Re: v2.2.23 released
Yes. I concur. On 3/31/2016 7:44 AM, Leon Kyneur wrote: 2.2.23 seems to have broken doveadm backup, was previously working fine on 2.2.22 [root@S613 lkyneur]# doveadm -v backup -u em.mck ... doveadm(root): Error: User doesn't exist [root@S613 lkyneur]# doveadm user em.mck field value uid vmail gid vmail home/srv/vmail/eftel/xxx.com/20032218/em.mck mail mdbox:/srv/vmail/eftel/xxx.com/20032218/em.mck/mdbox:ALT=/altstorage/srv/vmail/eftel/xxx.com/20032218/em.mck/mdbox quota_rule *:bytes=500M On 30/03/16 23:48, Timo Sirainen wrote: http://dovecot.org/releases/2.2/dovecot-2.2.23.tar.gz http://dovecot.org/releases/2.2/dovecot-2.2.23.tar.gz.sig This is a bugfix-only release with various important fixes on top of v2.2.22. - Various fixes to doveadm. Especially running commands via doveadm-server was broken. - director: Fixed user weakness getting stuck in some situations - director: Fixed a situation where directors keep re-sending different states to each others and never becoming synced. - director: Fixed assert-crash related to a slow "user killed" reply - Fixed assert-crash related to istream-concat, which could have been triggered at least by a Sieve script.
Re: VS: Re: v2.2.23 released
I'm not sure what "It's fixed in head" means??? On 3/31/2016 9:13 AM, Aki Tuomi wrote: It's fixed in head. Sorry. ---Aki TuomiDovecot oy Alkuperäinen viesti Lähettäjä: Eric Päivämäärä: 31.3.2016 18.05 (GMT+02:00) Saaja: dovecot@dovecot.org Aihe: Re: v2.2.23 released Yes. I concur. On 3/31/2016 7:44 AM, Leon Kyneur wrote: 2.2.23 seems to have broken doveadm backup, was previously working fine on 2.2.22 [root@S613 lkyneur]# doveadm -v backup -u em.mck ... doveadm(root): Error: User doesn't exist [root@S613 lkyneur]# doveadm user em.mck field value uid vmail gid vmail home/srv/vmail/eftel/xxx.com/20032218/em.mck mail mdbox:/srv/vmail/eftel/xxx.com/20032218/em.mck/mdbox:ALT=/altstorage/srv/vmail/eftel/xxx.com/20032218/em.mck/mdbox quota_rule *:bytes=500M On 30/03/16 23:48, Timo Sirainen wrote: http://dovecot.org/releases/2.2/dovecot-2.2.23.tar.gz http://dovecot.org/releases/2.2/dovecot-2.2.23.tar.gz.sig This is a bugfix-only release with various important fixes on top of v2.2.22. - Various fixes to doveadm. Especially running commands via doveadm-server was broken. - director: Fixed user weakness getting stuck in some situations - director: Fixed a situation where directors keep re-sending different states to each others and never becoming synced. - director: Fixed assert-crash related to a slow "user killed" reply - Fixed assert-crash related to istream-concat, which could have been triggered at least by a Sieve script.
namespace...mailbox doesn't exist
Hello list,
I have a namespace called 'projects' which when clicked in Thunderbird
(nonexistent in eM Client) yields the following error:
"The current operation on 'projects' did not succeed. The mail server
for account
u...@domain.tld responded: mailbox doesn't exist: projects.projects
(0.00 + 0.00 secs)."
The namespace is configure as follows:
# Shared namespace 'projects'
namespace {
location = maildir:/home/vpopmail/domains/domain.tld/shared/projects
prefix = projects.
separator = .
type = public
}
This is the log:
1: Apr 04 20:00:30 imap(postmas...@domain.tld): Debug: Effective uid=89,
gid=89, home=/home/vpopmail/domains/domain.tld/postmaster
2: Apr 04 20:00:30 imap(postmas...@domain.tld): Debug: Quota root:
name=ignore=Trash backend=maildir args=
3: Apr 04 20:00:30 imap(postmas...@domain.tld): Debug: Quota rule:
root=ignore=Trash mailbox=? bytes=0 messages=0
4: Apr 04 20:00:30 imap(postmas...@domain.tld): Debug: Quota grace:
root=ignore=Trash bytes=0 (10%)
5: Apr 04 20:00:30 imap(postmas...@domain.tld): Debug: Namespace :
type=private, prefix=, sep=., inbox=yes, hidden=no, list=yes,
subscriptions=yes location=
6: Apr 04 20:00:30 imap(postmas...@domain.tld): Debug: mdbox:
access(/home/vpopmail/domains/domain.tld/postmaster/mdbox, rwx): failed:
No such file or directory
7: Apr 04 20:00:30 imap(postmas...@domain.tld): Debug: mdbox: couldn't
find root dir
8: Apr 04 20:00:30 imap(postmas...@domain.tld): Debug: sdbox:
access(/home/vpopmail/domains/domain.tld/postmaster/sdbox, rwx): failed:
No such file or directory
9: Apr 04 20:00:30 imap(postmas...@domain.tld): Debug: sdbox: couldn't
find root dir
10: Apr 04 20:00:30 imap(postmas...@domain.tld): Debug: maildir: root
exists (/home/vpopmail/domains/domain.tld/postmaster/Maildir)
11: Apr 04 20:00:30 imap(postmas...@domain.tld): Debug: maildir++:
root=/home/vpopmail/domains/domain.tld/postmaster/Maildir, index=,
indexpvt=, control=,
inbox=/home/vpopmail/domains/domain.tld/postmaster/Maildir, alt=
12: Apr 04 20:00:30 imap(postmas...@domain.tld): Debug: Namespace :
type=public, prefix=projects., sep=., inbox=no, hidden=no, list=yes,
subscriptions=yes
location=maildir:/home/vpopmail/domains/domain.tld/shared/projects
13: Apr 04 20:00:30 imap(postmas...@domain.tld): Debug: maildir++:
root=/home/vpopmail/domains/domain.tld/shared/projects, index=,
indexpvt=, control=, inbox=, alt=
This did not happen with other versions of dovecot (I think) but just
started happening with the upgrade. While it is not
a serious problem and I can live with it, what would be causing it in
the new dovecot iteration (2.2.23) ? And, could it be
that I'm missing the necessary setting to mitigate this? Please let me
know if any additional information is necessary.
I'm thinking that the problem lies in lines 6/7 and 8/9 where Dovecot is
looking for mdbox/sdbox.
Eric
Re: namespace...mailbox doesn't exist
I tried that and am sad to say it did not work. Hmmm...
On 4/5/2016 12:43 AM, Steffen Kaiser wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Mon, 4 Apr 2016, Eric wrote:
Date: Mon, 4 Apr 2016 20:23:34 -0600
From: Eric
To: dovecot@dovecot.org
Subject: namespace...mailbox doesn't exist
Hello list,
I have a namespace called 'projects' which when clicked in
Thunderbird (nonexistent in eM Client) yields the following error:
"The current operation on 'projects' did not succeed. The mail server
for account
u...@domain.tld responded: mailbox doesn't exist: projects.projects
(0.00 + 0.00 secs)."
The namespace is configure as follows:
# Shared namespace 'projects'
namespace {
^^ IMHO first try to give that namespace a name, e.g.
namespace projects {
location = maildir:/home/vpopmail/domains/domain.tld/shared/projects
prefix = projects.
separator = .
type = public
}
This is the log:
1: Apr 04 20:00:30 imap(postmas...@domain.tld): Debug: Effective
uid=89, gid=89, home=/home/vpopmail/domains/domain.tld/postmaster
2: Apr 04 20:00:30 imap(postmas...@domain.tld): Debug: Quota root:
name=ignore=Trash backend=maildir args=
3: Apr 04 20:00:30 imap(postmas...@domain.tld): Debug: Quota rule:
root=ignore=Trash mailbox=? bytes=0 messages=0
4: Apr 04 20:00:30 imap(postmas...@domain.tld): Debug: Quota grace:
root=ignore=Trash bytes=0 (10%)
5: Apr 04 20:00:30 imap(postmas...@domain.tld): Debug: Namespace :
type=private, prefix=, sep=., inbox=yes, hidden=no, list=yes,
subscriptions=yes location=
6: Apr 04 20:00:30 imap(postmas...@domain.tld): Debug: mdbox:
access(/home/vpopmail/domains/domain.tld/postmaster/mdbox, rwx):
failed: No such file or directory
7: Apr 04 20:00:30 imap(postmas...@domain.tld): Debug: mdbox:
couldn't find root dir
8: Apr 04 20:00:30 imap(postmas...@domain.tld): Debug: sdbox:
access(/home/vpopmail/domains/domain.tld/postmaster/sdbox, rwx):
failed: No such file or directory
9: Apr 04 20:00:30 imap(postmas...@domain.tld): Debug: sdbox:
couldn't find root dir
10: Apr 04 20:00:30 imap(postmas...@domain.tld): Debug: maildir: root
exists (/home/vpopmail/domains/domain.tld/postmaster/Maildir)
11: Apr 04 20:00:30 imap(postmas...@domain.tld): Debug: maildir++:
root=/home/vpopmail/domains/domain.tld/postmaster/Maildir, index=,
indexpvt=, control=,
inbox=/home/vpopmail/domains/domain.tld/postmaster/Maildir, alt=
12: Apr 04 20:00:30 imap(postmas...@domain.tld): Debug: Namespace :
type=public, prefix=projects., sep=., inbox=no, hidden=no, list=yes,
subscriptions=yes
location=maildir:/home/vpopmail/domains/domain.tld/shared/projects
13: Apr 04 20:00:30 imap(postmas...@domain.tld): Debug: maildir++:
root=/home/vpopmail/domains/domain.tld/shared/projects, index=,
indexpvt=, control=, inbox=, alt=
This did not happen with other versions of dovecot (I think) but just
started happening with the upgrade. While it is not
a serious problem and I can live with it, what would be causing it in
the new dovecot iteration (2.2.23) ? And, could it be
that I'm missing the necessary setting to mitigate this? Please let
me know if any additional information is necessary.
I'm thinking that the problem lies in lines 6/7 and 8/9 where Dovecot
is looking for mdbox/sdbox.
Eric
- -- Steffen Kaiser
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
iQEVAwUBVwNejHz1H7kL/d9rAQJMKgf7B0B4mqfXCxYPx1mgimXgUZxUh1+OfMKs
SFE2oKnpsg5lFsqeYXNHKVBToOaOEQCHVvcNg7iEe009X7CFTbzoOWm1PaX1ue+N
LsPzPhSmoqU74D8+3OMK4noiFdWz3vZMPI2vt181q2HzQSHPdI8T73AVOhROQ/62
k2mIX9OxCH+wU9ZsLD6uUrG9jsNPIwdmLdSbDjTWgmyoZWRlL9rxYVcrU+laPu0F
U0P29Vx9DmlEFdu42cua2BkCRKsFDg2BajF6UiCqyeKN3V8ZUJH8jVI2WFZ2jF6/
bytKdnFVTIDKbt/dkwWJjTDH1LMI8BpCFh/AGrJeoC9IfKMSs5F61Q==
=XSh1
-END PGP SIGNATURE-
Re: namespace...mailbox doesn't exist
Timo,
b list "" *
.
.
.
* LIST (\HasChildren) "." projects
* LIST (\HasNoChildren) "." projects.xxx
* LIST (\HasNoChildren) "." projects.yyy
* LIST (\HasNoChildren) "." projects.zzz
.
.
.
.
more projects children
* OK List completed (0.00 + 0.00 secs).
And
ls -a /home/vpopmail/domains/domain.tld/shared/projects
.xxx
.yyy
.zzz
cur
dovecot.index.cache
dovecot.index.log
dovecot.mailbox.log
dovecot.mailbox.log.2
dovecot-uidlist
dovecot-uidvalidity
dovecot-uidvalidity.4d991164
new
subscriptions
tmp
Eric
On 4/6/2016 1:03 PM, Timo Sirainen wrote:
On 05 Apr 2016, at 05:23, Eric wrote:
Hello list,
I have a namespace called 'projects' which when clicked in Thunderbird
(nonexistent in eM Client) yields the following error:
"The current operation on 'projects' did not succeed. The mail server for
account
u...@domain.tld responded: mailbox doesn't exist: projects.projects (0.00 + 0.00
secs)."
The namespace is configure as follows:
# Shared namespace 'projects'
namespace {
location = maildir:/home/vpopmail/domains/domain.tld/shared/projects
prefix = projects.
separator = .
type = public
}
Try talking IMAP protocol to see what's actually happening here:
telnet localhost 143
a login user pass
b list "" *
Also what's actually supposed to exist under the projects? ls -a
/home/vpopmail/domains/domain.tld/shared/projects ?
Re: Moving to as new server
I use 'rsync' as a failover tool, never a problem. On 4/24/2016 5:42 AM, Jerry wrote: I will shortly have to replace the OS on my machine. For various reasons, I will not be able to use a program like “imapsync” to transfer my documents to a new server. All of the mail folders on my present PC are stored under “/var/mail/vmail”. If I copied all of the folders under “vmail” and moved them to the new PC, would Dovecot be able to access them normally? Dovecot would not be running while I moved the files. Thanks
[Dovecot] Xen + NFS
Thanks for Dovecot! I am currently testing several scenarios to help determine how to best implement dovecot for our environment. One scenario of particular interest is Maildir + NFS, load balanced between several servers running dovecot. I am not sure anyone would ever want to implement what I am about to describe here, but none-the-less, I thought I would mention it to the list to see if anyone has had the same experience, or could possibly help. What I am using to _test_ is a single server running RedHat Server 5 + Xen. Dom0 is acting as my NFS server, and a RedHat Server 5 guest running on the same machine is acting as my NFS client and dovecot server. I have a single directory exported from the NFS server which contains several home folders with inboxes stored in Maildir format. The problem I am having is when I open a POP3 connection from a separate machine, I see the following messages on the virtual server in /var/log/maillog and I am unable to retrieve mail: file maildir-uidlist.c: line 139 (maildir_uidlist_unlock): assertion failed: (uidlist->lock_count > 0) and more often: Mailbox init failed top=0/0, retr=0/0, del=0/0, size=0 It appears to be an issue with the login not having the proper permissions to create the dovecot.uidlist file, however, when I log in locally to the dovecot server with the POP3 account, I can read+write in the directory without problems. I suspect that I am missing something simple, but cannot seem to figure it out. dovecot-1.0-1.2.rc15.el5 RedHat Server 5 kernel: 2.6.18-8.1.14.el5xen dovecot -n: shutdown_clients: no login_dir: /var/run/dovecot/login login_executable(default): /usr/libexec/dovecot/imap-login login_executable(imap): /usr/libexec/dovecot/imap-login login_executable(pop3): /usr/libexec/dovecot/pop3-login login_greeting: Server ready. mail_location: maildir:~/.maildir:INDEX=/var/spool/dovecot/%u maildir_copy_with_hardlinks: yes mbox_write_locks: dotlock fcntl mail_executable(default): /usr/libexec/dovecot/imap mail_executable(imap): /usr/libexec/dovecot/imap mail_executable(pop3): /usr/libexec/dovecot/pop3 mail_plugin_dir(default): /usr/lib/dovecot/imap mail_plugin_dir(imap): /usr/lib/dovecot/imap mail_plugin_dir(pop3): /usr/lib/dovecot/pop3 pop3_reuse_xuidl(default): no pop3_reuse_xuidl(imap): no pop3_reuse_xuidl(pop3): yes pop3_lock_session(default): no pop3_lock_session(imap): no pop3_lock_session(pop3): yes auth default: passdb: driver: ldap args: /etc/dovecot-ldap.conf userdb: driver: ldap args: /etc/dovecot-ldap.conf nfs mount options: rw,rsize=32768,wsize=32768,hard,fg,lock,nfsvers=3,tcp,retrans=0,noac - Looking for last minute shopping deals? Find them fast with Yahoo! Search.
[Dovecot] Expire plugin with Mysql
Hey guys, got a question about the expire plugin. According to the wiki, the expire plugin "keeps an internal database (Berkeley DB or SQL)". I was wondering what fields in the mysql table are needed for expire to work. I assume it is setup is similar to the quota dict setup, so was just wondering what fields are required (i.e: select_field, where_field, username_field, for quota). Thanks signature.asc Description: PGP signature
[Dovecot] Dovecot 1.1rc3 crashes with Dbox + imap_q uota plugin
Version: Dovecot v1.1.rc3
OS: CentOS 5 running in OpenVZ
CPU: x86_64
Was running fine with maildir and decided to get dbox a try. Test user
created with a dbox mailstore backend and when a client logs in that tries
to run a getquotaroot imap command the process SIGSEGV's.
Have been able to narrow it down to dbox crashing against dict quota as
well as dirsize. Maildir works just fine.
example telnet session:
...
5 getquota *
5 NO Quota root doesn't exist.
6 getquotaroot inbox
Connection closed by foreign host.
--
Got the backtrace from a coredump as well:
Program terminated with signal 11, Segmentation fault.
#0 0x00463d99 in mail_index_get_header_ext (view=0x0, ext_id=2,
data_r=0x7fff8ad72140,
data_size_r=0x7fff8ad72138) at mail-index-view.c:550
550 view->v.get_header_ext(view, NULL, ext_id, data_r,
data_size_r);
(gdb) bt full
#0 0x00463d99 in mail_index_get_header_ext (view=0x0, ext_id=2,
data_r=0x7fff8ad72140,
data_size_r=0x7fff8ad72138) at mail-index-view.c:550
No locals.
#1 0x0044604c in dbox_sync_want_flush_dirty (mbox=0x2aae5cc8,
close_flush_dirty_flags=true)
at dbox-sync.c:262
hdr =
data =
data_size =
#2 0x00446101 in dbox_sync_begin (mbox=0x0, ctx_r=0x7fff8ad72278,
close_flush_dirty_flags=64, force=64)
at dbox-sync.c:297
storage = (struct mail_storage *) 0x2aadb878
ctx =
sync_flags =
ret =
rebuild =
#3 0x004468c8 in dbox_sync (mbox=0x0, close_flush_dirty_flags=64)
at dbox-sync.c:396
sync_ctx = (struct dbox_sync_context *) 0x2aae5cc8
#4 0x0043f0c4 in dbox_storage_mailbox_close (box=0x0) at
dbox-storage.c:312
mbox =
ret =
#5 0x2b62df50 in fts_mailbox_close (box=0x2aae5cc8) at
fts-storage.c:65
fbox = (struct fts_mailbox *) 0x2aae8f90
ret =
#6 0x2b42a5ed in cmd_getquotaroot (cmd=0x2aadc338) at
imap-quota-plugin.c:98
storage =
box = (struct mailbox *) 0x0
iter = (struct quota_root_iter *) 0x0
root =
orig_mailbox = 0x2aae0518 "INBOX"
mailbox = 0x49a6ca "INBOX"
str = (string_t *) 0x2aacf1c0
#7 0x0041ab18 in client_command_input (cmd=0x0) at client.c:546
client = (struct client *) 0x2aadbf50
command =
__PRETTY_FUNCTION__ = "client_command_input"
#8 0x0041abb9 in client_command_input (cmd=0x2aadc338) at
client.c:595
client = (struct client *) 0x2aadbf50
command = (struct command *) 0x7fff8ad72140
__PRETTY_FUNCTION__ = "client_command_input"
#9 0x0041b32f in client_handle_input (client=0x2aadbf50) at
client.c:636
_data_stack_cur_id = 3
ret =
remove_io =
handled_commands = false
#10 0x0041b54f in client_input (client=0x2aadbf50) at
client.c:691
cmd =
output = (struct ostream *) 0x2aadc1e8
bytes = 27
__PRETTY_FUNCTION__ = "client_input"
#11 0x00486a38 in io_loop_handler_run (ioloop=) at ioloop-epoll.c:201
ctx =
event = (const struct epoll_event *) 0x2aad7dc0
list = (struct io_list *) 0x2aad8780
io = (struct io_file *) 0x2aadc280
tv = {tv_sec = 1799, tv_usec = 999598}
events_count =
t_id = 2
msecs =
ret = 1
i = 0
call =
#12 0x00485d1d in io_loop_run (ioloop=0x2aad7b60) at
ioloop.c:301
No locals.
#13 0x00422871 in main (argc=, argv=0x0,
envp=0x7fff8ad72578) at main.c:293
No locals.
--
Let me know if there's any other info you need.
