Re: [qmailtoaster] Dovecot update on centos 8 / rocky 8 issue

[Remo Mattei]

Thanks Eric, 
I did check and that’s correct 

Remo 

> On Feb 5, 2022, at 09:41, Eric Broch  wrote:
> 
> May be they moved it to the RHEL tree
> 
> http://repo.dovecot.org/ce-2.3-latest/rhel/8/RPMS/x86_64/
> 
> On 2/5/2022 10:26 AM, Remo Mattei wrote:
>> Hi all,
>> Has anyone seen this I think it’s down
>> 
>> Thanks
>> 
>>  ❯ yum update
>> Dovecot 2.3 CentOS 8 - x86_64
>> 200  B/s | 146  
>> B 00:00
>> Errors during downloading metadata for repository 'dovecot-2.3-latest':
>>   - Status code: 404 for 
>> http://repo.dovecot.org/ce-2.3-latest/centos/8/RPMS/x86_64/repodata/repomd.xml
>>  (IP: 94.237.82.12)
>> Error: Failed to download metadata for repo 'dovecot-2.3-latest': Cannot 
>> download repomd.xml: Cannot download repodata/repomd.xml: All mirrors were 
>> tried
>> 
>> 
>> -
>> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
>> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>> 
> 
> -
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
> 


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Dovecot update on centos 8 / rocky 8 issue

[Eric Broch]

May be they moved it to the RHEL tree

http://repo.dovecot.org/ce-2.3-latest/rhel/8/RPMS/x86_64/

On 2/5/2022 10:26 AM, Remo Mattei wrote:

Hi all,
Has anyone seen this I think it’s down

Thanks

  
❯ yum update

Dovecot 2.3 CentOS 8 - x86_64   
 200  B/s | 146  B 
00:00
Errors during downloading metadata for repository 'dovecot-2.3-latest':
   - Status code: 404 for 
http://repo.dovecot.org/ce-2.3-latest/centos/8/RPMS/x86_64/repodata/repomd.xml 
(IP: 94.237.82.12)
Error: Failed to download metadata for repo 'dovecot-2.3-latest': Cannot 
download repomd.xml: Cannot download repodata/repomd.xml: All mirrors were tried


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com



-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] Dovecot update on centos 8 / rocky 8 issue

[Remo Mattei]

Hi all,
Has anyone seen this I think it’s down 

Thanks 

 
❯ yum update
Dovecot 2.3 CentOS 8 - x86_64   
 200  B/s | 146  B 
00:00
Errors during downloading metadata for repository 'dovecot-2.3-latest':
  - Status code: 404 for 
http://repo.dovecot.org/ce-2.3-latest/centos/8/RPMS/x86_64/repodata/repomd.xml 
(IP: 94.237.82.12)
Error: Failed to download metadata for repo 'dovecot-2.3-latest': Cannot 
download repomd.xml: Cannot download repodata/repomd.xml: All mirrors were tried


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] dovecot login issue

[Tahnan Al Anas]

Hi Eric,

I am facing an old issue, my dovecot is set to below

auth_cache_size = 512M
auth_cache_ttl = 1 min
auth_cache_negative_ttl = 1 min

but still I need to restart dovecot every few hours some time in days. I
have created cronjob to restart dovecot for that. But is there any solution?


--
--

Best Regards
Muhammad Tahnan Al Anas

[qmailtoaster] Dovecot & ClamAV

[Eric Broch]

The new QMT/CentOS 7 RPMS, Dovecot-2.3.10 & ClamAV-0.102.2, are in the 
testing repository.


It may take a little time for the RPMS to replicate throughout all the 
repositories.



-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] Dovecot Maximum number of connections from user+IP exceeded

[Jeff Koch]

Hi:

Our users are complaining about this error message:

Maximum number of connections from user+IP exceeded 
(mail_max_userip_connections=10)


We have adjusted the configuration entries at 
/etc/dovecot/conf.d/20-imap.conf and 20-pop3.conf to:


mail_max_userip_connections = 30
mail_max_userip_connections = 30

and restarted qmail and dovecot and yet the users are still getting this 
message saying they have exceeded the limit of 10.


How can I fix this?

Jeff

Re: [qmailtoaster] dovecot CVE-2019-11500

[Eric's mail]

Thanks!




Get Outlook for Android







On Tue, Oct 1, 2019 at 4:10 AM -0600, "Ionut Hoza"  wrote:










Hi,

I've upgraded to dovecot 2.3.7.2 from qmt-testing repository.All works as 
expected after upgrade.
Upgrade notes to fix some WARNINGS (in case you manually updated toaster.conf 
file):
1. ssl_dh_parameters_length is no longer required.Oct 01 10:09:25 config: 
Warning: Obsolete setting in /etc/dovecot/toaster.conf:21: 
ssl_dh_parameters_length is no longer needed

2. set ssl_dh= /etc/dovecot/dh.pem

Thank you,I.

On Mon, Sep 30, 2019 at 4:02 PM Eric Broch  wrote:
Correct



On 9/30/2019 4:38 AM, Angus McIntyre wrote:

> I think Eric is saying that the version in the testing repository -- 

> which, as you said, is 2.3.7.2 -- fixes the vulnerability. 



-

To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com

For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] dovecot CVE-2019-11500

[Ionut Hoza]

Hi,

I've upgraded to dovecot 2.3.7.2 from qmt-testing repository.
All works as expected after upgrade.

Upgrade notes to fix some WARNINGS (in case you manually updated
toaster.conf file):

1. ssl_dh_parameters_length is no longer required.
Oct 01 10:09:25 config: Warning: Obsolete setting in
/etc/dovecot/toaster.conf:21: ssl_dh_parameters_length is no longer needed

2. set ssl_dh= /etc/dovecot/dh.pem

Thank you,
I.


On Mon, Sep 30, 2019 at 4:02 PM Eric Broch  wrote:

> Correct
>
> On 9/30/2019 4:38 AM, Angus McIntyre wrote:
> > I think Eric is saying that the version in the testing repository --
> > which, as you said, is 2.3.7.2 -- fixes the vulnerability.
>
> -
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>
>

Re: [qmailtoaster] dovecot CVE-2019-11500

[Eric Broch]

Correct

On 9/30/2019 4:38 AM, Angus McIntyre wrote:
I think Eric is saying that the version in the testing repository -- 
which, as you said, is 2.3.7.2 -- fixes the vulnerability. 


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] dovecot CVE-2019-11500

[Angus McIntyre]

I think Eric is saying that the version in the testing repository -- 
which, as you said, is 2.3.7.2 -- fixes the vulnerability.


The relevant part of the CVE-2019-11500 report -- which Eric quoted in 
his message, with the key words emphasized -- says that this 
vulnerability exists in versions of 2.3.x before 2.3.7.2. That suggests 
that installing 2.3.7.2 from the testing repository would fix the issue 
for you.


That's how I understand his answer, anyway.

Angus



On 2019-09-30 05:09, Ionut Hoza wrote:

Hi Eric,

I don't think I understand your answer :).

I'll try to upgrade to the package available in testing inventory.

Thanks,
I.

On Fri, Sep 27, 2019 at 5:36 PM Eric Broch 
wrote:


In Dovecot before 2.2.36.4 and 2.3.x _BEFORE_ 2.3.7.2 (and
Pigeonhole before 0.5.7.2), protocol processing can fail for quoted
strings. This occurs because '' characters are mishandled, and can
lead to out-of-bounds writes and remote code execution.
On 9/27/2019 3:10 AM, Ionut Hoza wrote:


Hi all,

Are there any plans to address this security vulnerability and
publish a patched package in the qmt current repository ?
https://nvd.nist.gov/vuln/detail/CVE-2019-11500 [1]

Currently I'm using 2.2.35-23 (built in 2018).

I saw there is dovecot 2.3.7.2 rpm package in testing repository,
does that contains the fix ? Any advices (issues) regarding
upgrading dovecot from 2.2.35 to 2.3.7.2 ?

Thanks in advance,
-I.



Links:
--
[1] https://nvd.nist.gov/vuln/detail/CVE-2019-11500


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] dovecot CVE-2019-11500

[Ionut Hoza]

Hi Eric,

I don't think I understand your answer :).

I'll try to upgrade to the package available in testing inventory.

Thanks,
I.

On Fri, Sep 27, 2019 at 5:36 PM Eric Broch  wrote:

> In Dovecot before 2.2.36.4 and 2.3.x *before* 2.3.7.2 (and Pigeonhole
> before 0.5.7.2), protocol processing can fail for quoted strings. This
> occurs because '\0' characters are mishandled, and can lead to
> out-of-bounds writes and remote code execution.
> On 9/27/2019 3:10 AM, Ionut Hoza wrote:
>
> Hi all,
>
> Are there any plans to address this security vulnerability and publish a
> patched package in the qmt current repository ?
> https://nvd.nist.gov/vuln/detail/CVE-2019-11500
>
> Currently I'm using 2.2.35-23 (built in 2018).
>
> I saw there is dovecot 2.3.7.2 rpm package in testing repository, does
> that contains the fix ? Any advices (issues) regarding upgrading dovecot
> from 2.2.35 to 2.3.7.2 ?
>
> Thanks in advance,
> -I.
>
>

Re: [qmailtoaster] dovecot CVE-2019-11500

[Eric Broch]

In Dovecot before 2.2.36.4 and 2.3.x /*before*/ 2.3.7.2 (and Pigeonhole 
before 0.5.7.2), protocol processing can fail for quoted strings. This 
occurs because '\0' characters are mishandled, and can lead to 
out-of-bounds writes and remote code execution.


On 9/27/2019 3:10 AM, Ionut Hoza wrote:

Hi all,

Are there any plans to address this security vulnerability and publish 
a patched package in the qmt current repository ?

https://nvd.nist.gov/vuln/detail/CVE-2019-11500

Currently I'm using 2.2.35-23 (built in 2018).

I saw there is dovecot 2.3.7.2 rpm package in testing repository, does 
that contains the fix ? Any advices (issues) regarding upgrading 
dovecot from 2.2.35 to 2.3.7.2 ?


Thanks in advance,
-I.

[qmailtoaster] dovecot CVE-2019-11500

[Ionut Hoza]

Hi all,

Are there any plans to address this security vulnerability and publish a
patched package in the qmt current repository ?
https://nvd.nist.gov/vuln/detail/CVE-2019-11500

Currently I'm using 2.2.35-23 (built in 2018).

I saw there is dovecot 2.3.7.2 rpm package in testing repository, does that
contains the fix ? Any advices (issues) regarding upgrading dovecot from
2.2.35 to 2.3.7.2 ?

Thanks in advance,
-I.

Re: [qmailtoaster] dovecot dropping connection.reaching process limit 100 just few second.

[Eric Broch]

https://wiki.dovecot.org/LoginProcess

On 4/13/2019 2:59 PM, Tahnan Al Anas wrote:

Dear Eric,

One of my server seems getting session block on imap. I am unable to 
log on webmail or even unable to telnet on 143 port. After restarting 
dovecot, I can log immediately but if I wait 30 sec to one min, again 
I am unable to log in. Below are the reports:


telnet:

[root@client html]# telnet localhost 143
Trying ::1...
Connected to localhost.
Escape character is '^]'.
Connection closed by foreign host.
[root@client html]#

[root@client html]# systemctl restart dovecot
[root@client html]# telnet localhost 143
Trying ::1...
Connected to localhost.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE 
IDLE STARTTLS AUTH=PLAIN AUTH=LOGIN AUTH=DIGEST-MD5 AUTH=CRAM-MD5] 
Dovecot toaster ready.

a logout
* BYE Logging out
a OK Logout completed.
Connection closed by foreign host.
[root@client html]#

Log:

master: Warning: service(imap-login): process_limit (100) reached, 
client connections are being dropped



--
--

Best Regards
Muhammad Tahnan Al Anas

Re: [qmailtoaster] dovecot dropping connection.reaching process limit 100 just few second.

[remo]

Looks like ips max number 

> Il giorno 13 apr 2019, alle ore 13:59, Tahnan Al Anas  ha 
> scritto:
> 
> Dear Eric,
> 
> One of my server seems getting session block on imap. I am unable to log on 
> webmail or even unable to telnet on 143 port. After restarting dovecot, I can 
> log immediately but if I wait 30 sec to one min, again I am unable to log in. 
> Below are the reports:
> 
> telnet: 
> 
> [root@client html]# telnet localhost 143
> Trying ::1...
> Connected to localhost.
> Escape character is '^]'.
> Connection closed by foreign host.
> [root@client html]#
> 
> [root@client html]# systemctl restart dovecot
> [root@client html]# telnet localhost 143
> Trying ::1...
> Connected to localhost.
> Escape character is '^]'.
> * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE 
> STARTTLS AUTH=PLAIN AUTH=LOGIN AUTH=DIGEST-MD5 AUTH=CRAM-MD5] Dovecot toaster 
> ready.
> a logout
> * BYE Logging out
> a OK Logout completed.
> Connection closed by foreign host.
> [root@client html]# 
> 
> Log: 
> 
> master: Warning: service(imap-login): process_limit (100) reached, client 
> connections are being dropped 
> 
> 
> --
> --
> 
> Best Regards
> Muhammad Tahnan Al Anas
-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] dovecot dropping connection.reaching process limit 100 just few second.

[Tahnan Al Anas]

Dear Eric,

One of my server seems getting session block on imap. I am unable to log on
webmail or even unable to telnet on 143 port. After restarting dovecot, I
can log immediately but if I wait 30 sec to one min, again I am unable to
log in. Below are the reports:

telnet:

[root@client html]# telnet localhost 143
Trying ::1...
Connected to localhost.
Escape character is '^]'.
Connection closed by foreign host.
[root@client html]#

[root@client html]# systemctl restart dovecot
[root@client html]# telnet localhost 143
Trying ::1...
Connected to localhost.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE
STARTTLS AUTH=PLAIN AUTH=LOGIN AUTH=DIGEST-MD5 AUTH=CRAM-MD5] Dovecot
toaster ready.
a logout
* BYE Logging out
a OK Logout completed.
Connection closed by foreign host.
[root@client html]#

Log:

master: Warning: service(imap-login): process_limit (100) reached, client
connections are being dropped


--
--

Best Regards
Muhammad Tahnan Al Anas

Re: [qmailtoaster] dovecot error related to test-compression

[Eric Broch]

build as non-root


On 10/17/2018 3:21 AM, Rajesh M wrote:

hello

i am building as a root user  on centos version 6.9,  64 bit

command that is used

rpmbuild --rebuild --define "dist .qt.el6" dovecot-ce-2.3.0-1.qt.el6.src.rpm

error that i got

make[3]: Leaving directory 
`/root/rpmbuild/BUILD/dovecot-ce-2.3.0/src/lib-imap-client'
make[2]: Leaving directory 
`/root/rpmbuild/BUILD/dovecot-ce-2.3.0/src/lib-imap-client'
Making check in lib-imap-urlauth
make[2]: Entering directory 
`/root/rpmbuild/BUILD/dovecot-ce-2.3.0/src/lib-imap-urlauth'
make[2]: Nothing to be done for `check'.
make[2]: Leaving directory 
`/root/rpmbuild/BUILD/dovecot-ce-2.3.0/src/lib-imap-urlauth'
Making check in lib-compression
make[2]: Entering directory 
`/root/rpmbuild/BUILD/dovecot-ce-2.3.0/src/lib-compression'
make  check-local
make[3]: Entering directory 
`/root/rpmbuild/BUILD/dovecot-ce-2.3.0/src/lib-compression'
for bin in test-compression; do \
   if ! /bin/sh ../../run-test.sh ../.. ./$bin; then exit 1; fi; \
done
compression handler gz ... : ok
compression handler bz2 .. : ok
compression handler deflate .. : ok
compression handler xz ... : ok
gz concat  : ok
gz no concat . : ok
gz large header .. : ok
0 / 7 tests failed
==639== Conditional jump or move depends on uninitialised value(s)
==639==at 0x3509A0ACB2: ??? (in /usr/lib64/liblzma.so.0.0.0)
==639==by 0x3509A0AEA9: ??? (in /usr/lib64/liblzma.so.0.0.0)
==639==by 0x3509A03121: ??? (in /usr/lib64/liblzma.so.0.0.0)
==639==by 0x3509A061A0: ??? (in /usr/lib64/liblzma.so.0.0.0)
==639==by 0x3509A05212: lzma_easy_encoder (in /usr/lib64/liblzma.so.0.0.0)
==639==by 0x406ACF: o_stream_create_lzma (ostream-lzma.c:206)
==639==by 0x403D89: test_compression_handler (test-compression.c:36)
==639==by 0x4040BD: test_compression (test-compression.c:96)
==639==by 0x408281: test_run_funcs (test-common.c:244)
==639==by 0x4083E0: test_run (test-common.c:315)
==639==by 0x40398B: main (test-compression.c:308)
==639==
Failed to run: ./test-compression
make[3]: *** [check-local] Error 1
make[3]: Leaving directory 
`/root/rpmbuild/BUILD/dovecot-ce-2.3.0/src/lib-compression'
make[2]: *** [check-am] Error 2
make[2]: Leaving directory 
`/root/rpmbuild/BUILD/dovecot-ce-2.3.0/src/lib-compression'
make[1]: *** [check-recursive] Error 1
make[1]: Leaving directory `/root/rpmbuild/BUILD/dovecot-ce-2.3.0/src'
make: *** [check-recursive] Error 1
error: Bad exit status from /var/tmp/rpm-tmp.aUYAhV (%check)


RPM build errors:
 Bad exit status from /var/tmp/rpm-tmp.aUYAhV (%check)




@eric : while searching i noted that you got a similar error in Jan 2018.
https://www.mail-archive.com/dovecot@dovecot.org/msg72130.html
do you recollect how your fixed it ?

thanks
rajesh

- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Fri, 12 Oct 2018 15:27:34 -0600
Subject:

Are you building as not root user?


On 10/12/2018 3:08 PM, Andreas Galatis wrote:

Hi Rajesh,

what exactly is the error-message?


Andreas Galatis

Computerservice & Datenschutz

Am 12.10.2018 um 17:00 schrieb Rajesh M:

hello

i am using centos 6, 64 bit system -- with the latest updates.

i am trying to build a new server with qmailtoaster.

all qmail packages installed successfully.

however i get an error  while compiling dovecot using the source rpm related to 
test-compression

i tried this with multiple version of dovecot but still the same error.
ftp://ftp.whitehorsetc.com/pub/qmail/CentOS6/qmt/srpms/dovecot-2.2.35-19.qt.src.rpm
 upto  dovecot-2.2.22-7.qt.src.rpm

i am using qmailtoaster for the past over 8 years on 4 of my servers and have 
always built from source, but all of a sudden facing the above errors

i formatted and reinstalled Centos 3 times but the same error persists.

i wonder what i am missing.

Could you please help.

thanks,
rajesh




-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com




-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com


--
Eric Broch
White Horse Technical Consulting (WHTC)

Re: [qmailtoaster] dovecot error related to test-compression

[Remo Mattei]

To me it looks like you are missing some packages to do the test during the 
boot.  Maybe a zlib just did a quick google search on that error. 

Remo 

> On Oct 17, 2018, at 02:21, Rajesh M <24x7ser...@24x7server.net> wrote:
> 
> hello
> 
> i am building as a root user  on centos version 6.9,  64 bit
> 
> command that is used
> 
> rpmbuild --rebuild --define "dist .qt.el6" dovecot-ce-2.3.0-1.qt.el6.src.rpm
> 
> error that i got
> 
> make[3]: Leaving directory 
> `/root/rpmbuild/BUILD/dovecot-ce-2.3.0/src/lib-imap-client'
> make[2]: Leaving directory 
> `/root/rpmbuild/BUILD/dovecot-ce-2.3.0/src/lib-imap-client'
> Making check in lib-imap-urlauth
> make[2]: Entering directory 
> `/root/rpmbuild/BUILD/dovecot-ce-2.3.0/src/lib-imap-urlauth'
> make[2]: Nothing to be done for `check'.
> make[2]: Leaving directory 
> `/root/rpmbuild/BUILD/dovecot-ce-2.3.0/src/lib-imap-urlauth'
> Making check in lib-compression
> make[2]: Entering directory 
> `/root/rpmbuild/BUILD/dovecot-ce-2.3.0/src/lib-compression'
> make  check-local
> make[3]: Entering directory 
> `/root/rpmbuild/BUILD/dovecot-ce-2.3.0/src/lib-compression'
> for bin in test-compression; do \
>  if ! /bin/sh ../../run-test.sh ../.. ./$bin; then exit 1; fi; \
> done
> compression handler gz ... : ok
> compression handler bz2 .. : ok
> compression handler deflate .. : ok
> compression handler xz ... : ok
> gz concat  : ok
> gz no concat . : ok
> gz large header .. : ok
> 0 / 7 tests failed
> ==639== Conditional jump or move depends on uninitialised value(s)
> ==639==at 0x3509A0ACB2: ??? (in /usr/lib64/liblzma.so.0.0.0)
> ==639==by 0x3509A0AEA9: ??? (in /usr/lib64/liblzma.so.0.0.0)
> ==639==by 0x3509A03121: ??? (in /usr/lib64/liblzma.so.0.0.0)
> ==639==by 0x3509A061A0: ??? (in /usr/lib64/liblzma.so.0.0.0)
> ==639==by 0x3509A05212: lzma_easy_encoder (in /usr/lib64/liblzma.so.0.0.0)
> ==639==by 0x406ACF: o_stream_create_lzma (ostream-lzma.c:206)
> ==639==by 0x403D89: test_compression_handler (test-compression.c:36)
> ==639==by 0x4040BD: test_compression (test-compression.c:96)
> ==639==by 0x408281: test_run_funcs (test-common.c:244)
> ==639==by 0x4083E0: test_run (test-common.c:315)
> ==639==by 0x40398B: main (test-compression.c:308)
> ==639==
> Failed to run: ./test-compression
> make[3]: *** [check-local] Error 1
> make[3]: Leaving directory 
> `/root/rpmbuild/BUILD/dovecot-ce-2.3.0/src/lib-compression'
> make[2]: *** [check-am] Error 2
> make[2]: Leaving directory 
> `/root/rpmbuild/BUILD/dovecot-ce-2.3.0/src/lib-compression'
> make[1]: *** [check-recursive] Error 1
> make[1]: Leaving directory `/root/rpmbuild/BUILD/dovecot-ce-2.3.0/src'
> make: *** [check-recursive] Error 1
> error: Bad exit status from /var/tmp/rpm-tmp.aUYAhV (%check)
> 
> 
> RPM build errors:
>Bad exit status from /var/tmp/rpm-tmp.aUYAhV (%check)
> 
> 
> 
> 
> @eric : while searching i noted that you got a similar error in Jan 2018.
> https://www.mail-archive.com/dovecot@dovecot.org/msg72130.html 
> 
> do you recollect how your fixed it ?
> 
> thanks
> rajesh
> 
> - Original Message -
> From: Eric Broch [mailto:ebr...@whitehorsetc.com 
> ]
> To: qmailtoaster-list@qmailtoaster.com 
> 
> Sent: Fri, 12 Oct 2018 15:27:34 -0600
> Subject:
> 
> Are you building as not root user?
> 
> 
> On 10/12/2018 3:08 PM, Andreas Galatis wrote:
>> Hi Rajesh,
>> 
>> what exactly is the error-message?
>> 
>> 
>> Andreas Galatis
>> 
>> Computerservice & Datenschutz
>> 
>> Am 12.10.2018 um 17:00 schrieb Rajesh M:
>>> hello
>>> 
>>> i am using centos 6, 64 bit system -- with the latest updates.
>>> 
>>> i am trying to build a new server with qmailtoaster.
>>> 
>>> all qmail packages installed successfully.
>>> 
>>> however i get an error  while compiling dovecot using the source rpm 
>>> related to test-compression
>>> 
>>> i tried this with multiple version of dovecot but still the same error.
>>> ftp://ftp.whitehorsetc.com/pub/qmail/CentOS6/qmt/srpms/dovecot-2.2.35-19.qt.src.rpm
>>>  upto  dovecot-2.2.22-7.qt.src.rpm
>>> 
>>> i am using qmailtoaster for the past over 8 years on 4 of my servers and 
>>> have always built from source, but all of a sudden facing the above errors
>>> 
>>> i formatted and reinstalled Centos 3 times but the same error persists.
>>> 
>>> i wonder what i am missing.
>>> 
>>> Could you please help.
>>> 
>>> thanks,
>>> rajesh
>>> 
>>> 
>>> 
>>> 
>>> --

Re: [qmailtoaster] dovecot error related to test-compression

[Rajesh M]

hello

i am building as a root user  on centos version 6.9,  64 bit

command that is used

rpmbuild --rebuild --define "dist .qt.el6" dovecot-ce-2.3.0-1.qt.el6.src.rpm

error that i got

make[3]: Leaving directory 
`/root/rpmbuild/BUILD/dovecot-ce-2.3.0/src/lib-imap-client'
make[2]: Leaving directory 
`/root/rpmbuild/BUILD/dovecot-ce-2.3.0/src/lib-imap-client'
Making check in lib-imap-urlauth
make[2]: Entering directory 
`/root/rpmbuild/BUILD/dovecot-ce-2.3.0/src/lib-imap-urlauth'
make[2]: Nothing to be done for `check'.
make[2]: Leaving directory 
`/root/rpmbuild/BUILD/dovecot-ce-2.3.0/src/lib-imap-urlauth'
Making check in lib-compression
make[2]: Entering directory 
`/root/rpmbuild/BUILD/dovecot-ce-2.3.0/src/lib-compression'
make  check-local
make[3]: Entering directory 
`/root/rpmbuild/BUILD/dovecot-ce-2.3.0/src/lib-compression'
for bin in test-compression; do \
  if ! /bin/sh ../../run-test.sh ../.. ./$bin; then exit 1; fi; \
done
compression handler gz ... : ok
compression handler bz2 .. : ok
compression handler deflate .. : ok
compression handler xz ... : ok
gz concat  : ok
gz no concat . : ok
gz large header .. : ok
0 / 7 tests failed
==639== Conditional jump or move depends on uninitialised value(s)
==639==at 0x3509A0ACB2: ??? (in /usr/lib64/liblzma.so.0.0.0)
==639==by 0x3509A0AEA9: ??? (in /usr/lib64/liblzma.so.0.0.0)
==639==by 0x3509A03121: ??? (in /usr/lib64/liblzma.so.0.0.0)
==639==by 0x3509A061A0: ??? (in /usr/lib64/liblzma.so.0.0.0)
==639==by 0x3509A05212: lzma_easy_encoder (in /usr/lib64/liblzma.so.0.0.0)
==639==by 0x406ACF: o_stream_create_lzma (ostream-lzma.c:206)
==639==by 0x403D89: test_compression_handler (test-compression.c:36)
==639==by 0x4040BD: test_compression (test-compression.c:96)
==639==by 0x408281: test_run_funcs (test-common.c:244)
==639==by 0x4083E0: test_run (test-common.c:315)
==639==by 0x40398B: main (test-compression.c:308)
==639==
Failed to run: ./test-compression
make[3]: *** [check-local] Error 1
make[3]: Leaving directory 
`/root/rpmbuild/BUILD/dovecot-ce-2.3.0/src/lib-compression'
make[2]: *** [check-am] Error 2
make[2]: Leaving directory 
`/root/rpmbuild/BUILD/dovecot-ce-2.3.0/src/lib-compression'
make[1]: *** [check-recursive] Error 1
make[1]: Leaving directory `/root/rpmbuild/BUILD/dovecot-ce-2.3.0/src'
make: *** [check-recursive] Error 1
error: Bad exit status from /var/tmp/rpm-tmp.aUYAhV (%check)


RPM build errors:
Bad exit status from /var/tmp/rpm-tmp.aUYAhV (%check)




@eric : while searching i noted that you got a similar error in Jan 2018.
https://www.mail-archive.com/dovecot@dovecot.org/msg72130.html
do you recollect how your fixed it ?

thanks
rajesh

- Original Message -
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Fri, 12 Oct 2018 15:27:34 -0600
Subject:

Are you building as not root user?


