Yes I am running sendmail next to dovecot on backend servers. That works
ok. I have some problems with re-routing mail in a proxy setup.
-Original Message-
To: Marc Roos; dovecot
Subject: Re[2]: Lightweight LMTP daemon to avoid overkill MTA
Hi,
I was unclear in my question. The spa
Yes dovecot, /etc/dovecot/conf.d/20-lmtp.conf ;)
service lmtp {
chroot =
client_limit = 1
drop_priv_before_exec = no
executable = lmtp
extra_groups = $default_internal_group
group =
idle_kill = 0
inet_listener lmtp {
address =
haproxy = no
port = 24
reuse_port = n
How to change this line in sendmail.mc, to the tcp port 24 on eg
127.0.0.1?
FEATURE(`local_lmtp',`[IPC]',`FILE /var/run/dovecot/lmtp')dnl
If I run a docker image with the mesos containerizer and altering the
dovecot config mentioned here[1]
I think the root detection is incorrect because it looks like dovecot is
still thinking it is root. I still get errors like:
>> log(829825): Fatal: We couldn't drop root group privileges
: dovecot@dovecot.org
Subject: Re: running dovecot under different user
On 2019-12-02 20:08, Marc Roos via dovecot wrote:
> Did anyone ever managed to run dovecot as a non-root user?
basic: all ports below 1024 need to be setup from root unix system user
so yes dovecot can run non rooted if
Did anyone ever managed to run dovecot as a non-root user?
I thought, I read somewhere I could prevent chroot with[1] but I am
still getting chroot errors[2].
drwxrwxr-x 2 10053 101 6 Dec 2 16:54 empty
drwxr-x--- 2 10053 101 73 Dec 2 17:00 login
drwxr-x--- 2 10053 101 44 Dec 2 17:00 token-login
[1]
service anvil {
chroot =
}
[2]
Dec 2 1
ecot
wrote:
> >
> > On 21.11.2019 23.57, Marc Roos via dovecot wrote:
> > > Is it possible to configure a network for a cert instead of
an ip?
> > >
> > > Something like this:
> > >
>
-Original Message-
From: Stephan Bosch [mailto:step...@rename-it.nl]
Sent: zondag 1 december 2019 16:30
To: Marc Roos; dovecot
Subject: Re: Error: proxy: Remote returned invalid banner: 220
On 29/11/2019 19:01, Marc Roos via dovecot wrote:
> I had a working proxy setup added sieve
I am sure resolving works fine. I tested this in a running mesos
container, but also in docker run[1]. I need to have the search local
option in resolve.conf.
It was actually working, until I started adding the proxy for
managesieve, but when I reverted, it still does not work. I think the
I had a working container with dovecot configured as proxy. And all of a
sudden I am getting these messages 'dovecot: auth: Error: DNS lookup for
roosit03 failed: Name does not resolve'
Pinging/nslookup these hostnames is ok
With a telnet to port 110 on the proxy
-Original Message-
To: dovecot
Subject: Error: proxy: Remote returned invalid banner: 220
I had a working proxy setup added sieve to it, and out of the blue I get
this
Error: proxy: Remote returned invalid banner: 220
No idea what to do, nothi
I had a working proxy setup added sieve to it, and out of the blue I get
this
Error: proxy: Remote returned invalid banner: 220
No idea what to do, nothing even in the mail list archive
Yes you were right, I asked also at sendmail and they also told me the
smtp should stay. Seems to be working now with lmtp and sieve.
-Original Message-
To: Dovecot
Subject: RE: sendmail -> lmtp 501 5.6.0 Data format error
On Thu, 28 Nov 2019, Marc Roos wrote:
> When changing in a w
Is there any guide like this
https://wiki.dovecot.org/HowTo/PostfixDovecotLMTP for configuring
sendmail?
Eg. When I send email from gmail it looks like this
(reason: 553 5.1.2 ... Unrecognized host name
gmail.com.)
-Original Message-
To: dovecot
Subject: sendmail -> lmtp 501 5.6.0 Data format error
When changing in a working setup sendmail.mc
From this
MAILER(smtp)dnl
MAILER(pro
When changing in a working setup sendmail.mc
From this
MAILER(smtp)dnl
MAILER(procmail)dnl
To this
FEATURE(`local_lmtp',`[IPC]',`FILE /var/run/dovecot/lmtp')dnl
MAILER(local)dnl
I am getting these errors '501 5.6.0 Data format error' and '
Unrecognized host name'.
