Re: [Dovecot] Quota: Maildir and other files

[Steffen Kaiser]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Mon, 12 Apr 2010, Michael Kliewe wrote:

But our users also have additional space where they can put files, and I 
would like both to have the same quota of 2 GB. So mails + files should not 
exceed 2 GB.


I suppose you will require file system quota here.
Or you store the extra-data via IMAP. :-)
Taking a stab from the non-IMAP side: How shall the limit be enforced
when the other data is storred?

I don't know why fs is not working. /path/to/user/Maildir is a simple local 
ext4 partition. In the future it will be a nfs share.


Do you have:

a) system users
b) quota initialized on the file system (quotaon)
c) quota database updated (quotacheck)
d) quota assigned to an user (quota -v user, edquota user, quotatool)

You have just one quota, configure Dovecot to use just the fs quota.

Read the mail archive about NFS quota, I remember some glitches.

Regards,

- -- 
Steffen Kaiser

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)

iQEVAwUBS8Qdjr+Vh58GPL/cAQLwXwf/QkINEa3u/75YTfrMRJDpmvDbev83yPFP
U2Lj11zOyEov0Wb6voKeOJFYiJC4dLWbtq/lEFwwzWf+Er6QXO8d7WHC3tR9uyNc
WryNDUMe7YdHdvlbyY2SsdXSJbbxg7rEf4/9SdM4lFTxa85xqTQvz4WrgmCMJnL2
+8eIjVKFheXgsA+sf02gG9uL8BKuvzPq7xr0mohEXVG8e/8375nbBZDDNOVOuIN6
wVjokl4BfZm8zYt8mEwF3j/F01d2MeVs17JBQs439IgKtplVOiWu7MMDA2NXjvDA
4N9Hejo1X0OlfToZOBJ+LVUdBnlnmA5TElVLY+3i2mZkJZjWOBOTJg==
=sUBs
-END PGP SIGNATURE-

Re: [Dovecot] Patch: support URLAUTH, BURL, CATENATE

[Timo Sirainen]

Oh and BTW:

> /* The mailbox_save() API pulls data from an istream, and the
>imap_fetch() API pushes data into an ostream.  Dovecot does
>not offer an ostream which feeds an istream, so use a UNIX
>pipe.  That's not the most efficient way to move the data
>around, but dovecot's ostreams and istreams are sufficiently
>complex (read: under-documented) that it's easier to use a
>pipe than to write an ostream-to-istream module.  Somebody
>call a plumber. */

It shouldn't be necessary to write ostream-to-istream module. Instead
pass a concat-istream to mailbox_save() and add more istreams to it as
needed (this would need a new i_stream_concat_add_input() or something,
but that shouldn't be difficult). As a bonus no need to copy data
around. :)



signature.asc
Description: This is a digitally signed message part

Re: [Dovecot] Virusscanning

[Sven]

Noel Butler schrieb:

On Mon, 2010-04-12 at 22:07 +0200, Heiko Schlittermann wrote:

  

Frank Elsner  (Mo 12 Apr 2010 19:18:53 CEST):


On Sun, 11 Apr 2010 20:06:34 +0200 Andreas Schulze wrote:
  

Hello list,

I use currently a non-dovecot pop3 proxy which has the ability
to scan all passing mails for viruses. And I like dovecot.


I like dovecot too. But I think virus-scanning is for the MTA.
  

IMAP allows for other ways „into“ the mail storage than via the MTA.




I agree with Frank, virus scanning, and IMHO spam filtering is the job
for the MTA side of things, reject it before it gets near the mail
storage.


  

Hi guys,
I agree with Heiko. In my current setup it is _wanted_ to store/move 
mails via IMAP for usability reasons.
So i am looking for at least virus scanning at the delivery point. 
postfix and dovecot use deliver, so it should be done at this point.


Greets, Sven

[Dovecot] dict quota and quota recalculation

[Alex]

Hi
I am trying to migrate my courier server to dovecot and I've run into 
some problems.
One of the motive that I chose to migrate is quota reporting mechanism 
which in courier is a pain (if you need to display an accurate quota 
usage in the control panel). So I follow the instructions on migrations 
, I convert all the mailboxes, and the next step was to populate the 
quota table (I use quota/dict).


The quota table is empty. From the console (as root):
#echo "x GETQUOTAROOT Inbox" | user=t...@domain.net 
/usr/local/sbin/dovecot --exec-mail imap


- the result is :
| email  | used_quota | messages |
+++--+
| t...@domain.net |  0 |0 |

From mailling logs , relevant parts :

dict quota: user=t...@domain.net, uri=proxy::quotadict, noenforcing=0
Namespace: type=private, prefix=, sep=., inbox=yes, hidden=no, list=yes, 
subscriptions=yes

maildir: data=~
maildir++: root=/root, index=, control=, inbox=/root
Namespace : Using permissions from /root: mode=0750 gid=-1

- and in the root folder I can see all dovecot specific files (dovecot*)

So basically if I execute the script as root the maildir is root the 
uid/gid is root

I search and I found a trick for home :

HOME=/home/sites/domain.net/mail/test/Maildir/; user=t...@domain.net; 
echo "1 getquotaroot inbox" | /usr/local/sbin/dovecot -c 
/usr/local/etc/dovecot.conf --exec-mail imap


(but first I must put used_quota and messages values on -1 in the quota 
table)


If I run this , all dovecot files are created in the user homedir 
(correct) but with the wrong uid/gid (root).
If I change the owner of that files , next time I run the same command , 
nothing changes (uid/gid remain vmail.vmail).


My questions are :
- is there a way to avoid this behavior (the owner of the dovecot files 
after quota recreation)?

