Re: [Dovecot] Released Sieve v0.1.11 and ManageSieve v0.11.8 for Dovecot v1.2.3

2009-08-10 Thread Michal Hlavinka
Hello Dovecot users, Hi, Apart from unfinished development of the date extension, this is a set of bug-fix releases. A few portability issues were found, a few stupidities were fixed and the ManageSieve proxy now also works with TLS. Most notably, the include extension had an issue

[Dovecot] how secure is Dovecot when exposed to the Internet?

2009-08-10 Thread Florin Andrei
$ dovecot -n # 1.1.11: /etc/dovecot/dovecot.conf # OS: Linux 2.6.28-11-server x86_64 Ubuntu 9.04 protocols: imap imaps managesieve I need to make an IMAP (actually imaps) server available over the Internet. Unfortunately, VPN is not available (not all clients support VPN), so I will have to

Re: [Dovecot] how secure is Dovecot when exposed to the Internet?

2009-08-10 Thread Timo Sirainen
On Aug 10, 2009, at 2:55 AM, Florin Andrei wrote: My question is: how reliable is Dovecot in such a setup? I am not talking about encryption (protecting the traffic between server and client). I am talking about having the daemon exposed to anything coming in from the Internet, buffer

Re: [Dovecot] how secure is Dovecot when exposed to the Internet?

2009-08-10 Thread Florin Andrei
Timo Sirainen wrote: http://dovecot.org/security.html OK, that's pretty convincing. Thanks. -- Florin Andrei http://florin.myip.org/

Re: [Dovecot] Released Sieve v0.1.11 and ManageSieve v0.11.8 for Dovecot v1.2.3

2009-08-10 Thread Wolfgang . Friebel
On Mon, 10 Aug 2009, Michal Hlavinka wrote: build process for Sieve fails when --with-unfinished-features option is set: ... make[2]: Entering directory `/home/mihl/myroot/job/cvsf/dovecot/devel/dovecot-1.2.3/dovecot-1.2- sieve-0.1.11' make[2]: *** No rule to make target

Re: [Dovecot] More effective mailbox fetching over high RTT link

2009-08-10 Thread Andrzej Adam Filip
Timo Sirainen t...@iki.fi wrote: On Sun, 2009-08-09 at 22:20 +0200, Andrzej Adam Filip wrote: Could you offer some suggestion how to fetch mailbox content over high RTT link (with negligible packet loss)? Currently I use IMAP+IDLE *but* it fails to use full available bandwidth due to high

Re: [Dovecot] virtual plugin and ACL

2009-08-10 Thread Nikita Koshikov
On Fri, 07 Aug 2009 15:23:32 -0400 Timo Sirainen t...@iki.fi wrote: That's because in private namespaces user owns the mails, and authenticated doesn't reduce the user's privileges. You could use owner instead. Also I don't think you should use ACLs at all here. It's easier and more secure

[Dovecot] inconsistency with expire-tool and expire dict

2009-08-10 Thread LEVAI Daniel
Hi! Here is the problem: passdb: daniell:*::user=daniell2 userdb: daniell2::uid:gid:gecos:home:: dovecot.conf: plugin { expire = SA.* 1 # (There are SA.HAM and SA.SPAM directories) } When copying a message to eg. the SA.HAM directory, then dovecot inserts this into my expires table:

Re: [Dovecot] Released Sieve v0.1.11 and ManageSieve v0.11.8 for Dovecot v1.2.3

2009-08-10 Thread Stephan Bosch
Michal Hlavinka wrote: Hello Dovecot users, Hi, Have fun testing the new releases and don't hesitate to notify me when there are problems. build process for Sieve fails when --with-unfinished-features option is set: ... make[2]: Entering directory

Re: [Dovecot] Listing shared mailboxes with a domainpart

2009-08-10 Thread Mathias Tausig
Hy! Am Freitag, den 07.08.2009, 14:13 -0400 schrieb Timo Sirainen: On Fri, 2009-08-07 at 13:29 +0200, Mathias Tausig wrote: I am currently configuring a new mailserver using postfix and dovecot 1.2.1. The filesystem strucutre in my spool directory is user1/ user2/ domain/info/

Re: [Dovecot] Mail not begin processed

2009-08-10 Thread André Labuschagné
Thank you for the response postconf -n: alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 header_checks =

Re: [Dovecot] GSSAPI Authentication in v1.2.1

2009-08-10 Thread Angel Marin
Phillip Macey wrote: In the release notes for v1.2.2, Timo said: Found and fixes several v1.2-specific bugs. Hopefully it's now stable for most people's usage. * GSSAPI: More changes to authentication. Hopefully good now. What were the GSSAPI changes? I am having problems with _some_

