Edgar, thank you for your help:
I have solved gaining access from a client (Evolution) via IMAP to the
server: I can refresh, add folders, and delete folders. But I am still
confounded, as IMAP does not see any mailboxes. Neither we from the
command line (telnet, openssl, login, select) nor the system can find
the mailbox, despite following FindMailLocation:
telnet, openssl, login, then
b select inbox
* 0 EXISTS
* 0 RECENT
and postfix fails with
2016-07-23T21:22:37.312039-04:00 lavarre postfix/error[17088]: A8DA2C1BB2:
to=<andy at privustech.com>, orig_to=<andy>, relay
But the mailboxes do exist in /var/mail/vhosts/privustech.com/andy and
we point to them in /etc/dovecot/users.
doveconf -n is attached.
-----
Two issues are:
1. file permissions and ownership
2. virtual versus system users
1. It appears that having the correct ownership and permissions on
various files is critical (of course), but those parameters must also
be included in the interior of the /etc/dovecot/user. So if you change
permissions you also must change that file.
For example, you said:
i also noticed your certificate chain is broken.
http://wiki2.dovecot.org/testinstallation
I worked through this link, thank you. Changing permissions for the
directories /var/mail/* to
root:mail ($UID:$GID = 1000:12)
and then changing /etc/dovecot/users correspondingly to
user at privustech.com :{plain}actualpassword: 1000:12
::/var/mail/vhosts/privustech.com/user
now allows a normal login. and we can create a new folder (e.g., work)
and delete it. However, this is at variance with
http://wiki2.dovecot.org/HowTo/SimpleVirtualInstall
which says to set the ownership to vmail:vmail ($UID:$GID = 100:
5000). Doing so breaks dovecot.
2. The various links suggest that having virtual users is preferable to
setting system users. The former do not require directories under /homebut they
do require a directory in the mail system, which I have provided under
/var/mail/vhosts. It also turns out that for virtual users you must include the
domain (andy at privustech.com). Making that change allowed the success reported
above. But despite that, we still cannot find the mailboxes on login.
Any thoughts on how to have IMAP find the mailboxes (beyond
FindMailLocation, which doesn't seem to work for me) would be most
appreciated.
Kind regards, Andy
-------------- next part --------------
# 2.2.18: /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.8 (0c4ae064f307+)
# OS: Linux 4.1.27-27-default x86_64 openSUSE 42.1 (x86_64) ext4
auth_debug = yes
auth_mechanisms = plain login
auth_verbose = yes
info_log_path = /var/log/dovecot-info.log
listen = *
log_path = /var/log/dovecot.log
mail_debug = yes
mail_location = maildir:/var/mail/vhosts/%d/%n
mail_privileged_group = mail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy
include variables body enotify environment mailbox date index ihave duplicate
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
}
passdb {
args = username_format=%u /etc/dovecot/users
driver = passwd-file
}
plugin {
sieve = ~/.dovecot.sieve
sieve_after = /var/mail/vmail/sieve-after
sieve_before = /var/mail/vmail/sieve-before
sieve_dir = ~/sieve
}
protocols = imap pop3 sieve
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0666
user = postfix
}
}
service imap-login {
inet_listener imaps {
port = 993
ssl = yes
}
}
service lmtp {
unix_listener /var/spool/postfix/private/lmtp {
group = postfix
mode = 0600
user = postfix
}
}
service pop3-login {
inet_listener pop3s {
port = 995
ssl = yes
}
}
ssl = required
ssl_ca = </etc/ssl/certs/StartCom_Certification_Authority.pem
ssl_cert = </etc/apache2/ssl.crt/mail.privustech.com_start.crt
ssl_dh_parameters_length = 2048
ssl_key = </etc/apache2/ssl.key/mail.privustech.com.key
ssl_options = no_compression
ssl_prefer_server_ciphers = yes
userdb {
args = username_format=%u /etc/dovecot/users
driver = passwd-file
}
verbose_ssl = yes
protocol lda {
deliver_log_format = msgid=%m: %$
mail_plugins = sieve
postmaster_address = postmaster at privustech.com
quota_full_tempfail = yes
rejection_reason = Your message to <%t> was automatically rejected:%n%r
}
protocol imap {
imap_client_workarounds = delay-newmail tb-extra-mailbox-sep
mail_max_userip_connections = 10
}
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sun, 24 Jul 2016, C. Andrews Lavarre wrote:> I have solved gaining access from a client (Evolution) via IMAP to the > server: I can refresh, add folders, and delete folders. But I am still > confounded, as IMAP does not see any mailboxes. Neither we from the > command line (telnet, openssl, login, select) nor the system can find > the mailbox, despite following FindMailLocation: > > telnet, openssl, login, then > b select inbox > * 0 EXISTS > * 0 RECENT > > and postfix fails with > > 2016-07-23T21:22:37.312039-04:00 lavarre postfix/error[17088]: A8DA2C1BB2: to=<andy at privustech.com>, orig_to=<andy>, relay > > But the mailboxes do exist in /var/mail/vhosts/privustech.com/andy and > we point to them in /etc/dovecot/users.Check: doveadm user -u andy then enable logging and see if Dovecot uses the desired mail location.