On 10/12/2018 3:08 PM, Andreas Galatis wrote:
> Hi Rajesh,
>
> what exactly is the error-message?
>
>
> Andreas Galatis
>
> Computerservice & Datenschutz
>
> Am 12.10.2018 um 17:00 schrieb Rajesh M:
>> hello
>>
>> i am using centos 6, 64 bit system -- with the latest updates.
>>
>> i am trying to build a new server with qmailtoaster.
>>
>> all qmail packages installed successfully.
>>
>> however i get an error  while compiling dovecot using the source rpm related 
>> to test-compression
>>
>> i tried this with multiple version of dovecot but still the same error.
>> ftp://ftp.whitehorsetc.com/pub/qmail/CentOS6/qmt/srpms/dovecot-2.2.35-19.qt.src.rpm
>>  upto  dovecot-2.2.22-7.qt.src.rpm
>>
>> i am using qmailtoaster for the past over 8 years on 4 of my servers and 
>> have always built from source, but all of a sudden facing the above errors
>>
>> i formatted and reinstalled Centos 3 times but the same error persists.
>>
>> i wonder what i am missing.
>>
>> Could you please help.
>>
>> thanks,
>> rajesh
>>
>>
>>
>>
>> -
>> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
>> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>>

--
Eric Broch
White Horse Technical Consulting (WHTC)


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...

Re: [qmailtoaster] dovecot error related to test-compression

[Eric Broch]

Are you building as not root user?


On 10/12/2018 3:08 PM, Andreas Galatis wrote:

Hi Rajesh,

what exactly is the error-message?


Andreas Galatis

Computerservice & Datenschutz

Am 12.10.2018 um 17:00 schrieb Rajesh M:

hello

i am using centos 6, 64 bit system -- with the latest updates.

i am trying to build a new server with qmailtoaster.

all qmail packages installed successfully.

however i get an error  while compiling dovecot using the source rpm related to 
test-compression

i tried this with multiple version of dovecot but still the same error.
ftp://ftp.whitehorsetc.com/pub/qmail/CentOS6/qmt/srpms/dovecot-2.2.35-19.qt.src.rpm
 upto  dovecot-2.2.22-7.qt.src.rpm

i am using qmailtoaster for the past over 8 years on 4 of my servers and have 
always built from source, but all of a sudden facing the above errors

i formatted and reinstalled Centos 3 times but the same error persists.

i wonder what i am missing.

Could you please help.

thanks,
rajesh




-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com



--
Eric Broch
White Horse Technical Consulting (WHTC)


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] dovecot error related to test-compression

[Andreas Galatis]

Hi Rajesh,

what exactly is the error-message?


Andreas Galatis

Computerservice & Datenschutz

Am 12.10.2018 um 17:00 schrieb Rajesh M:
> hello
> 
> i am using centos 6, 64 bit system -- with the latest updates.
> 
> i am trying to build a new server with qmailtoaster.
> 
> all qmail packages installed successfully.
> 
> however i get an error  while compiling dovecot using the source rpm related 
> to test-compression
> 
> i tried this with multiple version of dovecot but still the same error.
> ftp://ftp.whitehorsetc.com/pub/qmail/CentOS6/qmt/srpms/dovecot-2.2.35-19.qt.src.rpm
>  upto  dovecot-2.2.22-7.qt.src.rpm
> 
> i am using qmailtoaster for the past over 8 years on 4 of my servers and have 
> always built from source, but all of a sudden facing the above errors
> 
> i formatted and reinstalled Centos 3 times but the same error persists.
> 
> i wonder what i am missing.
> 
> Could you please help.
> 
> thanks,
> rajesh
> 
> 
> 
> 
> -
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
> 



signature.asc
Description: OpenPGP digital signature

Re: [qmailtoaster] dovecot error related to test-compression

[remo]

CentOS 7?

> Il giorno 12 ott 2018, alle ore 08:00, Rajesh M <24x7ser...@24x7server.net> 
> ha scritto:
> 
> hello
> 
> i am using centos 6, 64 bit system -- with the latest updates.
> 
> i am trying to build a new server with qmailtoaster.
> 
> all qmail packages installed successfully.
> 
> however i get an error  while compiling dovecot using the source rpm related 
> to test-compression
> 
> i tried this with multiple version of dovecot but still the same error.
> ftp://ftp.whitehorsetc.com/pub/qmail/CentOS6/qmt/srpms/dovecot-2.2.35-19.qt.src.rpm
>  upto  dovecot-2.2.22-7.qt.src.rpm
> 
> i am using qmailtoaster for the past over 8 years on 4 of my servers and have 
> always built from source, but all of a sudden facing the above errors
> 
> i formatted and reinstalled Centos 3 times but the same error persists.
> 
> i wonder what i am missing.
> 
> Could you please help.
> 
> thanks,
> rajesh
> 
> 
> 
> -
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] dovecot error related to test-compression

[Rajesh M]

hello

i am using centos 6, 64 bit system -- with the latest updates.

i am trying to build a new server with qmailtoaster.

all qmail packages installed successfully.

however i get an error  while compiling dovecot using the source rpm related to 
test-compression

i tried this with multiple version of dovecot but still the same error.
ftp://ftp.whitehorsetc.com/pub/qmail/CentOS6/qmt/srpms/dovecot-2.2.35-19.qt.src.rpm
 upto  dovecot-2.2.22-7.qt.src.rpm

i am using qmailtoaster for the past over 8 years on 4 of my servers and have 
always built from source, but all of a sudden facing the above errors

i formatted and reinstalled Centos 3 times but the same error persists.

i wonder what i am missing.

Could you please help.

thanks,
rajesh


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: Fwd: [qmailtoaster] dovecot

[Eric Broch]

Yes


On 10/4/2018 2:16 AM, Tony White wrote:

Hi,
  If you have no clear password then vuserinfo is unable to report the 
user password.

It will only give you the encrypted password.

best wishes
   Tony White

On 04/10/18 14:22, Andrew Swartz wrote:

I ~may~ have just figured out why vpopmail stores cleartext passwords:

It is so it can support CRAM-MD5.

CRAM-MD5 is a challenge-response protocol used to provide privacy over
unencrypted connections.  The server challenges the client with a
pseudorandom challenge.  The client uses the password with HMAC-MD5 to
hash the challenge and send it back.  The server repeats the client
procedure to confirm that the client used (and thus has) the correct
password.

But this means that the server MUST have access to the cleartext
password, otherwise it cannot repeat the clients actions and confirm
authentication.  This cannot be accomplished with a salted hashed password.

If you remove the use of CRAM-MD5 and use PLAIN or LOGIN, the server
does not need access to the cleartext password.

Back when vpopmail was written, cleartext password storage was already
out of favor.  But TLS was not widely used, and the only way to not send
passwords in the clear was CRAM-MD5 (or a similar scheme), and this
required storing cleartext passwords.  Though storing cleartext
passwords is unsafe, it is much safer than sending cleartext passwords
over an encrypted channel.

I suspect that this is the primary reason that vpopmail primarily uses
hashed passwords but supports cleartext passwords with the option to
disable them.

-Andy


On 10/3/2018 7:51 PM, Eric Broch wrote:

Hi Andy,

I got it to work.

In '/etc/dovecot/toaster.conf' add 'mail_location = maildir:~/Maildir'

and make sure of 'auth_mechanisms = plain login'

In '/etc/squirrelmail/config_local.php' here are my imap settings:

$imapServerAddress  = 'localhost';
$imap_server_type   = 'dovecot';
$imap_auth_mech = 'login';

worked for my squirrelmail setup, hope you get it working

-Eric


On 10/3/2018 9:18 PM, Andrew Swartz wrote:

And I'll add that at the end, with pw_clear_passwd set to null, login
succeeds via IMAP but fails via Squirrelmail.

-Andy



 Forwarded Message 
Subject: Re: [qmailtoaster] dovecot
Date: Wed, 3 Oct 2018 19:12:11 -0800
From: Andrew Swartz
To:qmailtoaster-list@qmailtoaster.com

Eric,

With pw_clear_passwd set to '0123456789' I successfully logged in via
this technique using password '0123456789'.

I used SQL to reset pw_clear_passwd to null.

Again I successfully logged in via this technique using password
'0123456789'.


-Andy



On 10/3/2018 6:02 PM, Eric Broch wrote:

Try the CLI commands I sent. There can be issues with the configuration
of squirrelmail and roundcube.

IMAP:

# openssl s_client -crlf -connect localhost:993

imap> tag loginu...@domain.tld   $userpassword


Submission:

# cd /usr/local/bin
# wgethttp://www.jetmore.org/john/code/swaks/latest/swaks
# chown root.root swaks
# chmod +x swaks

# swaks --tosome...@remotedomain.tld  --fromu...@domain.tld  --server
$yourqmthost --port 587 --ehlo test -tls --auth login --auth-user
u...@domain.tld  --auth-password $userpassword


On 10/3/2018 7:45 PM, Andrew Swartz wrote:

Eric,

On Centos7 QMT:

I just created a new user account and set the password to '0123456789'.
Then I used your SQL command to set pw_clear_passwd to null.
Then I viewed the table to confirm it was empty (it was).
Then I tried to log in to Squirrelmail using password '0123456789':
Login failed.
Then I used your SQL command to reset pw_clear_passwd back to
'0123456789'.
Then I tried to log in to Squirrelmail using password '0123456789':
success.

This seems different from your experience.

This sucks because it seems to mean no easy fix for this problem.


-Andy




On 10/3/2018 4:24 PM, Eric Broch wrote:

I've been contacted by someone who removed the clear text password
from
an account and had issued logging into Dovecot even after a
restart. The
fix of course is to reset the password with
/home/vpopmail/bin/vpasswd.
Does anyone else want to confirm/refute my findings that w/o the clear
text password Dovecot will work?


--
Eric Broch
White Horse Technical Consulting (WHTC)





--
Eric Broch
White Horse Technical Consulting (WHTC)

Re: Fwd: [qmailtoaster] dovecot

[Tony White]

Hi,
  If you have no clear password then vuserinfo is unable to report the user 
password.
It will only give you the encrypted password.

best wishes
  Tony White

On 04/10/18 14:22, Andrew Swartz wrote:


I ~may~ have just figured out why vpopmail stores cleartext passwords:

It is so it can support CRAM-MD5.

CRAM-MD5 is a challenge-response protocol used to provide privacy over
unencrypted connections.  The server challenges the client with a
pseudorandom challenge.  The client uses the password with HMAC-MD5 to
hash the challenge and send it back.  The server repeats the client
procedure to confirm that the client used (and thus has) the correct
password.

But this means that the server MUST have access to the cleartext
password, otherwise it cannot repeat the clients actions and confirm
authentication.  This cannot be accomplished with a salted hashed password.

If you remove the use of CRAM-MD5 and use PLAIN or LOGIN, the server
does not need access to the cleartext password.

Back when vpopmail was written, cleartext password storage was already
out of favor.  But TLS was not widely used, and the only way to not send
passwords in the clear was CRAM-MD5 (or a similar scheme), and this
required storing cleartext passwords.  Though storing cleartext
passwords is unsafe, it is much safer than sending cleartext passwords
over an encrypted channel.

I suspect that this is the primary reason that vpopmail primarily uses
hashed passwords but supports cleartext passwords with the option to
disable them.

-Andy


On 10/3/2018 7:51 PM, Eric Broch wrote:

Hi Andy,

I got it to work.

In '/etc/dovecot/toaster.conf' add 'mail_location = maildir:~/Maildir'

and make sure of 'auth_mechanisms = plain login'

In '/etc/squirrelmail/config_local.php' here are my imap settings:

$imapServerAddress  = 'localhost';
$imap_server_type   = 'dovecot';
$imap_auth_mech = 'login';

worked for my squirrelmail setup, hope you get it working

-Eric


On 10/3/2018 9:18 PM, Andrew Swartz wrote:

And I'll add that at the end, with pw_clear_passwd set to null, login
succeeds via IMAP but fails via Squirrelmail.

-Andy



 Forwarded Message 
Subject: Re: [qmailtoaster] dovecot
Date: Wed, 3 Oct 2018 19:12:11 -0800
From: Andrew Swartz 
To: qmailtoaster-list@qmailtoaster.com

Eric,

With pw_clear_passwd set to '0123456789' I successfully logged in via
this technique using password '0123456789'.

I used SQL to reset pw_clear_passwd to null.

Again I successfully logged in via this technique using password
'0123456789'.


-Andy



On 10/3/2018 6:02 PM, Eric Broch wrote:

Try the CLI commands I sent. There can be issues with the configuration
of squirrelmail and roundcube.

IMAP:

# openssl s_client -crlf -connect localhost:993

imap> tag login u...@domain.tld  $userpassword


Submission:

# cd /usr/local/bin
# wget http://www.jetmore.org/john/code/swaks/latest/swaks
# chown root.root swaks
# chmod +x swaks

# swaks --to some...@remotedomain.tld --from u...@domain.tld --server
$yourqmthost --port 587 --ehlo test -tls --auth login --auth-user
u...@domain.tld --auth-password $userpassword


On 10/3/2018 7:45 PM, Andrew Swartz wrote:

Eric,

On Centos7 QMT:

I just created a new user account and set the password to '0123456789'.
Then I used your SQL command to set pw_clear_passwd to null.
Then I viewed the table to confirm it was empty (it was).
Then I tried to log in to Squirrelmail using password '0123456789':
Login failed.
Then I used your SQL command to reset pw_clear_passwd back to
'0123456789'.
Then I tried to log in to Squirrelmail using password '0123456789':
success.

This seems different from your experience.

This sucks because it seems to mean no easy fix for this problem.


-Andy




On 10/3/2018 4:24 PM, Eric Broch wrote:

I've been contacted by someone who removed the clear text password
from
an account and had issued logging into Dovecot even after a
restart. The
fix of course is to reset the password with
/home/vpopmail/bin/vpasswd.
Does anyone else want to confirm/refute my findings that w/o the clear
text password Dovecot will work?


--
Eric Broch
White Horse Technical Consulting (WHTC)

Re: Fwd: [qmailtoaster] dovecot

[Andrew Swartz]

I ~may~ have just figured out why vpopmail stores cleartext passwords:

It is so it can support CRAM-MD5.

CRAM-MD5 is a challenge-response protocol used to provide privacy over
unencrypted connections.  The server challenges the client with a
pseudorandom challenge.  The client uses the password with HMAC-MD5 to
hash the challenge and send it back.  The server repeats the client
procedure to confirm that the client used (and thus has) the correct
password.

But this means that the server MUST have access to the cleartext
password, otherwise it cannot repeat the clients actions and confirm
authentication.  This cannot be accomplished with a salted hashed password.

If you remove the use of CRAM-MD5 and use PLAIN or LOGIN, the server
does not need access to the cleartext password.

Back when vpopmail was written, cleartext password storage was already
out of favor.  But TLS was not widely used, and the only way to not send
passwords in the clear was CRAM-MD5 (or a similar scheme), and this
required storing cleartext passwords.  Though storing cleartext
passwords is unsafe, it is much safer than sending cleartext passwords
over an encrypted channel.

I suspect that this is the primary reason that vpopmail primarily uses
hashed passwords but supports cleartext passwords with the option to
disable them.

-Andy


On 10/3/2018 7:51 PM, Eric Broch wrote:
> Hi Andy,
> 
> I got it to work.
> 
> In '/etc/dovecot/toaster.conf' add 'mail_location = maildir:~/Maildir'
> 
> and make sure of 'auth_mechanisms = plain login'
> 
> In '/etc/squirrelmail/config_local.php' here are my imap settings:
> 
> $imapServerAddress  = 'localhost';
> $imap_server_type   = 'dovecot';
> $imap_auth_mech = 'login';
> 
> worked for my squirrelmail setup, hope you get it working
> 
> -Eric
> 
> 
> On 10/3/2018 9:18 PM, Andrew Swartz wrote:
>> And I'll add that at the end, with pw_clear_passwd set to null, login
>> succeeds via IMAP but fails via Squirrelmail.
>>
>> -Andy
>>
>>
>>
>>  Forwarded Message 
>> Subject: Re: [qmailtoaster] dovecot
>> Date: Wed, 3 Oct 2018 19:12:11 -0800
>> From: Andrew Swartz 
>> To: qmailtoaster-list@qmailtoaster.com
>>
>> Eric,
>>
>> With pw_clear_passwd set to '0123456789' I successfully logged in via
>> this technique using password '0123456789'.
>>
>> I used SQL to reset pw_clear_passwd to null.
>>
>> Again I successfully logged in via this technique using password
>> '0123456789'.
>>
>>
>> -Andy
>>
>>
>>
>> On 10/3/2018 6:02 PM, Eric Broch wrote:
>>> Try the CLI commands I sent. There can be issues with the configuration
>>> of squirrelmail and roundcube.
>>>
>>> IMAP:
>>>
>>> # openssl s_client -crlf -connect localhost:993
>>>
>>> imap> tag login u...@domain.tld  $userpassword
>>>
>>>
>>> Submission:
>>>
>>> # cd /usr/local/bin
>>> # wget http://www.jetmore.org/john/code/swaks/latest/swaks
>>> # chown root.root swaks
>>> # chmod +x swaks
>>>
>>> # swaks --to some...@remotedomain.tld --from u...@domain.tld --server
>>> $yourqmthost --port 587 --ehlo test -tls --auth login --auth-user
>>> u...@domain.tld --auth-password $userpassword
>>>
>>>
>>> On 10/3/2018 7:45 PM, Andrew Swartz wrote:
>>>> Eric,
>>>>
>>>> On Centos7 QMT:
>>>>
>>>> I just created a new user account and set the password to '0123456789'.
>>>> Then I used your SQL command to set pw_clear_passwd to null.
>>>> Then I viewed the table to confirm it was empty (it was).
>>>> Then I tried to log in to Squirrelmail using password '0123456789':
>>>> Login failed.
>>>> Then I used your SQL command to reset pw_clear_passwd back to
>>>> '0123456789'.
>>>> Then I tried to log in to Squirrelmail using password '0123456789':
>>>> success.
>>>>
>>>> This seems different from your experience.
>>>>
>>>> This sucks because it seems to mean no easy fix for this problem.
>>>>
>>>>
>>>> -Andy
>>>>
>>>>
>>>>
>>>>
>>>> On 10/3/2018 4:24 PM, Eric Broch wrote:
>>>>> I've been contacted by someone who removed the clear text password
>>>>> from
>>>>> an account and had issued logging into Dovecot even after a
>>>>> restart. The
>>>>> fix of course is to reset the password with
>>>>> /home/vpopmail/bin/vpasswd.
>>>>> Does anyone else want to confirm/refute my findings that w/o the clear
>>>>> text password Dovecot will work?
>>>>>
>>> -- 
>>> Eric Broch
>>> White Horse Technical Consulting (WHTC)
>>>
>>
> 



smime.p7s
Description: S/MIME Cryptographic Signature

Re: [qmailtoaster] dovecot

[Remo Mattei]

how do we address the new users?

Clear passwords still be set.. Eric, are you going to patch it to disable clear 
password on vpopmail?

Ciao,
Remo

--

> On Wednesday, Oct 03, 2018 at 20:51, Eric Broch  (mailto:ebr...@whitehorsetc.com)> wrote:
> Hi Andy,
>
> I got it to work.
>
> In '/etc/dovecot/toaster.conf' add 'mail_location = maildir:~/Maildir'
>
> and make sure of 'auth_mechanisms = plain login'
>
> In '/etc/squirrelmail/config_local.php' here are my imap settings:
>
> $imapServerAddress = 'localhost';
> $imap_server_type = 'dovecot';
> $imap_auth_mech = 'login';
>
> worked for my squirrelmail setup, hope you get it working
>
> -Eric
>
>
> On 10/3/2018 9:18 PM, Andrew Swartz wrote:
> > And I'll add that at the end, with pw_clear_passwd set to null, login
> > succeeds via IMAP but fails via Squirrelmail.
> >
> > -Andy
> >
> >
> >
> >  Forwarded Message 
> > Subject: Re: [qmailtoaster] dovecot
> > Date: Wed, 3 Oct 2018 19:12:11 -0800
> > From: Andrew Swartz 
> > To: qmailtoaster-list@qmailtoaster.com
> >
> > Eric,
> >
> > With pw_clear_passwd set to '0123456789' I successfully logged in via
> > this technique using password '0123456789'.
> >
> > I used SQL to reset pw_clear_passwd to null.
> >
> > Again I successfully logged in via this technique using password
> > '0123456789'.
> >
> >
> > -Andy
> >
> >
> >
> > On 10/3/2018 6:02 PM, Eric Broch wrote:
> > > Try the CLI commands I sent. There can be issues with the configuration
> > > of squirrelmail and roundcube.
> > >
> > > IMAP:
> > >
> > > # openssl s_client -crlf -connect localhost:993
> > >
> > > imap> tag login u...@domain.tld $userpassword
> > >
> > >
> > > Submission:
> > >
> > > # cd /usr/local/bin
> > > # wget http://www.jetmore.org/john/code/swaks/latest/swaks
> > > # chown root.root swaks
> > > # chmod +x swaks
> > >
> > > # swaks --to some...@remotedomain.tld --from u...@domain.tld --server
> > > $yourqmthost --port 587 --ehlo test -tls --auth login --auth-user
> > > u...@domain.tld --auth-password $userpassword
> > >
> > >
> > > On 10/3/2018 7:45 PM, Andrew Swartz wrote:
> > > > Eric,
> > > >
> > > > On Centos7 QMT:
> > > >
> > > > I just created a new user account and set the password to '0123456789'.
> > > > Then I used your SQL command to set pw_clear_passwd to null.
> > > > Then I viewed the table to confirm it was empty (it was).
> > > > Then I tried to log in to Squirrelmail using password '0123456789':
> > > > Login failed.
> > > > Then I used your SQL command to reset pw_clear_passwd back to 
> > > > '0123456789'.
> > > > Then I tried to log in to Squirrelmail using password '0123456789':
> > > > success.
> > > >
> > > > This seems different from your experience.
> > > >
> > > > This sucks because it seems to mean no easy fix for this problem.
> > > >
> > > >
> > > > -Andy
> > > >
> > > >
> > > >
> > > >
> > > > On 10/3/2018 4:24 PM, Eric Broch wrote:
> > > > > I've been contacted by someone who removed the clear text password 
> > > > > from
> > > > > an account and had issued logging into Dovecot even after a restart. 
> > > > > The
> > > > > fix of course is to reset the password with 
> > > > > /home/vpopmail/bin/vpasswd.
> > > > > Does anyone else want to confirm/refute my findings that w/o the clear
> > > > > text password Dovecot will work?
> > > > >
> > > --
> > > Eric Broch
> > > White Horse Technical Consulting (WHTC)
> > >
> >
>
> --
> Eric Broch
> White Horse Technical Consulting (WHTC)
>
>
> -
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>


signature.asc
Description: PGP signature

Re: Fwd: [qmailtoaster] dovecot

[Eric Broch]

Awesome! We're golden, now we can migrate with abandon. Now to more 
secure passwords.



