
dsync(hendr...@tcmvpn.co.za): Error: Mailbox INBOX: Remote didn't send mail
GUID=64087a4c7bf960114cf17ba044047900 (UID=374)
dsync(hendr...@tcmvpn.co.za): Error: Mailbox INBOX: Remote didn't send mail
GUID=fd28baf9e91aedaf06c6e979ca76e96f (UID=2982)
dsync(hendr...@tcmvpn.co.za): Error: Mailbox INBOX: Remote didn't send mail
GUID=607087e611559d2df02c0684de87e10d (UID=991)
dsync(hendr...@tcmvpn.co.za): Error: Mailbox INBOX: Remote didn't send mail
GUID=c6a9aebd1f535f0cd82ed612a42bae77 (UID=1541)
dsync(hendr...@tcmvpn.co.za): Error: Mailbox INBOX: Remote didn't send mail
GUID=4c56ffcfb600c8b216b2f1603383dc13 (UID=1007)
dsync(hendr...@tcmvpn.co.za): Error: Mailbox INBOX: Remote didn't send mail
GUID=96ce5556fab323206f51deb03625be8a (UID=2357)
dsync(hendr...@tcmvpn.co.za): Error: Mailbox INBOX: Remote didn't send mail
GUID=cda74cb161321b7c99973cc65e80a591 (UID=1401)
dsync(hendr...@tcmvpn.co.za): Error: Mailbox INBOX: Remote didn't send mail
GUID=b735acf7ef69b39be157a97223878cdc (UID=642)
dsync(hendr...@tcmvpn.co.za): Error: Mailbox INBOX: Remote didn't send mail
GUID=6d9baedf21198be32152461f96737a1a (UID=481)
dsync(hendr...@tcmvpn.co.za): Error: Mailbox INBOX: Remote didn't send mail
GUID=19f36b934b74ce11f1eda95e32a0b112 (UID=1998)
dsync(hendr...@tcmvpn.co.za): Error: Exporting mailbox INBOX failed: Can't
lookup pop3-uidl for UID=1: POP3 UIDLs couldn't be synce






-- 
Kind Regards
Hendrik

[no subject]

[Kevin Laurie]

Re: [Dovecot] Problem in Search IMAP with spaces in Subject

[Giovanni Mancuso]

Hi,
anyone has this problem?


Il 03/06/2014 11:07, Giovanni Mancuso ha scritto:
 Hi,

 I deliver a test email (with 4 spaces in subject) into a maildir:

 Return-Path: u...@example.com
 Delivered-To: u...@example.com
 Received: from suse11 ([10.0.8.7])
 by suse11 (Dovecot) with LMTP id Pf6zDTCaiFOUXwAA4Q5jHg
 for u...@example.com; Fri, 30 May 2014 16:48:16 +0200
 From: u...@example.com
 To: u...@example.com
 Message-ID: 9704bc6a-28d9-cbf2-a1d6-dd54f6aa9...@newsvilpec.babel.it
 Subject: Test4 Spaces

 Test

 But, if i search this email with 4 spaces in subject i don't find anthing:

 telnet 0 143
 Trying 0.0.0.0...
 Connected to 0.
 Escape character is '^]'.
 * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
 IDLE AUTH=PLAIN] Dovecot ready.
 ab login u...@example.com password
 ab OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
 IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS
 THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN
 NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH
 ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS SPECIAL-USE BINARY
 MOVE QUOTA ACL RIGHTS=texk] Logged in
 ab select inbox
 * FLAGS (\Answered \Flagged \Deleted \Seen \Draft PEC_INBOX)
 * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft PEC_INBOX
 \*)] Flags permitted.
 * 1 EXISTS
 * 1 RECENT
 * OK [UNSEEN 1] First unseen.
 * OK [UIDVALIDITY 1401785069] UIDs valid
 * OK [UIDNEXT 2] Predicted next UID
 ab OK [READ-WRITE] Select completed (0.002 secs).
 a1 SEARCH CHARSET UTF-8 SUBJECT Test4 Spaces
 * SEARCH
 a1 OK Search completed (0.001 secs).
 a1 SEARCH CHARSET UTF-8 SUBJECT Test 4 Spaces
 * SEARCH 1
 a1 OK Search completed (0.000 secs).
 ab logout
 * BYE Logging out
 ab OK Logout completed.
 Connection closed by foreign host.

 If i run the search with one space i find a mail.

 I use dovecot v2.2.12 on Linux suse11 x86_64

 Thanks

Re: Subject tag [Dovecot] is gone

[Nick Edwards]

On 6/11/14, Jost Krieger jost.krieger+dove...@rub.de wrote:
 On Wed Jun 11 12:03:24 2014, Reindl Harald wrote:

 Cisco routers by default mangle DNS traffic, break zone transfers
 or even put befor all CNAME blocks a $TTL 0 line never appeared
 on the master until you disable DNS ALG for UDP and TCP

 I believe that Cisco equipment will do such things, but I doubt it's the
 routers. Unless you plug a firewall card in.


 I think he means junk like PIX, I've never seen a 7200, 7300, 10K, or
any ASR do that.

Re: Subject tag [Dovecot] is gone

[Reindl Harald]

Am 13.06.2014 12:09, schrieb Nick Edwards:
 On 6/11/14, Jost Krieger jost.krieger+dove...@rub.de wrote:
 On Wed Jun 11 12:03:24 2014, Reindl Harald wrote:

 Cisco routers by default mangle DNS traffic, break zone transfers
 or even put befor all CNAME blocks a $TTL 0 line never appeared
 on the master until you disable DNS ALG for UDP and TCP

 I believe that Cisco equipment will do such things, but I doubt it's the
 routers. Unless you plug a firewall card in.

 
 think he means junk like PIX, I've never seen a 7200, 7300, 10K, or
 any ASR do that

http://www.2mul.com/c/en/us/products/routers/2921-integrated-services-router-isr/index.html

and even the small Cisco 6 years ago supplied by our ISP
did the same - most likely you just don't realize it if
you are not hoster of public nameservers and have one of
them in front of and one behind the NAT




signature.asc
Description: OpenPGP digital signature

Re: Subject tag [Dovecot] is gone

[Reindl Harald]

Am 13.06.2014 12:17, schrieb Reindl Harald:
 Am 13.06.2014 12:09, schrieb Nick Edwards:
 On 6/11/14, Jost Krieger jost.krieger+dove...@rub.de wrote:
 On Wed Jun 11 12:03:24 2014, Reindl Harald wrote:

 Cisco routers by default mangle DNS traffic, break zone transfers
 or even put befor all CNAME blocks a $TTL 0 line never appeared
 on the master until you disable DNS ALG for UDP and TCP

 I believe that Cisco equipment will do such things, but I doubt it's the
 routers. Unless you plug a firewall card in.


 think he means junk like PIX, I've never seen a 7200, 7300, 10K, or
 any ASR do that
 
 http://www.2mul.com/c/en/us/products/routers/2921-integrated-services-router-isr/index.html
 
 and even the small Cisco 6 years ago supplied by our ISP
 did the same - most likely you just don't realize it if
 you are not hoster of public nameservers and have one of
 them in front of and one behind the NAT

here you go:
http://www.cisco.com/en/US/technologies/tk648/tk361/tk438/technologies_white_paper09186a00801af2b9.html

and here you go to disable this dumb behavior:
no ip nat service alg udp dns
no ip nat service alg tcp dns



signature.asc
Description: OpenPGP digital signature

Re: Subject tag [Dovecot] is gone

[Reuben Farrelly]

On 13/06/2014 8:09 PM, Nick Edwards wrote:

On 6/11/14, Jost Krieger jost.krieger+dove...@rub.de wrote:

On Wed Jun 11 12:03:24 2014, Reindl Harald wrote:


Cisco routers by default mangle DNS traffic, break zone transfers
or even put befor all CNAME blocks a $TTL 0 line never appeared
on the master until you disable DNS ALG for UDP and TCP


I believe that Cisco equipment will do such things, but I doubt it's the
routers. Unless you plug a firewall card in.



  I think he means junk like PIX, I've never seen a 7200, 7300, 10K, or
any ASR do that.


Actually you're both incorrect - this isn't a PIX/ASA specific thing and 
it does work that way on IOS routers in certain configurations.  A Cisco 
IOS router (800/1800/1900 etc) running recent code will do this if you 
have a PAT rule translating port 53 from outside to inside.


This isn't a configuration that is that common, and it is annoying when 
you run into it, but it's not something you can have happen by 
accident since you have to specifically configure port 53 to be NATted 
in to observe this behaviour.  It's also easy to turn off (TBH I don't 
know why it's not off by default, but that's a separate matter).


It doesn't impact normal outbound/dynamic NAT which is what most people use.

I haven't tried 1:1 static NATs so can't verify if it works that way in 
that situation, though.


Reuben


attachment: reuben-dovecot.vcf

Re: Subject tag [Dovecot] is gone

[Reindl Harald]

Am 13.06.2014 12:20, schrieb Reuben Farrelly:
 On 13/06/2014 8:09 PM, Nick Edwards wrote:
 On 6/11/14, Jost Krieger jost.krieger+dove...@rub.de wrote:
 On Wed Jun 11 12:03:24 2014, Reindl Harald wrote:

 Cisco routers by default mangle DNS traffic, break zone transfers
 or even put befor all CNAME blocks a $TTL 0 line never appeared
 on the master until you disable DNS ALG for UDP and TCP

 I believe that Cisco equipment will do such things, but I doubt it's the
 routers. Unless you plug a firewall card in.

   I think he means junk like PIX, I've never seen a 7200, 7300, 10K, or
 any ASR do that.
 
 Actually you're both incorrect - this isn't a PIX/ASA specific thing and it 
 does work that way on IOS routers in
 certain configurations.  A Cisco IOS router (800/1800/1900 etc) running 
 recent code will do this if you have a PAT
 rule translating port 53 from outside to inside.
 
 This isn't a configuration that is that common, and it is annoying when you 
 run into it, but it's not something you
 can have happen by accident since you have to specifically configure port 
 53 to be NATted in to observe this
 behaviour.  It's also easy to turn off (TBH I don't know why it's not off by 
 default, but that's a separate matter).
 
 It doesn't impact normal outbound/dynamic NAT which is what most people use.
 
 I haven't tried 1:1 static NATs so can't verify if it works that way in that 
 situation, though

we are running 1:1 static NAT and it is enabled by default in that situation
that's what i am talking the whole time, nobody does single port-forwardings
in a server environment

and *yes* you can have happen this by accident simply by have non Cisco
hardware before with the same 1:1 NAT and then get a Cisco device due switch
from bundeled DSL lines to glasfiber



signature.asc
Description: OpenPGP digital signature

Re: Subject tag [Dovecot] is gone

[Reindl Harald]

Am 11.06.2014 07:28, schrieb Nick Edwards:
 Nothing. Reindel has always been an abusive troll

if somebody wants to feel absued he will find always
a reason - calling software stripping headers out
of mails is not a good one to feel so

so shut up until you can't distinguish between firt
name and last name, write the last name even wrong
and especially in case i abused nobody

 On 6/11/14, Koenraad Lelong dove...@ace-electronics.be wrote:
 op 10-06-14 17:12, Reindl Harald schreef:

 than you have crap software somewhere on your side

 What did I do to get such reply ?



signature.asc
Description: OpenPGP digital signature

Re: Subject tag [Dovecot] is gone

[Paolo]

In this list we have Timo and many other people very skilled in dovecot 
and mail related stuff.

I read the considerations and I suppose they are right, but ...
Also there are people like me that are lower profile sysadmins.
Filtering mail isn't a problem, but, in my opinion, having the 
tag [Dovecot] in the subject is the better solution for visual 
filtering.
I receive 2-300 mail / day in the inbox. Often I don't read a dovecot or 
postfix thread if the subject doesn't interest me, but sometime the tag 
[Dovecot], increase the appeal of others keyword ...
Pheraps, mail filtered in folders are rarely read in real time. Usually I 
look at it in my spare time (very reduced), or when I search for a 
specific argoment.

A couple of friends agree with me, so I am not the only ... ;-)

This is only our opinion as low profile sysadmin,

Anyway, thanks to Timo and others for the great product and the support.

Regards, Paolo

Re: Subject tag [Dovecot] is gone

[Frerich Raabe]

On 2014-06-10 17:23, Koenraad Lelong wrote:

op 10-06-14 17:12, Reindl Harald schreef:

than you have crap software somewhere on your side


What did I do to get such reply ?


Don't bother paying too much attention, Harald has been quite the primadonna 
ever since I joined this list. Pretty sure he's one of those fellows who are 
doing the 'grumpy curmudgeon' on the Internet but then turn out to be rather 
quiet/shy guys in real life. ;-)


- Frerich

Re: Subject tag [Dovecot] is gone

[Professa Dementia]

On 6/11/2014 1:51 AM, Frerich Raabe wrote:
 On 2014-06-10 17:23, Koenraad Lelong wrote:
 op 10-06-14 17:12, Reindl Harald schreef:
 than you have crap software somewhere on your side

 What did I do to get such reply ?
 
 Don't bother paying too much attention, Harald has been quite the
 primadonna ever since I joined this list. Pretty sure he's one of those
 fellows who are doing the 'grumpy curmudgeon' on the Internet but then
 turn out to be rather quiet/shy guys in real life. ;-)


If he bothers you, a suggestion to make your life simpler.  Set up a
filter to simply delete any messages from him before they get to your inbox.

Notice that most regulars, myself included, never reply to him.  That is
because we do not even see his messages except in someone else's reply
to him.  It really improves the quality, value and enjoyment of the
list.  Life is too short to put up with someone who is abrasive,
obnoxious and rarely contributes anything helpful.

