Additional info: there seems to be permission-related issue anyway, as
we also see messages like these in our logs:
2021-12-03T19:06:15.032873+01:00 hostname dovecot - - - quota-warning: Error:
lda(username,)Error: net_connect_unix(/var/run/dovecot/stats-writer) failed:
Permission denied
But are permissions of stats-writer related to not sending out quota
notifications?
MJ
Op 06-12-2021 om 12:10 schreef mj:
Hi,
We suddenly realised that our maildir quota warnings are no longer sent
out. We don't understand why not.
This is dovecot 2.3.4.1 on debian 10.11. We use a script to send out the
notification, adapted from the dovecot wiki here:
(https://doc.dovecot.org/configuration_manual/quota/)
Our quota notification script is:
#!/bin/sh
PERCENT=$1
USER=$2
cat << EOF | /usr/lib/dovecot/dovecot-lda -d $USER -o
"plugin/quota=maildir::noenforcing"
From: nore...@domain.com
Subject: quota warning
Your mailbox is now $PERCENT% full.
Please delete or archive items to decrease your mailbox size.
Our complete doveconf -n output is at the end of this email.
When calling the script manually as user root, it works perfectly. But
as user vmail or dovecot, no notifications are sent at all.
I guess this is relevant:
root@dovecot:/etc/dovecot# ls -l /var/run/dovecot/
total 8
srw------- 1 root root 0 Dec 6 00:00 anvil
srw------- 1 root root 0 Dec 6 00:00 anvil-auth-penalty
srw------- 1 dovecot root 0 Dec 6 11:34 auth-client
srw------- 1 dovecot root 0 Dec 6 11:34 auth-login
srw------- 1 root root 0 Dec 6 11:34 auth-master
-rw------- 1 root root 32 Jul 19 17:39 auth-token-secret.dat
srw-rw-rw- 1 vmail vmail 0 Dec 6 11:34 auth-userdb
srw------- 1 dovecot root 0 Dec 6 11:34 auth-worker
srw------- 1 root root 0 Dec 6 11:34 config
srw-rw---- 1 root dovecot 0 Dec 6 11:34 dict
srw-rw---- 1 root dovecot 0 Dec 6 11:34 dict-async
srw------- 1 root root 0 Dec 6 11:34 director-admin
srw-rw-rw- 1 root root 0 Dec 6 11:34 dns-client
srw------- 1 root root 0 Dec 6 11:34 doveadm-server
lrwxrwxrwx 1 root root 25 Dec 6 00:00 dovecot.conf ->
/etc/dovecot/dovecot.conf
drwxr-xr-x 2 root root 40 Jul 19 17:39 empty
srw-rw---- 1 root dovecot 0 Dec 6 11:34 imap-hibernate
srw------- 1 root root 0 Dec 6 11:34 imap-master
srw-rw-rw- 1 root root 0 Dec 6 11:34 imap-urlauth
srw------- 1 dovecot root 0 Dec 6 11:34 imap-urlauth-worker
srw-rw-rw- 1 root root 0 Dec 6 11:34 indexer
srw------- 1 dovecot root 0 Dec 6 11:34 indexer-worker
srw------- 1 dovecot root 0 Dec 6 11:34 ipc
srw-rw-rw- 1 root root 0 Dec 6 11:34 lmtp
srw------- 1 root root 0 Dec 6 11:34 log-errors
drwxr-x--- 2 root nogroup 120 Dec 6 11:34 login
srw------- 1 root root 0 Dec 6 11:34 master
-rw------- 1 root root 6 Dec 6 00:00 master.pid
srw------- 1 root root 0 Dec 6 11:34 old-stats
prw------- 1 root root 0 Dec 6 11:34 old-stats-mail
prw------- 1 root root 0 Dec 6 11:34 old-stats-user
srw------- 1 vmail root 0 Dec 6 11:34 quota-warning
srw------- 1 root root 0 Dec 6 11:34 replication-notify
prw------- 1 root root 0 Dec 6 11:34 replication-notify-fifo
srw------- 1 dovecot root 0 Dec 6 11:34 replicator
srw-rw---- 1 vmail vmail 0 Dec 6 11:34 stats-reader
srw-rw---- 1 vmail vmail 0 Dec 6 11:34 stats-writer
drwxr-x--- 2 root nogroup 80 Dec 6 11:34 token-login
Can anyone help, and explain what is going on here?