Re: [Dovecot] sieve vacation response

2009-08-10 Thread Steffen Kaiser
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 7 Aug 2009, Timo Sirainen wrote: On Fri, 2009-08-07 at 20:26 +0200, Jure Pečar wrote: On Fri, 07 Aug 2009 13:57:57 -0400 Timo Sirainen t...@iki.fi wrote: Currently, you need to add all allowed aliases to the :addresses argument of the

[Dovecot] getmail and Dovecot LDA deliver

2009-08-10 Thread spacejam
Hello, my first post in this list. Hope it's the right place.:-) I'm having a problem running getmail together with Dovecot LDA for virtual users. To achive this I let getmail run under the user that owns the virtual email accounts-root. The problem is that getmail is running under the user

Re: [Dovecot] getmail and Dovecot LDA deliver

2009-08-10 Thread Timo Sirainen
On Aug 10, 2009, at 4:50 AM, spacejam wrote: My question is: How do I let deliver know that it should use a virtual user? I tried with the -d agrument in my getmail rc File, but deliver never accepts the parameter -d (always says unknown parameter -d). Either you're using some really

Re: [Dovecot] getmail and Dovecot LDA deliver

2009-08-10 Thread spacejam
Timo Sirainen wrote: On Aug 10, 2009, at 4:50 AM, spacejam wrote: My question is: How do I let deliver know that it should use a virtual user? I tried with the -d agrument in my getmail rc File, but deliver never accepts the parameter -d (always says unknown parameter -d). Either

Re: [Dovecot] Mail archive

2009-08-10 Thread Robert Schetterer
ferna...@dfcom.com.br schrieb: Hi, I´m using dovecot at our storages, accounts is distributed among many storages (not entire domain), all of them with compression (when message 30Kb), nightly crontab script. Even though compression and many storages, we always have problems with disk

Re: [Dovecot] Mail archive

2009-08-10 Thread fernando
I would like 'some process' to store old mails at a cheap storage. I know how to do it with symlinks, but I don´t know if it is the best option. So, I´m asking if dovecot improves it somehow. Fernando fernando at dfcom.com.br schrieb: Hi, I´m using dovecot at our storages, accounts is

Re: [Dovecot] Mail archive

2009-08-10 Thread Robert Schetterer
ferna...@dfcom.com.br schrieb: I would like 'some process' to store old mails at a cheap storage. I know how to do it with symlinks, but I don´t know if it is the best option. So, I´m asking if dovecot improves it somehow. have you read ? http://wiki.dovecot.org/Plugins/Expire Alternative

Re: [Dovecot] expire plugin no delete 1.2.1 / 1.2.2 / 1.2.3

2009-08-10 Thread Robert Schetterer
Robert Schetterer schrieb: Timo Sirainen schrieb: On Tue, 2009-08-04 at 10:22 +0200, Robert Schetterer wrote: Info: maildir: data=/usr/local/virtual//root/:CONTROL=/usr/local/virtual//root/:INDEX=/usr/local/virtual//root/:INBOX=/usr/local/virtual//root/ Oh, right, this is the problem. You

Re: [Dovecot] expire plugin no delete 1.2.1 / 1.2.2 / 1.2.3

2009-08-10 Thread Timo Sirainen
On Aug 10, 2009, at 11:17 AM, Robert Schetterer wrote: Info: maildir: data=/usr/local/virtual//root/:CONTROL=/usr/local/virtual// root/:INDEX=/usr/local/virtual//root/:INBOX=/usr/local/virtual// root/ .. setting mail_location = maildir:~/ does not change anything mail is still not deleted,

Re: [Dovecot] rename() non-atomic on HFS? (was: Dovecot-1.1.15 panics)

2009-08-10 Thread Timo Sirainen
On Aug 10, 2009, at 8:59 AM, Edgar Fuß wrote: [...] mv foo.tmp foo [...] [...] So, apparently HFS+'s rename() isn't really atomic after all.. Are you sure OS X's mv(1) simply calls rename(2)? Maybe some magic in mv(1) for ._xxx resource forks or directory hardlinks? I also wrote a C

Re: [Dovecot] getmail and Dovecot LDA deliver

2009-08-10 Thread spacejam
Robert Schetterer wrote: just as an idea it may work using postfix sendmail [destination] type = MDA_external path = /path/to/sendmail ( parameters ) That was the idea. First I tried to use getmail_fetch which allows to specify a virtual username on the command line. It received