Dem

Re: Subject tag [Dovecot] is gone

[Reindl Harald]

Am 11.06.2014 11:15, schrieb Professa Dementia:
 On 6/11/2014 1:51 AM, Frerich Raabe wrote:
 On 2014-06-10 17:23, Koenraad Lelong wrote:
 op 10-06-14 17:12, Reindl Harald schreef:
 than you have crap software somewhere on your side

 What did I do to get such reply ?

 Don't bother paying too much attention, Harald has been quite the
 primadonna ever since I joined this list. Pretty sure he's one of those
 fellows who are doing the 'grumpy curmudgeon' on the Internet but then
 turn out to be rather quiet/shy guys in real life. ;-)
 
 If he bothers you, a suggestion to make your life simpler.  Set up a
 filter to simply delete any messages from him before they get to your inbox.
 
 Notice that most regulars, myself included, never reply to him.  That is
 because we do not even see his messages except in someone else's reply
 to him.  

and that is why people like you should simply *shut up* instead
react on a *one line quote* stripped all helpful informations
including the complete context

so you see *one line* of a long reply because you filter out
anything else: so *shut up at all*



signature.asc
Description: OpenPGP digital signature

Re: Subject tag [Dovecot] is gone

[Koenraad Lelong]

op 10-06-14 17:37, Koenraad Lelong schreef:


I looked at some messages on the server. Not trace of those List-lines.
I think I will get in touch with Watchguard to see if they remove those
lines.


I subscribed to dovecot with a home-account. There I do have those 
RFC2919 lines.
I also just whitelisted the dovecot-list on my Watchguard. I'll see if 
that changes anything.
But I also filed a bug-report with Watchguard concerning this. You 
would think such a company should know better.


Koenraad.

Re: Subject tag [Dovecot] is gone

[Reindl Harald]

Am 11.06.2014 11:30, schrieb Koenraad Lelong:
 op 10-06-14 17:37, Koenraad Lelong schreef:
 
 I looked at some messages on the server. Not trace of those List-lines.
 I think I will get in touch with Watchguard to see if they remove those
 lines.
 
 I subscribed to dovecot with a home-account. There I do have those RFC2919 
 lines.
 I also just whitelisted the dovecot-list on my Watchguard. I'll see if that 
 changes anything.
 But I also filed a bug-report with Watchguard concerning this. You would 
 think such a company should know better.

not uncommon, i saw anti-virus software mangle http traffic
by spit random bytes before the http headers leading to ask
the browser where to save the php-file

Cisco routers by default mangle DNS traffic, break zone transfers
or even put befor all CNAME blocks a $TTL 0 line never appeared
on the master until you disable DNS ALG for UDP and TCP

the bigger the company the more breakage

and that is why i said you have crap on your side what for whatever
reason you took as a personal attack leaded to lure all the trolls
out of their holes and react to a out-of-context quote



signature.asc
Description: OpenPGP digital signature

Re: Subject tag [Dovecot] is gone

[Jost Krieger]

On Wed Jun 11 12:03:24 2014, Reindl Harald wrote:

 Cisco routers by default mangle DNS traffic, break zone transfers
 or even put befor all CNAME blocks a $TTL 0 line never appeared
 on the master until you disable DNS ALG for UDP and TCP

I believe that Cisco equipment will do such things, but I doubt it's the
routers. Unless you plug a firewall card in.

 the bigger the company the more breakage
 
A bit back on-topic here:

My impression is that Outlook 2013 will move mails from one
(Dovecot) folder to the other by downloading the mail, messing up the
headers and uploading again. This will break the antispam plugin, of
course.

Can anyone confirm?

Yours
Jost Krieger
-- 
| jost.krieger+...@ruhr-uni-bochum.de  Please help stamp out spam! |
| Postmaster, JAPH, resident answer machineat RUB Comp. Center |
| Sincere words are not sweet, sweet words are not sincere.|
|  Lao Tse, Tao Te King 81 |

Re: Subject tag [Dovecot] is gone

[Reindl Harald]

Am 11.06.2014 12:21, schrieb Jost Krieger:
 On Wed Jun 11 12:03:24 2014, Reindl Harald wrote:
 
 Cisco routers by default mangle DNS traffic, break zone transfers
 or even put befor all CNAME blocks a $TTL 0 line never appeared
 on the master until you disable DNS ALG for UDP and TCP
 
 I believe that Cisco equipment will do such things, but I doubt it's the
 routers. Unless you plug a firewall card in

off-topic but as response i thought they know better

any bigger Cisco router i saw the last 8 years and even some smaller
ones without rack-mount did this as default if NAT is enabled until
you force the  two commands below

the reason likely is that if you have a public DNS server you are asking
from the LAN responding with a public address the Cisco translates the
repsonse to the NAT-mapping instead just allow the public IP from the LAN,
but that's no valid reason to mangle outgoing DNS traffic

additionally that may become funny if in the future DNSSEC is used

no ip nat service alg udp dns
no ip nat service alg tcp dns
___

the UDP ALG leads to silently supress answers of PTR's
with public IP's to the WAN, larger UDP responses (EDNS)
times out as well as zone-transfers

the TCP ALG leads to a AFXR zone transfer looks like below
while the master has only one TTL line with 86400 on top of
the zone file, in that case only CNAMES are mangelded and
after type the commands above all is fine

rhsoft.net. 86400   IN  A   91.118.73.4
**.rhsoft.net.  0   IN  CNAME   **.rhsoft.net.
**.rhsoft.net.  0   IN  CNAME   **.rhsoft.net.

testserver.rhsoft.net.  86400   IN  A   84.113.92.77
**.rhsoft.net.  0   IN  CNAME   **.rhsoft.net.



signature.asc
Description: OpenPGP digital signature

RE: Subject tag [Dovecot] is gone

[Spyros Tsiolis]

Guys,

I think you were a bit harsh on Reindl.

It is my opinion that he is a productive member
of this list and his views are valuable.

He just uses a bit stronger language.
Something that I do sometimes.

I don't think he wanted to be rude with someone.

Just my opinion,

s.






 Date: Wed, 11 Jun 2014 12:03:24 +0200
 From: h.rei...@thelounge.net
 To: dovecot@dovecot.org
 Subject: Re: Subject tag [Dovecot] is gone


 Am 11.06.2014 11:30, schrieb Koenraad Lelong:
 op 10-06-14 17:37, Koenraad Lelong schreef:

 I looked at some messages on the server. Not trace of those List-lines.
 I think I will get in touch with Watchguard to see if they remove those
 lines.

 I subscribed to dovecot with a home-account. There I do have those RFC2919 
 lines.
 I also just whitelisted the dovecot-list on my Watchguard. I'll see if 
 that changes anything.
 But I also filed a bug-report with Watchguard concerning this. You would 
 think such a company should know better.

 not uncommon, i saw anti-virus software mangle http traffic
 by spit random bytes before the http headers leading to ask
 the browser where to save the php-file

 Cisco routers by default mangle DNS traffic, break zone transfers
 or even put befor all CNAME blocks a $TTL 0 line never appeared
 on the master until you disable DNS ALG for UDP and TCP

 the bigger the company the more breakage

 and that is why i said you have crap on your side what for whatever
 reason you took as a personal attack leaded to lure all the trolls
 out of their holes and react to a out-of-context quote

  

Re: Subject tag [Dovecot] is gone

[Gene Heskett]

On Wednesday 11 June 2014 05:20:47 Reindl Harald did opine
And Gene did reply:
 Am 11.06.2014 11:15, schrieb Professa Dementia:
  On 6/11/2014 1:51 AM, Frerich Raabe wrote:
  On 2014-06-10 17:23, Koenraad Lelong wrote:
  op 10-06-14 17:12, Reindl Harald schreef:
  than you have crap software somewhere on your side
  
  What did I do to get such reply ?
  
  Don't bother paying too much attention, Harald has been quite the
  primadonna ever since I joined this list. Pretty sure he's one of
  those fellows who are doing the 'grumpy curmudgeon' on the Internet
  but then turn out to be rather quiet/shy guys in real life. ;-)
  
  If he bothers you, a suggestion to make your life simpler.  Set up a
  filter to simply delete any messages from him before they get to your
  inbox.
  
  Notice that most regulars, myself included, never reply to him.  That
  is because we do not even see his messages except in someone else's
  reply to him.
 
 and that is why people like you should simply *shut up* instead
 react on a *one line quote* stripped all helpful informations
 including the complete context
 
 so you see *one line* of a long reply because you filter out
 anything else: so *shut up at all*

If this is the best you can do in terms of a helpful reply, I'll never see 
your msgs again.

PLONK

Cheers, Gene Heskett
-- 
There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order.
-Ed Howdershelt (Author)
Genes Web page http://geneslinuxbox.net:6309/gene
US V Castleman, SCOTUS, Mar 2014 is grounds for Impeaching SCOTUS

Re: Subject tag [Dovecot] is gone

[Jost Krieger]

On Tue Jun 10 12:31:47 2014, Professa Dementia wrote:
 
 On 6/9/2014 7:26 PM, Timo Sirainen wrote:
 
 I am not proposing a new standard, simply pointing out that breaking an
 established protocol (by removing the [Dovecot] subject identifier)
 because of a flawed anti-spam system is not in people's best interest.
 
 Can a spammer spoof messages from the list?  Sure.  Has it happened?
 Not that I am aware of.  Is it a problem?  Not so far.
 
 So why, then, make people go through all this trouble of setting up new
 filters and rules, mail routing, software upgrades, etc, just to appease
 a standard that is clearly broken?

It's not DMARC that is broken, it is its application by AOL and Yahoo.
(And it's not a standard yet, AFAIK.)

It notes that the part p=reject should not be used in an environment
where *people* send mail. DMARC works fine for paypal, amazon, etc..

As Yahoo and AOL have wilfully ignored this, my consequence is
to ban addresses from domains that have p=reject from posting to our
mailing lists.
 
Yours
Jost Krieger
-- 
| jost.krieger+...@ruhr-uni-bochum.de  Please help stamp out spam! |
| Postmaster, JAPH, resident answer machineat RUB Comp. Center |
| Sincere words are not sweet, sweet words are not sincere.|
|  Lao Tse, Tao Te King 81 |

Re: Subject tag [Dovecot] is gone

[Koenraad Lelong]

op 09-06-14 22:27, Timo Sirainen schreef:

I've actually been thinking about it almost since the beginning. It's just been 
annoying waste of space on my screen. And more importantly nowadays it's also 
breaking DKIM/DMARC signatures. So if somebody still uses Subject-based 
filtering it's about time to switch to List-ID header based filtering now.

Another thing I'm wondering about is if I should allow text/html parts, because 
removing them will also break the DKIM signatures. Or mainly I'd like to allow 
only multipart/alternative with text/plain + text/html, but I don't think I can 
configure Mailman to support that.


Hi,

Just wanted to ask what happened to [Dovecot] when I saw this mail. 
Could you tell me how to find the List_ID ? I looked at the raw mail, 
but I didn't find it :


some removed stuff and anonymized...
Received: from wursti.dovecot.fi (wursti.dovecot.fi [87.106.245.223])
by mailbox.ace-electronics.be (Postfix) with SMTP id 808B2A0427
for dovecotatace-electronics.be; Mon,  9 Jun 2014 22:28:22 +0200 
(CEST)
Received: from wursti.dovecot.fi (localhost.localdomain [127.0.0.1])
by wursti.dovecot.fi (Postfix) with ESMTP id 16BC421F32;
Mon,  9 Jun 2014 22:27:56 +0200 (CEST)
Received: from talvi.dovecot.org (unknown [137.117.229.219])
by wursti.dovecot.fi (Postfix) with ESMTP;
Mon,  9 Jun 2014 22:27:52 +0200 (CEST)
Received: from [100.90.112.97] (localhost [127.0.0.1])
by talvi.dovecot.org (Postfix) with ESMTP id 0165E235C1;
Mon,  9 Jun 2014 20:28:43 + (UTC)
Received: by talvi.dovecot.org (Postfix, from userid 506)
id B242523584; Mon,  9 Jun 2014 20:28:39 + (UTC)
Received: from wursti.dovecot.fi (unknown [87.106.245.223])
by talvi.dovecot.org (Postfix) with ESMTP id 51A3023584
for dovecot@dovecot.org; Mon,  9 Jun 2014 20:28:39 + (UTC)
Received: from [192.168.10.103] (cs181255018.pp.htv.fi [82.181.255.18])
by wursti.dovecot.fi (Postfix) with ESMTPSA id 6ABD221D30
for dovecot@dovecot.org; Mon,  9 Jun 2014 22:27:43 +0200 (CEST)
From: Timo Sirainen tssatiki.fi
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
Subject: Subject tag [Dovecot] is gone
Message-Id: a864f144-2962-4963-bee6-5a6cbb738...@iki.fi
Date: Mon, 9 Jun 2014 23:27:41 +0300
To: Dovecot Mailing List dovecot@dovecot.org
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.2\))
X-Mailer: Apple Mail (2.1878.2)
Precedence: list
Reply-To: Dovecot Mailing List dovecot@dovecot.org
X-WatchGuard-Spam-ID: str=0001.0A0B0202.539618E6.008E,ss=1,re=0.000,fgs=0
X-WatchGuard-Spam-Score: 0, clean; 0, no virus
X-WatchGuard-Mail-Client-IP: 87.106.245.223
X-WatchGuard-Mail-From: dovecot-boun...@dovecot.org
X-Virus-Scanned: Maia Mailguard 1.0.3

I've actually been thinking about it almost since the beginning. It's =
just been annoying waste of space on my screen. And more importantly =
nowadays it's also breaking DKIM/DMARC signatures. So if somebody still =
uses Subject-based filtering it's about time to switch to List-ID header =
based filtering now.

Another thing I'm wondering about is if I should allow text/html parts, =
because removing them will also break the DKIM signatures. Or mainly I'd =
like to allow only multipart/alternative with text/plain + text/html, =
but I don't think I can configure Mailman to support that.