On 10/3/2018 9:59 PM, Andrew Swartz wrote:

Great minds think alike!

I also just got Squirrelmail working with the same change to
/etc/squirrelmail/config_local.php

I had already done the change to toaster.conf based on a thread about 4
weeks ago.

-Andy


On 10/3/2018 7:51 PM, Eric Broch wrote:

Hi Andy,

I got it to work.

In '/etc/dovecot/toaster.conf' add 'mail_location = maildir:~/Maildir'

and make sure of 'auth_mechanisms = plain login'

In '/etc/squirrelmail/config_local.php' here are my imap settings:

$imapServerAddress  = 'localhost';
$imap_server_type   = 'dovecot';
$imap_auth_mech = 'login';

worked for my squirrelmail setup, hope you get it working

-Eric


On 10/3/2018 9:18 PM, Andrew Swartz wrote:

And I'll add that at the end, with pw_clear_passwd set to null, login
succeeds via IMAP but fails via Squirrelmail.

-Andy



 Forwarded Message 
Subject: Re: [qmailtoaster] dovecot
Date: Wed, 3 Oct 2018 19:12:11 -0800
From: Andrew Swartz 
To: qmailtoaster-list@qmailtoaster.com

Eric,

With pw_clear_passwd set to '0123456789' I successfully logged in via
this technique using password '0123456789'.

I used SQL to reset pw_clear_passwd to null.

Again I successfully logged in via this technique using password
'0123456789'.


-Andy



On 10/3/2018 6:02 PM, Eric Broch wrote:

Try the CLI commands I sent. There can be issues with the configuration
of squirrelmail and roundcube.

IMAP:

# openssl s_client -crlf -connect localhost:993

imap> tag login u...@domain.tld  $userpassword


Submission:

# cd /usr/local/bin
# wget http://www.jetmore.org/john/code/swaks/latest/swaks
# chown root.root swaks
# chmod +x swaks

# swaks --to some...@remotedomain.tld --from u...@domain.tld --server
$yourqmthost --port 587 --ehlo test -tls --auth login --auth-user
u...@domain.tld --auth-password $userpassword


On 10/3/2018 7:45 PM, Andrew Swartz wrote:

Eric,

On Centos7 QMT:

I just created a new user account and set the password to '0123456789'.
Then I used your SQL command to set pw_clear_passwd to null.
Then I viewed the table to confirm it was empty (it was).
Then I tried to log in to Squirrelmail using password '0123456789':
Login failed.
Then I used your SQL command to reset pw_clear_passwd back to
'0123456789'.
Then I tried to log in to Squirrelmail using password '0123456789':
success.

This seems different from your experience.

This sucks because it seems to mean no easy fix for this problem.


-Andy




On 10/3/2018 4:24 PM, Eric Broch wrote:

I've been contacted by someone who removed the clear text password
from
an account and had issued logging into Dovecot even after a
restart. The
fix of course is to reset the password with
/home/vpopmail/bin/vpasswd.
Does anyone else want to confirm/refute my findings that w/o the clear
text password Dovecot will work?


--
Eric Broch
White Horse Technical Consulting (WHTC)



--
Eric Broch
White Horse Technical Consulting (WHTC)


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: Fwd: [qmailtoaster] dovecot

[Andrew Swartz]

Great minds think alike!

I also just got Squirrelmail working with the same change to
/etc/squirrelmail/config_local.php

I had already done the change to toaster.conf based on a thread about 4
weeks ago.

-Andy


On 10/3/2018 7:51 PM, Eric Broch wrote:
> Hi Andy,
> 
> I got it to work.
> 
> In '/etc/dovecot/toaster.conf' add 'mail_location = maildir:~/Maildir'
> 
> and make sure of 'auth_mechanisms = plain login'
> 
> In '/etc/squirrelmail/config_local.php' here are my imap settings:
> 
> $imapServerAddress  = 'localhost';
> $imap_server_type   = 'dovecot';
> $imap_auth_mech = 'login';
> 
> worked for my squirrelmail setup, hope you get it working
> 
> -Eric
> 
> 
> On 10/3/2018 9:18 PM, Andrew Swartz wrote:
>> And I'll add that at the end, with pw_clear_passwd set to null, login
>> succeeds via IMAP but fails via Squirrelmail.
>>
>> -Andy
>>
>>
>>
>>  Forwarded Message 
>> Subject: Re: [qmailtoaster] dovecot
>> Date: Wed, 3 Oct 2018 19:12:11 -0800
>> From: Andrew Swartz 
>> To: qmailtoaster-list@qmailtoaster.com
>>
>> Eric,
>>
>> With pw_clear_passwd set to '0123456789' I successfully logged in via
>> this technique using password '0123456789'.
>>
>> I used SQL to reset pw_clear_passwd to null.
>>
>> Again I successfully logged in via this technique using password
>> '0123456789'.
>>
>>
>> -Andy
>>
>>
>>
>> On 10/3/2018 6:02 PM, Eric Broch wrote:
>>> Try the CLI commands I sent. There can be issues with the configuration
>>> of squirrelmail and roundcube.
>>>
>>> IMAP:
>>>
>>> # openssl s_client -crlf -connect localhost:993
>>>
>>> imap> tag login u...@domain.tld  $userpassword
>>>
>>>
>>> Submission:
>>>
>>> # cd /usr/local/bin
>>> # wget http://www.jetmore.org/john/code/swaks/latest/swaks
>>> # chown root.root swaks
>>> # chmod +x swaks
>>>
>>> # swaks --to some...@remotedomain.tld --from u...@domain.tld --server
>>> $yourqmthost --port 587 --ehlo test -tls --auth login --auth-user
>>> u...@domain.tld --auth-password $userpassword
>>>
>>>
>>> On 10/3/2018 7:45 PM, Andrew Swartz wrote:
>>>> Eric,
>>>>
>>>> On Centos7 QMT:
>>>>
>>>> I just created a new user account and set the password to '0123456789'.
>>>> Then I used your SQL command to set pw_clear_passwd to null.
>>>> Then I viewed the table to confirm it was empty (it was).
>>>> Then I tried to log in to Squirrelmail using password '0123456789':
>>>> Login failed.
>>>> Then I used your SQL command to reset pw_clear_passwd back to
>>>> '0123456789'.
>>>> Then I tried to log in to Squirrelmail using password '0123456789':
>>>> success.
>>>>
>>>> This seems different from your experience.
>>>>
>>>> This sucks because it seems to mean no easy fix for this problem.
>>>>
>>>>
>>>> -Andy
>>>>
>>>>
>>>>
>>>>
>>>> On 10/3/2018 4:24 PM, Eric Broch wrote:
>>>>> I've been contacted by someone who removed the clear text password
>>>>> from
>>>>> an account and had issued logging into Dovecot even after a
>>>>> restart. The
>>>>> fix of course is to reset the password with
>>>>> /home/vpopmail/bin/vpasswd.
>>>>> Does anyone else want to confirm/refute my findings that w/o the clear
>>>>> text password Dovecot will work?
>>>>>
>>> -- 
>>> Eric Broch
>>> White Horse Technical Consulting (WHTC)
>>>
>>
> 



smime.p7s
Description: S/MIME Cryptographic Signature

Re: Fwd: [qmailtoaster] dovecot

[Eric Broch]

Hi Andy,

I got it to work.

In '/etc/dovecot/toaster.conf' add 'mail_location = maildir:~/Maildir'

and make sure of 'auth_mechanisms = plain login'

In '/etc/squirrelmail/config_local.php' here are my imap settings:

$imapServerAddress  = 'localhost';
$imap_server_type   = 'dovecot';
$imap_auth_mech = 'login';

worked for my squirrelmail setup, hope you get it working

-Eric


On 10/3/2018 9:18 PM, Andrew Swartz wrote:

And I'll add that at the end, with pw_clear_passwd set to null, login
succeeds via IMAP but fails via Squirrelmail.

-Andy



 Forwarded Message 
Subject: Re: [qmailtoaster] dovecot
Date: Wed, 3 Oct 2018 19:12:11 -0800
From: Andrew Swartz 
To: qmailtoaster-list@qmailtoaster.com

Eric,

With pw_clear_passwd set to '0123456789' I successfully logged in via
this technique using password '0123456789'.

I used SQL to reset pw_clear_passwd to null.

Again I successfully logged in via this technique using password
'0123456789'.


-Andy



On 10/3/2018 6:02 PM, Eric Broch wrote:

Try the CLI commands I sent. There can be issues with the configuration
of squirrelmail and roundcube.

IMAP:

# openssl s_client -crlf -connect localhost:993

imap> tag login u...@domain.tld  $userpassword


Submission:

# cd /usr/local/bin
# wget http://www.jetmore.org/john/code/swaks/latest/swaks
# chown root.root swaks
# chmod +x swaks

# swaks --to some...@remotedomain.tld --from u...@domain.tld --server
$yourqmthost --port 587 --ehlo test -tls --auth login --auth-user
u...@domain.tld --auth-password $userpassword


On 10/3/2018 7:45 PM, Andrew Swartz wrote:

Eric,

On Centos7 QMT:

I just created a new user account and set the password to '0123456789'.
Then I used your SQL command to set pw_clear_passwd to null.
Then I viewed the table to confirm it was empty (it was).
Then I tried to log in to Squirrelmail using password '0123456789':
Login failed.
Then I used your SQL command to reset pw_clear_passwd back to '0123456789'.
Then I tried to log in to Squirrelmail using password '0123456789':
success.

This seems different from your experience.

This sucks because it seems to mean no easy fix for this problem.


-Andy




On 10/3/2018 4:24 PM, Eric Broch wrote:

I've been contacted by someone who removed the clear text password from
an account and had issued logging into Dovecot even after a restart. The
fix of course is to reset the password with /home/vpopmail/bin/vpasswd.
Does anyone else want to confirm/refute my findings that w/o the clear
text password Dovecot will work?


--
Eric Broch
White Horse Technical Consulting (WHTC)





--
Eric Broch
White Horse Technical Consulting (WHTC)


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] dovecot

[Andrew Swartz]

Eric,

With pw_clear_passwd set to '0123456789' I successfully logged in via
this technique using password '0123456789'.

I used SQL to reset pw_clear_passwd to null.

Again I successfully logged in via this technique using password
'0123456789'.


-Andy



On 10/3/2018 6:02 PM, Eric Broch wrote:
> Try the CLI commands I sent. There can be issues with the configuration
> of squirrelmail and roundcube.
> 
> IMAP:
> 
> # openssl s_client -crlf -connect localhost:993
> 
> imap> tag login u...@domain.tld  $userpassword
> 
> 
> Submission:
> 
> # cd /usr/local/bin
> # wget http://www.jetmore.org/john/code/swaks/latest/swaks
> # chown root.root swaks
> # chmod +x swaks
> 
> # swaks --to some...@remotedomain.tld --from u...@domain.tld --server
> $yourqmthost --port 587 --ehlo test -tls --auth login --auth-user 
> u...@domain.tld --auth-password $userpassword
> 
> 
> On 10/3/2018 7:45 PM, Andrew Swartz wrote:
>> Eric,
>>
>> On Centos7 QMT:
>>
>> I just created a new user account and set the password to '0123456789'.
>> Then I used your SQL command to set pw_clear_passwd to null.
>> Then I viewed the table to confirm it was empty (it was).
>> Then I tried to log in to Squirrelmail using password '0123456789':
>> Login failed.
>> Then I used your SQL command to reset pw_clear_passwd back to '0123456789'.
>> Then I tried to log in to Squirrelmail using password '0123456789':
>> success.
>>
>> This seems different from your experience.
>>
>> This sucks because it seems to mean no easy fix for this problem.
>>
>>
>> -Andy
>>
>>
>>
>>
>> On 10/3/2018 4:24 PM, Eric Broch wrote:
>>> I've been contacted by someone who removed the clear text password from
>>> an account and had issued logging into Dovecot even after a restart. The
>>> fix of course is to reset the password with /home/vpopmail/bin/vpasswd.
>>> Does anyone else want to confirm/refute my findings that w/o the clear
>>> text password Dovecot will work?
>>>
> 
> -- 
> Eric Broch
> White Horse Technical Consulting (WHTC)
> 



smime.p7s
Description: S/MIME Cryptographic Signature

Fwd: [qmailtoaster] dovecot

[Andrew Swartz]

And I'll add that at the end, with pw_clear_passwd set to null, login
succeeds via IMAP but fails via Squirrelmail.

-Andy



 Forwarded Message 
Subject: Re: [qmailtoaster] dovecot
Date: Wed, 3 Oct 2018 19:12:11 -0800
From: Andrew Swartz 
To: qmailtoaster-list@qmailtoaster.com

Eric,

With pw_clear_passwd set to '0123456789' I successfully logged in via
this technique using password '0123456789'.

I used SQL to reset pw_clear_passwd to null.

Again I successfully logged in via this technique using password
'0123456789'.


-Andy



On 10/3/2018 6:02 PM, Eric Broch wrote:
> Try the CLI commands I sent. There can be issues with the configuration
> of squirrelmail and roundcube.
> 
> IMAP:
> 
> # openssl s_client -crlf -connect localhost:993
> 
> imap> tag login u...@domain.tld  $userpassword
> 
> 
> Submission:
> 
> # cd /usr/local/bin
> # wget http://www.jetmore.org/john/code/swaks/latest/swaks
> # chown root.root swaks
> # chmod +x swaks
> 
> # swaks --to some...@remotedomain.tld --from u...@domain.tld --server
> $yourqmthost --port 587 --ehlo test -tls --auth login --auth-user 
> u...@domain.tld --auth-password $userpassword
> 
> 
> On 10/3/2018 7:45 PM, Andrew Swartz wrote:
>> Eric,
>>
>> On Centos7 QMT:
>>
>> I just created a new user account and set the password to '0123456789'.
>> Then I used your SQL command to set pw_clear_passwd to null.
>> Then I viewed the table to confirm it was empty (it was).
>> Then I tried to log in to Squirrelmail using password '0123456789':
>> Login failed.
>> Then I used your SQL command to reset pw_clear_passwd back to '0123456789'.
>> Then I tried to log in to Squirrelmail using password '0123456789':
>> success.
>>
>> This seems different from your experience.
>>
>> This sucks because it seems to mean no easy fix for this problem.
>>
>>
>> -Andy
>>
>>
>>
>>
>> On 10/3/2018 4:24 PM, Eric Broch wrote:
>>> I've been contacted by someone who removed the clear text password from
>>> an account and had issued logging into Dovecot even after a restart. The
>>> fix of course is to reset the password with /home/vpopmail/bin/vpasswd.
>>> Does anyone else want to confirm/refute my findings that w/o the clear
>>> text password Dovecot will work?
>>>
> 
> -- 
> Eric Broch
> White Horse Technical Consulting (WHTC)
> 




smime.p7s
Description: S/MIME Cryptographic Signature

Re: [qmailtoaster] dovecot

[Eric Broch]

Or all one command (will close connection):

bash -c 'echo "tag login t...@test.test.test.com 012345678"; while read 
x; do echo "$x"; done' |  openssl s_client -crlf -connect localhost:993



On 10/3/2018 7:45 PM, Andrew Swartz wrote:

Eric,

On Centos7 QMT:

I just created a new user account and set the password to '0123456789'.
Then I used your SQL command to set pw_clear_passwd to null.
Then I viewed the table to confirm it was empty (it was).
Then I tried to log in to Squirrelmail using password '0123456789':
Login failed.
Then I used your SQL command to reset pw_clear_passwd back to '0123456789'.
Then I tried to log in to Squirrelmail using password '0123456789':
success.

This seems different from your experience.

This sucks because it seems to mean no easy fix for this problem.


-Andy




On 10/3/2018 4:24 PM, Eric Broch wrote:

I've been contacted by someone who removed the clear text password from
an account and had issued logging into Dovecot even after a restart. The
fix of course is to reset the password with /home/vpopmail/bin/vpasswd.
Does anyone else want to confirm/refute my findings that w/o the clear
text password Dovecot will work?



--
Eric Broch
White Horse Technical Consulting (WHTC)


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] dovecot

[Eric Broch]

Make sure your dovecot toaster.conf file has auth_mech = login plain, 
remove digest-md5 and cram-md5, I'm VERY sure these are settings in each.


Make sure that Squirrelmail and Roundcube use login.


On 10/3/2018 8:03 PM, Eric Broch wrote:


I'd REALLY be surprised if there were a problem.


On 10/3/2018 8:02 PM, Eric Broch wrote:


Try the CLI commands I sent. There can be issues with the 
configuration of squirrelmail and roundcube.


IMAP:

# openssl s_client -crlf -connect localhost:993

imap> tag login u...@domain.tld $userpassword


Submission:

# cd /usr/local/bin
# wget http://www.jetmore.org/john/code/swaks/latest/swaks
# chown root.root swaks
# chmod +x swaks

# swaks --to some...@remotedomain.tld --from u...@domain.tld --server 
$yourqmthost --port 587 --ehlo test -tls --auth login --auth-user 
u...@domain.tld --auth-password $userpassword



On 10/3/2018 7:45 PM, Andrew Swartz wrote:

Eric,

On Centos7 QMT:

I just created a new user account and set the password to '0123456789'.
Then I used your SQL command to set pw_clear_passwd to null.
Then I viewed the table to confirm it was empty (it was).
Then I tried to log in to Squirrelmail using password '0123456789':
Login failed.
Then I used your SQL command to reset pw_clear_passwd back to '0123456789'.
Then I tried to log in to Squirrelmail using password '0123456789':
success.

This seems different from your experience.

This sucks because it seems to mean no easy fix for this problem.


-Andy




On 10/3/2018 4:24 PM, Eric Broch wrote:

I've been contacted by someone who removed the clear text password from
an account and had issued logging into Dovecot even after a restart. The
fix of course is to reset the password with /home/vpopmail/bin/vpasswd.
Does anyone else want to confirm/refute my findings that w/o the clear
text password Dovecot will work?



--
Eric Broch
White Horse Technical Consulting (WHTC)


--
Eric Broch
White Horse Technical Consulting (WHTC)


--
Eric Broch
White Horse Technical Consulting (WHTC)

Re: [qmailtoaster] dovecot

[Remo Mattei]

I have tested on my side, and the only thing is make sure that roundcube does 
not use the default auth with is set to null, I changed it to LOGIN, the new 
version is using the defaults.inc.php the older version is using the 
config.inc.php. (I am using 1.3.7 now).
Other than that looks like the user I tested with can login, send mail etc. 
with no issues.. Now I wonder if we set a password does the clear password gets 
re-set and we need to redelete it again?

Remo

--

> On Wednesday, Oct 03, 2018 at 19:02, Eric Broch  (mailto:ebr...@whitehorsetc.com)> wrote:
>
> Try the CLI commands I sent. There can be issues with the configuration of 
> squirrelmail and roundcube.
>
>
> IMAP:
>
>
> # openssl s_client -crlf -connect localhost:993
>
>
> imap> tag login u...@domain.tld (mailto:u...@domain.tld) $userpassword
>
>
>
>
>
>
>
> Submission:
>
>
> # cd /usr/local/bin
> # wget http://www.jetmore.org/john/code/swaks/latest/swaks
> # chown root.root swaks
> # chmod +x swaks
>
> # swaks --to some...@remotedomain.tld (mailto:some...@remotedomain.tls) 
> --from u...@domain.tld (mailto:u...@domain.tld) --server $yourqmthost --port 
> 587 --ehlo test -tls --auth login --auth-user u...@domain.tld 
> (mailto:u...@domain.tld) --auth-password $userpassword
>
>
> On 10/3/2018 7:45 PM, Andrew Swartz wrote:
> > Eric, On Centos7 QMT: I just created a new user account and set the 
> > password to '0123456789'. Then I used your SQL command to set 
> > pw_clear_passwd to null. Then I viewed the table to confirm it was empty 
> > (it was). Then I tried to log in to Squirrelmail using password 
> > '0123456789': Login failed. Then I used your SQL command to reset 
> > pw_clear_passwd back to '0123456789'. Then I tried to log in to 
> > Squirrelmail using password '0123456789': success. This seems different 
> > from your experience. This sucks because it seems to mean no easy fix for 
> > this problem. -Andy On 10/3/2018 4:24 PM, Eric Broch wrote:
> > > I've been contacted by someone who removed the clear text password from 
> > > an account and had issued logging into Dovecot even after a restart. The 
> > > fix of course is to reset the password with /home/vpopmail/bin/vpasswd. 
> > > Does anyone else want to confirm/refute my findings that w/o the clear 
> > > text password Dovecot will work?
> >
> >
>
>
> -- Eric Broch White Horse Technical Consulting (WHTC)

signature.asc
Description: PGP signature

Re: [qmailtoaster] dovecot

[Eric Broch]

I'd REALLY be surprised if there were a problem.


On 10/3/2018 8:02 PM, Eric Broch wrote:


Try the CLI commands I sent. There can be issues with the 
configuration of squirrelmail and roundcube.


IMAP:

# openssl s_client -crlf -connect localhost:993

imap> tag login u...@domain.tld $userpassword


Submission:

# cd /usr/local/bin
# wget http://www.jetmore.org/john/code/swaks/latest/swaks
# chown root.root swaks
# chmod +x swaks

# swaks --to some...@remotedomain.tld --from u...@domain.tld --server 
$yourqmthost --port 587 --ehlo test -tls --auth login --auth-user 
u...@domain.tld --auth-password $userpassword



On 10/3/2018 7:45 PM, Andrew Swartz wrote:

Eric,

On Centos7 QMT:

I just created a new user account and set the password to '0123456789'.
Then I used your SQL command to set pw_clear_passwd to null.
Then I viewed the table to confirm it was empty (it was).
Then I tried to log in to Squirrelmail using password '0123456789':
Login failed.
Then I used your SQL command to reset pw_clear_passwd back to '0123456789'.
Then I tried to log in to Squirrelmail using password '0123456789':
success.

This seems different from your experience.

This sucks because it seems to mean no easy fix for this problem.


-Andy




On 10/3/2018 4:24 PM, Eric Broch wrote:

I've been contacted by someone who removed the clear text password from
an account and had issued logging into Dovecot even after a restart. The
fix of course is to reset the password with /home/vpopmail/bin/vpasswd.
Does anyone else want to confirm/refute my findings that w/o the clear
text password Dovecot will work?



--
Eric Broch
White Horse Technical Consulting (WHTC)


--
Eric Broch
White Horse Technical Consulting (WHTC)

Re: [qmailtoaster] dovecot

[Eric Broch]

Try the CLI commands I sent. There can be issues with the configuration 
of squirrelmail and roundcube.


IMAP:

# openssl s_client -crlf -connect localhost:993

imap> tag login u...@domain.tld  $userpassword


Submission:

# cd /usr/local/bin
# wget http://www.jetmore.org/john/code/swaks/latest/swaks
# chown root.root swaks
# chmod +x swaks

# swaks --to some...@remotedomain.tld --from u...@domain.tld --server 
$yourqmthost --port 587 --ehlo test -tls --auth login --auth-user 
u...@domain.tld --auth-password $userpassword



On 10/3/2018 7:45 PM, Andrew Swartz wrote:

Eric,

On Centos7 QMT:

I just created a new user account and set the password to '0123456789'.
Then I used your SQL command to set pw_clear_passwd to null.
Then I viewed the table to confirm it was empty (it was).
Then I tried to log in to Squirrelmail using password '0123456789':
Login failed.
Then I used your SQL command to reset pw_clear_passwd back to '0123456789'.
Then I tried to log in to Squirrelmail using password '0123456789':
success.