What should I change in
If I do the same test[1] with mbox I can store around 31k messages and
mdbox 16k messages. I noticed also that cpu and disk utilization with
mdbox was not very high, while disk utilization on mbox was much higher.
That makes me wonder if I can tune mdbox to have better performance?
[1]
imapt
nd just replace health-check.sh with the script that you implemented.
> On November 25, 2019 11:48 AM Marc Roos via dovecot
wrote:
>
>
> :) I really starting to feel a bit like an idiot, but all these 3
> configs[0] give error 'Client not compatible with this bina
Looks like dovecot is not sending stuff to syslog anymore I am getting
some message in /tmp/dovecot.log. However the lmtp log files are not
even created.
bash-5.0# doveconf | grep log_
auth_policy_log_only = no
debug_log_path =
deliver_log_format = msgid=%m: %$
doveadm_http_rawlog_dir =
imapc_
gt; -Original Message-
> Subject: Re: Health check curl example
>
> Hi,
>
> you can use telnet or netcat to send input to that port and receive
> the answer.
>
> echo "PING" | nc localhost 5001
>
> Best regards
>
> Markus
>
>
> On 12 Nov 2019, at 16.03, Marc Roos via dovecot
wrote:
>
>
>
>
> I want to migrate mail users to a new environment.
>
> If I setup a new server next to the old server, and enable proxy on
> both. Is this then enough to migrate user by user with the pass
quot;PING" | nc localhost 5001
Best regards
Markus
On 11/24/19 2:43 PM, Marc Roos via dovecot wrote:
>
> How do I check the standard script then on this port 5001 from the
> command line?
>
>
> This one of alpine linux also does not have it yet bash-5.0# dov
I have this in my 20-lmtp.conf file and created passdb-file, this should
be enough to route a message to svr1? The port 24 is reachable from the
proxy.
bash-5.0# cat 20-lmtp.conf
lmtp_proxy = yes
protocol lmtp {
# Space separated list of plugins to load (default is global
mail_plugins).
If I add a domain, error changes in:
connection.c: line 380 (connection_update_properties): assertion failed:
(conn->remote_port != 0)
-Original Message-
Subject: lmtp proxy 'Invalid FROM: Missing domain'
Looks like I have a correct working proxy on pop3. On both backend
servers I c
Looks like I have a correct working proxy on pop3. On both backend
servers I can run
cat /tmp/test.msg | /usr/libexec/dovecot/lmtp
Giving
250 2.1.5 OK
354 OK
Info: Disconnect from local: Connection closed (in DATA)
However if I run the same command on the proxy, I am getting this error
'Inv
.
Aki
On 24/11/2019 15:28 Marc Roos via dovecot < dovecot@dovecot.org>
wrote:
I think I already have that, I am having this configured
service health-check {
# this is the default configuration using the simple PING->PONG
# example hea
/11/2019 15:12 Marc Roos via dovecot < dovecot@dovecot.org>
wrote:
I am not understanding how this health check[1] script should work.
From
the commandline it works fine when I type a PING I get a PONG. But
how
do I do a curl to this 5001 port?
Tried
I am not understanding how this health check[1] script should work. From
the commandline it works fine when I type a PING I get a PONG. But how
do I do a curl to this 5001 port?
Tried something like this:
bash-5.0# curl http://localhost:5001/
curl: (56) Recv failure: Connection reset by peer
ovecot.org/configuration_manual/authentication/ldap/
Aki
On 24/11/2019 11:34 Marc Roos via dovecot < dovecot@dovecot.org>
wrote:
My query? Is dovecot not getting this field automatically?
-Original Message-
Subject: Re: Dovecot proxy with ldap, compl
My query? Is dovecot not getting this field automatically?
-Original Message-
Subject: Re: Dovecot proxy with ldap, complains about 'host not given'
On 23 Nov 2019, at 16:11, Marc Roos wrote:
> It looks like the dovecot proxy can authenticate correctly but fails
> then on with this
It looks like the dovecot proxy can authenticate correctly but fails
then on with this message
Nov 23 23:33:33 test2 dovecot: pop3-login: Error: proxy: host not given:
user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured,
session=
I have configured a host= in ldap for this user
Thought about creating the socket via some setuid c source temporarily,
but now this, g
bash-5.0$ dovecot -F
Fatal: Dovecot is already running? Socket already exists:
/var/dovecot/login/ipc-proxy
-Original Message-
To: dovecot
Subject: chown(/var/dovecot/login/ipc-proxy
Can w
Can we remove/change this in the source? So we do not have to add the
CAP_CHOWN with containers.
chown(/var/dovecot/login/ipc-proxy)
When run as root this has user dovenull, maybe this can be resolved by
using a group dovenull?
bash-5.0# ls -arlt
total 4
srw-rw-rw-1 root root
Is it possible to configure a network for a cert instead of an ip?