Re: Subject tag [Dovecot] is gone

[Chris Young]

Gmail doesn't let me filter on message headers so I've updated my filter as
follows

Before, my filter was
SUBJECT:([Dovecot])

But now my filter is
HAS THE WORDS:(dovecot.dovecot.org OR dovecot@dovecot.org)


On Tue, Jun 10, 2014 at 10:51 AM, Koenraad Lelong 
dove...@ace-electronics.be wrote:

 op 09-06-14 22:27, Timo Sirainen schreef:

  I've actually been thinking about it almost since the beginning. It's
 just been annoying waste of space on my screen. And more importantly
 nowadays it's also breaking DKIM/DMARC signatures. So if somebody still
 uses Subject-based filtering it's about time to switch to List-ID header
 based filtering now.

 Another thing I'm wondering about is if I should allow text/html parts,
 because removing them will also break the DKIM signatures. Or mainly I'd
 like to allow only multipart/alternative with text/plain + text/html, but I
 don't think I can configure Mailman to support that.

  Hi,

 Just wanted to ask what happened to [Dovecot] when I saw this mail.
 Could you tell me how to find the List_ID ? I looked at the raw mail, but I
 didn't find it :

 some removed stuff and anonymized...
 Received: from wursti.dovecot.fi (wursti.dovecot.fi [87.106.245.223])
 by mailbox.ace-electronics.be (Postfix) with SMTP id 808B2A0427
 for dovecotatace-electronics.be; Mon,  9 Jun 2014 22:28:22
 +0200 (CEST)
 Received: from wursti.dovecot.fi (localhost.localdomain [127.0.0.1])
 by wursti.dovecot.fi (Postfix) with ESMTP id 16BC421F32;
 Mon,  9 Jun 2014 22:27:56 +0200 (CEST)
 Received: from talvi.dovecot.org (unknown [137.117.229.219])
 by wursti.dovecot.fi (Postfix) with ESMTP;
 Mon,  9 Jun 2014 22:27:52 +0200 (CEST)
 Received: from [100.90.112.97] (localhost [127.0.0.1])
 by talvi.dovecot.org (Postfix) with ESMTP id 0165E235C1;
 Mon,  9 Jun 2014 20:28:43 + (UTC)
 Received: by talvi.dovecot.org (Postfix, from userid 506)
 id B242523584; Mon,  9 Jun 2014 20:28:39 + (UTC)
 Received: from wursti.dovecot.fi (unknown [87.106.245.223])
 by talvi.dovecot.org (Postfix) with ESMTP id 51A3023584
 for dovecot@dovecot.org; Mon,  9 Jun 2014 20:28:39 + (UTC)
 Received: from [192.168.10.103] (cs181255018.pp.htv.fi [82.181.255.18])
 by wursti.dovecot.fi (Postfix) with ESMTPSA id 6ABD221D30
 for dovecot@dovecot.org; Mon,  9 Jun 2014 22:27:43 +0200 (CEST)
 From: Timo Sirainen tssatiki.fi
 Content-Type: text/plain; charset=us-ascii
 Content-Transfer-Encoding: quoted-printable
 Subject: Subject tag [Dovecot] is gone
 Message-Id: a864f144-2962-4963-bee6-5a6cbb738...@iki.fi
 Date: Mon, 9 Jun 2014 23:27:41 +0300
 To: Dovecot Mailing List dovecot@dovecot.org
 Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.2\))
 X-Mailer: Apple Mail (2.1878.2)
 Precedence: list
 Reply-To: Dovecot Mailing List dovecot@dovecot.org
 X-WatchGuard-Spam-ID: str=0001.0A0B0202.539618E6.008E,ss=1,re=0.000,fgs=0
 X-WatchGuard-Spam-Score: 0, clean; 0, no virus
 X-WatchGuard-Mail-Client-IP: 87.106.245.223
 X-WatchGuard-Mail-From: dovecot-boun...@dovecot.org
 X-Virus-Scanned: Maia Mailguard 1.0.3

 I've actually been thinking about it almost since the beginning. It's =
 just been annoying waste of space on my screen. And more importantly =
 nowadays it's also breaking DKIM/DMARC signatures. So if somebody still =
 uses Subject-based filtering it's about time to switch to List-ID header =
 based filtering now.

 Another thing I'm wondering about is if I should allow text/html parts, =
 because removing them will also break the DKIM signatures. Or mainly I'd =
 like to allow only multipart/alternative with text/plain + text/html, =

 but I don't think I can configure Mailman to support that.

Re: Subject tag [Dovecot] is gone

[Bernd Petrovitsch]

On Die, 2014-06-10 at 11:04 -0400, Chris Young wrote:
 Gmail doesn't let me filter on message headers so I've updated my filter as
 follows

One more reason not to use it;-)

[...]
 On Tue, Jun 10, 2014 at 10:51 AM, Koenraad Lelong 
 dove...@ace-electronics.be wrote:
[...]
  Just wanted to ask what happened to [Dovecot] when I saw this mail.
  Could you tell me how to find the List_ID ? I looked at the raw mail, but I
  didn't find it :
[...]
  Reply-To: Dovecot Mailing List dovecot@dovecot.org

You could use that header (which actually should better be gone because
reply-to munging considered harmful) or some other header field with
dovecot somewhere.

FTR: I find
  snip  
List-Id: Dovecot Mailing List dovecot.dovecot.org
List-Unsubscribe: http://dovecot.org/cgi-bin/mailman/options/dovecot,
 mailto:dovecot-requ...@dovecot.org?subject=unsubscribe
List-Archive: http://dovecot.org/pipermail/dovecot/
List-Post: mailto:dovecot@dovecot.org
List-Help: mailto:dovecot-requ...@dovecot.org?subject=help
List-Subscribe: http://dovecot.org/cgi-bin/mailman/listinfo/dovecot,
 mailto:dovecot-requ...@dovecot.org?subject=subscribe
  snip  
in every mail header (= RFC-2919).
Is someone filtering headers on your side or the MUA just not displaying
really all of them?

[...]
  Another thing I'm wondering about is if I should allow text/html parts, =
  because removing them will also break the DKIM signatures. Or mainly I'd =
  like to allow only multipart/alternative with text/plain + text/html, =

FWIW text/html is actually overrated and - essentially - superfluous.
Additionally it makes it even easier to fool the average user.

Kind regards,
Bernd
-- 
Bernd Petrovitsch   Email: be...@sysprog.at

Re: Subject tag [Dovecot] is gone

[Reindl Harald]

Am 10.06.2014 16:51, schrieb Koenraad Lelong:
 op 09-06-14 22:27, Timo Sirainen schreef:
 I've actually been thinking about it almost since the beginning. It's just 
 been annoying waste of space on my
 screen. And more importantly nowadays it's also breaking DKIM/DMARC 
 signatures. So if somebody still uses
 Subject-based filtering it's about time to switch to List-ID header based 
 filtering now.

 Another thing I'm wondering about is if I should allow text/html parts, 
 because removing them will also break the
 DKIM signatures. Or mainly I'd like to allow only multipart/alternative with 
 text/plain + text/html, but I don't
 think I can configure Mailman to support that.

besides that the envelope sender is dovecot-boun...@dovecot.org
and To/Cc always dovecot@dovecot.org it's easy to filter that
with Sieve, subject based filters are broken anyways

 Just wanted to ask what happened to [Dovecot] when I saw this mail. Could 
 you tell me how to find the List_ID ? I
 looked at the raw mail, but I didn't find it:

than you have crap software somewhere on your side

* fix that
* it breaks also reply-to-list function
* it breaks threading
* it breaks mailing lists
* it must not happen at all

removing the list headers, look at the same i received
and the message id which is the same

Received: from wursti.dovecot.fi (wursti.dovecot.fi [87.106.245.223])
by barracuda.thelounge.net with ESMTP id o8NXn7SF4noqMeUE
for h.rei...@thelounge.net; Mon, 09 Jun 2014 22:28:02 +0200 (CEST)
Received: from wursti.dovecot.fi (localhost.localdomain [127.0.0.1])
by wursti.dovecot.fi (Postfix) with ESMTP id A0CE221F10;
Mon,  9 Jun 2014 22:27:50 +0200 (CEST)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on wursti.dovecot.fi
X-Spam-Level:
X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,RDNS_NONE
autolearn=no version=3.3.1
Received: from talvi.dovecot.org (unknown [137.117.229.219])
by wursti.dovecot.fi (Postfix) with ESMTP;
Mon,  9 Jun 2014 22:27:50 +0200 (CEST)
Received: from [100.90.112.97] (localhost [127.0.0.1])
by talvi.dovecot.org (Postfix) with ESMTP id DED3F23585;
Mon,  9 Jun 2014 20:28:41 + (UTC)
X-Original-To: dovecot@dovecot.org
Delivered-To: dovecot@dovecot.org
Received: by talvi.dovecot.org (Postfix, from userid 506)   id B242523584;
Mon,  9 Jun 2014 20:28:39 + (UTC)
Received: from wursti.dovecot.fi (unknown [87.106.245.223])
by talvi.dovecot.org (Postfix) with ESMTP id 51A3023584
for dovecot@dovecot.org; Mon,  9 Jun 2014 20:28:39 + (UTC)
Received: from [192.168.10.103] (cs181255018.pp.htv.fi [82.181.255.18])
by wursti.dovecot.fi (Postfix) with ESMTPSA id 6ABD221D30
for dovecot@dovecot.org; Mon,  9 Jun 2014 22:27:43 +0200 (CEST)
From: Timo Sirainen t...@iki.fi
Subject: Subject tag [Dovecot] is gone
Message-Id: a864f144-2962-4963-bee6-5a6cbb738...@iki.fi
Date: Mon, 9 Jun 2014 23:27:41 +0300
To: Dovecot Mailing List dovecot@dovecot.org
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.2\))
X-Mailer: Apple Mail (2.1878.2)
X-BeenThere: dovecot@dovecot.org
X-Mailman-Version: 2.1.17
Precedence: list
Reply-To: Dovecot Mailing List dovecot@dovecot.org
List-Id: Dovecot Mailing List dovecot.dovecot.org
List-Unsubscribe: http://dovecot.org/cgi-bin/mailman/options/dovecot,
mailto:dovecot-requ...@dovecot.org?subject=unsubscribe
List-Archive: http://dovecot.org/pipermail/dovecot/
List-Post: mailto:dovecot@dovecot.org
List-Help: mailto:dovecot-requ...@dovecot.org?subject=help
List-Subscribe: http://dovecot.org/cgi-bin/mailman/listinfo/dovecot,
mailto:dovecot-requ...@dovecot.org?subject=subscribe
Errors-To: dovecot-boun...@dovecot.org
Sender: dovecot dovecot-boun...@dovecot.org
Received-SPF: none (thelounge.net: dovecot-boun...@dovecot.org does not
 designate permitted sender hosts)
X-Virus-Scanned: by bsmtpd at thelounge.net
Return-Path: dovecot-boun...@dovecot.org
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable

 some removed stuff and anonymized...
 Received: from wursti.dovecot.fi (wursti.dovecot.fi [87.106.245.223])
 by mailbox.ace-electronics.be (Postfix) with SMTP id 808B2A0427
 for dovecotatace-electronics.be; Mon,  9 Jun 2014 22:28:22 +0200 
 (CEST)
 Received: from wursti.dovecot.fi (localhost.localdomain [127.0.0.1])
 by wursti.dovecot.fi (Postfix) with ESMTP id 16BC421F32;
 Mon,  9 Jun 2014 22:27:56 +0200 (CEST)
 Received: from talvi.dovecot.org (unknown [137.117.229.219])
 by wursti.dovecot.fi (Postfix) with ESMTP;
 Mon,  9 Jun 2014 22:27:52 +0200 (CEST)
 Received: from [100.90.112.97] (localhost [127.0.0.1])
 by talvi.dovecot.org (Postfix) with ESMTP id 0165E235C1;
 Mon,  9 Jun 2014 20:28:43 + (UTC)
 Received: by talvi.dovecot.org (Postfix, from userid 506)
 id B242523584; Mon,  9 Jun 2014 20:28:39 + (UTC)
 Received: from wursti.dovecot.fi (unknown [87.106.245.223

Re: Subject tag [Dovecot] is gone

[Koenraad Lelong]

op 10-06-14 17:12, Reindl Harald schreef:







than you have crap software somewhere on your side


What did I do to get such reply ?

Koenraad

Re: Subject tag [Dovecot] is gone

[Koenraad Lelong]

op 10-06-14 17:15, Bernd Petrovitsch schreef:


  snip  
in every mail header (= RFC-2919).
Is someone filtering headers on your side or the MUA just not displaying
really all of them?


I'm using Thunderbird as MUA. I'll look at the messages on the server.

Never noticed before there was something missing.

Thanks,

Koenraad.

Re: Subject tag [Dovecot] is gone

[Nicolas KOWALSKI]

On Tue, Jun 10, 2014 at 11:04:28AM -0400, Chris Young wrote:
 Gmail doesn't let me filter on message headers so I've updated my filter as
 follows

Yes it does. I use this: (list:dovecot OR to:dovecot)

It matches both mail received from the mailing-list and those I send to 
the mailing-list.


+1 for te subject tag removal :)

-- 
Nicolas

Re: Subject tag [Dovecot] is gone

[Koenraad Lelong]

op 10-06-14 17:15, Bernd Petrovitsch schreef:


FTR: I find
  snip  
List-Id: Dovecot Mailing List dovecot.dovecot.org
List-Unsubscribe: http://dovecot.org/cgi-bin/mailman/options/dovecot,
  mailto:dovecot-requ...@dovecot.org?subject=unsubscribe
List-Archive: http://dovecot.org/pipermail/dovecot/
List-Post: mailto:dovecot@dovecot.org
List-Help: mailto:dovecot-requ...@dovecot.org?subject=help
List-Subscribe: http://dovecot.org/cgi-bin/mailman/listinfo/dovecot,
  mailto:dovecot-requ...@dovecot.org?subject=subscribe
  snip  
in every mail header (= RFC-2919).
Is someone filtering headers on your side or the MUA just not displaying
really all of them?