This seems different from your experience.

This sucks because it seems to mean no easy fix for this problem.


-Andy




On 10/3/2018 4:24 PM, Eric Broch wrote:

I've been contacted by someone who removed the clear text password from
an account and had issued logging into Dovecot even after a restart. The
fix of course is to reset the password with /home/vpopmail/bin/vpasswd.
Does anyone else want to confirm/refute my findings that w/o the clear
text password Dovecot will work?



--
Eric Broch
White Horse Technical Consulting (WHTC)

Re: [qmailtoaster] dovecot

[Andrew Swartz]

Eric,

On Centos7 QMT:

I just created a new user account and set the password to '0123456789'.
Then I used your SQL command to set pw_clear_passwd to null.
Then I viewed the table to confirm it was empty (it was).
Then I tried to log in to Squirrelmail using password '0123456789':
Login failed.
Then I used your SQL command to reset pw_clear_passwd back to '0123456789'.
Then I tried to log in to Squirrelmail using password '0123456789':
success.

This seems different from your experience.

This sucks because it seems to mean no easy fix for this problem.


-Andy




On 10/3/2018 4:24 PM, Eric Broch wrote:
> I've been contacted by someone who removed the clear text password from
> an account and had issued logging into Dovecot even after a restart. The
> fix of course is to reset the password with /home/vpopmail/bin/vpasswd.
> Does anyone else want to confirm/refute my findings that w/o the clear
> text password Dovecot will work?
> 



smime.p7s
Description: S/MIME Cryptographic Signature

Re: [qmailtoaster] dovecot

[Eric Broch]

Everything seems to be okay...just some roundcube settings.

But, you can test IMAP and Submssion from the command line as follows:

IMAP:

# openssl s_client -crlf -connect localhost:993

imap> tag login u...@domain.tld  $userpassword


Submission:

# cd /usr/local/bin
# wget http://www.jetmore.org/john/code/swaks/latest/swaks
# chown root.root swaks
# chmod +x swaks

# swaks --to some...@remotedomain.tld --from u...@domain.tld --server 
$yourqmthost --port 587 --ehlo test -tls --auth login --auth-user  
u...@domain.tld --auth-password $userpassword



On 10/3/2018 6:24 PM, Eric Broch wrote:
I've been contacted by someone who removed the clear text password 
from an account and had issued logging into Dovecot even after a 
restart. The fix of course is to reset the password with 
/home/vpopmail/bin/vpasswd. Does anyone else want to confirm/refute my 
findings that w/o the clear text password Dovecot will work?




--
Eric Broch
White Horse Technical Consulting (WHTC)

[qmailtoaster] dovecot

[Eric Broch]

I've been contacted by someone who removed the clear text password from 
an account and had issued logging into Dovecot even after a restart. The 
fix of course is to reset the password with /home/vpopmail/bin/vpasswd. 
Does anyone else want to confirm/refute my findings that w/o the clear 
text password Dovecot will work?


--
Eric Broch
White Horse Technical Consulting (WHTC)


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Dovecot - Qmailtoaster

[Francisco Navarro -- N&A Consulting]

Thank you very much Eric,

Fortunately in the world there are people like you.

Thank you, thank you, thank you, 1000 thanks. 

El 2018-03-22 18:20, Eric Broch escribió:

> I don't know the answer to your question. Maybe submit the question to the 
> dovecot mailing list. 
> 
> You can flush the cache using the 'doveadm' command? 
> 
> https://wiki2.dovecot.org/Tools/Doveadm/Auth 
> 
> # doveadm auth cache flush  
> 
> In my opinion it's as easy to do the above as it is to restart dovecot. 
> 
> On 3/22/2018 10:47 AM, Francisco Navarro -- N&A Consulting wrote: 
> 
> Thank you very much Eric
> 
> I have read a good part of the documentation of dovecot, in fact I have been 
> repeatedly reading the url that has happened to me.
> 
> What I can not understand is where that cache is stored.
> 
> Thank you. 
> 
> El 2018-03-22 15:44, Eric Broch escribió: 
> 
> Francisco, 
> 
> Also, concerning your initial question Dovecot does cache passwords. You 
> might want to have a look here: 
> https://wiki.dovecot.org/Authentication/Caching 
> 
> Eric 
> On 3/21/2018 4:56 PM, Francisco Navarro -- N&A Consulting wrote: 
> 
> Muchas gracias. 
> 
> El 2018-03-21 22:09, Eric Broch escribió: 
> 
> https://wiki2.dovecot.org/Authentication/Mechanisms 
> 
> "Plaintext authentication 
> 
> The simplest authentication mechanism is PLAIN. The client simply sends the 
> password unencrypted to Dovecot. All clients support the PLAIN mechanism, but 
> obviously there's the problem that anyone listening on the network can steal 
> the password. For that reason (and some others) other mechanisms were 
> implemented. 
> 
> Today however many people use SSL/TLS [1], and there's no problem with 
> sending unencrypted password inside SSL secured connections. So if you're 
> using SSL, you probably don't need to bother worrying about anything else 
> than the PLAIN mechanism. Another plaintext mechanism is LOGIN. It's 
> typically used only by SMTP servers to let Outlook clients perform SMTP 
> authentication. Note that LOGIN mechanism is not the same as IMAP's LOGIN 
> command. The LOGIN command is internally handled using PLAIN mechanism."
> 
> Considering the above, I'd change the setting to 'auth_mechanisms = plain 
> login'
> 
> On 3/20/2018 2:03 AM, Francisco Navarro -- N&A Consulting wrote: 
> 
> It is as follows 
> 
> auth_mechanisms = plain login digest-md5 cram-md5 
> 
> What happens when I use an account by method = PLAIN if I try to do it by 
> method = DIGEST-MD5 does not work anymore, from that moment on I only allow 
> authentication by method = PLAIN 
> 
> Thank you. 
> 
> El 2018-03-20 01:55, Eric Broch escribió: 
> 
> Is 'auth_mechanisms' set as below? 
> 
> auth_mechanisms = plain login 
> On 3/19/2018 6:43 PM, Francisco Navarro -- N&A Consulting wrote: 
> 
> Hello,
> 
> First of all apologize for my English. I have a problem that I can not 
> understand and I get in touch with this list to see if someone can help me or 
> failing to tell me where I can go.
> 
> I have the following problem, when I register a new account I configure the 
> account by IMAP SSL / TLS connection security password Encrypted everything 
> perfect, the problem I have is that if I have already started with text-plain 
> security dovecot does not let me log in, I understand because somewhere we 
> indicate that this account is logged in by this authentication method and 
> does not accept another method of authentication. 
> 
> This can be solved in some way. 
> 
> Thank you. 
> N&A Consulting | Francisco Navarro | Dpto. Técnico. |  966 344 244  | 
> www.nyaconsulting.com [2] | f...@nyaconsulting.com
> 
> -
> 
> N&A Consulting, C.B. Garantiza el pleno cumplimiento de la normativa de 
> Protección de Datos de Carácter Personal, y así, de acuerdo con la L.O.P.D. 
> de 15/1999, el receptor de este e-mail queda informado y da su consentimiento 
> a la incorporación de sus datos a los ficheros existentes en la empresa y al 
> tratamiento de los mismos para su utilización en relación con el 
> desenvolvimiento de gestiones comerciales, administrativas y otras 
> actividades propias de la misma. 
> 
> La política de privacidad de N&A Consulting, C.B. le asegura en todo caso, el 
> ejercicio de los derechos de acceso, rectificación, cancelación y oposición, 
> en los términos establecidos en la legislación vigente, mediante escrito 
> dirigido a Avda. Príncipe de Asturias, 14-Esc.1-Local 2, 03300 - Orihuela, 
> siendo responsable del fichero N&A Consulting, C.B. con domicilio a estos 
> efectos, en la dirección antes indicada. 
> 
> El receptor de este e-mail, acepta que puedan ser cedidos sus datos, 
> exclusivamente para actividades necesarias para el correcto desenvolvimiento 
> de la gestión y administración interna de N&A Consulting, C.B. Asimismo, el 
> receptor de este e-mail, acepta que N&A Consulting, C.B. le remita 
> información sobre cualesquiera productos o servicios que comercialice o 
> preste. La aceptación del rec

Re: [qmailtoaster] Dovecot - Qmailtoaster

[Eric Broch]

I don't know the answer to your question. Maybe submit the question to 
the dovecot mailing list.


You can flush the cache using the 'doveadm' command?

https://wiki2.dovecot.org/Tools/Doveadm/Auth

# doveadm auth cache flush 

In my opinion it's as easy to do the above as it is to restart dovecot.



On 3/22/2018 10:47 AM, Francisco Navarro -- N&A Consulting wrote:


Thank you very much Eric

I have read a good part of the documentation of dovecot, in fact I 
have been repeatedly reading the url that has happened to me.


What I can not understand is where that cache is stored.

Thank you.

El 2018-03-22 15:44, Eric Broch escribió:


Francisco,

Also, concerning your initial question Dovecot does cache passwords. 
You might want to have a look here: 
https://wiki.dovecot.org/Authentication/Caching


Eric


On 3/21/2018 4:56 PM, Francisco Navarro -- N&A Consulting wrote:


Muchas gracias.

El 2018-03-21 22:09, Eric Broch escribió:

https://wiki2.dovecot.org/Authentication/Mechanisms

"Plaintext authentication

The simplest authentication mechanism is PLAIN. The client
simply sends the password unencrypted to Dovecot. All clients
support the PLAIN mechanism, but obviously there's the problem
that anyone listening on the network can steal the password. For
that reason (and some others) other mechanisms were implemented.

Today however many people use SSL/TLS
, and there's no problem with
sending unencrypted password inside SSL secured connections. So
if you're using SSL, you probably don't need to bother worrying
about anything else than the PLAIN mechanism.

Another plaintext mechanism is LOGIN. It's typically used only
by SMTP servers to let Outlook clients perform SMTP
authentication. Note that LOGIN mechanism is not the same as
IMAP's LOGIN command. The LOGIN command is internally handled
using PLAIN mechanism."

Considering the above, I'd change the setting to
'auth_mechanisms = plain login'





On 3/20/2018 2:03 AM, Francisco Navarro -- N&A Consulting wrote:

It is as follows

auth_mechanisms = plain login digest-md5 cram-md5

What happens when I use an account by method = PLAIN if I
try to do it by method = DIGEST-MD5 does not work anymore,
from that moment on I only allow authentication by method =
PLAIN

Thank you.

El 2018-03-20 01:55, Eric Broch escribió:

Is 'auth_mechanisms' set as below?

auth_mechanisms = plain login


On 3/19/2018 6:43 PM, Francisco Navarro -- N&A
Consulting wrote:


Hello,

First of all apologize for my English. I have a
problem that I can not understand and I get in touch
with this list to see if someone can help me or
failing to tell me where I can go.

I have the following problem, when I register a new
account I configure the account by IMAP SSL / TLS
connection security password Encrypted everything
perfect, the problem I have is that if I have
already started with text-plain security dovecot
does not let me log in, I understand because
somewhere we indicate that this account is logged in
by this authentication method and does not accept
another method of authentication.

This can be solved in some way.

Thank you.

N&A Consulting | Francisco Navarro | Dpto. Técnico.
| 966 344 244 | www.nyaconsulting.com |
f...@nyaconsulting.com




N&A Consulting, C.B. Garantiza el pleno cumplimiento
de la normativa de Protección de Datos de Carácter
Personal, y así, de acuerdo con la L.O.P.D. de
15/1999, el receptor de este e-mail queda informado
y da su consentimiento a la incorporación de sus
datos a los ficheros existentes en la empresa y al
tratamiento de los mismos para su utilización en
relación con el desenvolvimiento de gestiones
comerciales, administrativas y otras actividades
propias de la misma.

La política de privacidad de N&A Consulting, C.B. le
asegura en todo caso, el ejercicio de los derechos
de acceso, rectificación, cancelación y oposición,
en los términos establecidos en la legislación
vigente, mediante escrito dirigido a Avda. Príncipe
de Asturias, 14-Esc.1-Local 2, 03300 - Orihuela,
siendo responsable del fichero N&A Consulting, C.B.
con domicilio a estos efectos, en la direc

Re: [qmailtoaster] Dovecot - Qmailtoaster

[Francisco Navarro -- N&A Consulting]

Thank you very much Eric

I have read a good part of the documentation of dovecot, in fact I have
been repeatedly reading the url that has happened to me.

What I can not understand is where that cache is stored.

Thank you. 

El 2018-03-22 15:44, Eric Broch escribió:

> Francisco, 
> 
> Also, concerning your initial question Dovecot does cache passwords. You 
> might want to have a look here: 
> https://wiki.dovecot.org/Authentication/Caching 
> 
> Eric 
> On 3/21/2018 4:56 PM, Francisco Navarro -- N&A Consulting wrote: 
> 
> Muchas gracias. 
> 
> El 2018-03-21 22:09, Eric Broch escribió: 
> 
> https://wiki2.dovecot.org/Authentication/Mechanisms 
> 
> "Plaintext authentication 
> 
> The simplest authentication mechanism is PLAIN. The client simply sends the 
> password unencrypted to Dovecot. All clients support the PLAIN mechanism, but 
> obviously there's the problem that anyone listening on the network can steal 
> the password. For that reason (and some others) other mechanisms were 
> implemented. 
> 
> Today however many people use SSL/TLS [1], and there's no problem with 
> sending unencrypted password inside SSL secured connections. So if you're 
> using SSL, you probably don't need to bother worrying about anything else 
> than the PLAIN mechanism. Another plaintext mechanism is LOGIN. It's 
> typically used only by SMTP servers to let Outlook clients perform SMTP 
> authentication. Note that LOGIN mechanism is not the same as IMAP's LOGIN 
> command. The LOGIN command is internally handled using PLAIN mechanism."
> 
> Considering the above, I'd change the setting to 'auth_mechanisms = plain 
> login'
> 
> On 3/20/2018 2:03 AM, Francisco Navarro -- N&A Consulting wrote: 
> 
> It is as follows 
> 
> auth_mechanisms = plain login digest-md5 cram-md5 
> 
> What happens when I use an account by method = PLAIN if I try to do it by 
> method = DIGEST-MD5 does not work anymore, from that moment on I only allow 
> authentication by method = PLAIN 
> 
> Thank you. 
> 
> El 2018-03-20 01:55, Eric Broch escribió: 
> 
> Is 'auth_mechanisms' set as below? 
> 
> auth_mechanisms = plain login 
> On 3/19/2018 6:43 PM, Francisco Navarro -- N&A Consulting wrote: 
> 
> Hello,
> 
> First of all apologize for my English. I have a problem that I can not 
> understand and I get in touch with this list to see if someone can help me or 
> failing to tell me where I can go.
> 
> I have the following problem, when I register a new account I configure the 
> account by IMAP SSL / TLS connection security password Encrypted everything 
> perfect, the problem I have is that if I have already started with text-plain 
> security dovecot does not let me log in, I understand because somewhere we 
> indicate that this account is logged in by this authentication method and 
> does not accept another method of authentication. 
> 
> This can be solved in some way. 
> 
> Thank you. 
> N&A Consulting | Francisco Navarro | Dpto. Técnico. |  966 344 244  | 
> www.nyaconsulting.com [2] | f...@nyaconsulting.com
> 
> -
> 
> N&A Consulting, C.B. Garantiza el pleno cumplimiento de la normativa de 
> Protección de Datos de Carácter Personal, y así, de acuerdo con la L.O.P.D. 
> de 15/1999, el receptor de este e-mail queda informado y da su consentimiento 
> a la incorporación de sus datos a los ficheros existentes en la empresa y al 
> tratamiento de los mismos para su utilización en relación con el 
> desenvolvimiento de gestiones comerciales, administrativas y otras 
> actividades propias de la misma. 
> 
> La política de privacidad de N&A Consulting, C.B. le asegura en todo caso, el 
> ejercicio de los derechos de acceso, rectificación, cancelación y oposición, 
> en los términos establecidos en la legislación vigente, mediante escrito 
> dirigido a Avda. Príncipe de Asturias, 14-Esc.1-Local 2, 03300 - Orihuela, 
> siendo responsable del fichero N&A Consulting, C.B. con domicilio a estos 
> efectos, en la dirección antes indicada. 
> 
> El receptor de este e-mail, acepta que puedan ser cedidos sus datos, 
> exclusivamente para actividades necesarias para el correcto desenvolvimiento 
> de la gestión y administración interna de N&A Consulting, C.B. Asimismo, el 
> receptor de este e-mail, acepta que N&A Consulting, C.B. le remita 
> información sobre cualesquiera productos o servicios que comercialice o 
> preste. La aceptación del receptor de este e-mail para que puedan ser 
> tratados o cedidos sus datos en la forma establecida en este párrafo, tiene 
> siempre carácter revocable, sin efectos retroactivos, conforme a lo que 
> disponen lo artículos 6 y 11 de la Ley Orgánica 15/1999 de 13 de Diciembre. 
> 
> En el caso de que no desee recibir información le rogamos nos lo comunique 
> enviando un e-mail a la siguiente dirección de correo electrónico 
> f...@nyaconsulting.com. 
> 
> -- 
> Eric Broch
> White Horse Technical Consulting (WHTC)

-- 
Eric Broch
White Horse Technical Consulting (WHTC)

-- 
Eric Broch
White H

Re: [qmailtoaster] Dovecot - Qmailtoaster

[Eric Broch]

Francisco,

Also, concerning your initial question Dovecot does cache passwords. You 
might want to have a look here: 
https://wiki.dovecot.org/Authentication/Caching


Eric


On 3/21/2018 4:56 PM, Francisco Navarro -- N&A Consulting wrote:


Muchas gracias.

El 2018-03-21 22:09, Eric Broch escribió:


https://wiki2.dovecot.org/Authentication/Mechanisms

"Plaintext authentication

The simplest authentication mechanism is PLAIN. The client simply 
sends the password unencrypted to Dovecot. All clients support the 
PLAIN mechanism, but obviously there's the problem that anyone 
listening on the network can steal the password. For that reason (and 
some others) other mechanisms were implemented.


Today however many people use SSL/TLS 
, and there's no problem with sending 
unencrypted password inside SSL secured connections. So if you're 
using SSL, you probably don't need to bother worrying about anything 
else than the PLAIN mechanism.


Another plaintext mechanism is LOGIN. It's typically used only by 
SMTP servers to let Outlook clients perform SMTP authentication. Note 
that LOGIN mechanism is not the same as IMAP's LOGIN command. The 
LOGIN command is internally handled using PLAIN mechanism."


Considering the above, I'd change the setting to 'auth_mechanisms = 
plain login'






On 3/20/2018 2:03 AM, Francisco Navarro -- N&A Consulting wrote:


It is as follows

auth_mechanisms = plain login digest-md5 cram-md5

What happens when I use an account by method = PLAIN if I try to do 
it by method = DIGEST-MD5 does not work anymore, from that moment on 
I only allow authentication by method = PLAIN


Thank you.

El 2018-03-20 01:55, Eric Broch escribió:

Is 'auth_mechanisms' set as below?

auth_mechanisms = plain login


On 3/19/2018 6:43 PM, Francisco Navarro -- N&A Consulting wrote:


Hello,

First of all apologize for my English. I have a problem that
I can not understand and I get in touch with this list to
see if someone can help me or failing to tell me where I can go.

I have the following problem, when I register a new account
I configure the account by IMAP SSL / TLS connection
security password Encrypted everything perfect, the problem
I have is that if I have already started with text-plain
security dovecot does not let me log in, I understand
because somewhere we indicate that this account is logged in
by this authentication method and does not accept another
method of authentication.

This can be solved in some way.

Thank you.

N&A Consulting | Francisco Navarro | Dpto. Técnico. | 966
344 244 | www.nyaconsulting.com | f...@nyaconsulting.com



N&A Consulting, C.B. Garantiza el pleno cumplimiento de la
normativa de Protección de Datos de Carácter Personal, y
así, de acuerdo con la L.O.P.D. de 15/1999, el receptor de
este e-mail queda informado y da su consentimiento a la
incorporación de sus datos a los ficheros existentes en la
empresa y al tratamiento de los mismos para su utilización
en relación con el desenvolvimiento de gestiones
comerciales, administrativas y otras actividades propias de
la misma.

La política de privacidad de N&A Consulting, C.B. le asegura
en todo caso, el ejercicio de los derechos de acceso,
rectificación, cancelación y oposición, en los términos
establecidos en la legislación vigente, mediante escrito
dirigido a Avda. Príncipe de Asturias, 14-Esc.1-Local 2,
03300 - Orihuela, siendo responsable del fichero N&A
Consulting, C.B. con domicilio a estos efectos, en la
dirección antes indicada.

El receptor de este e-mail, acepta que puedan ser cedidos
sus datos, exclusivamente para actividades necesarias para
el correcto desenvolvimiento de la gestión y administración
interna de N&A Consulting, C.B. Asimismo, el receptor de
este e-mail, acepta que N&A Consulting, C.B. le remita
información sobre cualesquiera productos o servicios que
comercialice o preste. La aceptación del receptor de este
e-mail para que puedan ser tratados o cedidos sus datos en
la forma establecida en este párrafo, tiene siempre carácter
revocable, sin efectos retroactivos, conforme a lo que
disponen lo artículos 6 y 11 de la Ley Orgánica 15/1999 de
13 de Diciembre.

En el caso de que no desee recibir información le rogamos
nos lo comunique enviando un e-mail a la siguiente dirección
de correo electrónicof...@nyaconsulting.com.



-- 
Eric Broch

White Horse Technical Consulting (WHTC)



--
Eric Broch
White Horse Technical Consulting (WHTC)


--
Eric 

Re: [qmailtoaster] Dovecot - Qmailtoaster

[Francisco Navarro -- N&A Consulting]

Muchas gracias. 

El 2018-03-21 22:09, Eric Broch escribió:

> https://wiki2.dovecot.org/Authentication/Mechanisms 
> 
> "Plaintext authentication 
> 
> The simplest authentication mechanism is PLAIN. The client simply sends the 
> password unencrypted to Dovecot. All clients support the PLAIN mechanism, but 
> obviously there's the problem that anyone listening on the network can steal 
> the password. For that reason (and some others) other mechanisms were 
> implemented. 
> 
> Today however many people use SSL/TLS [1], and there's no problem with 
> sending unencrypted password inside SSL secured connections. So if you're 
> using SSL, you probably don't need to bother worrying about anything else 
> than the PLAIN mechanism. Another plaintext mechanism is LOGIN. It's 
> typically used only by SMTP servers to let Outlook clients perform SMTP 
> authentication. Note that LOGIN mechanism is not the same as IMAP's LOGIN 
> command. The LOGIN command is internally handled using PLAIN mechanism."
> 
> Considering the above, I'd change the setting to 'auth_mechanisms = plain 
> login'
> 
> On 3/20/2018 2:03 AM, Francisco Navarro -- N&A Consulting wrote: 
> 
> It is as follows 
> 
> auth_mechanisms = plain login digest-md5 cram-md5 
> 
> What happens when I use an account by method = PLAIN if I try to do it by 
> method = DIGEST-MD5 does not work anymore, from that moment on I only allow 
> authentication by method = PLAIN 
> 
> Thank you. 
> 
> El 2018-03-20 01:55, Eric Broch escribió: 
> 
> Is 'auth_mechanisms' set as below? 
> 
> auth_mechanisms = plain login 
> On 3/19/2018 6:43 PM, Francisco Navarro -- N&A Consulting wrote: 
> 
> Hello,
> 
> First of all apologize for my English. I have a problem that I can not 
> understand and I get in touch with this list to see if someone can help me or 
> failing to tell me where I can go.
> 
> I have the following problem, when I register a new account I configure the 
> account by IMAP SSL / TLS connection security password Encrypted everything 
> perfect, the problem I have is that if I have already started with text-plain 
> security dovecot does not let me log in, I understand because somewhere we 
> indicate that this account is logged in by this authentication method and 
> does not accept another method of authentication. 
> 
> This can be solved in some way. 
> 
> Thank you. 
> N&A Consulting | Francisco Navarro | Dpto. Técnico. |  966 344 244  | 
> www.nyaconsulting.com [2] | f...@nyaconsulting.com
> 
> -
> 
> N&A Consulting, C.B. Garantiza el pleno cumplimiento de la normativa de 
> Protección de Datos de Carácter Personal, y así, de acuerdo con la L.O.P.D. 
> de 15/1999, el receptor de este e-mail queda informado y da su consentimiento 
> a la incorporación de sus datos a los ficheros existentes en la empresa y al 
> tratamiento de los mismos para su utilización en relación con el 
> desenvolvimiento de gestiones comerciales, administrativas y otras 
> actividades propias de la misma. 
> 
> La política de privacidad de N&A Consulting, C.B. le asegura en todo caso, el 
> ejercicio de los derechos de acceso, rectificación, cancelación y oposición, 
> en los términos establecidos en la legislación vigente, mediante escrito 
> dirigido a Avda. Príncipe de Asturias, 14-Esc.1-Local 2, 03300 - Orihuela, 
> siendo responsable del fichero N&A Consulting, C.B. con domicilio a estos 
> efectos, en la dirección antes indicada. 
> 
> El receptor de este e-mail, acepta que puedan ser cedidos sus datos, 
> exclusivamente para actividades necesarias para el correcto desenvolvimiento 
> de la gestión y administración interna de N&A Consulting, C.B. Asimismo, el 
> receptor de este e-mail, acepta que N&A Consulting, C.B. le remita 
> información sobre cualesquiera productos o servicios que comercialice o 
> preste. La aceptación del receptor de este e-mail para que puedan ser 
> tratados o cedidos sus datos en la forma establecida en este párrafo, tiene 
> siempre carácter revocable, sin efectos retroactivos, conforme a lo que 
> disponen lo artículos 6 y 11 de la Ley Orgánica 15/1999 de 13 de Diciembre. 
> 
> En el caso de que no desee recibir información le rogamos nos lo comunique 
> enviando un e-mail a la siguiente dirección de correo electrónico 
> f...@nyaconsulting.com. 
> 
> -- 
> Eric Broch
> White Horse Technical Consulting (WHTC)

-- 
Eric Broch
White Horse Technical Consulting (WHTC)

 

Links:
--
[1] https://wiki2.dovecot.org/SSL
[2] http://www.nyaconsulting.com

Re: [qmailtoaster] Dovecot - Qmailtoaster

[Eric Broch]

https://wiki2.dovecot.org/Authentication/Mechanisms

"Plaintext authentication

The simplest authentication mechanism is PLAIN. The client simply sends 
the password unencrypted to Dovecot. All clients support the PLAIN 
mechanism, but obviously there's the problem that anyone listening on 
the network can steal the password. For that reason (and some others) 
other mechanisms were implemented.