- is there a better way to force all users quota recalculation?

PS: and yes , I need to know all quotas  even if the user haven't yet login

Re: [Dovecot] Virusscanning

[Noel Butler]

On Tue, 2010-04-13 at 11:25 +0200, Sven wrote:

> 
> Noel Butler schrieb:
> > On Mon, 2010-04-12 at 22:07 +0200, Heiko Schlittermann wrote:
> >
> >   
> >> Frank Elsner  (Mo 12 Apr 2010 19:18:53 CEST):
> >> 
> >>> On Sun, 11 Apr 2010 20:06:34 +0200 Andreas Schulze wrote:
> >>>   
>  Hello list,
> 
>  I use currently a non-dovecot pop3 proxy which has the ability
>  to scan all passing mails for viruses. And I like dovecot.
>  
> >>> I like dovecot too. But I think virus-scanning is for the MTA.
> >>>   
> >> IMAP allows for other ways „into“ the mail storage than via the MTA.
> >> 
> >
> >
> > I agree with Frank, virus scanning, and IMHO spam filtering is the job
> > for the MTA side of things, reject it before it gets near the mail
> > storage.
> >
> >
> >   
> Hi guys,
> I agree with Heiko. In my current setup it is _wanted_ to store/move 
> mails via IMAP for usability reasons.
> So i am looking for at least virus scanning at the delivery point. 
> postfix and dovecot use deliver, so it should be done at this point.
> 
> Greets, Sven
> 


So, you want  postfix to accept the virus, send it to dovecot's deliver
which then calls a virus scanner and finds it infected and deletes it,
that makes absolutely no sense to me, when postfix could have had its
call to amavisd or mailscanner or some milter and delete it before it
gets to dovecot, in other words deleting it closer to acceptance point
which makes the most sense.

Re: [Dovecot] Virusscanning

[Andreas Schulze]

Am 13.04.2010 20:37 schrieb Noel Butler:
> So, you want  postfix to accept the virus, send it to dovecot's deliver
> which then calls a virus scanner and finds it infected and deletes it,
> that makes absolutely no sense
ACK.

but imagine:

MTA delivers a mail where the virusscanner finds nothing. Mail gets delivered.
Some time later there is a scannerupdate. Now the scanner would find a 
malicious content.

So I may instantly scan the complete mailstore each time a new pattern arrives
or scan only each accessed mail with the latest pattern. This seems smarter to 
me.

For this scenario I would like to see a concept for 
datainspection/datamodification in dovecot.
What about when dovecot would act as a milter client?
Sounds strange but the problems are the same, why not use existing solutions ?

-- 
Andreas Schulze
Internetdienste | P532

DATEV eG
90329 Nürnberg | Telefon +49 911 319-0 | Telefax +49 911 319-3196
E-Mail info @datev.de | Internet www.datev.de
Sitz: 90429 Nürnberg, Paumgartnerstr. 6-14 | Registergericht Nürnberg, GenReg 
Nr.70
Vorstand
Prof. Dieter Kempf (Vorsitzender)
Dipl.-Kfm. Wolfgang Stegmann (stellvertretender Vorsitzender)
Dipl.-Kfm. Michael Leistenschneider
Jörg Rabe v. Pappenheim
Dipl.-Vw. Eckhard Schwarzer
Vorsitzender des Aufsichtsrates: Reinhard Verholen

Re: [Dovecot] Virusscanning

[Jerry]

On Tue, 13 Apr 2010 20:37:04 +1000, Noel Butler
 articulated:

> So, you want  postfix to accept the virus, send it to dovecot's
> deliver which then calls a virus scanner and finds it infected and
> deletes it, that makes absolutely no sense to me, when postfix could
> have had its call to amavisd or mailscanner or some milter and delete
> it before it gets to dovecot, in other words deleting it closer to
> acceptance point which makes the most sense.

While I certainly would not recommend mailscanner with Postfix (it is
not supported), amavised works fine, however. You could just use the
'clamav-milter' if you so desired. That also delivers excellent
results, especially when used in conjunction with the options third
party signatures. See:
 if you are not
familiar with it. In any case, once you accept the message, you cannot
bounce it. Let your MTA handle the chore for you.

-- 
Jerry
dovecot.u...@seibercom.net

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.
__

Those who do not understand Unix are condemned to reinvent it, poorly.


Henry Spencer

Re: [Dovecot] dict quota and quota recalculation

[Steffen Kaiser]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Tue, 13 Apr 2010, Alex wrote:

So basically if I execute the script as root the maildir is root the uid/gid 
is root

I search and I found a trick for home :

HOME=/home/sites/domain.net/mail/test/Maildir/; user=t...@domain.net; echo "1 
getquotaroot inbox" | /usr/local/sbin/dovecot -c /usr/local/etc/dovecot.conf 
--exec-mail imap


(but first I must put used_quota and messages values on -1 in the quota 
table)


If I run this , all dovecot files are created in the user homedir (correct) 
but with the wrong uid/gid (root).
If I change the owner of that files , next time I run the same command , 
nothing changes (uid/gid remain vmail.vmail).


See: http://wiki.dovecot.org/PreAuth
You are using a "pre-auth"'ed session, that means uid/gid has to be set 
before running the command.