I looked at some messages on the server. Not trace of those List-lines. 
I think I will get in touch with Watchguard to see if they remove those 
lines.


Thanks.

Koenraad

Re: Subject tag [Dovecot] is gone

[Luuk]

On 10-6-2014 17:23, Koenraad Lelong wrote:

op 10-06-14 17:12, Reindl Harald schreef:







than you have crap software somewhere on your side


What did I do to get such reply ?

Koenraad


Because you have crap software ;)

It's not caused by Thunderbird itself (it might be an add-on!)


I'm reading with thunderbird too, and in the headers of the firts post 
in this hread i see:

List-Id: Dovecot Mailing List dovecot.dovecot.org
List-Unsubscribe: http://dovecot.org/cgi-bin/mailman/options/dovecot,
mailto:dovecot-requ...@dovecot.org?subject=unsubscribe
List-Archive: http://dovecot.org/pipermail/dovecot/
List-Post: mailto:dovecot@dovecot.org
List-Help: mailto:dovecot-requ...@dovecot.org?subject=help
List-Subscribe: http://dovecot.org/cgi-bin/mailman/listinfo/dovecot,
mailto:dovecot-requ...@dovecot.org?subject=subscribe
Errors-To: dovecot-boun...@dovecot.org
Sender: dovecot dovecot-boun...@dovecot.org

Re: Subject tag [Dovecot] is gone

[Reindl Harald]

Am 10.06.2014 17:23, schrieb Koenraad Lelong:
 op 10-06-14 17:12, Reindl Harald schreef:

 than you have crap software somewhere on your side
 
 What did I do to get such reply?

are you a piece of software or why do you take
crap software personally against yourself?

you should have read the rest of my answer
something smart mainpulates messages you receive
this may become a *serious* problem in case of signed messages

this is most likely also the reason you hit reply all
because removing the list-headers makes the reply-to-list
button in thunderbird non-functional



signature.asc
Description: OpenPGP digital signature

Re: Subject tag [Dovecot] is gone

[Mark Sapiro]

On 06/09/2014 01:27 PM, Timo Sirainen wrote:
 
 Another thing I'm wondering about is if I should allow text/html parts, 
 because removing them will also break the DKIM signatures. Or mainly I'd like 
 to allow only multipart/alternative with text/plain + text/html, but I don't 
 think I can configure Mailman to support that.


Yes you can, well sort of - see below, but note that in addition to
content filtering, the addition of msg_footer will probably break DKIM
signatures.

If you put the following in pass_mime_types

multipart/alternative
text/plain
text/html

and set both collapse_alternatives and convert_html_to_plaintext to No,
multipart messages which are not multipart/mixed (e.g., multipart/mixed,
multipart/related and multipart/signed) will be handled according to
filter_action. Messages which are multipart/alternative with only
text/plain and text/html alternatives will be passed unchanged by
content filtering as will single part messages of type text/plain or
text/html.

Potential problems with this are:
1) you may not want single part text/html on the list.
2) some people sign their posts.

Because of 2), you need to add multipart/signed and
application/pgp-signature to pass_mime_types, but that complicates the
content filtering scenario because now a message with a structure like

multipart/signed
text/plain
application/pgp-signature
image/jpeg

will be accepted by the list with the image/jpeg part removed rather
than handled according to filter_action.

-- 
Mark Sapiro m...@msapiro.netThe highway is for gamblers,
San Francisco Bay Area, Californiabetter use your sense - B. Dylan



signature.asc
Description: OpenPGP digital signature

Re: Subject tag [Dovecot] is gone

[Professa Dementia]

On 6/9/2014 7:26 PM, Timo Sirainen wrote:

 The main reason is DKIM, which is starting to be a real problem.

I have not used DKIM much.  My mail server and client mostly deal with
SPF.  I have a filter that colorizes messages that have no SPF or a
missing DKIM or bad DKIM signature.  I *have* noticed that a lot of
messages from the list get marked in such manner, but it never really
bothered me and I never thought about it much.  Now I understand why
that happens (the [Dovecot] identifier in the subject).

When trying to solve a problem, the first thing is to correctly identify
the problem.  You cannot solve a problem if you do not even know what it is.

The underlying problem is to identify and classify emails as ones you
want and ones you do not want.  This is not easy and involves reading a
person's mind.  A person may, depending on their mood, classify the same
email differently at different times, which complicates things.

DKIM assumes that you can, in many cases, classify emails this way based
on authenticating the *domain* of the sender.  This has some serious
flaws in that it does not address this issue, even though it purports to.

One way to classify an email as wanted is if it comes from someone you
know and want to communicate with.  Signing based on a domain does
nothing to address this.  If my girlfriend is j...@yahoo.com, I want to
receive her emails.  That does not means I want to receive all emails
from the yahoo.com domain.  I do not want someone else to impersonate her.

If later, we break up and I no longer want to receive her emails, DKIM
does nothing to help with that, either.  That could be OK if such
functionality is beyond its scope.

DKIM erroneously bundles sender authentication with message validation.
 I want to know that it really was j...@yahoo.com that sent me the
message and not someone trying to impersonate her.  However, as a
separate function, I would like to know that the message I received is
not the one she sent.  These functions should not be integrated.  As it
is now, if the signature does not verify, I do not know why.  Was the
sender spoofed?  Was some part of the message modified in some way?  And
just for the record, I believe that the subject line should conceptually
be treated as part of the message, along with the date.

DKIM is too strict.  If I want to present a legal document (email) in
court, I may want to prove that the document I present to the court is
exactly as it was when it was sent to me.  However, this is not a common
occurrence.  The real world is messy and imperfect and often, changes to
emails are innocuous and legitimate.  Mailing lists are an example of this.

A mailing list or anti-virus scanner *should* be able to add a footer or
add a mailing list identifier to the subject line, as long as those
changes can be marked as later additions that the original sender is not
accountable for.  An email program should make it clear to the recipient
which parts are not accountable to the original sender.

I am not proposing a new standard, simply pointing out that breaking an
established protocol (by removing the [Dovecot] subject identifier)
because of a flawed anti-spam system is not in people's best interest.

Can a spammer spoof messages from the list?  Sure.  Has it happened?
Not that I am aware of.  Is it a problem?  Not so far.

So why, then, make people go through all this trouble of setting up new
filters and rules, mail routing, software upgrades, etc, just to appease
a standard that is clearly broken?

Dem

Re: Subject tag [Dovecot] is gone

[Patrick Ben Koetter]

Professa,

I suggest to take this discussion to the DKIM mailing list or even better to
DMARC at IETF. Discussing the usefulness of DKIM or DMARC is better done
there.

Until people at IETF come up with a solution for DMARC that works for all
participants most MLs, just like this, are better off avoiding further damage
to mail transport by not adding the list name to the subject and not adding a
footer. Of all available options not to break DMARC, this is still the best -
be it liked or not.

p@rick


* Professa Dementia dovecot@dovecot.org:
 On 6/9/2014 7:26 PM, Timo Sirainen wrote:
 
  The main reason is DKIM, which is starting to be a real problem.
 
 I have not used DKIM much.  My mail server and client mostly deal with
 SPF.  I have a filter that colorizes messages that have no SPF or a
 missing DKIM or bad DKIM signature.  I *have* noticed that a lot of
 messages from the list get marked in such manner, but it never really
 bothered me and I never thought about it much.  Now I understand why
 that happens (the [Dovecot] identifier in the subject).
 
 When trying to solve a problem, the first thing is to correctly identify
 the problem.  You cannot solve a problem if you do not even know what it is.
 
 The underlying problem is to identify and classify emails as ones you
 want and ones you do not want.  This is not easy and involves reading a
 person's mind.  A person may, depending on their mood, classify the same
 email differently at different times, which complicates things.
 
 DKIM assumes that you can, in many cases, classify emails this way based
 on authenticating the *domain* of the sender.  This has some serious
 flaws in that it does not address this issue, even though it purports to.
 
 One way to classify an email as wanted is if it comes from someone you
 know and want to communicate with.  Signing based on a domain does
 nothing to address this.  If my girlfriend is j...@yahoo.com, I want to
 receive her emails.  That does not means I want to receive all emails
 from the yahoo.com domain.  I do not want someone else to impersonate her.
 
 If later, we break up and I no longer want to receive her emails, DKIM
 does nothing to help with that, either.  That could be OK if such
 functionality is beyond its scope.
 
 DKIM erroneously bundles sender authentication with message validation.
  I want to know that it really was j...@yahoo.com that sent me the
 message and not someone trying to impersonate her.  However, as a
 separate function, I would like to know that the message I received is
 not the one she sent.  These functions should not be integrated.  As it
 is now, if the signature does not verify, I do not know why.  Was the
 sender spoofed?  Was some part of the message modified in some way?  And
 just for the record, I believe that the subject line should conceptually
 be treated as part of the message, along with the date.
 
 DKIM is too strict.  If I want to present a legal document (email) in
 court, I may want to prove that the document I present to the court is
 exactly as it was when it was sent to me.  However, this is not a common
 occurrence.  The real world is messy and imperfect and often, changes to
 emails are innocuous and legitimate.  Mailing lists are an example of this.
 
 A mailing list or anti-virus scanner *should* be able to add a footer or
 add a mailing list identifier to the subject line, as long as those
 changes can be marked as later additions that the original sender is not
 accountable for.  An email program should make it clear to the recipient
 which parts are not accountable to the original sender.
 
 I am not proposing a new standard, simply pointing out that breaking an
 established protocol (by removing the [Dovecot] subject identifier)
 because of a flawed anti-spam system is not in people's best interest.
 
 Can a spammer spoof messages from the list?  Sure.  Has it happened?
 Not that I am aware of.  Is it a problem?  Not so far.
 
 So why, then, make people go through all this trouble of setting up new
 filters and rules, mail routing, software upgrades, etc, just to appease
 a standard that is clearly broken?
 
 Dem

-- 
[*] sys4 AG
 
https://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München
 
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein
 

Re: Subject tag [Dovecot] is gone

[Nick Edwards]

Nothing. Reindel has always been an abusive troll

On 6/11/14, Koenraad Lelong dove...@ace-electronics.be wrote:
 op 10-06-14 17:12, Reindl Harald schreef:




 than you have crap software somewhere on your side

 What did I do to get such reply ?

 Koenraad

Re: Subject tag [Dovecot] is gone

[Nick Edwards]

If DMARC (the new kid on the block), gets broken by simple things like
subject changes on lists, then DMARC is broken, I wont go into the
other 9 key reasons I consider it useless because as you said this is
not the list for it.

On 6/11/14, Patrick Ben Koetter p...@sys4.de wrote:
 Professa,

 I suggest to take this discussion to the DKIM mailing list or even better
 to
 DMARC at IETF. Discussing the usefulness of DKIM or DMARC is better done
 there.

 Until people at IETF come up with a solution for DMARC that works for all
 participants most MLs, just like this, are better off avoiding further
 damage
 to mail transport by not adding the list name to the subject and not adding
 a
 footer. Of all available options not to break DMARC, this is still the best
 -
 be it liked or not.

 p@rick


 * Professa Dementia dovecot@dovecot.org:
 On 6/9/2014 7:26 PM, Timo Sirainen wrote:

  The main reason is DKIM, which is starting to be a real problem.

 I have not used DKIM much.  My mail server and client mostly deal with
 SPF.  I have a filter that colorizes messages that have no SPF or a
 missing DKIM or bad DKIM signature.  I *have* noticed that a lot of
 messages from the list get marked in such manner, but it never really
 bothered me and I never thought about it much.  Now I understand why
 that happens (the [Dovecot] identifier in the subject).

 When trying to solve a problem, the first thing is to correctly identify
 the problem.  You cannot solve a problem if you do not even know what it
 is.

 The underlying problem is to identify and classify emails as ones you
 want and ones you do not want.  This is not easy and involves reading a
 person's mind.  A person may, depending on their mood, classify the same
 email differently at different times, which complicates things.

 DKIM assumes that you can, in many cases, classify emails this way based
 on authenticating the *domain* of the sender.  This has some serious
 flaws in that it does not address this issue, even though it purports to.

 One way to classify an email as wanted is if it comes from someone you
 know and want to communicate with.  Signing based on a domain does
 nothing to address this.  If my girlfriend is j...@yahoo.com, I want to
 receive her emails.  That does not means I want to receive all emails
 from the yahoo.com domain.  I do not want someone else to impersonate
 her.

 If later, we break up and I no longer want to receive her emails, DKIM
 does nothing to help with that, either.  That could be OK if such
 functionality is beyond its scope.

 DKIM erroneously bundles sender authentication with message validation.
  I want to know that it really was j...@yahoo.com that sent me the
 message and not someone trying to impersonate her.  However, as a
 separate function, I would like to know that the message I received is
 not the one she sent.  These functions should not be integrated.  As it
 is now, if the signature does not verify, I do not know why.  Was the
 sender spoofed?  Was some part of the message modified in some way?  And
 just for the record, I believe that the subject line should conceptually
 be treated as part of the message, along with the date.

 DKIM is too strict.  If I want to present a legal document (email) in
 court, I may want to prove that the document I present to the court is
 exactly as it was when it was sent to me.  However, this is not a common
 occurrence.  The real world is messy and imperfect and often, changes to
 emails are innocuous and legitimate.  Mailing lists are an example of
 this.

 A mailing list or anti-virus scanner *should* be able to add a footer or
 add a mailing list identifier to the subject line, as long as those
 changes can be marked as later additions that the original sender is not
 accountable for.  An email program should make it clear to the recipient
 which parts are not accountable to the original sender.

