similar to: Userdb's and IMAP proxying

Hello, I want to test dovecot proxying, on a user basis, in a simple set up (proxy, no proxy_maybe and forward the passwd to the remote server). This seem pretty simple except that, in order to test it alongside the production server, I set up 3 servers : . the proxy, listening to pop and imap on non standard ports 9143, 9993, 9110, 9995 . a proxy destination for some users, listening on

Hello Timo, I'm trying to configure dovecot-2.1.15 master correctly regarding imap-login limits. I want to use service_count=0 and I'm starting with something like this : #default_process_limit = 100 #default_client_limit = 1000 service imap-login { [...] service_count = 0 process_min_avail = 8 vsz_limit = 1024M } -> Does it make sense to set a process_limit if

Hello Timo, I'm using dovecot-2.1.15 with Maildir mailboxes located on an NFS filer. Postfix is used to deliver mail through procmail ("mailbox_command) as LDA. Our team has bought another filer and everything is meant to go on it, so we're planning to migrate those mailboxes to the new filer. To test it only on a subset of users, I ended up to the following solution : 1. keep

On Thu, Jan 08, 2015 at 02:48:47PM +0100, hummel at pasteur.fr wrote: > Hello Timo, > a) should I > > . change the driver of the first passdb from passwd-file to ldap > . for user to be rejected, add an LDAP attribute named "foo" with a value of "yes" and map it with something like this : > > pass_attrs = ....,foo=deny in dovecot-ldap.conf.ext ? >

Hello Timo, The last time I checked my understanding about director was that : 1. backend/"real" imap servers should not be on the same host (or the same dovecot instance) to avoid proxying loops. Is it still the case with the latest 2.1 stable release ? Is there a plan to be able to run director and real server on the same host, thus requiring only 2 hosts instead of 4 to have

Hello Timo, I'm running a single instance of dovecot-2.1.15 on a single host running 8.3-RELEASE-p3 FreeBSD amd64 mailboxes (Maildir), control files and indexes are on NFS (v3,tcp) mail_nfs_storage = yes lock_method = fcntl [didn't touch the following] # Mail index files also exist in NFS. Setting this to yes requires # mmap_disable=yes and

Hello Timo, I want to deny access to some users. For now I'm doing it using 2 passdb's and listing users in a text file. !include auth-deny.conf.ext -> passwd-file driver !include auth-ldap.conf.ext -> ldap driver I want to do the same using only LDAP. I'm not quite sure how to do it : a) should I . change the driver of the first passdb from passwd-file to ldap . for user

Hello Timo, I just tried the master user feature with a very simple setup (Dovecot v2.2.15) : !include auth-master.conf.ext -> passwd-file passdb !include auth-ldap.conf.ext -> ldap passdb (userdb prefetched) without auth_bind=yes without pass=yes I get this userdb lookup error : dovecot: auth: passwd-file(masteruser,157.99.64.42,master,<4Pgesh0OygCdY0Aq>): Master user logging in

Hello, Before writing them myself, I'd like to figure out if some tools exist (anvil ? ...) and how to use them to extract from dovecot logs things like who is doing what and how hard or how fast in order to do some rate limiting. For instance, I'd like to be able to identify, slow or block users who . read or write to much / slice of time . login/logout too often / slice of time

Hello Timo, I've been using dovecot from many years now using Maildir mailbox format with default layout (Maildir++, everthing in a single directory). What would be the reason(s) to convert to Layout=fs ? I can only think of one : to allow dots in mailbox names. And even in that case, I guess I still have the option to use the litescape plugin. Besides, how would one process to do the

On Fri, Jan 09, 2015 at 09:00:53AM +0100, Steffen Kaiser wrote: > The deny=yes is a special syntax: If this passdb matches -> deny, there is > no ExtraField "deny". Thanks for your answer. That's what I thought after my tests. This explains why I was still able to log in... > but keep in mind that you do not "deny" an user knowingly, but that this user >

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 8 Jan 2015, Thomas HUMMEL wrote: > On Thu, Jan 08, 2015 at 02:48:47PM +0100, hummel at pasteur.fr wrote: >> Hello Timo, > >> a) should I >> >> . change the driver of the first passdb from passwd-file to ldap >> . for user to be rejected, add an LDAP attribute named "foo" with a value of

Hello Timo, I'm running dovecot-1.2.12/Maildir/LDAP-passdb/LDAP-prefetched-userdb and I'm experiencing "random" latency (which even seem to make squirrelmail timeout sometimes) at login without noticing particular load on the server. LDAP backends are running fine as far as I know so I was investigating maybe mistuned limits : Dovecot is configured (for ~3000 users) with .

Hello, let me re-state, hopefully in clearer terms, what I tried to described in a previous thread : With dovecot-1.1.8/Maildir/LDAP pass/userdb (prefetch), I'm trying to set up a Maildir ".box" shared in rw between 2 users in a "Public" namespace. I can't get it to work unless I chmod 777 everything, which obiously is not what I want. 1) am I correct thinking that

Hello, I'm trying to set up, as explained in the wiki, shared mailboxes with symlink. I'm running dovecot-1.1.8 with LDAP pass/userdb. The Maildir layout goes like this : /courriel/boites/foobar : Maildir of user foobar (nfs) /courriel/meta/foobar : control files of user foobar (nfs) /var/dovecot/indexes : indexes (locally stored) I created : /courriel/boites/doveshared/.box/ :

Hello Timo, In my trials to setup a shared namespace with dovecot-1.1.8/LDAP passdb/userdb (prefetch)/Maildir, I found out that : 1) ACL are mandatory (at least if the acl plugin is triggered in dovecot.conf) Am I correct ? I'm still not sure if we can do without ACL at all (only with unix permissions and system_user userdb extra field). 2) the system_user userdb extra field is

Hello Timo, How exactly would translate the "passdb" userdb example which is in the Wiki for SQL auth with LDAP auth, both in dovecot.conf and dovecot-ldap.conf ? -- Thomas Hummel | Institut Pasteur <hummel@pasteur.fr> | P?le informatique - syst?mes et r?seau

Hi all, We have Exim using Dovecot for authentication. Dovecot, in turn, consults a custom internal server that answers Dovecot?s userdb queries. When IMAP connections arrive, for some users we want to forward those connections--without authentication--to an external IMAP server. For these users, we return ?proxy_maybe? and ?nopassword? in the authn response from our userdb server. This tells

Hello Timo, I've noticed that when slapd which I'm using as the passdb and the prefetched userdb is restarted I have to restart dovecot. As a matter of fact, if I don't, I get the following error : -- Jul 2 16:38:39 xxxx dovecot: imap-login: Internal login failure: user=<xxxx>, method=PLAIN, rip=xxx.xxx.xxx.xxx, lip=xxx.xxx.xxx.xxx, TLS Jul 2 16:38:46 xxxx dovecot:

Hello, I'm running dovecot-1.1.8/Maildir/ACL plugin. I sucessfully set up a Maildir shared between users of the unix group 'doveshared' via a public namespace, unix permissions and ACL files. The location of my public namespace is /path/to/public. I tried 2 sub-setups : First setup ---------- drwxrws--- 4 root doveshared 4096 Jan 30 13:39 public -rw-r----- 1 root doveshared