Regards,

- -- 
Steffen Kaiser

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)

iQEVAwUBS8RW7L+Vh58GPL/cAQIXBQgAo8o2JAbWLm3mbW1mpmGVm3RpVBH0u1rD
CCTl92z8+iR3r5Pv6hNPGwXfSJ75KTXcwMbNcVj8qQQcZJdsJ6nIcCpzE8sLn9Mz
4m0gjfwtlEbsO3XCvyxpxnebhM0rCVodyZoq6DQOy3cVbcjwzG29IEx/CoQPQ/Y3
Gfl6fyJJRmWHYvVjIhYB36phOsO1if9zNm2JIRni6dSrWc83OIVPfQrQjzdEMi+k
XjtykE83wC7fxHnDTdlQc8pbEaO1hfw8xGtaLLgZci0v+ytf+FZljXM4PiBX0vEd
nSmaqsC8lJ4RPcTIjaMstm/IbV+IRVrQfGfCV/fPlW2B5bcoG7Wreg==
=6wNc
-END PGP SIGNATURE-

Re: [Dovecot] Virusscanning

[Steffen Kaiser]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Tue, 13 Apr 2010, Andreas Schulze wrote:


So, you want  postfix to accept the virus, send it to dovecot's deliver
which then calls a virus scanner and finds it infected and deletes it,
that makes absolutely no sense

ACK.

but imagine:

MTA delivers a mail where the virusscanner finds nothing. Mail gets delivered.
Some time later there is a scannerupdate. Now the scanner would find a 
malicious content.

So I may instantly scan the complete mailstore each time a new pattern arrives
or scan only each accessed mail with the latest pattern. This seems smarter to 
me.

For this scenario I would like to see a concept for 
datainspection/datamodification in dovecot.



What about when dovecot would act as a milter client?
Sounds strange but the problems are the same, why not use existing solutions ?


The problems are the same, but a milter has the duty to filter incoming 
mail. It's not a general mail-(content)-only filter.


You want a IMAP/POP3 mail inspector, well, that's fine. There are 
in-between firewall inspecting the contents of the routed connections. 
They understand POP3 and IMAP, as long as it is not encrypted. Some can 
act as proxy themselves, decrypt the connection. They work transparently.


To solve the problem in Dovecot one need to create an "iilter" (IMAP 
filter), aka Dovecot plugin. Which hands over the contents to the virus 
scanner and replaces the malicous part with a dummy value. However, 
because of caching in IMAP clients doing so may not work as expected.


That plugin could be derived from the zlib plugin, as it also has the duty 
to inspect the data on its flow from the disk to client and around. This 
won't work in Dovecot proxy mode, however, I guess.


Regards,

- -- 
Steffen Kaiser

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)

iQEVAwUBS8RZVr+Vh58GPL/cAQKOYQf+Ke46qAcH2ro7y9txCg2HhNgKZgtTA0BI
9+09ipuzkz4Pmqhz7rQtFmnl3LVs9aWfdJH3TIBipXi4wOkchiiw1Wb3iVPhSCyJ
vdsAloCA2MhBqGKgdLx+uTQ39OIT66ysk2iRqVJHJblkyn3bpUyLtWf1XKokyjCe
0BZkbObg7eYmDQGS8RctS+QFoVslmlggr2qPHKxmBrKbUGAvK2NzI5jGEDntBWLl
NuSTZRoV4szBZlISCczw0yDq+B/KVGLtAikC7PQAt6Osu/Lx7iz6mQrcsd8e8tIF
d7BxYJwuzau3E6yCNdEXN3UKSRcACNVgADln3K4lpJZYf8yxWVJTFw==
=MVDW
-END PGP SIGNATURE-

Re: [Dovecot] Virusscanning

[Jerry]

On Tue, 13 Apr 2010 13:21:28 +0200, Andreas Schulze
 articulated:

> MTA delivers a mail where the virusscanner finds nothing. Mail gets
> delivered. Some time later there is a scannerupdate. Now the scanner
> would find a malicious content.

DEFINE: "Some time later". Are you referring to today, tomorrow, next
{week,month,year}? Depending on your AV solution, you should all ready
have the capabilities to run a virus scan on the directory(s) involved.

> So I may instantly scan the complete mailstore each time a new
> pattern arrives or scan only each accessed mail with the latest
> pattern. This seems smarter to me.

All ready possible using ClamAV.

Doesn't your MUA offer any AV scanning? If not, then perhaps it is time
to investigate the possibility of using a new MUA.

> For this scenario I would like to see a concept for
> datainspection/datamodification in dovecot. What about when dovecot
> would act as a milter client? Sounds strange but the problems are the
> same, why not use existing solutions ?

This would just lead to redundancy with no applicable favorable
results. Scanning the message when it arrives and then rescanning the
INBOX at preset intervals is about as good as it is going to get. Using
an MUA that has its own scanning engine would also be a plus. You could
even engage multiple AV engines. A really bad idea IMHO; however, you
pay your dues, you take your chances.

If Postfix is set up correctly with the proper checks, etc, SPAM and AV
problems are reduced dramatically. I have not had a VIRUS get through
to my system in years. An occasional SPAM, but then again, no system is
fool proof. Besides, nothing is fool proof to the sufficiently motivate
fool.

In any case, I worry more about some nefarious individual breaching my
firewall than I do about contracting a VIRUS.


-- 
Jerry
dovecot.u...@seibercom.net

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.
__

Aquadextrous, adj.:
Possessing the ability to turn the bathtub
faucet on and off with your toes.


Rich Hall, "Sniglets"

Re: [Dovecot] Virusscanning

[Ken A]

On 4/13/2010 6:21 AM, Andreas Schulze wrote:

Am 13.04.2010 20:37 schrieb Noel Butler:

So, you want  postfix to accept the virus, send it to dovecot's deliver
which then calls a virus scanner and finds it infected and deletes it,
that makes absolutely no sense

ACK.

but imagine:

MTA delivers a mail where the virusscanner finds nothing. Mail gets delivered.
Some time later there is a scannerupdate. Now the scanner would find a 
malicious content.