Today however many people use SSL/TLS , 
and there's no problem with sending unencrypted password inside SSL 
secured connections. So if you're using SSL, you probably don't need to 
bother worrying about anything else than the PLAIN mechanism.


Another plaintext mechanism is LOGIN. It's typically used only by SMTP 
servers to let Outlook clients perform SMTP authentication. Note that 
LOGIN mechanism is not the same as IMAP's LOGIN command. The LOGIN 
command is internally handled using PLAIN mechanism."


Considering the above, I'd change the setting to 'auth_mechanisms = 
plain login'






On 3/20/2018 2:03 AM, Francisco Navarro -- N&A Consulting wrote:


It is as follows

auth_mechanisms = plain login digest-md5 cram-md5

What happens when I use an account by method = PLAIN if I try to do it 
by method = DIGEST-MD5 does not work anymore, from that moment on I 
only allow authentication by method = PLAIN


Thank you.

El 2018-03-20 01:55, Eric Broch escribió:


Is 'auth_mechanisms' set as below?

auth_mechanisms = plain login


On 3/19/2018 6:43 PM, Francisco Navarro -- N&A Consulting wrote:



Hello,

First of all apologize for my English. I have a problem that I can 
not understand and I get in touch with this list to see if someone 
can help me or failing to tell me where I can go.


I have the following problem, when I register a new account I 
configure the account by IMAP SSL / TLS connection security password 
Encrypted everything perfect, the problem I have is that if I have 
already started with text-plain security dovecot does not let me log 
in, I understand because somewhere we indicate that this account is 
logged in by this authentication method and does not accept another 
method of authentication.


This can be solved in some way.

Thank you.

N&A Consulting | Francisco Navarro | Dpto. Técnico. | 966 344 244 | 
www.nyaconsulting.com | f...@nyaconsulting.com




N&A Consulting, C.B. Garantiza el pleno cumplimiento de la normativa 
de Protección de Datos de Carácter Personal, y así, de acuerdo con 
la L.O.P.D. de 15/1999, el receptor de este e-mail queda informado y 
da su consentimiento a la incorporación de sus datos a los ficheros 
existentes en la empresa y al tratamiento de los mismos para su 
utilización en relación con el desenvolvimiento de gestiones 
comerciales, administrativas y otras actividades propias de la misma.


La política de privacidad de N&A Consulting, C.B. le asegura en todo 
caso, el ejercicio de los derechos de acceso, rectificación, 
cancelación y oposición, en los términos establecidos en la 
legislación vigente, mediante escrito dirigido a Avda. Príncipe de 
Asturias, 14-Esc.1-Local 2, 03300 - Orihuela, siendo responsable del 
fichero N&A Consulting, C.B. con domicilio a estos efectos, en la 
dirección antes indicada.


El receptor de este e-mail, acepta que puedan ser cedidos sus datos, 
exclusivamente para actividades necesarias para el correcto 
desenvolvimiento de la gestión y administración interna de N&A 
Consulting, C.B. Asimismo, el receptor de este e-mail, acepta que 
N&A Consulting, C.B. le remita información sobre cualesquiera 
productos o servicios que comercialice o preste. La aceptación del 
receptor de este e-mail para que puedan ser tratados o cedidos sus 
datos en la forma establecida en este párrafo, tiene siempre 
carácter revocable, sin efectos retroactivos, conforme a lo que 
disponen lo artículos 6 y 11 de la Ley Orgánica 15/1999 de 13 de 
Diciembre.


En el caso de que no desee recibir información le rogamos nos lo 
comunique enviando un e-mail a la siguiente dirección de correo 
electrónicof...@nyaconsulting.com. 




--
Eric Broch
White Horse Technical Consulting (WHTC)


--
Eric Broch
White Horse Technical Consulting (WHTC)

Re: [qmailtoaster] Dovecot - Qmailtoaster

[Francisco Navarro -- N&A Consulting]

It is as follows 

auth_mechanisms = plain login digest-md5 cram-md5 

What happens when I use an account by method = PLAIN if I try to do it
by method = DIGEST-MD5 does not work anymore, from that moment on I only
allow authentication by method = PLAIN 

Thank you. 

El 2018-03-20 01:55, Eric Broch escribió:

> Is 'auth_mechanisms' set as below? 
> 
> auth_mechanisms = plain login 
> On 3/19/2018 6:43 PM, Francisco Navarro -- N&A Consulting wrote: 
> 
>> Hello,
>> 
>> First of all apologize for my English. I have a problem that I can not 
>> understand and I get in touch with this list to see if someone can help me 
>> or failing to tell me where I can go.
>> 
>> I have the following problem, when I register a new account I configure the 
>> account by IMAP SSL / TLS connection security password Encrypted everything 
>> perfect, the problem I have is that if I have already started with 
>> text-plain security dovecot does not let me log in, I understand because 
>> somewhere we indicate that this account is logged in by this authentication 
>> method and does not accept another method of authentication. 
>> 
>> This can be solved in some way. 
>> 
>> Thank you. 
>> N&A Consulting | Francisco Navarro | Dpto. Técnico. |  966 344 244  | 
>> www.nyaconsulting.com [1] | f...@nyaconsulting.com
>> 
>> -
>> 
>> N&A Consulting, C.B. Garantiza el pleno cumplimiento de la normativa de 
>> Protección de Datos de Carácter Personal, y así, de acuerdo con la L.O.P.D. 
>> de 15/1999, el receptor de este e-mail queda informado y da su 
>> consentimiento a la incorporación de sus datos a los ficheros existentes en 
>> la empresa y al tratamiento de los mismos para su utilización en relación 
>> con el desenvolvimiento de gestiones comerciales, administrativas y otras 
>> actividades propias de la misma. 
>> 
>> La política de privacidad de N&A Consulting, C.B. le asegura en todo caso, 
>> el ejercicio de los derechos de acceso, rectificación, cancelación y 
>> oposición, en los términos establecidos en la legislación vigente, mediante 
>> escrito dirigido a Avda. Príncipe de Asturias, 14-Esc.1-Local 2, 03300 - 
>> Orihuela, siendo responsable del fichero N&A Consulting, C.B. con domicilio 
>> a estos efectos, en la dirección antes indicada. 
>> 
>> El receptor de este e-mail, acepta que puedan ser cedidos sus datos, 
>> exclusivamente para actividades necesarias para el correcto desenvolvimiento 
>> de la gestión y administración interna de N&A Consulting, C.B. Asimismo, el 
>> receptor de este e-mail, acepta que N&A Consulting, C.B. le remita 
>> información sobre cualesquiera productos o servicios que comercialice o 
>> preste. La aceptación del receptor de este e-mail para que puedan ser 
>> tratados o cedidos sus datos en la forma establecida en este párrafo, tiene 
>> siempre carácter revocable, sin efectos retroactivos, conforme a lo que 
>> disponen lo artículos 6 y 11 de la Ley Orgánica 15/1999 de 13 de Diciembre. 
>> 
>> En el caso de que no desee recibir información le rogamos nos lo comunique 
>> enviando un e-mail a la siguiente dirección de correo electrónico 
>> f...@nyaconsulting.com.
> 
> -- 
> Eric Broch
> White Horse Technical Consulting (WHTC)
 

Links:
--
[1] http://www.nyaconsulting.com

Re: [qmailtoaster] Dovecot - Qmailtoaster

[Eric Broch]

Is 'auth_mechanisms' set as below?

auth_mechanisms = plain login


On 3/19/2018 6:43 PM, Francisco Navarro -- N&A Consulting wrote:



Hello,

First of all apologize for my English. I have a problem that I can not 
understand and I get in touch with this list to see if someone can 
help me or failing to tell me where I can go.


I have the following problem, when I register a new account I 
configure the account by IMAP SSL / TLS connection security password 
Encrypted everything perfect, the problem I have is that if I have 
already started with text-plain security dovecot does not let me log 
in, I understand because somewhere we indicate that this account is 
logged in by this authentication method and does not accept another 
method of authentication.


This can be solved in some way.

Thank you.

N&A Consulting | Francisco Navarro | Dpto. Técnico. | 966 344 244 | 
www.nyaconsulting.com | f...@nyaconsulting.com




N&A Consulting, C.B. Garantiza el pleno cumplimiento de la normativa 
de Protección de Datos de Carácter Personal, y así, de acuerdo con la 
L.O.P.D. de 15/1999, el receptor de este e-mail queda informado y da 
su consentimiento a la incorporación de sus datos a los ficheros 
existentes en la empresa y al tratamiento de los mismos para su 
utilización en relación con el desenvolvimiento de gestiones 
comerciales, administrativas y otras actividades propias de la misma.


La política de privacidad de N&A Consulting, C.B. le asegura en todo 
caso, el ejercicio de los derechos de acceso, rectificación, 
cancelación y oposición, en los términos establecidos en la 
legislación vigente, mediante escrito dirigido a Avda. Príncipe de 
Asturias, 14-Esc.1-Local 2, 03300 - Orihuela, siendo responsable del 
fichero N&A Consulting, C.B. con domicilio a estos efectos, en la 
dirección antes indicada.


El receptor de este e-mail, acepta que puedan ser cedidos sus datos, 
exclusivamente para actividades necesarias para el correcto 
desenvolvimiento de la gestión y administración interna de N&A 
Consulting, C.B. Asimismo, el receptor de este e-mail, acepta que N&A 
Consulting, C.B. le remita información sobre cualesquiera productos o 
servicios que comercialice o preste. La aceptación del receptor de 
este e-mail para que puedan ser tratados o cedidos sus datos en la 
forma establecida en este párrafo, tiene siempre carácter revocable, 
sin efectos retroactivos, conforme a lo que disponen lo artículos 6 y 
11 de la Ley Orgánica 15/1999 de 13 de Diciembre.


En el caso de que no desee recibir información le rogamos nos lo 
comunique enviando un e-mail a la siguiente dirección de correo 
electrónicof...@nyaconsulting.com. 




--
Eric Broch
White Horse Technical Consulting (WHTC)

[qmailtoaster] Dovecot - Qmailtoaster

[Francisco Navarro -- N&A Consulting]

Hello,

First of all apologize for my English. I have a problem that I can not
understand and I get in touch with this list to see if someone can help
me or failing to tell me where I can go.

I have the following problem, when I register a new account I configure
the account by IMAP SSL / TLS connection security password Encrypted
everything perfect, the problem I have is that if I have already started
with text-plain security dovecot does not let me log in, I understand
because somewhere we indicate that this account is logged in by this
authentication method and does not accept another method of
authentication. 

This can be solved in some way. 

Thank you. 
N&A Consulting | Francisco Navarro | Dpto. Técnico. |  966 344 244  |
www.nyaconsulting.com | f...@nyaconsulting.com

-

N&A Consulting, C.B. Garantiza el pleno cumplimiento de la normativa de
Protección de Datos de Carácter Personal, y así, de acuerdo con la
L.O.P.D. de 15/1999, el receptor de este e-mail queda informado y da su
consentimiento a la incorporación de sus datos a los ficheros existentes
en la empresa y al tratamiento de los mismos para su utilización en
relación con el desenvolvimiento de gestiones comerciales,
administrativas y otras actividades propias de la misma. 

La política de privacidad de N&A Consulting, C.B. le asegura en todo
caso, el ejercicio de los derechos de acceso, rectificación, cancelación
y oposición, en los términos establecidos en la legislación vigente,
mediante escrito dirigido a Avda. Príncipe de Asturias, 14-Esc.1-Local
2, 03300 - Orihuela, siendo responsable del fichero N&A Consulting, C.B.
con domicilio a estos efectos, en la dirección antes indicada. 

El receptor de este e-mail, acepta que puedan ser cedidos sus datos,
exclusivamente para actividades necesarias para el correcto
desenvolvimiento de la gestión y administración interna de N&A
Consulting, C.B. Asimismo, el receptor de este e-mail, acepta que N&A
Consulting, C.B. le remita información sobre cualesquiera productos o
servicios que comercialice o preste. La aceptación del receptor de este
e-mail para que puedan ser tratados o cedidos sus datos en la forma
establecida en este párrafo, tiene siempre carácter revocable, sin
efectos retroactivos, conforme a lo que disponen lo artículos 6 y 11 de
la Ley Orgánica 15/1999 de 13 de Diciembre. 

En el caso de que no desee recibir información le rogamos nos lo
comunique enviando un e-mail a la siguiente dirección de correo
electrónico f...@nyaconsulting.com.

Re: [qmailtoaster] dovecot mysql connection lost

[Jeff Koch]

Thanks - I'll give these a try should it happen again.

Jeff

On 9/17/2017 3:10 PM, Eric Broch wrote:


And, here's another one:

mysql -u root -ppassword -BNe "select host,count(host) from 
processlist group by host;" information_schema


Explanation:

Display the number of connections to a MySQL Database

Count the number of active connections to a MySQL database.

The MySQL command "show processlist" gives a list of all the active 
clients.


However, by using the processlist table, in the information_schema 
database, we can sort and count the results within MySQL.




On 9/17/2017 11:33 AM, Jeff Koch wrote:

Eric - thanks !  Jeff

On 9/17/2017 11:14 AM, Eric Broch wrote:


Hi Jeff,

Here are some commands you can run to determine the number of 
connections (to determine if this is the issue) to the MariaDB in 
the event that this happens again:


1) echo "show full processlist" | mysql -u root -ppassword

2) doveadm who

3)  ps aux | grep vpopmail | grep dovecot

Eric


On 9/15/2017 4:02 PM, Jeff Koch wrote:
I raised it to 300 but we're a little concerned about all these 
root sessions. Could they be a form of break-in attempt and why 
would they affect mysql to the point that dovecot could not 
connect. And what the heck is a 'user-89.slice. vpopmail is usually 
user 89.


Jeff

On 9/15/2017 5:57 PM, Eric Broch wrote:


I think I'd try upping the connection count, what's it at 151?


On 9/15/2017 3:25 PM, Jeff Koch wrote:

Nope.

But I did see this strange series of entries in /var/log/messages 
- which started at 12:03 and continued to 12:15. This was the 
same period that dovecot was complaining that it couldn't connect 
to mysql


Sep 15 12:04:01 vid systemd: Started Session 208671 of user root.
Sep 15 12:04:01 vid systemd: Starting Session 208671 of user root.
Sep 15 12:04:01 vid systemd: Started Session 208670 of user root.
Sep 15 12:04:01 vid systemd: Starting Session 208670 of user root.
Sep 15 12:04:01 vid systemd: Started Session 208672 of user root.
Sep 15 12:04:01 vid systemd: Starting Session 208672 of user root.
..
..
Sep 15 12:15:01 vid systemd: Starting Session 208707 of user root.
Sep 15 12:15:01 vid systemd: Started Session 208709 of user root.
Sep 15 12:15:01 vid systemd: Starting Session 208709 of user root.
Sep 15 12:15:01 vid systemd: Started Session 208708 of user root.
Sep 15 12:15:01 vid systemd: Starting Session 208708 of user root.
Sep 15 12:15:01 vid systemd: Created slice user-89.slice.
Sep 15 12:15:01 vid systemd: Starting user-89.slice.
Sep 15 12:15:01 vid systemd: Started Session 208710 of user vpopmail.
Sep 15 12:15:01 vid systemd: Starting Session 208710 of user 
vpopmail.

Sep 15 12:15:17 vid clamd: SelfCheck: Database status OK.
Sep 15 12:15:18 vid systemd: Removed slice user-89.slice.
Sep 15 12:15:18 vid systemd: Stopping user-89.slice.

Jeff


On 9/15/2017 4:09 PM, Eric Broch wrote:


Any entries in /var/log/mariadb/mariadb.log ?


On 9/15/2017 1:21 PM, Jeff Koch wrote:


For about a 15 minutes period users couldn't receive emails - 
emails were bouncing back saying the users did not exist. We 
traced the problem to the dovecot log where we saw this:


Sep 15 12:16:23 auth-worker: Error: vmysql: sql error[3]: Table 
'vpopmail.users' doesn't exist
Sep 15 12:16:23 auth-worker: Error: Attempting to rebuild 
connection to SQL server
Sep 15 12:16:23 auth-worker: Error: vmysql: connection rebuild 
failed: Table 'vpopmail.users' doesn't exist


Shortly thereafter dovecot was able to connect and emails began 
being received normally again.


Any thoughts on how to prevent this in the future? Should we 
raise the number of mysql connections - we're using the default.


Regards, Jeff Koch


--
Eric Broch
White Horse Technical Consulting (WHTC)




--
Eric Broch
White Horse Technical Consulting (WHTC)








--
Eric Broch
White Horse Technical Consulting (WHTC)

Re: [qmailtoaster] dovecot mysql connection lost

[Eric Broch]

And, here's another one:

mysql -u root -ppassword -BNe "select host,count(host) from processlist 
group by host;" information_schema


Explanation:

Display the number of connections to a MySQL Database

Count the number of active connections to a MySQL database.

The MySQL command "show processlist" gives a list of all the active clients.

However, by using the processlist table, in the information_schema 
database, we can sort and count the results within MySQL.




On 9/17/2017 11:33 AM, Jeff Koch wrote:

Eric - thanks !  Jeff

On 9/17/2017 11:14 AM, Eric Broch wrote:


Hi Jeff,

Here are some commands you can run to determine the number of 
connections (to determine if this is the issue) to the MariaDB in the 
event that this happens again:


1) echo "show full processlist" | mysql -u root -ppassword

2) doveadm who

3)  ps aux | grep vpopmail | grep dovecot

Eric


On 9/15/2017 4:02 PM, Jeff Koch wrote:
I raised it to 300 but we're a little concerned about all these root 
sessions. Could they be a form of break-in attempt and why would 
they affect mysql to the point that dovecot could not connect. And 
what the heck is a 'user-89.slice. vpopmail is usually user 89.


Jeff

On 9/15/2017 5:57 PM, Eric Broch wrote:


I think I'd try upping the connection count, what's it at 151?


On 9/15/2017 3:25 PM, Jeff Koch wrote:

Nope.

But I did see this strange series of entries in /var/log/messages 
- which started at 12:03 and continued to 12:15. This was the same 
period that dovecot was complaining that it couldn't connect to mysql


Sep 15 12:04:01 vid systemd: Started Session 208671 of user root.
Sep 15 12:04:01 vid systemd: Starting Session 208671 of user root.
Sep 15 12:04:01 vid systemd: Started Session 208670 of user root.
Sep 15 12:04:01 vid systemd: Starting Session 208670 of user root.
Sep 15 12:04:01 vid systemd: Started Session 208672 of user root.
Sep 15 12:04:01 vid systemd: Starting Session 208672 of user root.
..
..
Sep 15 12:15:01 vid systemd: Starting Session 208707 of user root.
Sep 15 12:15:01 vid systemd: Started Session 208709 of user root.
Sep 15 12:15:01 vid systemd: Starting Session 208709 of user root.
Sep 15 12:15:01 vid systemd: Started Session 208708 of user root.
Sep 15 12:15:01 vid systemd: Starting Session 208708 of user root.
Sep 15 12:15:01 vid systemd: Created slice user-89.slice.
Sep 15 12:15:01 vid systemd: Starting user-89.slice.
Sep 15 12:15:01 vid systemd: Started Session 208710 of user vpopmail.
Sep 15 12:15:01 vid systemd: Starting Session 208710 of user vpopmail.
Sep 15 12:15:17 vid clamd: SelfCheck: Database status OK.
Sep 15 12:15:18 vid systemd: Removed slice user-89.slice.
Sep 15 12:15:18 vid systemd: Stopping user-89.slice.

Jeff


On 9/15/2017 4:09 PM, Eric Broch wrote:


Any entries in /var/log/mariadb/mariadb.log ?


On 9/15/2017 1:21 PM, Jeff Koch wrote:


For about a 15 minutes period users couldn't receive emails - 
emails were bouncing back saying the users did not exist. We 
traced the problem to the dovecot log where we saw this:


Sep 15 12:16:23 auth-worker: Error: vmysql: sql error[3]: Table 
'vpopmail.users' doesn't exist
Sep 15 12:16:23 auth-worker: Error: Attempting to rebuild 
connection to SQL server
Sep 15 12:16:23 auth-worker: Error: vmysql: connection rebuild 
failed: Table 'vpopmail.users' doesn't exist


Shortly thereafter dovecot was able to connect and emails began 
being received normally again.


Any thoughts on how to prevent this in the future? Should we 
raise the number of mysql connections - we're using the default.


Regards, Jeff Koch


--
Eric Broch
White Horse Technical Consulting (WHTC)




--
Eric Broch
White Horse Technical Consulting (WHTC)








--
Eric Broch
White Horse Technical Consulting (WHTC)

Re: [qmailtoaster] dovecot mysql connection lost

[Eric Broch]

Hi Jeff,

Here are some commands you can run to determine the number of 
connections (to determine if this is the issue) to the MariaDB in the 
event that this happens again:


1) echo "show full processlist" | mysql -u root -ppassword

2) doveadm who

3)  ps aux | grep vpopmail | grep dovecot

Eric


On 9/15/2017 4:02 PM, Jeff Koch wrote:
I raised it to 300 but we're a little concerned about all these root 
sessions. Could they be a form of break-in attempt and why would they 
affect mysql to the point that dovecot could not connect. And what the 
heck is a 'user-89.slice. vpopmail is usually user 89.


Jeff

On 9/15/2017 5:57 PM, Eric Broch wrote:


I think I'd try upping the connection count, what's it at 151?


On 9/15/2017 3:25 PM, Jeff Koch wrote:

Nope.

