Greetings,
We're in the process of upgrading our Dovecot server to new hardware and
new expanded storage.? We planned on using an NFS share for the mail
storage, as we're running Postfix / Dovecot on a VM and wanted to
separate out the mail storage from the VM for backup reasons.
I read as much as I could find on line regarding configuring Dovecot to
use NFS, and set it up as best I could, but I'm still running into lock
errors e.g.:
Sep 25 10:30:35 triata4 dovecot: imap(user at
triata.globalchange.media)<75580><enQ/AWSTkQkKCgDu>: Error:
fcntl(/vmail/triata.globalchange.media/user/dovecot.index.log, write-lock,
F_SETLKW) locking failed: No locks available
Sep 25 10:30:35 triata4 dovecot: imap(user at
triata.globalchange.media)<75580><enQ/AWSTkQkKCgDu>: Error:
mail_index_wait_lock_fd() failed with file
/vmail/triata.globalchange.media/user/dovecot.index.log: No locks available
Also, I have been trying to configure the Dovecot submission service to
authenticate with Postfix, but I keep running into errors which are
related to how I'm configuring the authentication.? How do we set the
user at domain and password string for submission in the configs?
Thank you.
Please see doveconf -n below, if you see any other errors in this
config, I'd be grateful if you pointed them out:
# 2.3.7.2 (3c910f64b): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.7.2 (7372921a)
# OS: Linux 3.10.0-957.27.2.el7.x86_64 x86_64 CentOS Linux release
7.6.1810 (Core)? nfs
auth_debug = yes
auth_debug_passwords = yes
auth_mechanisms = plain login
auth_verbose = yes
auth_verbose_passwords = plain
debug_log_path = /var/log/dovecot-debug.log
deliver_log_format = msgid=%m: from=%f: %$
hostname = triata.globalchange.media
mail_debug = yes
mail_fsync = always
mail_home = /vmail/%d/%n/home
mail_location = maildir:/vmail/%d/%n
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date index ihave duplicate mime foreverypart extracttext
namespace inbox {
? inbox = yes
? location ? mailbox Drafts {
??? special_use = \Drafts
? }
? mailbox Junk {
??? special_use = \Junk
? }
? mailbox Sent {
??? special_use = \Sent
? }
? mailbox "Sent Messages" {
??? special_use = \Sent
? }
? mailbox Trash {
??? special_use = \Trash
? }
? prefix ? separator = /
? type = private
}
passdb {
? args = /etc/dovecot/dovecot-mysql.conf
? driver = sql
}
plugin {
? mail_log_fields = uid box msgid from flags
? sieve = file:/vmail/%d/%n/sieve;active=/vmail/%d/%n/.dovecot.sieve
}
protocols = imap lmtp submission sieve
service auth {
? unix_listener /var/spool/postfix/private/auth {
??? mode = 0666
? }
? unix_listener auth-userdb {
??? group = vmail
??? mode = 0666
??? user = vmail
? }
}
service imap-login {
? inet_listener imap {
??? port = 143
? }
? inet_listener imaps {
??? port = 993
??? ssl = yes
? }
}
service lmtp {
? unix_listener lmtp {
??? mode = 0666
? }
}
service managesieve-login {
? inet_listener sieve {
??? port = 4190
? }
? process_min_avail = 0
? service_count = 1
? vsz_limit = 64 M
}
service managesieve {
? process_limit = 1024
}
service submission-login {
? inet_listener submission {
??? port = 587
? }
}
ssl_cert = </etc/letsencrypt/live/triata.globalchange.media/fullchain.pem
ssl_key = # hidden, use -P to show it
submission_relay_host = triata.globalchange.media
submission_relay_password = # hidden, use -P to show it
submission_relay_port = 587
submission_relay_ssl = starttls
submission_relay_trusted = yes
submission_relay_user = %u
userdb {
? args = /etc/dovecot/dovecot-mysql.conf
? driver = sql
}
protocol lda {
? mail_plugins }
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://dovecot.org/pipermail/dovecot/attachments/20190925/ca2c2f18/attachment.html>