So I may instantly scan the complete mailstore each time a new pattern arrives
or scan only each accessed mail with the latest pattern. This seems smarter to 
me.



With this logic, you should virus scan at every point along the chain.
That is overkill for such a i/o intensive operation like virus scanning. 
Let the MTA scan it, and the MSA (or client's network) scan it before 
opening.

Ken



For this scenario I would like to see a concept for 
datainspection/datamodification in dovecot.
What about when dovecot would act as a milter client?
Sounds strange but the problems are the same, why not use existing solutions ?





--
Ken Anderson
Pacific Internet - http://www.pacific.net

[Dovecot] Expire plugin / expire-tool redesign for doveadm

[Timo Sirainen]

Expire plugin / expire-tool seems annoyingly inflexible currently, so I
was thinking about a more generic redesign:

The expire plugin keeps track of the oldest message in configured
mailboxes. Its only configuration is the list of tracked mailboxes.
There's no configuration like what the expire timeouts are or anything.

There will be a new doveadm command:

doveadm expunge [-u user | -A]  

So when you want to expunge all mails from Trash older than 1 week for
all users, you say:

doveadm expunge -A Trash savedbefore 1w

This command works even without expire plugin. To optimize it to avoid
looking into all users' Trash mailbox, there's a new expire doveadm
plugin, which can use the expire dict to filter out users who don't have
anything to expunge.

This also supports another feature that the plugin can optimize:

doveadm move -A INBOX Archive/2009/INBOX since 2009-01-01 before 2010-01-01

And since people have had problems waiting for expire dict to fill,
there could be also a new parameter that does the filling immediately.

TODO:

 - dbox altmove feature will be removed from expire plugin. it may need
another plugin, or some other way to configure expire plugin for it.
it's anyway a special case.

 - When using multiple mailboxes it would be more optimal to handle all
mailboxes for a user at once, rather than using separate doveadm
commands. Maybe the command syntax needs some more thinking to support
this. Different mailboxes could have different rules though..


signature.asc
Description: This is a digitally signed message part

Re: [Dovecot] dsync convert dovecot 2.0 beta4

[Timo Sirainen]

On 13.4.2010, at 8.50, Renaud Allard wrote:

> I am trying to convert a dbox mailbox in maildir format
> I changed the config to maildir instead of dbox and I am issuing this
> /opt/dovecot/bin/dsync -u r convert dbox:/home/r/dbox
> 
> But I get many errors like those below and no mail is stored in the maildir.
> 
> dsync(r): Error: Corrupted mailbox log at offset 18446743970630342680:
> /home/r/dbox/dovecot.mailbox.log
> dsync(r): Error: dbox /home/r/dbox/mailboxes/Drafts/dbox-Mails: Invalid
> dbox header size

This is with beta4, not with a recent hg version? I think I fixed it already. 
I'll put beta5/rc1 out once I do a few more changes.

Re: [Dovecot] 2.0beta4 and latest Mercurial: Folder not SELECT-able until LIST-ed

[B. Johannessen]

On 10/04/10 23:09, B. Johannessen wrote:

Have a look at the attached dialog. It shows the folder
"shared/a...@db.org/Archive" not being SELECT-able until after it's been
mentioned in a LIST response.


Timo; have you had a chance to look at this yet? Should be easy enough 
to reproduce, but you are welcome to test it on my test-system; just 
send me your SSH key...



Bob

Re: [Dovecot] IMAP IDLE, Virtual mailboxes

[Timo Sirainen]

On 9.4.2010, at 9.31, Patrick Nagel wrote:

> 2) Enhancing dovecot's Virtual plugin, so virtual mailboxes do not only
> get updated on select and expunge, but also when anything changes that
> affects the set of messages shown in the virtual mailbox. I guess that
> would have an impact on performance, and thus should be optional.

Virtual plugin does already work like that. Although there's a bug where 
messages don't get removed from mailbox always:

 - virtual: removed messages don't get expunged unless EXPUNGE is issued in
   same session. otherwise they get forgotten and never removed.

And NOTIFY isn't implemented yet mainly because it would be annoyingly 
expensive (as is virtual mailbox when it's created from many real mailboxes). 
I've been planning on implementing mailbox list indexes (or they already are 
implemented, but they're buggy) that would make this much cheaper. Basically 
NOTIFY could just keep watching for changes to dovecot.list.index.log file, and 
then read what mailbox had changed and how and notify client about it, possibly 
without even opening the mailbox itself.

Re: [Dovecot] Antispam plugin, compile under osx

[Bradley Giesbrecht]

On Apr 11, 2010, at 11:53 PM, Johannes Berg wrote:



cc  -fPIC -shared -Wall -Wextra -DPLUGINNAME=antispam - 
DHAVE_CONFIG_H -
I/opt/local/include/dovecot/ -I/opt/local/include/dovecot/src/ -I/ 
opt/

local/include/dovecot/src/lib/ -I/opt/local/include/dovecot/src/lib-
storage/ -I/opt/local/include/dovecot/src/lib-mail/ -I/opt/local/
include/dovecot/src/lib-imap/ -I/opt/local/include/dovecot/src/lib-
dict/ -I/opt/local/include/dovecot/src/lib-index/ -I/opt/local/ 
include/

dovecot/src/imap/ signature.o antispam-plugin.o antispam-storage.o
dspam-exec.o -o lib90_antispam_plugin.so
Undefined symbols:
  "_mailbox_get_name", referenced from:
  _mailbox_patternmatch in antispam-plugin.o
  _mailbox_is_spam in antispam-plugin.o
  _mailbox_is_trash in antispam-plugin.o
  _mailbox_is_unsure in antispam-plugin.o


Looks like your linker is prepending _ to each symbol, which probably
don't exist since dovecot itself exports w/o the underscore ... I have
no idea why it's doing that though.

johannes


If someone else stumbles upon this thread.