 I am not proposing a new standard, simply pointing out that breaking an
 established protocol (by removing the [Dovecot] subject identifier)
 because of a flawed anti-spam system is not in people's best interest.

 Can a spammer spoof messages from the list?  Sure.  Has it happened?
 Not that I am aware of.  Is it a problem?  Not so far.

 So why, then, make people go through all this trouble of setting up new
 filters and rules, mail routing, software upgrades, etc, just to appease
 a standard that is clearly broken?

 Dem

 --
 [*] sys4 AG

 https://sys4.de, +49 (89) 30 90 46 64
 Franziskanerstraße 15, 81669 München

 Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
 Vorstand: Patrick Ben Koetter, Marc Schiffbauer
 Aufsichtsratsvorsitzender: Florian Kirstein

Re: Subject tag [Dovecot] is gone

[Nick Edwards]

has the words listid:dovecot.dovecot.org(exactly as written)
seems to work well for long time


On 6/11/14, Chris Young mrvj...@gmail.com wrote:
 Gmail doesn't let me filter on message headers so I've updated my filter as
 follows

 Before, my filter was
 SUBJECT:([Dovecot])

 But now my filter is
 HAS THE WORDS:(dovecot.dovecot.org OR dovecot@dovecot.org)


 On Tue, Jun 10, 2014 at 10:51 AM, Koenraad Lelong 
 dove...@ace-electronics.be wrote:

 op 09-06-14 22:27, Timo Sirainen schreef:

  I've actually been thinking about it almost since the beginning. It's
 just been annoying waste of space on my screen. And more importantly
 nowadays it's also breaking DKIM/DMARC signatures. So if somebody still
 uses Subject-based filtering it's about time to switch to List-ID header
 based filtering now.

 Another thing I'm wondering about is if I should allow text/html parts,
 because removing them will also break the DKIM signatures. Or mainly I'd
 like to allow only multipart/alternative with text/plain + text/html, but
 I
 don't think I can configure Mailman to support that.

  Hi,

 Just wanted to ask what happened to [Dovecot] when I saw this mail.
 Could you tell me how to find the List_ID ? I looked at the raw mail, but
 I
 didn't find it :

 some removed stuff and anonymized...
 Received: from wursti.dovecot.fi (wursti.dovecot.fi [87.106.245.223])
 by mailbox.ace-electronics.be (Postfix) with SMTP id 808B2A0427
 for dovecotatace-electronics.be; Mon,  9 Jun 2014 22:28:22
 +0200 (CEST)
 Received: from wursti.dovecot.fi (localhost.localdomain [127.0.0.1])
 by wursti.dovecot.fi (Postfix) with ESMTP id 16BC421F32;
 Mon,  9 Jun 2014 22:27:56 +0200 (CEST)
 Received: from talvi.dovecot.org (unknown [137.117.229.219])
 by wursti.dovecot.fi (Postfix) with ESMTP;
 Mon,  9 Jun 2014 22:27:52 +0200 (CEST)
 Received: from [100.90.112.97] (localhost [127.0.0.1])
 by talvi.dovecot.org (Postfix) with ESMTP id 0165E235C1;
 Mon,  9 Jun 2014 20:28:43 + (UTC)
 Received: by talvi.dovecot.org (Postfix, from userid 506)
 id B242523584; Mon,  9 Jun 2014 20:28:39 + (UTC)
 Received: from wursti.dovecot.fi (unknown [87.106.245.223])
 by talvi.dovecot.org (Postfix) with ESMTP id 51A3023584
 for dovecot@dovecot.org; Mon,  9 Jun 2014 20:28:39 + (UTC)
 Received: from [192.168.10.103] (cs181255018.pp.htv.fi [82.181.255.18])
 by wursti.dovecot.fi (Postfix) with ESMTPSA id 6ABD221D30
 for dovecot@dovecot.org; Mon,  9 Jun 2014 22:27:43 +0200 (CEST)
 From: Timo Sirainen tssatiki.fi
 Content-Type: text/plain; charset=us-ascii
 Content-Transfer-Encoding: quoted-printable
 Subject: Subject tag [Dovecot] is gone
 Message-Id: a864f144-2962-4963-bee6-5a6cbb738...@iki.fi
 Date: Mon, 9 Jun 2014 23:27:41 +0300
 To: Dovecot Mailing List dovecot@dovecot.org
 Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.2\))
 X-Mailer: Apple Mail (2.1878.2)
 Precedence: list
 Reply-To: Dovecot Mailing List dovecot@dovecot.org
 X-WatchGuard-Spam-ID: str=0001.0A0B0202.539618E6.008E,ss=1,re=0.000,fgs=0
 X-WatchGuard-Spam-Score: 0, clean; 0, no virus
 X-WatchGuard-Mail-Client-IP: 87.106.245.223
 X-WatchGuard-Mail-From: dovecot-boun...@dovecot.org
 X-Virus-Scanned: Maia Mailguard 1.0.3

 I've actually been thinking about it almost since the beginning. It's =
 just been annoying waste of space on my screen. And more importantly =
 nowadays it's also breaking DKIM/DMARC signatures. So if somebody still =
 uses Subject-based filtering it's about time to switch to List-ID header
 =
 based filtering now.

 Another thing I'm wondering about is if I should allow text/html parts, =
 because removing them will also break the DKIM signatures. Or mainly I'd
 =
 like to allow only multipart/alternative with text/plain + text/html, =

 but I don't think I can configure Mailman to support that.

Subject tag [Dovecot] is gone

[Timo Sirainen]

I've actually been thinking about it almost since the beginning. It's just been 
annoying waste of space on my screen. And more importantly nowadays it's also 
breaking DKIM/DMARC signatures. So if somebody still uses Subject-based 
filtering it's about time to switch to List-ID header based filtering now.

Another thing I'm wondering about is if I should allow text/html parts, because 
removing them will also break the DKIM signatures. Or mainly I'd like to allow 
only multipart/alternative with text/plain + text/html, but I don't think I can 
configure Mailman to support that.

[Dovecot] Problem in Search IMAP with spaces in Subject

[Giovanni Mancuso]

Hi,

I deliver a test email (with 4 spaces in subject) into a maildir:

Return-Path: u...@example.com
Delivered-To: u...@example.com
Received: from suse11 ([10.0.8.7])
by suse11 (Dovecot) with LMTP id Pf6zDTCaiFOUXwAA4Q5jHg
for u...@example.com; Fri, 30 May 2014 16:48:16 +0200
From: u...@example.com
To: u...@example.com
Message-ID: 9704bc6a-28d9-cbf2-a1d6-dd54f6aa9...@newsvilpec.babel.it
Subject: Test4 Spaces

Test

But, if i search this email with 4 spaces in subject i don't find anthing:

telnet 0 143
Trying 0.0.0.0...
Connected to 0.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
IDLE AUTH=PLAIN] Dovecot ready.
ab login u...@example.com password
ab OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS
THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN
NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH
ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS SPECIAL-USE BINARY
MOVE QUOTA ACL RIGHTS=texk] Logged in
ab select inbox
* FLAGS (\Answered \Flagged \Deleted \Seen \Draft PEC_INBOX)
* OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft PEC_INBOX
\*)] Flags permitted.
* 1 EXISTS
* 1 RECENT
* OK [UNSEEN 1] First unseen.
* OK [UIDVALIDITY 1401785069] UIDs valid
* OK [UIDNEXT 2] Predicted next UID
ab OK [READ-WRITE] Select completed (0.002 secs).
a1 SEARCH CHARSET UTF-8 SUBJECT Test4 Spaces
* SEARCH
a1 OK Search completed (0.001 secs).
a1 SEARCH CHARSET UTF-8 SUBJECT Test 4 Spaces
* SEARCH 1
a1 OK Search completed (0.000 secs).
ab logout
* BYE Logging out
ab OK Logout completed.
Connection closed by foreign host.

If i run the search with one space i find a mail.

I use dovecot v2.2.12 on Linux suse11 x86_64

Thanks

Re: [Dovecot] When the subject portion of an e-mail contains a control character, dovecot.sieve terminates unexpectatedly.

[Stephan Bosch]

On 5/22/2014 7:28 AM, Atsuko Tanaka wrote:
 We were able to solve the problem,
 When a control character is included in the subject of an e-mail,
 dovecot exits with a fatal error using the following information:

Did you try the latest versions? We made a few changes that should
resolve this already.

Regards,

Stephan.

Re: [Dovecot] When the subject portion of an e-mail contains a control character, dovecot.sieve terminates unexpectatedly.

[Atsuko Tanaka]

We were able to solve the problem,
When a control character is included in the subject of an e-mail,
dovecot exits with a fatal error using the following information:


1. We added the following field to the sieve setting file:

/etc/dovecot/conf.d/90-sieve.conf
-
sieve_editheader_rfc2822_check = yes
-
This is a switch for whether or not to check if a file is RFC2822 or not.
When it's set to yes, it works the exact same as before changes were made.
The default is yes.

2. When the sieve_editheader_rfc2822_check setting is set to no, we make
sure not to check for RFC2822.


Version: dovecot-2.2-pigeonhole-0.4.2

The patch is listed as below:
-
diff -Nur 
dovecot-2.2-pigeonhole-0.4.2_org/src/lib-sieve/plugins/editheader/cmd-addheader.c
 dovecot-2.2-pigeonhole-0.4.2/src/lib-sieve/plugins/editheader/cmd-addheader.c
--- 
dovecot-2.2-pigeonhole-0.4.2_org/src/lib-sieve/plugins/editheader/cmd-addheader.c
   2014-05-14 15:17:52.586774630 +0900
+++ 
dovecot-2.2-pigeonhole-0.4.2/src/lib-sieve/plugins/editheader/cmd-addheader.c   
2014-05-14 15:22:12.536780572 +0900
@@ -281,7 +281,8 @@
return SIEVE_EXEC_OK;
}
 
-   if ( !rfc2822_header_field_body_verify
+   if ( this_ext-svinst-chk_rfc2822 == TRUE 
+ !rfc2822_header_field_body_verify
(str_c(value), str_len(value), TRUE, TRUE) ) {
sieve_runtime_error(renv, NULL, addheader action: 
specified value `%s' is invalid,
diff -Nur dovecot-2.2-pigeonhole-0.4.2_org/src/lib-sieve/sieve-common.h 
dovecot-2.2-pigeonhole-0.4.2/src/lib-sieve/sieve-common.h
--- dovecot-2.2-pigeonhole-0.4.2_org/src/lib-sieve/sieve-common.h   
2014-05-14 15:17:52.593774606 +0900
+++ dovecot-2.2-pigeonhole-0.4.2/src/lib-sieve/sieve-common.h   2014-05-14 
15:23:57.584775286 +0900
@@ -189,6 +189,9 @@
size_t max_script_size;
unsigned int max_actions;
unsigned int max_redirects;
+
+/* Check */
+bool chk_rfc2822;
 };
 
 #endif /* __SIEVE_COMMON_H */
diff -Nur dovecot-2.2-pigeonhole-0.4.2_org/src/lib-sieve/sieve.c 
dovecot-2.2-pigeonhole-0.4.2/src/lib-sieve/sieve.c
--- dovecot-2.2-pigeonhole-0.4.2_org/src/lib-sieve/sieve.c  2014-05-14 
15:17:52.583774672 +0900
+++ dovecot-2.2-pigeonhole-0.4.2/src/lib-sieve/sieve.c  2014-05-14 
15:19:39.628771207 +0900
@@ -51,6 +51,7 @@
size_t size_setting;
const char  *domain;
pool_t pool;
+bool bool_setting;
 
/* Create Sieve engine instance */
pool = pool_alloconly_create(sieve, 8192);
@@ -118,6 +119,15 @@
svinst-max_redirects = (unsigned int) uint_setting;
}
 
+   /* Check RFC2822 from configuration */
+
+svinst-chk_rfc2822 = TRUE;
+
+if (sieve_setting_get_bool_value
+   (svinst, sieve_editheader_rfc2822_check, bool_setting) ) {
+svinst-chk_rfc2822 = bool_setting;
+}
+
/* Initialize extensions */
if ( !sieve_extensions_init(svinst) ) {
sieve_deinit(svinst);
-


 1) When an e-mail's subject contains control characters like
 [Ctrl+V|^V], dovecot.sieve terminates with an error and an e-mail is not
 able to be sent. When a MIME encoded Subject like [ＴＥＳＴ^VＭＡＩＬ] is sent
 we're not able to edit the subject and dovecot ends with an error.
 
 This is a sample of the data that was used in testing.
 Subject: =?ISO-2022-JP?B?GyRCI1QjRSNTI1QbKEIWGyRCI00jQSNJI0wbKEI=?=
 X-Spam-Score: 100.00%
 ↓
 Subject: =?ISO-2022-JP?B?GyRCI1QjRSNTI1QbKEIWGyRCI00jQSNJI0wbKEI=?=
 X-Spam-Score: 100.00%
 
 This is the log generated by the data above.
 --
 sieve: info: started log at May 02 10:46:22.
 main script: line 14: error: addheader action: specified value `[SPAM]
 ＴＥＳＴ?・・' is invalid.
 --
 
 Aside from [Ctrl + V] the following control charcters also cause errors:
 backspace
 Ctrl + A
 Ctrl + C
 Ctrl + [
 Ctrl + X
 Ctrl + Y


Atsuko Tanaka

Re: [Dovecot] When the subject portion of an e-mail contains a control character, dovecot.sieve terminates unexpectatedly.

