Arvid.Eikas at telenor.com
2017-Sep-12 09:51 UTC
dovecot Digest, Vol 173, Issue 28 (INTERNAL)
Hi, I enabled rawlog. Everything seems to be OK but the dovecot-log shows a fatal error and core dump. (created a core file) Arvid Rawlog in <<< STAT>>><<< LIST>>><<< UIDL 1>>><<< UIDL>>><<< QUIT>>>Rawlog out <<< +OK Logged in.>>><<< +OK 22 17589388>>><<< +OK 22 messages: 1 6725 ?????? 22 17387080 .>>><<< +OK 1 1504264023.M267772P16598V0000000000000027I00000000046A5436.nsmx2.nsc.no,S=6571>>><<< +OK 1 1504264023.M267772P16598V0000000000000027I00000000046A5436.nsmx2.nsc.no,S=6571 ........ 22 1505125157.M901211P7821V0000000000000027I00000000046A340F.nsmx2.nsc.no,S=17164095 .>>><<< +OK Logging out.>>>DOVECOT LOG Sep 12 11:40:56 pop3-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read finished A [88.89.118.45] Sep 12 11:40:56 pop3-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write session ticket A [88.89.118.45] Sep 12 11:40:56 pop3-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write change cipher spec A [88.89.118.45] Sep 12 11:40:56 pop3-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write finished A [88.89.118.45] Sep 12 11:40:56 pop3-login: Debug: SSL: where=0x2001, ret=1: SSLv3 flush data [88.89.118.45] Sep 12 11:40:56 pop3-login: Debug: SSL: where=0x20, ret=1: SSL negotiation finished successfully [88.89.118.45] Sep 12 11:40:56 pop3-login: Debug: SSL: where=0x2002, ret=1: SSL negotiation finished successfully [88.89.118.45] Sep 12 11:40:56 pop3-login: Info: Login: user=<viboge>, method=PLAIN, rip=88.89.118.45, lip=148.123.160.116, mpid=18250, TLS, session=<nR4H1/pYvc1YWXYt> Sep 12 11:40:56 pop3(viboge) Session-ID nR4H1/pYvc1YWXYt RemoteIP 88.89.118.45 Maildir /var/nextmail/nfs2.flex14/49/79/841 Info: Disconnected: Logged out top=0/0, retr=0/0, del=0/22, size=17589388, totalread=32, totalsent=2181, uidl=22/50a23327 Sep 12 11:40:56 pop3-login: Debug: SSL alert: close notify [88.89.118.45] Sep 12 11:40:56 pop3-login: Error: ENGINE_finish, bad functional reference count Sep 12 11:40:56 pop3-login: Fatal: master: service(pop3-login): child 18247 killed with signal 6 (core dumped) -----Original Message----- From: Aki Tuomi [mailto:aki.tuomi at dovecot.fi] Sent: 12. september 2017 08:37 To: dovecot at dovecot.org; Eik?s Arvid Subject: Re: dovecot Digest, Vol 173, Issue 28 (INTERNAL) ~$ openssl s_client -connect 192.168.122.14:110 -starttls pop3 CONNECTED(00000003) <snip/> Verify return code: 10 (certificate has expired) --- +OK Dovecot ready. USER testuser1 +OK PASS pass +OK Logged in. LIST +OK 11 messages: 1 14 2 14 3 14 4 14 5 14 6 14 7 14 8 14 9 14 10 14 11 14 . QUIT DONE and no crash occurs. Using Dovecot v2.2.32 (dfbe293) Aki On 12.09.2017 09:33, Arvid.Eikas at telenor.com wrote:> Hi, > > It is quite easy. > I use a client (thunderbird or windows live mail) set it up to use starttls on standard port 110. Logon and just do a list on the mailbox. The fatal error occurred when I logoff. > > Arvid > > -----Original Message----- > From: dovecot [mailto:dovecot-bounces at dovecot.org] On Behalf Of > dovecot-request at dovecot.org > Sent: 11. september 2017 14:57 > To: dovecot at dovecot.org > Subject: dovecot Digest, Vol 173, Issue 28 > > Send dovecot mailing list submissions to > dovecot at dovecot.org > > To subscribe or unsubscribe via the World Wide Web, visit > https://dovecot.org/mailman/listinfo/dovecot > or, via email, send a message with subject or body 'help' to > dovecot-request at dovecot.org > > You can reach the person managing the list at > dovecot-owner at dovecot.org > > When replying, please edit your Subject line so it is more specific than "Re: Contents of dovecot digest..." > > > Today's Topics: > > 1. Re: pop3-login core dump when using TLSSTART on version > dovecot-2.2.32 (INTERNAL) (Aki Tuomi) > 2. Re: Per-user quota (passwd) (Evgeniy Korneechev) > 3. Re: Per-user quota (passwd) (Aki Tuomi) > 4. Re: Is it possible to disable pipelining in imapc? (Nagy, > Attila) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Mon, 11 Sep 2017 13:57:19 +0300 > From: Aki Tuomi <aki.tuomi at dovecot.fi> > To: dovecot at dovecot.org > Subject: Re: pop3-login core dump when using TLSSTART on version > dovecot-2.2.32 (INTERNAL) > Message-ID: <cd450054-53c4-2f84-eba7-7ce602c26892 at dovecot.fi> > Content-Type: text/plain; charset=utf-8 > > Can you outline the exact steps you perform to get this? > > Aki > > On 11.09.2017 13:42, Arvid.Eikas at telenor.com wrote: >> Hi, >> >> I switched back to 2.2.27 with the same config that I am using for 2.2.32 and it work fine. >> >> Sep 11 11:49:37 imap-login: Info: Login: user=<viboge>, method=PLAIN, >> rip=88.89.118.45, lip=148.123.160.116, mpid=18709, TLS, >> session=<v7o22OZYrsdYWXYt> Sep 11 11:49:40 imap(mailuser) Session-ID >> v7o22OZYrsdYWXYt RemoteIP 88.89.118.45 Maildir >> /var/nextmail/nfs2.flex14/49/79/841 Info: Logged out in=4518 >> out=273720 deleted 0 expunged 0 trashed 0 Sep 11 11:49:40 imap-login: >> Debug: SSL alert: close notify [88.89.118.45] >> >> How could I proceed? Any clue? It is quite annoying to see this entry in the log for each session. >> >> Arvid >> >> >> >> >> -----Original Message----- >> From: Aki Tuomi [mailto:aki.tuomi at dovecot.fi] >> Sent: 11. september 2017 09:18 >> To: Eik?s Arvid; dovecot at dovecot.org >> Subject: Re: pop3-login core dump when using TLSSTART on version >> dovecot-2.2.32 (INTERNAL) >> >> Hi! >> >> I tried to reproduce this problem with dovecot-2.2.32 and OpenSSL 1.0.1k and was not able to. I enabled -DREF_CHECK on OpenSSL, but to no avail, the process did not crash. Is there something else you've done? >> >> Aki >> >> >> On 11.09.2017 08:07, Arvid.Eikas at telenor.com wrote: >>> Hi, >>> >>> Here is the gdb output. >>> >>> Arvid >>> >>> GNU gdb (GDB) Red Hat Enterprise Linux 7.6.1-94.el7 Copyright (C) >>> 2013 Free Software Foundation, Inc. >>> License GPLv3+: GNU GPL version 3 or later >>> <http://gnu.org/licenses/gpl.html> >>> This is free software: you are free to change and redistribute it. >>> There is NO WARRANTY, to the extent permitted by law. Type "show copying" >>> and "show warranty" for details. >>> This GDB was configured as "x86_64-redhat-linux-gnu". >>> For bug reporting instructions, please see: >>> <http://www.gnu.org/software/gdb/bugs/>... >>> Reading symbols from /local/misc/mail/dovecot-32/libexec/dovecot/pop3-login...done. >>> [New LWP 15894] >>> Core was generated by `dovecot-test/pop3-login'. >>> Program terminated with signal 6, Aborted. >>> #0 0x00007ff0bd9cf1d7 in raise () from /lib64/libc.so.6 Missing >>> separate debuginfos, use: debuginfo-install >>> glibc-2.17-157.el7_3.1.x86_64 >>> (gdb) bt full >>> #0 0x00007ff0bd9cf1d7 in raise () from /lib64/libc.so.6 No symbol >>> table info available. >>> #1 