dovecot - Dec 2014 - Failed installation on Ubuntu with Postfix/Dovecot/Squirrelmail

Hello all,

I did an install following a HOWTO document that has a fair number of positive
reviews, but something went wrong along the way:

https://www.digitalocean.com/community/tutorials/how-to-configure-a-mail-server-using-postfix-dovecot-mysql-and-spamassasin

I made a couple deviations.  I opted to not use StartSSL keys, and decided to
stay with the default keys.  Also, I chose to use Squirrelmail, but not
Spamassassin.

I tried to ensure that there are no issues with the Postfix installation (Dr.
Venama and the team were quite helpful).  I also had two Postfix book at my
side, but I have none for Dovecot.  While my goal is to get my server running, I
would like to gain an understanding of Dovecot along the way, because sooner or
later, it will break and I'll need to revisit the installation.

First hint of a problem was that Squirrelmail would say the IMAP server dropped
the connection on a successful login.

So I went to a command line and used 'mail' to compose a test message
from my laptop and see how the machine at Digital Ocean handled it.  It
didn't go over so well, in fact, it's generating errors as I'm
writing this (every 5 minutes).  For privacy, I swapped my domain name, for the
generic example.com.

Dec 14 20:24:18 example postfix/qmgr[13624]: EF3C0C0A17: from=<gary at
Garys-MacBook-Pro.local>, size=597, nrcpt=1 (queue active)
Dec 14 20:24:18 example dovecot: lmtp(21652): Connect from local
Dec 14 20:24:18 example dovecot: lmtp(21652, bob at example.com): Error: user
bob at example.com: Initialization failed: namespace configuration error:
inbox=yes namespace missing
Dec 14 20:24:18 example dovecot: lmtp(21652): Disconnect from local: Successful
quit
Dec 14 20:24:18 example postfix/lmtp[21651]: EF3C0C0A17: to=<bob at
example.com>, relay=mail.example.com[private/dovecot-lmtp], delay=168169,
delays=168169/0.01/0.01/0.01, dsn=4.3.0, status=deferred (host
mail.example.com[private/dovecot-lmtp] said: 451 4.3.0 <bob at
example.com> Temporary internal error (in reply to end of DATA command))

Now when I was checking that Postfix wasn't the likely problem, one of them
mentioned:

http://archives.neohapsis.com/archives/postfix/2014-12/0189.html  (Postfix-users
archive)

that I needed:

namespace inbox { 
    inbox = yes 
} 

But I'm curious why that I'm the only one that seems to have been nailed
by this omission.  A keyword search on 'namespace' only brought up a
single comment.  What are your thoughts?  Below, I appended the configuration
files that I modified.  I tried to compress them to a minimum space for the list
by omitting the comments.

#
# /etc/dovecot/dovecot.conf
#
!include_try /usr/share/dovecot/protocols.d/*.protocol
protocols = imap lmtp pop3
dict {
}
!include conf.d/*.conf
!include_try local.conf
# eof

#
# /etc/dovecot/dovecot-sql.conf.ext
#
driver = mysql
connect = host=127.0.0.1 dbname=servermail user=usermail password=changed_it
default_pass_scheme = SHA512-CRYPT
password_query = SELECT email as user, password FROM virtual_users WHERE
email='%u';
# eof

#
# /etc/dovecot/conf.d/10-auth.conf
#
!include auth-sql.conf.ext
# eof

#
# /etc/dovecot/conf.d/10-mail.conf
#
mail_location = maildir:/var/mail/vhosts/%d/%n
mail_privileged_group = mail
# eof

#
# /etc/dovecot/conf.d/10-master.conf
#
service imap-login {
   inet_listener imap {
      port = 143
   }
   inet_listener imaps {
   }
}

service pop3-login {
   inet_listener pop3 {
   }
   inet_listener pop3s {
   }
}

service lmtp {
   unix_listener /var/spool/postfix/private/dovecot-lmtp {
      mode = 0600
      user = postfix
      group = postfix
   }
}

service imap {
}

service pop3 {
}

service auth {
   unix_listener /var/spool/postfix/private/auth {
      mode = 0666
      user = postfix
      group = postfix
   }

   unix_listener auth-userdb {
      mode = 0600
      user = vmail
   }
   user = dovecot
}

service auth-worker {
   user = vmail
}

service dict {
   unix_listener dict {
   }
}
# eof

#
# /etc/dovecot/conf.d/10-ssl.conf
#
ssl=required
ssl_cert = </etc/dovecot/dovecot.pem
ssl_key = </etc/dovecot/private/dovecot.pem
# eof


Thanks for making it all the way down here!