Something like this:
local 192.0.2.0 {
ssl_cert = https://wiki.dovecot.org/SSL/DovecotConfiguration
I am having an ios12.4.1 client whine about access problems. He is
getting the 'default' self signed ceritificate instead of the hostname
alias. openssl s_client -servername mail.x.com -connect
x.x.x.x:pop3s gives a 'Verify return code: 0 (ok)'
I can't imagine this sni support is not ava
I am not sure why this
I want to migrate mail users to a new environment.
If I setup a new server next to the old server, and enable proxy on
both. Is this then enough to migrate user by user with the passdb
host=newsvr option to the new environment?
Eg. I do not need to configure a director setup?
I only need
12.11.2019 15.26, Marc Roos via dovecot wrote:
>
> How to send a test message directly to lmtp, to test proxying?
Using LMTP protocol:
LHLO localhost
MAIL FROM:
RCPT TO:
DATA
...
.
Aki
How to send a test message directly to lmtp, to test proxying?
I have
1x proxy/director server
2x backend mail server
The backend servers are using a ldap database and do not have the option
to put a proxy=y value. So I put this as a default in the passdb option
in the proxy/director config. When I do telnet localhost 110 on the
proxy/director, I can a
you explicitly set { group = dovenull } you may fix the
permissions issue.
I am not running director in my setup, just pointing out what jumped out
at me.
On 11/11/2019 1:24 PM, Marc Roos via dovecot wrote:
>
> But if in the configuration of the director is stated login/director.
&g
dovenull 0 Nov 10 18:14:00 login/login=
srw-rw-rw- 1 root dovenull 0 Nov 10 18:14:00 login/pop3=
srw-rw-rw- 1 root dovenull 0 Nov 10 18:14:00 login/sieve=
Maybe setting { group = dovenull } is what's needed?
--
Yarema
On 11/11/2019 11:15 AM, Marc Roos via dovecot wrote:
&
I have this[0] config, yet the /var/run/dovecot/login/director is not
created, what to check in the config?
dovecot: imap-login: Error: auth: connect(director) failed: No such file
or directory
[0]
service director {
unix_listener login/director {
#mode = 0666
}
fifo_listener login
ecot/login)
You should probably disable chrooting for login services if you are
running as non-root...
service imap-login {
chroot =
}
Aki
On 11.11.2019 14.59, Marc Roos via dovecot wrote:
> I am testing a bit with the proxy, and trying to run dovecot as a
> normal user. (with ca
-Original Message-
Subject: Re: Proxy testing in container( chown failed
/var/dovecot/login)
You should probably disable chrooting for login services if you are
running as non-root...
service imap-login {
chroot =
}
Aki
On 11.11.2019 14.59, Marc Roos via dovecot wrote:
> I
I am testing a bit with the proxy, and trying to run dovecot as a normal
user. (with cap bind_service). I was wondering what the minimum
configuration is for running like a proxy.
I am now getting issues like unable to chown on /var/dovecot/login, but
I do not need this in such a setup do I?
If I have sendmail configured to deliver to dovecot lmpt and use the
director are incoming messages directed to the correct/configured
server?
Sendmail.mc with:
FEATURE(`local_lmtp',`[IPC]',`FILE /var/run/dovecot/lmtp')dnl
you can also create an archive namespace, and put that on your cheap storage.
On Oct 30, 2019 22:09, Júlio Covolato via dovecot wrote:
Hi.
I'm looking for a tutorial/how-to for a HSM (Hierarchical
Storage Management). keeping old messages for a user in
Ok, what about placing a dummy file of 5GB or so on the partition, that
you can remove when necessary?
-Original Message-
Subject: Re: dovecot disk space settings
>> I don't want to restrict each mailbox size. It's just to prevent
> running out space completely.
>
> Why? (If I may
> I don't want to restrict each mailbox size. It's just to prevent
running out space completely.
Why? (If I may ask)
ed?