0x00007ff0bd9d08c8 in abort () from /lib64/libc.so.6 No symbol >>> table info available. >>> #2 0x00007ff0bd3c0f2f in engine_unlocked_finish (e=0x1c51c60, unlock_for_handlers=1) at eng_init.c:115 >>> to_return = 1 >>> #3 0x00007ff0bd3c1064 in ENGINE_finish (e=0x1c51c60) at eng_init.c:150 >>> to_return = 1 >>> #4 0x00007ff0be0f9300 in ssl_proxy_deinit () from >>> /local/nextmail/dovecot/lib64/dovecot/libdovecot-login.so.0 >>> No symbol table info available. >>> #5 0x00007ff0be0f4472 in main_deinit () from >>> /local/nextmail/dovecot/lib64/dovecot/libdovecot-login.so.0 >>> No symbol table info available. >>> #6 0x00007ff0be0f479f in login_binary_run () from >>> /local/nextmail/dovecot/lib64/dovecot/libdovecot-login.so.0 >>> No symbol table info available. >>> #7 0x00000000004032da in main (argc=1, argv=0x7ffe3059f3f8) at >>> client.c:356 No locals. >>> >>> >>> >>> -----Original Message----- >>> From: Aki Tuomi [mailto:aki.tuomi at dovecot.fi] >>> Sent: 8. september 2017 14:08 >>> To: Eik?s Arvid; dovecot at dovecot.org >>> Subject: Re: pop3-login core dump when using TLSSTART on version >>> dovecot-2.2.32 (OPEN) >>> >>> I assume you mean STARTTLS. Can you provide gdb /path/to/bin /path/to/core and provide output of bt full? >>> >>> Aki >>> >>> >>> On 08.09.2017 15:01, Arvid.Eikas at telenor.com wrote: >>>> Hi, >>>> >>>> Pop3-login are CORE-dumping when I log on with TLSSTART, I believe the same will happen with imap-logon to, but I have not tested it yet. >>>> The TLS session is coming up and it works fine until I log off, then it's core dump. Open sslvesrion is openssl-1.0.2k. >>>> We ran dovecot-2.2.27 before we upgraded to dovecote-2.2.32, and >>>> that seems to work fine. (not core dumping) >>>> >>>> >>>> Arvid >>>> >>>> >>>> LOG >>>> Sep 05 14:27:34 pop3-login: Debug: SSL: elliptic curve secp384r1 >>>> will be used for ECDH and ECDHE key exchanges Sep 05 14:30:30 pop3-login: >>>> Debug: SSL: elliptic curve secp384r1 will be used for ECDH and >>>> ECDHE key exchanges Sep 05 14:30:30 pop3-login: Debug: SSL: >>>> elliptic curve >>>> secp384r1 will be used for ECDH and ECDHE key exchanges Sep 05 >>>> 14:30:42 pop3-login: Debug: SSL: elliptic curve secp384r1 will be >>>> used for ECDH and ECDHE key exchanges Sep 05 14:30:42 pop3-login: Debug: >>>> SSL: elliptic curve secp384r1 will be used for ECDH and ECDHE key >>>> exchanges Sep 05 14:30:50 pop3-login: Info: Login: user=<tstrand>, >>>> method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=18361, secured, >>>> session=<65m8ZXBYtpN/AAAB> Sep 05 14:30:50 pop3-login: Error: >>>> ENGINE_finish, bad functional reference count Sep 05 14:30:50 >>>> pop3-login: Fatal: master: service(pop3-login): child 18359 killed >>>> with signal 6 (core dumped) >>>> >>>> >>>> >>>> >>>> >>>> >>>> From ./crypto/engine/eng_init.c >>>> >>>> ......... >>>> int engine_unlocked_finish(ENGINE *e, int unlock_for_handlers) { >>>> int to_return = 1; >>>> >>>> /* >>>> * Reduce the functional reference count here so if it's the terminating >>>> * case, we can release the lock safely and call the finish() handler >>>> * without risk of a race. We get a race if we leave the count until >>>> * after and something else is calling "finish" at the same time - >>>> * there's a chance that both threads will together take the count from 2 >>>> * to 0 without either calling finish(). >>>> */ >>>> e->funct_ref--; >>>> engine_ref_debug(e, 1, -1); >>>> if ((e->funct_ref == 0) && e->finish) { >>>> if (unlock_for_handlers) >>>> CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); >>>> to_return = e->finish(e); >>>> if (unlock_for_handlers) >>>> CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); >>>> if (!to_return) >>>> return 0; >>>> } >>>> #ifdef REF_CHECK >>>> if (e->funct_ref < 0) { >>>> fprintf(stderr, "ENGINE_finish, bad functional reference count\n"); >>>> abort(); >>>> >>>> ......... >>>> >>>> /* The API (locked) version of "finish" */ int ENGINE_finish(ENGINE >>>> *e) { >>>> int to_return = 1; >>>> >>>> if (e == NULL) { >>>> ENGINEerr(ENGINE_F_ENGINE_FINISH, ERR_R_PASSED_NULL_PARAMETER); >>>> return 0; >>>> } >>>> CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); >>>> to_return = engine_unlocked_finish(e, 1); >>>> CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); >>>> if (!to_return) { >>>> ENGINEerr(ENGINE_F_ENGINE_FINISH, ENGINE_R_FINISH_FAILED); >>>> return 0; >>>> } >>>> return to_return; >>>> } > > > ------------------------------ > > Message: 2 > Date: Mon, 11 Sep 2017 14:48:47 +0300 (MSK) > From: Evgeniy Korneechev <ekorneechev at altlinux.org> > To: Aki Tuomi <aki.tuomi at dovecot.fi> > Cc: dovecot <dovecot at dovecot.org> > Subject: Re: Per-user quota (passwd) > Message-ID: > <2046000051.747964.1505130527842.JavaMail.zimbra at remotesystems.ru> > Content-Type: text/plain; charset=utf-8 > > Hi. > But there is one problem... > > protocol lda { > mail_plugins = " quota autocreate sieve quota" > plugin { > quota = dict:user::file:/var/vmail/glu_vrem/%u/.quotausage > } > } > protocol imap { > mail_plugins = " quota autocreate autocreate imap_quota" > plugin { > autocreate = INBOX > autocreate2 = Sent > autocreate3 = Trash > autocreate4 = Drafts > autocreate5 = Junk > autosubscribe = INBOX > autosubscribe2 = Sent > autosubscribe3 = Trash > autosubscribe4 = Drafts > autosubscribe5 = Junk > quota = dict:user::file:/var/vmail/glu_vrem/%u/.quotausage > } > } > >> Users with non-standard quota in passwd-file: >>>>>>>> administrator:*:95400500:95400513:Administrator:/home/DOM/admin >>>>>>>> i strator:/bin/bash::userdb_quota_rule=*:bytes=10G >>>>>>>> userdb_mail=maildir:/var/vmail/glu_vrem/administrator/Maildir >>>>>>>> administrator at email.dom:*:95400500:95400513:Administrator:/home >>>>>>>> / DOM/administrator:/bin/bash::userdb_quota_rule=*:bytes=10G >>>>>>>> userdb_mail=maildir:/var/vmail/glu_vrem/administrator/Maildir >> Others from passwd. > > > Files ".quotausage" are created in different directories: > /var/vmail/glu_vrem/administrator\DOM/.quotausage > /var/vmail/glu_vrem/administrator at email.dom/.quotausage > And must in the folder "/var/vmail/glu_vrem/administrator" > > How fix it? > > > ----- ???????? ????????? ----- >> ??: "Evgeniy Korneechev" <ekorneechev at altlinux.org> >> ????: "Aki Tuomi" <aki.tuomi at dovecot.fi> >> ?????: "dovecot" <dovecot at dovecot.org> >> ????????????: ???????, 30 ???? 2017 ? 