> that I needed:
> 
> namespace inbox { 
>     inbox = yes 
> } 
Hey,
I wonder where do you have set this namespace inbox ? in 10-mail.conf ?
> #
> # /etc/dovecot/conf.d/10-mail.conf
> #
> mail_location = maildir:/var/mail/vhosts/%d/%n
> mail_privileged_group = mail
Do /var/mail/vhosts exists and is owned by mail:mail ?
When you checked all of this try to debug dovecot, see if there is
something in /var/log/mail.err

Regards,
-- 
CHUNKZ.NET - script kiddie and computer technician
Bertrand Caplet, Flers (FR)
Feel free to send encrypted/signed messages
Key ID: FF395BD9
GPG FP: DE10 73FD 17EB 5544 A491 B385 1EDA 35DC FF39 5BD9

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL:
<http://dovecot.org/pipermail/dovecot/attachments/20141215/13497a61/attachment.sig>

On 12/15/2014 at 12:26 PM, "Bertrand Caplet" <bertrand.caplet at
chunkz.net> wrote:
>
>> that I needed:
>> 
>> namespace inbox { 
>>     inbox = yes 
>> } 
>
>Hey,
>I wonder where do you have set this namespace inbox ? in 10-
>mail.conf ?
>
The word 'namespace' does not appear in any file within the tree of
/etc/dovecot/  This was a suggestion that was offered to me from the Postfix
list when I was cleaning up my postfix installation, but I wasn't certain of
which file it should be in (or if it even matters from the software
perspective). I'm curious how so many other users could have gotten the
HOWTO to work for them without having to add this.  This is maybe day 4 of my
experience with dovecot, so I am very cautious, but I can try adding this to
10-mail.conf and restart the service...

According to the mail.log, Postfix handed dovecot a message.  Might have been
the test email from a couple days ago.

Hey, there is content in the directory tree of /var/mail/vhosts/example.com/bob/
That was empty before.
>> #
>> # /etc/dovecot/conf.d/10-mail.conf
>> #
>> mail_location = maildir:/var/mail/vhosts/%d/%n
>> mail_privileged_group = mail
>
>Do /var/mail/vhosts exists and is owned by mail:mail ?
>When you checked all of this try to debug dovecot, see if there is
>something in /var/log/mail.err
>
/var/mail/vhosts does exist and it's owned by vmail, which was a user and
group that was created during the process.

drwxrwsr-x  3 vmail vmail 4096 Dec 11 12:53 .
drwxr-xr-x 13 root  root  4096 Nov  7 18:39 ..
-rw-------  1 root  vmail    0 Dec 11 12:53 root
drwxr-sr-x  4 vmail vmail 4096 Dec  8 00:14 vhosts

Permissions seem to be good enough for writing to it. The privacy and
permissions of the subdirectories are good too.  I'm not entirely certain
why an addition mail user vmail when I already have a user called postfix and
dovecot.  Anyway, the directory has been written to by dovecot since the
subdirectories have changed since adding the change to 10-mail.conf and starting
the server

And guess what, I can log into squirrelmail's interface just fine.  No more
dropped connection to the IMAP server.

And now that the panic is over, I'd like to get smart on dovecot.  
>Regards,
>-- 
>CHUNKZ.NET - script kiddie and computer technician
>Bertrand Caplet, Flers (FR)
>Feel free to send encrypted/signed messages
>Key ID: FF395BD9
>GPG FP: DE10 73FD 17EB 5544 A491 B385 1EDA 35DC FF39 5BD9