[Dovecot] v2.0 configuration parsing

2009-08-10 Thread Timo Sirainen
I'm trying to figure out how exactly v2.0 should be parsing configuration files. The most annoying part is if it should always just use whatever comes first in config or try some kind of a use most specific rule. The most specific kind of makes more sense initially, but then you start wondering

Re: [Dovecot] v2.0 configuration parsing

2009-08-10 Thread Michael Orlitzky
Timo Sirainen wrote: I'm trying to figure out how exactly v2.0 should be parsing configuration files. The most annoying part is if it should always just use whatever comes first in config or try some kind of a use most specific rule. The most specific kind of makes more sense initially, but then

Re: [Dovecot] v2.0 configuration parsing

2009-08-10 Thread Joseph Yee
Hi Timo, What's your thought on the 'precedence order' (hope it make sense), on protocol, remote_ip, local_ip? From your sample 1, it would read equals (to most technical people) to protocol imap { remote_ip 192.168.0.0/16 { foo = foo } } protocol ALL

Re: [Dovecot] v2.0 configuration parsing

2009-08-10 Thread Aria Stewart
On Aug 10, 2009, at 11:57 AM, Timo Sirainen wrote: I'm trying to figure out how exactly v2.0 should be parsing configuration files. The most annoying part is if it should always just use whatever comes first in config or try some kind of a use most specific rule. The most specific kind of

Re: [Dovecot] More effective mailbox fetching over high RTT link

2009-08-10 Thread Ben Winslow
On Sun, 09 Aug 2009 22:20:41 +0200 Andrzej Adam Filip andrzej.fi...@gmail.com wrote: Could you offer some suggestion how to fetch mailbox content over high RTT link (with negligible packet loss)? Currently I use IMAP+IDLE *but* it fails to use full available bandwidth due to high RTT and

Re: [Dovecot] v2.0 configuration parsing

2009-08-10 Thread Felix Schueren
Timo Sirainen wrote: I'm trying to figure out how exactly v2.0 should be parsing configuration files. The most annoying part is if it should always just use whatever comes first in config or try some kind of a use most specific rule. The most specific kind of makes more sense initially, but

Re: [Dovecot] v2.0 configuration parsing

2009-08-10 Thread Timo Sirainen
On Mon, 2009-08-10 at 14:33 -0400, Joseph Yee wrote: Hi Timo, What's your thought on the 'precedence order' (hope it make sense), on protocol, remote_ip, local_ip? I'm not sure if there is one. Sample 2 is tough, that's why I asked what's your thought on precedence order.

Re: [Dovecot] v2.0 configuration parsing

2009-08-10 Thread Timo Sirainen
On Mon, 2009-08-10 at 20:47 +0200, Felix Schueren wrote: make it protocols { imap { remote_ip x/16 { foo = foo } } all { remote_ip x/24 { foo = bar } } } That's just a syntax change. The question is still about if it should match the first one or

Re: [Dovecot] v2.0 configuration parsing

2009-08-10 Thread Daniel L. Miller
Timo Sirainen wrote: On Mon, 2009-08-10 at 20:47 +0200, Felix Schueren wrote: make it protocols { imap { remote_ip x/16 { foo = foo } } all { remote_ip x/24 { foo = bar } } } That's just a syntax change. The question is still about if it should

Re: [Dovecot] v2.0 configuration parsing

2009-08-10 Thread Timo Sirainen
On Mon, 2009-08-10 at 12:09 -0700, Daniel L. Miller wrote: If at all possible, I would much rather see an error thrown than choosing which one to accept. To me, having Dovecot tolerate broken configurations is less desirable than giving clear feedback for the user to fix it. Anything

Re: [Dovecot] v2.0 configuration parsing

2009-08-10 Thread Daniel L. Miller
Timo Sirainen wrote: On Mon, 2009-08-10 at 12:09 -0700, Daniel L. Miller wrote: If at all possible, I would much rather see an error thrown than choosing which one to accept. To me, having Dovecot tolerate broken configurations is less desirable than giving clear feedback for the user

Re: [Dovecot] More effective mailbox fetching over high RTT link

2009-08-10 Thread Andrzej Adam Filip
Ben Winslow r...@bluecherry.net wrote: On Sun, 09 Aug 2009 22:20:41 +0200 Andrzej Adam Filip andrzej.fi...@gmail.com wrote: Could you offer some suggestion how to fetch mailbox content over high RTT link (with negligible packet loss)? Currently I use IMAP+IDLE *but* it fails to use full