10:39:16 >> ????: Re: Per-user quota (passwd) >> Our solution: >> userdb { >> args = /etc/imap.passwd >> driver = passwd-file >> override_fields = home=/var/vmail/glu_vrem/%u } userdb { driver = >> passwd override_fields = home=/var/vmail/glu_vrem/%u } >> >> Users with non-standard quota in passwd-file: >>>>>>>> administrator:*:95400500:95400513:Administrator:/home/DOM/admin >>>>>>>> i strator:/bin/bash::userdb_quota_rule=*:bytes=10G >>>>>>>> userdb_mail=maildir:/var/vmail/glu_vrem/administrator/Maildir >>>>>>>> administrator at email.dom:*:95400500:95400513:Administrator:/home >>>>>>>> / DOM/administrator:/bin/bash::userdb_quota_rule=*:bytes=10G >>>>>>>> userdb_mail=maildir:/var/vmail/glu_vrem/administrator/Maildir >> Others from passwd. >> >> Its works! Thanks. >> >> >> ----- ???????? ????????? ----- >>> ??: "Aki Tuomi" <aki.tuomi at dovecot.fi> >>> ????: "dovecot" <dovecot at dovecot.org> >>> ????????????: ???????, 29 ???? 2017 ? 14:40:44 >>> ????: Re: Per-user quota (passwd) >>> Oh you have multiple db's, I missed that. >>> >>> Remove auth_username_format, and instead >>> >>> userdb { >>> args = /etc/imap.passwd username_format=%Ln driver = passwd-file >>> override_fields = home=/var/vmail/glu_vrem/%u } >>> >>> On 29.06.2017 14:35, Evgeniy Korneechev wrote: >>>> with auth_username_format = %Ln: >>>> >>>> Jun 28 14:43:41 auth: Debug: master in: USER 1 iivanov.ia at example.com >>>> service=lda >>>> Jun 28 14:43:41 auth-worker(18369): Debug: passwd(iivanov.ia): >>>> lookup Jun 28 14:43:41 auth-worker(18369): Info: passwd(iivanov.ia): >>>> unknown user - trying the next userdb Jun 28 14:43:41 >>>> auth-worker(18369): Debug: sql(iivanov.ia): SELECT email as user, >>>> maildir as home, CONCAT('maildir:', maildir, '/Maildir') as mail, >>>> uid, gid, \ >>>> CONCAT('*:storage=', quota, 'B') AS quota_rule, CONCAT(maildir, '/.sieve') as >>>> sieve FROM mail_user WHERE (login = 'iivanov.ia' OR email >>>> 'iivanov.ia') Jun 28 14:43:41 auth-worker(18369): Info: >>>> sql(iivanov.ia): unknown user >>>> >>>> Maybe %Lu? >>>> >>>> ----- ???????? ????????? ----- >>>>> ??: "Aki Tuomi" <aki.tuomi at dovecot.fi> >>>>> ????: "dovecot" <dovecot at dovecot.org> >>>>> ????????????: ???????, 29 ???? 2017 ? 14:10:07 >>>>> ????: Re: Per-user quota (passwd) >>>>> Yes. >>>>> >>>>> Aki >>>>> >>>>> On 29.06.2017 14:07, Evgeniy Korneechev wrote: >>>>>> And if such a user: >>>>>> email (from AD) = ivanov.ia at example.com login (from AD), %n = >>>>>> iivanov %d = DOM %u = iivanov at DOM >>>>>> >>>>>> ? >>>>>> >>>>>> ----- ???????? ????????? ----- >>>>>>> ??: "Aki Tuomi" <aki.tuomi at dovecot.fi> >>>>>>> ????: "dovecot" <dovecot at dovecot.org> >>>>>>> ????????????: ???????, 29 ???? 2017 ? 13:59:05 >>>>>>> ????: Re: Per-user quota (passwd) or use, as I indicated before, >>>>>>> auth_username_format = %Ln >>>>>>> >>>>>>> Aki >>>>>>> >>>>>>> >>>>>>> On 29.06.2017 13:58, Evgeniy Korneechev wrote: >>>>>>>> Hi! >>>>>>>> workaround: >>>>>>>> administrator:*:95400500:95400513:Administrator:/home/DOM/admin >>>>>>>> i strator:/bin/bash::userdb_quota_rule=*:bytes=10G >>>>>>>> userdb_mail=maildir:/var/vmail/glu_vrem/administrator/Maildir >>>>>>>> administrator at email.dom:*:95400500:95400513:Administrator:/home >>>>>>>> / DOM/administrator:/bin/bash::userdb_quota_rule=*:bytes=10G >>>>>>>> userdb_mail=maildir:/var/vmail/glu_vrem/administrator/Maildir >>>>>>>> >>>>>>>> But this is not a solution for 1000 users ... >>>>>>>> Maybe is there extra field "userdb_mail=administrator at email.dom" >>>>>>>> for email to passwd-file? >>>>>>>> >>>>>>>> ----- ???????? ????????? ----- >>>>>>>>> ??: "Aki Tuomi" <aki.tuomi at dovecot.fi> >>>>>>>>> ????: "dovecot" <dovecot at dovecot.org> >>>>>>>>> ????????????: ?????, 28 ???? 2017 ? 12:40:48 >>>>>>>>> ????: Re: Per-user quota (passwd) On 28.06.2017 12:36, Aki >>>>>>>>> Tuomi wrote: >>>>>>>>>> On 28.06.2017 12:25, Evgeniy Korneechev wrote: >>>>>>>>>>> Hello! >>>>>>>>>>> We have passwd=pam, userdb=passwd. >>>>>>>>>>> passdb { >>>>>>>>>>> driver = pam #server was entered domain Active Directory } >>>>>>>>>>> userdb { >>>>>>>>>>> driver = passwd >>>>>>>>>>> override_fields = home=/var/vmail/glu_vrem/%u } >>>>>>>>>>> >>>>>>>>>>> How can i use per-user quota? Only passwd-file? >>>>>>>>>>> >>>>>>>>>>> I tried: >>>>>>>>>>> userdb { >>>>>>>>>>> args = /etc/imap.passwd >>>>>>>>>>> driver = passwd-file >>>>>>>>>>> override_fields = home=/var/vmail/glu_vrem/%u } >>>>>>>>>>> /etc/imap.passwd: >>>>>>>>>>> administrator:*:95400500:95400513:Administrator:/home/DOM/ad >>>>>>>>>>> m inistrator:/bin/bash::userdb_quota_rule=*:bytes=10G >>>>>>>>>>> >>>>>>>>>>> Authentication and quota - now OK. But doesn't work sending >>>>>>>>>>> and receiving mail... >>>>>>>>>>> postfix say 'Unknown user'... >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> Turn on auth_debug and auth_verbose and see what it says. >>>>>>>>>>> >>>>>>>>>>> Aki >>>>>>>>> Also you can set auth_username_format = %Ln to force usernames >>>>>>>>> into lowercase without domain. >>>>>>>>> >>>>>>>>> Aki >> -- >> WBR, Korneechev Evgeniy >> BaseALT/ALTLinux Team > -- > WBR, Korneechev Evgeniy > BaseALT/ALTLinux Team > > > ------------------------------ > > Message: 3 > Date: Mon, 11 Sep 2017 14:51:13 +0300 > From: Aki Tuomi <aki.tuomi at dovecot.fi> > To: dovecot at dovecot.org > Subject: Re: Per-user quota (passwd) > Message-ID: <7e86447f-10e6-51a3-ce8a-3c4c8261bac1 at dovecot.fi> > Content-Type: text/plain; charset=utf-8 > > Hi! > Just so you know, autocreate/autosubscribe is deprecated, you should > use > > namespace { > mailbox INBOX { > auto = subscribe > } > } > > can you run > > doveadm user administrator at email.dom > > to verify that mail_home gets set correctly? > > Aki > > On 11.09.2017 14:48, Evgeniy Korneechev wrote: >> Hi. >> But there is one problem... >> >> protocol lda { >> mail_plugins = " quota autocreate sieve quota" >> plugin { >> quota = dict:user::file:/var/vmail/glu_vrem/%u/.quotausage >> } >> } >> protocol imap { >> mail_plugins = " quota autocreate autocreate imap_quota" >> plugin { >> autocreate = INBOX >> autocreate2 = Sent >> autocreate3 = Trash >> autocreate4 = Drafts >> autocreate5 = Junk >> autosubscribe = INBOX >> autosubscribe2 = Sent >> autosubscribe3 = Trash >> autosubscribe4 = Drafts >> autosubscribe5 = Junk >> quota = dict:user::file:/var/vmail/glu_vrem/%u/.quotausage >> } >> } >> >>> Users with non-standard quota in passwd-file: >>>>>>>>> administrator:*:95400500:95400513:Administrator:/home/DOM/admi >>>>>>>>> nistrator:/bin/bash::userdb_quota_rule=*:bytes=10G >>>>>>>>> userdb_mail=maildir:/var/vmail/glu_vrem/administrator/Maildir >>>>>>>>> administrator at email.dom:*:95400500:95400513:Administrator:/hom >>>>>>>>> e/DOM/administrator:/bin/bash::userdb_quota_rule=*:bytes=10G >>>>>>>>> userdb_mail=maildir:/var/vmail/glu_vrem/administrator/Maildir >>> Others from passwd. >> >> Files ".quotausage" are created in different directories: >> /var/vmail/glu_vrem/administrator\DOM/.quotausage >> /var/vmail/glu_vrem/administrator at email.dom/.quotausage >> And must in the folder "/var/vmail/glu_vrem/administrator" >> >> How fix it? >> >> >> ----- ???????? ????????? ----- >>> ??: "Evgeniy Korneechev" <ekorneechev at altlinux.org> >>> ????: "Aki Tuomi" <aki.tuomi at dovecot.fi> >>> ?????: "dovecot" <dovecot at dovecot.org> >>> ????????????: ???????, 30 ???? 