From unix-port...@lists.apple.com
The underscores are a red herring. If you use nm to look at the  
executables that export mailbox_get_name, for example libexec/ 
dovecot/imap, you see that the symbol is exported with the underscore.


You need to use the appropriate linker flags for your module, like - 
undefined dynamic_lookup. Look at how dovecot's own modules are  
linked when you build dovecot.


Adding 'CFLAGS += -undefined dynamic_lookup' to .config allows for  
make to complete without error.


I have not tested the .so plugin and if there are problems I will  
report it to this thread.



Thanks for the help,
Bradley Giesbrecht

[Dovecot] Dovecot 2.0.beta4: auth-worker keeps crashing

[Maxim Balabaev]

Centos 5.4 x64, icc
hg rev 11147

log:
Apr 14 01:16:17 auth: Info: mysql: Connected to 127.0.0.1 (mail)
Apr 14 01:16:25 imap-login: Info: Disconnected (auth failed, 2 attempts):
user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured
Apr 14 01:16:40 master: Error: service(auth-worker): child 8642 killed with
signal 11 (core dumps disabled)
Apr 14 01:16:40 auth: Error: auth worker: Aborted request: Worker process
died unexpectedly

Everything works, but it`s crashing every time
Gdb info:
(gdb) bt full
#0  0x0041782f in auth_stream_reply_find ()
No symbol table info available.
#1  0x00417d97 in lookup_credentials_callback ()
No symbol table info available.
#2  0x004223a2 in passdb_handle_credentials ()
No symbol table info available.
#3  0x00425b1a in sql_query_callback ()
No symbol table info available.
#4  0x00430494 in driver_mysql_query ()
No symbol table info available.
#5  0x0042f306 in sql_query ()
No symbol table info available.
#6  0x00425dcb in sql_lookup_credentials ()
No symbol table info available.
#7  0x00418cf5 in auth_worker_input ()
No symbol table info available.
#8  0x2ad5677acead in io_loop_handler_run ()
   from /opt/dovecot/lib/dovecot/libdovecot.so.0
No symbol table info available.
#9  0x2ad5677ab8d9 in io_loop_run ()
   from /opt/dovecot/lib/dovecot/libdovecot.so.0
No symbol table info available.
#10 0x2ad567796f56 in master_service_run ()
---Type  to continue, or q  to quit---
   from /opt/dovecot/lib/dovecot/libdovecot.so.0
No symbol table info available.
#11 0x0041c79d in main ()

Hope to get this fixed :)

Re: [Dovecot] Dovecot 2.0.beta4: auth-worker keeps crashing

[Pascal Volk]

On 04/13/2010 11:34 PM Maxim Balabaev wrote:
> Centos 5.4 x64, icc
> hg rev 11147
> 
> log:
> Apr 14 01:16:17 auth: Info: mysql: Connected to 127.0.0.1 (mail)
> Apr 14 01:16:25 imap-login: Info: Disconnected (auth failed, 2 attempts):
> user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured
> Apr 14 01:16:40 master: Error: service(auth-worker): child 8642 killed with
> signal 11 (core dumps disabled)
> Apr 14 01:16:40 auth: Error: auth worker: Aborted request: Worker process
> died unexpectedly
> 
> Everything works, but it`s crashing every time
> Gdb info:
> (gdb) bt full
> #0  0x0041782f in auth_stream_reply_find ()
> No symbol table info available.
> #1  0x00417d97 in lookup_credentials_callback ()
> No symbol table info available.
> #2  0x004223a2 in passdb_handle_credentials ()
> No symbol table info available.
> #3  0x00425b1a in sql_query_callback ()
> No symbol table info available.
> #4  0x00430494 in driver_mysql_query ()
> No symbol table info available.
> #5  0x0042f306 in sql_query ()
> No symbol table info available.
> #6  0x00425dcb in sql_lookup_credentials ()
> No symbol table info available.
> #7  0x00418cf5 in auth_worker_input ()
> No symbol table info available.
> #8  0x2ad5677acead in io_loop_handler_run ()
>from /opt/dovecot/lib/dovecot/libdovecot.so.0
> No symbol table info available.
> #9  0x2ad5677ab8d9 in io_loop_run ()
>from /opt/dovecot/lib/dovecot/libdovecot.so.0
> No symbol table info available.
> #10 0x2ad567796f56 in master_service_run ()
> ---Type  to continue, or q  to quit---
>from /opt/dovecot/lib/dovecot/libdovecot.so.0
> No symbol table info available.
> #11 0x0041c79d in main ()

Hm, not very informative that backtrace. It would be more helpful if you
could provide some debug symbols.
Where is your `doveconf -n` output?

I've configured {pass,user}db driver = {pam,passwd-file,sql} (SQL =
PostgreSQL). All users from all userdbs are able to login. No crashes.


Regards,
Pascal
-- 
The trapper recommends today: defaced.1010...@localdomain.org



smime.p7s
Description: S/MIME Cryptographic Signature

[Dovecot] mysql log entry

[Terry Barnum]

I'm sure this is a really newbie question, but I notice in /var/log/mail.log 
that there are between 3 and 15 of the following log entries every day for the 
last five days, which is far back as my logs go--what do they mean?