No, it is still old sendmail to /var/spool/mail/
-Original Message-
From: Sami Ketola [mailto:sami.ket...@dovecot.fi]
Sent: vrijdag 27 september 2019 15:17
To: dovecot
Cc: Marc Roos
Subject: Re: Mail received but not indexed?
> On 27 Sep 2019, at 16.06, Marc Roos via dovecot
No, it is still old sendmail to /var/spool/mail/
-Original Message-
From: Sami Ketola [mailto:sami.ket...@dovecot.fi]
Sent: vrijdag 27 september 2019 15:17
To: dovecot
Cc: Marc Roos
Subject: Re: Mail received but not indexed?
> On 27 Sep 2019, at 16.06, Marc Roos via dove
Is it possible to mail debug just one user? Maybe via the userdb?
I have recently that some users are complaining about that they are not
getting emails. While I see that they are delivered and in the inbox.
When I do a doveadm force-resync -u INBOX it resolves the problem.
I think this is something recent. Where/how should I resolve this issue?
Recen
I am not able to conclude that yet because my 'base' test against the
mbox already stalls. I also have to empty the mailbox/folder before
testing, to get a better chance of finishing the test. So maybe it is
related to some 'reading' being done in the append test?
Below test results from a 1s
: Re: Imaptest stall
If you're just speed testing for writing probably sdbox or maildir would
be the fastest.
Daniel
On 9/17/2019 1:09 PM, Marc Roos via dovecot wrote:
>
> Yes dovecot is showing the inserted messages until the stall. Looks
> like it is an issue with imap test bec
]
Sent: dinsdag 17 september 2019 22:06
To: Marc Roos; dovecot
Subject: Re: Imaptest stall
On 9/17/2019 12:58 AM, Marc Roos via dovecot wrote:
>
> I have been testing with imaptest and getting 'stalls', I tried even
> building from source and static. Even running it on the same h
Anyone? Or maybe another tool?
-Original Message-
From: Marc via dovecot [mailto:dovecot@dovecot.org]
To: dovecot
Subject: Imaptest stall
I have been testing with imaptest and getting 'stalls', I tried even
building from source and static. Even running it on the same host.
Anyon
I have been testing with imaptest and getting 'stalls', I tried even
building from source and static. Even running it on the same host.
Anyone knows what I could doing wrong?
[@~]# ./imaptest - append=100,0 logout=0 host=192.168.10.44 port=143
user=test2 pass= seed=100 secs=240 client
> Since local users open a security hole into your mail server, I would
argue that virtual users
Can you elaborate on that? I would argue exactly the oposite. Having
your virtual users in a
3rd party environment, adds only security exploits of that 3rd party
environment.
I guess most run
Is it not better you either employ a proper educated/trained person or
outsouce the work to a company that has the know how?
-Original Message-
From: Aleksandr Mette via dovecot [mailto:dovecot@dovecot.org]
Sent: zondag 1 september 2019 14:42
To: dovecot@dovecot.org
Subject: Server a
Should dovecot not be using different severity levels like auth.warn? On
my system everything goes to loglevel info:
lev_info:Aug 9 16:18:24 mail03 dovecot: imap-login: Aborted login (auth
failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=x.x.x.x,
lip=x.x.x.x, TLS, session=
lev_info:
What I can think of without any experience using mail-crypt
- who says they need to be stored on the server? They need to be
available on the server when you start dovecot.
- and if you are using 3rd party external storage mounted on your
server. At least this 3rd party cannot access the email
On 23 May 2019, at 01:44, Marc Roos via dovecot
wrote:
> I would like to redirect sometimes a user to a 5GB garbage messages
mailbox.
So you want to setup a service where random spammer/hacker can trivially
DDOS your system?
How many simultaneous 5GB streams can you handle? How much will yo
I have the same, create your own dns blacklist. And have fail2ban add
entries to it. The only problem I have on CentOS6 is that you need to
combine log files for this, but it should be do-able.
But I am also for this option, maybe it can be done via this userdb,
specify an account where auth
Is it possible to do some sort of integrity check on mdbox's
Let me know if you find a nice solution to migrate mailboxes per user,
without downtime. I tried the use of the adviced userdb and using the
override of the maillocation. But that doesn’t work with my mbox inbox.
I wanted to migrate then per user to an new server environment but still
did n
The alias plugin does not work properly afaik, I have been trying to use
it on a default centos6/7 release. If I remember correctly it messes up
with sub folders. Check mailing list archive.