Re: [Dovecot] v2.0 configuration parsing

2009-08-10 Thread Charles Marcus
On 8/10/2009, Timo Sirainen (t...@iki.fi) wrote: Yeah, I'm beginning to think something like this would be good, with perhaps some restrictions in how the configuration blocks could be used. But is it better to use the first or the last match? For a filter (like a firewall), it makes sense to

Re: [Dovecot] v2.0 configuration parsing

2009-08-10 Thread Charles Marcus
On 8/10/2009, Michael Orlitzky (mich...@orlitzky.com) wrote: It's easy to explain, easy to implement, and easy to debug. Ultimately, the users are going to have to understand how it works in order to configure Dovecot properly. Put the most general rules first, and then override them is a

Re: [Dovecot] expire plugin no delete 1.2.1 / 1.2.2 / 1.2.3

2009-08-10 Thread Robert Schetterer
Timo Sirainen schrieb: On Mon, 2009-08-10 at 20:04 +0200, Robert Schetterer wrote: as far i remember there was root .. yes of course i am having variables in namespaces i think i need them for my setup expire-tool is currently incompatible with variables anywhere. v2.0 fixes this, but with

Re: [Dovecot] v2.0 configuration parsing

2009-08-10 Thread Charles Marcus
On 8/10/2009, Charles Marcus (cmar...@media-brokers.com) wrote: One thing I'd like is to sort the simple one line foo = bar settings first (before the blocks) - in alphabetcial order. Of course, I meant with respect to doveconf -n output... or did you decide yet on the new command(s)? --

Re: [Dovecot] v2.0 configuration parsing

2009-08-10 Thread Felix Schueren
Daniel L. Miller wrote: Timo Sirainen wrote: On Mon, 2009-08-10 at 12:09 -0700, Daniel L. Miller wrote: If at all possible, I would much rather see an error thrown than choosing which one to accept. To me, having Dovecot tolerate broken configurations is less desirable than giving

Re: [Dovecot] Scalability plans: Abstract out filesystem and make it someone else's problem

2009-08-10 Thread Seth Mattinen
Timo Sirainen wrote: This is something I figured out a few months ago, mainly because this one guy at work (hi, Stu) kept telling me my multi-master replication plan sucked and we should use some existing scalable database. (I guess it didn't go exactly like that, but that's the result anyway.)

Re: [Dovecot] Scalability plans: Abstract out filesystem and make it someone else's problem

2009-08-10 Thread Timo Sirainen
On Mon, 2009-08-10 at 14:33 -0700, Seth Mattinen wrote: Timo Sirainen wrote: This is something I figured out a few months ago, mainly because this one guy at work (hi, Stu) kept telling me my multi-master replication plan sucked and we should use some existing scalable database. (I guess

Re: [Dovecot] v2.0 configuration parsing

2009-08-10 Thread Timo Sirainen
On Mon, 2009-08-10 at 13:57 -0400, Timo Sirainen wrote: I'm trying to figure out how exactly v2.0 should be parsing configuration files. The most annoying part is if it should always just use whatever comes first in config or try some kind of a use most specific rule. I think it's possible

Re: [Dovecot] v2.0 configuration parsing

2009-08-10 Thread Noel Butler
On Mon, 2009-08-10 at 17:59 -0400, Timo Sirainen wrote: (I'm also wondering about if it should be the first rule. Somehow to me I think first rule match is best approach, as someone else pointed out, its how many things that most people here would work with daily work, be it a server daemon

Re: [Dovecot] v2.0 configuration parsing

2009-08-10 Thread Timo Sirainen
On Tue, 2009-08-11 at 09:20 +1000, Noel Butler wrote: On Mon, 2009-08-10 at 17:59 -0400, Timo Sirainen wrote: (I'm also wondering about if it should be the first rule. Somehow to me I think first rule match is best approach, as someone else pointed out, its how many things that

Re: [Dovecot] v2.0 configuration parsing

2009-08-10 Thread Noel Butler
On Mon, 2009-08-10 at 19:28 -0400, Timo Sirainen wrote: On Tue, 2009-08-11 at 09:20 +1000, Noel Butler wrote: On Mon, 2009-08-10 at 17:59 -0400, Timo Sirainen wrote: (I'm also wondering about if it should be the first rule. Somehow to me I think first rule match is best

[Dovecot] QUOTA not appearing in CAPA

2009-08-10 Thread Tim Traver
Hi, ok, I've compiled it a few times, and made sure all of my settings are correct, but the QUOTA is not appearing in the opening CAPA that comes with the greeting. I have it configured in the dovecot.conf like so: protocol imap { mail_plugins = quota imap_quota } and I can see when