Apr xx hh:mm:ss mail dovecot[109]: auth-worker(default): mysql: Connected to 
localhost (postfix)

Is it dovecot connecting to mysql for password or user info? If so, wouldn't it 
be more frequent? I've got 20 users with some connecting from outside many 
times per day.

Thanks,
-Terry

Re: [Dovecot] Virusscanning

[Noel Butler]

On Tue, 2010-04-13 at 07:27 -0400, Jerry wrote:

> On Tue, 13 Apr 2010 20:37:04 +1000, Noel Butler
>  articulated:
> 
> > So, you want  postfix to accept the virus, send it to dovecot's
> > deliver which then calls a virus scanner and finds it infected and
> > deletes it, that makes absolutely no sense to me, when postfix could
> > have had its call to amavisd or mailscanner or some milter and delete
> > it before it gets to dovecot, in other words deleting it closer to
> > acceptance point which makes the most sense.
> 
> While I certainly would not recommend mailscanner with Postfix (it is
> not supported), amavised works fine, however. You could just use the


I certainly would recommend it, there are ample people on the
mailscanner lists who will go out of their way to help anyone with this
combination, as you very well know, but you are correct in as much as
Wietse and the postfix community doesn't, and those who have  been
around long enough know why (this isn't the place for that discussion
either for those who don't), however there are many large organisations
happily using that combo and that number has grown over the years as
postfix becomes more widespread use over sendmail etc.



> 'clamav-milter' if you so desired. That also delivers excellent
> results, especially when used in conjunction with the options third
> party signatures. See:


Yes, I have setup this milter on memory constrained VPS's for clients
where neither MailScanner or amavisd-new will work without the kernel
killing off stuff for out of memory on the entry class VPS offerings. I
do recommend it.

Re: [Dovecot] Virusscanning

[Noel Butler]

On Tue, 2010-04-13 at 13:21 +0200, Andreas Schulze wrote:

> Am 13.04.2010 20:37 schrieb Noel Butler:
> > So, you want  postfix to accept the virus, send it to dovecot's deliver
> > which then calls a virus scanner and finds it infected and deletes it,
> > that makes absolutely no sense
> ACK.
> 
> but imagine:
> 
> MTA delivers a mail where the virusscanner finds nothing. Mail gets delivered.
> Some time later there is a scannerupdate. Now the scanner would find a 
> malicious content.
> 


The same applies to your scenario, the chances of a  0 day virus getting
in past the AV at MTA level and being found by the time the recipient
checks mail is going to be so negligible, that said, the mailstore is
additionally scanned every night regardless , without adding the massive
resource hogging in having dovecot call AV everytime someone access
mail, also, what about those who only do pop3? the same mail storage
everywhere  I've worked in past near 20 years is used to serve both,
only the front ends differ, and in this part of the woods, there might
be one imap user to every 5K pop3 user, if you use  imap only, I still
seeing it being a negative for resource reasons.



>  I may instantly scan the complete mailstore each time a new pattern arrives
> or scan only each accessed mail with the latest pattern. This seems smarter 
> to me.
> 
> For this scenario I would like to see a concept for 
> datainspection/datamodification in dovecot.
> What about when dovecot would act as a milter client?
> Sounds strange but the problems are the same, why not use existing solutions ?
> 


I think your expecting dovecot to be more than what it is, it is not  m$
exchange :)
Cheers

<>

Re: [Dovecot] IMAP IDLE, Virtual mailboxes

[Patrick Nagel]

Hi Timo,

great hearing from you again, hope the exams went well :)

On 2010-04-13 19:01 UTC Timo Sirainen wrote:
> On 9.4.2010, at 9.31, Patrick Nagel wrote:
> > 2) Enhancing dovecot's Virtual plugin, so virtual mailboxes do not
> > only get updated on select and expunge, but also when anything
> > changes that affects the set of messages shown in the virtual
> > mailbox. I guess that would have an impact on performance, and
> > thus should be optional.
> 
> Virtual plugin does already work like that. Although there's a bug
> where messages don't get removed from mailbox always:
> 
>  - virtual: removed messages don't get expunged unless EXPUNGE is
> issued in same session. otherwise they get forgotten and never
> removed.

Oh, I see. I'll give it another try then, I believe I tried this, but 
never got notified of new mails in the virtual mailbox through the IMAP 
IDLE connection.

> And NOTIFY isn't implemented yet mainly because it would be
> annoyingly expensive (as is virtual mailbox when it's created from
> many real mailboxes). I've been planning on implementing mailbox
> list indexes (or they already are implemented, but they're buggy)
> that would make this much cheaper. Basically NOTIFY could just keep
> watching for changes to dovecot.list.index.log file, and then read
> what mailbox had changed and how and notify client about it,
> possibly without even opening the mailbox itself.

That sounds like a good plan - basically having "logwatch" on all IMAP 
operations :) I'd be happy to test once you have anything to be tested 
(just need to find a MUA other than telnet+brain that has IMAP NOTIFY 
implemented first ;) ).

Patrick.

-- 
Key ID: 0x86E346D4http://patrick-nagel.net/key.asc
Fingerprint: 7745 E1BE FA8B FBAD 76AB 2BFC C981 E686 86E3 46D4


signature.asc
Description: This is a digitally signed message part.

Re: [Dovecot] Antispam plugin, compile under osx

[Bradley Giesbrecht]

For those who may be interested I have posted dovecot-antispam plugin  
ports to MacPorts.


http://trac.macports.org/ticket/24474

// Brad

[Dovecot] Dovecot 2.0b4 configuration issue, listen config option?