Thank you very much in advance for a reply!
MJ
The doveconf -n output:
root@imap:/etc/dovecot# doveconf -n
# 2.3.4.1 (f79e8e7e4): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.4 ()
# OS: Linux 4.19.0-17-amd64 x86_64 Debian 10.11 xfs
# Hostname: mail.company.com
auth_debug = yes
auth_failure_delay = 10 secs
auth_master_user_separator = *
auth_mechanisms = plain login
auth_username_format = %Ln
auth_verbose = yes
auth_verbose_passwords = sha1
default_vsz_limit = 512 M
deliver_log_format = %f | %s | msgid=%m: %$
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
login_greeting = Dovecot ready.
login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e
%c lport=%a
mail_gid = vmail
mail_location = maildir:/var/vmail/%Ln/Maildir:LAYOUT=fs:DIRNAME=mAildir
mail_plugins = acl lazy_expunge zlib quota mail_log notify
mail_shared_explicit_inbox = yes
mail_uid = vmail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date ihave
namespace {
list = children
location =
maildir:/var/vmail/%%u/Maildir:LAYOUT=fs:DIRNAME=mAildir:INDEX=/var/vmail/%u/shared/%%u
prefix = shared/%%n/
separator = /
subscriptions = no
type = shared
}
namespace inbox {
inbox = yes
location = mailbox "Deleted items" {
special_use = \Trash
}
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent items" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
mailbox inbox {
auto = subscribe
}
prefix = separator = /
type = private
}
passdb {
args = /etc/dovecot/deny.imap
deny = yes
driver = passwd-file
}
passdb {
args = /etc/dovecot/master-users
driver = passwd-file
master = yes
}
passdb {
args = /etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
result_failure = return-fail
}
plugin {
acl = vfile
acl_shared_dict = file:/var/lib/dovecot/db/shared-mailboxes.db
mail_log_events = delete undelete expunge copy mailbox_delete
mailbox_rename append
mail_log_fields = uid box msgid from subject
quota = maildir
quota_rule = ?:storage=5G
quota_rule2 = Trash:storage=+100M
quota_warning = storage=97%% quota-warning 97 %u
quota_warning2 = storage=95%% quota-warning 95 %u
quota_warning3 = storage=90%% quota-warning 90 %u
quota_warning4 = storage=85%% quota-warning 85 %u
quota_warning5 = storage=80%% quota-warning 80 %u
quota_warning6 = -storage=100%% quota-warning below %u
sieve = ~/.dovecot.sieve
sieve_default = /var/lib/dovecot/default.sieve
sieve_dir = ~/sieve
}
protocols = imap lmtp sieve
service auth {
unix_listener /var/spool/postfix/private/auth {
mode = 0666
}
unix_listener auth-userdb {
group = vmail
mode = 0666
user = vmail
}
}
service imap-login {
process_limit = 500
process_min_avail = 2
}
service quota-warning {
executable = script /usr/local/bin/quota-warning.sh
unix_listener quota-warning {
user = vmail
}
user = dovecot
}
service stats {
unix_listener stats-reader {
group = vmail
mode = 0660
user = vmail
}
unix_listener stats-writer {
group = vmail
mode = 0660
user = vmail
}
}
shutdown_clients = no
ssl = required
ssl_cert = </etc/ssl/letsencrypt/fullchain.pem
ssl_cipher_list =
ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
ssl_dh = # hidden, use -P to show it
ssl_key = # hidden, use -P to show it
ssl_min_protocol = TLSv1.2
userdb {
args = uid=vmail gid=vmail home=/var/vmail/%n allow_all_users=yes
driver = static
}
userdb {
args = /etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
verbose_proctitle = yes
protocol lda {
mail_plugins = acl lazy_expunge zlib quota mail_log notify sieve quota
}
protocol imap {
imap_max_line_length = 2 M
mail_max_userip_connections = 40
mail_plugins = acl lazy_expunge zlib quota mail_log notify
imap_quota imap_acl
}