Re: [Dovecot] Expire plugin with Mysql
On Sun, 04 May 2008 17:50:45 +0300 Timo Sirainen <[EMAIL PROTECTED]> wrote: > A bit late reply, but you should be able to use a table exactly like > with quota (http://wiki.dovecot.org/Quota/Dict): > Just got around to trying this out, and I get a segfault when attempting to move a message into the trash. Dovecot Version: 1.1rc6 - complied with SunStudio 12 OS: Solaris 10 CPU Arch: x86_64 Filesystem: ZFS Description: Move message into the trash dovecot -n: # 1.1.rc6: /opt/dovecot/etc/dovecot.conf log_path: /var/log/dovecot.log protocols: imap imaps pop3 pop3s listen(default): *:143 listen(imap): *:143 listen(pop3): *:110 ssl_listen(default): *:993 ssl_listen(imap): *:993 ssl_listen(pop3): *:995 ssl_cert_file: /opt/dovecot/etc/ssl/certs/dovecot.pem ssl_key_file: /opt/dovecot/etc/ssl/private/dovecot.pem ssl_cipher_list: ALL:!LOW:!SSLv2 disable_plaintext_auth: no login_dir: /opt/dovecot/var/run/dovecot/login login_executable(default): /opt/dovecot/libexec/dovecot/imap-login login_executable(imap): /opt/dovecot/libexec/dovecot/imap-login login_executable(pop3): /opt/dovecot/libexec/dovecot/pop3-login login_user: dovecota login_process_per_connection: no login_max_processes_count: 10 max_mail_processes: 25 first_valid_uid: 2000 last_valid_uid: 2000 first_valid_gid: 2000 last_valid_gid: 2000 mail_uid: 2000 mail_gid: 2000 mail_drop_priv_before_exec: yes mail_executable(default): /opt/dovecot/libexec/dovecot/imap mail_executable(imap): /opt/dovecot/libexec/dovecot/imap mail_executable(pop3): /opt/dovecot/libexec/dovecot/pop3 mail_plugins(default): fts fts_squat quota imap_quota expire mail_plugins(imap): fts fts_squat quota imap_quota expire mail_plugins(pop3): expire quota mail_plugin_dir(default): /opt/dovecot/lib/dovecot/imap mail_plugin_dir(imap): /opt/dovecot/lib/dovecot/imap mail_plugin_dir(pop3): /opt/dovecot/lib/dovecot/pop3 auth default: default_realm: flerd.com cache_size: 1024 user: dovecotl verbose: yes debug: yes passdb: driver: ldap args: /opt/dovecot/etc/dovecot-ldap.conf userdb: driver: prefetch userdb: driver: ldap args: /opt/dovecot/etc/dovecot-ldap.conf socket: type: listen client: path: /opt/dovecot/var/run/dovecot/auth-client mode: 438 master: path: /opt/dovecot/var/run/dovecot/auth-master mode: 438 user: dovecota plugin: fts: squat quota: dict:user::proxy::quotadict quota_rule: *:storage=1G quota_rule2: Trash:storage=100M expire: Trash 7 Trash/* 7 Spam 3 expire_dict: proxy::expiredict dict: quotadict: mysql:/opt/dovecot/etc/dovecot-dict-quota.conf expiredict: mysql:/opt/dovecot/etc/dovecot-dict-expire.conf Coredump: Core was generated by `imap'. Program terminated with signal 11, Segmentation fault. #0 0xfed0578c in strlen () from /lib/libc.so.1 (gdb) bt full #0 0xfed0578c in strlen () from /lib/libc.so.1 No symbol table info available. #1 0xfed5d976 in _ndoprnt () from /lib/libc.so.1 No symbol table info available. #2 0xfed60aab in vsnprintf () from /lib/libc.so.1 No symbol table info available. #3 0x0814a214 in t_noalloc_strdup_vprintf ( format=0x8163a34 "%c%u\t%u\t%d\t%s\t%s\n", args=0x804765c, size_r=0x8047620) at /var/tmp/dovecot-1.1.rc6/src/lib/strfuncs.c:120 args2 = (va_list) 0x804765c tmp = 0x818fb08 "H2\t0\t1\t" init_size = 273 ret = -21546712 #4 0x0814a2e7 in p_strdup_vprintf (pool=0x8178664, format=0x8163a34 "%c%u\t%u\t%d\t%s\t%s\n", args=0x804765c) at /var/tmp/dovecot-1.1.rc6/src/lib/strfuncs.c:139 tmp = 0xfed00460 "Z\211\020�\213��" buf = 0x8047660 "\002" size = 0 #5 0x0814a66f in t_strdup_printf (format=0x8163a34 "%c%u\t%u\t%d\t%s\t%s\n", ...=0x48) at /var/tmp/dovecot-1.1.rc6/src/lib/strfuncs.c:246 args = (va_list) 0x804765c ret = 0x0 ---Type to continue, or q to quit--- #6 0x0812e512 in client_dict_connect (dict=0x819abc8) at /var/tmp/dovecot-1.1.rc6/src/lib-dict/dict-client.c:268 query = 0x8178664 "D\206\027\b\003" #7 0x0812dfec in client_dict_send_query (dict=0x819abc8, query=0x818fae8 "Lshared/[EMAIL PROTECTED]/Trash\n") at /var/tmp/dovecot-1.1.rc6/src/lib-dict/dict-client.c:137 No locals. #8 0x0812e7f2 in client_dict_lookup (_dict=0x819abc8, pool=0x818fad8, key=0x818fab8 "shared/[EMAIL PROTECTED]/Trash", value_r=0x8047710) at /var/tmp/dovecot-1.1.rc6/src/lib-dict/dict-client.c:349 query = 0x818fae8 "Lshared/[EMAIL PROTECTED]/Trash\n" _data_stack_cur_id = 5 dict = (struct client_dict *) 0x819abc8 line = 0x80476c8 "��\030\b��\030\b\020w\004\b" ret = 135854776
[Dovecot] dovecot-auth assertion failed
Hello, I have been running some tests on a new Dovecot v1.0.13 server and have seen the following message appear in the logs a few times. It appears to occur when there are a lot of requests being sent to the LDAP servers from both Dovecot and Sendmail (I am guessing about this, since I have also seen "Server busy" messages regarding LDAP auth). dovecot: auth(default): file db-ldap.c: line 310 (ldap_conn_retry_requests): assertion failed: (conn->connected) dovecot: auth(default): Raw backtrace: dovecot-auth [0x806daf1] -> dovecot-auth [0x806da0c] -> dovecot-auth [0x8059607] -> dovecot-auth [0x8059b1d] -> dovecot-auth [0x8059b7b] -> dovecot-auth(io_loop_handler_run+0x110) [0x8070c90] -> dovecot-auth(io_loop_run+0x1c) [0x80701cc] -> dovecot-auth(main+0x2fe) [0x805b01e] -> /lib/libc.so.6(__libc_start_main+0xdc) [0x3efdec] -> dovecot-auth [0x8051161] dovecot: child 23178 (auth) killed with signal 6 Dovecot seems to recover from this error and continues to handle auth requests properly. Thanks, Eric
Re: [Dovecot] dovecot crashing?
Can anyone help with this?
On Tue, Dec 25, 2012 at 6:26 PM, Eric wrote:
> Happy holidays! I am experiencing an issue when trying to check my mail
> using IMAP. with Dovecot I have tried checking my mail using a full GUI
> client (Thunderbird) and telnet. Both times I get disconnected before all
> of my messages can be downloaded and I see an error in my mail log. Here
> are the details:
>
>
> [root@cust19-1-prod-domain userqa]# dovecot --version
> 2.0.9
>
> [root@cust19-1-prod-domain userqa]# dovecot -n
> # 2.0.9: /etc/dovecot/dovecot.conf
> # OS: Linux 2.6.18-164.11.1.el5 x86_64 CentOS release 5.4 (Final)
> disable_plaintext_auth = no
> login_trusted_networks = 172.19.136.0
> mail_location = maildir:~/Maildir
> mail_max_userip_connections = 100
> mbox_write_locks = fcntl
> mmap_disable = yes
> passdb {
> args = scheme=plain username_format=%n /etc/dovecot/users
> driver = passwd-file
> }
> protocols = imap
> ssl = no
> userdb {
> args = username_format=%n /etc/dovecot/users
> driver = passwd-file
> }
> [root@cust19-1-prod-domain userqa]#
>
> i try to check my mail:
>
> username@ops1-1-domain:~$ telnet cust19-1-prod-domain imap
> Trying 172.19.136.223...
> Connected to cust19-1-prod-domain.domain.net (172.19.136.223).
> Escape character is '^]'.
> * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE
> AUTH=PLAIN] Dovecot ready.
>
> 1 LOGIN userqa mypassword
> 1 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE
> SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT
> CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC
> ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS] Logged in
>
> 3 EXAMINE INBOX
> * FLAGS (\Answered \Flagged \Deleted \Seen \Draft)
> * OK [PERMANENTFLAGS ()] Read-only mailbox.
> * 1 EXISTS
> * 0 RECENT
> * OK [UNSEEN 1] First unseen.
> * OK [UIDVALIDITY 1356130761] UIDs valid
> * OK [UIDNEXT 5] Predicted next UID
> * OK [HIGHESTMODSEQ 1] Highest
> 3 OK [READ-ONLY] Select completed.
>
> 4 FETCH 1 BODY[]
>
> I get some binary output and some mail headers, but then it crashes..
>
> Not sure if you guys want to see all of the extremely verbose output, so I
> put it at the end of this message. The last messages that it processes is a
> message with an Excel spreadsheet attached to it (a .xlsx file)
>
> i enabled core dumps:
>
> echo 'DAEMON_COREFILE_LIMIT="unlimited"' >> /etc/sysconfig/dovecot
>
> Now I see this in /var/log/maillog:
>
> 2012-12-25T17:53:47-08:00 cust19-1-prod-domain dovecot: master: Error:
> service(imap): child 11265 killed with signal 11 (core dumped)
>
> core dumps are being written here, but they're empty:
>
> [root@cust19-1-prod-domain userqa]# pwd
> /mnt/mail/userqa
> [root@cust19-1-prod-domain userqa]# ls -lh
> total 20K
> -rw--- 1 userqa userqa0 Dec 25 17:52 core.1
> -rw--- 1 userqa userqa0 Dec 25 17:53 core.11265
> -rw--- 1 userqa userqa0 Dec 25 17:58 core.11812
> drwx-- 7 userqa userqa 4.0K Dec 25 17:58 Maildir
> [root@cust19-1-prod-domain userqa]#
>
> What should I try now? Is it possible that Dovecot is having difficulty
> processing the attachment file? If I delete this user's mailbox file and
> send basic text e-mail to the user I can read/retrieve them just fine..
> there only seems to be an issue when this message with its attachment
> arrives. The attachment seems small in size:
>
> Content-Disposition: attachment; filename="report_amex.xlsx"; size=20527;
>
>
> That means the attachment is 20527 bytes, correct?
>
> Thank you for any suggestions/help you can offer!
>
>
> Here's the message that it seems to be having issues with:
>
> Return-Path:
> Received: from mxout.mailprovider.com
> (slb1-prod-domain.domain.net[172.19.136.4])
> by cust19-1-prod-domain.domain.net (8.13.8/8.13.8) with ESMTP id
> qBOM8oIE029715
> for ; Mon, 24 Dec 2012 14:08:50
> -0800
> Received: from mxout.mailprovider.com (localhost [127.0.0.1])
> by mxout.mailprovider.com (Postfix) with ESMTP id 017E455325B
> for ; Mon, 24 Dec 2012 17:08:51
> -0500 (EST)
> X-Virus-Scanned: by SpamTitan at mail.lan
> Received: from HUB025.mail.lan (unknown [10.110.2.1])
> by mxout.mailprovider.com (Postfix) with ESMTP id 63DA0553132
> for ; Mon, 24 Dec 2012 17:08:50
> -0500 (EST)
> Received: from MAILR001.mail.lan ([10.110.18.28]) by HUB025.mail.lan
> ([10.110.17.25]) with mapi; Mon, 24 Dec 2012 17:08:48 -0500
> From: User Name
> To: "userqa_2...@integration.company.com"
>
> Dat
Re: [Dovecot] dovecot crashing?
Isn't the version I have (2.0.9) newer than 2.0.19? The newest RPM I could
find for CentOS was dovecot-2.0.9-2, not all that much newer than what I am
using. I am not opposed to upgrading, just not sure if I am seeing much in
the way of RPMs for my system that I can use to upgrade to a version that
is much newer than what I already have.
I had taken the " echo 'DAEMON_COREFILE_LIMIT="unlimited"' >>
/etc/sysconfig/dovecot" command from the Dovecot page on enabling core
dumps for Red Hat (http://www.dovecot.org/bugreport.html). I have also
added unlimited core dump files to /etc/security/limits.conf and verified
that whenever myself or anyone else opens a shell that "ulimit -c" shows an
output of "unlimited".
I don't see any mention of limits in my Dovecot init file either. The init
script came with my RPM package and I have not modified it.
Even though I have unlimited core dump files allowed, I am still getting
core files that are 0 bytes in size in the mail user's home directory. Any
idea why?
[root@imapserver ~]# su - dovecot
-bash-3.2$ ulimit -c
unlimited
-bash-3.2$ id
uid=97(dovecot) gid=97(dovecot) groups=97(dovecot)
[root@imapserver ~]# service dovecot restart
Stopping Dovecot Imap: [ OK ]
Starting Dovecot Imap: [ OK ]
$ telnet imapserver imap
Trying 1.1.1.1...
Connected to imapserver (1.1.1.1).
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE
AUTH=PLAIN] Dovecot ready.
1 LOGIN imapuser imapuserpassword
1 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE
SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT
CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTOR
E QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS] Logged
in
2 select INBOX
* FLAGS (\Answered \Flagged \Deleted \Seen \Draft)
* OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft \*)] Flags
permitted.
* 2 EXISTS
* 0 RECENT
* OK [UNSEEN 1] First unseen.
* OK [UIDVALIDITY 1356130761] UIDs valid
* OK [UIDNEXT 8] Predicted next UID
* OK [HIGHESTMODSEQ 1] Highest
2 OK [READ-WRITE] Select completed.
3 FETCH 1 BODY[]
* 1 FETCH (FLAGS (\Seen) BODY[] {39306}
. some brief message output .
Connection closed by foreign host.
And then I get an empty core file:
[root@imapserver]# pwd
/mnt/mail/imapuser
[root@imapserver]# ls -lh core*
-rw--- 1 imapuser imapuser 0 Dec 30 00:56 core.7319
On Sat, Dec 29, 2012 at 12:18 PM, Jim Lawson wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Hi Eric,
>
> On 12/25/12 9:26 PM, Eric wrote:
> > Happy holidays! I am experiencing an issue when trying to check my mail
> > using IMAP. with Dovecot I have tried checking my mail using a full GUI
> > client (Thunderbird) and telnet. Both times I get disconnected before all
> > of my messages can be downloaded and I see an error in my mail log. Here
> > are the details:
> >
> >
> > [root@cust19-1-prod-domain userqa]# dovecot --version
> > 2.0.9
>
> There have been a lot of fixes since that version; can you confirm that
> this problem is not in 2.0.19 (or better yet, 2.1.12?)
>
>
> > i enabled core dumps:
> >
> > echo 'DAEMON_COREFILE_LIMIT="unlimited"' >> /etc/sysconfig/dovecot
>
> Does that work? The point is to set "ulimit -c unlimited". I don't
> know what package you're using, but Dovecot doesn't ship with an init
> script (at least, 2.0.9 didn't.) The only thing I know of is at
> http://wiki.dovecot.org/DovecotInit, and that doesn't use /etc/sysconfig
> at all.
>
>
> >
> >
> > Now I see this in /var/log/maillog:
> >
> > 2012-12-25T17:53:47-08:00 cust19-1-prod-domain dovecot: master: Error:
> > service(imap): child 11265 killed with signal 11 (core dumped)
> >
> > core dumps are being written here, but they're empty:
>
> If you're still getting core dumps with 2.0.19, check your setting of
> "ulimit -c". It should be "unlimited" for this case. You may need to
> modify /etc/init.d/dovecot. My guess is that your
> /etc/sysconfig/dovecot modification is having no effect.
>
> Jim
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.4.12 (Darwin)
> Comment: Using GnuPG with undefined - http://www.enigmail.net/
>
> iQIcBAEBAgAGBQJQ31ASAAoJELUeD3oQ5ZpZkfIQAKEoVPO0Cldfec12WC/dGGoZ
> gdkZ10boxc+OoWP3Yhx4reWgIrvodaHaz7jxAhXGwasILXWRTP4vPxWCd77PjNNB
> JXGQpimCJZaFtcQ6PKONqqz7jqZ6zj07ZzKJeZXrSSxzmH7zrgAveA0xi3k+OGpr
> qCv60j4qlHEyw3I2FBDzO1GokpCbWS0Z3FDBUM1Zf5yFgRNSvt3FK9FQXejRwYnO
> vsNiMINO/Z5x8FLp0CfqbsQDnInAPPFV73UnGPVkFOpnswCytRX6ILNm2e9jIs9s
&
[Dovecot] Best authentication option
Dear Dovecot experts, I have a small home server debian based, with postfix/dovecot/squirrelmail installed locally and working. Dovecot is used non-secured (no imaps) but only on the 192.168.0.100 address (address of the server on the local network). I want to use squirrelmail to read my email from outside. Squirrelmail can configured to access it in particular, either through cram-md5 or login auths. In that situation, is it better (I mean more secure) to use : 1) auth mechanim = cram-md5 or 2) auth mechanism = plain (using PAM authentication for dovecot) ? That will determine my dovecot configuration. Thank you Eric
[Dovecot] Strange directory created at dovecot launch
I installed dovecot from scratch and compiled it from 1.0.0 source. Installed in /usr/local. Now everytime I launch dovecot it creates and uses /usr/local/var/lib/dovecot and /usr/local/var/run/dovecot directories. For the latter I found the modifications to do in dovecot.conf for using /var/run/dovecot instead, but for the former I see nothing about such directory in dovecot.conf. What happens ? How can I configure it so that dovecot uses /var/lib/dovecot instead ? Thank you Eric
Re: [Dovecot] Best authentication option
Thank you for your answer. What do you mean by "you may as well use 2" ? You mean both authentication options ? I though we have to decide in dovecot.conf to use one option or another one... I do force the use of my webserver (lighttpd) through https. My question was the best option between plain/PAM and cram-md5 authentications "locally". > On 02/05/2007 12:13, Eric wrote: >> Dear Dovecot experts, >> I have a small home server debian based, with >> postfix/dovecot/squirrelmail >> installed locally and working. Dovecot is used non-secured (no imaps) >> but >> only on the 192.168.0.100 address (address of the server on the local >> network). I want to use squirrelmail to read my email from outside. >> Squirrelmail can configured to access it in particular, either through >> cram-md5 or login auths. >> In that situation, is it better (I mean more secure) to use : 1) auth >> mechanim = cram-md5 or 2) auth mechanism = plain (using PAM >> authentication >> for dovecot) ? That will determine my dovecot configuration. > > What Squirrelmail can do doesn't matter, you need to get your web server > using SSL, so your password is encrypted going over the 'net to get to > your home server. Then you may as well use 2. > > Cheers, > > John. >
Re: how to fix this warnig
Chandran, How about this |# echo "fs.inotify.max_user_watches=524288" >> /etc/sysctl.conf Eric | On 11/19/2017 9:59 PM, Chandran Manikandan wrote: Increase /proc/sys/fs/inotify/max_user_instances -- Eric Broch White Horse Technical Consulting (WHTC)
Re: how to fix this warnig
524288 is arbitrary, use whatever works for you. On 11/19/2017 10:56 PM, Eric Broch wrote: Chandran, How about this |# echo "fs.inotify.max_user_watches=524288" >> /etc/sysctl.conf Eric | On 11/19/2017 9:59 PM, Chandran Manikandan wrote: Increase /proc/sys/fs/inotify/max_user_instances -- Eric Broch White Horse Technical Consulting (WHTC)
dovecot-2.3.0 'make check' error
Hello list, I've configured dovecot-2.3.0 on CentOS 6 with the following options. CFLAGS="-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic -fno-strict-aliasing" \ LDFLAGS="-Wl,-z,now -Wl,-z,relro" \ ./configure \ --docdir=/usr/share/doc/dovecot-2.3.0 \ --with-lzma \ --disable-static \ --disable-rpath \ --with-nss \ --with-shadow \ --with-pam \ --with-gssapi=plugin \ --with-ldap=plugin \ --with-sql=plugin \ --with-lua=plugin \ --with-pgsql \ --with-mysql \ --with-sqlite \ --with-vpopmail=/etc/libvpopmail \ --with-zlib \ --with-libcap \ --with-libwrap \ --with-ssl=openssl \ --with-ssldir=/etc/pki/dovecot \ --with-solr \ --with-docs and compiled with the following: # make -j2 When I run a 'make check': # make check I get the following error: make[3]: Entering directory `/root/dovecot/dovecot-ce-2.3.0/src/lib-compression' for bin in test-compression; do \ if ! /bin/sh ../../run-test.sh ../.. ./$bin; then exit 1; fi; \ done compression handler gz ... : ok compression handler bz2 .. : ok compression handler deflate .. : ok compression handler xz ... : ok gz concat : ok gz no concat . : ok gz large header .. : ok 0 / 7 tests failed ==4468== Conditional jump or move depends on uninitialised value(s) ==4468== at 0x3A6160ACB2: ??? (in /usr/lib64/liblzma.so.0.0.0) ==4468== by 0x3A6160AEA9: ??? (in /usr/lib64/liblzma.so.0.0.0) ==4468== by 0x3A61603121: ??? (in /usr/lib64/liblzma.so.0.0.0) ==4468== by 0x3A616061A0: ??? (in /usr/lib64/liblzma.so.0.0.0) ==4468== by 0x3A61605212: lzma_easy_encoder (in /usr/lib64/liblzma.so.0.0.0) ==4468== by 0x406ACF: o_stream_create_lzma (ostream-lzma.c:206) ==4468== by 0x403D89: test_compression_handler (test-compression.c:36) ==4468== by 0x4040BD: test_compression (test-compression.c:96) ==4468== by 0x408281: test_run_funcs (test-common.c:244) ==4468== by 0x4083E0: test_run (test-common.c:315) ==4468== by 0x40398B: main (test-compression.c:308) ==4468== Failed to run: ./test-compression make[3]: *** [check-local] Error 1 make[3]: Leaving directory `/root/dovecot/dovecot-ce-2.3.0/src/lib-compression' make[2]: *** [check-am] Error 2 make[2]: Leaving directory `/root/dovecot/dovecot-ce-2.3.0/src/lib-compression' make[1]: *** [check-recursive] Error 1 make[1]: Leaving directory `/root/dovecot/dovecot-ce-2.3.0/src' make: *** [check-recursive] Error 1 Has anyone seen the above error and/or, Can anyone give me a reason why it's occurring? -- Eric Broch White Horse Technical Consulting (WHTC)
Creating users on the fly, for testing?
I'm trying to set up a reproducible test environment for a MUA I'm working on, with accounts and dummy data that can be trashed and restored while testing. I'd like to exercise the IMAP client part of the MUA, and am looking into using a local dovecot instance to do that. I'm trying to make this as minimal-config as possible: ideally the test environment could create a dummy (virtual) user, insert dummy message data, allow the MUA to log in and manipulate the messages, and then destroy both user and message data at the end of the session. I have the sense that I'll be able to get there by shipping a custom config file along with the test library, that sets up a virtual user with a mail_location under /tmp, and then all operations are done with dovecot -c customconfig.conf Then the temp folder is trashed at the end of the session. Is this likely to work? Is anything likely to bite me? Thanks, Eric
ssl_dh required, even though DH is disabled.