-Original Message-
From: Lefteris Tsintjelis via dovecot [mailto:dovecot@dovecot.org]
Sent:
I haven't used dovecot proxy or director. If I have a setup where all my
users
are connecting to HOSTNAMEOLD, is it possible to have 1 imap user that
is
connecting to HOSTNAMEOLD directed/forwarded to HOSTNAMENEW?
Without changing my dns settings and preferably without creating any new
serv
Just curious if there are already people actively using object storage?
https://github.com/ceph-dovecot/dovecot-ceph-plugin
https://docplayer.net/docs-images/40/9935441/images/page_13.jpg
-
> From: Aki Tuomi
> Sent: dinsdag 14 mei 2019 6:19
> To: Marc Roos; Marc Roos via dovecot
> Subject: Re: Userdb userdb_mail=, error Mailbox list driver maildir++:
> maildir_name not supported by this driver
>
>
>> On 14 May 2019 00:05 Marc Roos via dovecot
> wrote:
>
Maybe this has been already fixed, but symlinked mailboxes are not shown
by
[@ dovecot]# doveadm mailbox list -u test | sort
Archive
Archive/2018
Archive/2019
Archive/2019old
Archive/Archive
Drafts
INBOX
INBOX/test1
INBOX/test2
INBOX/test3
Junk
Sent
test
testing-folder-home
testing-folder-home/
Yes, I have still inbox mbox format because I have sendmail delivering
there. I trying to migrate/convert
step by step, with least possible impact for users.
-Original Message-
From: Aki Tuomi
Sent: dinsdag 14 mei 2019 6:19
To: Marc Roos; Marc Roos via dovecot
Subject: Re: Userdb
I have this default configuration [0], when use the userdb_mail to point
to the mdbox location, the inbox subfolders show differently in a
firebird client. So I decided to copy the whole default mail_location
into the userdb_mail configuration [2]. But then I get errors [3].
Should I change
Indeed, Thanks!!! :)
-Original Message-
From: Aki Tuomi [mailto:aki.tu...@open-xchange.com]
Sent: maandag 13 mei 2019 19:48
To: Marc Roos; Marc Roos via dovecot
Subject: Re: Doveadm sync, Error: read(remote) failed: EOF, Error:
read(remote) failed: EOF
Hi, you need to put mdbox
In the manual page this command is used for converting a mailbox
doveadm sync -u test mdbox:~/mdbox -x INBOX -x INBOX/*
Yet I am getting this error and the mdbox folder is not created.
dsync-local(test): (version not received)
doveadm(test): Fatal: execvp(mdbox:~/mdbox) failed: No such file or
al Message-
From: @lbutlr via dovecot [mailto:dovecot@dovecot.org]
Sent: donderdag 11 april 2019 19:11
To: Peter via dovecot
Subject: Re: Mail account brute force / harassment
On 11 Apr 2019, at 04:43, Marc Roos via dovecot
wrote:
> B. With 500GB dump
> - the owner of the attacki
e-
From: Odhiambo Washington
Sent: donderdag 11 april 2019 12:28
To: Marc Roos
Cc: dovecot
Subject: Re: Mail account brute force / harassment
On Thu, 11 Apr 2019 at 13:24, Marc Roos via dovecot
wrote:
brute force / harassment
On 11/04/2019 11:43, Marc Roos via dovecot wrote:
> A. With the fail2ban solution
>- you 'solve' that the current ip is not able to access you
It is only a solution if there are subsequent attempts from the same
address. I currently have several thous
g 11 april 2019 12:57
To: dovecot@dovecot.org
Subject: Re: Mail account brute force / harassment
Am 11.04.2019 um 12:43 schrieb Marc Roos via dovecot
:
Please do not assume anything other than what is written, it is a
hypothetical situation
one would apply strategy B, the abuse problem would get less.
Don't you agree??
-Original Message-
From: Odhiambo Washington
Sent: donderdag 11 april 2019 12:28
To: Marc Roos
Cc: dovecot
Subject: Re: Mail account brute force / harassment
On Thu, 11 Apr 2019 at 13:24, Marc R
Say for instance you have some one trying to constantly access an
account
Has any of you made something creative like this:
* configure that account to allow to login with any password
* link that account to something like /dev/zero that generates infinite
amount of messages
(maybe send a
I have made something for archiving that you can supply with an array of
mail folders and it wil move messages of a specific year to a folder
ARCHIVE/YEAR. If you only have 180GB I would not make subdivision in
months. Just put everything in a year folder sent and and received
combined.
Also
84 matches
Mail list logo