2017 ? 10:39:16 >>> ????: Re: Per-user quota (passwd) >>> Our solution: >>> userdb { >>> args = /etc/imap.passwd >>> driver = passwd-file >>> override_fields = home=/var/vmail/glu_vrem/%u } userdb { driver = >>> passwd override_fields = home=/var/vmail/glu_vrem/%u } >>> >>> Users with non-standard quota in passwd-file: >>>>>>>>> administrator:*:95400500:95400513:Administrator:/home/DOM/admi >>>>>>>>> nistrator:/bin/bash::userdb_quota_rule=*:bytes=10G >>>>>>>>> userdb_mail=maildir:/var/vmail/glu_vrem/administrator/Maildir >>>>>>>>> administrator at email.dom:*:95400500:95400513:Administrator:/hom >>>>>>>>> e/DOM/administrator:/bin/bash::userdb_quota_rule=*:bytes=10G >>>>>>>>> userdb_mail=maildir:/var/vmail/glu_vrem/administrator/Maildir >>> Others from passwd. >>> >>> Its works! Thanks. >>> >>> >>> ----- ???????? ????????? ----- >>>> ??: "Aki Tuomi" <aki.tuomi at dovecot.fi> >>>> ????: "dovecot" <dovecot at dovecot.org> >>>> ????????????: ???????, 29 ???? 2017 ? 14:40:44 >>>> ????: Re: Per-user quota (passwd) >>>> Oh you have multiple db's, I missed that. >>>> >>>> Remove auth_username_format, and instead >>>> >>>> userdb { >>>> args = /etc/imap.passwd username_format=%Ln driver = passwd-file >>>> override_fields = home=/var/vmail/glu_vrem/%u } >>>> >>>> On 29.06.2017 14:35, Evgeniy Korneechev wrote: >>>>> with auth_username_format = %Ln: >>>>> >>>>> Jun 28 14:43:41 auth: Debug: master in: USER 1 iivanov.ia at example.com >>>>> service=lda >>>>> Jun 28 14:43:41 auth-worker(18369): Debug: passwd(iivanov.ia): >>>>> lookup Jun 28 14:43:41 auth-worker(18369): Info: >>>>> passwd(iivanov.ia): unknown user - trying the next userdb Jun 28 >>>>> 14:43:41 auth-worker(18369): Debug: sql(iivanov.ia): SELECT email >>>>> as user, maildir as home, CONCAT('maildir:', maildir, '/Maildir') >>>>> as mail, uid, gid, \ >>>>> CONCAT('*:storage=', quota, 'B') AS quota_rule, CONCAT(maildir, '/.sieve') as >>>>> sieve FROM mail_user WHERE (login = 'iivanov.ia' OR email = >>>>> 'iivanov.ia') Jun 28 14:43:41 auth-worker(18369): Info: >>>>> sql(iivanov.ia): unknown user >>>>> >>>>> Maybe %Lu? >>>>> >>>>> ----- ???????? ????????? ----- >>>>>> ??: "Aki Tuomi" <aki.tuomi at dovecot.fi> >>>>>> ????: "dovecot" <dovecot at dovecot.org> >>>>>> ????????????: ???????, 29 ???? 2017 ? 14:10:07 >>>>>> ????: Re: Per-user quota (passwd) Yes. >>>>>> >>>>>> Aki >>>>>> >>>>>> On 29.06.2017 14:07, Evgeniy Korneechev wrote: >>>>>>> And if such a user: >>>>>>> email (from AD) = ivanov.ia at example.com login (from AD), %n = >>>>>>> iivanov %d = DOM %u = iivanov at DOM >>>>>>> >>>>>>> ? >>>>>>> >>>>>>> ----- ???????? ????????? ----- >>>>>>>> ??: "Aki Tuomi" <aki.tuomi at dovecot.fi> >>>>>>>> ????: "dovecot" <dovecot at dovecot.org> >>>>>>>> ????????????: ???????, 29 ???? 2017 ? 13:59:05 >>>>>>>> ????: Re: Per-user quota (passwd) or use, as I indicated >>>>>>>> before, auth_username_format = %Ln >>>>>>>> >>>>>>>> Aki >>>>>>>> >>>>>>>> >>>>>>>> On 29.06.2017 13:58, Evgeniy Korneechev wrote: >>>>>>>>> Hi! >>>>>>>>> workaround: >>>>>>>>> administrator:*:95400500:95400513:Administrator:/home/DOM/admi >>>>>>>>> nistrator:/bin/bash::userdb_quota_rule=*:bytes=10G >>>>>>>>> userdb_mail=maildir:/var/vmail/glu_vrem/administrator/Maildir >>>>>>>>> administrator at email.dom:*:95400500:95400513:Administrator:/hom >>>>>>>>> e/DOM/administrator:/bin/bash::userdb_quota_rule=*:bytes=10G >>>>>>>>> userdb_mail=maildir:/var/vmail/glu_vrem/administrator/Maildir >>>>>>>>> >>>>>>>>> But this is not a solution for 1000 users ... >>>>>>>>> Maybe is there extra field >>>>>>>>> "userdb_mail=administrator at email.dom" for email to passwd-file? >>>>>>>>> >>>>>>>>> ----- ???????? ????????? ----- >>>>>>>>>> ??: "Aki Tuomi" <aki.tuomi at dovecot.fi> >>>>>>>>>> ????: "dovecot" <dovecot at dovecot.org> >>>>>>>>>> ????????????: ?????, 28 ???? 2017 ? 12:40:48 >>>>>>>>>> ????: Re: Per-user quota (passwd) On 28.06.2017 12:36, Aki >>>>>>>>>> Tuomi wrote: >>>>>>>>>>> On 28.06.2017 12:25, Evgeniy Korneechev wrote: >>>>>>>>>>>> Hello! >>>>>>>>>>>> We have passwd=pam, userdb=passwd. >>>>>>>>>>>> passdb { >>>>>>>>>>>> driver = pam #server was entered domain Active Directory >>>>>>>>>>>> } userdb { >>>>>>>>>>>> driver = passwd >>>>>>>>>>>> override_fields = home=/var/vmail/glu_vrem/%u } >>>>>>>>>>>> >>>>>>>>>>>> How can i use per-user quota? Only passwd-file? >>>>>>>>>>>> >>>>>>>>>>>> I tried: >>>>>>>>>>>> userdb { >>>>>>>>>>>> args = /etc/imap.passwd >>>>>>>>>>>> driver = passwd-file >>>>>>>>>>>> override_fields = home=/var/vmail/glu_vrem/%u } >>>>>>>>>>>> /etc/imap.passwd: >>>>>>>>>>>> administrator:*:95400500:95400513:Administrator:/home/DOM/a >>>>>>>>>>>> dministrator:/bin/bash::userdb_quota_rule=*:bytes=10G >>>>>>>>>>>> >>>>>>>>>>>> Authentication and quota - now OK. But doesn't work sending >>>>>>>>>>>> and receiving mail... >>>>>>>>>>>> postfix say 'Unknown user'... >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> Turn on auth_debug and auth_verbose and see what it says. >>>>>>>>>>>> >>>>>>>>>>>> Aki >>>>>>>>>> Also you can set auth_username_format = %Ln to force >>>>>>>>>> usernames into lowercase without domain. >>>>>>>>>> >>>>>>>>>> Aki >>> -- >>> WBR, Korneechev Evgeniy >>> BaseALT/ALTLinux Team > > > ------------------------------ > > Message: 4 > Date: Mon, 11 Sep 2017 14:56:28 +0200 > From: "Nagy, Attila" <bra at fsn.hu> > To: Aki Tuomi <aki.tuomi at dovecot.fi>, dovecot at dovecot.org > Subject: Re: Is it possible to disable pipelining in imapc? > Message-ID: <a6ced659-fa75-60c9-01f7-bfb36e826466 at fsn.hu> > Content-Type: text/plain; charset=utf-8; format=flowed > > On 09/11/2017 12:12 PM, Aki Tuomi wrote: >> Is there some reason you can't use normal proxy instead of imap backend? >> That is,return proxy, host=imap_backend, port=1430? There seems to be >> no pipeline setting currently for imapc in v2.2. >> > Yes, because it's a dumb IMAP server, which doesn't implement a lot of > things, like SEARCH, FETCH BODYSTRUCTURE and similar. > Dovecot is used as a smart proxy, which makes it possible to use it as > a fully featured IMAP server. > > > ------------------------------ > > Subject: Digest Footer > > _______________________________________________ > dovecot mailing list > dovecot at dovecot.org > https://dovecot.org/mailman/listinfo/dovecot > > ------------------------------ > > End of dovecot Digest, Vol 173, Issue 28 > ****************************************