Here's my config:
# 2.3.2 (582970113): /etc/dovecot/dovecot.conf
# OS: Linux 4.17.5-1-ARCH x86_64 Arch Linux
# Hostname: vault
passdb {
driver = pam
}
protocols = imap
service imap-login {
inet_listener imap {
port = 0
}
}
ssl = required
ssl_cert = , rip=10.0.0.1, lip=10.0.0.2, session=<4sGi5/9w3pwKAAAB>
While providing an ssl_dh is only a minor annoyance, it would be nice if
I didn't have to.
make check (pigeonhole)
Hello list, During the 'make check' (pigeonhole) portion of a building (rpmbuild) a dovecot.spec file I'm getting the following error: testsuite(root): Fatal: Couldn't drop privileges: User is missing UID (see mail_uid setting) I'm not sure how to resolve this, and any help would be appreciated to help me finish the creating the rpm -- Eric Broch White Horse Technical Consulting (WHTC)
Re: make check (pigeonhole)
Anyone? On 9/8/2018 7:36 PM, Eric Broch wrote: Hello list, During the 'make check' (pigeonhole) portion of a building (rpmbuild) a dovecot.spec file I'm getting the following error: testsuite(root): Fatal: Couldn't drop privileges: User is missing UID (see mail_uid setting) I'm not sure how to resolve this, and any help would be appreciated to help me finish the creating the rpm -- Eric Broch White Horse Technical Consulting (WHTC)
Re: make check (pigeonhole)
: test_init_mail_user (test-edit-mail.c:66) ==29930== by 0x403205: test_init (test-edit-mail.c:103) ==29930== by 0x4036DA: test_edit_mail_concatenated (test-edit-mail.c:187) ==29930== by 0x524D8B1: test_run_funcs (test-common.c:244) ==29930== by 0x524E280: test_run (test-common.c:315) ==29930== by 0x402FE5: main (test-edit-mail.c:765) ==29930== ==29930== 2,048 bytes in 1 blocks are possibly lost in loss record 72 of 77 ==29930== at 0x4C2B9B5: calloc (vg_replace_malloc.c:711) ==29930== by 0x5277456: block_alloc.isra.1 (mempool-alloconly.c:254) ==29930== by 0x527751D: pool_alloconly_malloc (mempool-alloconly.c:283) ==29930== by 0x528AA66: p_malloc (mempool.h:99) ==29930== by 0x528AA66: p_strconcat (strfuncs.c:223) ==29930== by 0x51F40ED: settings_parse_keyvalue (settings-parser.c:845) ==29930== by 0x51F50E0: settings_parse_environ (settings-parser.c:1103) ==29930== by 0x51ED247: master_service_settings_read (master-service-settings.c:648) ==29930== by 0x51EE3A9: master_service_settings_cache_read (master-service-settings-cache.c:387) ==29930== by 0x4E874BF: mail_storage_service_read_settings (mail-storage-service.c:1085) ==29930== by 0x4E87745: mail_storage_service_lookup_real (mail-storage-service.c:1249) ==29930== by 0x4E88795: mail_storage_service_lookup (mail-storage-service.c:1441) ==29930== by 0x403223: test_init_mail_user (test-edit-mail.c:71) ==29930== by 0x403223: test_init (test-edit-mail.c:103) ==29930== ==29930== 6,144 bytes in 1 blocks are possibly lost in loss record 74 of 77 ==29930== at 0x4C2B9B5: calloc (vg_replace_malloc.c:711) ==29930== by 0x5277456: block_alloc.isra.1 (mempool-alloconly.c:254) ==29930== by 0x527768C: pool_alloconly_create (mempool-alloconly.c:138) ==29930== by 0x4E876FA: mail_storage_service_lookup_real (mail-storage-service.c:1238) ==29930== by 0x4E88795: mail_storage_service_lookup (mail-storage-service.c:1441) ==29930== by 0x403223: test_init_mail_user (test-edit-mail.c:71) ==29930== by 0x403223: test_init (test-edit-mail.c:103) ==29930== by 0x4036DA: test_edit_mail_concatenated (test-edit-mail.c:187) ==29930== by 0x524D8B1: test_run_funcs (test-common.c:244) ==29930== by 0x524E280: test_run (test-common.c:315) ==29930== by 0x402FE5: main (test-edit-mail.c:765) ==29930== ==29930== 12,288 bytes in 1 blocks are possibly lost in loss record 75 of 77 ==29930== at 0x4C2B9B5: calloc (vg_replace_malloc.c:711) ==29930== by 0x5277456: block_alloc.isra.1 (mempool-alloconly.c:254) ==29930== by 0x527768C: pool_alloconly_create (mempool-alloconly.c:138) ==29930== by 0x51EDD31: master_service_settings_cache_init (master-service-settings-cache.c:75) ==29930== by 0x4E87541: mail_storage_service_read_settings (mail-storage-service.c:1073) ==29930== by 0x4E87745: mail_storage_service_lookup_real (mail-storage-service.c:1249) ==29930== by 0x4E88795: mail_storage_service_lookup (mail-storage-service.c:1441) ==29930== by 0x403223: test_init_mail_user (test-edit-mail.c:71) ==29930== by 0x403223: test_init (test-edit-mail.c:103) ==29930== by 0x4036DA: test_edit_mail_concatenated (test-edit-mail.c:187) ==29930== by 0x524D8B1: test_run_funcs (test-common.c:244) ==29930== by 0x524E280: test_run (test-common.c:315) ==29930== by 0x402FE5: main (test-edit-mail.c:765) ==29930== ==29930== 16,384 bytes in 1 blocks are possibly lost in loss record 76 of 77 ==29930== at 0x4C2B9B5: calloc (vg_replace_malloc.c:711) ==29930== by 0x5277456: block_alloc.isra.1 (mempool-alloconly.c:254) ==29930== by 0x527768C: pool_alloconly_create (mempool-alloconly.c:138) ==29930== by 0x51ED84C: master_service_settings_read (master-service-settings.c:580) ==29930== by 0x51EE3A9: master_service_settings_cache_read (master-service-settings-cache.c:387) ==29930== by 0x4E874BF: mail_storage_service_read_settings (mail-storage-service.c:1085) ==29930== by 0x4E87745: mail_storage_service_lookup_real (mail-storage-service.c:1249) ==29930== by 0x4E88795: mail_storage_service_lookup (mail-storage-service.c:1441) ==29930== by 0x403223: test_init_mail_user (test-edit-mail.c:71) ==29930== by 0x403223: test_init (test-edit-mail.c:103) ==29930== by 0x4036DA: test_edit_mail_concatenated (test-edit-mail.c:187) ==29930== by 0x524D8B1: test_run_funcs (test-common.c:244) ==29930== by 0x524E280: test_run (test-common.c:315) ==29930== Failed to run: ./test-edit-mail *Note: Previous versions of pigeonhole did a 'make check' successfully even the first version of 2.3 (CE). Pigeonhole v0.5.1 and v0.5.2 fail on CentOS 7 Help would be appreciated. On 9/9/2018 3:11 PM, Eric Broch wrote: Anyone? On 9/8/2018 7:36 PM, Eric Broch wrote: Hello list, During the 'make check' (pigeonhole) portion of a building (rpmbuild) a dovecot.spec file I'm getting the following error: testsuite(root): Fatal: Couldn't drop privileges: User is mi
Re: make check (pigeonhole)
I attempted as non-root user and got the exact same error. On 9/10/2018 9:10 AM, Aki Tuomi wrote: Have you attempted this as non-root user? --- Aki Tuomi Dovecot oy -- Eric Broch White Horse Technical Consulting (WHTC)
Re: make check (pigeonhole)
I did so as non-root user and got the same error. On 9/10/2018 9:10 AM, Aki Tuomi wrote: Have you attempted this as non-root user? --- Aki Tuomi Dovecot oy Original message From: Eric Broch Date: 10/09/2018 18:03 (GMT+02:00) To: dovecot@dovecot.org Subject: Re: make check (pigeonhole) Dovecot list, 1) I downloaded latest dovecot and pigeonhole tar balls and extracted on latest updated CentOS 7 : dovecot-2.3.2.1.tar.gz and dovecot-2.3-pigeonhole-0.5.2.tar.gz 2) I moved pigeonhole (dovecot-2.3-pigeonhole-0.5.2) directory into dovecot (dovecot-2.3.2.1) directory 3) built dovecot with following config and paramerters: patch -p1 < ../../SOURCES/dovecot-2.0-defaultconfig.patch patch -p1 < ../../SOURCES/dovecot-1.0.beta2-mkcert-permissions.patch patch -p1 < ../../SOURCES/dovecot-2.2.27-mkcert-paths.patch sed -i '/DEFAULT_INCLUDES *=/s|$| '"$(pkg-config --cflags libclucene-core)|" src/plugins/fts-lucene/Makefile.in #export CFLAGS="-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -fno-strict-aliasing" #export LDFLAGS="-Wl,-z,now -Wl,-z,relro -Wl,-z,relro" aclocal --install -I m4 autoreconf -I . -fiv ./configure \ INSTALL_DATA="install -c -p -m644" \ --docdir=/usr/share/doc/dovecot-2.3.2.1 \ --disable-static \ --disable-rpath \ --with-nss \ --with-shadow \ --with-pam \ --with-gssapi=plugin \ --with-ldap=plugin \ --with-sql=plugin \ --with-lua=plugin \ --with-pgsql \ --with-mysql \ --with-sqlite \ --with-vpopmail=/etc/libvpopmail \ --with-zlib \ --with-libcap \ --with-libwrap \ --with-lucene \ --with-ssl=openssl \ --with-ssldir=/etc/pki/dovecot \ --with-solr \ --with-systemdsystemunitdir=/usr/lib/systemd/system \ --with-docs sed -i 's|/etc/ssl|/etc/pki/dovecot|' doc/mkcert.sh doc/example-config/conf.d/10-ssl.conf make -j3 4) built pigeon hole with the following paramters: # required for snapshot [ -f configure ] || autoreconf -fiv [ -f ChangeLog ] || echo "Pigeonhole ChangeLog is not available, yet" >ChangeLog ./configure \ INSTALL_DATA="install -c -p -m644" \ --disable-static \ --with-dovecot=../ \ --with-ldap=plugin \ --without-unfinished-features make -j3 5) during 'make check' of pigeonhole got the following error: make[3]: Entering directory `/root/rpmbuild/SRPMS/dovecot-2.3.2.1/dovecot-2.3-pigeonhole-0.5.2/src/lib-sieve/util' for bin in test-edit-mail; do \ if ! /bin/sh ../../../run-test.sh ../../.. ./$bin; then exit 1; fi; \ done test-edit-header(root): Error: Cannot lookup test user: Mail access for users with UID 89 not permitted (see first_valid_uid in config file, uid from mail_uid setting). ../../../run-test.sh: line 27: 29930 Segmentation fault (core dumped) valgrind -q --trace-children=yes --leak-check=full --log-file=test.out.$$ $noundef $* ==29930== Invalid read of size 8 ==29930== at 0x404699: mail_raw_user_create (mail-raw.c:142) ==29930== by 0x40325B: test_init (test-edit-mail.c:105) ==29930== by 0x4036DA: test_edit_mail_concatenated (test-edit-mail.c:187) ==29930== by 0x524D8B1: test_run_funcs (test-common.c:244) ==29930== by 0x524E280: test_run (test-common.c:315) ==29930== by 0x402FE5: main (test-edit-mail.c:765) ==29930== Address 0xb8 is not stack'd, malloc'd or (recently) free'd ==29930== ==29930== ==29930== Process terminating with default action of signal 11 (SIGSEGV) ==29930== Access not within mapped region at address 0xB8 ==29930== at 0x404699: mail_raw_user_create (mail-raw.c:142) ==29930== by 0x40325B: test_init (test-edit-mail.c:105) ==29930== by 0x4036DA: test_edit_mail_concatenated (test-edit-mail.c:187) ==29930== by 0x524D8B1: test_run_funcs (test-common.c:244) ==29930== by 0x524E280: test_run (test-common.c:315) ==29930== by 0x402FE5: main (test-edit-mail.c:765) ==29930== If you believe this happened as a result of a stack ==29930== overflow in your program's main thread (unlikely but ==29930== possible), you can try to increase the size of the ==29930== main thread stack using the --main-stacksize= flag. ==29930== The main thread stack size used in t
Re: make check (pigeonhole)
Any news on this error on CentOS 7 ? Help! On 9/10/2018 9:32 AM, Eric Broch wrote: I attempted as non-root user and got the exact same error. On 9/10/2018 9:10 AM, Aki Tuomi wrote: Have you attempted this as non-root user? --- Aki Tuomi Dovecot oy -- Eric Broch White Horse Technical Consulting (WHTC) -- Eric Broch White Horse Technical Consulting (WHTC)
Re: make check (pigeonhole)
I'll give those a look and make change accordingly. On 9/11/2018 9:26 PM, Aki Tuomi wrote: You know we have rpm packages for 2.3.2.1 available at https://repo.dovecot.org if you are in a hurry? --- Aki Tuomi Dovecot oy Original message From: Eric Broch Date: 12/09/2018 00:35 (GMT+02:00) To: dovecot@dovecot.org Subject: Re: make check (pigeonhole) Any news on this error on CentOS 7 ? Help! On 9/10/2018 9:32 AM, Eric Broch wrote: I attempted as non-root user and got the exact same error. On 9/10/2018 9:10 AM, Aki Tuomi wrote: Have you attempted this as non-root user? --- Aki Tuomi Dovecot oy -- Eric Broch White Horse Technical Consulting (WHTC) -- Eric Broch White Horse Technical Consulting (WHTC) -- Eric Broch White Horse Technical Consulting (WHTC)
Re: make check (pigeonhole)
Hi Aki, I needed this patch <https://src.fedoraproject.org/cgit/rpms/dovecot.git/tree/dovecot-2.3.0.1-libxcrypt.patch> (fedora): |diff -up dovecot-2.3.0.1/src/auth/mycrypt.c.libxcrypt dovecot-2.3.0.1/src/auth/mycrypt.c --- dovecot-2.3.0.1/src/auth/mycrypt.c.libxcrypt 2018-02-28 15:28:58.0 +0100 +++ dovecot-2.3.0.1/src/auth/mycrypt.c 2018-03-27 10:57:38.447769201 +0200 @@ -14,6 +14,7 @@ # define _XPG6 /* Some Solaris versions require this, some break with this */ #endif #include +#include #include "mycrypt.h" All works well now. Thanks for your help Eric | On 9/12/2018 12:35 AM, Aki Tuomi wrote: I tried reproducing your problem and I only can make it happen if I run the test suite as root, which is not supported. Aki On 12.09.2018 06:49, Eric Broch wrote: I'll give those a look and make change accordingly. On 9/11/2018 9:26 PM, Aki Tuomi wrote: You know we have rpm packages for 2.3.2.1 available at https://repo.dovecot.org if you are in a hurry? --- Aki Tuomi Dovecot oy Original message From: Eric Broch Date: 12/09/2018 00:35 (GMT+02:00) To: dovecot@dovecot.org Subject: Re: make check (pigeonhole) Any news on this error on CentOS 7 ? Help! On 9/10/2018 9:32 AM, Eric Broch wrote: I attempted as non-root user and got the exact same error. On 9/10/2018 9:10 AM, Aki Tuomi wrote: Have you attempted this as non-root user? --- Aki Tuomi Dovecot oy -- Eric Broch White Horse Technical Consulting (WHTC) -- Eric Broch White Horse Technical Consulting (WHTC) -- Eric Broch White Horse Technical Consulting (WHTC) -- Eric Broch White Horse Technical Consulting (WHTC)
Re: make check (pigeonhole)
Must be non root user as well On 9/12/2018 1:05 PM, Aki Tuomi wrote: Ok. We have that fix as well but for other reasons. Good to know this. --- Aki Tuomi Dovecot oy Original message From: Eric Broch Date: 12/09/2018 21:36 (GMT+02:00) To: Aki Tuomi , dovecot@dovecot.org Subject: Re: make check (pigeonhole) Hi Aki, I needed this patch <https://src.fedoraproject.org/cgit/rpms/dovecot.git/tree/dovecot-2.3.0.1-libxcrypt.patch> (fedora): |diff -up dovecot-2.3.0.1/src/auth/mycrypt.c.libxcrypt dovecot-2.3.0.1/src/auth/mycrypt.c --- dovecot-2.3.0.1/src/auth/mycrypt.c.libxcrypt 2018-02-28 15:28:58.0 +0100 +++ dovecot-2.3.0.1/src/auth/mycrypt.c 2018-03-27 10:57:38.447769201 +0200 @@ -14,6 +14,7 @@ # define _XPG6 /* Some Solaris versions require this, some break with this */ #endif #include +#include #include "mycrypt.h" All works well now. Thanks for your help Eric | On 9/12/2018 12:35 AM, Aki Tuomi wrote: I tried reproducing your problem and I only can make it happen if I run the test suite as root, which is not supported. Aki On 12.09.2018 06:49, Eric Broch wrote: I'll give those a look and make change accordingly. On 9/11/2018 9:26 PM, Aki Tuomi wrote: You know we have rpm packages for 2.3.2.1 available at https://repo.dovecot.org if you are in a hurry? --- Aki Tuomi Dovecot oy Original message From: Eric Broch Date: 12/09/2018 00:35 (GMT+02:00) To: dovecot@dovecot.org Subject: Re: make check (pigeonhole) Any news on this error on CentOS 7 ? Help! On 9/10/2018 9:32 AM, Eric Broch wrote: I attempted as non-root user and got the exact same error. On 9/10/2018 9:10 AM, Aki Tuomi wrote: Have you attempted this as non-root user? --- Aki Tuomi Dovecot oy -- Eric Broch White Horse Technical Consulting (WHTC) -- Eric Broch White Horse Technical Consulting (WHTC) -- Eric Broch White Horse Technical Consulting (WHTC) -- Eric Broch White Horse Technical Consulting (WHTC) -- Eric Broch White Horse Technical Consulting (WHTC)
vpopmail
Hello list, I run Dovecot with the vpopmail driver and have found that it authenticates against the clear text password in the vpopmail database. Is there a configuration option either at compile time, link time, or a setting in one of the configuration files that tells the program to authenticate against the hash instead of the clear text? -- Eric Broch White Horse Technical Consulting (WHTC)
Re: vpopmail
On 10/4/2018 6:34 AM, Rick Romero wrote:
Quoting Aki Tuomi <mailto:aki.tu...@open-xchange.com>>:
On 03.10.2018 23:30, Eric Broch wrote:
Hello list,
I run Dovecot with the vpopmail driver and have found that it
authenticates against the clear text password in the vpopmail
database. Is there a configuration option either at compile time, link
time, or a setting in one of the configuration files that tells the
program to authenticate against the hash instead of the clear text?
Prefix your passwords in vpopmail with {SCHEME} (like, {CRYPT})
Aki
Or use SQL - then you don't have to munge any of your tools.
password_query =
SELECT CONCAT(pw_name, '@', pw_domain) AS user, pw_passwd AS password,
pw_dir as userdb_home, 89 as userdb_uid, 89 as userdb_gid
FROM vpopmail WHERE pw_name = '%n' AND pw_domain = '%d' AND !(pw_gid &
8) AND !(pw_gid & 2) AND ('%r'!='' or !(pw_gid & 4))
pw_gid refers to the the binary vpopmail flags for disable POP, IMAP,
Webmail.
Rick
When configuring vpopmail for our purposes we use (now) the
configuration option:
--disable-many-domains Creates a table for each virtual domain instead of
storing all users in a single table.
Only valid for MySQL and PostgreSQL
This disallows (I think) the use Dovecot MySQL configuration file as every user
is stored in a domain table of the form 'mydomain_tld'.
So, we're limited to these configurations (no dovecot-mysql.conf.ext) :
passdb {
args = cache_key=%u webmail=127.0.0.1
driver = vpopmail
}
userdb {
args = cache_key=%u quota_template=quota_rule=*:backend=%q
driver = vpopmail
}
If there is a clear text password (pw_clear_passwd) present it seems that
Dovecot will use that instead of using the hash (pw_passwd).
It seems that in the code 'passdb-vpopmail.c' (below) that if the clear
password (pw_clear_passwd) is present Dovecot skips the hashed password
(pw_passwd), and we want authentication against the hashed password.
if (vpopmail_is_disabled(auth_request, vpw)) {
auth_request_log_info(auth_request, AUTH_SUBSYS_DB,
"%s disabled in vpopmail for this user",
auth_request->service);
password = NULL;
*result_r = PASSDB_RESULT_USER_DISABLED;
} else {
if (vpw->pw_clear_passwd != NULL &&
*vpw->pw_clear_passwd != '\0') {
password = t_strdup_noconst(vpw->pw_clear_passwd);
*cleartext = TRUE;
} else if (!*cleartext)
password = t_strdup_noconst(vpw->pw_passwd);
else
password = NULL;
*result_r = password != NULL ? PASSDB_RESULT_OK :
PASSDB_RESULT_SCHEME_NOT_AVAILABLE;
}
Looking for an option to make dovecot use hashed password instead of clear text.
Hope this makes sense.
-EricB
--
Eric Broch
White Horse Technical Consulting (WHTC)
Re: vpopmail
On 10/4/2018 7:27 AM, Rick Romero wrote:
Quoting Eric Broch <mailto:ebr...@whitehorsetc.com>>:
On 10/4/2018 6:34 AM, Rick Romero wrote:
Quoting Aki Tuomi <mailto:aki.tu...@open-xchange.com>>:
On 03.10.2018 23:30, Eric Broch wrote:
Hello list,
I run Dovecot with the vpopmail driver and have found that it
authenticates against the clear text password in the vpopmail
database. Is there a configuration option either at compile time, link
time, or a setting in one of the configuration files that tells the
program to authenticate against the hash instead of the clear text?
Prefix your passwords in vpopmail with {SCHEME} (like, {CRYPT})
Aki
Or use SQL - then you don't have to munge any of your tools.
password_query =
SELECT CONCAT(pw_name, '@', pw_domain) AS user, pw_passwd AS password,
pw_dir as userdb_home, 89 as userdb_uid, 89 as userdb_gid
FROM vpopmail WHERE pw_name = '%n' AND pw_domain = '%d' AND !(pw_gid &
8) AND !(pw_gid & 2) AND ('%r'!='' or !(pw_gid & 4))
pw_gid refers to the the binary vpopmail flags for disable POP, IMAP,
Webmail.
Rick
Rick,
I'm not sure what you're saying.
Vpopmail's DB can be configured in two different ways, 1) With domain
tables and all users for that particular domain underneath (described
below), or 2) Simply, one table with all users with the domain field
'pw_domain' (This works with dovecot-sql.conf.ext files). The former
(1), which we use does not allow the use of dovecot-sql.conf.ext files,
we're limited to userdb and passwd options previously mentioned. When
using these options dovecot will get the clear text password if present.
The problem is that if a password is over 16 characters long the clear
text field will only store the first 16 characters while the hashed
field will contain the whole password.
# echo "describe domain_tld" | mysql -u root -p`cat vpoppasswd` vpopmail
yeilds
Field Type Null Key Default Extra
pw_name char(32) NO PRI NULL
pw_passwd char(40) YES NULL
pw_uid int(11) YES NULL
pw_gid int(11) YES NULL
pw_gecos char(48) YES NULL
pw_dir char(160) YES NULL
pw_shell char(20) YES NULL
pw_clear_passwd char(16) YES NULL
As you can see there is no 'pw_domain' field from which to draw.
Again we are limited to the passdb, and userdb options already described.
When configuring vpopmail for our purposes we use (now) the
configuration option:
--disable-many-domains Creates a table for each virtual domain instead of
storing all users in a single table.
Only valid for MySQL and PostgreSQL
This disallows (I think) the use Dovecot MySQL configuration file as every user
is stored in a domain table of the form 'mydomain_tld'.
So, we're limited to these configurations (no dovecot-mysql.conf.ext) :
passdb {
args = cache_key=%u webmail=127.0.0.1
driver = vpopmail
}
userdb {
args = cache_key=%u quota_template=quota_rule=*:backend=%q
driver = vpopmail
}
If there is a clear text password (pw_clear_passwd) present it seems that
Dovecot will use that instead of using the hash (pw_passwd).