For the record, ever since the last patches for NFS got committed, we don't see locking issues over NFS in general across all our platforms, but it also depends on how you configure your NFS server. You might find that this is not a dovecot issue, but an NFS issue. You might want to post more about your NFS setup(s) and then someone on the list might better assist you. -- Michael -- On 2019-09-25 10:44 a.m., Asai via dovecot wrote:> Greetings, > > We're in the process of upgrading our Dovecot server to new hardware and > new expanded storage.? We planned on using an NFS share for the mail > storage, as we're running Postfix / Dovecot on a VM and wanted to > separate out the mail storage from the VM for backup reasons. > > I read as much as I could find on line regarding configuring Dovecot to > use NFS, and set it up as best I could, but I'm still running into lock > errors e.g.: > > Sep 25 10:30:35 triata4 dovecot: imap(user at triata.globalchange.media)<75580><enQ/AWSTkQkKCgDu>: Error: fcntl(/vmail/triata.globalchange.media/user/dovecot.index.log, write-lock, F_SETLKW) locking failed: No locks available > Sep 25 10:30:35 triata4 dovecot: imap(user at triata.globalchange.media)<75580><enQ/AWSTkQkKCgDu>: Error: mail_index_wait_lock_fd() failed with file /vmail/triata.globalchange.media/user/dovecot.index.log: No locks available > > Also, I have been trying to configure the Dovecot submission service to > authenticate with Postfix, but I keep running into errors which are > related to how I'm configuring the authentication.? How do we set the > user at domain and password string for submission in the configs? > > Thank you. > > Please see doveconf -n below, if you see any other errors in this > config, I'd be grateful if you pointed them out: > > # 2.3.7.2 (3c910f64b): /etc/dovecot/dovecot.conf > # Pigeonhole version 0.5.7.2 (7372921a) > # OS: Linux 3.10.0-957.27.2.el7.x86_64 x86_64 CentOS Linux release > 7.6.1810 (Core)? nfs > auth_debug = yes > auth_debug_passwords = yes > auth_mechanisms = plain login > auth_verbose = yes > auth_verbose_passwords = plain > debug_log_path = /var/log/dovecot-debug.log > deliver_log_format = msgid=%m: from=%f: %$ > hostname = triata.globalchange.media > mail_debug = yes > mail_fsync = always > mail_home = /vmail/%d/%n/home > mail_location = maildir:/vmail/%d/%n > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope > encoded-character vacation subaddress comparator-i;ascii-numeric > relational regex imap4flags copy include variables body enotify > environment mailbox date index ihave duplicate mime foreverypart extracttext > namespace inbox { > ? inbox = yes > ? location > ? mailbox Drafts { > ??? special_use = \Drafts > ? } > ? mailbox Junk { > ??? special_use = \Junk > ? } > ? mailbox Sent { > ??? special_use = \Sent > ? } > ? mailbox "Sent Messages" { > ??? special_use = \Sent > ? } > ? mailbox Trash { > ??? special_use = \Trash > ? } > ? prefix > ? separator = / > ? type = private > } > passdb { > ? args = /etc/dovecot/dovecot-mysql.conf > ? driver = sql > } > plugin { > ? mail_log_fields = uid box msgid from flags > ? sieve = file:/vmail/%d/%n/sieve;active=/vmail/%d/%n/.dovecot.sieve > } > protocols = imap lmtp submission sieve > service auth { > ? unix_listener /var/spool/postfix/private/auth { > ??? mode = 0666 > ? } > ? unix_listener auth-userdb { > ??? group = vmail > ??? mode = 0666 > ??? user = vmail > ? } > } > service imap-login { > ? inet_listener imap { > ??? port = 143 > ? } > ? inet_listener imaps { > ??? port = 993 > ??? ssl = yes > ? } > } > service lmtp { > ? unix_listener lmtp { > ??? mode = 0666 > ? } > } > service managesieve-login { > ? inet_listener sieve { > ??? port = 4190 > ? } > ? process_min_avail = 0 > ? service_count = 1 > ? vsz_limit = 64 M > } > service managesieve { > ? process_limit = 1024 > } > service submission-login { > ? inet_listener submission { > ??? port = 587 > ? } > } > ssl_cert = </etc/letsencrypt/live/triata.globalchange.media/fullchain.pem > ssl_key = # hidden, use -P to show it > submission_relay_host = triata.globalchange.media > submission_relay_password = # hidden, use -P to show it > submission_relay_port = 587 > submission_relay_ssl = starttls > submission_relay_trusted = yes > submission_relay_user = %u > userdb { > ? args = /etc/dovecot/dovecot-mysql.conf > ? driver = sql > } > protocol lda { > ? mail_plugins > } >-- "Catch the Magic of Linux..." ------------------------------------------------------------------------ Michael Peddemors, President/CEO LinuxMagic Inc. Visit us at http://www.linuxmagic.com @linuxmagic A Wizard IT Company - For More Info http://www.wizard.ca "LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd. ------------------------------------------------------------------------ 604-682-0300 Beautiful British Columbia, Canada This email and any electronic data contained are confidential and intended solely for the use of the individual or entity to which they are addressed. Please note that any views or opinions presented in this email are solely those of the author and are not intended to represent those of the company.
On 9/25/2019 2:06 PM, Michael Peddemors via dovecot wrote:> For the record, ever since the last patches for NFS got committed, we > don't see locking issues over NFS in general across all our platforms, > but it also depends on how you configure your NFS server. > > You might find that this is not a dovecot issue, but an NFS issue. > > You might want to post more about your NFS setup(s) and then someone > on the list might better assist you.Thank you, Michael, for the advice.? Turns out the NFS locking problem was a firewall issue on the Dovecot server, which is now fixed. Does anyone have any advice on the the Submission Service authentication? For example, this is what's coming up in the logs: Sep 25 14:39:04 triata4 dovecot: submission-login: Client has quit the connection (auth failed, 1 attempts in 2 secs): user=<%u>, method=PLAIN, rip=10.1.1.99, lip=10.1.1.99, TLS, session=<mrNJe2eTDMUKAQFj> As you can see, it's choking on user=<%u>, which it's not expanding, so is there a variable I can put in there, or is it strictly hard coded authentication? Thanks. -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://dovecot.org/pipermail/dovecot/attachments/20190925/fbba709a/attachment.html>
On 2019-09-26 03:44, Asai via dovecot wrote:> Greetings, > > We're in the process of upgrading our Dovecot server to new hardware > and new expanded storage. We planned on using an NFS share for the > mail storage, as we're running Postfix / Dovecot on a VM and wanted to > separate out the mail storage from the VM for backup reasons. > > I read as much as I could find on line regarding configuring Dovecot > to use NFS, and set it up as best I could, but I'm still running into > lock errors e.g.: > > Sep 25 10:30:35 triata4 dovecot: > imap(user at triata.globalchange.media)<75580><enQ/AWSTkQkKCgDu>: Error: > fcntl(/vmail/triata.globalchange.media/user/dovecot.index.log, > write-lock, F_SETLKW) locking failed: No locks available > Sep 25 10:30:35 triata4 dovecot: > imap(user at triata.globalchange.media)<75580><enQ/AWSTkQkKCgDu>: Error: > mail_index_wait_lock_fd() failed with file > /vmail/triata.globalchange.media/user/dovecot.index.log: No locks > availableHow is your NFS export mounted on the client? Can you post the output of "egrep nfs /proc/mounts"? -- Adi Pircalabu
On 9/25/2019 4:17 PM, Adi Pircalabu via dovecot wrote:> > How is your NFS export mounted on the client? Can you post the output > of "egrep nfs /proc/mounts"? >Hi Adi, thank you for your reply. Turns out that the problem was that the firewall on the Dovecot server needed to be opened to allow the NFS server to communicate lock commands, so I made a firewall exception and it's working now. Asai