> > doveconf -n is attached. > > ----- > > Two issues are: > 1. file permissions and ownership > 2. virtual versus system users > > 1. It appears that having the correct ownership and permissions on > various files is critical (of course), but those parameters must also > be included in the interior of the /etc/dovecot/user. So if you change > permissions you also must change that file. > > For example, you said: > > i also noticed your certificate chain is broken. > http://wiki2.dovecot.org/testinstallation > > I worked through this link, thank you. Changing permissions for the > directories /var/mail/* to > > root:mail ($UID:$GID = 1000:12) > > and then changing /etc/dovecot/users correspondingly to > > user at privustech.com :{plain}actualpassword: 1000:12 ::/var/mail/vhosts/privustech.com/user > > now allows a normal login. and we can create a new folder (e.g., work) > and delete it. However, this is at variance with > http://wiki2.dovecot.org/HowTo/SimpleVirtualInstall > > which says to set the ownership to vmail:vmail ($UID:$GID = 100: > 5000). Doing so breaks dovecot. > > 2. The various links suggest that having virtual users is preferable to > setting system users. The former do not require directories under /homebut they do require a directory in the mail system, which I have provided under /var/mail/vhosts. It also turns out that for virtual users you must include the domain (andy at privustech.com). Making that change allowed the success reported above. But despite that, we still cannot find the mailboxes on login. > > > Any thoughts on how to have IMAP find the mailboxes (beyond > FindMailLocation, which doesn't seem to work for me) would be most > appreciated. > > Kind regards, Andy > >- -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBV5Wx23z1H7kL/d9rAQI0rAf8CIXCVOJAI7zIAtEBr1RWU4fnm4atCU/I NRtqslLp8oXnaoB8S6VCoJqtgrssShzIDlUqa0bEDL0UZTENhRa6afhJ2iD6LFqx ShpC+PG31Njj3Eezcz0AcFplMrKnYqUIF2Sxdc5n7UVHaS6fgf3gxS7/c2O2yjQm XHxSKxioYt6QqneioGuuTh/twdlD5yf2TLmBQIev/lEFFnxsi4toRQuGJKGKpRCD dF5dtO0RQxHlAAjS6EQg3St6eNQ41UVIrM+jencqm4npyEYf0enSoPy9DPkYBRph 0iJim1dtdXqEBIIMjfYyEAQ7kygALMoavgCDPTLZXoyQzmlbg76ihg==PFXu -----END PGP SIGNATURE-----
Steffen thank you. I shall attend to this as soon as possible. Today I awoke to a system that cannot address the hard drive... :-( More Screwtape... Thank you, Andy On 07/25/16 02:29, Steffen Kaiser wrote:> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Sun, 24 Jul 2016, C. Andrews Lavarre wrote: > >> I have solved gaining access from a client (Evolution) via IMAP to the >> server: I can refresh, add folders, and delete folders. But I am still >> confounded, as IMAP does not see any mailboxes. Neither we from the >> command line (telnet, openssl, login, select) nor the system can find >> the mailbox, despite following FindMailLocation: >> >> telnet, openssl, login, then >> b select inbox >> * 0 EXISTS >> * 0 RECENT >> >> and postfix fails with >> >> 2016-07-23T21:22:37.312039-04:00 lavarre postfix/error[17088]: >> A8DA2C1BB2: to=<andy at privustech.com>, orig_to=<andy>, relay >> >> But the mailboxes do exist in /var/mail/vhosts/privustech.com/andy and >> we point to them in /etc/dovecot/users. > > Check: > doveadm user -u andy > > then enable logging and see if Dovecot uses the desired mail location. > >> >> doveconf -n is attached. >> >> ----- >> >> Two issues are: >> 1. file permissions and ownership >> 2. virtual versus system users >> >> 1. It appears that having the correct ownership and permissions on >> various files is critical (of course), but those parameters must also >> be included in the interior of the /etc/dovecot/user. So if you change >> permissions you also must change that file. >> >> For example, you said: >> >> i also noticed your certificate chain is broken. >> http://wiki2.dovecot.org/testinstallation >> >> I worked through this link, thank you. Changing permissions for the >> directories /var/mail/* to >> >> root:mail ($UID:$GID = 1000:12) >> >> and then changing /etc/dovecot/users correspondingly to >> >> user at privustech.com :{plain}actualpassword: 1000:12 >> ::/var/mail/vhosts/privustech.com/user >> >> now allows a normal login. and we can create a new folder (e.g., work) >> and delete it. However, this is at variance with >> http://wiki2.dovecot.org/HowTo/SimpleVirtualInstall >> >> which says to set the ownership to vmail:vmail ($UID:$GID = 100: >> 5000). Doing so breaks dovecot. >> >> 2. The various links suggest that having virtual users is preferable to >> setting system users. The former do not require directories under >> /homebut they do require a directory in the mail system, which I have >> provided under /var/mail/vhosts. It also turns out that for virtual >> users you must include the domain (andy at privustech.com). Making that >> change allowed the success reported above. But despite that, we still >> cannot find the mailboxes on login. >> >> >> Any thoughts on how to have IMAP find the mailboxes (beyond >> FindMailLocation, which doesn't seem to work for me) would be most >> appreciated. >> >> Kind regards, Andy >> >> > > - -- Steffen Kaiser > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > > iQEVAwUBV5Wx23z1H7kL/d9rAQI0rAf8CIXCVOJAI7zIAtEBr1RWU4fnm4atCU/I > NRtqslLp8oXnaoB8S6VCoJqtgrssShzIDlUqa0bEDL0UZTENhRa6afhJ2iD6LFqx > ShpC+PG31Njj3Eezcz0AcFplMrKnYqUIF2Sxdc5n7UVHaS6fgf3gxS7/c2O2yjQm > XHxSKxioYt6QqneioGuuTh/twdlD5yf2TLmBQIev/lEFFnxsi4toRQuGJKGKpRCD > dF5dtO0RQxHlAAjS6EQg3St6eNQ41UVIrM+jencqm4npyEYf0enSoPy9DPkYBRph > 0iJim1dtdXqEBIIMjfYyEAQ7kygALMoavgCDPTLZXoyQzmlbg76ihg=> =PFXu > -----END PGP SIGNATURE-----