It seems that in the code 'passdb-vpopmail.c' (below) that if the clear
password (pw_clear_passwd) is present Dovecot skips the hashed password
(pw_passwd), and we want authentication against the hashed password.
if (vpopmail_is_disabled(auth_request, vpw)) {
auth_request_log_info(auth_request, AUTH_SUBSYS_DB,
"%s disabled in vpopmail for this user",
auth_request->service);
password = NULL;
*result_r = PASSDB_RESULT_USER_DISABLED;
} else {
if (vpw->pw_clear_passwd != NULL &&
*vpw->pw_clear_passwd != '\0') {
password = t_strdup_noconst(vpw->pw_clear_passwd);
*cleartext = TRUE;
} else if (!*cleartext)
password = t_strdup_noconst(vpw->pw_passwd);
else
password = NULL;
*result_r = password != NULL ? PASSDB_RESULT_OK :
PASSDB_RESULT_SCHEME_NOT_AVAILABLE;
}
Looking for an option to make dovecot use hashed password instead of clear text.
Hope this makes sense.
-EricB
We seem to have lost quoting..
First - Why aren't you just deleting all the clear text passwords?
Second, for many domanis, my password query for your purposes should just be:
SELECT CONCAT(pw_name, '@', pw_domain) AS user, pw_passwd AS password, pw_dir
as userdb_home, 89 as us
Re: vpopmail
On 10/4/2018 7:27 AM, Rick Romero wrote:
Quoting Eric Broch <mailto:ebr...@whitehorsetc.com>>:
On 10/4/2018 6:34 AM, Rick Romero wrote:
Quoting Aki Tuomi <mailto:aki.tu...@open-xchange.com>>:
On 03.10.2018 23:30, Eric Broch wrote:
Hello list,
I run Dovecot with the vpopmail driver and have found that it
authenticates against the clear text password in the vpopmail
database. Is there a configuration option either at compile time, link
time, or a setting in one of the configuration files that tells the
program to authenticate against the hash instead of the clear text?
Prefix your passwords in vpopmail with {SCHEME} (like, {CRYPT})
Aki
Or use SQL - then you don't have to munge any of your tools.
password_query =
SELECT CONCAT(pw_name, '@', pw_domain) AS user, pw_passwd AS password,
pw_dir as userdb_home, 89 as userdb_uid, 89 as userdb_gid
FROM vpopmail WHERE pw_name = '%n' AND pw_domain = '%d' AND !(pw_gid &
8) AND !(pw_gid & 2) AND ('%r'!='' or !(pw_gid & 4))
pw_gid refers to the the binary vpopmail flags for disable POP, IMAP,
Webmail.
Rick
When configuring vpopmail for our purposes we use (now) the
configuration option:
--disable-many-domains Creates a table for each virtual domain instead of
storing all users in a single table.
Only valid for MySQL and PostgreSQL
This disallows (I think) the use Dovecot MySQL configuration file as every user
is stored in a domain table of the form 'mydomain_tld'.
So, we're limited to these configurations (no dovecot-mysql.conf.ext) :
passdb {
args = cache_key=%u webmail=127.0.0.1
driver = vpopmail
}
userdb {
args = cache_key=%u quota_template=quota_rule=*:backend=%q
driver = vpopmail
}
If there is a clear text password (pw_clear_passwd) present it seems that
Dovecot will use that instead of using the hash (pw_passwd).
It seems that in the code 'passdb-vpopmail.c' (below) that if the clear
password (pw_clear_passwd) is present Dovecot skips the hashed password
(pw_passwd), and we want authentication against the hashed password.
if (vpopmail_is_disabled(auth_request, vpw)) {
auth_request_log_info(auth_request, AUTH_SUBSYS_DB,
"%s disabled in vpopmail for this user",
auth_request->service);
password = NULL;
*result_r = PASSDB_RESULT_USER_DISABLED;
} else {
if (vpw->pw_clear_passwd != NULL &&
*vpw->pw_clear_passwd != '\0') {
password = t_strdup_noconst(vpw->pw_clear_passwd);
*cleartext = TRUE;
} else if (!*cleartext)
password = t_strdup_noconst(vpw->pw_passwd);
else
password = NULL;
*result_r = password != NULL ? PASSDB_RESULT_OK :
PASSDB_RESULT_SCHEME_NOT_AVAILABLE;
}
Looking for an option to make dovecot use hashed password instead of clear text.
Hope this makes sense.
-EricB
We seem to have lost quoting..
First - Why aren't you just deleting all the clear text passwords?
Second, for many domanis, my password query for your purposes should just be:
SELECT CONCAT(pw_name, '@', pw_domain) AS user, pw_passwd AS password, pw_dir
as userdb_home, 89 as userdb_uid, 89 as userdb_gid
FROM %d WHERE pw_name = '%n' AND pw_domain = '%d' AND !(pw_gid & 8) AND !(pw_gid & 2) AND
('%r'!='' or !(pw_gid & 4))
Where %d is the domain name. Your vpopmail database should have a bunch of
domain.com table names.
Or you can hardcode the database with FROM vpopmail.%d
You may need to play with quotes.. FROM `vpopmail.%d` or FROM `%d`
Rick
I think we're getting to the crux.
The domain tables are not in 'domain.com' form but in 'domain_com' form
(who knows why the vpopmail authors would do that)...users being in the
table.
So, if I add a virtual domain (our vpopmail configuration
'--disable-many-domains') to my mail server, e.g., 'mydomain.com',
vpopmail creates a domain table 'mydomain_com', the '.' (dot) replaced
by an '_' (underscore).
That's why the SQL query above will not work. If there were a way (and I
don't know it) to replace the '.' with an '_' in the query we could go
that way. Until then we have to simply use the current dovecot vpopmail
driver
instead of the more robust sql driver.
Again, the vpopmail driver will use the clear text password (if present)
and not bother with the hashed password.
One solution as you mentioned was to delete the clear text, but I simply
wanted to avoid messing with the database and implement a more simple
configuration option.
Thank you, Rick
--EricB
--
Eric Broch
White Horse Technical Consulting (WHTC)
Panic: file istream-seekable.c: line 226
Hi,
I have a lot of Panic in my logs.
They happen almost every day and never on the same user.
When it happens, the mail is not distributed (it's always lda).
I discovered it because my Sympa server had a lot of users in error.
The last error (below) was a local user sending a mail to 10 users : 3
of them
never get the email.
I've looked into my logs and discovered it started after the upgrade
from 2.2.27 to 2.3.4 in february. I'm on Debian.
This week, I installed the dovecot repo and upgraded to the very last
and same thing. The error below happened after the latest upgrade.
An example :
Nov 25 11:33:07 mx.igf.cnrs.fr dovecot:
lda(username_hidden)<4653>: Panic: file
istream-seekable.c: line 230 (read_from_buffer): assertion failed:
(*ret_r > 0)
Nov 25 11:33:07 mx.igf.cnrs.fr dovecot:
lda(sebastien.granier)<4653>: Error: Raw
backtrace: /usr/lib/dovecot/libdovecot.so.0(backtrace_append+0x3d)
[0x7f49a56d4eed] -> /usr/lib/dovecot/libdovecot.so.0(backtrace_get+0x1e)
[0x7f49a56d500e] -> /usr/lib/dovecot/libdovecot.so.0(+0xf465b)
[0x7f49a56de65b] -> /usr/lib/dovecot/libdovecot.so.0(+0xf46c1)
[0x7f49a56de6c1] -> /usr/lib/dovecot/libdovecot.so.0(+0x514a6)
[0x7f49a563b4a6] -> /usr/lib/dovecot/libdovecot.so.0(+0x53cfb)
[0x7f49a563dcfb] -> /usr/lib/dovecot/libdovecot.so.0(+0x1074a1)
[0x7f49a56f14a1] -> /usr/lib/dovecot/libdovecot.so.0(+0x1078f6)
[0x7f49a56f18f6] -> /usr/lib/dovecot/libdovecot.so.0(i_stream_stat+0x34)
[0x7f49a56eaab4] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0xb1396)
[0x7f49a5852396] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0xb1472)
[0x7f49a5852472] ->
/usr/lib/dovecot/libdovecot-storage.so.0(mail_get_physical_size+0x38)
[0x7f49a57ef0c8] -> /usr/lib/dovecot/libdovecot-lda.so.0(+0x4005)
[0x7f49a5907005] ->
/usr/lib/dovecot/libdovecot-lda.so.0(mail_deliver_init+0x141)
[0x7f49a5908101] -> /usr/lib/dovecot/deliver(main+0x879)
[0x562d1c0e6f99] ->
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xeb) [0x7f49a543e09b]
-> /usr/lib/dovecot/deliver(_start+0x2a) [0x562d1c0e76ea]
My configuration :
dovecot -n
# 2.3.11.3 (502c39af9): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.11 (6c69c917)
# OS: Linux 4.19.0-9-amd64 x86_64 Debian 10.6
# Hostname: mx.igf.cnrs.fr
auth_username_format =
disable_plaintext_auth = no
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
mail_location = maildir:~/maildir
mail_plugins = fts
mail_privileged_group = mail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date index ihave duplicate mime foreverypart
extracttext
namespace inbox {
inbox = yes
location =
mailbox Ads {
auto = subscribe
}
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
separator = .
type = private
}
passdb {
driver = pam
}
plugin {
sieve = file:~/sieve;active=~/.dovecot.sieve
sieve_after = /etc/dovecot/sieve.d
}
protocols = " imap sieve pop3 sieve"
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0666
user = postfix
}
}
service imap-login {
process_min_avail = 16
service_count = 0
}
service managesieve-login {
inet_listener sieve {
port = 4190
}
}
service stats {
unix_listener stats-reader {
group = dovecot
mode = 0666
user = root
}
unix_listener stats-writer {
group = dovecot
mode = 0666
user = root
}
}
ssl_cert = https://www.igf.cnrs.fr
Panic file istream-seekable.c
Hi,
I still have the same problem/message. I've got no answer from my
previous mail.
It happens generally when the list server send multiple messages in
a small amount of time.
130 mails failed, 200 ok.
Should it be a config problem, an OS problem or anything else ?
It runs on Debian buster.
I run the latest version (from dovecot repo)
I upgraded this morning to 2.3.13 and the problem is still there :
Jan 4 15:57:18 mx.igf.cnrs.fr dovecot:
lda(sophie.nicole)<13773>:
Error: i_stream_seekable_write_failed: close((&sstream->fd))
@ istream-seekable.c:251 failed (fd=9): Bad file descriptor
Jan 4 15:57:18 mx.igf.cnrs.fr dovecot:
lda(sophie.nicole)<13773>:
Panic: file istream-seekable.c: line 231 (read_from_buffer):
assertion failed: (*ret_r > 0)
Jan 4 15:57:18 mx.igf.cnrs.fr dovecot:
lda(sophie.nicole)<13773>:
Error: Raw backtrace:
/usr/lib/dovecot/libdovecot.so.0(backtrace_append+0x3d)
[0x7f679208761d] ->
/usr/lib/dovecot/libdovecot.so.0(backtrace_get+0x1e)
[0x7f679208773e] -> /usr/lib/dovecot/libdovecot.so.0(+0xfa79b)
[0x7f679209379b] -> /usr/lib/dovecot/libdovecot.so.0(+0xfa801)
[0x7f6792093801] -> /usr/lib/dovecot/libdovecot.so.0(+0x52e30)
[0x7f6791febe30] -> /usr/lib/dovecot/libdovecot.so.0(+0x555af)
[0x7f6791fee5af] -> /usr/lib/dovecot/libdovecot.so.0(+0x10cfb1)
[0x7f67920a5fb1] -> /usr/lib/dovecot/libdovecot.so.0(+0x10d406)
[0x7f67920a6406] ->
/usr/lib/dovecot/libdovecot.so.0(i_stream_stat+0x34)
[0x7f679209fbc4] ->
/usr/lib/dovecot/libdovecot-storage.so.0(+0xb1536) [0x7f679220a536]
-> /usr/lib/dovecot/libdovecot-storage.so.0(+0xb1612)
[0x7f679220a612] ->
/usr/lib/dovecot/libdovecot-storage.so.0(mail_get_physical_size+0x38)
[0x7f67921a71c8] -> /usr/lib/dovecot/libdovecot-lda.so.0(+0x4015)
[0x7f67922c1015] ->
/usr/lib/dovecot/libdovecot-lda.so.0(mail_deliver_init+0x141)
[0x7f67922c2111] -> /usr/lib/dovecot/deliver(main+0x879)
[0x55d4bf4b5f99] ->
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xeb)
[0x7f6791ded09b] -> /usr/lib/dovecot/deliver(_start+0x2a)
[0x55d4bf4b66ea]
dovecot -n
# 2.3.13 (89f716dc2): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.13 (cdd19fe3)
# OS: Linux 4.19.0-9-amd64 x86_64 Debian 10.7
# Hostname: mx.igf.cnrs.fr
auth_username_format =
disable_plaintext_auth = no
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
mail_location = maildir:~/maildir
mail_plugins = fts
mail_privileged_group = mail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date index ihave duplicate mime foreverypart
extracttext
namespace inbox {
inbox = yes
location =
mailbox Ads {
auto = subscribe
}
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
separator = .
type = private
}
passdb {
driver = pam
}
plugin {
sieve = file:~/sieve;active=~/.dovecot.sieve
sieve_after = /etc/dovecot/sieve.d
}
protocols = " imap sieve pop3 sieve"
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0666
user = postfix
}
}
service imap-login {
process_min_avail = 16
service_count = 0
}
service managesieve-login {
inet_listener sieve {
port = 4190
}
}
service stats {
unix_listener stats-reader {
group = dovecot
mode = 0666
user = root
}
unix_listener stats-writer {
group = dovecot
mode = 0666
user = root
}
}
ssl_cert =
ssl_dh = # hidden, use -P to show it
ssl_key = # hidden, use -P to show it
syslog_facility = local2
userdb {
driver = passwd
}
verbose_proctitle = yes
protocol lda {
mail_plugins = fts sieve
syslog_facility = local2
}
--
Eric Mauger | Administrateur système et réseau
IGF UMR5203 | https://www.igf.cnrs.fr
Re: status of test code
make check On 1/9/2021 11:47 AM, st...@keptprivate.com wrote: Hi, I'm continuing to try to build 2.3.13 with a source RPM. At this point I've taken the source zip file and I'm working with the previously working qmailtoaster SPEC file and RPM build process. The toaster SPEC file runs the built-in dovecot tests after build... 2.3.11 would make it through all the tests with a few minor exceptions. 2.3.13 seems no longer able to run the test is lib-ssl-iostream or lib-lua (and perhaps others, but that's as far as I've gotten). I can selectively disable the tests to make progress, but it raises the question of what the plans are for the built-in tests. Also, I continue to not be able to find where all the testing is turned on/off at once? I'm sure it will be obvious when someone tells me but please tell me, because I'm pulling my hair out. Steve
Re: SQL-AUTH driver replace for VPOPMAIL-AUTH
Pablo,
Can you share your dovecot-sql.conf.ext file for 'one table for each
domain'.
Eric
On 2/10/2021 9:24 AM, Pablo Murillo wrote:
Hi Aki
Don't work, but you give me a new idea
I set default_pass_scheme = PLAIN on dovecot-sql.conf.ext anda I send
the pass encrypted and now is working !
On 2/10/2021 3:34 AM, Aki Tuomi wrote:
Return the password with {CRAM-MD5} or {MD5-CRYPT} prefix, then
dovecot will know the password scheme.
Aki
On 10/02/2021 05:04 Pablo Murillo wrote:
Hi
I'm made a lot of test trying to get SLQ auth driver work with
vpopmail/mysql configured with many domains (one table for each domain)
Finally I made it work, but ... only with PLAIN password
Is there a way to make SQL auth work with vpopmail/mysql tables with
encrypted password (CRAM-MD5 / MD5-CRYPT) ?
Thanks
Pablo Murillo
--
This email has been checked for viruses by AVG.
https://www.avg.com
Test for implicit keep within a sieve script
Hi folks, Is there a good way to test for an implicit keep in a sieve script ? At the end of my sieve script, if a message still has an implicit keep, it will end up in my inbox, and I would like to push a notification. Right now I am doing this with an ad-hoc variable that is essentially emulating the implicit keep, is there a better way to do this ? Thanks! Eric
Re: sieve-filter ignores -u argument
I read the sieve-filter man page so I'll speculate. Granted, I still don't fully understand how sieve and virtual users work as I have never set this up. "postmaster" is an alias of root and "vmail" is probably just a directory name. So, from the root's command prompt, the environment variables probably aren't totally set up for sieve-filter to understand virtual users. So, working from the command prompt, you probably have to explicitly specify the .sieve path and leave off the -u argument # cd /location_of_virtual_user_INBOX # sieve-filter -v /opt/some_global_rules/sieve/managesieve.sieve INBOX Would is be great if seive-filter had an argument to understand the system's virual user's settings? Of course. I don't know why the developer haven't included it. -Eric On 1/24/2022 7:59 AM, Андрей Куницын wrote: Hello I try to test my sieve script, but found out that it is impossible to use a sieve-filter tool with virtual mail users. It always uses a real user name instead of passed via -u argument. # sieve-filter -v -u postmas...@domain.tld ~/sieve/managesieve.sieve INBOX sieve-filter(root): Fatal: Unknown user sudo -u vmail sieve-filter -u postmas...@domain.tld ~/sieve/managesieve.sieve INBOX sieve-filter(vmail): Fatal: Unknown user Also there is the same question on serverfault, but without an answer. https://serverfault.com/questions/1055407/how-to-make-sieve-filter-use-virtual-users My environment is Ubuntu 20.04 dovecot --version 2.3.7.2 (3c910f64b) -- Sincerely, Andrey Kunitsyn
Re: Dovecot v2.2.36.1 released
Aki, What's the difference between 2.2.x and 2.3.x version of Dovecot? And why do you maintain both? I stopped building RPM's of the 2.2.x version and now only build 2.3.x. Should I be maintaining both? Eric On 2/5/2019 6:01 AM, Aki Tuomi wrote: https://dovecot.org/releases/2.2/dovecot-2.2.36.1.tar.gz https://dovecot.org/releases/2.2/dovecot-2.2.36.1.tar.gz.sig * CVE-2019-3814: If imap/pop3/managesieve/submission client has trusted certificate with missing username field (ssl_cert_username_field), under some configurations Dovecot mistakenly trusts the username provided via authentication instead of failing. * ssl_cert_username_field setting was ignored with external SMTP AUTH, because none of the MTAs (Postfix, Exim) currently send the cert_username field. This may have allowed users with trusted certificate to specify any username in the authentication. This bug didn't affect Dovecot's Submission service. - pop3_no_flag_updates=no: Don't expunge RETRed messages without QUIT - director: Kicking a user assert-crashes if login process is very slow - lda/lmtp: Fix assert-crash with some Sieve scripts when mail_attachment_detection_options=add-flags-on-save - fs-compress: Using maybe-gz assert-crashed when reading 0 sized file - Snippet generation crashed with invalid Content-Type:multipart --- Aki Tuomi Open-Xchange Oy -- Eric Broch White Horse Technical Consulting (WHTC)
Re: Dovecot v2.2.36.1 released
Thank you! On 2/5/2019 8:43 AM, Aki Tuomi wrote: Hi, as per our EOL statement 2.2.36 receives security and critical updates. That said, we decided to flush few annoying bugs with .1 release. You do not need to build releases for 2.2. Aki On 05 February 2019 at 17:36 Eric Broch < ebr...@whitehorsetc.com <mailto:ebr...@whitehorsetc.com>> wrote: Aki, What's the difference between 2.2.x and 2.3.x version of Dovecot? And why do you maintain both? I stopped building RPM's of the 2.2.x version and now only build 2.3.x. Should I be maintaining both? Eric On 2/5/2019 6:01 AM, Aki Tuomi wrote: https://dovecot.org/releases/2.2/dovecot-2.2.36.1.tar.gz https://dovecot.org/releases/2.2/dovecot-2.2.36.1.tar.gz.sig * CVE-2019-3814: If imap/pop3/managesieve/submission client has trusted certificate with missing username field (ssl_cert_username_field), under some configurations Dovecot mistakenly trusts the username provided via authentication instead of failing. * ssl_cert_username_field setting was ignored with external SMTP AUTH, because none of the MTAs (Postfix, Exim) currently send the cert_username field. This may have allowed users with trusted certificate to specify any username in the authentication. This bug didn't affect Dovecot's Submission service. - pop3_no_flag_updates=no: Don't expunge RETRed messages without QUIT - director: Kicking a user assert-crashes if login process is very slow - lda/lmtp: Fix assert-crash with some Sieve scripts when mail_attachment_detection_options=add-flags-on-save - fs-compress: Using maybe-gz assert-crashed when reading 0 sized file - Snippet generation crashed with invalid Content-Type:multipart > --- Aki Tuomi Open-Xchange Oy > -- Eric Broch White Horse Technical Consulting (WHTC) --- Aki Tuomi -- Eric Broch White Horse Technical Consulting (WHTC)
Getting an extprogram script to work
Hi all,
I'm trying to do the same thing everyone else is: having rspamd
learn_ham or learn_spam depending on where I move a message. My current
problem is that Dovecot seems to be reporting success, but nothing ever
happens -- the script somehow fails to run.
I'm currently using a dummy script that just writes a file to /tmp,
until I can get this much working, at least. My bin_dir:
-
me@server:/usr/lib/dovecot/sieve# ls -l
total 40
drwxr-xr-x 2 root root 4096 Jan 21 03:35 ./
drwxr-xr-x 4 root root 12288 Aug 29 06:28 ../
-rw-r--r-- 1 root root 112 Jan 21 02:17 report-ham.sieve
-rw-r--r-- 1 root root 250 Jan 21 02:17 report-ham.svbin
-rw-r--r-- 1 root root 112 Jun 3 2019 report-spam.sieve
-rw-r--r-- 1 root root 258 Jun 3 2019 report-spam.svbin
-rwxr-xr-x 1 root root 105 Jan 21 03:35 rspamd_ham.sh*
-rwxr-xr-x 1 root root43 Jun 3 2019 rspamd_spam.sh*
-
Then the report-ham.sieve script:
-
require ["vnd.dovecot.pipe", "copy", "imapsieve", "fileinto"];
pipe :copy "rspamd_ham.sh";
#fileinto "INBOX";
-
And the dummy rspamd_ham.sh script:
-
#!/bin/bash
#exec /usr/bin/rspamc learn_ham
tim=`date +%M-%S`
echo "${1}" > "/tmp/${tim}_results.txt"
-
I can confirm the above script works correctly when run from the command
line, both as root and the vmail user. When run as part of the sieve
process, no errors are reported, but no file is created under /tmp. From
the logs:
-
Debug: sieve: Sieve imapsieve plugin for Pigeonhole version 0.4.21 (92477967)
loaded
Debug: sieve: Sieve Extprograms plugin for Pigeonhole version 0.4.21 (92477967)
loaded
...