But I did see this strange series of entries in /var/log/messages - 
which started at 12:03 and continued to 12:15. This was the same 
period that dovecot was complaining that it couldn't connect to mysql


Sep 15 12:04:01 vid systemd: Started Session 208671 of user root.
Sep 15 12:04:01 vid systemd: Starting Session 208671 of user root.
Sep 15 12:04:01 vid systemd: Started Session 208670 of user root.
Sep 15 12:04:01 vid systemd: Starting Session 208670 of user root.
Sep 15 12:04:01 vid systemd: Started Session 208672 of user root.
Sep 15 12:04:01 vid systemd: Starting Session 208672 of user root.
..
..
Sep 15 12:15:01 vid systemd: Starting Session 208707 of user root.
Sep 15 12:15:01 vid systemd: Started Session 208709 of user root.
Sep 15 12:15:01 vid systemd: Starting Session 208709 of user root.
Sep 15 12:15:01 vid systemd: Started Session 208708 of user root.
Sep 15 12:15:01 vid systemd: Starting Session 208708 of user root.
Sep 15 12:15:01 vid systemd: Created slice user-89.slice.
Sep 15 12:15:01 vid systemd: Starting user-89.slice.
Sep 15 12:15:01 vid systemd: Started Session 208710 of user vpopmail.
Sep 15 12:15:01 vid systemd: Starting Session 208710 of user vpopmail.
Sep 15 12:15:17 vid clamd: SelfCheck: Database status OK.
Sep 15 12:15:18 vid systemd: Removed slice user-89.slice.
Sep 15 12:15:18 vid systemd: Stopping user-89.slice.

Jeff


On 9/15/2017 4:09 PM, Eric Broch wrote:


Any entries in /var/log/mariadb/mariadb.log ?


On 9/15/2017 1:21 PM, Jeff Koch wrote:


For about a 15 minutes period users couldn't receive emails - 
emails were bouncing back saying the users did not exist. We 
traced the problem to the dovecot log where we saw this:


Sep 15 12:16:23 auth-worker: Error: vmysql: sql error[3]: Table 
'vpopmail.users' doesn't exist
Sep 15 12:16:23 auth-worker: Error: Attempting to rebuild 
connection to SQL server
Sep 15 12:16:23 auth-worker: Error: vmysql: connection rebuild 
failed: Table 'vpopmail.users' doesn't exist


Shortly thereafter dovecot was able to connect and emails began 
being received normally again.


Any thoughts on how to prevent this in the future? Should we raise 
the number of mysql connections - we're using the default.


Regards, Jeff Koch


--
Eric Broch
White Horse Technical Consulting (WHTC)




--
Eric Broch
White Horse Technical Consulting (WHTC)

[qmailtoaster] dovecot mysql connection lost

[Jeff Koch]

For about a 15 minutes period users couldn't receive emails - emails 
were bouncing back saying the users did not exist. We traced the problem 
to the dovecot log where we saw this:


Sep 15 12:16:23 auth-worker: Error: vmysql: sql error[3]: Table 
'vpopmail.users' doesn't exist
Sep 15 12:16:23 auth-worker: Error: Attempting to rebuild connection to 
SQL server
Sep 15 12:16:23 auth-worker: Error: vmysql: connection rebuild failed: 
Table 'vpopmail.users' doesn't exist


Shortly thereafter dovecot was able to connect and emails began being 
received normally again.


Any thoughts on how to prevent this in the future? Should we raise the 
number of mysql connections - we're using the default.


Regards, Jeff Koch

Re: [qmailtoaster] dovecot replica 2 servers, idea

[Havrla]

Knowledge:

if the data on both servers:

If one index is damaged, or the transaction log, then it can remove a 
message from a good server.


For the first replica to use the argument to delete messages from a 
remote server ..



havrla

Dne 11.1.2017 v 15:10 Havrla napsal(a):


Heloo,

Qmail toaster in replica 2 servers.

Vpopmail + courier + unison = OK no problem

Vpopmail + dovecot + unison = problem

1. uid email in imap/pop3 diferent in servers

2. problem delivery date different primary and secondary server

3. email cliennt in pop3  download all emails if change server,  imap 
is same.



Dovecot has  dsync replica configurable, problem with "doveadm user 
'*'"  not function in QT config.


Dovecot has  email sync "doveadm sync -u $EMAIL  remote:$IP" for one user.

In attachment, easy script for QT replica dovecot to 2 servers ;-)

2 days old, testing..:-)

Havrla




-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] dovecot replica 2 servers, idea

[Havrla]

Heloo,

Qmail toaster in replica 2 servers.

Vpopmail + courier + unison = OK no problem

Vpopmail + dovecot + unison = problem

1. uid email in imap/pop3 diferent in servers

2. problem delivery date different primary and secondary server

3. email cliennt in pop3  download all emails if change server, imap is 
same.



Dovecot has  dsync replica configurable, problem with "doveadm user 
'*'"  not function in QT config.


Dovecot has  email sync "doveadm sync -u $EMAIL  remote:$IP" for one user.

In attachment, easy script for QT replica dovecot to 2 servers ;-)

2 days old, testing..:-)

Havrla




vpopmail-email-sync.sh
Description: application/shellscript
-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Dovecot, dsync

[Eric Broch]

Have you brought this up on the Dovecot mailing list?

In don't wonder if it doesn't have something to do with our vpopmail 
backend.



On 12/7/2016 3:18 PM, Havrla wrote:

Hi,

It would be a demand for such a configuration?

What it brings good:
Dovecot-based replication, including replication id messages.
After switching to the backup server accepts the message ID is then 
not  problem with IMAP and POP3 (re-download all the messages, the 
problem with indexes etc ..)


What it wants:
1. Dovecot configuration - user and passwd SQL backend module
2. Vpopmail doing what domain's table. SQL module wants everything in 
one table, it will have to make a special database or table where 
everything will be. About using shovels (select tables exist and save 
a single table)

3. Configure the replication in Dovecot

Why? Because:
https://www.darkalchemist.co.uk/2014/05/31/dovecot-dsync-replication/
"doveadm user '*' "should return a sheet of all the users dovecot hosts.
configure as |iterate_query = SELECT email as user FROM mail_user
|Module vpopmail in dovecot not function for all users, module no SQL:
[root@franta ~]# doveadm  user   '*'
Error: User listing returned failure
Fatal: user listing failed
[root@franta ~]# doveadm  user zde...@havrlik.cz
field   value
uid 89
gid 89
home/home/vpopmail/domains/havrlik.cz/zdenek
mail

Perhaps, otherwise specify a list of users. SQL only select 
"iterate_query"  not passwd and user.




Shall I try it ?

Havrla



Dne 2.12.2016 v 23:56 Eric Broch napsal(a):


I've looked at it but never tried any implementation. I use rsync.


On 12/2/2016 3:20 PM, Havrla wrote:


Heloo

Has anyone tried the configuration, see:

http://dovecot.org/list/dovecot/2012-March/134390.html
http://blog.schaal-24.de/ispconfig/mails-mit-dovecot-ueber-tcp-syncen/?lang=en
http://blog.le-vert.net/?p=160
https://www.adyxax.org/MailInfrastructure/Dovecot
https://www.darkalchemist.co.uk/2014/05/31/dovecot-dsync-replication/

Replication qmailtoaster server without unison for mailbox/imap accout.

It works ?

Thanks

Havrla

Re: [qmailtoaster] Dovecot, dsync

[Havrla]

Hi,

It would be a demand for such a configuration?

What it brings good:
Dovecot-based replication, including replication id messages.
After switching to the backup server accepts the message ID is then not  
problem with IMAP and POP3 (re-download all the messages, the problem 
with indexes etc ..)


What it wants:
1. Dovecot configuration - user and passwd SQL backend module
2. Vpopmail doing what domain's table. SQL module wants everything in 
one table, it will have to make a special database or table where 
everything will be. About using shovels (select tables exist and save a 
single table)

3. Configure the replication in Dovecot

Why? Because:
https://www.darkalchemist.co.uk/2014/05/31/dovecot-dsync-replication/
"doveadm user '*' "should return a sheet of all the users dovecot hosts.
configure as |iterate_query = SELECT email as user FROM mail_user
|Module vpopmail in dovecot not function for all users, module no SQL:
[root@franta ~]# doveadm  user   '*'
Error: User listing returned failure
Fatal: user listing failed
[root@franta ~]# doveadm  user  zde...@havrlik.cz
field   value
uid 89
gid 89
home/home/vpopmail/domains/havrlik.cz/zdenek
mail

Perhaps, otherwise specify a list of users. SQL only select 
"iterate_query"  not passwd and user.




Shall I try it ?

Havrla



Dne 2.12.2016 v 23:56 Eric Broch napsal(a):


I've looked at it but never tried any implementation. I use rsync.


On 12/2/2016 3:20 PM, Havrla wrote:


Heloo

Has anyone tried the configuration, see:

http://dovecot.org/list/dovecot/2012-March/134390.html
http://blog.schaal-24.de/ispconfig/mails-mit-dovecot-ueber-tcp-syncen/?lang=en
http://blog.le-vert.net/?p=160
https://www.adyxax.org/MailInfrastructure/Dovecot
https://www.darkalchemist.co.uk/2014/05/31/dovecot-dsync-replication/

Replication qmailtoaster server without unison for mailbox/imap accout.

It works ?

Thanks

Havrla

Re: [qmailtoaster] Dovecot, dsync

[Eric Broch]

I've looked at it but never tried any implementation. I use rsync.


On 12/2/2016 3:20 PM, Havrla wrote:


Heloo

Has anyone tried the configuration, see:

http://dovecot.org/list/dovecot/2012-March/134390.html
http://blog.schaal-24.de/ispconfig/mails-mit-dovecot-ueber-tcp-syncen/?lang=en
http://blog.le-vert.net/?p=160
https://www.adyxax.org/MailInfrastructure/Dovecot
https://www.darkalchemist.co.uk/2014/05/31/dovecot-dsync-replication/

Replication qmailtoaster server without unison for mailbox/imap accout.

It works ?

Thanks

Havrla

[qmailtoaster] Dovecot, dsync

[Havrla]

Heloo

Has anyone tried the configuration, see:

http://dovecot.org/list/dovecot/2012-March/134390.html
http://blog.schaal-24.de/ispconfig/mails-mit-dovecot-ueber-tcp-syncen/?lang=en
http://blog.le-vert.net/?p=160
https://www.adyxax.org/MailInfrastructure/Dovecot
https://www.darkalchemist.co.uk/2014/05/31/dovecot-dsync-replication/

Replication qmailtoaster server without unison for mailbox/imap accout.

It works ?

Thanks

Havrla

Re: [qmailtoaster] Dovecot 2.2.21

[NoriyukiHayashi]

Hi,

Thank you Eric with great information.
I rpmbuild with postgresql-9.4 & mysql-5.5.45 completed.
Next I will try to use on mariadb-10.0.22.

regards,
Noriyuki. Hayashi




> List,
> 
> The latest dovecot is out in the testing and update branches for CentOS 
> 5, 6, and 7.
> 
> Eric
> 
> -
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
> 
> 
--
NoriyukiHayashi ibisMailで送信！

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Dovecot 2.2.21

[Aleksander Podsiadły]

W dniu 12.12.2015, sob o godzinie 08∶14 -0700, użytkownik Eric napisał:
> List,
> 
> The latest dovecot is out in the testing and update branches for
> CentOS 
> 5, 6, and 7.

Compiled on CentOS 5, installed, works for me. :)
v2.2.20 had some bugs, specially with mailbox list.

-- 
Pozdrawiam/Regards,
mgr inż. Aleksander Podsiadły
starszy informatyk
Urząd Gminy w Mniowie
ul. Centralna 9
26-080 Mniów
tel:+48 413737002
fax:+48 413737024
mail:   a...@mniow.pl
a...@mniow.eu
jid:a...@jabber.mniow.pl
gg: 9150578



-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] Dovecot 2.2.21 pigeonhole 0.4.10

[Eric]

List,

I've just put the new release of dovecot 2.2.21 with pigeonhole 2.2.21 
(0.4.10) on the testing and update branches at ftp.whitehorsetc.com for 
the following architectures:


CentOS 5 x86/x86_64
CentOS 6 x86/x86_64
CentOS 7 x86_64

Eric



-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] Dovecot 2.2.21

[Eric]

List,

The latest dovecot is out in the testing and update branches for CentOS 
5, 6, and 7.


Eric

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] Dovecot COS5

[Eric Broch]

Dovecot 2.2.20 is available for download  in the testing branch for i386 
and x86_64

ftp://ftp.whitehorsetc.com/pub/repo/qmt/CentOS/5/testing/i386/
and
ftp://ftp.whitehorsetc.com/pub/repo/qmt/CentOS/5/testing/x86_64/


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] Dovecot COS 6

[Eric]

Dovecot 2.2.20 is available for download or repo update in the testing 
branch.

ftp://ftp.whitehorsetc.com/pub/repo/qmt/CentOS/6/testing/x86_64/

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] Dovecot 2.2.20

[Eric]

Dovecot 2.2.20 is available for download or repo update in the testing 
branch.

ftp://ftp.whitehorsetc.com/pub/repo/qmt/CentOS/7/testing/x86_64/

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] DOVECOT - too limited

[Eric Broch]

Harvla,

http://wiki.dovecot.org/LoginProcess
Search back through the qmailtoaster-list archives as well.

Eric

On 9/9/2015 9:10 AM, Havrla wrote:
> Heloo
>
> CENTOS7
>
> if  [ "in dovecot.log : Warning: service(imap-login): process_limit
> (100) reached, client connections are being dropped" ] ; then
>
> add to /etc/dovecot/toster.conf:
>
> default_process_limit = 1024
> default_client_limit = 1024
>
> fi
>
> Havrla :-)
>
>
>
> -
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] DOVECOT - too limited

[Havrla]

Heloo

CENTOS7

if  [ "in dovecot.log : Warning: service(imap-login): process_limit 
(100) reached, client connections are being dropped" ] ; then


add to /etc/dovecot/toster.conf:

default_process_limit = 1024
default_client_limit = 1024

fi

Havrla :-)



-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] DOVECOT - DIGEST-MD5 problem

[Havrla]

no, qmailtoaster-list information only

H.


Dne 31.8.2015 22:22, Eric Broch napsal(a):

Have you asked about the issue on the dovecot mailing list?

On 8/31/2015 1:56 PM, Havrla wrote:

Hi,

Installed and running 4 days with restarts.

last restart 30.8.2015 02:XX and  send to list  info:

Squirellmail problem login.
[root@tonda ~]# rpm -qa | grep "dovecot\|squir"
dovecot-2.2.18-3.qt.el7.x86_64
squirrelmail-1.4.22-1.qt.el7.x86_64
[root@tonda ~]#

if set to dovecot configuration in toaster.conf:

auth_verbose = yes
auth_verbose_passwords = yes
auth_debug = yes
auth_debug_passwords = yes

then  squirellmail  login OK


after 1 day,  no work with logging dbg


Havrla
.


Dne 31.8.2015 20:45, Eric Broch napsal(a):

Hi Havrla

How long have you been running dovecot-2.2.18?

Eric

Re: [qmailtoaster] DOVECOT - DIGEST-MD5 problem

[Eric Broch]

Have you asked about the issue on the dovecot mailing list?

On 8/31/2015 1:56 PM, Havrla wrote:
> Hi,
>
> Installed and running 4 days with restarts.
>
> last restart   30.8.2015 02:XX and  send to list  info:
> 
> Squirellmail problem login.
> [root@tonda ~]# rpm -qa | grep "dovecot\|squir"
> dovecot-2.2.18-3.qt.el7.x86_64
> squirrelmail-1.4.22-1.qt.el7.x86_64
> [root@tonda ~]#
>
> if set to dovecot configuration in toaster.conf:
>
> auth_verbose = yes
> auth_verbose_passwords = yes
> auth_debug = yes
> auth_debug_passwords = yes
>
> then  squirellmail  login OK
> 
>
> after 1 day,  no work with logging dbg
>
>
> Havrla
> .
>
>
> Dne 31.8.2015 20:45, Eric Broch napsal(a):
>> Hi Havrla
>>
>> How long have you been running dovecot-2.2.18?
>>
>> Eric
>

Re: [qmailtoaster] DOVECOT - DIGEST-MD5 problem

[Havrla]

Hi,

Installed and running 4 days with restarts.

last restart 30.8.2015 02:XX and  send to list  info:

Squirellmail problem login.
[root@tonda ~]# rpm -qa | grep "dovecot\|squir"
dovecot-2.2.18-3.qt.el7.x86_64
squirrelmail-1.4.22-1.qt.el7.x86_64
[root@tonda ~]#

if set to dovecot configuration in toaster.conf:

auth_verbose = yes
auth_verbose_passwords = yes
auth_debug = yes
auth_debug_passwords = yes

then  squirellmail  login OK


after 1 day,  no work with logging dbg


Havrla
.


Dne 31.8.2015 20:45, Eric Broch napsal(a):

Hi Havrla

How long have you been running dovecot-2.2.18?

Eric

Re: [qmailtoaster] DOVECOT - DIGEST-MD5 problem

[Eric Broch]

Hi Havrla

How long have you been running dovecot-2.2.18?

Eric


On 8/31/2015 11:46 AM, Havrla wrote:
> Heloo
>
> CENTOS7
> tonda ~]# rpm -qa | grep dovecot
> dovecot-2.2.18-3.qt.el7.x86_64
> [root@tonda ~]#
>
>
> running 1 day   OK  with  dbg log, next day no login.
>
>
> Aug 31 19:20:45 auth: Debug: auth client connected (pid=17760)
> Aug 31 19:20:45 auth: Debug: client in: AUTH1 DIGEST-MD5 
> service=imapsecured
> session=DjZmp54evQABlip=::1 rip=::1
> lport=143   rport=37565
> Aug 31 19:20:45 auth: Debug: client passdb out: CONT1
> cmVhbG09IiIsbm9uY2U9Img5cDJyMmxIL3grMThVOXFMUHYxckE9PSIscW9wPSJhdXRoIixjaGFyc2V0PSJ1dGYtOCIsYWxnb3JpdGhtPSJtZDUtc2VzcyI=
> Aug 31 19:20:45 auth: Debug: client in: CONT1
> Y2hhcnNldD11dGYtOCx1c2VybmFtZT0iemRlbmVrQGxob3RrYW5ldC5jeiIscmVhbG09IiIsbm9uY2U9Img5cDJyMmxIL3grMThVOXFMUHYxckE9PSIsbmM9MDAwMDAwMDEsY25vbmNlPSJOVFZrTWpnNVpURm1aV1JpWVRJek5HVTFNbUkxTmpNMU9EQTVaVFl3Tm1NPSIsZGlnZXN0LXVyaT0iaW1hcC9sb2NhbGhvc3QiLHJlc3BvbnNlPWVhNDljMjhkYzc4NjNlNmQ4NzU3YzZmMTIwYTczZWUxLHFvcD1hdXRo
> (previous base64 data may contain sensitive data)
> Aug 31 19:20:45 auth: Debug:
> vpopmail(zde...@lhotkanet.cz,::1,):
> cache hit: {SHA1}6bP5yAgOrVdgCHxfzMhH473+67g= user=zde...@lhotkanet.cz
> Aug 31 19:20:45 auth: Info:
> vpopmail(zde...@lhotkanet.cz,::1,):
> Requested DIGEST-MD5 scheme, but we have only SHA1 (input:
> 6bP5yAgOrVdgCHxfzMhH473+67g=)
> Aug 31 19:20:47 auth: Debug: client passdb out: FAIL1
> user=zde...@lhotkanet.cz
> Aug 31 19:20:47 imap-login: Info: Aborted login (auth failed, 1
> attempts in 2 secs): user=, method=DIGEST-MD5,
> rip=::1, lip=::1, secured, session=
>
>
> after restart dovecot, login OK
>
> first login:
> Aug 31 19:26:26 auth: Debug: auth client connected (pid=24652)
> Aug 31 19:26:26 auth: Debug: client in: AUTH1 DIGEST-MD5 
> service=imapsecured
> session=8D+yu54eOAABlip=::1 rip=::1
> lport=143   rport=37944
> Aug 31 19:26:26 auth: Debug: client passdb out: CONT1
> cmVhbG09IiIsbm9uY2U9InhKVjZMR1NaYUpVRUE5L2NzVzdWS2c9PSIscW9wPSJhdXRoIixjaGFyc2V0PSJ1dGYtOCIsYWxnb3JpdGhtPSJtZDUtc2VzcyI=
> Aug 31 19:26:26 auth: Debug: client in: CONT1
> Y2hhcnNldD11dGYtOCx1c2VybmFtZT0iemRlbmVrQGxob3RrYW5ldC5jeiIscmVhbG09IiIsbm9uY2U9InhKVjZMR1NaYUpVRUE5L2NzVzdWS2c9PSIsbmM9MDAwMDAwMDEsY25vbmNlPSJZelUyTjJ
> FeFlXRmpNRFU0WVRSa1pqRTFNREZsTVdabU5qZGhObVV4T1dFPSIsZGlnZXN0LXVyaT0iaW1hcC9sb2NhbGhvc3QiLHJlc3BvbnNlPWQ5NTg0YjZlNzUwNTQ5YjU5Yzg1MzVjMGZiYmY4ODU4LHFvcD1hdXRo
> (previous base64 data may contain sensitive data)
> Aug 31 19:26:26 auth: Debug:
> vpopmail(zde...@lhotkanet.cz,::1,<8D+yu54eOAAB>):
> cache miss
> Aug 31 19:26:26 auth-worker(24564): Debug:
> vpopmail(zde...@lhotkanet.cz,::1): lookup user=zdenek domain=lhotkanet.cz
> Aug 31 19:26:26 auth: Debug:
> vpopmail(zde...@lhotkanet.cz,::1,<8D+yu54eOAAB>):
> Generating DIGEST-MD5 from user 'zde...@lhotkanet.cz@', password
> '---hide---'
> Aug 31 19:26:26 auth: Debug:
> vpopmail(zde...@lhotkanet.cz,::1,<8D+yu54eOAAB>):
> Credentials: 6dfa0329b7f81aa669994f6b827d47aa
> Aug 31 19:26:26 auth: Debug: client passdb out: CONT1
> cnNwYXV0aD03MDNhMTI4NmRiMzQ3ODNjOTQ1NTg5YmU3ZmQyOTYyZQ==
> Aug 31 19:26:26 auth: Debug: client in: CONT1(previous
> base64 data may contain sensitive data)
> Aug 31 19:26:26 auth: Debug: client passdb out: OK  1
> user=zde...@lhotkanet.cz
> Aug 31 19:26:26 auth: Debug: master in: REQUEST 2322333697 24652  
> 1   f2a0d197d55599c414ab7e05a07fb78c session_pid=24653  
> request_auth_token
> Aug 31 19:26:26 auth: Debug:
> vpopmail(zde...@lhotkanet.cz,::1,<8D+yu54eOAAB>):
> userdb cache miss
> Aug 31 19:26:26 auth-worker(24564): Debug:
> vpopmail(zde...@lhotkanet.cz,::1): lookup user=zdenek domain=lhotkanet.cz
> Aug 31 19:26:26 auth: Debug: master userdb out: USER 2322333697 
> zde...@lhotkanet.cz uid=89  gid=89
> home=/home/vpopmail/domains/lhotkanet.cz/zdenek
> auth_token=2b7afee9393c50257f686541cd0f5b2d625ef543
> Aug 31 19:26:26 imap-login: Info: Login: user=,
> method=DIGEST-MD5, rip=::1, lip=::1, mpid=24653, secured,
> session=<8D+yu54eOAAB>
>
> second login
>
> Aug 31 19:27:05 auth: Debug: auth client connected (pid=25614)
> Aug 31 19:27:05 auth: Debug: client in: AUTH1 DIGEST-MD5 
> service=imapsecured
> session=gdUEvp4eggABlip=::1 rip=::1
> lport=143   rport=38018
> Aug 31 19:27:05 auth: Debug: client passdb out: CONT1
> cmVhbG09IiIsbm9uY2U9IkRaTDFJbVVzR0IyOERJR1VETTJEMHc9PSIscW9wPSJhdXRoIixjaGFyc2V0PSJ1dGYtOCIsYWxnb3JpdGhtPSJtZDUtc2VzcyI=
> Aug 31 19:27:05 auth: Debug: client in: CONT1
> Y2hhcnNldD11dGYtOCx1c2VybmFtZT0iemRlbmVrQGxob3RrYW5ldC5jeiIscmVhbG09IiIsbm9uY2U9IkRaTDFJbVVzR0IyOERJR1VETTJEMHc9PSIsbmM9MDAwMDAwMDEsY25vbmNlPSJZelprT1ROak1USmhNREV3TWpBME5HTTVNRGc0TmpoaU1XRmtOREExT0RrPSIsZGlnZXN0LXVyaT0iaW1hcC9sb2NhbGhvc3QiLHJlc3

[qmailtoaster] DOVECOT - DIGEST-MD5 problem

[Havrla]

Heloo

CENTOS7
tonda ~]# rpm -qa | grep dovecot
dovecot-2.2.18-3.qt.el7.x86_64
[root@tonda ~]#


running 1 day   OK  with  dbg log, next day no login.