[Brandon Lamb]

Hi,

In my 1.2 setup I have pop3 running on ip x.x.x.2 and imap on x.x.x.7

In 2.0 how do I say listen x.x.x.2:110 x.x.x.7:143 so that pop3 is not
listening on the .7 ip? I tried putting a listen = ip in the listener
section but it complained. I cant figure it out and cant seem to find
any 2.0 specific documentation, trying to search in the wiki directory
of /usr/local/share/doc/dovecot/wiki but so far no help.

I realize I can firewall that off but I dont want to rely on that. Is
this no longer possible?

Re: [Dovecot] Dovecot 2.0b4 configuration issue, listen config option?

[Andreas Schulze]

Am 13.04.2010 22:23 schrieb Brandon Lamb:
> Hi,
> 
> In my 1.2 setup I have pop3 running on ip x.x.x.2 and imap on x.x.x.7
> 
> In 2.0 how do I say listen x.x.x.2:110 x.x.x.7:143 so that pop3 is not
> listening on the .7 ip? I tried putting a listen = ip in the listener
> section but it complained. I cant figure it out and cant seem to find
> any 2.0 specific documentation, trying to search in the wiki directory
> of /usr/local/share/doc/dovecot/wiki but so far no help.
> 
> I realize I can firewall that off but I dont want to rely on that. Is
> this no longer possible?

that works for me:

service imap-login {
  inet_listener imap {
address = imap01.t6-isa.de
  }
  inet_listener imaps {
address = imap01.t6-isa.de
  }
}

service pop3-login {
  inet_listener pop3 {
address = pop01.t6-isa.de
  }
  inet_listener pop3s {
address = pop01.t6-isa.de
  }
}
an in case you like different certs:

protocol imap {
  ssl = yes
  ssl_cert = 

GnuPG-Signatur.asc
Description: digitale Signatur dieser Nachricht von Andreas Schulze

Re: [Dovecot] Dovecot 2.0.beta4: auth-worker keeps crashing

[Maxim Balabaev]

Users login ok, crashing after. If you want - contact me via mail - i`ll
give you access
>From log more info
Apr 14 10:10:43 master: Info: Dovecot v2.0.beta4 starting up (core dumps
disabled)
Apr 14 10:10:47 auth: Info: mysql: Connected to 127.0.0.1 (mail)
Apr 14 10:10:47 master: Error: service(auth-worker): child 10988 killed with
signal 11 (core dumps disabled)
Apr 14 10:10:47 auth: Error: auth worker: Aborted request: Worker process
died unexpectedly
Apr 14 10:10:47 auth: Info: mysql: Connected to 127.0.0.1 (mail)
Apr 14 10:10:53 imap-login: Info: Login: user=, method=PLAIN,
rip=127.0.0.1, lip=127.0.0.1, secured
Apr 14 10:10:53 imap(webmaster@): Debug: Effective uid=5000, gid=5000,
home=/var/vmail/webmaster@/
Apr 14 10:10:53 imap(webmaster@): Debug: maildir++:
root=/var/vmail/webmaster@, index=, control=, inbox=/var/vmail/webmaster@
Apr 14 10:10:53 imap(webmaster@): Info: Disconnected: Logged out
bytes=56/744
Apr 14 10:10:53 master: Error: service(auth-worker): child 10989 killed with
signal 11 (core dumps disabled)
Apr 14 10:10:53 auth: Error: auth worker: Aborted request: Worker process
died unexpectedly
Apr 14 10:10:53 auth: Info: mysql: Connected to 127.0.0.1 (mail)
Apr 14 10:10:59 imap-login: Info: Login: user=, method=PLAIN,
rip=127.0.0.1, lip=127.0.0.1, secured
Apr 14 10:10:59 imap(webmaster@): Debug: Effective uid=5000, gid=5000,
home=/var/vmail/webmaster@/
Apr 14 10:10:59 imap(webmaster@): Debug: maildir++:
root=/var/vmail/webmaster@, index=, control=, inbox=/var/vmail/webmaster@
Apr 14 10:10:59 imap(webmaster@): Info: Disconnected: Logged out
bytes=83/1022
Apr 14 10:10:59 auth: Error: auth worker: Aborted request: Worker process
died unexpectedly
Apr 14 10:10:59 master: Error: service(auth-worker): child 10992 killed with
signal 11 (core dumps disabled)
Apr 14 10:10:59 auth: Info: mysql: Connected to 127.0.0.1 (mail)
Apr 14 10:11:03 auth: Error: auth worker: Aborted request: Worker process
died unexpectedly
Apr 14 10:11:03 master: Error: service(auth-worker): child 10996 killed with
signal 11 (core dumps disabled)
Apr 14 10:11:03 auth: Info: mysql: Connected to 127.0.0.1 (mail)
Apr 14 10:11:05 imap-login: Info: Login: user=, method=PLAIN,
rip=127.0.0.1, lip=127.0.0.1, secured
Apr 14 10:11:05 imap(webmaster@): Debug: Effective uid=5000, gid=5000,
home=/var/vmail/webmaster@/
Apr 14 10:11:05 imap(webmaster@): Debug: maildir++:
root=/var/vmail/webmaster@, index=, control=, inbox=/var/vmail/webmaster@
Apr 14 10:11:05 imap-login: Info: Login: user=, method=PLAIN,
rip=127.0.0.1, lip=127.0.0.1, secured
Apr 14 10:11:05 imap(webmaster@): Debug: Effective uid=5000, gid=5000,
home=/var/vmail/webmaster@/
Apr 14 10:11:05 imap(webmaster@): Debug: maildir++:
root=/var/vmail/webmaster@, index=, control=, inbox=/var/vmail/webmaster@
Apr 14 10:11:05 imap(webmaster@): Info: Disconnected: Logged out
bytes=71/741
Apr 14 10:11:05 imap(webmaster@): Info: Disconnected: Logged out
bytes=343/5562