Debug: learn/ham: Mailbox opened because: SELECT
Debug: imapsieve: mailbox learn/ham: APPEND event
Debug: imapsieve: Matched static mailbox rule [1]
Debug: sieve: file storage: Using Sieve script path:
/usr/lib/dovecot/sieve/report-ham.sieve
Debug: sieve: file script: Opened script `report-ham' from
`/usr/lib/dovecot/sieve/report-ham.sieve'
Debug: sieve: Opening script 1 of 1 from
`/usr/lib/dovecot/sieve/report-ham.sieve'
Debug: sieve: Loading script /usr/lib/dovecot/sieve/report-ham.sieve
Debug: sieve: Script binary /usr/lib/dovecot/sieve/report-ham.svbin
successfully loaded
Debug: sieve: binary save: not saving binary
/usr/lib/dovecot/sieve/report-ham.svbin, because it is already stored
Debug: sieve: Executing script from `/usr/lib/dovecot/sieve/report-ham.svbin'
Debug: sieve: action pipe: running program: rspamd_ham.sh
Debug: Mailbox learn/ham: Opened mail UID=249 because: mail stream
Debug: waiting for program `/usr/lib/dovecot/sieve/rspamd_ham.sh' to finish
after 0 msecs
sieve: pipe action: piped message to program `rspamd_ham.sh'
Debug: learn/ham: Mailbox opened because: lib-lda delivery
sieve: left message in mailbox 'learn/ham'
-
Near as I can tell, the first time this runs after a dovecot restart, I
get this error instead:
Error: write(program stdin) failed: Broken pipe
Error: sieve: pipe action: failed to program `rspamd_ham.sh': refer to server
log for more information.
But that only happens once, then it behaves as above.
The "Opened mail UID=XXX" bit changes UID (increments monotonically?)
every time.
I think that ought to be everything but my dovecot -n. Thanks in advance
for any help.
# 2.2.33.2 (d6601f4ec): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.21 (92477967)
# OS: Linux 4.15.0-1057-aws x86_64 Ubuntu 18.04.3 LTS ext4
auth_mechanisms = plain login
auth_username_chars =
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@+
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
lmtp_save_to_detail_mailbox = yes
mail_debug = yes
mail_home = /var/mail/vmail/%d/%n
mail_location = maildir:/var/mail/vmail/%d/%n/mail:LAYOUT=fs
mail_plugins = " quota"
mail_prefetch_count = 20
mail_privileged_group = mail
mailbox_list_index = yes
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy
include variables body enotify environment mailbox date index ihave duplicate
mime foreverypart extracttext imapsieve vnd.dovecot.imapsieve
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
}
passdb {
args = scheme=ssha512 username_format=%u /etc/dovecot/passwd.db
driver = passwd-file
}
plugin {
imapsieve_mailbox1_before = file:/usr/lib/dovecot/sieve/report-ham.sieve
imapsieve_mailbox1_causes = APPEND
imapsieve_mailbox1_name = learn/ham
quota_rule = *:storage=5G
quota_rule2 = Trash:ignore
quota_rule3 = Junk:ignore
quota_status_nouser = DUNNO
quota_status_ov
Re: Ms Exchange vs dovecot
The U.S. government is lawless and the Cloud Act is meaningless, like U.S. Constitution. The laws are written to placate the masses, to delude U.S. citizens into thinking they're still free. There is no privacy in the United States and all major corporations, the courts, and the alphabet agencies are in bed together. Assume the worst about them. Microsoft and Bill Gates are like inoperable tumors. Eric On 5/8/2020 4:49 PM, Peter wrote: Am 08.05.20 um 23:52 schrieb Bernd Petrovitsch: I assume you are aware of https://en.wikipedia.org/wiki/CLOUD_Act so using software from (heavily) US-based companies implies that all data (controlled by said companies) will - sooner or later - end up in the databases of US-3-letter-organizations. So forget about GDPR compliance with such software providers. Curiously, the linked wiki page says to the contrary, quote: The CLOUD Act […] provides mechanisms for the companies or the courts to reject or challenge these [warrants by US-3-letter-organizations] if they believe the request violates the privacy rights of the foreign country the data is stored in.
Re: v2.2.26 release candidate released
Compiled on CentOS 6 and CentOS 7 successfully.
On 10/19/2016 3:01 PM, Timo Sirainen wrote:
http://dovecot.org/releases/2.2/rc/dovecot-2.2.26.rc1.tar.gz
http://dovecot.org/releases/2.2/rc/dovecot-2.2.26.rc1.tar.gz.sig
There are quite a lot of changes since v2.2.25. Please try out this RC so we
can get a good and stable v2.2.26 out.
* master: Removed hardcoded 511 backlog limit for listen(). The kernel
should limit this as needed.
* doveadm import: Source user is now initialized the same as target
user. Added -U parameter to override the source user.
* Mailbox names are no longer limited to 16 hierarchy levels. We'll
check another way to make sure mailbox names can't grow larger than
4096 bytes.
+ Added a concept of "alternative usernames" by returning user_* extra
field(s) in passdb. doveadm proxy list shows these alt usernames in
"doveadm proxy list" output. "doveadm director&proxy kick" adds
-f parameter. The alt usernames don't have to be
unique, so this allows creation of user groups and kicking them in
one command.
+ auth: passdb/userdb dict allows now %variables in key settings.
+ auth: If passdb returns noauthenticate=yes extra field, assume that
it only set extra fields and authentication wasn't actually performed.
+ auth: passdb static now supports password={scheme} prefix.
+ imapc: Added imapc_max_line_length to limit maximum memory usage.
+ imap, pop3: Added rawlog_dir setting to store IMAP/POP3 traffic logs.
This replaces at least partially the rawlog plugin.
+ dsync: Added dsync_features=empty-header-workaround setting. This
makes incremental dsyncs work better for servers that randomly return
empty headers for mails. When an empty header is seen for an existing
mail, dsync assumes that it matches the local mail.
+ doveadm sync/backup: Added -I parameter to skip too
large mails.
+ doveadm sync/backup: Fixed -t parameter and added -e for "end date".
+ doveadm mailbox metadata: Added -s parameter to allow accessing
server metadata by using empty mailbox name.
- master process's listener socket was leaked to all child processes.
This might have allowed untrusted processes to capture and prevent
"doveadm service stop" comands from working.
- auth: userdb fields weren't passed to auth-workers, so %{userdb:*}
from previous userdbs didn't work there.
- auth: Each userdb lookup from cache reset its TTL.
- auth: Fixed auth_bind=yes + sasl_bind=yes to work together
- auth: Blocking userdb lookups reset extra fields set by previous
userdbs.
- auth: Cache keys didn't include %{passdb:*} and %{userdb:*}
- auth-policy: Fixed crash due to using already-freed memory if policy
lookup takes longer than auth request exists.
- lib-auth: Unescape passdb/userdb extra fields. Mainly affected
returning extra fields with LFs or TABs.
- lmtp_user_concurrency_limit>0 setting was logging unnecessary
anvil errors.
- lmtp_user_concurrency_limit is now checked before quota check with
lmtp_rcpt_check_quota=yes to avoid unnecessary quota work.
- lmtp: %{userdb:*} variables didn't work in mail_log_prefix
- autoexpunge settings for mailboxes with wildcards didn't work when
namespace prefix was non-empty.
- Fixed writing >2GB to iostream-temp files (used by fs-compress,
fs-metawrap, doveadm-http)
- director: Ignore duplicates in director_servers setting.
- zlib, IMAP BINARY: Fixed internal caching when accessing multiple
newly created mails. They all had UID=0 and the next mail could have
wrongly used the previously cached mail.
- doveadm stats reset wasn't reseting all the stats.
- auth_stats=yes: Don't update num_logins, since it doubles them when
using with mail stats.
- quota count: Fixed deadlocks when updating vsize header.
- dict-quota: Fixed crashes happening due to memory corruption.
- dict proxy: Fixed various timeout-related bugs.
- doveadm proxying: Fixed -A and -u wildcard handling.
- doveadm proxying: Fixed hangs and bugs related to printing.
- imap: Fixed wrongly triggering assert-crash in
client_check_command_hangs.
- imap proxy: Don't send ID command pipelined with nopipelining=yes
- imap-hibernate: Don't execute quota_over_script or last_login after
un-hibernation.
- imap-hibernate: Don't un-hibernate if client sends DONE+IDLE in one
IP packet.
- imap-hibernate: Fixed various failures when un-hibernating.
- fts: fts_autoindex=yes was broken in 2.2.25 unless
Re: v2.2.26 release candidate released
On 10/20/2016 10:34 PM, Aki Tuomi wrote:
On October 21, 2016 at 6:27 AM Tamsy wrote:
Timo Sirainen wrote on 20.10.2016 04:01:
http://dovecot.org/releases/2.2/rc/dovecot-2.2.26.rc1.tar.gz
http://dovecot.org/releases/2.2/rc/dovecot-2.2.26.rc1.tar.gz.sig
There are quite a lot of changes since v2.2.25. Please try out this RC so we
can get a good and stable v2.2.26 out.
* master: Removed hardcoded 511 backlog limit for listen(). The kernel
should limit this as needed.
* doveadm import: Source user is now initialized the same as target
user. Added -U parameter to override the source user.
* Mailbox names are no longer limited to 16 hierarchy levels. We'll
check another way to make sure mailbox names can't grow larger than
4096 bytes.
+ Added a concept of "alternative usernames" by returning user_* extra
field(s) in passdb. doveadm proxy list shows these alt usernames in
"doveadm proxy list" output. "doveadm director&proxy kick" adds
-f parameter. The alt usernames don't have to be
unique, so this allows creation of user groups and kicking them in
one command.
+ auth: passdb/userdb dict allows now %variables in key settings.
+ auth: If passdb returns noauthenticate=yes extra field, assume that
it only set extra fields and authentication wasn't actually performed.
+ auth: passdb static now supports password={scheme} prefix.
+ imapc: Added imapc_max_line_length to limit maximum memory usage.
+ imap, pop3: Added rawlog_dir setting to store IMAP/POP3 traffic logs.
This replaces at least partially the rawlog plugin.
+ dsync: Added dsync_features=empty-header-workaround setting. This
makes incremental dsyncs work better for servers that randomly return
empty headers for mails. When an empty header is seen for an existing
mail, dsync assumes that it matches the local mail.
+ doveadm sync/backup: Added -I parameter to skip too
large mails.
+ doveadm sync/backup: Fixed -t parameter and added -e for "end date".
+ doveadm mailbox metadata: Added -s parameter to allow accessing
server metadata by using empty mailbox name.
- master process's listener socket was leaked to all child processes.
This might have allowed untrusted processes to capture and prevent
"doveadm service stop" comands from working.
- auth: userdb fields weren't passed to auth-workers, so %{userdb:*}
from previous userdbs didn't work there.
- auth: Each userdb lookup from cache reset its TTL.
- auth: Fixed auth_bind=yes + sasl_bind=yes to work together
- auth: Blocking userdb lookups reset extra fields set by previous
userdbs.
- auth: Cache keys didn't include %{passdb:*} and %{userdb:*}
- auth-policy: Fixed crash due to using already-freed memory if policy
lookup takes longer than auth request exists.
- lib-auth: Unescape passdb/userdb extra fields. Mainly affected
returning extra fields with LFs or TABs.
- lmtp_user_concurrency_limit>0 setting was logging unnecessary
anvil errors.
- lmtp_user_concurrency_limit is now checked before quota check with
lmtp_rcpt_check_quota=yes to avoid unnecessary quota work.
- lmtp: %{userdb:*} variables didn't work in mail_log_prefix
- autoexpunge settings for mailboxes with wildcards didn't work when
namespace prefix was non-empty.
- Fixed writing >2GB to iostream-temp files (used by fs-compress,
fs-metawrap, doveadm-http)
- director: Ignore duplicates in director_servers setting.
- zlib, IMAP BINARY: Fixed internal caching when accessing multiple
newly created mails. They all had UID=0 and the next mail could have
wrongly used the previously cached mail.
- doveadm stats reset wasn't reseting all the stats.
- auth_stats=yes: Don't update num_logins, since it doubles them when
using with mail stats.
- quota count: Fixed deadlocks when updating vsize header.
- dict-quota: Fixed crashes happening due to memory corruption.
- dict proxy: Fixed various timeout-related bugs.
- doveadm proxying: Fixed -A and -u wildcard handling.
- doveadm proxying: Fixed hangs and bugs related to printing.
- imap: Fixed wrongly triggering assert-crash in
client_check_command_hangs.
- imap proxy: Don't send ID command pipelined with nopipelining=yes
- imap-hibernate: Don't execute quota_over_script or last_login after
un-hibernation.
- imap-hibernate: Don't un-hibernate if client sends DONE+IDLE in one
IP packet.
- imap-hibernate: Fixed various failures when un-hibernating.
- fts: fts_autoindex=ye
Re: Good email client to use with Dovecot?
Steve Litt writes: > Hi all, > > When I use an email client, its purpose is as a window into my Dovecot > IMAP, and as a mechanism to reply to and send emails. I don't do > filtering or calendaring on my email client (filtering via procmail > direct to Dovecot). > > What email clients are all of you using to look at your IMAP email? Someone's got to mention Emacs and Gnus. I suppose it's unlikely anyone's going to pick up Emacs just to use the mail client, but it's a great mail client. Grossly configurable, and handles IMAP accounts well.
CentOS 7
Hello List, I'm building a dovecot-2.2.27 RPM for CentOS 7 and running into some issues The dovecot.spec (http://pkgs.fedoraproject.org/cgit/rpms/dovecot.git/tree/dovecot.spec) file runs 'autoreconf -I . -fiv' for aarch64 support just before the %configure option but is failing This worked fine on <= 2.2.26.0 when there was an m4/*.m4 directory (with *.m4 in it) in the sources. Is there something I should be aware of? Was the m4 directory removed for a reason? As a workaround I created the m4 directory and everything worked out, but is this the best solution? Eric
Re: CentOS 7
Thanks Alexey! Worked a charm. On 12/4/2016 12:29 AM, Alexey Asemov (Alex/AT) wrote: Hello Eric, For me, aclocal --install -I m4 preparation step helps and seems to be correct. Certain autoconf version scripts perform this step later than needed.
doveadm
Hello list,
I'm interested in setting up dovecot replication but when I run the command
doveadm user '*', which is necessary as indicated here:
http://wiki2.dovecot.org/Replication, I get the following output:
Error: User listing returned failure
Fatal: user listing failed
It also indicates the following on the wiki2: "Make sure that user
listing is configured for your userdb, this is required by replication
to find the list of users that are periodically replicated"
I use a vpopmail backup so the question is how do I "Make sure that user
listing is configured for...userdb"?
This is my userdb settings for vpopmail:
userdb {
args = cache_key=%u quota_template=quota_rule=*:backend=%q
driver = vpopmail
}
Thank-you
Eric
Re: doveadm
On 12/8/2016 8:31 AM, Eric Broch wrote:
Hello list,
I'm interested in setting up dovecot replication but when I run the
command
doveadm user '*', which is necessary as indicated here:
http://wiki2.dovecot.org/Replication, I get the following output:
Error: User listing returned failure
Fatal: user listing failed
It also indicates the following on the wiki2: "Make sure that user
listing is configured for your userdb, this is required by replication
to find the list of users that are periodically replicated"
I use a vpopmail backup so the question is how do I "Make sure that
user listing is configured for...userdb"?
This is my userdb settings for vpopmail:
userdb {
args = cache_key=%u quota_template=quota_rule=*:backend=%q
driver = vpopmail
}
Thank-you
Eric
Can anyone help me with this?
My settings (doveconf -n):
auth_cache_size = 32 M
auth_mechanisms = plain login digest-md5 cram-md5
first_valid_gid = 89
first_valid_uid = 89
log_path = /var/log/dovecot.log
login_greeting = Dovecot toaster ready.
mail_plugins = " quota replication notify"
namespace {
inbox = yes
location =
prefix =
separator = .
type = private
}
passdb {
args = cache_key=%u webmail=127.0.0.1
driver = vpopmail
}
plugin {
quota = maildir:ignore=Trash
quota_rule = ?:storage=0
}
protocols = imap pop3
ssl_cert =
Re: Dovecot 2.2.27 & windows 10 outlook (no auth attempts in 0 secs) error.
On 12/12/2016 10:42 AM, Aki Tuomi wrote:
On 12.12.2016 16:21, Mart Pirita wrote:
Edit: When using win8, then logs started appear in dovecot.rawlog. But
as win10 gives error in ssl level, before user authentication, then no
debug logs will be written into user dovecot.rawlog folder.
So how to debug this ssl issue?
Aki Tuomi wrote:
https://wiki2.dovecot.org/Debugging/Rawlog
can you try this to get rawlogs to find out what happens?
Aki
I'm bit confused, how this rawlog works. I did:
doveadm user -u kaka
userdb: kaka
user : kaka
system_groups_user: kaka
uid : 566
gid : 566
home : /home/kaka
ls -al /home/kaka
total 16
drwx--4 kaka kaka 4096 Dec 12 15:36 .
drwxr-xr-x 12 root root 4096 Dec 12 12:41 ..
drwx--2 kaka kaka 4096 Dec 12 12:41 dovecot.rawlog
drwx--2 kaka kaka 4096 Dec 12 12:41 Maildir
Added into dovecot.conf:
protocol imap {
rawlog_dir = /tmp/rawlog/%u
}
service imap {
executable = imap postlogin
}
service postlogin {
executable = script-login -d rawlog
unix_listener postlogin {
}
}
But /tmp/rawlog/kaka/ and /home/kaka/dovecot.rawlog/ are empty. What did
I miss?
The whole conf:
listen = *
plugin {
mail_log_events = delete undelete expunge copy mailbox_delete
mailbox_rename
mail_log_group_events = no
mail_log_fields = uid box msgid size from subject vsize
}
login_log_format_elements = %u %r %m %c
service imap-login {
inet_listener imap {
port = 0
}
inet_listener imaps {
port = 993
ssl = yes
}
}
service pop3-login {
inet_listener pop3 {
port = 110
}
inet_listener pop3s {
port = 995
ssl = yes
}
}
service lmtp {
unix_listener lmtp {
}
}
service imap {
executable = imap postlogin
}
service pop3 {
}
service postlogin {
executable = script-login -d rawlog
unix_listener postlogin {
}
}
service auth {
unix_listener auth-userdb {
}
unix_listener /var/spool/postfix/private/auth {
mode = 0666
user = postfix
group = postfix
}
}
service auth-worker {
}
service dict {
unix_listener dict {
}
}
disable_plaintext_auth = no
auth_cache_size = 1024
auth_cache_ttl = 1 hour
auth_cache_negative_ttl = 1 hour
auth_failure_delay = 60 secs
auth_mechanisms = plain login
passdb {
driver = pam
args = cache_key=%u%r%s *
}
userdb {
driver = passwd
}
mail_location = maildir:~/Maildir
mail_plugin_dir = /usr/lib/dovecot
mail_plugins = $mail_plugins mail_log notify
maildir_very_dirty_syncs = yes
protocol imap {
mail_max_userip_connections = 90
imap_logout_format = bytes=%i/%o
imap_client_workarounds = tb-extra-mailbox-sep delay-newmail
rawlog_dir = /tmp/rawlog/%u
}
protocol pop3 {
pop3_logout_format = bytes=%i/%o, del=%d/%m, size=%s
mail_max_userip_connections = 9
pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
}
ssl_cert =
This sounds like issue with SSL itself. Is your certificate
self-signed or issued by some trusted CA?
Aki
I don't mean to but in but my dovecot-2.2.27 running on CentOS 6/CentOS
7 with Outlook 2007/2013 is working just fine.
Also, Outlook doesn't allow storage of a certificate like Thunderbird
but it does allow you to accept it (every time one opens Outlook) and open.