Re: [Dovecot] QUOTA not appearing in CAPA

2009-08-10 Thread Timo Sirainen
On Mon, 2009-08-10 at 17:43 -0700, Tim Traver wrote: when I log into the IMAP port, I get the following greeting : * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready. So it seems there is no QUOTA support for the IMAP server

Re: [Dovecot] QUOTA not appearing in CAPA

2009-08-10 Thread Tim Traver
Timo, ok, upon further examination, I found that a later CAPABILITY command did indeed return QUOTA in its line... But I also looked in the code to find out what happens when a command is sent to get the quota like this : QUOT1 GETQUOTAROOT INBOX and I get the following back : * QUOTAROOT

Re: [Dovecot] QUOTA not appearing in CAPA

2009-08-10 Thread Timo Sirainen
On Mon, 2009-08-10 at 18:01 -0700, Tim Traver wrote: and I get the following back : * QUOTAROOT INBOX QUOT1 OK Getquotaroot completed. But I don't see a quota value in there anywhere. That means you either have unlimited quota or you don't have quota configured at all. Have you set up quota

[Dovecot] sieve/managesieve and spam filtering

2009-08-10 Thread Charles Sprickman
Hello all, I've got a test environment setup in preparation for a move from qmail/vpopmail/courier to postfix/padmin/dovecot. I have a number of questions that seem to span multiple pieces of software, and this is one of them... Our policy with spam filtering is that a user should be able

Re: [Dovecot] v2.0 configuration parsing

2009-08-10 Thread Patrick Nagel
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I completely agree with Michael's opinion. Patrick. On 2009-08-11 02:22, Michael Orlitzky wrote: Timo Sirainen wrote: I'm trying to figure out how exactly v2.0 should be parsing configuration files. The most annoying part is if it should always

Re: [Dovecot] Scalability plans: Abstract out filesystem and make it someone else's problem

2009-08-10 Thread Seth Mattinen
Timo Sirainen wrote: On Mon, 2009-08-10 at 14:33 -0700, Seth Mattinen wrote: Timo Sirainen wrote: This is something I figured out a few months ago, mainly because this one guy at work (hi, Stu) kept telling me my multi-master replication plan sucked and we should use some existing scalable

Re: [Dovecot] Scalability plans: Abstract out filesystem and make it someone else's problem

2009-08-10 Thread Curtis Maloney
Seth Mattinen wrote: Ick, some people (myself included) hate the idea of storing mail in a database versus simple and almost impossible to screw up plain text files of maildir. Cyrus already does the whole mail-in-database thing. Why do you think 'maildir' isn't a database? Or to you does

Re: [Dovecot] Scalability plans: Abstract out filesystem and make it someone else's problem

2009-08-10 Thread Seth Mattinen
Curtis Maloney wrote: Seth Mattinen wrote: Ick, some people (myself included) hate the idea of storing mail in a database versus simple and almost impossible to screw up plain text files of maildir. Cyrus already does the whole mail-in-database thing. Why do you think 'maildir' isn't a

Re: [Dovecot] Scalability plans: Abstract out filesystem and make it someone else's problem

2009-08-10 Thread Timo Sirainen
On Aug 11, 2009, at 12:41 AM, Seth Mattinen wrote: Nothing forces you to switch from maildir, if you're happy with it :) But if you want to support millions of users, it's simpler to distribute the storage and disk I/O evenly across hundreds of servers using a database that was designed for

Re: [Dovecot] QUOTA not appearing in CAPA

2009-08-10 Thread Tim Traver
Timo Sirainen wrote: On Mon, 2009-08-10 at 18:01 -0700, Tim Traver wrote: and I get the following back : * QUOTAROOT INBOX QUOT1 OK Getquotaroot completed. But I don't see a quota value in there anywhere. That means you either have unlimited quota or you don't have quota

Re: [Dovecot] QUOTA not appearing in CAPA

2009-08-10 Thread Timo Sirainen
On Aug 11, 2009, at 1:35 AM, Tim Traver wrote: I figured out something...The issue appeared to have been that no maildirsize file existed. Once I put the maildirsize file in there, then it sent back the quota parameters. But, isn't it supposed to create that file if it does not exist??? Or

Re: [Dovecot] QUOTA not appearing in CAPA

2009-08-10 Thread Tim Traver
Timo Sirainen wrote: On Aug 11, 2009, at 1:35 AM, Tim Traver wrote: I figured out something...The issue appeared to have been that no maildirsize file existed. Once I put the maildirsize file in there, then it sent back the quota parameters. But, isn't it supposed to create that file if