Wonder if this is actually a bug in your OpenSSL version? Aki On 12.09.2017 12:51, Arvid.Eikas at telenor.com wrote:> > DOVECOT LOG > Sep 12 11:40:56 pop3-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read finished A [88.89.118.45] > Sep 12 11:40:56 pop3-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write session ticket A [88.89.118.45] > Sep 12 11:40:56 pop3-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write change cipher spec A [88.89.118.45] > Sep 12 11:40:56 pop3-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write finished A [88.89.118.45] > Sep 12 11:40:56 pop3-login: Debug: SSL: where=0x2001, ret=1: SSLv3 flush data [88.89.118.45] > Sep 12 11:40:56 pop3-login: Debug: SSL: where=0x20, ret=1: SSL negotiation finished successfully [88.89.118.45] > Sep 12 11:40:56 pop3-login: Debug: SSL: where=0x2002, ret=1: SSL negotiation finished successfully [88.89.118.45] > Sep 12 11:40:56 pop3-login: Info: Login: user=<viboge>, method=PLAIN, rip=88.89.118.45, lip=148.123.160.116, mpid=18250, TLS, session=<nR4H1/pYvc1YWXYt> > Sep 12 11:40:56 pop3(viboge) Session-ID nR4H1/pYvc1YWXYt RemoteIP 88.89.118.45 Maildir /var/nextmail/nfs2.flex14/49/79/841 Info: Disconnected: Logged out top=0/0, retr=0/0, del=0/22, size=17589388, totalread=32, totalsent=2181, uidl=22/50a23327 > Sep 12 11:40:56 pop3-login: Debug: SSL alert: close notify [88.89.118.45] > Sep 12 11:40:56 pop3-login: Error: ENGINE_finish, bad functional reference count > Sep 12 11:40:56 pop3-login: Fatal: master: service(pop3-login): child 18247 killed with signal 6 (core dumped) > > -----Original Message----- > From: Aki Tuomi [mailto:aki.tuomi at dovecot.fi] > Sent: 12. september 2017 08:37 > To: dovecot at dovecot.org; Eik?s Arvid > Subject: Re: dovecot Digest, Vol 173, Issue 28 (INTERNAL) > > ~$ openssl s_client -connect 192.168.122.14:110 -starttls pop3 > CONNECTED(00000003) > <snip/> > Verify return code: 10 (certificate has expired) > --- > +OK Dovecot ready. > USER testuser1 > +OK > PASS pass > +OK Logged in. > LIST > +OK 11 messages: > 1 14 > 2 14 > 3 14 > 4 14 > 5 14 > 6 14 > 7 14 > 8 14 > 9 14 > 10 14 > 11 14 > . > QUIT > DONE > > and no crash occurs. Using Dovecot v2.2.32 (dfbe293) > > Aki > > On 12.09.2017 09:33, Arvid.Eikas at telenor.com wrote: >> Hi, >> >> It is quite easy. >> I use a client (thunderbird or windows live mail) set it up to use starttls on standard port 110. Logon and just do a list on the mailbox. The fatal error occurred when I logoff. >> >> Arvid >> >> -----Original Message----- >> From: dovecot [mailto:dovecot-bounces at dovecot.org] On Behalf Of >> dovecot-request at dovecot.org >> Sent: 11. september 2017 14:57 >> To: dovecot at dovecot.org >> Subject: dovecot Digest, Vol 173, Issue 28 >> >> Send dovecot mailing list submissions to >> dovecot at dovecot.org >> >> To subscribe or unsubscribe via the World Wide Web, visit >> https://dovecot.org/mailman/listinfo/dovecot >> or, via email, send a message with subject or body 'help' to >> dovecot-request at dovecot.org >> >> You can reach the person managing the list at >> dovecot-owner at dovecot.org >> >> When replying, please edit your Subject line so it is more specific than "Re: Contents of dovecot digest..." >> >> >> Today's Topics: >> >> 1. Re: pop3-login core dump when using TLSSTART on version >> dovecot-2.2.32 (INTERNAL) (Aki Tuomi) >> 2. Re: Per-user quota (passwd) (Evgeniy Korneechev) >> 3. Re: Per-user quota (passwd) (Aki Tuomi) >> 4. Re: Is it possible to disable pipelining in imapc? (Nagy, >> Attila) >> >> >> ---------------------------------------------------------------------- >> >> Message: 1 >> Date: Mon, 11 Sep 2017 13:57:19 +0300 >> From: Aki Tuomi <aki.tuomi at dovecot.fi> >> To: dovecot at dovecot.org >> Subject: Re: pop3-login core dump when using TLSSTART on version >> dovecot-2.2.32 (INTERNAL) >> Message-ID: <cd450054-53c4-2f84-eba7-7ce602c26892 at dovecot.fi> >> Content-Type: text/plain; charset=utf-8 >> >> Can you outline the exact steps you perform to get this? >> >> Aki >> >> On 11.09.2017 13:42, Arvid.Eikas at telenor.com wrote: >>> Hi, >>> >>> I switched back to 2.2.27 with the same config that I am using for 2.2.32 and it work fine. >>> >>> Sep 11 11:49:37 imap-login: Info: Login: user=<viboge>, method=PLAIN, >>> rip=88.89.118.45, lip=148.123.160.116, mpid=18709, TLS, >>> session=<v7o22OZYrsdYWXYt> Sep 11 11:49:40 imap(mailuser) Session-ID >>> v7o22OZYrsdYWXYt RemoteIP 88.89.118.45 Maildir >>> /var/nextmail/nfs2.flex14/49/79/841 Info: Logged out in=4518 >>> out=273720 deleted 0 expunged 0 trashed 0 Sep 11 11:49:40 imap-login: >>> Debug: SSL alert: close notify [88.89.118.45] >>> >>> How could I proceed? Any clue? It is quite annoying to see this entry in the log for each session. >>> >>> Arvid >>> >>> >>> >>> >>> -----Original Message----- >>> From: Aki Tuomi [mailto:aki.tuomi at dovecot.fi] >>> Sent: 11. september 2017 09:18 >>> To: Eik?s Arvid; dovecot at dovecot.org >>> Subject: Re: pop3-login core dump when using TLSSTART on version >>> dovecot-2.2.32 (INTERNAL) >>> >>> Hi! >>> >>> I tried to reproduce this problem with dovecot-2.2.32 and OpenSSL 1.0.1k and was not able to. I enabled -DREF_CHECK on OpenSSL, but to no avail, the process did not crash. Is there something else you've done? >>> >>> Aki >>> >>> >>> On 11.09.2017 08:07, Arvid.Eikas at telenor.com wrote: >>>> Hi, >>>> >>>> Here is the gdb output. >>>> >>>> Arvid >>>> >>>> GNU gdb (GDB) Red Hat Enterprise Linux 7.6.1-94.el7 Copyright (C) >>>> 2013 Free Software Foundation, Inc. >>>> License GPLv3+: GNU GPL version 3 or later >>>> <http://gnu.org/licenses/gpl.html> >>>> This is free software: you are free to change and redistribute it. >>>> There is NO WARRANTY, to the extent permitted by law. Type "show copying" >>>> and "show warranty" for details. >>>> This GDB was configured as "x86_64-redhat-linux-gnu". >>>> For bug reporting instructions, please see: >>>> <http://www.gnu.org/software/gdb/bugs/>... >>>> Reading symbols from /local/misc/mail/dovecot-32/libexec/dovecot/pop3-login...done. >>>> [New LWP 15894] >>>> Core was generated by `dovecot-test/pop3-login'. >>>> Program terminated with signal 6, Aborted. >>>> #0 0x00007ff0bd9cf1d7 in raise () from /lib64/libc.so.6 Missing >>>> separate debuginfos, use: debuginfo-install >>>> glibc-2.17-157.el7_3.1.x86_64 >>>> (gdb) bt full >>>> #0 0x00007ff0bd9cf1d7 in raise () from /lib64/libc.so.6 No symbol >>>> table info available. >>>> #1 0x00007ff0bd9d08c8 in abort () from /lib64/libc.so.6 No symbol >>>> table info available. >>>> #2 0x00007ff0bd3c0f2f in engine_unlocked_finish (e=0x1c51c60, unlock_for_handlers=1) at eng_init.c:115 >>>> to_return = 1 >>>> #3 0x00007ff0bd3c1064 in ENGINE_finish (e=0x1c51c60) at eng_init.c:150 >>>> to_return = 1 >>>> #4 0x00007ff0be0f9300 in ssl_proxy_deinit () from >>>> /local/nextmail/dovecot/lib64/dovecot/libdovecot-login.so.0 >>>> No symbol table info available. >>>> #5 0x00007ff0be0f4472 in main_deinit () from >>>> /local/nextmail/dovecot/lib64/dovecot/libdovecot-login.so.0 >>>> No symbol table info available. >>>> #6 0x00007ff0be0f479f in login_binary_run () from >>>> /local/nextmail/dovecot/lib64/dovecot/libdovecot-login.so.0 >>>> No symbol table info available. >>>> #7 0x00000000004032da in main (argc=1, argv=0x7ffe3059f3f8) at >>>> client.c:356 No locals. >>>> >>>> >>>> >>>> -----Original Message----- >>>> From: Aki Tuomi [mailto:aki.tuomi at dovecot.fi] >>>> Sent: 8. september 2017 14:08 >>>> To: Eik?s Arvid; dovecot at dovecot.org >>>> Subject: Re: pop3-login core dump when using TLSSTART on version >>>> dovecot-2.2.32 (OPEN) >>>> >>>> I assume you mean STARTTLS. Can you provide gdb /path/to/bin /path/to/core and provide output of bt full? >>>> >>>> Aki >>>> >>>> >>>> On 08.09.2017 15:01, Arvid.Eikas at telenor.com wrote: >>>>> Hi, >>>>> >>>>> Pop3-login are CORE-dumping when I log on with TLSSTART, I believe the same will happen with imap-logon to, but I have not tested it yet. >>>>> The TLS session is coming up and it works fine until I log off, then it's core dump. Open sslvesrion is openssl-1.0.2k. >>>>> We ran dovecot-2.2.27 before we upgraded to dovecote-2.2.32, and >>>>> that seems to work fine. (not core dumping) >>>>> >>>>> >>>>> Arvid >>>>> >>>>> >>>>> LOG >>>>> Sep 05 14:27:34 pop3-login: Debug: SSL: elliptic curve secp384r1 >>>>> will be used for ECDH and ECDHE key exchanges Sep 05 14:30:30 pop3-login: >>>>> Debug: SSL: elliptic curve secp384r1 will be used for ECDH and >>>>> ECDHE key exchanges Sep 05 14:30:30 pop3-login: Debug: SSL: >>>>> elliptic curve >>>>> secp384r1 will be used for ECDH and ECDHE key exchanges Sep 05 >>>>> 14:30:42 pop3-login: Debug: SSL: elliptic curve secp384r1 will be >>>>> used for ECDH and ECDHE key exchanges Sep 05 14:30:42 pop3-login: Debug: >>>>> SSL: elliptic curve secp384r1 will be used for ECDH and ECDHE key >>>>> exchanges Sep 05 14:30:50 pop3-login: Info: Login: user=<tstrand>, >>>>> method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=18361, secured, >>>>> session=<65m8ZXBYtpN/AAAB> Sep 05 14:30:50 pop3-login: Error: >>>>> ENGINE_finish, bad functional reference count Sep 05 14:30:50 >>>>> pop3-login: Fatal: master: service(pop3-login): child 18359 killed >>>>> with signal 6 (core dumped) >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> From ./crypto/engine/eng_init.c >>>>> >>>>> ......... >>>>> int engine_unlocked_finish(ENGINE *e, int unlock_for_handlers) { >>>>> int to_return = 1; >>>>> >>>>> /* >>>>> * Reduce the functional reference count here so if it's the terminating >>>>> * case, we can release the lock safely and call the finish() handler >>>>> * without risk of a race. We get a race if we leave the count until >>>>> * after and something else is calling "finish" at the same time - >>>>> * there's a chance that both threads will together take the count from 2 >>>>> * to 0 without either calling finish(). >>>>> */ >>>>> e->funct_ref--; >>>>> engine_ref_debug(e, 1, -1); >>>>> if ((e->funct_ref == 0) && e->finish) { >>>>> if (unlock_for_handlers) >>>>> CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); >>>>> to_return = e->finish(e); >>>>> if (unlock_for_handlers) >>>>> CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); >>>>> if (!to_return) >>>>> return 0; >>>>> } >>>>> #ifdef REF_CHECK >>>>> if (e->funct_ref < 0) { >>>>> fprintf(stderr, "ENGINE_finish, bad functional reference count\n"); >>>>> abort(); >>>>> >>>>> ......... >>>>> >>>>> /* The API (locked) version of "finish" */ int ENGINE_finish(ENGINE >>>>> *e) { >>>>> int to_return = 1; >>>>> >>>>> if (e == NULL) { >>>>> ENGINEerr(ENGINE_F_ENGINE_FINISH, ERR_R_PASSED_NULL_PARAMETER); >>>>> return 0; >>>>> } >>>>> CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); >>>>> to_return = engine_unlocked_finish(e, 1); >>>>> CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); >>>>> if (!to_return) { >>>>> ENGINEerr(ENGINE_F_ENGINE_FINISH, ENGINE_R_FINISH_FAILED); >>>>> return 0; >>>>> } >>>>> return to_return; >>>>> } >> >> ------------------------------ >> >> Message: 2 >> Date: Mon, 11 Sep 2017 14:48:47 +0300 (MSK) >> From: Evgeniy Korneechev <ekorneechev at altlinux.org> >> To: Aki Tuomi <aki.tuomi at dovecot.fi> >> Cc: dovecot <dovecot at dovecot.org> >> Subject: Re: Per-user quota (passwd) >> Message-ID: >> <2046000051.747964.1505130527842.JavaMail.zimbra at remotesystems.ru> >> Content-Type: text/plain; charset=utf-8 >> >> Hi. >> But there is one problem... >> >> protocol lda { >> mail_plugins = " quota autocreate sieve quota" >> plugin { >> quota = dict:user::file:/var/vmail/glu_vrem/%u/.quotausage >> } >> } >> protocol imap { >> mail_plugins = " quota autocreate autocreate imap_quota" >> plugin { >> autocreate = INBOX >> autocreate2 = Sent >> autocreate3 = Trash >> autocreate4 = Drafts >> autocreate5 = Junk >> autosubscribe = INBOX >> autosubscribe2 = Sent >> autosubscribe3 = Trash >> autosubscribe4 = Drafts >> autosubscribe5 = Junk >> quota = dict:user::file:/var/vmail/glu_vrem/%u/.quotausage >> } >> } >> >>> Users with non-standard quota in passwd-file: >>>>>>>>> administrator:*:95400500:95400513:Administrator:/home/DOM/admin >>>>>>>>> i strator:/bin/bash::userdb_quota_rule=*:bytes=10G >>>>>>>>> userdb_mail=maildir:/var/vmail/glu_vrem/administrator/Maildir >>>>>>>>> administrator at email.dom:*:95400500:95400513:Administrator:/home >>>>>>>>> / DOM/administrator:/bin/bash::userdb_quota_rule=*:bytes=10G >>>>>>>>> userdb_mail=maildir:/var/vmail/glu_vrem/administrator/Maildir >>> Others from passwd. >> >> Files ".quotausage" are created in different directories: >> /var/vmail/glu_vrem/administrator\DOM/.quotausage >> /var/vmail/glu_vrem/administrator at email.dom/.quotausage >> And must in the folder "/var/vmail/glu_vrem/administrator" >> >> How fix it? >> >> >> ----- ???????? ????????? ----- >>> ??: "Evgeniy Korneechev" <ekorneechev at altlinux.org> >>> ????: "Aki Tuomi" <aki.tuomi at dovecot.fi> >>> ?????: "dovecot" <dovecot at dovecot.org> >>> ????????????: ???????, 30 ???? 2017 ? 10:39:16 >>> ????: Re: Per-user quota (passwd) >>> Our solution: >>> userdb { >>> args = /etc/imap.passwd >>> driver = passwd-file >>> override_fields = home=/var/vmail/glu_vrem/%u } userdb { driver = >>> passwd override_fields = home=/var/vmail/glu_vrem/%u } >>> >>> Users with non-standard quota in passwd-file: >>>>>>>>> administrator:*:95400500:95400513:Administrator:/home/DOM/admin >>>>>>>>> i strator:/bin/bash::userdb_quota_rule=*:bytes=10G >>>>>>>>> userdb_mail=maildir:/var/vmail/glu_vrem/administrator/Maildir >>>>>>>>> administrator at email.dom:*:95400500:95400513:Administrator:/home >>>>>>>>> / DOM/administrator:/bin/bash::userdb_quota_rule=*:bytes=10G >>>>>>>>> userdb_mail=maildir:/var/vmail/glu_vrem/administrator/Maildir >>> Others from passwd. >>> >>> Its works! Thanks. >>> >>> >>> ----- ???????? ????????? ----- >>>> ??: "Aki Tuomi" <aki.tuomi at dovecot.fi> >>>> ????: "dovecot" <dovecot at dovecot.org> >>>> ????????????: ???????, 29 ???? 