Re: Vpopmail Error
Same error on CentOS 7 On 4/10/2017 2:55 PM, Bobber wrote: I'm trying to compile the latest Dovecot (v2.2.29) and when I run make I get this error: auth-userdb-vpopmail.o: In function `userdb_vpopmail_get_quota': /usr/local/src/dovecot-2.2.29/src/auth/userdb-vpopmail.c:64: undefined reference to `var_expand_table_build' collect2: error: ld returned 1 exit status Makefile:932: recipe for target 'auth' failed make[3]: *** [auth] Error 1 make[3]: Leaving directory '/usr/local/src/dovecot-2.2.29/src/auth' Makefile:496: recipe for target 'all-recursive' failed make[2]: *** [all-recursive] Error 1 make[2]: Leaving directory '/usr/local/src/dovecot-2.2.29/src' Makefile:619: recipe for target 'all-recursive' failed make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory '/usr/local/src/dovecot-2.2.29' Makefile:463: recipe for target 'all' failed make: *** [all] Error 2 I'm using Debian Jessie and it's up to date. Just to make sure it wasn't something in Jessie I went back into v2.2.28 (which I've been using since it was released) and did a clean build successfully. I've never had any problems compiling dovecot up until now. Any ideas on how to fix this? -- Eric Broch, IMSO, DAM, NGOO, DITH, URTS White Horse Technical Consulting (WHTC)
Re: Vpopmail Error
Is this the fix perhaps, Anyone? https://github.com/dovecot/core/commit/79fe1b28df44ba22b230326bee895583c1df5a28 On 4/10/2017 4:40 PM, Eric Broch wrote: Same error on CentOS 7 On 4/10/2017 2:55 PM, Bobber wrote: I'm trying to compile the latest Dovecot (v2.2.29) and when I run make I get this error: auth-userdb-vpopmail.o: In function `userdb_vpopmail_get_quota': /usr/local/src/dovecot-2.2.29/src/auth/userdb-vpopmail.c:64: undefined reference to `var_expand_table_build' collect2: error: ld returned 1 exit status Makefile:932: recipe for target 'auth' failed make[3]: *** [auth] Error 1 make[3]: Leaving directory '/usr/local/src/dovecot-2.2.29/src/auth' Makefile:496: recipe for target 'all-recursive' failed make[2]: *** [all-recursive] Error 1 make[2]: Leaving directory '/usr/local/src/dovecot-2.2.29/src' Makefile:619: recipe for target 'all-recursive' failed make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory '/usr/local/src/dovecot-2.2.29' Makefile:463: recipe for target 'all' failed make: *** [all] Error 2 I'm using Debian Jessie and it's up to date. Just to make sure it wasn't something in Jessie I went back into v2.2.28 (which I've been using since it was released) and did a clean build successfully. I've never had any problems compiling dovecot up until now. Any ideas on how to fix this? -- Eric Broch, IMSO, DAM, NGOO, DITH, URTS White Horse Technical Consulting (WHTC)
Re: Vpopmail Error
into v2.2.28 (which I've been using since it was released) and did a clean build successfully. I've never had any problems compiling dovecot up until now. Any ideas on how to fix this? Fixed by https://github.com/dovecot/core/commit/892ba92f54b853dd7cf860eca771e441ca9632aa -- *Bob Wooldridge* Blog: http://kc0dxf.net/blog/ -- *Bob Wooldridge* Blog: http://kc0dxf.net/blog/ -- Eric Broch, IMSO, DAM, NGOO, DITH, URTS White Horse Technical Consulting (WHTC)
Re: v2.2.30.1 released
Built on CentOS 7 without a hitch. On 5/31/2017 7:24 AM, Timo Sirainen wrote: https://dovecot.org/releases/2.2/dovecot-2.2.30.1.tar.gz https://dovecot.org/releases/2.2/dovecot-2.2.30.1.tar.gz.sig Due to some release process changes I didn't notice that one important bugfix wasn't included in the v2.2.30 release branch before I made the release. So fixing it here with v2.2.30.1. Also included another less important fix. - quota_warning scripts weren't working in v2.2.30 - vpopmail still wasn't compiling Also I guess should mention that in v2.2.30+ the "script" service's protocol changed to a new version. If anyone had written their own script services (not using the included "script" binary) they would need some changes. I haven't heard of anyone having done that though. -- Eric Broch White Horse Technical Consulting (WHTC)
Re: 2.2.30.2 fails to compile on centos 7
It compiled fine for me using rpmbuild on CentOS 7 On 6/6/2017 6:39 PM, Peter wrote: On 07/06/17 10:52, Matt Bryant wrote: Just downloaded the latest release 2.2.30.2, ran ./configure with all defaults and make ... and it fails to build .. error somewhere whilst running Makefile in lib-http Just built fine for me. I'll give you a link once I get it pushed out to GhettoForge. libtool: link: gcc -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -Wl,--as-needed -o test-http-server-errors test-http-server-errors.o -Wl,--export-dynamic ./.libs/libhttp.a ../lib-dns/.libs/libdns.a ../lib-ssl-iostream/.libs/libssl_iostream.a ../lib-master/.libs/libmaster.a ../lib-settings/.libs/libsettings.a ../lib-test/.libs/libtest.a ../lib/.libs/liblib.a -ldl collect2: error: ld returned 1 exit status libtool: link: gcc -std=gnu99 -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic -fno-strict -aliasing -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -Wl,--as-needed -Wl, -z -Wl,relro -o test-http-server-errors test-http-server-errors.o -Wl,--export-dynamic ./.libs/libhttp.a ../lib-dns/.libs/libdns.a ../lib-ssl-iostream/.libs/libssl_iostream.a ../lib-master/ .libs/libmaster.a ../lib-settings/.libs/libsettings.a ../lib-test/.libs/libtest.a ../lib/.libs/liblib.a -ldl make[3]: Leaving directory `/builddir/build/BUILD/dovecot-2.2.30.2/src/lib-http' make[3]: Leaving directory `/home/rpmbuild/rpmbuild/BUILD/dovecot-2.2.30.2/src/lib-http' I suggest that you don't use rpmbuild directly, but use mock to build it instead. That ensures you have a clean build environment every time. Peter
Re: Outlook 2013/2010 nightmare #2
On 3/9/2015 7:16 PM, Michael M Slusarz wrote: > Quoting David.M.Clark : > >> Outlook also has a declaration that as of either version 2010 or >> 2013, they no longer download IMAP headers, they download the whole >> message - thank God for faster Internet connections these days - >> could you imagine that in the older dialup days? Still it is a waste >> of bandwidth and disk space to do this. > > Except that's not anything specific to Outlook... most (all) of the > desktop clients do this. Thunderbird most certainly does, for example. > > michael Stripping headers is particular to M$ Outlook. M$ Outlook 2013 strips headers when moving email between IMAP folders. This is a known issue: https://social.msdn.microsoft.com/Forums/en-US/8eafe714-8a8c-44bc-9228-d6a68731494f/outlook-2013-behavior-as-an-imap-client?forum=os_exchangeprotocols
Re: EL6 EE package dependencies
On 4/2/2015 1:22 PM, Will Yardley wrote: > I've been trying to upgrade Dovecot-ee package (on EL6/x86_64) from > 2.2.15.8-1 to 2.2.16.2-1. It's complaining on these two dependencies: > > liblz4.so.1 > libtextcat.so.0 > > These would both seem to be related to plugins, and don't seem to be > required as package dependencies by the RPM from what I can see from the > SRPM. > > Anyone know what packages I need to satisfy these dependencies? lz4-r127-1.el6.i686 and libtextcat-2.2-10.el6.i686 Eric
Re: EL6 EE package dependencies
On 4/2/2015 2:58 PM, Will Yardley wrote: > On Thu, Apr 02, 2015 at 02:53:26PM -0600, Eric Broch wrote: >> On 4/2/2015 1:22 PM, Will Yardley wrote: >>> I've been trying to upgrade Dovecot-ee package (on EL6/x86_64) from >>> 2.2.15.8-1 to 2.2.16.2-1. It's complaining on these two dependencies: >>> >>> liblz4.so.1 >>> libtextcat.so.0 >>> >>> These would both seem to be related to plugins, and don't seem to be >>> required as package dependencies by the RPM from what I can see from the >>> SRPM. >>> >>> Anyone know what packages I need to satisfy these dependencies? >> lz4-r127-1.el6.i686 and libtextcat-2.2-10.el6.i686 > From what source? I don't see them in any of the normal RHEL channels or > in EPEL. I also don't see them in the Dovecot repo (or, unless I'm > missing something, in the specfile's install requires). > > (BTW, I'm on x86_64 arch, but should be same package names either way). Sorry, Will lz4-r127-1.el6.i686 epel (# yum provides liblz4.so.1) libtextcat-2.2-10.el6.i686 base (CentOS) (# yum provides libtextcat.so.0) EricB.
fs_api_module_register
Hello list, I'm trying to build a binary rpm from dovecot sources 2.2.18 and pigeonhole.0.4.8. During the make portion I'm getting the following error: make[3]: Leaving directory `/root/rpmbuild/BUILD/dovecot-2.2.18/src/lib-storage' for bin in test-mail-search-args-imap test-mail-search-args-simplify test-mailbox-get; do \ if ! /bin/sh ../../run-test.sh ../.. ./$bin; then exit 1; fi; \ done /root/rpmbuild/BUILD/dovecot-2.2.18/src/lib-storage/.libs/lt-test-mail-search-args-imap: symbol lookup error: /root/rpmbuild/BUILD/dovecot-2.2.18/src/lib-storage/.libs/lt-test-mail-search-args-imap: undefined symbol: fs_api_module_register I created a binary rpm from dovecot sources 2.2.16 and pigeonhole sources 0.4.7 and all went well. Can anyone give me any hints as to the problem? Eric
Re: fs_api_module_register
I'm building on CentOS 5 (x86) and CentOS 6 (x86_64). The rpmbuild failed on both with the same error. Is there any other information you would need from me? I'm not sure if I'm missing some dependency, or not. May I trouble you for the dovecot.spec file you used to build your RPM? On 5/16/2015 5:33 AM, Marcus Rueckert wrote: > On 2015-05-15 21:51:21 -0600, Eric Broch wrote: >> I'm trying to build a binary rpm from dovecot sources 2.2.18 and >> pigeonhole.0.4.8. During the make portion I'm getting the following error: >> >> make[3]: Leaving directory >> `/root/rpmbuild/BUILD/dovecot-2.2.18/src/lib-storage' >> for bin in test-mail-search-args-imap test-mail-search-args-simplify >> test-mailbox-get; do \ >> if ! /bin/sh ../../run-test.sh ../.. ./$bin; then exit 1; fi; \ >> done >> /root/rpmbuild/BUILD/dovecot-2.2.18/src/lib-storage/.libs/lt-test-mail-search-args-imap: >> symbol lookup error: >> /root/rpmbuild/BUILD/dovecot-2.2.18/src/lib-storage/.libs/lt-test-mail-search-args-imap: >> undefined symbol: fs_api_module_register >> >> I created a binary rpm from dovecot sources 2.2.16 and pigeonhole >> sources 0.4.7 and all went well. >> >> Can anyone give me any hints as to the problem? > I built rpms for this just fine. you would need to share more details. > > darix >
Re: fs_api_module_register
Marcus, Thanks for the spec file. I'm fairly new to creating RPM's and I just found out that the issue is taking place during the 'make check' portion of the spec file. I'm not sure what 'make check' does after having googled it, although, I think it checks for run-time errors. Any hints? Eric On 5/16/2015 12:52 PM, Marcus Rueckert wrote: > On 2015-05-16 11:52:55 -0600, Eric Broch wrote: >> I'm building on CentOS 5 (x86) and CentOS 6 (x86_64). The rpmbuild >> failed on both with the same error. Is there any other information you >> would need from me? I'm not sure if I'm missing some dependency, or not. >> May I trouble you for the dovecot.spec file you used to build your RPM? > https://build.opensuse.org/package/show/server:mail/dovecot22 > > sles 11 should be close to centos 6. > > darix >
Re: fs_api_module_register
I found the reason for this build error. It has to do with the rpath setting. Under Fedora packaging guidelines <https://fedoraproject.org/wiki/Packaging:Guidelines?rd=Packaging/Guidelines#AlternativeRpath> the following settings are changed in the spec file under %configure for libtool: %configure sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool commenting them out solved the problem, but I'm not sure that this is the best, or the appropriate, solution...yet. Anyway, thanks for providing the SUSE spec file, Marcus. EricB On 5/17/2015 9:55 AM, Eric Broch wrote: > > > > > Marcus, > > Thanks for the spec file. > > I'm fairly new to creating RPM's and I just found out that the issue is > taking place during the 'make check' portion of the spec file. I'm not > sure what 'make check' does after having googled it, although, I think > it checks for run-time errors. Any hints? > > Eric > > On 5/16/2015 12:52 PM, Marcus Rueckert wrote: >> On 2015-05-16 11:52:55 -0600, Eric Broch wrote: >>> I'm building on CentOS 5 (x86) and CentOS 6 (x86_64). The rpmbuild >>> failed on both with the same error. Is there any other information you >>> would need from me? I'm not sure if I'm missing some dependency, or not. >>> May I trouble you for the dovecot.spec file you used to build your RPM? >> https://build.opensuse.org/package/show/server:mail/dovecot22 >> >> sles 11 should be close to centos 6. >> >> darix >>
apple mail fails to connect intermittently
Hi
(New to dovecot)
I am experiencing intermittent connection failures with both apple
mail and ios mail. No specific errors and I cannot find relevant
information on the mac logs or on my server.
It spontaneously corrects.
restarting dovecot - no dice
It just happened now (again), this time there might have been a
reason, I just dovecot-lda'd some large mailboxes from mbox to
Maildir. But as I said, it spontaneously corrects, so is
downloading now.
While this connection error is occurring, then I can connect to
dovecot via a remote mutt session, via web imap client and via
outlook.
Is this a known issue?
FWIW:
% doveconf -n
# 2.2.9: /etc/dovecot/dovecot.conf
# OS: Linux 3.19.0-26-generic i686 Ubuntu 15.04
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
mailbox virtual/All {
special_use = \All
}
prefix =
}
passdb {
driver = pam
}
postmaster_address = postmas...@biovolt.nl
protocols = " imap lmtp"
ssl_cert =
iterate users with passwd-file passdb?
Apologies for the basic question, but I've been googling and can't
figure out if this is possible or not.
Simply: Is it possible to iterate over users if I'm using the
passwd-file passdb driver? Do I need a SQL-based driver if I want to
iterate?
Here's what I've got right now. I don't have many users, and would
prefer to retain the simplicity of the passwd-file if possible.
Thanks!
passdb {
driver = passwd-file
args = username_format=%u scheme=ssha512 /etc/dovecot/passwd.db
deny = no
master = no
pass = no
skip = never
result_failure = continue
result_internalfail = continue
result_success = return-ok
}
userdb {
driver = static
args = uid=5000 gid=5000 home=/var/mail/vmail/%d/%n
}
Re: iterate users with passwd-file passdb?
Joseph Tam writes: > Eric Abrahamsen writes: > >> Simply: Is it possible to iterate over users if I'm using the >> passwd-file passdb driver? Do I need a SQL-based driver if I want to >> iterate? > > What do you mean by "iterate"? If you mean whether you can look up a > password entry in a multi-entry file, then yes, definitely. If you > mean to sequentially go through it and do a first/last/best match, > probably not. Basically I just mean the -A argument to the doveadm commands. For example, iterate through all the users and run sa-learn on each user's learn/spam folder. If it's got to be SQL, it won't kill me... Thanks! Eric
Re: iterate users with passwd-file passdb?
Timo Sirainen writes:
> On 14 Oct 2015, at 00:01, Eric Abrahamsen wrote:
>>
>> Joseph Tam writes:
>>
>>> Eric Abrahamsen writes:
>>>
>>>> Simply: Is it possible to iterate over users if I'm using the
>>>> passwd-file passdb driver? Do I need a SQL-based driver if I want to
>>>> iterate?
>>>
>>> What do you mean by "iterate"? If you mean whether you can look up a
>>> password entry in a multi-entry file, then yes, definitely. If you
>>> mean to sequentially go through it and do a first/last/best match,
>>> probably not.
>>
>> Basically I just mean the -A argument to the doveadm commands. For
>> example, iterate through all the users and run sa-learn on each user's
>> learn/spam folder. If it's got to be SQL, it won't kill me...
>
> Use userdb passwd-file to get iteration working. passdb isn't used for
> iteration. userdb static can't be used to iterate.
That did it, thank you! I had been staring at this:
http://wiki2.dovecot.org/AuthDatabase/PasswdFile#line-38
But not getting it exactly right. For posterity, I edited my conf to
look like this:
passdb {
driver = passwd-file
args = username_format=%u scheme=ssha512 /etc/dovecot/passwd.db
deny = no
master = no
pass = no
skip = never
result_failure = continue
result_internalfail = continue
result_success = return-ok
}
userdb {
driver = passwd-file
args = username_format=%u /etc/dovecot/passwd.db
default_fields = uid=vmail gid=vmail home=/var/mail/vmail/%d/%n
}
Then edited /etc/dovecot/passwd.db to add six colons at the end of each
user line -- empty fields since presently everything I need is specified
in default_fields.
Thanks again,
Eric
user configuration question
I've been using mbsync to sync this email account to a local Dovecot
installation. I used to use Gmail, through Google Apps, and a while ago
switched the account to self-hosting.
I didn't want to upload years' worth of old email to my old server, so
I've had two accounts in my MUA: one talking to the local Dovecot
account for the old emails, and a second talking directly to the server
for the new emails.
I'd like to sync the new account to Dovecot as well, and I'm having
trouble wrapping my brain around how to configure the two side-by-side
accounts in Dovecot (I know there are other solutions to this, but I'm
also just trying to figure out how this works).
What I don't grok is the exact effect of the different username fields
in the passdb file, and how they combine with username_format. Right now
my dovecot.conf has this:
passdb {
driver = passwd-file
args = username_format=%u /etc/dovecot/passwd
}
userdb {
driver = static
args = uid=eric gid=users home=/home/eric/.mail/%d/%n username_format=%u
default_fields = mail=maildir:/home/eric/.mail/%d/%n/mail
}
And /etc/dovecot/passwd:
e...@ericabrahamsen.net:{PLAIN}password:e...@ericabrahamsen.net
Say I want to keep my existing mail where it is, and have all the new
mail go into ~/.mail/ericabrahamsen.net/eric-new/mail. Ie, when mbsync
connects to the local Dovecot, it does so with the username
eric-...@ericabrahamsen.net.
Now, in Dovecot's conf, do I change the email address in the first field
of /etc/dovecot/passwd, or the third field, or both? And, if it isn't
too much trouble, what is the difference between the two?
Thanks!
Eric
Re: [Dovecot-news] Xi has a new home
On 17/03/2016 16:39, Stephan Bosch wrote: Op 17-3-2016 om 15:09 schreef Eric Kom: On 2016/03/17 3:38 PM, Stephan Bosch wrote: Hi, Good day dear, Thanks for the UPDATE. The xi.dovecot.fi host name route to www.dovecot.nl They is no direct access to it via HTTP/FTP? Xi has no main page, so it redirects to the dovecot community website. The repositories are - as always - available under http://xi.dovecot.fi/debian. There is no FTP access. Thanks for the update The wiki has all the information you need. Regards, Stephan. The automatic package builder Xi has moved to system within the Dovecot infrastructure. This also means that the repositories are available at a new host name: xi.dovecot.fi. The old host name still works and is a CNAME pointing to the new venue. I expect the old domain to be active for years to come. So, there is no need to update your /etc/apt/sources.list right away. Still, it is a good idea to do so. I've updated the wiki accordingly. Regards, Stephan. ___ Dovecot-news mailing list dovecot-n...@dovecot.org http://dovecot.org/cgi-bin/mailman/listinfo/dovecot-news
Dovecot LDA with OpenSMTPD
Good day, Can any one help on how to get Dovecot LDA work with OpenSMTPD?
Re: [Dovecot-news] Xi has a new home
On 2016/03/17 3:38 PM, Stephan Bosch wrote: > Hi, Good day dear, Thanks for the UPDATE. The xi.dovecot.fi host name route to www.dovecot.nl They is no direct access to it via HTTP/FTP? > > The automatic package builder Xi has moved to system within the > Dovecot infrastructure. This also means that the repositories are > available at a new host name: xi.dovecot.fi. The old host name still > works and is a CNAME pointing to the new venue. I expect the old > domain to be active for years to come. So, there is no need to update > your /etc/apt/sources.list right away. Still, it is a good idea to do > so. I've updated the wiki accordingly. > > Regards, > > Stephan. > ___ > Dovecot-news mailing list > dovecot-n...@dovecot.org > http://dovecot.org/cgi-bin/mailman/listinfo/dovecot-news
Re: [Dovecot] May Dovecot help in users education
On 08/17/2011 07:24 AM, Alexandre Chapellon wrote: Le 17/08/2011 16:05, Laurent CARON a écrit : On 17/08/2011 16:00, Alexandre Chapellon wrote: Is there any way to achieve this with dovecot? Does anybody have another idea smoothly force used to switch to TLS? Hi, Maybe by sending them an email with a deadline for the end of clear text auth support ? If they don't amend their setup they'll be unable to retrieve their emails. :)... already tried this in the past and it just don't work... 80% of users never apply changes and prefer getting very angry and call the support. Which is exactly what I want to avoid. Should you want to go the "nicer" way, you could throttle bandwidth to port 110/143 provided you use those for insecure connections. This sounds better and I though tc could help going that way, but there is nothing informative in going this way. I know what I ask for seems crappy and probably is out of the scope of what dovecot is supposed to do, but this would be temporary and I wanna make sure it is not possible before digging somewhere else. Thanks I think I would write a script that would glean such accounts from the dovecot log, then send them a message every day instructing them how to turn on TLS in order to quit getting this message. A support line to call for help would be nice for those who have difficulty changing their configuration. -- -Eric 'shubes'
[Dovecot] Intermittent authentication failures
I'm running dovecot with vpopmail. Here's the configuration:
[root@wong log]# dovecot -n
# 2.0.11: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.18-238.9.1.el5 i686 CentOS release 5.6 (Final)
auth_cache_size = 32 M
auth_mechanisms = plain login digest-md5 cram-md5
auth_username_format = %Lu
first_valid_uid = 89
log_path = /var/log/dovecot.log
login_greeting = Dovecot toaster ready.
mail_fsync = always
mail_nfs_index = yes
mail_nfs_storage = yes
mmap_disable = yes
namespace {
inbox = yes
location =
prefix =
separator = .
type = private
}
passdb {
args = cache_key=%u webmail=127.0.0.1
driver = vpopmail
}
plugin/quota = maildir
protocols = imap
ssl_cert = Most clients use TLS and PLAIN login for verification, which works
flawlessly.
I also run SquirrelMail that is slightly dated and has no TLS
capability, so it is using CRAM-MD5.
CRAM-MD5 works sometimes:
Sep 30 08:15:43 imap-login: Info: Login: user=,
method=CRAM-MD5, rip=192.168.252.8, lip=192.168.252.14, mpid=20301
but (seemingly more frequently) the authentication fails:
Sep 30 08:16:41 imap-login: Info: Aborted login (auth failed, 1
attempts): user=, method=CRAM-MD5, rip=192.168.252.8,
lip=192.168.252.14
I restarted dovecot, and that apparently cleared the problem for one
user, but not others.
Is this perhaps a bug in dovecot, or would the problem lie with vpopmail?
TIA for any pointers.