Aug 31 19:20:45 auth: Debug: auth client connected (pid=17760)
Aug 31 19:20:45 auth: Debug: client in: AUTH1 DIGEST-MD5  
service=imapsecured session=DjZmp54evQAB
lip=::1 rip=::1 lport=143   rport=37565
Aug 31 19:20:45 auth: Debug: client passdb out: CONT1 
cmVhbG09IiIsbm9uY2U9Img5cDJyMmxIL3grMThVOXFMUHYxckE9PSIscW9wPSJhdXRoIixjaGFyc2V0PSJ1dGYtOCIsYWxnb3JpdGhtPSJtZDUtc2VzcyI=
Aug 31 19:20:45 auth: Debug: client in: CONT1 
Y2hhcnNldD11dGYtOCx1c2VybmFtZT0iemRlbmVrQGxob3RrYW5ldC5jeiIscmVhbG09IiIsbm9uY2U9Img5cDJyMmxIL3grMThVOXFMUHYxckE9PSIsbmM9MDAwMDAwMDEsY25vbmNlPSJOVFZrTWpnNVpURm1aV1JpWVRJek5HVTFNbUkxTmpNMU9EQTVaVFl3Tm1NPSIsZGlnZXN0LXVyaT0iaW1hcC9sb2NhbGhvc3QiLHJlc3BvbnNlPWVhNDljMjhkYzc4NjNlNmQ4NzU3YzZmMTIwYTczZWUxLHFvcD1hdXRo 
(previous base64 data may contain sensitive data)
Aug 31 19:20:45 auth: Debug: 
vpopmail(zde...@lhotkanet.cz,::1,): 
cache hit: {SHA1}6bP5yAgOrVdgCHxfzMhH473+67g= user=zde...@lhotkanet.cz
Aug 31 19:20:45 auth: Info: 
vpopmail(zde...@lhotkanet.cz,::1,): 
Requested DIGEST-MD5 scheme, but we have only SHA1 (input: 
6bP5yAgOrVdgCHxfzMhH473+67g=)
Aug 31 19:20:47 auth: Debug: client passdb out: FAIL1 
user=zde...@lhotkanet.cz
Aug 31 19:20:47 imap-login: Info: Aborted login (auth failed, 1 attempts 
in 2 secs): user=, method=DIGEST-MD5, rip=::1, 
lip=::1, secured, session=



after restart dovecot, login OK

first login:
Aug 31 19:26:26 auth: Debug: auth client connected (pid=24652)
Aug 31 19:26:26 auth: Debug: client in: AUTH1 DIGEST-MD5  
service=imapsecured session=8D+yu54eOAAB
lip=::1 rip=::1 lport=143   rport=37944
Aug 31 19:26:26 auth: Debug: client passdb out: CONT1 
cmVhbG09IiIsbm9uY2U9InhKVjZMR1NaYUpVRUE5L2NzVzdWS2c9PSIscW9wPSJhdXRoIixjaGFyc2V0PSJ1dGYtOCIsYWxnb3JpdGhtPSJtZDUtc2VzcyI=
Aug 31 19:26:26 auth: Debug: client in: CONT1 
Y2hhcnNldD11dGYtOCx1c2VybmFtZT0iemRlbmVrQGxob3RrYW5ldC5jeiIscmVhbG09IiIsbm9uY2U9InhKVjZMR1NaYUpVRUE5L2NzVzdWS2c9PSIsbmM9MDAwMDAwMDEsY25vbmNlPSJZelUyTjJ
FeFlXRmpNRFU0WVRSa1pqRTFNREZsTVdabU5qZGhObVV4T1dFPSIsZGlnZXN0LXVyaT0iaW1hcC9sb2NhbGhvc3QiLHJlc3BvbnNlPWQ5NTg0YjZlNzUwNTQ5YjU5Yzg1MzVjMGZiYmY4ODU4LHFvcD1hdXRo 
(previous base64 data may contain sensitive data)
Aug 31 19:26:26 auth: Debug: 
vpopmail(zde...@lhotkanet.cz,::1,<8D+yu54eOAAB>): 
cache miss
Aug 31 19:26:26 auth-worker(24564): Debug: 
vpopmail(zde...@lhotkanet.cz,::1): lookup user=zdenek domain=lhotkanet.cz
Aug 31 19:26:26 auth: Debug: 
vpopmail(zde...@lhotkanet.cz,::1,<8D+yu54eOAAB>): 
Generating DIGEST-MD5 from user 'zde...@lhotkanet.cz@', password 
'---hide---'
Aug 31 19:26:26 auth: Debug: 
vpopmail(zde...@lhotkanet.cz,::1,<8D+yu54eOAAB>): 
Credentials: 6dfa0329b7f81aa669994f6b827d47aa
Aug 31 19:26:26 auth: Debug: client passdb out: CONT1 
cnNwYXV0aD03MDNhMTI4NmRiMzQ3ODNjOTQ1NTg5YmU3ZmQyOTYyZQ==
Aug 31 19:26:26 auth: Debug: client in: CONT1(previous 
base64 data may contain sensitive data)
Aug 31 19:26:26 auth: Debug: client passdb out: OK  1 
user=zde...@lhotkanet.cz
Aug 31 19:26:26 auth: Debug: master in: REQUEST 2322333697 24652   
1   f2a0d197d55599c414ab7e05a07fb78c session_pid=24653   
request_auth_token
Aug 31 19:26:26 auth: Debug: 
vpopmail(zde...@lhotkanet.cz,::1,<8D+yu54eOAAB>): 
userdb cache miss
Aug 31 19:26:26 auth-worker(24564): Debug: 
vpopmail(zde...@lhotkanet.cz,::1): lookup user=zdenek domain=lhotkanet.cz
Aug 31 19:26:26 auth: Debug: master userdb out: USER 2322333697  
zde...@lhotkanet.cz uid=89  gid=89 
home=/home/vpopmail/domains/lhotkanet.cz/zdenek 
auth_token=2b7afee9393c50257f686541cd0f5b2d625ef543
Aug 31 19:26:26 imap-login: Info: Login: user=, 
method=DIGEST-MD5, rip=::1, lip=::1, mpid=24653, secured, 
session=<8D+yu54eOAAB>


second login

Aug 31 19:27:05 auth: Debug: auth client connected (pid=25614)
Aug 31 19:27:05 auth: Debug: client in: AUTH1 DIGEST-MD5  
service=imapsecured session=gdUEvp4eggAB
lip=::1 rip=::1 lport=143   rport=38018
Aug 31 19:27:05 auth: Debug: client passdb out: CONT1 
cmVhbG09IiIsbm9uY2U9IkRaTDFJbVVzR0IyOERJR1VETTJEMHc9PSIscW9wPSJhdXRoIixjaGFyc2V0PSJ1dGYtOCIsYWxnb3JpdGhtPSJtZDUtc2VzcyI=
Aug 31 19:27:05 auth: Debug: client in: CONT1 
Y2hhcnNldD11dGYtOCx1c2VybmFtZT0iemRlbmVrQGxob3RrYW5ldC5jeiIscmVhbG09IiIsbm9uY2U9IkRaTDFJbVVzR0IyOERJR1VETTJEMHc9PSIsbmM9MDAwMDAwMDEsY25vbmNlPSJZelprT1ROak1USmhNREV3TWpBME5HTTVNRGc0TmpoaU1XRmtOREExT0RrPSIsZGlnZXN0LXVyaT0iaW1hcC9sb2NhbGhvc3QiLHJlc3BvbnNlPTExYmRlNmVhY2JhNWM5Yjk3MTlmYjdhYTRmY2E2NWNjLHFvcD1hdXRo 
(previous base64 data may contain sensitive data)
Aug 31 19:27:05 auth: Debug: 
vpopmail(zde...@lhotkanet.cz,::1,): 
cache hit: {CLEARTEXT.b64}---HIDE   user=zde...@lh

[qmailtoaster] Dovecot and Squirellmail problem login CENTOS7

[Havrla]

Heloo

CENTOS7

Squirellmail problem login.
[root@tonda ~]# rpm -qa | grep "dovecot\|squir"
dovecot-2.2.18-3.qt.el7.x86_64
squirrelmail-1.4.22-1.qt.el7.x86_64
[root@tonda ~]#


if set to dovecot configuration in toaster.conf:

auth_verbose = yes
auth_verbose_passwords = yes
auth_debug = yes
auth_debug_passwords = yes

then  squirellmail  login OK



Havrla

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] dovecot-2.0.17-2.qtp.src.rpm source? where ??

[Linux]

thanks for your help, with the other link you've solved my problem
completely.

Best regards,

Paul

2015-03-01 16:01 GMT-03:00 Eric Broch :

> On 3/1/2015 10:12 AM, Linux wrote:
> > anyone can share me the following source dovecot-2.0.17-2.qtp.src.rpm
> >
> >
> > best regards,
> >
> > Paul
> I can't find one. Sorry.
>
> -
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>
>

Re: [qmailtoaster] dovecot-2.0.17-2.qtp.src.rpm source? where ??

[Eric Broch]

On 3/1/2015 10:12 AM, Linux wrote:
> anyone can share me the following source dovecot-2.0.17-2.qtp.src.rpm
>
>
> best regards,
>
> Paul
I can't find one. Sorry.

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] dovecot-2.0.17-2.qtp.src.rpm source? where ??

[Linux]

anyone can share me the following source dovecot-2.0.17-2.qtp.src.rpm


best regards,

Paul

[qmailtoaster] dovecot upgrade

[Peter Peltonen]

As one needs at least dovecot version 2.1 to be able to disable SSLv3,
I would need to upgrade my old dovecot-2.0.17-2.qtp packages to newer
ones.

I thought I just grab the packages from the latest bunch of .qt
pacakges, but upgrading to those didn't work out:

# rpm -Fvh dovecot-2.2.7-0.qt.el5.i386.rpm

warning: dovecot-2.2.7-0.qt.el5.i386.rpm: Header V3 DSA signature:
NOKEY, key ID 1bde5fd0

error: Failed dependencies:

libcourierauth.so.0 is needed by (installed)
maildrop-toaster-2.0.3-1.3.8.i686

I do not quite get what libcourierauth has to do with dovecot and why
do I get this error?

# rpm -qf /usr/lib/courier-authlib/libcourierauth.so.0
courier-authlib-toaster-0.59.2-1.3.10

Any advice how I should proceed in getting a newer version of dovecot installed?

Peter

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] Dovecot and Squirrelmail IMAP Quota Usage Display - SOLVED

[Edwin Casimero]

Hi Guys,

For those who have not been able to display Quotas / Disk Usage on 
Squirrelmail or Roundcube or Thunderbird Quota Plugin... I would like to 
share the easy solution I just found about how to display quota usage in:


- Qmail Toaster
- CentOs 5.x
- Courier Replaced by Dovecot 2.0.17

The solution I copied from looking at the development Qmail Toaster for 
CentOS 6.


This is what I did for 2 installations of QMT on CentOS 5.x with Dovecot 
2.0.17:


In /etc/dovecot/toaster.conf

Add these lines:

 start -

# added to make quotas work!

mail_plugins = $mail_plugins quota

protocol imap {
  imap_client_workarounds = "delay-newmail"
  mail_plugins = $mail_plugins imap_quota
}

plugin {
  quota = maildir:ignore=Trash
  quota_rule = ?:storage=0
}

-- end ---

Restart dovecot with:

service dovecot restart

And that is it, the quotas via imap will now display in your 
Squirrelmail (with the check quota plugin) and Roundcube.


For Thunderbird you can install a quota plugin.

Hope this helps someone.

Best wishes,
Edwin

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] Dovecot migration failure, courier revert failure

[Thomas M Jaeger]

I am running CentOS 5.10 with an older build of qmailtoaster (2009) 
which I have kept up to date with QTP.  With the onslaught of devices 
automatically configuring email with IMAP, I wanted to migrate to 
dovecot for it's efficiency and larger mailbox size compatibility.


I followed the dovecot upgrade instruction at 
http://wiki.qmailtoaster.com/index.php/Replacing_Courier_IMAP_with_Dovecot_IMAP 
and experienced an epic fail.  (My fault, I'm sure.)


I used the RPM install through yum as directed.

I backed up the mailboxes (virtual domains - tarred) before running the 
migrate tool to test.  I saw that there were no errors and only a few 
mailboxes returned the "No imap/pop3 uidlist files" message:


=
[root@host domains]# /usr/local/sbin/courier-dovecot-migrate.pl --recursive
Testing conversion based on newest timestamps
Finding maildirs under .
.com//Maildir: No imap/pop3 uidlist files
.com//Maildir: No imap/pop3 uidlist files
.com//Maildir: No imap/pop3 uidlist files
.com//Maildir: No imap/pop3 uidlist files
.com//Maildir: No imap/pop3 uidlist files
.com//Maildir: No imap/pop3 uidlist files

Total: 108 mailboxes / 25 users
   0 errors
No actual conversion done, use --convert parameter
=

I ran the conversion and saw no errors; changed the squirrelmail config 
file to use dovecot.  I created the imap4 "Stop Courier" instructions 
and the mailbox conversion.  When I went to start dovecot, it wouldn't 
start because it wanted to control POP3 as well.  I had no problem with 
that idea so I followed the "Dovecot POP3" instruction.


(Please note that the "Edit //etc/dovecot/toaster.conf,/ [...]" did not 
correlate with my install.  The RPM only installed /etc/dovecot.conf for 
a config file.  I also later noticed that the default dovecot config 
file lists all mail protocols out of the box; most likely causing my 
POP3 problem:


=
...
# Protocols we want to be serving: imap imaps pop3 pop3s
# If you only want to use dovecot-auth, you can set this to "none".
protocols = imap imaps pop3 pop3s
...
=

)

However, after the full conversion and starting dovecot with no notable 
errors, clients received login errors for pop3, and sguirrelmail 
wouldn't login.  (Sorry I didn't save the info as I immediately started 
to revert back to courier...as mentioned further...)  Squirrelmail is 
not so much the concern here as the fact that POP and IMAP continually 
returned errors that the user name and password were not recognized or 
they couldn't, otherwise, connect.  I also had a client/user say an 
outside sender received an error in sending an email to the server (no 
specifics again, sorry).


Panic mode.

So, I attempted to revert back to courier but am still experiencing a 
problem...  I stopped then turned off dovecot (chkconfig dovecot off), 
moved the converted "domain" directory, untarred the old "domain" 
directory and put it back into place, removed the "down" files from the 
"/var/qmail/supervise" pop* and imap* directories and rebooted the 
server.  All seemed fine until (POP) clients started getting timeout 
errors and squirrelmail returns the message, "ERROR: Connection dropped 
by IMAP server" (nothing else).  They were able to POP the server and 
log into squirrelmail, then the services stopped working after an 
undetermined amount of time.  I have also experienced the squirrelmail 
problem while still able to pop accounts and no errors from email client 
software using IMAP.  The only way I can fix this problem is a reboot, 
as I really don't know how to restart the courier service or even if 
it's the courier service; "service qmail restart" or "qmailctl restart" 
don't do it.


I understand this is a load of information that is not so very useful in 
diagnosing a problem.  However, I really don't know what logs will 
provide me (and you) with the error information needed.  I can only seem 
to find this in the /var/log/qmail/imap4-ssl/current file:


=
...
@40005321a21005971184 INFO: LOGIN, user=@.com, 
ip=[REMOTE USER IP], protocol=IMAP
@40005321a91b0e07aeb4 INFO: TIMEOUT, user=@.com, 
ip=[REMOTE USER IP], headers=0, body=0, rcvd=173, sent=8826, time=1803

@40005321a91b112da6d4 tcpserver: end 17085 status 0
@40005321a91b112db28c tcpserver: status: 0/40
@40005321c1553b00455c tcpserver: status: 1/40
@40005321c15600e23fec tcpserver: pid 20403 from 
@40005321c15600e24ba4 tcpserver: ok 20403 FQDN>.com::993 :::53633

@40005321c15616eab10c DEBUG: Connection, ip=[SECOND USER REMOTE IP]
@40005321c1561867565c couriertls: read: error:14094418:SSL 
routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
@40005321c156186fd23c DEBUG: Disconnected, ip=[SECOND USER REMOTE 
IP], time=0

@40005321c156186fda0c tcpserver: end 20403 status 0
@40005321c156186fe1dc tcpserver: status: 0/40
@4000

[qmailtoaster] Dovecot with LDA and Sieve

[Eric Shubert]

Hey Max,

How's LDA and Sieve (and managesieve) working out for you?
(I'm a little afraid to ask to be honest ;) )

Thanks for your input.

--
-Eric 'shubes'

On 01/23/2014 12:24 AM, cj yother wrote:


-sh-4.1$ dovecot -n
# 2.0.9: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-431.3.1.el6.x86_64 x86_64 CentOS release 6.5 (Final) ext4
auth_mechanisms = plain login cram-md5
dict {
  quotadict = mysql:/etc/dovecot/dovecot-dict-quota.conf
}
first_valid_gid = 5000
first_valid_uid = 5000
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
lmtp_save_to_detail_mailbox = yes
mail_location = maildir:/home/vpost/%d/%n
mail_max_userip_connections = 20
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character 
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy 
include variables body enotify environment mailbox date
passdb {
  args = /etc/dovecot/dovecot-mysql.conf
  driver = sql
}
plugin {
  acl = vfile:/etc/dovecot/acls
  sieve = ~/dovecot.sieve
  sieve_dir = ~/sieve
  sieve_global_dir = /home/sieve/
  sieve_global_path = /home/sieve/globalfilter.sieve
  sieve_max_script_size = 1M
  trash = /etc/dovecot/trash.conf
}
protocols = imap pop3 lmtp sieve
service auth {
  unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0666
user = postfix
  }
  unix_listener auth-userdb {
group = postfix
mode = 0666
user = postfix
  }
}
service dict {
  unix_listener dict {
group = postfix
mode = 0666
user = postfix
  }
}
service imap-login {
  inet_listener imap {
port = 143
  }
  inet_listener imaps {
port = 993
ssl = yes
  }
}
service imap {
  vsz_limit = 256 M
}
service managesieve-login {
  inet_listener sieve {
port = 4190
  }
  process_min_avail = 0
  service_count = 1
  vsz_limit = 64 M
}
service pop3-login {
  inet_listener pop3 {
port = 110
  }
  inet_listener pop3s {
port = 995
ssl = yes
  }
}
ssl_cert = 
Eric,
This is the output for dovecot -n


# 2.0.17 (684381041dc4+): /etc/dovecot/dovecot.conf
# OS: Linux 2.6.18-164.el5 x86_64 CentOS release 5.8 (Final)
auth_cache_size = 32 M
auth_mechanisms = plain login digest-md5 cram-md5
auth_username_format = %Lu
first_valid_uid = 89
listen = *
log_path = /var/log/dovecot.log
login_greeting = Dovecot toaster ready.
namespace {
  inbox = yes
  location =
  prefix = INBOX.
  separator = .
  type = private
}
passdb {
  args = cache_key=%u webmail=127.0.0.1
  driver = vpopmail
}
plugin {
  quota = maildir
}
protocols = imap pop3
ssl_ca = mailto:e...@shubes.net]
Sent: Wednesday, January 22, 2014 9:22 PM
To: qmailtoaster-list@qmailtoaster.com
Subject: [qmailtoaster] Re: Outlook goes offline in every 10 min

You wouldn't have needed the qmailctl commands, but that's ok.
Please post the results of
# dovecot -n
so we can be sure your settings are correct. That command lists all
non-default configuration values.



--



-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] dovecot pop3 settings

[Eric Shubert]

I noticed that Vivek has:
protocol pop3 {
  pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
  pop3_fast_size_lookups = yes
  pop3_lock_session = yes
  pop3_uidl_format = %f
}

I'm curious about the pop3_uidl_format setting. I don't see where %f is 
documented.


FWIW, the dovecot wiki says that the courierimapuiddb file is compatible 
with dovecot-uidlist. I'm not sure if this relates to pop3 or not though.


Vivek, why are you using this setting?

Thanks.

--
-Eric 'shubes'


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] dovecot-2.0.17-2.qtp.x86_64.rpm

[Aleksander Podsiadły]

I compiled source package, installed it and found that some
modifications should be done:
8<-- dovecot.patch
diff -Naur org/local.conf new/local.conf
--- org/local.conf  2011-03-11 13:26:34.0 +0100
+++ new/local.conf  2013-10-16 18:23:46.0 +0200
@@ -1,7 +1,14 @@
 # Put your local dovecot configuration parameters here.
 
+mail_plugins = $mail_plugins quota
+
 protocol imap {
   imap_client_workarounds = "delay-newmail"
+  mail_plugins = $mail_plugins imap_quota
+}
+
+protocol pop3 {
+  pop3_uidl_format = UID%u-%v
 }
 
 # This namespace can be used for people to dump their spam/ham into.
diff -Naur org/toaster.conf new/toaster.conf
--- org/toaster.conf2011-03-11 21:56:43.0 +0100
+++ new/toaster.conf2013-10-16 18:24:23.0 +0200
@@ -4,13 +4,14 @@
 auth_mechanisms = plain login digest-md5 cram-md5
 auth_username_format = %Lu
 first_valid_uid = 89
+first_valid_gid = 89
 log_path = /var/log/dovecot.log
 login_greeting = Dovecot toaster ready.
 namespace {
   inbox = yes
   location = 
-  prefix = 
-# prefix = INBOX.
+# prefix = 
+  prefix = INBOX.
 # Use 'prefix = INBOX.' for Courier-IMAP compatible transparent
migration.
 # This forces all client apps to create subfolders underneath/within
 # the inbox instead of adjacent to it. It's not necessary to be that
way.
@@ -23,10 +24,14 @@
   driver = vpopmail
 }
 plugin/quota = maildir
-protocols = imap
+protocols = imap pop3 
 ssl_cert = 

Re: [qmailtoaster] Dovecot SSL question

[Dan McAllister]

I don't think your issue is with the Courier, but rather with the folder 
structure.


By default, Outlook wants to copy Drafts and Sent Items to folders on 
the "root" of the IMAP directory -- only QMT places those files /inside 
/the Inbox folder.


   So Outlook is set to put the Sent Items into "/Sent", but the REAL
   location needs to be "Inbox/Sent"

The fix is to tell Outlook the RIGHT place to put the Sent Items -- a 
change that has to be made for each account in Outlook. (Sadly, each 
version of Outlook does this differently, but they ALL allow you to 
change this -- EXCEPT for Outlook 2013, which will find your Sent Items 
for you but will not let you override its self-selected destination. MS 
knows best -- especially when it comes to mail!)


BTW: Assuming your SMTP settings were set correctly, the message went, 
it just wasn't saved in your Sent Items folder...


I hope this helps...

Dan McAllister
QMT DNS/Mirror Admin



On 8/16/2013 1:50 AM, rich...@avits.ca wrote:

Hi all:

I am experiencing issues with Courier IMAP in that Thunderbird takes 
forever to clear "saving copy to sent folder", so I am considering a 
move to Dovecot. Do I need to do anything special with my SSL cert 
after switching over? It is a signed cert setup as per the 
qmailtoaster documentation on certificates.


Thanks,
Richard


Sent from my BlackBerry 10 smartphone on the Bell network.
- 
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com 
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com 



--

PLEASE TAKE NOTE OF OUR NEW ADDRESS
===
IT4SOHO, LLC
33 - 4th Street N, Suite 211
St. Petersburg, FL 33701-3806

CALL TOLL FREE:
  877-IT4SOHO

877-484-7646 Phone
727-647-7646 Local
727-490-4394 Fax

We have support plans for QMail!

Re: [qmailtoaster] Dovecot SSL question

[Peter Peltonen]

Hi,

These are the steps I've taken for using a certificate purchased from my CA
with qmailtoaster/dovecot:

"
cd /var/qmail/control

cat /etc/pki/tls/private/mykey.key > servercert.pem
cat /etc/pki/tls/certs/mycert.crt >> servercert.pem
cat /etc/pki/tls/certs/my_ca_intermediate.crt >> servercert.pem

cd /etc/pki/dovecot/

cat /etc/pki/tls/certs/mycert.crt > certs/dovecotcert.pem
cat /etc/pki/tls/certs/my_ca_intermediate.crt >> certs/dovecotcert.pem

cat /etc/pki/tls/private/mykey.key > private/dovecotkey.pem
"

Then check, that in /etc/dovecot/conf.d/10-ssl.conf you have correct values
for ssl_cert and ssl_key and then you can restart services and you should
be all done.

Best,
Peter


On Fri, Aug 16, 2013 at 8:50 AM,  wrote:

> Hi all:
>
> I am experiencing issues with Courier IMAP in that Thunderbird takes
> forever to clear "saving copy to sent folder", so I am considering a move
> to Dovecot. Do I need to do anything special with my SSL cert after
> switching over? It is a signed cert setup as per the qmailtoaster
> documentation on certificates.
>
> Thanks,
> Richard
>
>
> Sent from my BlackBerry 10 smartphone on the Bell network.
> - To
> unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For
> additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] Dovecot SSL question

[richard]

 Hi all:I am experiencing issues with Courier IMAP in that Thunderbird takes forever to clear "saving copy to sent folder", so I am considering a move to Dovecot. Do I need to do anything special with my SSL cert after switching over? It is a signed cert setup as per the qmailtoaster documentation on certificates.Thanks,RichardSent from my BlackBerry 10 smartphone on the Bell network.