2017 ? 14:40:44 >>>> ????: Re: Per-user quota (passwd) >>>> Oh you have multiple db's, I missed that. >>>> >>>> Remove auth_username_format, and instead >>>> >>>> userdb { >>>> args = /etc/imap.passwd username_format=%Ln driver = passwd-file >>>> override_fields = home=/var/vmail/glu_vrem/%u } >>>> >>>> On 29.06.2017 14:35, Evgeniy Korneechev wrote: >>>>> with auth_username_format = %Ln: >>>>> >>>>> Jun 28 14:43:41 auth: Debug: master in: USER 1 iivanov.ia at example.com >>>>> service=lda >>>>> Jun 28 14:43:41 auth-worker(18369): Debug: passwd(iivanov.ia): >>>>> lookup Jun 28 14:43:41 auth-worker(18369): Info: passwd(iivanov.ia): >>>>> unknown user - trying the next userdb Jun 28 14:43:41 >>>>> auth-worker(18369): Debug: sql(iivanov.ia): SELECT email as user, >>>>> maildir as home, CONCAT('maildir:', maildir, '/Maildir') as mail, >>>>> uid, gid, \ >>>>> CONCAT('*:storage=', quota, 'B') AS quota_rule, CONCAT(maildir, '/.sieve') as >>>>> sieve FROM mail_user WHERE (login = 'iivanov.ia' OR email >>>>> 'iivanov.ia') Jun 28 14:43:41 auth-worker(18369): Info: >>>>> sql(iivanov.ia): unknown user >>>>> >>>>> Maybe %Lu? >>>>> >>>>> ----- ???????? ????????? ----- >>>>>> ??: "Aki Tuomi" <aki.tuomi at dovecot.fi> >>>>>> ????: "dovecot" <dovecot at dovecot.org> >>>>>> ????????????: ???????, 29 ???? 2017 ? 14:10:07 >>>>>> ????: Re: Per-user quota (passwd) >>>>>> Yes. >>>>>> >>>>>> Aki >>>>>> >>>>>> On 29.06.2017 14:07, Evgeniy Korneechev wrote: >>>>>>> And if such a user: >>>>>>> email (from AD) = ivanov.ia at example.com login (from AD), %n = >>>>>>> iivanov %d = DOM %u = iivanov at DOM >>>>>>> >>>>>>> ? >>>>>>> >>>>>>> ----- ???????? ????????? ----- >>>>>>>> ??: "Aki Tuomi" <aki.tuomi at dovecot.fi> >>>>>>>> ????: "dovecot" <dovecot at dovecot.org> >>>>>>>> ????????????: ???????, 29 ???? 2017 ? 13:59:05 >>>>>>>> ????: Re: Per-user quota (passwd) or use, as I indicated before, >>>>>>>> auth_username_format = %Ln >>>>>>>> >>>>>>>> Aki >>>>>>>> >>>>>>>> >>>>>>>> On 29.06.2017 13:58, Evgeniy Korneechev wrote: >>>>>>>>> Hi! >>>>>>>>> workaround: >>>>>>>>> administrator:*:95400500:95400513:Administrator:/home/DOM/admin >>>>>>>>> i strator:/bin/bash::userdb_quota_rule=*:bytes=10G >>>>>>>>> userdb_mail=maildir:/var/vmail/glu_vrem/administrator/Maildir >>>>>>>>> administrator at email.dom:*:95400500:95400513:Administrator:/home >>>>>>>>> / DOM/administrator:/bin/bash::userdb_quota_rule=*:bytes=10G >>>>>>>>> userdb_mail=maildir:/var/vmail/glu_vrem/administrator/Maildir >>>>>>>>> >>>>>>>>> But this is not a solution for 1000 users ... >>>>>>>>> Maybe is there extra field "userdb_mail=administrator at email.dom" >>>>>>>>> for email to passwd-file? >>>>>>>>> >>>>>>>>> ----- ???????? ????????? ----- >>>>>>>>>> ??: "Aki Tuomi" <aki.tuomi at dovecot.fi> >>>>>>>>>> ????: "dovecot" <dovecot at dovecot.org> >>>>>>>>>> ????????????: ?????, 28 ???? 2017 ? 12:40:48 >>>>>>>>>> ????: Re: Per-user quota (passwd) On 28.06.2017 12:36, Aki >>>>>>>>>> Tuomi wrote: >>>>>>>>>>> On 28.06.2017 12:25, Evgeniy Korneechev wrote: >>>>>>>>>>>> Hello! >>>>>>>>>>>> We have passwd=pam, userdb=passwd. >>>>>>>>>>>> passdb { >>>>>>>>>>>> driver = pam #server was entered domain Active Directory } >>>>>>>>>>>> userdb { >>>>>>>>>>>> driver = passwd >>>>>>>>>>>> override_fields = home=/var/vmail/glu_vrem/%u } >>>>>>>>>>>> >>>>>>>>>>>> How can i use per-user quota? Only passwd-file? >>>>>>>>>>>> >>>>>>>>>>>> I tried: >>>>>>>>>>>> userdb { >>>>>>>>>>>> args = /etc/imap.passwd >>>>>>>>>>>> driver = passwd-file >>>>>>>>>>>> override_fields = home=/var/vmail/glu_vrem/%u } >>>>>>>>>>>> /etc/imap.passwd: >>>>>>>>>>>> administrator:*:95400500:95400513:Administrator:/home/DOM/ad >>>>>>>>>>>> m inistrator:/bin/bash::userdb_quota_rule=*:bytes=10G >>>>>>>>>>>> >>>>>>>>>>>> Authentication and quota - now OK. But doesn't work sending >>>>>>>>>>>> and receiving mail... >>>>>>>>>>>> postfix say 'Unknown user'... >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> Turn on auth_debug and auth_verbose and see what it says. >>>>>>>>>>>> >>>>>>>>>>>> Aki >>>>>>>>>> Also you can set auth_username_format = %Ln to force usernames >>>>>>>>>> into lowercase without domain. >>>>>>>>>> >>>>>>>>>> Aki >>> -- >>> WBR, Korneechev Evgeniy >>> BaseALT/ALTLinux Team >> -- >> WBR, Korneechev Evgeniy >> BaseALT/ALTLinux Team >> >> >> ------------------------------ >> >> Message: 3 >> Date: Mon, 11 Sep 2017 14:51:13 +0300 >> From: Aki Tuomi <aki.tuomi at dovecot.fi> >> To: dovecot at dovecot.org >> Subject: Re: Per-user quota (passwd) >> Message-ID: <7e86447f-10e6-51a3-ce8a-3c4c8261bac1 at dovecot.fi> >> Content-Type: text/plain; charset=utf-8 >> >> Hi! >> Just so you know, autocreate/autosubscribe is deprecated, you should >> use >> >> namespace { >> mailbox INBOX { >> auto = subscribe >> } >> } >> >> can you run >> >> doveadm user administrator at email.dom >> >> to verify that mail_home gets set correctly? >> >> Aki >> >> On 11.09.2017 14:48, Evgeniy Korneechev wrote: >>> Hi. >>> But there is one problem... >>> >>> protocol lda { >>> mail_plugins = " quota autocreate sieve quota" >>> plugin { >>> quota = dict:user::file:/var/vmail/glu_vrem/%u/.quotausage >>> } >>> } >>> protocol imap { >>> mail_plugins = " quota autocreate autocreate imap_quota" >>> plugin { >>> autocreate = INBOX >>> autocreate2 = Sent >>> autocreate3 = Trash >>> autocreate4 = Drafts >>> autocreate5 = Junk >>> autosubscribe = INBOX >>> autosubscribe2 = Sent >>> autosubscribe3 = Trash >>> autosubscribe4 = Drafts >>> autosubscribe5 = Junk >>> quota = dict:user::file:/var/vmail/glu_vrem/%u/.quotausage >>> } >>> } >>> >>>> Users with non-standard quota in passwd-file: >>>>>>>>>> administrator:*:95400500:95400513:Administrator:/home/DOM/admi >>>>>>>>>> nistrator:/bin/bash::userdb_quota_rule=*:bytes=10G >>>>>>>>>> userdb_mail=maildir:/var/vmail/glu_vrem/administrator/Maildir >>>>>>>>>> administrator at email.dom:*:95400500:95400513:Administrator:/hom >>>>>>>>>> e/DOM/administrator:/bin/bash::userdb_quota_rule=*:bytes=10G >>>>>>>>>> userdb_mail=maildir:/var/vmail/glu_vrem/administrator/Maildir >>>> Others from passwd. >>> Files ".quotausage" are created in different directories: >>> /var/vmail/glu_vrem/administrator\DOM/.quotausage >>> /var/vmail/glu_vrem/administrator at email.dom/.quotausage >>> And must in the folder "/var/vmail/glu_vrem/administrator" >>> >>> How fix it? >>> >>> >>> ----- ???????? ????????? ----- >>>> ??: "Evgeniy Korneechev" <ekorneechev at altlinux.org> >>>> ????: "Aki Tuomi" <aki.tuomi at dovecot.fi> >>>> ?????: "dovecot" <dovecot at dovecot.org> >>>> ????????????: ???????, 30 ???? 