--
-Eric 'shubes'
Re: [Dovecot] SSL only for external connections
On 09/30/2011 11:17 AM, Michael M Slusarz wrote: Quoting Simon Brereton : -Original Message- From: dovecot-boun...@dovecot.org [mailto:dovecot- boun...@dovecot.org] On Behalf Of Stan Hoeppner On 9/30/2011 12:34 PM, Simon Brereton wrote: >> -Original Message- >> From: dovecot-boun...@dovecot.org [mailto:dovecot- >> boun...@dovecot.org] On Behalf Of Terry Carmen > >> >> If SSL/TLS works from the outside, but not the inside, you should >> probably find out why and fix that instead. > > You'd think so - but since I don't actually need TLS from the inside, > and given my skill level - disabling it seems easier :) You don't need TLS/SSL from the outside either, if this is strictly a webmail box. In this case, configure Apache/lighttpd+Horde to only accept HTTPS connections from the outside, and configure Horde to connect via the Dovecot localhost:143 listener. This is how I've been doing it with Roundcube for years. Works like a champ. It's not strictly a webmail box though. IMAP clients (fixed and mobile) connect to it. So what I'd like is IMAP, IMAPS, POP3 and POP3S on the outside and IMAP only on the local host (there's no actual reason to offer POP to the localhost either... You can also configure the MUA (e.g. Horde) to not use a secure connection, as opposed to turning off features on the server level. michael This makes the most sense to me. The client should decide what to use. FWIW. -- -Eric 'shubes'
Re: [Dovecot] Intermittent authentication failures
On 09/30/2011 09:07 AM, Eric Shubert wrote: CRAM-MD5 works sometimes: Sep 30 08:15:43 imap-login: Info: Login: user=, method=CRAM-MD5, rip=192.168.252.8, lip=192.168.252.14, mpid=20301 but (seemingly more frequently) the authentication fails: Sep 30 08:16:41 imap-login: Info: Aborted login (auth failed, 1 attempts): user=, method=CRAM-MD5, rip=192.168.252.8, lip=192.168.252.14 I restarted dovecot, and that apparently cleared the problem for one user, but not others. Is this perhaps a bug in dovecot, or would the problem lie with vpopmail? TIA for any pointers. FWIW, I tried digest-md5, and experience the same problem. Is it possible that passwords are being cached in such a way that different login mechanisms cannot be used by different client programs with the same user account? -- -Eric 'shubes'
Re: [Dovecot] SOLVED Intermittent authentication failures
On 09/30/2011 12:59 PM, Eric Shubert wrote: On 09/30/2011 09:07 AM, Eric Shubert wrote: CRAM-MD5 works sometimes: Sep 30 08:15:43 imap-login: Info: Login: user=, method=CRAM-MD5, rip=192.168.252.8, lip=192.168.252.14, mpid=20301 but (seemingly more frequently) the authentication fails: Sep 30 08:16:41 imap-login: Info: Aborted login (auth failed, 1 attempts): user=, method=CRAM-MD5, rip=192.168.252.8, lip=192.168.252.14 I restarted dovecot, and that apparently cleared the problem for one user, but not others. Is this perhaps a bug in dovecot, or would the problem lie with vpopmail? TIA for any pointers. FWIW, I tried digest-md5, and experience the same problem. Is it possible that passwords are being cached in such a way that different login mechanisms cannot be used by different client programs with the same user account? My problem was indeed with the password caching. I changed cache_key=%u to cache_key=%u%r and that cleared things up. I expect that this is only a problem when different client programs use different login mechanisms, which was the case with this particular group of users. I didn't anticipate this behavior, but can live with it. A note about this in the documentation would be nice. I tried to create an account on the wiki for myself to update it, but that doesn't seem to be working presently. -- -Eric 'shubes'
Re: [Dovecot] SOLVED Intermittent authentication failures
On 10/01/2011 08:16 AM, Timo Sirainen wrote: On Fri, 2011-09-30 at 16:24 -0700, Eric Shubert wrote: CRAM-MD5 works sometimes: Sep 30 08:15:43 imap-login: Info: Login: user=, method=CRAM-MD5, rip=192.168.252.8, lip=192.168.252.14, mpid=20301 but (seemingly more frequently) the authentication fails: Sep 30 08:16:41 imap-login: Info: Aborted login (auth failed, 1 attempts): user=, method=CRAM-MD5, rip=192.168.252.8, lip=192.168.252.14 My problem was indeed with the password caching. I changed cache_key=%u to cache_key=%u%r and that cleared things up. I expect that this is only a problem when different client programs use different login mechanisms, which was the case with this particular group of users. Auth mechanism shouldn't affect caching or vice versa. Maybe the %r just happens to work around the real problem, which might still be there but just less frequent.. Logs with auth_debug=yes could have been helpful in figuring this out. Ask and ye shall receive: Oct 02 08:21:03 auth: Debug: client in: AUTH1 PLAIN service=imapsecured lip=192.168.6.14rip=208.54.4.133 lport=143 rport=43401 resp= Oct 02 08:21:03 auth: Debug: cache(g...@domain.com,208.54.4.133): hit: user=g...@domain.com Oct 02 08:21:03 auth: Debug: client out: OK 1 user=g...@domain.com Oct 02 08:21:03 auth: Debug: master in: REQUEST 546963457 11596 1 9d5ae9a5778c4e1da32bfe9de1027163 Oct 02 08:21:03 auth: Debug: userdb-cache(g...@domain.com,208.54.4.133): hit: g...@domain.com uid=89 gid=89 home=/home/vpopmail/domains/domain.com/gary Oct 02 08:21:03 auth: Debug: master out: USER 546963457 g...@domain.com uid=89 gid=89 home=/home/vpopmail/domains/domain.com/gary Oct 02 08:21:03 imap-login: Info: Login: user=, method=PLAIN, rip=208.54.4.133, lip=192.168.6.14, mpid=11607, TLS Oct 02 08:21:05 auth: Debug: auth client connected (pid=11609) Oct 02 08:21:05 auth: Debug: client in: AUTH1 CRAM-MD5 service=imapsecured lip=192.168.6.14rip=174.17.50.127 lport=993 rport=50696 Oct 02 08:21:05 auth: Debug: client out: CONT 1 PDU5NjE3NTM4NTk4OTA0MTIuMTMxNzU2ODg2NUB3b25nLnIzaW52ZXN0aWdhdGlvbnMuY29tPg== Oct 02 08:21:06 auth: Debug: client in: CONT Oct 02 08:21:06 auth: Debug: cache(teac...@domain2.com,174.17.50.127): miss Oct 02 08:21:06 auth: Debug: vpopmail(teac...@domain2.com,174.17.50.127): lookup user=teacher domain=domain2.com Oct 02 08:21:06 auth: Debug: client out: OK 1 user=teac...@domain2.com Oct 02 08:21:06 auth: Debug: master in: REQUEST 3916169217 11609 1 42c98a70d61d08e4b1440028faf5324a Oct 02 08:21:06 auth: Debug: userdb-cache(teac...@domain2.com,174.17.50.127): miss Oct 02 08:21:06 auth: Debug: vpopmail(teac...@domain2.com,174.17.50.127): lookup user=teacher domain=domain2.com Oct 02 08:21:06 auth: Debug: master out: USER 3916169217 teac...@domain2.com uid=89 gid=89 home=/home/vpopmail/domains/domain2.com/teacher Oct 02 08:21:06 imap-login: Info: Login: user=, method=CRAM-MD5, rip=174.17.50.127, lip=192.168.6.14, mpid=11612, TLS Oct 02 08:21:35 imap(g...@domain.com): Info: Disconnected: Logged out bytes=361/1161 Oct 02 08:21:40 auth: Debug: auth client connected (pid=11627) Oct 02 08:21:40 auth: Debug: client in: AUTH1 DIGEST-MD5 service=imaplip=192.168.252.14 rip=192.168.252.8 lport=143 rport=41155 Oct 02 08:21:40 auth: Debug: client out: CONT 1 cmVhbG09IiIsbm9uY2U9InpkR3VZcFd0T25iUWpQM3hHOVloemc9PSIscW9wPSJhdXRoIixjaGFyc2V0PSJ1dGYtOCIsYWxnb3JpdGhtPSJtZDUtc2VzcyI= Oct 02 08:21:40 auth: Debug: client in: CONT Oct 02 08:21:40 auth: Debug: cache(g...@domain.com,192.168.252.8): hit: user=g...@domain.com Oct 02 08:21:40 auth: Info: password(g...@domain.com,192.168.252.8): Requested DIGEST-MD5 scheme, but we have only SHA1 Oct 02 08:21:42 auth: Debug: client out: FAIL 1 user=g...@domain.com Oct 02 08:21:42 imap-login: Info: Aborted login (auth failed, 1 attempts): user=, method=DIGEST-MD5, rip=192.168.252.8, lip=192.168.252.14 Oct 02 08:21:55 auth: Debug: auth client connected (pid=11629) Oct 02 08:21:55 auth: Debug: client in: AUTH1 PLAIN service=imapsecured lip=192.168.6.14rip=192.168.5.196 lport=993 rport=4605 resp= Oct 02 08:21:55 auth: Debug: cache(g...@domain.com,192.168.5.196): hit: user=g...@domain.com Oct 02 08:21:55 auth: Debug: client out: OK 1 user=g...@domain.com Oct 02 08:21:55 auth: Debug: master in: REQUEST 875167745 11629 1 126eea78f45a1270bea10f8f939545fa Oct 02 08:21:55 auth: Debug: userdb-cache(g...@domain.com,192.168.5.196): hit: g...@domain.com uid=89 gid=89 home=/home/vpopmail/domains/domain.com/gary Oct 02 08:21:55 auth: Debug: master out: USER 875167745 g...@domain.com uid=89 gid=89 home=/home/vpopmail/domains/domain.com/gary Oct 02 08:21:55 imap-login: Info: Login: user=, method=PLAIN, rip=192.168.5.196, lip=192.168.6.14, mpid=
Re: [Dovecot] SOLVED Intermittent authentication failures
On 10/02/2011 10:28 AM, Timo Sirainen wrote: On Sun, 2011-10-02 at 08:53 -0700, Eric Shubert wrote: Oct 02 08:21:40 auth: Info: password(g...@domain.com,192.168.252.8): Requested DIGEST-MD5 scheme, but we have only SHA1 Oh. This was vpopmail specific problem. See if this fixes: http://hg.dovecot.org/dovecot-2.0/rev/dbd5f9ec38af Thanks Timo. Two things. First, I don't think this is a comprehensive fix covering all situations, though I could be wrong. One problem with it is that if the password is changed and the plaintext client isn't active, one would need to wait for the cached plaintext record to expire before being able to log in with an encoded password. Another problem might be if there are two separate clients, one using digest-md5 and another using cram-md5, I think the second one used would still fail. No? I'm not sure how best to handle any combination of clients and authentication mechanisms, so I'll leave the solution to your design. Second and perhaps more importantly, it occurred to me that simply using %u as the cache key might be a significant security hole. If passwords are cached using only the user account, what's to prevent someone else, using another client with the same authentication mechanism at a different IP address, from gaining access to an account that's cached? Perhaps I'm not understanding this right, but I think that using %u%r as the cache key closes this hole, and should probably be recommended in the documentation. I could (as always) be totally off base on this, so please explain if I'm misunderstanding something. Thanks again, Timo. Great work on dovecot. -- -Eric 'shubes'
[Dovecot] inbox issue
I have dovecot 2.0.11 installed on a CentOS 5.7 email server. Two of the
server email clients, one using Outlook and the other Thunderbird, have
had all the contents of their inbox disappear only to reappear at a
later time. One client's inbox email reappeared upon receiving a test
email (to check if it would show up in the inbox) from another user. Has
anyone heard of such a thing?
Here's a dump of my dovecot configuration.
# 2.0.11: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.18-238.19.1.el5 i686 CentOS release 5.7 (Final)
auth_anonymous_username = anonymous
auth_cache_negative_ttl = 1 hours
auth_cache_size = 32 M
auth_cache_ttl = 1 hours
auth_debug = no
auth_debug_passwords = no
auth_default_realm =
auth_failure_delay = 2 secs
auth_first_valid_uid = 500
auth_gssapi_hostname =
auth_krb5_keytab =
auth_last_valid_uid = 0
auth_master_user_separator =
auth_mechanisms = plain login digest-md5 cram-md5
auth_realms =
auth_socket_path = auth-userdb
auth_ssl_require_client_cert = no
auth_ssl_username_from_cert = no
auth_use_winbind = no
auth_username_chars =
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
auth_username_format = %Lu
auth_username_translation =
auth_verbose = no
auth_verbose_passwords = no
auth_winbind_helper_path = /usr/bin/ntlm_auth
auth_worker_max_count = 30
base_dir = /var/run/dovecot
config_cache_size = 1 M
debug_log_path =
default_client_limit = 1000
default_idle_kill = 60
default_internal_user = dovecot
default_login_user = dovenull
default_process_limit = 100
default_vsz_limit = 256 M
deliver_log_format = msgid=%m: %$
dict_db_config =
director_doveadm_port = 0
director_mail_servers =
director_servers =
director_user_expire = 15 mins
disable_plaintext_auth = no
dotlock_use_excl = yes
doveadm_socket_path = doveadm-server
doveadm_worker_count = 0
first_valid_gid = 1
first_valid_uid = 89
hostname =
imap_capability =
imap_client_workarounds =
imap_id_log =
imap_id_send =
imap_idle_notify_interval = 2 mins
imap_logout_format = bytes=%i/%o
imap_max_line_length = 64 k
import_environment = TZ
info_log_path =
last_valid_gid = 0
last_valid_uid = 0
lda_mailbox_autocreate = no
lda_mailbox_autosubscribe = no
lda_original_recipient_header =
libexec_dir = /usr/libexec/dovecot
listen = *, ::
lmtp_proxy = no
lmtp_save_to_detail_mailbox = no
lock_method = fcntl
log_path = /var/log/dovecot.log
log_timestamp = "%b %d %H:%M:%S "
login_access_sockets =
login_greeting = Dovecot toaster ready.
login_log_format = %$: %s
login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c
login_trusted_networks =
mail_access_groups =
mail_attachment_dir =
mail_attachment_fs = sis posix
mail_attachment_hash = %{sha1}
mail_attachment_min_size = 128 k
mail_cache_fields = flags
mail_cache_min_mail_count = 0
mail_chroot =
mail_debug = no
mail_fsync = optimized
mail_full_filesystem_access = no
mail_gid =
mail_home =
mail_location =
mail_log_prefix = "%s(%u): "
mail_max_keyword_length = 50
mail_max_lock_timeout = 0
mail_max_userip_connections = 10
mail_never_cache_fields = imap.envelope
mail_nfs_index = no
mail_nfs_storage = no
mail_plugin_dir = /usr/lib/dovecot
mail_plugins =
mail_privileged_group =
mail_save_crlf = no
mail_temp_dir = /tmp
mail_uid =
mailbox_idle_check_interval = 30 secs
mailbox_list_index_disable = no
maildir_copy_with_hardlinks = yes
maildir_stat_dirs = no
maildir_very_dirty_syncs = no
master_user_separator =
mbox_dirty_syncs = yes
mbox_dotlock_change_timeout = 2 mins
mbox_lazy_writes = yes
mbox_lock_timeout = 5 mins
mbox_min_index_size = 0
mbox_read_locks = fcntl
mbox_very_dirty_syncs = no
mbox_write_locks = dotlock fcntl
mdbox_preallocate_space = no
mdbox_rotate_interval = 0
mdbox_rotate_size = 2 M
mmap_disable = no
namespace {
hidden = no
inbox = yes
list = yes
location =
prefix = INBOX.
separator = .
subscriptions = yes
type = private
}
namespace {
hidden = no
inbox = no
list = yes
location = maildir:/home/vpopmail/domains/acemt.com/shared/projects
prefix = projects.
separator = .
subscriptions = yes
type = public
}
passdb {
args = cache_key=%u webmail=127.0.0.1
deny = no
driver = vpopmail
master = no
pass = no
}
plugin/quota = maildir
pop3_client_workarounds =
pop3_enable_last = no
pop3_fast_size_lookups = no
pop3_lock_session = no
pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s
pop3_no_flag_updates = no
pop3_reuse_xuidl = no
pop3_save_uidl = no
pop3_uidl_format = %08Xu%08Xv
postmaster_address =
protocols = imap
quota_full_tempfail = no
recipient_delimiter = +
rejection_reason = Your message to <%t> was automatically rejected:%n%r
rejection_subject = Rejected: %s
sendmail_path = /usr/sbin/sendmail
service anvil {
chroot = empty
client_limit = 0
drop_priv_before_exec = no
executable = anvil
extra_groups =
group =
idle_kill = 4294967295 secs
privileged_group =
process_limit = 1
process_min_avail = 1
protocol =
service_count = 0
type = anvil
unix_listener anvil-auth-penalty {
group =
mod
Re: [Dovecot] Performance-Tuning
Quoting Peer Heinlein : It would be MUCH easier if Dovecot could read maildir: or mdbox: from LDAP attributes. In this case the whole migration process could be split up into groups. Unfortunately we have shared folders and I don't know a way to read the *remote* mailbox-format from LDAP... So having users with maildir and mdbox mixed up will break their shared folders... May not work for you, but... The way I did this when I migrated was to run two dovecot instances, and have perdition software on a front-end (could be on the same machine instead of a front-end, I just happen to have a front-end machine to do it). Perdition will query ldap for the info per user/connection, and send the connection to the correct dovecot instance based on the ldap lookup. Worked for me, your milage may vary... -- Eric Rostetter The Department of Physics The University of Texas at Austin Go Longhorns!
Re: [Dovecot] Performance-Tuning
Quoting Peer Heinlein : The problem is: You're running in problems with shared folders. You can't read your neighbors storage-engine from ldap. Yes, but I didn't have any shared folders, so it worked. Your milage may vary, as I said... :) -- Eric Rostetter The Department of Physics The University of Texas at Austin Go Longhorns!
[Dovecot] shared folder files not displaying in thunderbird
Hello,
I have dovecot installed with the configuration below.
One of the subfolders created (using the email client) under the
'/home/vpopmail/domains/mydomain.com/shared/projects' share no longer
(it used to) displays the files located in it. There are about 150
folders under the '/home/vpopmail/domains/mydomain.com/shared/projects'
share all of which display the files located in them, the one mentioned
used to display the contents but no longer does.
What would be the reason that one folder would no longer display
existing files in the email client (Thunderbird) and the other folders
would? And, how do I fix this?
I've already tried unsubscribing and resubscribing the folder. This did
not work.
Would it now be simply a matter of unsubscribing the folder, deleting
the dovecot files, and resubscribing to the folder?
Eric
# 2.0.11: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.18-238.19.1.el5 i686 CentOS release 5.7 (Final)
auth_cache_size = 32 M
auth_mechanisms = plain login digest-md5 cram-md5
auth_username_format = %Lu
disable_plaintext_auth = no
first_valid_uid = 89
log_path = /var/log/dovecot.log
login_greeting = Dovecot toaster ready.
namespace {
inbox = yes
location =
prefix = INBOX.
separator = .
type = private
}
namespace {
location = maildir:/home/vpopmail/domains/mydomain.com/shared/projects
prefix = projects.
separator = .
type = public
}
passdb {
args = cache_key=%u webmail=127.0.0.1
driver = vpopmail
}
plugin/quota = maildir
protocols = imap
ssl_cert =
Re: [Dovecot] shared folder files not displaying in thunderbird
Can anyone help me figure out why email in a sub-folder (created using
Thunderbird) of a dovecot namespace will not display in Thunderbird?
...
Hello,
I have dovecot installed with the configuration below.
One of the subfolders created (using the email client) under the
'/home/vpopmail/domains/mydomain.com/shared/projects' share no longer
(it used to) displays the files located in it. There are about 150
folders under the '/home/vpopmail/domains/mydomain.com/shared/projects'
share all of which display the files located in them, the one mentioned
used to display the contents but no longer does.
What would be the reason that one folder would no longer display
existing files in the email client (Thunderbird) and the other folders
would? And, how do I fix this?
I've already tried unsubscribing and resubscribing the folder. This did
not work.
Would it now be simply a matter of unsubscribing the folder, deleting
the dovecot files, and resubscribing to the folder?
Eric
# 2.0.11: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.18-238.19.1.el5 i686 CentOS release 5.7 (Final)
auth_cache_size = 32 M
auth_mechanisms = plain login digest-md5 cram-md5
auth_username_format = %Lu
disable_plaintext_auth = no
first_valid_uid = 89
log_path = /var/log/dovecot.log
login_greeting = Dovecot toaster ready.
namespace {
inbox = yes
location =
prefix = INBOX.
separator = .
type = private
}
namespace {
location = maildir:/home/vpopmail/domains/mydomain.com/shared/projects
prefix = projects.
separator = .