[Timo Sirainen]

On 2.5.2014, at 11.27, Atsuko Tanaka tan...@designet.co.jp wrote:

 We have currently set dovecot.sieve to insert the text [SPAM] at the
 beginning of an e-mail's subject when it's X-Spam-Score is above 80%.
 After we set our system as stated the following errors occur:
 
 1) When an e-mail's subject contains control characters like
 [Ctrl+V|^V], dovecot.sieve terminates with an error and an e-mail is not
 able to be sent. When a MIME encoded Subject like [ＴＥＳＴ^VＭＡＩＬ] is sent
 we're not able to edit the subject and dovecot ends with an error.
..
 Aside from [Ctrl + V] the following control charcters also cause errors:
 backspace
 Ctrl + A
 Ctrl + C
 Ctrl + [
 Ctrl + X
 Ctrl + Y
 
 2) When an e-mail's subject line contains a \0 character, everything
 following the null character is deleted.

Is there a reason why mails contain these kind of control characters? Is it 
commonly used? And is it OK if Dovecot translates them to UTF-8 for the 
rewritten header, or would the subject have to stay ISO-2022-JP encoded?

[Dovecot] When the subject portion of an e-mail contains a control character, dovecot.sieve terminates unexpectatedly.

[Atsuko Tanaka]

Hello.

We have currently set dovecot.sieve to insert the text [SPAM] at the
beginning of an e-mail's subject when it's X-Spam-Score is above 80%.
After we set our system as stated the following errors occur:

1) When an e-mail's subject contains control characters like
[Ctrl+V|^V], dovecot.sieve terminates with an error and an e-mail is not
able to be sent. When a MIME encoded Subject like [ＴＥＳＴ^VＭＡＩＬ] is sent
we're not able to edit the subject and dovecot ends with an error.

This is a sample of the data that was used in testing.
Subject: =?ISO-2022-JP?B?GyRCI1QjRSNTI1QbKEIWGyRCI00jQSNJI0wbKEI=?=
X-Spam-Score: 100.00%
↓
Subject: =?ISO-2022-JP?B?GyRCI1QjRSNTI1QbKEIWGyRCI00jQSNJI0wbKEI=?=
X-Spam-Score: 100.00%

This is the log generated by the data above.
--
sieve: info: started log at May 02 10:46:22.
main script: line 14: error: addheader action: specified value `[SPAM]
ＴＥＳＴ?・・' is invalid.
--

Aside from [Ctrl + V] the following control charcters also cause errors:
backspace
Ctrl + A
Ctrl + C
Ctrl + [
Ctrl + X
Ctrl + Y

2) When an e-mail's subject line contains a \0 character, everything
following the null character is deleted.
When a MIME encoded Subject is sent, for example ＴＥＳＴ\0ＭＡＩＬ, the
subject becomes [SPAM]ＴＥＳＴ, the characters after the NULL character
are deleted and dovecot.sieve ends normally.

This is a sample of the data that we collected.
Subject: =?ISO-2022-JP?B?GyRCI1QjRSNTI1QbKEIAGyRCI00jQSNJI0wbKEI=?=
X-Spam-Score: 100.00%
↓
Subject: [SPAM] =?utf-8?b?77y077yl77yz77y0?=
X-Spam-Score: 100.00%


-Environment
・OS
CentOS release 6.5 (Final) x86_64

・Software Version
dovecot-2.2.12
dovecot-2.2-pigeonhole-0.4.2

・Results from the dovecot -n command.
--
# 2.2.12: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-431.5.1.el6.x86_64 x86_64 CentOS release 6.5 (Final)
disable_plaintext_auth = no
lock_method = dotlock
mail_fsync = always
mail_gid = vmail
mail_location = maildir:~/Maildir
mail_nfs_index = yes
mail_nfs_storage = yes
mail_plugins = quota
mail_temp_dir = /var/tmp
mail_uid = vmail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress

comparator-i;ascii-numeric relational regex imap4flags copy include
variables body enotify

environment mailbox date ihave spamtest spamtestplus editheader
mbox_write_locks = dotlock
mmap_disable = yes
passdb {
  driver = passwd
}
plugin {
  quota = maildir:User quota
  sieve = ~/Maildir/dovecot.sieve
  sieve_dir = ~/Maildir/sieve
  sieve_editheader_max_header_size = 1k
  sieve_editheader_protected = X-Verified
  sieve_extensions = +editheader +spamtest +spamtestplus
  sieve_max_actions = 250
  sieve_max_redirects = 100
  sieve_spamtest_max_value = 100.00
  sieve_spamtest_status_header = X-Spam-Score: ([[:digit:]]+\.[[:digit:]]+)%
  sieve_spamtest_status_type = score
  sieve_user_log = /var/log/dovecot.sieve/%d/%u.log
}
postmaster_address = postmas...@example.jp
protocols = pop3 imap
service auth {
  unix_listener auth-userdb {
group = vmail
mode = 0600
user = vmail
  }
}
ssl_ca = /etc/pki/tls/certs/CA.crt
ssl_cert = /etc/pki/tls/certs/example.jp.crt
ssl_key = /etc/pki/tls/private/example.jp.key
submission_host = 127.0.0.1:20025
userdb {
  args = /etc/dovecot/ldap/userdb.conf.ext
  driver = ldap
}
protocol lda {
  mail_plugins = quota sieve
}
protocol imap {
  mail_plugins = quota imap_quota
  passdb {
args = /etc/dovecot/ldap/passdb.conf.ext
driver = ldap
  }
}
protocol pop3 {
  passdb {
args = /etc/dovecot/ldap/passdb.conf.ext
driver = ldap
  }
}
--

-Contents of the dovecot.sieve file
user/Maildir/dovecot.sieve
--
require fileinto;
require mailbox;
require envelope;
require variables;
require editheader;
require spamtestplus;
require relational;
require enotify;
require comparator-i;ascii-numeric;

if spamtest :percent :value ge :comparator i;ascii-numeric 80 {
  if exists subject {
deleteheader :matches subject *;
addheader Subject [SPAM] ${1};
  } else {
addheader Subject [SPAM];
  }
}
--

Please reply.
Thank you.

-- 

Atsuko Tanaka
DesigNET Inc.
e-mail：tan...@designet.co.jp

[Dovecot] (no subject)

[Axel Reinhold]

Subject: dovecot-2.2.11 crash on quit

after update to dovecot-2.2.11 pop3 crashes at QUIT after successful deliver:

[axel@bongo axel]$ gdb opt/dovecot-2.2.11-1/sbin/dovecot core.13590

warning: core file may not match specified executable file.
Core was generated by `dovecot/pop3 p3postlogin'.
Program terminated with signal 11, Segmentation fault.
#0  0x0804e601 in main ()
(gdb) bt
#0  0x0804e601 in main ()
#1  0xbfec7ff0 in ?? ()
#2  0x0804e7dc in main ()
#3  0x08050038 in service_anvil_global_deinit ()
#4  0x0804da9d in get_gid ()
#5  0x0804dc6c in main ()
#6  0xb7e2de37 in ?? ()
#7  0xb7e2f477 in ?? ()
#8  0xb7e2df24 in ?? ()
#9  0xb7dc2fbd in ?? ()
#10 0x0804bf13 in __register_frame_info_bases ()
#11 0xb7c55ebc in ?? ()
(gdb) q

last part of conversation:

pop* [20053] 140212130153 debug8: SMTP 250 2.1.5 axel... Recipient ok
pop* [20053] 140212130153 debug8: SMTP DATA
pop* [20053] 140212130153 debug8: SMTP 354 Enter mail, end with . on a line 
by itself
pop* [20053] 140212130153 debug8: SMTP .
pop* [20053] 140212130153 debug8: SMTP 250 2.0.0 s1CC1rGZ020100 Message 
accepted for delivery
pop* [20053] 140212130153 debug8: SMTP QUIT
pop* [20053] 140212130153 debug8: SMTP 221 2.0.0 bongo.freakout.de closing 
connection
pop* [20053] 140212130153 debug6: SMTP  sent to axel Id:2.0.0 s1CC1rGZ020100
pop* [20053] 140212130153 debug8: POP3 DELE 8
pop* [20053] 140212130153 debug8: POP3 +OK Marked to be deleted.
pop* [20053] 140212130153 debug6: POP3  delete 8
pop* [20053] 140212130153 debug8: POP3 QUIT
pop* [20053] 140212130153 debug8: POP3  #CRASH
pop* [20053] 140212130153 error : POP3  no quit
pop* [20053] 140212130153 debug5: POP3  logout

Regards
Axel

Re: [Dovecot] (no subject)

[Timo Sirainen]

On 22.11.2013, at 8.17, Axel Reinhold dove...@freakout.de wrote:

 Subject: dovecot-2.2.8 does no more quit correctly
 
 after update to dovecot-2.2.8 monit is no more validating pop3 server
 due to dovecot mo more logging out correctly +OK Logging out is missing

Oh, I guess that explains also why it was happening with LMTP. 
http://hg.dovecot.org/dovecot-2.2/rev/e3a87c25e0b2 fixes.

[Dovecot] sieve + notify + $subject$ + empty subject = segv

[Christian Ferbar]

Hello,

we can reproduce a bug where lmtp crashes:

LMTP telnet session:
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 lisa.m-otion.at Dovecot ready.
lhlo xyz
250-xyz.m-otion.at
250-8BITMIME
250-ENHANCEDSTATUSCODES
250 PIPELINING
mail from:x...@m-otion.at
250 2.1.0 OK
rcpt to:my_mailbox
250 2.1.5 OK
data
354 OK
From:x...@m-otion.at

test
.
Connection closed by foreign host.

/var/log/messages tells me:
Nov 11 00:07:00 mail kernel: lmtp[15868]: segfault at  rip 
2b1960d01d70 rsp 7fff3fa95908 error 4

pigeonhole 0.4.2, dovecot 2.2.6

and this is what I found out:
If you use a sieve script containing the following line 
  notify :method mailto :options xyz :message $from$*#+$subject$;

and send a mail without a Subject: header line lmtp crashes. The bug is related 
to the sieve module in /src/lib-sieve/plugins/notify/ext-notify-common.c:266. 
The line contains only a check if mail_get_headers_utf8 returns an error. So 
the workaround for this line would be to add a check if header[0] is not NULL.

if ( (mail_get_headers_utf8(msgdata-mail, subject, 
header) = 0)  header[0] )
 str_append(out_msg, header[0]);

IMHO this patch should be applied to the $from$ replacement as well. The 
comments in the dovecot's header file says for mail_get_headers:
   Returns -1 if error, 0 otherwise (with or without headers found).

hope it helps,

Regards
Christian Ferbar

Re: [Dovecot] sieve + notify + $subject$ + empty subject = segv

[Stephan Bosch]

On 11/11/2013 12:54 AM, Christian Ferbar wrote:
 Hello,

 we can reproduce a bug where lmtp crashes:

 If you use a sieve script containing the following line 
   notify :method mailto :options xyz :message $from$*#+$subject$;

 and send a mail without a Subject: header line lmtp crashes. The bug is 
 related to the sieve module in 
 /src/lib-sieve/plugins/notify/ext-notify-common.c:266. The line contains only 
 a check if mail_get_headers_utf8 returns an error. So the workaround for this 
 line would be to add a check if header[0] is not NULL.

This is an old one. Good catch. This should fix it:

http://hg.rename-it.nl/dovecot-2.2-pigeonhole/rev/44f659981723

I solved it slightly differently. Also added tests.

Regards,

Stephan.

[Dovecot] (no subject)

[Gab IIpop]

From the documentation, virtual users seem like a good idea if you plan on
having a lot of users. Although I'm wondering about the following:

What other benefits/consequences are there to using virtual over system
users and vice versa?

Will virtual users have the same protection as system users (system users
would use linux permissions, which is pretty secure)?

How easy will it be to switch from using system users to virtual users or
vice versa?

Re: [Dovecot] (no subject)

[Dotan Cohen]

On Sun, Jul 7, 2013 at 4:10 PM, Axel Luttgens axelluttg...@swing.be wrote:
 Hello Dotan,

 Note that md5sum calculates a hash similar to the one used by dovecot's 
 MD5-PLAIN scheme:

 $ doveadm pw -s PLAIN-MD5 -p 12345
 {PLAIN-MD5}827ccb0eea8a706c4c34a16891f84e7b


 Shouldn't that password match the md5sum check?

 As a result: no... ;-)


I see! I've tried a few formats to verify the MD5 hash, but none
produced the expected results. In any case, I've gotten that part of
Dovecot working now that I've discovered that most of the information
online is for Dovecot 1. However the Dovecot 2 wiki is terrific and it
pulled me through.

 [...]
 $ telnet mail.someDomain.com 143
 Trying x.x.x.x...
 Connected to mail.someDomain.com.
 Escape character is '^]'.
 * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
 IDLE AUTH=PLAIN] Dovecot ready.
 a login user 12345
 [...]

 I doubt this is a valid attempt:

 - unless I'm wrong, the command should be authenticate (not login)

No, it does seem that 'login' is the right command. I've got it working now.

 - the server doesn't seem to be configured for making use of digest-md5

 You may find an example of such an authentication near the end of 
 http://tools.ietf.org/html/rfc2831.
 You might also have a look at 
 http://wiki2.dovecot.org/Authentication/Mechanisms/DigestMD5.


Thank you, that was indeed part of the issue!