2017 ? 10:39:16 >>>> ????: Re: Per-user quota (passwd) >>>> Our solution: >>>> userdb { >>>> args = /etc/imap.passwd >>>> driver = passwd-file >>>> override_fields = home=/var/vmail/glu_vrem/%u } userdb { driver = >>>> passwd override_fields = home=/var/vmail/glu_vrem/%u } >>>> >>>> Users with non-standard quota in passwd-file: >>>>>>>>>> administrator:*:95400500:95400513:Administrator:/home/DOM/admi >>>>>>>>>> nistrator:/bin/bash::userdb_quota_rule=*:bytes=10G >>>>>>>>>> userdb_mail=maildir:/var/vmail/glu_vrem/administrator/Maildir >>>>>>>>>> administrator at email.dom:*:95400500:95400513:Administrator:/hom >>>>>>>>>> e/DOM/administrator:/bin/bash::userdb_quota_rule=*:bytes=10G >>>>>>>>>> userdb_mail=maildir:/var/vmail/glu_vrem/administrator/Maildir >>>> Others from passwd. >>>> >>>> Its works! Thanks. >>>> >>>> >>>> ----- ???????? ????????? ----- >>>>> ??: "Aki Tuomi" <aki.tuomi at dovecot.fi> >>>>> ????: "dovecot" <dovecot at dovecot.org> >>>>> ????????????: ???????, 29 ???? 2017 ? 14:40:44 >>>>> ????: Re: Per-user quota (passwd) >>>>> Oh you have multiple db's, I missed that. >>>>> >>>>> Remove auth_username_format, and instead >>>>> >>>>> userdb { >>>>> args = /etc/imap.passwd username_format=%Ln driver = passwd-file >>>>> override_fields = home=/var/vmail/glu_vrem/%u } >>>>> >>>>> On 29.06.2017 14:35, Evgeniy Korneechev wrote: >>>>>> with auth_username_format = %Ln: >>>>>> >>>>>> Jun 28 14:43:41 auth: Debug: master in: USER 1 iivanov.ia at example.com >>>>>> service=lda >>>>>> Jun 28 14:43:41 auth-worker(18369): Debug: passwd(iivanov.ia): >>>>>> lookup Jun 28 14:43:41 auth-worker(18369): Info: >>>>>> passwd(iivanov.ia): unknown user - trying the next userdb Jun 28 >>>>>> 14:43:41 auth-worker(18369): Debug: sql(iivanov.ia): SELECT email >>>>>> as user, maildir as home, CONCAT('maildir:', maildir, '/Maildir') >>>>>> as mail, uid, gid, \ >>>>>> CONCAT('*:storage=', quota, 'B') AS quota_rule, CONCAT(maildir, '/.sieve') as >>>>>> sieve FROM mail_user WHERE (login = 'iivanov.ia' OR email = >>>>>> 'iivanov.ia') Jun 28 14:43:41 auth-worker(18369): Info: >>>>>> sql(iivanov.ia): unknown user >>>>>> >>>>>> Maybe %Lu? >>>>>> >>>>>> ----- ???????? ????????? ----- >>>>>>> ??: "Aki Tuomi" <aki.tuomi at dovecot.fi> >>>>>>> ????: "dovecot" <dovecot at dovecot.org> >>>>>>> ????????????: ???????, 29 ???? 2017 ? 14:10:07 >>>>>>> ????: Re: Per-user quota (passwd) Yes. >>>>>>> >>>>>>> Aki >>>>>>> >>>>>>> On 29.06.2017 14:07, Evgeniy Korneechev wrote: >>>>>>>> And if such a user: >>>>>>>> email (from AD) = ivanov.ia at example.com login (from AD), %n = >>>>>>>> iivanov %d = DOM %u = iivanov at DOM >>>>>>>> >>>>>>>> ? >>>>>>>> >>>>>>>> ----- ???????? ????????? ----- >>>>>>>>> ??: "Aki Tuomi" <aki.tuomi at dovecot.fi> >>>>>>>>> ????: "dovecot" <dovecot at dovecot.org> >>>>>>>>> ????????????: ???????, 29 ???? 2017 ? 13:59:05 >>>>>>>>> ????: Re: Per-user quota (passwd) or use, as I indicated >>>>>>>>> before, auth_username_format = %Ln >>>>>>>>> >>>>>>>>> Aki >>>>>>>>> >>>>>>>>> >>>>>>>>> On 29.06.2017 13:58, Evgeniy Korneechev wrote: >>>>>>>>>> Hi! >>>>>>>>>> workaround: >>>>>>>>>> administrator:*:95400500:95400513:Administrator:/home/DOM/admi >>>>>>>>>> nistrator:/bin/bash::userdb_quota_rule=*:bytes=10G >>>>>>>>>> userdb_mail=maildir:/var/vmail/glu_vrem/administrator/Maildir >>>>>>>>>> administrator at email.dom:*:95400500:95400513:Administrator:/hom >>>>>>>>>> e/DOM/administrator:/bin/bash::userdb_quota_rule=*:bytes=10G >>>>>>>>>> userdb_mail=maildir:/var/vmail/glu_vrem/administrator/Maildir >>>>>>>>>> >>>>>>>>>> But this is not a solution for 1000 users ... >>>>>>>>>> Maybe is there extra field >>>>>>>>>> "userdb_mail=administrator at email.dom" for email to passwd-file? >>>>>>>>>> >>>>>>>>>> ----- ???????? ????????? ----- >>>>>>>>>>> ??: "Aki Tuomi" <aki.tuomi at dovecot.fi> >>>>>>>>>>> ????: "dovecot" <dovecot at dovecot.org> >>>>>>>>>>> ????????????: ?????, 28 ???? 2017 ? 12:40:48 >>>>>>>>>>> ????: Re: Per-user quota (passwd) On 28.06.2017 12:36, Aki >>>>>>>>>>> Tuomi wrote: >>>>>>>>>>>> On 28.06.2017 12:25, Evgeniy Korneechev wrote: >>>>>>>>>>>>> Hello! >>>>>>>>>>>>> We have passwd=pam, userdb=passwd. >>>>>>>>>>>>> passdb { >>>>>>>>>>>>> driver = pam #server was entered domain Active Directory >>>>>>>>>>>>> } userdb { >>>>>>>>>>>>> driver = passwd >>>>>>>>>>>>> override_fields = home=/var/vmail/glu_vrem/%u } >>>>>>>>>>>>> >>>>>>>>>>>>> How can i use per-user quota? Only passwd-file? >>>>>>>>>>>>> >>>>>>>>>>>>> I tried: >>>>>>>>>>>>> userdb { >>>>>>>>>>>>> args = /etc/imap.passwd >>>>>>>>>>>>> driver = passwd-file >>>>>>>>>>>>> override_fields = home=/var/vmail/glu_vrem/%u } >>>>>>>>>>>>> /etc/imap.passwd: >>>>>>>>>>>>> administrator:*:95400500:95400513:Administrator:/home/DOM/a >>>>>>>>>>>>> dministrator:/bin/bash::userdb_quota_rule=*:bytes=10G >>>>>>>>>>>>> >>>>>>>>>>>>> Authentication and quota - now OK. But doesn't work sending >>>>>>>>>>>>> and receiving mail... >>>>>>>>>>>>> postfix say 'Unknown user'... >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> Turn on auth_debug and auth_verbose and see what it says. >>>>>>>>>>>>> >>>>>>>>>>>>> Aki >>>>>>>>>>> Also you can set auth_username_format = %Ln to force >>>>>>>>>>> usernames into lowercase without domain. >>>>>>>>>>> >>>>>>>>>>> Aki >>>> -- >>>> WBR, Korneechev Evgeniy >>>> BaseALT/ALTLinux Team >> >> ------------------------------ >> >> Message: 4 >> Date: Mon, 11 Sep 2017 14:56:28 +0200 >> From: "Nagy, Attila" <bra at fsn.hu> >> To: Aki Tuomi <aki.tuomi at dovecot.fi>, dovecot at dovecot.org >> Subject: Re: Is it possible to disable pipelining in imapc? >> Message-ID: <a6ced659-fa75-60c9-01f7-bfb36e826466 at fsn.hu> >> Content-Type: text/plain; charset=utf-8; format=flowed >> >> On 09/11/2017 12:12 PM, Aki Tuomi wrote: >>> Is there some reason you can't use normal proxy instead of imap backend? >>> That is,return proxy, host=imap_backend, port=1430? There seems to be >>> no pipeline setting currently for imapc in v2.2. >>> >> Yes, because it's a dumb IMAP server, which doesn't implement a lot of >> things, like SEARCH, FETCH BODYSTRUCTURE and similar. >> Dovecot is used as a smart proxy, which makes it possible to use it as >> a fully featured IMAP server. >> >> >> ------------------------------ >> >> Subject: Digest Footer >> >> _______________________________________________ >> dovecot mailing list >> dovecot at dovecot.org >> https://dovecot.org/mailman/listinfo/dovecot >> >> ------------------------------ >> >> End of dovecot Digest, Vol 173, Issue 28 >> ****************************************