type = public
}
passdb {
args = cache_key=%u webmail=127.0.0.1
driver = vpopmail
}
plugin/quota = maildir
protocols = imap
ssl_cert =
Re: [Dovecot] shared folder files not displaying in thunderbird
Timo, > So the folder itself exists, but it just appears empty? Yes. > Have you tried with another IMAP client? Yes, both Outlook and Thunderbird > Have you checked if the files are actually still there in the maildir? I've done a list (ls -la) of the directory where the files reside (path.to.share.sub.dir/cur). They exist. > You can check if this is a server problem or a client problem by running: > doveadm fetch -u user@domain uid mailbox project.missing.sub.folder all I did this per your instructions and there is no output. So, email exists in the share, and it does not show up in Thunderbird, Outlook, or using doveadm. Eric
[Dovecot] Order of operations in Dovecot
Hi, I'm working on an IMAP client and had a question about the order in which commands are responded to in Dovecot. In other IMAP servers I've looked at, when you issue two commands simultaneously (i.e. pipelining) it looks something like this: a fetch something b fetch something else * 1 FETCH (result) a OK FETCH completed * 1 FETCH (result) b OK FETCH completed This works well because it's clear which results are associated with which tag; the 'a' fetch results immediately precede the a's OK response, and likewise the 'b' fetch results immediately precede the b's OK response. But in Dovecot (version 2.0.13) the results of the two simultaneous commands are ordered like this: a fetch something b fetch something else * 1 FETCH (result) * 1 FETCH (result) a OK FETCH completed b OK FETCH completed This makes associating the results of the fetch commands quite a bit more difficult, since it's not entirely clear which results are paired with which tag. My question is this: is this Dovecot's intended behavior, or did I find a bug? I realize the IMAP spec is really vague about this. If this is the intended behavior, is there any advice for clients on how to determine which results are associated with which command? Thanks! - Eric
[Dovecot] Internal Error - Cannot select inbox
Hi, I am new to this list although i have been using dovecot for some time now, i've come accross this error when a user tries to log in * OK Dovecot ready. 1 login username password 1 OK Logged in. 1 select inbox 1 NO Internal error occurred. Refer to server log for more information. [2007-12-07 12:51:56] there are no errors reported in the log files related to that issue for both dovecot.log and maillog what i do receive in the log files is dovecot: Dec 07 12:55:46 Info: imap-login: Login: user=<[EMAIL PROTECTED]>, method=PLAIN, rip=:::127.0.0.1, lip=:::127.0.0.1, secured dovecot: Dec 07 12:55:46 Info: IMAP([EMAIL PROTECTED]): Effective uid=500, gid=500 dovecot: Dec 07 12:55:46 Info: IMAP([EMAIL PROTECTED]): mbox: data=/var/spool/mail/vmail/domain/username:INBOX=/var/spool/mail/vmail/domain/username/Inbox:INDEX=/var/spool/mail/vmail/domain/username:home=/var/spool/mail/vmail/domain/username/.imap/.imap dovecot: Dec 07 12:55:46 Info: IMAP([EMAIL PROTECTED]): mbox: root=/var/spool/mail/vmail/domain/username, index=/var/spool/mail/vmail/domain/username, inbox=/var/spool/mail/vmail/domain/username/Inbox dovecot: Dec 07 12:55:46 Info: IMAP([EMAIL PROTECTED]): Disconnected i can't seem to pinpoint what is going wrong, some things to note i have existing users who can read email succesfully, its when i create a new user via postfixadmin, one should note that all directories are created and owned by vmail whose gid and uid is 500 and for the new users the directories and mboxes are created succesfully, but even if i copy over a working inbox of previous user to new user i still get an error so i don't think it is an mbox formatting issue another thing is that i can successfully check mail using mutt facility, even sending using mail clients (outlook express) is possible other configurations that might be helpful # dovecot --version 1.0.rc15 #cat /etc/group |grep vmail dovecot:x:97:vmail vmail:x:500:dovecot # /etc/dovecot.conf log_path: /var/log/dovecot.log protocols: pop3 pop3s imap imaps ssl_disable: yes login_dir: /var/run/dovecot/login login_executable(default): /usr/libexec/dovecot/imap-login login_executable(imap): /usr/libexec/dovecot/imap-login login_executable(pop3): /usr/libexec/dovecot/pop3-login mail_location: mbox:/var/spool/mail/vmail/%d/%n:INBOX=/var/spool/mail/vmail/%d/%n/Inbox:INDEX=/var/spool/mail/vmail/%d/%n:home=/var/spool/mail/vmail/%d/%n/.imap/.imap mail_debug: yes maildir_copy_with_hardlinks: yes mbox_min_index_size: 200 mail_executable(default): /usr/libexec/dovecot/imap mail_executable(imap): /usr/libexec/dovecot/imap mail_executable(pop3): /usr/libexec/dovecot/pop3 mail_plugin_dir(default): /usr/lib/dovecot/imap mail_plugin_dir(imap): /usr/lib/dovecot/imap mail_plugin_dir(pop3): /usr/lib/dovecot/pop3 auth default: mechanisms: plain login passdb: driver: pam passdb: driver: sql args: /etc/dovecot/dovecot-mysql.conf userdb: driver: sql args: /etc/dovecot/dovecot-mysql.conf socket: type: listen client: path: /var/spool/postfix/private/auth mode: 432 user: postfix group: postfix master:
Re: [Dovecot] Internal Error - Cannot select inbox
Hi, I have read through the dovecot wiki a couple of times, although i alwasy get errors issuing the give dovecot --log-error command, as in the option is not available... but i have st my log_path to dovecot.log and info_path to dovecot.info and still no errors are reported to dovecot.log in my syslog configuration all mail messages go to maillog and also no error messages are shown in there,,, where does dovecot log these errors upgrading dovecot for me is to be treated as last resort since this is a production server, and i have a few backup options, i need a solution that is reversable if the need arises... i'm using dovecot 1.0.rc15 the one that comes with RHE5 > On 7.12.2007, at 9.25, Eric Beda wrote: > >> 1 NO Internal error occurred. Refer to server log for more >> information. >> [2007-12-07 12:51:56] >> >> there are no errors reported in the log files related to that issue >> for >> both dovecot.log and maillog > > There really should be an error logged. It just might be in a > different log file than you expected. See http://wiki.dovecot.org/ > Logging >
Re: [Dovecot] Internal Error - Cannot select inbox (solved) though where are the error messages logged
Hi, through various trial and errors i've found the solution to my problem, i disabled the mbox_min_index_size, it was set to 200 ( i think i read in some tutorial that this will increase performance) #mbox_min_index_size = 200 After disabling it the errors stopped though i still have a niggling issue still unresolved Where do the error messages go ??? i read through the debuging tutorial,, the dovecot --log-error command doesn't work,,, or maybe i am not executing it properly # dovecot --log-error Usage: dovecot [-F] [-c ] [-p] [-n] [-a] [--exec-mail ] [--version] [--build-options] Fatal: Unknown argument: --log-error That is what i get after command execution, how do i find out where the error messages are logged ??? > Hi, > > I am new to this list although i have been using dovecot for some time > now, i've come accross this error when a user tries to log in > > * OK Dovecot ready. > 1 login username password > 1 OK Logged in. > 1 select inbox > 1 NO Internal error occurred. Refer to server log for more information. > [2007-12-07 12:51:56] > > there are no errors reported in the log files related to that issue for > both dovecot.log and maillog > > what i do receive in the log files is > > dovecot: Dec 07 12:55:46 Info: imap-login: Login: user=<[EMAIL PROTECTED]>, > method=PLAIN, rip=:::127.0.0.1, lip=:::127.0.0.1, secured > dovecot: Dec 07 12:55:46 Info: IMAP([EMAIL PROTECTED]): Effective uid=500, > gid=500 > dovecot: Dec 07 12:55:46 Info: IMAP([EMAIL PROTECTED]): mbox: > data=/var/spool/mail/vmail/domain/username:INBOX=/var/spool/mail/vmail/domain/username/Inbox:INDEX=/var/spool/mail/vmail/domain/username:home=/var/spool/mail/vmail/domain/username/.imap/.imap > dovecot: Dec 07 12:55:46 Info: IMAP([EMAIL PROTECTED]): mbox: > root=/var/spool/mail/vmail/domain/username, > index=/var/spool/mail/vmail/domain/username, > inbox=/var/spool/mail/vmail/domain/username/Inbox > dovecot: Dec 07 12:55:46 Info: IMAP([EMAIL PROTECTED]): Disconnected > > i can't seem to pinpoint what is going wrong, some things to note > > i have existing users who can read email succesfully, its when i create a > new user via postfixadmin, one should note that all directories are > created and owned by vmail whose gid and uid is 500 and for the new users > the directories and mboxes are created succesfully, but even if i copy > over a working inbox of previous user to new user i still get an error so > i don't think it is an mbox formatting issue > > another thing is that i can successfully check mail using mutt facility, > even sending using mail clients (outlook express) is possible > > other configurations that might be helpful > > # dovecot --version > 1.0.rc15 > > #cat /etc/group |grep vmail > dovecot:x:97:vmail > vmail:x:500:dovecot > > # /etc/dovecot.conf > log_path: /var/log/dovecot.log > protocols: pop3 pop3s imap imaps > ssl_disable: yes > login_dir: /var/run/dovecot/login > login_executable(default): /usr/libexec/dovecot/imap-login > login_executable(imap): /usr/libexec/dovecot/imap-login > login_executable(pop3): /usr/libexec/dovecot/pop3-login > mail_location: > mbox:/var/spool/mail/vmail/%d/%n:INBOX=/var/spool/mail/vmail/%d/%n/Inbox:INDEX=/var/spool/mail/vmail/%d/%n:home=/var/spool/mail/vmail/%d/%n/.imap/.imap > mail_debug: yes > maildir_copy_with_hardlinks: yes > mbox_min_index_size: 200 > mail_executable(default): /usr/libexec/dovecot/imap > mail_executable(imap): /usr/libexec/dovecot/imap > mail_executable(pop3): /usr/libexec/dovecot/pop3 > mail_plugin_dir(default): /usr/lib/dovecot/imap > mail_plugin_dir(imap): /usr/lib/dovecot/imap > mail_plugin_dir(pop3): /usr/lib/dovecot/pop3 > auth default: > mechanisms: plain login > passdb: > driver: pam > passdb: > driver: sql > args: /etc/dovecot/dovecot-mysql.conf > userdb: > driver: sql > args: /etc/dovecot/dovecot-mysql.conf > socket: > type: listen > client: > path: /var/spool/postfix/private/auth > mode: 432 > user: postfix > group: postfix > master: > >
[Dovecot] Deliver, sendmail, virtual users, and catch-all addresses
I have spent a long time looking into this and can't find the answer I'm looking for, so I'm asking here. I'm cutting the example down to just the bare minimums. This is NOT my actual configuration, but is sufficient for asking this question: How can I use dovecot's deliver LDA to deliver to virtual users, but then have unknown virtual users fall back to catch-all addresses defined by sendmail? Background: * sendmail is the MTA. I do not wish to change this. * procmail is the default MDA. * deliver is set up per the dovecot documentation as another MDA. * mailertable is configured to send mydomain.com to dovecot:dovecot * SQL backend for user/passwords I have it working the way I want with the exception of catch-alls. I thought that it might work by adding @mydomain.com to virtusertable, but sendmail sees the "user not found" return from deliver as the MDA and bounces the mail to postmaster. So what I'm trying to accomplish is this: Mail from [EMAIL PROTECTED] to [EMAIL PROTECTED] Deliver to me Mail from [EMAIL PROTECTED] to [EMAIL PROTECTED] (virtual) Deliver via deliver to [EMAIL PROTECTED] Mail from [EMAIL PROTECTED] to [EMAIL PROTECTED] (invalid) Deliver to catchall - [EMAIL PROTECTED] Can someone point me in the right direction. RTFM is fine if you'll tell me what FM to R, because I've run out of ideas... Thanks! -- Eric Loyd
Re: [Dovecot] Start using Dovecot
Isaak, It sounds as though you are using the stock dovecot-sql.conf file without making site-specific changes. Make sure you're setting up the SQL information properly, especially the query. Check out http://wiki.dovecot.org/AuthDatabase/SQL for more information. On Dec 19, 2007 9:24 AM, Isaak <[EMAIL PROTECTED]> wrote: > > Hey,I have recently set up Dovecot on my server but I have trouble with using > it. > > I'm using Dovecot 1.0.rc15, SQL password and user database with the SQL > config files provided on the home page. > > I'm using Thunderbird to connect to Dovecot. > > When trying to connect it gives me an internal server error: User not found > > Is there anything else I need to do before I can use Dovecot? > > Here's my configuration, any help would be appreciated. > > # /etc/dovecot.conf > log_path: /var/log/dovecot.log > info_log_path: /var/log/dovecot.info.log > protocols: imap pop3 imaps pop3s > listen(default): *:143 > listen(imap): *:143 > listen(pop3): *:110 > ssl_cert_file: /var/www/ssl/just-click.pem > ssl_key_file: /var/www/ssl/just-click.pem > login_dir: /var/run/dovecot/login > login_executable(default): /usr/libexec/dovecot/imap-login > login_executable(imap): /usr/libexec/dovecot/imap-login > login_executable(pop3): /usr/libexec/dovecot/pop3-login > max_mail_processes: 100 > first_valid_uid: 1000 > last_valid_uid: 1500 > mail_extra_groups: mail > mail_location: mbox:~/mail/:INBOX=/var/mail/%u > mail_debug: yes > mbox_read_locks: dotlock fcntl > mbox_write_locks: dotlock fcntl > mail_executable(default): /usr/libexec/dovecot/imap > mail_executable(imap): /usr/libexec/dovecot/imap > mail_executable(pop3): /usr/libexec/dovecot/pop3 > mail_plugin_dir(default): /usr/lib/dovecot/imap > mail_plugin_dir(imap): /usr/lib/dovecot/imap > mail_plugin_dir(pop3): /usr/lib/dovecot/pop3 > auth default: > verbose: yes > debug: yes > debug_passwords: yes > passdb: > driver: sql > args: /etc/dovecot-sql.conf > userdb: > driver: sql > args: /etc/dovecot-sql.conf > socket: > type: listen > client: > path: /var/run/dovecot/auth-client > mode: 432 > master: > path: /var/run/dovecot/auth-master > mode: 432 > user: dovecot > group: mail > > _ > Neem je vrienden overal mee dankzij Messenger op je gsm. > http://messenger.live.com -- Eric Loyd
[Dovecot] appending domain based on port
I am looking for a way to append a domain to unqualified user names based on the port that the client connected to. Like this: port 9110 - @test.com port 9111 - @other.com port 9112 - @third.com it looks like auth-default-realm does this, but you can only specify it once for the whole process. I know I could do this by running a separate copy of dovecot attached to each port in question, but I would like to do it all in one process if possible. Other questions I have, if I use the auth-default-realm: 1) does it happen before auth lookup I assume? 2) do I have to define the domain i use here as an auth-realm in addition to default?
[Dovecot] Virtual Alias Forwarding
I'm having a problem with Dovecot and forwarding of aliases. Any help would
be greatly appreciated.
I'm using Postfix, Mysql, dovecot, amavis.
mysql> SELECT * FROM alias;
| address | goto | domain | created | modified | active |
It seems from the logs that incoming mail is being delivered to the mailbox
via dovecot. Mail gets to the correct mailbox (address field), however, if I
change the destination mailbox (goto) in the alias table in mysql, the mail
still goes to the main mailbox (address).
mysql_virtual_alias_maps.cf looks to be configured correctly but I'm
suspecting that dovecot is circumventing that file.
I'll post maillog entry, dovecot-deliver.log entry, dovecot-mysql.conf,
mysql_virtual_alias_maps.cf, and dovecot.conf below in case that helps.
Thanks in advance for anything that helps me resolve this.
Maillog:
Jan 29 17:23:04 mail postfix/pipe[29368]: D16F657804A: to=<[EMAIL PROTECTED]>,
relay=dovecot, delay=0.03, delays=0.01/0.01/0/0.01, dsn=2.0.0, status=sent
(delivered via dovecot service)
dovecot-deliver.log:
deliver([EMAIL PROTECTED]): Jan 29 17:23:04 Info:
msgid=<[EMAIL PROTECTED]>: saved mail to INBOX
dovecot-mysql.conf:
driver = mysql
connect = host=127.0.0.1 dbname=mail user=sqluser password=sqlpasswd
default_pass_scheme = MD5 # Get the mailbox user_query = SELECT
'/home/vmail/%d/%n' as home, 'maildir:/home/vmail/%d/%n' as mail, 5000 AS
uid, 5000 AS gid, concat('dirsize:storage=', quota) AS quota FROM mailbox
WHERE username = '%u' AND active = '1'
# Get the password
password_query = SELECT username as user, password, '/home/vmail/%d/%n' as
userdb_home, 'maildir:/home/vmail/%d/%n' as userdb_mail, 5000 as userdb_uid,
5000 as userdb_gid FROM mailbox WHERE username = '%u' AND active = '1'
# If using client certificates for authentication, comment the above and
uncomment the following #password_query = SELECT null AS password, '%u' AS
user
mysql_virtual_alias_maps.cf:
user = sqluser
password = sqlpasswd
hosts = 127.0.0.1
dbname = mail
#table = alias
#select_field = goto
#where_field = address
#additional_conditions = and active = '1'
query = SELECT goto FROM alias WHERE address='%s' AND active = '1'
# dovecot -n
# 1.0.7: /etc/dovecot.conf
protocols: imaps pop3s
ssl_listen(default): *:993
ssl_listen(imap): *:993
ssl_listen(pop3): *:995
ssl_cert_file: /etc/pki/tls/certs/mail.domain.com.crt
ssl_key_file: /etc/pki/tls/private/mail.domain.com.pem
disable_plaintext_auth: yes
login_dir: /var/run/dovecot/login
login_executable(default): /usr/libexec/dovecot/imap-login
login_executable(imap): /usr/libexec/dovecot/imap-login
login_executable(pop3): /usr/libexec/dovecot/pop3-login
first_valid_uid: 5000
last_valid_uid: 5000
first_valid_gid: 5000
last_valid_gid: 5000
mail_location: maildir:/home/vmail/%d/%n
mail_executable(default): /usr/libexec/dovecot/imap
mail_executable(imap): /usr/libexec/dovecot/imap
mail_executable(pop3): /usr/libexec/dovecot/pop3
mail_plugin_dir(default): /usr/lib64/dovecot/imap
mail_plugin_dir(imap): /usr/lib64/dovecot/imap
mail_plugin_dir(pop3): /usr/lib64/dovecot/pop3
namespace:
type: private
separator: /
inbox: yes
auth default:
mechanisms: plain login
passdb:
driver: pam
passdb:
driver: sql
args: /etc/dovecot-mysql.conf
userdb:
driver: passwd
userdb:
driver: static
args: uid=5000 gid=5000 home=/home/vmail/%d/%n allow_all_users=yes
userdb:
driver: sql
args: /etc/dovecot-mysql.conf
socket:
type: listen
client:
path: /var/spool/postfix/private/auth
mode: 432
user: postfix
group: postfix
master:
path: /var/run/dovecot/auth-master
mode: 384
user: vmail
Re: [Dovecot] Virtual Alias Forwarding
Mouse, Thanks so much for your reply. It helped me understand the path mail takes through the system. I did a little research and found alias mapping is applied after amavis hands the message back to postfix. So after carefully looking at master.cf I found a stray # found it's way into the line that starts with -o receive_override_options= My apologies to the list for misdirecting a postfix issue here Eric -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of mouss Sent: Wednesday, January 30, 2008 3:01 AM To: dovecot@dovecot.org Subject: Re: [Dovecot] Virtual Alias Forwarding mouss wrote: > Eric Biondi wrote: >> I'm having a problem with Dovecot and forwarding of aliases. Any help >> would be greatly appreciated. >> >> I'm using Postfix, Mysql, dovecot, amavis. >> >> mysql> SELECT * FROM alias; >> | address | goto | domain | created | modified | active | >> >> It seems from the logs that incoming mail is being delivered to the >> mailbox via dovecot. Mail gets to the correct mailbox (address >> field), however, if I change the destination mailbox (goto) in the >> alias table in mysql, the mail still goes to the main mailbox >> (address). >> mysql_virtual_alias_maps.cf looks to be configured correctly but I'm >> suspecting that dovecot is circumventing that file. > > dovecot does not care about virtual aliases. These are a functionality > of postfix. The question belongs to the postfix list. post there, but > provide more infos: > - output of 'postconf -n' > - test lookups with postmap -q. for example >postmap -q [EMAIL PROTECTED] > mysql:/etc/postfix/mysql_virtual_alias_maps.cf and master.cf. My guess is that you disabled virtual aliases when setting up amavisd-new filtering.
Re: [Dovecot] appending domain based on port
I use sql for my passwd db. So are you saying use some kind of conditional in my select that checks for @ in the username and if not found appends the domain based on the %l variable (using something like a join to a table that has port to domain mappings). Interesting. Im worried that might add significant load to the sql server though. This is a fairly large install. (300,000+ boxes). On Thu, Jan 31, 2008 at 9:43 AM, Timo Sirainen <[EMAIL PROTECTED]> wrote: > On Mon, 2008-01-28 at 12:11 -0500, Eric Hester wrote: > > I am looking for a way to append a domain to unqualified user names > > based on the port that the client connected to. Like this: > > > > port 9110 - @test.com > > port 9111 - @other.com > > port 9112 - @third.com > > > > it looks like auth-default-realm does this, but you can only specify > > it once for the whole process. > > > > I know I could do this by running a separate copy of dovecot attached > > to each port in question, but I would like to do it all in one process > > if possible. > > What passdb do you use? This would be possible with SQL and > checkpassword passdbs at least. You can get the local port from %l > variable. > > > > Other questions I have, if I use the auth-default-realm: > > > > 1) does it happen before auth lookup I assume? > > Yes. > > > > 2) do I have to define the domain i use here as an auth-realm in > > addition to default? > > No. >
Re: [Dovecot] appending domain based on port
I got this working using %l for the ip, but I'd really rather do multiple ports so I don't have to have 4 ips on 16 different machines. I was trying to use the new 1.1 %a variable as the local port in my query but it seems to always return 0 in 1.1beta14, does this variable not work yet? On Jan 31, 2008 10:42 AM, Timo Sirainen <[EMAIL PROTECTED]> wrote: > On Thu, 2008-01-31 at 10:32 -0500, Eric Hester wrote: > > I use sql for my passwd db. So are you saying use some kind of > > conditional in my select that checks for @ in the username and if not > > found appends the domain based on the %l variable (using something > > like a join to a table that has port to domain mappings). Interesting. > > Exactly. The "checks for @ in username" part could be done easily by > checking if '%d' = ''. > > > Im worried that might add significant load to the sql server though. > > This is a fairly large install. (300,000+ boxes). > > If there are only a few ports, you could use a CASE instead of a table > join. But I'd think both of them could be done quickly by the SQL > server. It's still a pretty simple query. > >
Re: [Dovecot] NULL for password and proxy fields
also just as a note, when you go to 1.1 make sure to return nopassword='Y' if you return a NULL password or dovecot will complain and will fail auth. On Feb 4, 2008 12:48 PM, WJCarpenter <[EMAIL PROTECTED]> wrote: > > >> 2. It looks like any value at all for the "proxy" field in the passdb > >> lookup turns proxying on. The one exception is a value of NULL for > >> "proxy", in which case proxying is not turned on and proxy-related > >> other fields are ignored. Is that how it's intended to work? > >> > > > > Yes. It might change in some future release, but currently I'm not > > planning on changing it. 'Y' would anyway be a future-safe choice. > > > > > > Thanks for the information. I was actually asking about the other side > of the coin ... is it safe to assume that "proxy=NULL" will disable the > proxying, at least for the 1.0 series? (I saw the "proxy_maybe" for > 1.1, which is also OK for me when I get to that release.) >
Re: [Dovecot] appending domain based on port
Sorry, now that I reread the comment for listen I see it says space
separated list. I'm not sure this is clear to everyone that it can be
used to listen on multiple ports as there are wiki pages showing how
to use iptables to get additional ports:
http://wiki.dovecot.org/Iptables
The patch worked for %a perfectly. I also had to start returning
nopassword in my passdb query, but I am now up and working. Now I just
have to do some testing on 1.1 to make sure I am comfortable running
it in production over 1.0.10 which I currently have.
If anyone cares here is my query.. it is a little complex because I
use it to lookup against two tables and use the first match : a table
called proxymap to proxy the user offsite if they havent been migrated
yet, and a @mail sql user db if the user is local. the union makes it
so all I have to do is delete the user from proxymap when they are
migrated and they stop proxying.
#proxymap and atmail query (if entry is in proxy map it wins out over
atmail tables)
password_query = SELECT '3000' AS userdb_uid, '3000' AS userdb_gid,
proxymap.user AS user, NULL as password, host, 'Y' as proxy, 'Y' as
nologin, 'Y' as nodelay, 'Y' as nopassword, NULL as userdb_home, NULL
as quota from proxymap where proxymap.user =
IF(INSTR('%u','@')=0,CONCAT('%u','@',(select domain from portdomainmap
where port='%a')),'%u') UNION SELECT '3000' AS userdb_uid, '3000' AS
userdb_gid, UserSession.Account AS user, MD5(UserSession.Password)
AS password, NULL as host, NULL as proxy, NULL as nologin, NULL as
nodelay, NULL as nopassword, Users.Maildir as userdb_home,
CONCAT('maildir:storage=',Users.UserQuota) as userdb_quota FROM
Users,UserSession where UserSession.Account = Users.Account and
UserSession.Account = IF(INSTR('%u','@')=0,CONCAT('%u','@',(select
domain from portdomainmap where port='%a')),'%u') limit 1;
#atmail compatible query for delivery agent
user_query = SELECT '3000' AS uid, '3000' AS gid, Users.Maildir as
home FROM Users,UserSession where UserSession.Account = Users.Account
and UserSession.Account = '%u'
On Feb 4, 2008 11:54 AM, Timo Sirainen <[EMAIL PROTECTED]> wrote:
> On Mon, 2008-02-04 at 11:40 -0500, Eric Hester wrote:
> > Any chance of getting multiple ports per protocol in 1.1 or is that a
> > major undertaking?
>
> It should already work:
>
> listen = *:143 *:144 *:145
>
>
Re: [Dovecot] appending domain based on port
Any chance of getting multiple ports per protocol in 1.1 or is that a major undertaking? On Feb 4, 2008 4:23 AM, Timo Sirainen <[EMAIL PROTECTED]> wrote: > On Sun, 2008-02-03 at 17:25 -0500, Eric Hester wrote: > > I got this working using %l for the ip, but I'd really rather do > > multiple ports so I don't have to have 4 ips on 16 different machines. > > Oh, somehow I wasn't thinking and thought %l was the same as port :) > > > I was trying to use the new 1.1 %a variable as the local port in my > > query but it seems to always return 0 in 1.1beta14, does this variable > > not work yet? > > This should fix it: http://hg.dovecot.org/dovecot/rev/83fb5f84a270 > >
Re: [Dovecot] backup strategy
Quoting Steve Lindemann <[EMAIL PROTECTED]>: curious... I've been using dump for decades (unix and linux) without any problems on mounted filesystems. Well, any known/observed problems... Anyone with half an ounce of common sense will use due caution backing up "live" data, regardless of the tool used, and will prefer to work with umounted filesystems when possible, but it isn't an imperative, nor always practical. Only if you want a good backup of the data... Okay, I will admit that I sometimes do backups with dump on live filesystems also... But I know what I'm doing, and why... But again, this is getting off topic... So enough about this... -- Eric Rostetter The Department of Physics The University of Texas at Austin Go Longhorns!