--
Dotan Cohen

http://gibberish.co.il
http://what-is-what.com

[Dovecot] (no subject)

[Dotan Cohen]

On an Ubuntu Server 12.04 system with Dovecot 2.0.19 I am having some
trouble with the Dovecot passwords. I am finding this in the logs when
I unsuccessfully try to log in:

Jul 07 08:13:25 auth-worker: Debug:
pam(u...@somedomain.com,212.
179.241.14): lookup service=dovecot
Jul 07 08:13:25 auth-worker: Debug:
pam(u...@somedomain.com,212.179.241.14): #1/1 style=1 msg=Password:
Jul 07 08:13:27 auth-worker: Info:
pam(u...@somedomain.com,212.179.241.14): pam_authenticate() failed:
Authentication failure (password mismatch?) (given password: 12345)
Jul 07 08:13:29 auth: Debug: client out: FAIL   2   user=u...@somedomain.com
Jul 07 08:13:29 pop3-login: Info: Disconnected (auth failed, 2
attempts): user=u...@somedomain.com, method=PLAIN,
rip=212.179.241.14, lip=10.138.11.251

This is not the real password, but an example to show that I think
that there is an issue:
$ /usr/bin/doveadm pw -u u...@somedomain.com -s DIGEST-MD5
Enter new password: # Here I have typed 12345
Retype new password: # Here I have typed 12345
{DIGEST-MD5}f4e442b0dec5009eaa8b9b4104923edc
$ printf 12345 | md5sum
827ccb0eea8a706c4c34a16891f84e7b  -
$

Shouldn't that password match the md5sum check? Also, might I have the
file formats wrong?
$ cat passwd
u...@somedomain.com::5000:5000::/var/mail/vhosts/someDomain.com/user
$ cat shadow
u...@somedomain.com:{DIGEST-MD5}f4e442b0dec5009eaa8b9b4104923edc
$

Note that testing in Telnet fails the password as well, both when
specifying the user without a domain and with a domain:

$ telnet mail.someDomain.com 143
Trying x.x.x.x...
Connected to mail.someDomain.com.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
IDLE AUTH=PLAIN] Dovecot ready.
a login user 12345
a NO [AUTHENTICATIONFAILED] Authentication failed.
e logout
* BYE Logging out
e OK Logout completed.
Connection closed by foreign host.
$ telnet mail.someDomain.com 143
Trying x.x.x.x...
Connected to mail.someDomain.com.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
IDLE AUTH=PLAIN] Dovecot ready.
a login u...@somedomain.com 12345
a NO [AUTHENTICATIONFAILED] Authentication failed.
* BAD Error in IMAP command received by server.
e logout
* BYE Logging out
e OK Logout completed.
Connection closed by foreign host.

Thanks!

--
Dotan Cohen

http://gibberish.co.il
http://what-is-what.com

Re: [Dovecot] (no subject)

[Axel Luttgens]

Le 7 juil. 2013 à 11:47, Dotan Cohen a écrit :

 [...]
 $ /usr/bin/doveadm pw -u u...@somedomain.com -s DIGEST-MD5
 Enter new password: # Here I have typed 12345
 Retype new password: # Here I have typed 12345
 {DIGEST-MD5}f4e442b0dec5009eaa8b9b4104923edc
 $ printf 12345 | md5sum
 827ccb0eea8a706c4c34a16891f84e7b  -
 $

Hello Dotan,

Note that md5sum calculates a hash similar to the one used by dovecot's 
MD5-PLAIN scheme:

$ doveadm pw -s PLAIN-MD5 -p 12345
{PLAIN-MD5}827ccb0eea8a706c4c34a16891f84e7b


 Shouldn't that password match the md5sum check?

As a result: no... ;-)

 [...]
 $ telnet mail.someDomain.com 143
 Trying x.x.x.x...
 Connected to mail.someDomain.com.
 Escape character is '^]'.
 * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
 IDLE AUTH=PLAIN] Dovecot ready.
 a login user 12345
 [...]

I doubt this is a valid attempt:

- unless I'm wrong, the command should be authenticate (not login)
- the server doesn't seem to be configured for making use of digest-md5

You may find an example of such an authentication near the end of 
http://tools.ietf.org/html/rfc2831.
You might also have a look at 
http://wiki2.dovecot.org/Authentication/Mechanisms/DigestMD5.

HTH,
Axel

[Dovecot] (no subject)

[Anes Mukhametov]

Hello!

I've tried to use extprograms pipe feature but stuck with Broken pipe
errors in mail log:

May 17 15:18:57 backend1 dovecot: lmtp(20338, u...@domain.tld): Debug:
3VMVFWFKllFyTwAArRg8UA: sieve: action pipe: running program: learn
May 17 15:18:57 backend1 dovecot: script: Error: write(response) failed:
Broken pipe
May 17 15:18:57 backend1 dovecot: lmtp(20338, u...@domain.tld):
3VMVFWFKllFyTwAArRg8UA: sieve: execution of script
/data/mail/storage/domain/u...@domain.tld/.dovecot.sieve;name=main script
failed, but implicit keep was successful (user logfile
/data/mail/storage/domain/bu...@domain.tld/.dovecot.sieve.log should reveal
additional details)

/data/mail/storage/domain/bu...@domain.tld/.dovecot.sieve.log:
error: msgid=c7cd36f19be8164addf091a646b8b...@domain.tld: pipe action:
failed to pipe message to program `learn': refer to server log for more
information. [2013-05-17 15:18:57] ham u...@domain.tld 50796.


Sieve script contents:
require [fileinto,copy,mailbox,vnd.dovecot.pipe];

if anyof (header :is Subject ham)
{
pipe :try learn [ham];
fileinto INBOX/ham;
stop;
}

Sieve plugin config uncommented conents:
sieve_plugins = sieve_extprograms
*sieve_pipe_socket_dir = sieve-pipe*

  # Define the executed script as parameter to the sieve service
  executable = script /etc/dovecot/scripts/spam.sh

  # Use some unprivileged user for executing the program
  user = nobody

  # The unix socket located in the sieve_pipe_socket_dir (as defined in the
  # plugin {} section above)
  unix_listener sieve-pipe/learn {
# LDA/LMTP must have access
 user = nobody
 mode = 0777
  }
}


spam.sh is message processing script which interacts with spamassassin.
I've tested pipe with spam.sh that redirects stdin to /dev/null and returns
0 but errors were logged anyway.
Note that spam.sh runs, getting the message from sieve and processing it to
spamassassin without a problem, but broken pipe is being logged.

[Dovecot] (no subject)

[b m]

Hi. I'm using dovecot 2.0.18 and I'm trying to authenticate through a CAS 
server (until now authentication was through MS Active Directory). I could not 
find anywhere some examples, so here is what i have done so far.
-install phpcas and pam_cas
-edit /etc/pam.d/dovecot
  auth    sufficient  /lib/security/pam_cas.so 
-simap://webmail.mydomain.com -f /etc/pam_cas.conf
-edit /etc.pam_cas.conf
  host mycas.mydomain.com 
  port 443 
  uriValidate /cas/proxyValidate 
  ssl on 
  proxy ??? 
  trusted_ca /etc/cert/certificate.pem 
  debug on

- and finally dovecot.conf which I'm sure is complety wrong
  userdb {
              args = /etc/dovecot/dovecot-ldap.conf
              driver = ldap
  }
 passdb {
 driver = pam
             args = cache_key=%u dovecot
 }

What I get in log is 


Oct 15 15:39:58 auth-worker: Debug: Loading modules from directory: 
/usr/lib64/dovecot/auth
Oct 15 15:39:58 auth-worker: Debug: Module loaded: 
/usr/lib64/dovecot/auth/libauthdb_ldap.so
Oct 15 15:39:58 auth-worker: Debug: Module loaded: 
/usr/lib64/dovecot/auth/libdriver_mysql.so
Oct 15 15:39:58 auth-worker: Debug: Module loaded: 
/usr/lib64/dovecot/auth/libdriver_pgsql.so
Oct 15 15:39:58 auth-worker: Debug: Module loaded: 
/usr/lib64/dovecot/auth/libdriver_sqlite.so
Oct 15 15:39:58 auth-worker: Debug: Module loaded: 
/usr/lib64/dovecot/auth/libmech_gssapi.so
Oct 15 15:39:58 auth-worker: Debug: pam(user,127.0.0.1): lookup service=dovecot
Oct 15 15:39:58 auth-worker: Debug: pam(user,127.0.0.1): #1/1 style=1 
msg=Password: 
Oct 15 15:39:58 auth-worker: Info: pam(user,127.0.0.1): pam_authenticate() 
failed: Permission denied
Oct 15 15:40:00 auth: Debug: client out: FAIL    1    user=user
Oct 15 15:40:00 imap-login: Info: Aborted login (auth failed, 1 attempts): 
user=user, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured
Oct 15 15:40:00 auth: Debug: auth client connected (pid=9019)

Any ideas? Thanks.

[Dovecot] (no subject)

[Phil Petree]

Hey All,

I'm developing a site on a VPS that comes stock with dovecot 1.2.17 and I'm
trying to setup some functionality that is very specific to our business
model.

My question is this:  How do I create (programatically) aliases for a
forwarder?

I have an address, em...@domain.com that gets sent to a php script and I
want users to be able to send to that script via any number of different
names (could ultimately be 1000's).

I'm thinking that I append/delete from the etc/aliases file and then run
#newaliases

So that em...@domain.com will answer on du...@domain.com or
dot...@domain.com, once the email comes in, I can check the header, get who
it was really sent to, do all my checks, perform the necessary action blah
blah blah... and be able to do it all on one piece of code (my fantasy LOL).

Am I on the right track here or is this simply not going to work?

Thanks,

Pete

Re: [Dovecot] (no subject)

[Giles Coochey]

On 29/05/2012 14:59, Phil Petree wrote:

Hey All,

I'm developing a site on a VPS that comes stock with dovecot 1.2.17 and I'm
trying to setup some functionality that is very specific to our business
model.

My question is this:  How do I create (programatically) aliases for a
forwarder?

I have an address, em...@domain.com that gets sent to a php script and I
want users to be able to send to that script via any number of different
names (could ultimately be 1000's).

I'm thinking that I append/delete from the etc/aliases file and then run
#newaliases

So that em...@domain.com will answer on du...@domain.com or
dot...@domain.com, once the email comes in, I can check the header, get who
it was really sent to, do all my checks, perform the necessary action blah
blah blah... and be able to do it all on one piece of code (my fantasy LOL).

Am I on the right track here or is this simply not going to work?



Seems fairly straight forward, not sure how this applies to dovecot though.
Have you tried asking this question on sendmail / postfix lists?
They're the ones who interact with the aliases file.

--
Regards,

Giles Coochey, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 7983 877438
http://www.coochey.net
http://www.netsecspec.co.uk
gi...@coochey.net




smime.p7s
Description: S/MIME Cryptographic Signature

Re: [Dovecot] Username from rfc822Name subject alternative name

[Timo Sirainen]

On 9.4.2012, at 16.51, Бранко Мајић wrote:

 I'm looking into adding support for extracting the username from client 
 certificate's rfc822Name (from the subjectAltName extension).
 
 The question I have is what would be the best approach to do this? Current 
 implementation has a kind of clean code since it just goes through the 
 subject name, extracting the values with X509_NAME_get_text_by_NID (while NID 
 is obtained with OBJ_txt2nid). If I were to add this, it's bound to make the 
 code a little bit more complicated since SAN's can't be retrieved in the same 
 way.
 
 So far in terms of options I have, I can see the following:
 
 1. Create a distinct configuration option for the ssl_cert_username_field 
 (i.e. specify something like sanrfc822Name to have Dovecot extract the 
 username from the designated alternative name).

I'm not sure if this is a good idea, but what about:

ssl_cert_username_field = subjectAltName:rfc822Name

 2. Make the current code fail-over to rfc822Name SAN if emailAddress is 
 provided for ssl_cert_username (less invasion in code, but less flexibility 
 as well).

Automatic failover seems dangerous.

Re: [Dovecot] Username from rfc822Name subject alternative name

[Бранко Мајић]

Another solution could be having another property that specifies
whether the information should be pulled in from subject or
subjectAltName.

But I think what you've proposed would be ok as well, and it'd allow
for future expansion too (if anyone decides to use some other SAN). I
can get working on adding the support for this (might take a couple
of days until I sort it out - getting quite busy here :).

Would a patch both against the 1.x and 2.x be welcome?

Дана Tue, 10 Apr 2012 19:10:04 +0300
Timo Sirainen t...@iki.fi написа:

 On 9.4.2012, at 16.51, Бранко Мајић wrote:
 
  I'm looking into adding support for extracting the username from
  client certificate's rfc822Name (from the subjectAltName extension).
  
  The question I have is what would be the best approach to do this?
  Current implementation has a kind of clean code since it just goes
  through the subject name, extracting the values with
  X509_NAME_get_text_by_NID (while NID is obtained with OBJ_txt2nid).
  If I were to add this, it's bound to make the code a little bit
  more complicated since SAN's can't be retrieved in the same way.
  
  So far in terms of options I have, I can see the following:
  
  1. Create a distinct configuration option for the
  ssl_cert_username_field (i.e. specify something like
  sanrfc822Name to have Dovecot extract the username from the
  designated alternative name).
 
 I'm not sure if this is a good idea, but what about:
 
 ssl_cert_username_field = subjectAltName:rfc822Name
 
  2. Make the current code fail-over to rfc822Name SAN if
  emailAddress is provided for ssl_cert_username (less invasion in
  code, but less flexibility as well).
 
 Automatic failover seems dangerous.

-- 
Branko Majic
Jabber: bra...@majic.rs
Please use only Free formats when sending attachments to me.

Бранко Мајић
Џабер: bra...@majic.rs
Молим вас да додатке шаљете искључиво у слободним форматима.


signature.asc
Description: PGP signature

Re: [Dovecot] Username from rfc822Name subject alternative name

[Timo Sirainen]

I can add the patch to v2.1, but probably not to earlier versions.

On 11.4.2012, at 0.07, Бранко Мајић wrote:

 Another solution could be having another property that specifies
 whether the information should be pulled in from subject or
 subjectAltName.
 
 But I think what you've proposed would be ok as well, and it'd allow
 for future expansion too (if anyone decides to use some other SAN). I
 can get working on adding the support for this (might take a couple
 of days until I sort it out - getting quite busy here :).
 
 Would a patch both against the 1.x and 2.x be welcome?
 