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] dovecot imap limit

[Peter Peltonen]

Hi,

On Fri, May 17, 2013 at 8:42 PM, Jon Myers  wrote:
> "default_process_limit" was set to 100.  So I upped that to 300.  I switched
> to Dovecot on May 12th.  Since then, "grep -i dropped dovecot.log | wc -l"
> shows 20 times.  None (yet) since upping that default to 300 though

What is the actual effect of dropped connections? The client just
tries to reconnect? Have you encountered some problems / user
complaints?

> As for the IDLE, I'm guessing as cell phones roam (especially in and out of
> houses/work, where you have WiFi) the client IP is changing, and then that
> previous imap session just times out.  Pure guess there.

I'd buy that :)

> I'd still like to be running a more recent version of dovecot tho.  Current
> toaster is pushing for 2.0.17, which was released Jan 6th, 2012.  Two minor
> versions have been released since then, which will also accounts for a pile
> of bugfix revisions between.  Maybe I'll just throw it on there and see what
> breaks.  =)  At least the new versions tell me the limits in the error
> message.

I don't remember there being anything special about the qtp dovecot
package except for the custom configuration: if you configure it the
same way I think you should be fine. Try and let us know?

BR,
Peter

>
>
>
> At 10:44 AM 5/17/2013, Peter wrote:
>>
>> Hi,
>>
>>
>> On Thu, May 16, 2013 at 7:02 PM, Jon Myers 
>> wrote:
>> > Since I have switched to dovecot, I'm reaching limits...
>> > May 16 11:28:09 master: Warning: service(imap-login): process_limit
>> > reached,
>> > client connections are being dropped
>> > ps ax | grep dovecot | wc -l
>> > 200
>>
>> What I have currently on one of my servers running Dovecot with 175
>> domains is:
>>
>>   # ps ax | grep dovecot | wc -l
>>   139
>>
>> I think the 100 is just a default limit and in Toaster Dovecot it is
>> higher. Type:
>>
>>   # doveconf -a |less
>>
>> and search for part "service imap". At least what I have there:
>>
>>   process_limit = 1024
>>
>> Searching my logs (starting at the beginning of the year) I can see 15
>> warnings about client connections being dropped. But my users haven't
>> complained and I haven't experienced any problems myself...
>>
>> How many such warnings do you see in your logs?
>>
>>
>> > I'm also seeing alot of:
>> > "Info: Disconnected: Disconnected in IDLE bytes=102/1036"
>> > "Info: Disconnected for inactivity bytes=94/497"
>>
>> I think this is normal behavior and nothing to worry about, I have
>> thousands of those info msgs in my log.
>>
>>
>> > We've got maybe 200 email accounts, which I think is minimal, but we
>> > have
>> > alot of smartphones constantly checking mail.  Still, I dont think we
>> > should
>> > be reaching our limit of 100.  Being that I am seeing inactivity
>> > disconnects
>> > leads me to believe the clients arnt logging out properly.  So does
>> > anyone
>> > have a recommended setting for an idle timeout (if thats user
>> > configurable)?
>>
>> I think your limit should be higher than 100? If your are hitting the
>> limit, it should be just raised.
>>
>> I think long idle times are normal. Reading the RFC:
>>
>> http://tools.ietf.org/html/rfc2177
>>
>> tells that the client should reissue its idle "at least every 29
>> minutes to avoid being logged off". So if a device having a connection
>> for example is suspended, after 29 minutes of inactivity the idle
>> connection is dropped. Of course during this inactivity you see the
>> dovecot process in your list and this is probably why you see more
>> processes than you expect.
>>
>> This is my interpretation of your situation, more experienced Dovecot
>> admins are free to express their views as well :)
>>
>>
>> Regards,
>> Peter
>>
>> -
>> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
>> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>
>
>
> -
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] dovecot imap limit

[Jon Myers]

Peter; Thanks for the insight.  Although doveconf -a showed 
service-imap process limit 1024, and service imap-login shows 
process_limit is 0.  "default_process_limit" was set to 100.  So I 
upped that to 300.  I switched to Dovecot on May 12th.  Since then, 
"grep -i dropped dovecot.log | wc -l" shows 20 times.  None (yet) 
since upping that default to 300 though (yesterday, when I posted to 
the list).  I did have piles of both imap and imap-login, I should 
have counted each though at the time.


As for the IDLE, I'm guessing as cell phones roam (especially in and 
out of houses/work, where you have WiFi) the client IP is changing, 
and then that previous imap session just times out.  Pure guess there.


I'd still like to be running a more recent version of dovecot 
tho.  Current toaster is pushing for 2.0.17, which was released Jan 
6th, 2012.  Two minor versions have been released since then, which 
will also accounts for a pile of bugfix revisions between.  Maybe 
I'll just throw it on there and see what breaks.  =)  At least the 
new versions tell me the limits in the error message.



At 10:44 AM 5/17/2013, Peter wrote:

Hi,


On Thu, May 16, 2013 at 7:02 PM, Jon Myers  wrote:
> Since I have switched to dovecot, I'm reaching limits...
> May 16 11:28:09 master: Warning: service(imap-login): 
process_limit reached,

> client connections are being dropped
> ps ax | grep dovecot | wc -l
> 200

What I have currently on one of my servers running Dovecot with 175 
domains is:


  # ps ax | grep dovecot | wc -l
  139

I think the 100 is just a default limit and in Toaster Dovecot it is
higher. Type:

  # doveconf -a |less

and search for part "service imap". At least what I have there:

  process_limit = 1024

Searching my logs (starting at the beginning of the year) I can see 15
warnings about client connections being dropped. But my users haven't
complained and I haven't experienced any problems myself...

How many such warnings do you see in your logs?


> I'm also seeing alot of:
> "Info: Disconnected: Disconnected in IDLE bytes=102/1036"
> "Info: Disconnected for inactivity bytes=94/497"

I think this is normal behavior and nothing to worry about, I have
thousands of those info msgs in my log.


> We've got maybe 200 email accounts, which I think is minimal, but we have
> alot of smartphones constantly checking mail.  Still, I dont 
think we should
> be reaching our limit of 100.  Being that I am seeing inactivity 
disconnects

> leads me to believe the clients arnt logging out properly.  So does anyone
> have a recommended setting for an idle timeout (if thats user 
configurable)?


I think your limit should be higher than 100? If your are hitting the
limit, it should be just raised.

I think long idle times are normal. Reading the RFC:

http://tools.ietf.org/html/rfc2177

tells that the client should reissue its idle "at least every 29
minutes to avoid being logged off". So if a device having a connection
for example is suspended, after 29 minutes of inactivity the idle
connection is dropped. Of course during this inactivity you see the
dovecot process in your list and this is probably why you see more
processes than you expect.

This is my interpretation of your situation, more experienced Dovecot
admins are free to express their views as well :)


Regards,
Peter

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com



-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] dovecot imap limit

[Peter Peltonen]

Hi,


On Thu, May 16, 2013 at 7:02 PM, Jon Myers  wrote:
> Since I have switched to dovecot, I'm reaching limits...
> May 16 11:28:09 master: Warning: service(imap-login): process_limit reached,
> client connections are being dropped
> ps ax | grep dovecot | wc -l
> 200

What I have currently on one of my servers running Dovecot with 175 domains is:

  # ps ax | grep dovecot | wc -l
  139

I think the 100 is just a default limit and in Toaster Dovecot it is
higher. Type:

  # doveconf -a |less

and search for part "service imap". At least what I have there:

  process_limit = 1024

Searching my logs (starting at the beginning of the year) I can see 15
warnings about client connections being dropped. But my users haven't
complained and I haven't experienced any problems myself...

How many such warnings do you see in your logs?


> I'm also seeing alot of:
> "Info: Disconnected: Disconnected in IDLE bytes=102/1036"
> "Info: Disconnected for inactivity bytes=94/497"

I think this is normal behavior and nothing to worry about, I have
thousands of those info msgs in my log.


> We've got maybe 200 email accounts, which I think is minimal, but we have
> alot of smartphones constantly checking mail.  Still, I dont think we should
> be reaching our limit of 100.  Being that I am seeing inactivity disconnects
> leads me to believe the clients arnt logging out properly.  So does anyone
> have a recommended setting for an idle timeout (if thats user configurable)?

I think your limit should be higher than 100? If your are hitting the
limit, it should be just raised.

I think long idle times are normal. Reading the RFC:

http://tools.ietf.org/html/rfc2177

tells that the client should reissue its idle "at least every 29
minutes to avoid being logged off". So if a device having a connection
for example is suspended, after 29 minutes of inactivity the idle
connection is dropped. Of course during this inactivity you see the
dovecot process in your list and this is probably why you see more
processes than you expect.

This is my interpretation of your situation, more experienced Dovecot
admins are free to express their views as well :)


Regards,
Peter

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] dovecot imap limit

[Jon Myers]

Since I have switched to dovecot, I'm reaching limits...
May 16 11:28:09 master: Warning: service(imap-login): process_limit 
reached, client connections are being dropped

ps ax | grep dovecot | wc -l
200
(I was seeing a mix of imap and imap-login in the ps list)
doveconf reports default_client_limit=1000 and default_process_limit=100
I'm also seeing alot of:
"Info: Disconnected: Disconnected in IDLE bytes=102/1036"
"Info: Disconnected for inactivity bytes=94/497"

So, this raises a few points/questions.
First, I installed dovecot via instructions at 
http://wiki.qmailtoaster.com/index.php/Replacing_Courier_IMAP_with_Dovecot_IMAP
which put me at 2.0.17.  However, when researching the default 
limits, I found that a changeset mentioned in Janurary of 2012 shows 
the limit of connections right in the logfile when it reports that error.
So.  Had anyone tested the 2.1.x branch of dovecot with 
mailtoaster?  I realize that most everyone is still using 
courier...  Furthermore, 2.2.1 has already been released.  Has anyone 
tried THAT?


We've got maybe 200 email accounts, which I think is minimal, but we 
have alot of smartphones constantly checking mail.  Still, I dont 
think we should be reaching our limit of 100.  Being that I am seeing 
inactivity disconnects leads me to believe the clients arnt logging 
out properly.  So does anyone have a recommended setting for an idle 
timeout (if thats user configurable)?



-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Dovecot and Squirrelmail Quota Check or Quota Usage Display

[Aleksander Podsiadły]

Dnia 2012-10-08, pon o godzinie 21:41 +0800, Edwin Casimero pisze:
> The downside is that the built in quota usage display no longer works.

Check this config patch:
8<-- dovecot_config-1.2.16.patch 
--- dovecot.conf2011-02-02 19:24:52.0 +0100
+++ dovecot.conf.org2011-01-25 17:34:52.0 +0100
@@ -238,17 +238,15 @@
 # explicitly, ie. mail_location does nothing unless you have a namespace
 # without a location setting. Default namespace is simply done by having a
 # namespace with empty prefix.
-namespace private {
+#namespace private {
# Hierarchy separator to use. You should use the same separator for all
# namespaces or some clients get confused. '/' is usually a good one.
# The default however depends on the underlying mail storage format.
#separator = 
-   separator = .
 
# Prefix required to access this namespace. This needs to be different for
# all namespaces. For example "Public/".
#prefix = 
-   prefix = INBOX.
 
# Physical location of the mailbox. This is in same format as
# mail_location, which is also the default for it.
@@ -257,7 +255,6 @@
# There can be only one INBOX, and this setting defines which namespace
# has it.
#inbox = no
-   inbox = yes
 
# If namespace is hidden, it's not advertised to clients via NAMESPACE
# extension. You'll most likely also want to set list=no. This is mostly
@@ -274,7 +271,7 @@
# Namespace handles its own subscriptions. If set to "no", the parent
# namespace handles them (empty prefix should always have this as "yes")
#subscriptions = yes
-}
+#}
 
 # Example shared namespace configuration
 #namespace shared {
@@ -301,8 +298,6 @@
 # or names. 
 #mail_uid =
 #mail_gid =
-mail_uid = 89
-mail_gid = 89
 
 # Group to enable temporarily for privileged operations. Currently this is
 # used only with INBOX when either its initial creation or dotlocking fails.
@@ -382,8 +377,6 @@
 # be done even if first_valid_uid is set to 0.
 #first_valid_uid = 500
 #last_valid_uid = 0
-first_valid_uid = 89
-last_valid_uid = 89
 
 # Valid GID range for users, defaults to non-root/wheel. Users having
 # non-valid GID as primary group ID aren't allowed to log in. If user
@@ -391,8 +384,6 @@
 # not set.
 #first_valid_gid = 1
 #last_valid_gid = 0
-first_valid_gid = 89
-last_valid_gid = 89
 
 # Maximum number of running mail processes. When this limit is reached,
 # new users aren't allowed to log in.
@@ -572,8 +563,8 @@
 
   # Support for dynamically loadable plugins. mail_plugins is a space separated
   # list of plugins to load.
-  mail_plugins = quota imap_quota trash
-  mail_plugin_dir = /usr/lib64/dovecot/imap
+  #mail_plugins = 
+  #mail_plugin_dir = /usr/lib/dovecot/imap
 
   # IMAP logout format string:
   #  %i - total number of bytes read from client
@@ -690,8 +681,8 @@
 
   # Support for dynamically loadable plugins. mail_plugins is a space separated
   # list of plugins to load.
-  mail_plugins = quota
-  mail_plugin_dir = /usr/lib64/dovecot/pop3
+  #mail_plugins = 
+  #mail_plugin_dir = /usr/lib/dovecot/pop3
 
   # Workarounds for various client bugs:
   #   outlook-no-nuls:
@@ -917,7 +908,7 @@
   # database (passwd usually), you can use static userdb.
   # REMEMBER: You'll need /etc/pam.d/dovecot file created for PAM
   # authentication to actually work. 
-  #passdb pam {
+  passdb pam {
 # [session=yes] [setcred=yes] [failure_show_msg=yes] [max_requests=]
 # [cache_key=] []
 #
@@ -950,7 +941,7 @@
 #   args = session=yes %Ls
 #   args = cache_key=%u dovecot
 #args = dovecot
-  #}
+  }
 
   # System users (NSS, /etc/passwd, or similiar)
   # In many systems nowadays this uses Name Service Switch, which is
@@ -1004,13 +995,12 @@
   #}
 
   # vpopmail authentication 
-  passdb vpopmail {
+  #passdb vpopmail {
 # [cache_key=] - See cache_key in PAM for explanation.
 # [quota_template=] - %q expands to Maildir++ quota
 #   (eg. quota_template=quota_rule=*:backend=%q)
 #args =
-args = webmail=127.0.0.1
-  }
+  #}
 
   #
   # User database specifies where mails are located and what user/group IDs
@@ -1083,9 +1073,8 @@
   #}
 
   # vpopmail 
-  userdb vpopmail {
-#args = quota_template=quota_rule=*:backend=%q
-  }
+  #userdb vpopmail {
+  #}
 
   # User to use for the process. This user needs access to only user and
   # password databases, nothing else. Only shadow and pam authentication
@@ -1101,7 +1090,7 @@
   #chroot = 
 
   # Number of authentication processes to create
-  count = 1
+  #count = 1
 
   # Require a valid SSL client certificate or the authentication fails.
   #ssl_require_client_cert = no
@@ -1201,8 +1190,7 @@
   # Note that % needs to be escaped as %%, otherwise "% " expands to empty.
   #   quota_warning = storage=95%% /usr/local/bin/quota-warning.sh 95
   #   quota_warning2 = storage=80%% /usr/local/bin/quota-warning.sh 80
-  quota = maildir:ignore=Trash
-  quota_rule = ?:storage=0
+  #quota = maildir
 
   # ACL plugin. vfi

[qmailtoaster] Dovecot and Squirrelmail Quota Check or Quota Usage Display

[Edwin Casimero]

Hi Everyone,

I upgraded from courier imap to dovecot imap.

The downside is that the built in quota usage display no longer works.

I tried installing the squirrelmail plugin quota check and it does not 
work as well.


So now I'm stuck with users having to go to qmailadmin to check their 
quota / MB consumption.


What am I missing?

Which squirrelmail plugin works to show quotas / disk space consumption?

Thanks in Advance.

Edwin


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] Dovecot Issue

[Domnick Eger]

I noticed every 24 hours, dovecot doesn't allow some users to login, I have to 
manually restart the service. Ive checked the Dovecot Logs and I get Jul 19 
05:17:04 imap-login: Info: Disconnected (tried to use disabled plaintext auth), 
but I have enabled plain text auth. As soon as I restart everyone back to 
normal again.

[qmailtoaster] upgrade qmailtoaster dovecot

[Rajesh M]

hi

centos 5
qmailtoaster

i had installed dovecot 1.2 using the dovecot-1.2.11-3_108.src.rpm

now i wish to upgrade the same to version 2 from qtp repository

should i remove the existing dovecot and then install version 2 or
directly upgrade the same -- if so what is the command.

i read the instructions in this link but it does not explicitly mention
whether it is for upgrading from dovecot 1.2 to 2

http://wiki.qmailtoaster.com/index.php/Replacing_Courier_IMAP_with_Dovecot_IMAP

can you please give me a few steps for this upgrade please.

thanks and regards,

rajesh





-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.
 
  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] dovecot installation questions

[Finn Buhelt]

Hi Rajesh.

Just wonder if You managed to fix this issue ? I have same error 
installing on a testsystem


Regards,
Finn B

Den 23-01-2012 16:38, Rajesh M skrev:

hi

i installed dovecot version 1 on one of my qmailtoaster boxes a few months
ago and it worked successfully.

now i have a new box and tried to install dovecot version 2 using
qmailtoaster rpm

http://wiki.qmailtoaster.com/index.php/Replacing_Courier_IMAP_with_Dovecot_IMAP

i followed the instructions as per the above but with default installation
i am a quite confused because there are so many config files

the config files are all different and i am not sure which options to use

i am getting error as such

telnet xxx.xxx.xxx.xxx 143 or port 110 gives error as below
[root@ns1 conf.d]# tail -f /var/log/dovecot.log
Jan 23 20:57:38 auth: Fatal: vpopmail: vauth_open() failed
Jan 23 20:57:38 master: Error: service(auth): command startup failed,
throttling

my questions

1) is there some place to get detailed instructions on the installation or
if anybody is already using the standard installation successfully then
can you please post your config file and installation instructions

2) how better is dovecot pop3 and pop3 compared to normal pop3 of
qmailtoaster, are there any known issues ?

my qmail pop3 is working quite nicely but if dovecot is better then i
could try that.

thanks for all your help.

rajesh






-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
 Vickers Consulting Group offers Qmailtoaster support and installations.
   If you need professional help with your setup, contact them today!
-
  Please visit qmailtoaster.com for the latest news, updates, and packages.

   To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
  For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com





-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
   Vickers Consulting Group offers Qmailtoaster support and installations.
 If you need professional help with your setup, contact them today!
-
Please visit qmailtoaster.com for the latest news, updates, and packages.

 To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com

For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] Dovecot 2.0.17

[Eric Shubert]

Rpms (i386 and x86_64 and source) for Dovecot 2.0.17 (current stable 
version) are available in the qtp repository for COS5.


NOTE: THESE HAVE NOT YET BEEN TESTED ON QMT. PLEASE READ RELEASE NOTES 
ON THE DOVECOT SITE THAT PERTAIN TO YOUR SITUATION BEFORE USING.


I've built them, and installed/upgraded them on test machines, but 
that's it so far. If someone can do some testing with them, we'd all be 
grateful.


To upgrade from a previous 2.0.x qtp release, simply:
# yum --enablerepo=qtp-CentOS update dovecot
That's all you should need to do. (Distro-specific repos are not enabled 
by default.)


If you're interested in giving dovecot a try, you can install it with 
yum in a similar fashion. Please follow the instructions on the wiki 
though, as there are several things you need to do when converting from 
courier.


Thanks for your participation.

--
-Eric 'shubes'


-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
   Vickers Consulting Group offers Qmailtoaster support and installations.
 If you need professional help with your setup, contact them today!
-
Please visit qmailtoaster.com for the latest news, updates, and packages.

 To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com

For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] Dovecot 2.0.x trouble

[Martin Waschbüsch]

Hi all,

in case anyone uses dovecot 2.0.16, the errata for the latest (2.0.17) say:

http://dovecot.org/releases/2.0/dovecot-2.0.17.tar.gz
http://dovecot.org/releases/2.0/dovecot-2.0.17.tar.gz.sig


Among other changes:

+ Proxying now supports sending SSL client certificate to server with
  ssl_client_cert/key settings.
+ doveadm dump: Added support for dumping dbox headers/metadata.
- Fixed memory leaks in login processes with SSL connections
- vpopmail support was broken in v2.0.16


Seeing as the last line concerns all of us - please update if you have any 
trouble!

Martin

signature.asc
Description: Message signed with OpenPGP using GPGMail

Re: [qmailtoaster] dovecot installation questions

[Peter Peltonen]

Hi,

On Mon, Jan 23, 2012 at 5:38 PM, Rajesh M <24x7ser...@24x7server.net> wrote:
> now i have a new box and tried to install dovecot version 2 using
> qmailtoaster rpm
>
> http://wiki.qmailtoaster.com/index.php/Replacing_Courier_IMAP_with_Dovecot_IMAP

So what you have installed is dovecot-2.0.11-2.qtp ?

>
> i followed the instructions as per the above but with default installation
> i am a quite confused because there are so many config files
>
> the config files are all different and i am not sure which options to use

What config files you are unsure about? The ones you should be looking at are:

/etc/dovecot/toaster.conf
/etc/dovecot/local.conf

as those are the ones that the main config file /etc/dovecot/dovecot.conf loads

The ones in conf.d directory are just examples/defaults.

The defaults should work fine though? The only change I've done personally is:

#auth_mechanisms = plain login digest-md5 cram-md5
auth_mechanisms = plain login digest-md5

--> I disabled cram-md5 auth as Horde Imp was having problems with that.

The defaults work quite good for me

>
> i am getting error as such
>
> telnet xxx.xxx.xxx.xxx 143 or port 110 gives error as below
> [root@ns1 conf.d]# tail -f /var/log/dovecot.log
> Jan 23 20:57:38 auth: Fatal: vpopmail: vauth_open() failed
> Jan 23 20:57:38 master: Error: service(auth): command startup failed,
> throttling

Everything worked fine before dovecot installation? You have standard
setup using vpopmail + mysql? Is your database running? You haven't
touched dovecot's toaster.conf and it is loaded?

I don't know much, but it sounds to me that vpopmail cannot
authenticate the user properly for some reason.

> my questions
>
> 1) is there some place to get detailed instructions on the installation or
> if anybody is already using the standard installation successfully then
> can you please post your config file and installation instructions

AFAIK using the default configs from the qmt rpm everything should "just work"?


> 2) how better is dovecot pop3 and pop3 compared to normal pop3 of
> qmailtoaster, are there any known issues ?

Not using pop3 that much, so can't help here.


> my qmail pop3 is working quite nicely but if dovecot is better then i
> could try that.

If you don't have ny problems with it, then I would leave the setup as it is.


Best,
Peter

-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.
 
  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] dovecot installation questions

[Rajesh M]

hi

i installed dovecot version 1 on one of my qmailtoaster boxes a few months
ago and it worked successfully.

now i have a new box and tried to install dovecot version 2 using
qmailtoaster rpm

http://wiki.qmailtoaster.com/index.php/Replacing_Courier_IMAP_with_Dovecot_IMAP

i followed the instructions as per the above but with default installation
i am a quite confused because there are so many config files

the config files are all different and i am not sure which options to use

i am getting error as such

telnet xxx.xxx.xxx.xxx 143 or port 110 gives error as below
[root@ns1 conf.d]# tail -f /var/log/dovecot.log
Jan 23 20:57:38 auth: Fatal: vpopmail: vauth_open() failed
Jan 23 20:57:38 master: Error: service(auth): command startup failed,
throttling

my questions

1) is there some place to get detailed instructions on the installation or
if anybody is already using the standard installation successfully then
can you please post your config file and installation instructions

2) how better is dovecot pop3 and pop3 compared to normal pop3 of
qmailtoaster, are there any known issues ?

my qmail pop3 is working quite nicely but if dovecot is better then i
could try that.

thanks for all your help.

rajesh






-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.
 
  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] dovecot

[mattias]

i tried to install dovecot for qmail toaster on a centos 4 server
i not find it
i have the qmailtoaster-plus repo installed