doveconf - driver mysql. mysql also compiled by icc.
CC=icc CXX=icpc CPPFLAGS='-I/opt/mysql/include/mysql'
LDFLAGS='-L/opt/mysql/lib/mysql -lmysqlclient -lz -lcrypt -lnsl -lm'
 CFLAGS='-I/opt/mysql/include/mysql -O2 -gcc' ./configure --with-ssl=openssl
--with-pop3d --without-passwd --without-passwd-file --without-shadow
--without-static-userdb --without-ldap --prefix=/opt/dovecot --with-mysql

auth_mechanisms = plain login cram-md5
disable_plaintext_auth = no
first_valid_uid = 5000
last_valid_uid = 5000
log_path = /var/log/dovecot.log
mail_debug = yes
mail_gid = 5000
mail_location = maildir:%h
mail_uid = 5000
passdb {
  args = /opt/dovecot/etc/dovecot/dovecot-sql.conf
  driver = sql
}
protocols = pop3 imap
service auth {
  unix_listener auth-userdb {
group = vmail
mode = 0666
user = vmail
  }
}
ssl = no
ssl_cert = /etc/ssl/certs/dovecot.pem
ssl_key = /etc/ssl/private/dovecot.pem
userdb {
  args = /opt/dovecot/etc/dovecot/dovecot-sql.conf
  driver = sql
}
protocol pop3 {
  pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
}
protocol lda {
  info_log_path = /var/log/dovecot-deliver.log
  log_path = /var/log/dovecot-deliver.log
  postmaster_address = s...@example.ru
}

2010/4/14 Pascal Volk

>

> On 04/13/2010 11:34 PM Maxim Balabaev wrote:
> > Centos 5.4 x64, icc
> > hg rev 11147
> >
> > log:
> > Apr 14 01:16:17 auth: Info: mysql: Connected to 127.0.0.1 (mail)
> > Apr 14 01:16:25 imap-login: Info: Disconnected (auth failed, 2 attempts):
> > user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured
> > Apr 14 01:16:40 master: Error: service(auth-worker): child 8642 killed
> with
> > signal 11 (core dumps disabled)
> > Apr 14 01:16:40 auth: Error: auth worker: Aborted request: Worker process
> > died unexpectedly
> >
> > Everything works, but it`s crashing every time
> > Gdb info:
> > (gdb) bt full
> > #0  0x0041782f in auth_stream_reply_find ()
> > No symbol table info available.
> > #1  0x00417d97 in lookup_credentials_callback ()
> > No symbol table info available.
> > #2  0x004223a2 in p

Re: [Dovecot] Dovecot 2.0b4 configuration issue, listen config option?

[Brandon Lamb]

On Tue, Apr 13, 2010 at 10:36 PM, Andreas Schulze
 wrote:
> Am 13.04.2010 22:23 schrieb Brandon Lamb:
>> Hi,
>>
>> In my 1.2 setup I have pop3 running on ip x.x.x.2 and imap on x.x.x.7
>>
>> In 2.0 how do I say listen x.x.x.2:110 x.x.x.7:143 so that pop3 is not
>> listening on the .7 ip? I tried putting a listen = ip in the listener
>> section but it complained. I cant figure it out and cant seem to find
>> any 2.0 specific documentation, trying to search in the wiki directory
>> of /usr/local/share/doc/dovecot/wiki but so far no help.
>>
>> I realize I can firewall that off but I dont want to rely on that. Is
>> this no longer possible?
>
> that works for me:
>
> service imap-login {
>  inet_listener imap {
>    address = imap01.t6-isa.de
>  }
>  inet_listener imaps {
>    address = imap01.t6-isa.de
>  }
> }
>
> service pop3-login {
>  inet_listener pop3 {
>    address = pop01.t6-isa.de
>  }
>  inet_listener pop3s {
>    address = pop01.t6-isa.de
>  }
> }
> an in case you like different certs:
>
> protocol imap {
>  ssl = yes
>  ssl_cert =   ssl_key =  }
>
> protocol pop3 {
>  ssl = yes
>  ssl_cert =   ssl_key =  }
>
>
>
> --
> Andreas Schulze
> Internetdienste | P532
>
> DATEV eG
> 90329 Nürnberg | Telefon +49 911 319-0 | Telefax +49 911 319-3196
> E-Mail info @datev.de | Internet www.datev.de
> Sitz: 90429 Nürnberg, Paumgartnerstr. 6-14 | Registergericht Nürnberg, GenReg 
> Nr.70
> Vorstand
> Prof. Dieter Kempf (Vorsitzender)
> Dipl.-Kfm. Wolfgang Stegmann (stellvertretender Vorsitzender)
> Dipl.-Kfm. Michael Leistenschneider
> Jörg Rabe v. Pappenheim
> Dipl.-Vw. Eckhard Schwarzer
> Vorsitzender des Aufsichtsrates: Reinhard Verholen
>
>
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.4.9 (GNU/Linux)
>
> iJwEAQECAAYFAkvFVFgACgkQGXQ4Obkc43nWJwP9HOZ/A3q6SKIJKQL23we7KwVG
> hwmxiT6ayhy73s6oE5VKCSwSdNH452FPbQsB+Qg3lEvdmX7MhKDbNIc2N2qEGCPS
> CmED/q7V6ppQPaPeBw4tdfOMlCJ0EEsmYWFrIyakyQiRcDbLDsK/3D5VnAdLLxCS
> a5tXfsTxT1ZqZKvPv8w=
> =yx2R
> -END PGP SIGNATURE-

O address, very good thank you!!