 Дана Tue, 10 Apr 2012 19:10:04 +0300
 Timo Sirainen t...@iki.fi написа:
 
 On 9.4.2012, at 16.51, Бранко Мајић wrote:
 
 I'm looking into adding support for extracting the username from
 client certificate's rfc822Name (from the subjectAltName extension).
 
 The question I have is what would be the best approach to do this?
 Current implementation has a kind of clean code since it just goes
 through the subject name, extracting the values with
 X509_NAME_get_text_by_NID (while NID is obtained with OBJ_txt2nid).
 If I were to add this, it's bound to make the code a little bit
 more complicated since SAN's can't be retrieved in the same way.
 
 So far in terms of options I have, I can see the following:
 
 1. Create a distinct configuration option for the
 ssl_cert_username_field (i.e. specify something like
 sanrfc822Name to have Dovecot extract the username from the
 designated alternative name).
 
 I'm not sure if this is a good idea, but what about:
 
 ssl_cert_username_field = subjectAltName:rfc822Name
 
 2. Make the current code fail-over to rfc822Name SAN if
 emailAddress is provided for ssl_cert_username (less invasion in
 code, but less flexibility as well).
 
 Automatic failover seems dangerous.
 
 -- 
 Branko Majic
 Jabber: bra...@majic.rs
 Please use only Free formats when sending attachments to me.
 
 Бранко Мајић
 Џабер: bra...@majic.rs
 Молим вас да додатке шаљете искључиво у слободним форматима.

[Dovecot] Username from rfc822Name subject alternative name

[Бранко Мајић]

Hello,

I'm looking into adding support for extracting the username from client 
certificate's rfc822Name (from the subjectAltName extension).


The question I have is what would be the best approach to do this? 
Current implementation has a kind of clean code since it just goes 
through the subject name, extracting the values with 
X509_NAME_get_text_by_NID (while NID is obtained with OBJ_txt2nid). If I 
were to add this, it's bound to make the code a little bit more 
complicated since SAN's can't be retrieved in the same way.


So far in terms of options I have, I can see the following:

1. Create a distinct configuration option for the 
ssl_cert_username_field (i.e. specify something like sanrfc822Name to 
have Dovecot extract the username from the designated alternative name).


2. Make the current code fail-over to rfc822Name SAN if emailAddress is 
provided for ssl_cert_username (less invasion in code, but less 
flexibility as well).


Any input/recommendation/directioning is welcome. I've wanted to 
actually first write a patch, and then submit it, but I think it might 
be better to check what would be preferable by Dovecot maintainers/devs.


Best regards

--
Branko Majic
Jabber: bra...@majic.rs
Please use only Free formats when sending attachments to me.

Бранко Мајић
Џабер: bra...@majic.rs
Молим вас да додатке шаљете искључиво у слободним форматима.

[Dovecot] ENVELOPE mishandling of Subject lines with quote(s)?

[Dinh Le]

Hi,

I am running dovecot version 1.2.9 on a Ubuntu 10.04 server.  To obtain 
the message's header info from this dovecot imap server, I run the 
following imap command on a client side's imap session:


. fetch 88:90 (envelope)

which returns (in this case)

-

* 88 FETCH (ENVELOPE (Tue, 28 Oct 2008 15:45:35 -0500 Linear Actuators Bring Flexibility to Packaging ((Design World NIL subscription designworldonline.com)) 
((Design World NIL subscription designworldonline.com)) ((Design World NIL subscription designworldonline.com)) ((NIL NIL dinh 
flic.net)) NIL NIL NIL 490779cf.0...@ak119.mta.exacttarget.com))

* 89 FETCH (ENVELOPE (29 Oct 2008 15:44:03 -0500 {65}
2nd Edition of Brennesholtz/Stupp Projection Displays Available ((Insight Media NIL administrator insightmedia.info)) ((Insight Media NIL 
administrator insightmedia.info)) ((Insight Media NIL administrator insightmedia.info)) ((NIL NIL dinh flic.net)) NIL NIL NIL 
20081029154358.0c359ae169595...@insightmedia.info))

* 90 FETCH (ENVELOPE (Thu, 30 Oct 2008 04:24:31 +0800 (SGT) 6 new products Now Online! ((Global Sources Product Alert NIL paservices globalsources.com)) ((Global Sources 
Product Alert NIL paservices globalsources.com)) ((Global Sources Product Alert NIL paservices globalsources.com)) ((Dinh Le NIL dinh 
flic.net)) NIL NIL NIL 352725277.1225311871753.javamail@fuchsia3.globalsources.com))

. OK Fetch completed.

--

Notice that message 89's Subject line

Subject: 2nd Edition of Brennesholtz/Stupp Projection Displays Available

has quotes and this dovecot's ENVELOPE response failed to get parsed by
a popular Perl module (Mail::IMAPClient::BodyStructure::Envelope).  I have 
a hunch that this is dovecot's fault but I could be wrong.  How should 
dovecot (or any imap server) deal with Subject lines with quotes inside 
ENVELOPE?


ENVELOPE seems to encapsulate most of the important information and its 
format can be parsed cleanly and quickly.  I prefer to fetch ENVELOP, at 
this point, rather than the other alternatives.


Thanks for your help,

Dinh

Re: [Dovecot] ENVELOPE mishandling of Subject lines with quote(s)?

[Michael M Slusarz]

Quoting Dinh Le d...@flic.net:



* 89 FETCH (ENVELOPE (29 Oct 2008 15:44:03 -0500 {65}
2nd Edition of Brennesholtz/Stupp Projection Displays Available
 ((Insight Media NIL administrator insightmedia.info))  
((Insight Media NIL administrator insightmedia.info))  
((Insight Media NIL administrator insightmedia.info)) ((NIL  
NIL dinh flic.net)) NIL NIL NIL  
20081029154358.0c359ae169595...@insightmedia.info))


[snip]


Notice that message 89's Subject line

Subject: 2nd Edition of Brennesholtz/Stupp Projection Displays Available

has quotes and this dovecot's ENVELOPE response failed to get parsed by
a popular Perl module (Mail::IMAPClient::BodyStructure::Envelope).   
I have a hunch that this is dovecot's fault but I could be wrong.   
How should dovecot (or any imap server) deal with Subject lines with  
quotes inside ENVELOPE?


The subject, because it contains quotes, can't be expressed in a  
quoted string so it is instead sent in a literal string.  In a literal  
string, the data is exactly what appears in the original message.  No  
post-processing mechanism should be stripping quotes or anything from  
this data - it is already in its canonical state.


Dovecot is 100% correct in its return.

michael

Re: [Dovecot] ENVELOPE mishandling of Subject lines with quote(s)?

[Timo Sirainen]

On 6.2.2012, at 22.45, Michael M Slusarz wrote:

 The subject, because it contains quotes, can't be expressed in a quoted 
 string so it is instead sent in a literal string.

Small correction: Quotes can be escaped in a quoted-string, but Dovecot just 
doesn't want to do it. Many other servers behave this way as well.

 In a literal string, the data is exactly what appears in the original 
 message.  No post-processing mechanism should be stripping quotes or anything 
 from this data - it is already in its canonical state.
 
 Dovecot is 100% correct in its return.

Yes. Looks like Perl's IMAP client hasn't been built properly to expect 
literals in places where they are allowed. My guess is that this is only one of 
the 100 other places where a literal is allowed by RFC but not by Perl..

Maybe I should add some evil setting to Dovecot where it would use literals 
everywhere it can, or perhaps randomly send atoms/strings/literals. :)

Re: [Dovecot] ENVELOPE mishandling of Subject lines with quote(s)?

[Timo Sirainen]

On 6.2.2012, at 22.55, Timo Sirainen wrote:

 Maybe I should add some evil setting to Dovecot where it would use literals 
 everywhere it can, or perhaps randomly send atoms/strings/literals. :)

BTW. If anyone wants to try, the attached patch makes Dovecot return (almost) 
all possible fields as literals. You'll need to delete dovecot.index.cache 
files to get the full effect.



break-imap-clients.diff
Description: Binary data

Re: [Dovecot] ENVELOPE mishandling of Subject lines with quote(s)?

[Dinh Le]

On Mon, 6 Feb 2012, Timo Sirainen wrote:


On 6.2.2012, at 22.45, Michael M Slusarz wrote:


The subject, because it contains quotes, can't be expressed in a quoted string 
so it is instead sent in a literal string.


Small correction: Quotes can be escaped in a quoted-string, but Dovecot just 
doesn't want to do it. Many other servers behave this way as well.


In a literal string, the data is exactly what appears in the original message.  
No post-processing mechanism should be stripping quotes or anything from this 
data - it is already in its canonical state.

Dovecot is 100% correct in its return.


Yes. Looks like Perl's IMAP client hasn't been built properly to expect 
literals in places where they are allowed. My guess is that this is only one of 
the 100 other places where a literal is allowed by RFC but not by Perl..

Maybe I should add some evil setting to Dovecot where it would use literals 
everywhere it can, or perhaps randomly send atoms/strings/literals. :)



Thanks, I will try to come up

Re: [Dovecot] ENVELOPE mishandling of Subject lines with quote(s)?

[Dinh Le]

On Mon, 6 Feb 2012, Timo Sirainen wrote:


On 6.2.2012, at 22.45, Michael M Slusarz wrote:


The subject, because it contains quotes, can't be expressed in a quoted string 
so it is instead sent in a literal string.


Small correction: Quotes can be escaped in a quoted-string, but Dovecot just 
doesn't want to do it. Many other servers behave this way as well.


In a literal string, the data is exactly what appears in the original message.  
No post-processing mechanism should be stripping quotes or anything from this 
data - it is already in its canonical state.

Dovecot is 100% correct in its return.


Yes. Looks like Perl's IMAP client hasn't been built properly to expect 
literals in places where they are allowed. My guess is that this is only one of 
the 100 other places where a literal is allowed by RFC but not by Perl..

Maybe I should add some evil setting to Dovecot where it would use literals 
everywhere it can, or perhaps randomly send atoms/strings/literals. :)



Oops, my happy Alpine ^X finger accidently sent the previous reply.  I 
meant to say thanks and will try to come up with a fix to this literal 
string problem for the Perl IMAPClient module.


Don't want Timo's evil config setting to wreak havocs :-).

Re: [Dovecot] ENVELOPE mishandling of Subject lines with quote(s)?

[Bill Cole]

On 6 Feb 2012, at 16:34, Dinh Le wrote:


On Mon, 6 Feb 2012, Timo Sirainen wrote:


On 6.2.2012, at 22.45, Michael M Slusarz wrote:

The subject, because it contains quotes, can't be expressed in a 
quoted string so it is instead sent in a literal string.


Small correction: Quotes can be escaped in a quoted-string, but 
Dovecot just doesn't want to do it. Many other servers behave this 
way as well.


In a literal string, the data is exactly what appears in the 
original message.  No post-processing mechanism should be stripping 
quotes or anything from this data - it is already in its canonical 
state.


Dovecot is 100% correct in its return.


Yes. Looks like Perl's IMAP client hasn't been built properly to 
expect literals in places where they are allowed. My guess is that 
this is only one of the 100 other places where a literal is allowed 
by RFC but not by Perl..


Maybe I should add some evil setting to Dovecot where it would use 
literals everywhere it can, or perhaps randomly send 
atoms/strings/literals. :)




Oops, my happy Alpine ^X finger accidently sent the previous reply.  I 
meant to say thanks and will try to come up with a fix to this literal 
string problem for the Perl IMAPClient module.


Don't want Timo's evil config setting to wreak havocs :-).



The best solution for you may be to to update the version of 
Mail::IMAPClient you are using. There were fixes for its handling of 
literals claimed in the CHANGES file of v3.26  (2011-01-31). I don't 
know if that will fix this particular problem, but if you are running an 
older version then it would be worth trying the current version.

Re: [Dovecot] ENVELOPE mishandling of Subject lines with quote(s)?

[Michael M Slusarz]

Quoting Timo Sirainen t...@iki.fi:


On 6.2.2012, at 22.55, Timo Sirainen wrote:

Maybe I should add some evil setting to Dovecot where it would use  
literals everywhere it can, or perhaps randomly send  
atoms/strings/literals. :)


BTW. If anyone wants to try, the attached patch makes Dovecot return  
(almost) all possible fields as literals. You'll need to delete  
dovecot.index.cache files to get the full effect.


Very useful.  Turns out the only thing I wasn't handling correctly was  
the MIME types/subtypes in BODYSTRUCTURE.


This is a great tool for debugging client code.  Not sure the  
difficulty to add as a config (or even a hidden config).  Being able  
to easily turn on/off would increase my usage of the tool.


michael

Re: [Dovecot] Need help with details for new Dovecot plugin - was: Re: (no subject)

[Charles Marcus]

On 2012-01-12 6:17 PM, Timo Sirainen t...@iki.fi wrote:

On 11.1.2012, at 20.53, Geoffrey Broadwell wrote:

So now the hard part is writing the piece that I can't just crib from
elsewhere -- making sure that I hook every place in Dovecot that the
user's voicemail folder can be changed in a way that would change it
between having one or more unread messages, and not having any unread
messages at all (or vice-versa, of course).  At the same time, I want to
minimize the performance impact to Dovecot (and the load on the UDP
server) by only hooking the places I need to, filtering out as many
false positives as I can without introducing massive complexity, and
only pinging the UDP server when it's most likely to notice a change in
the state of that user's voicemail server.



I think notify plugin would help you do this the easiest way. See
mail_log plugin for an example of how to use it.


Oops, should have read all messages before replying (I usually skip 
messages with (no subject), but I try to read everything on some lists 
(dovecot is one of them)...


Timo - searching on 'inotify' or 'notify' on both wiki1 and wiki2 has 
'no results'... maybe the search indexes need to be updated? Or, is it 
just that there really is no documentation of inotify on either of the 
wikis?


--

Best regards,

Charles