Dovecot
Hi,
i want to use dovecot as IMAP server.
but i don't get i
is use getmail to fetch pop3 mail. this works fine, but dovecut doesn't
the config is very complicated, the log doesn't say a lot and every howto on google says..."just install it and it works"
(every config i found looks complete different to the default config)
i want to use my linux accout for login. (the same i use for ssh oder the screen login)
can someone get me a hint how to config dovecot on arch? (there isn a wiki site available jet)
the wiki on dovecot.org is also very bad.
sry about this noob question but i spent days to get this working.
i don't think my requirments are so unusual.
(the first thing is just to get the login working)
thx!
@dontbugme
When you say it doesn't work, how exactly is that?
Have you tried checking the logs (/var/log/mail.log and /var/log/mail.err) for hints on why it doesn't work? How are you connecting to dovecot?
What howto's have you tried?
I have used the following (although my setup is with virtual users) to setup my mail server.
http://workaround.org/ispmail/
Similar Messages
-
[SOLVED] Postfix smtpd exits when using dovecot SASL auth
I've been trying to configure my mail server with dovecot SASL authentication. I've been following the guide here to set this up. However, when I telnet to the server on port 25, I get this in the postfix logs:
Aug 4 21:51:00 localhost postfix/smtpd[2316]: connect from unknown[192.168.1.27]
Aug 4 21:51:00 localhost postfix/smtpd[2316]: fatal: no SASL authentication mechanisms
Aug 4 21:51:01 localhost postfix/master[2312]: warning: process /usr/lib/postfix/smtpd pid 2316 exit status 1
Aug 4 21:51:01 localhost postfix/master[2312]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
After enabling debug logging in dovecot, I get this at the same time in the dovecot logs:
Aug 04 21:51:00 auth: Debug: Loading modules from directory: /usr/lib/dovecot/modules/auth
Aug 04 21:51:00 auth: Debug: auth client connected (pid=0)
System info:
Linux matrix 3.4.7-1-ARCH #1 SMP PREEMPT Sun Jul 29 22:02:56 CEST 2012 x86_64 GNU/Linux
Output from postconf:
2bounce_notice_recipient = postmaster
access_map_defer_code = 450
access_map_reject_code = 554
address_verify_cache_cleanup_interval = 12h
address_verify_default_transport = $default_transport
address_verify_local_transport = $local_transport
address_verify_map = btree:$data_directory/verify_cache
address_verify_negative_cache = yes
address_verify_negative_expire_time = 3d
address_verify_negative_refresh_time = 3h
address_verify_poll_count = ${stress?1}${stress:3}
address_verify_poll_delay = 3s
address_verify_positive_expire_time = 31d
address_verify_positive_refresh_time = 7d
address_verify_relay_transport = $relay_transport
address_verify_relayhost = $relayhost
address_verify_sender = $double_bounce_sender
address_verify_sender_dependent_default_transport_maps = $sender_dependent_default_transport_maps
address_verify_sender_dependent_relayhost_maps = $sender_dependent_relayhost_maps
address_verify_sender_ttl = 0s
address_verify_service_name = verify
address_verify_transport_maps = $transport_maps
address_verify_virtual_transport = $virtual_transport
alias_database = $alias_maps
alias_maps = hash:/etc/postfix/aliases
allow_mail_to_commands = alias, forward
allow_mail_to_files = alias, forward
allow_min_user = no
allow_percent_hack = yes
allow_untrusted_routing = no
alternate_config_directories =
always_add_missing_headers = no
always_bcc =
anvil_rate_time_unit = 60s
anvil_status_update_time = 600s
append_at_myorigin = yes
append_dot_mydomain = yes
application_event_drain_time = 100s
authorized_flush_users = static:anyone
authorized_mailq_users = static:anyone
authorized_submit_users = static:anyone
backwards_bounce_logfile_compatibility = yes
berkeley_db_create_buffer_size = 16777216
berkeley_db_read_buffer_size = 131072
best_mx_transport =
biff = yes
body_checks =
body_checks_size_limit = 51200
bounce_notice_recipient = postmaster
bounce_queue_lifetime = 5d
bounce_service_name = bounce
bounce_size_limit = 50000
bounce_template_file =
broken_sasl_auth_clients = no
canonical_classes = envelope_sender, envelope_recipient, header_sender, header_recipient
canonical_maps =
cleanup_service_name = cleanup
command_directory = /usr/sbin
command_execution_directory =
command_expansion_filter = 1234567890!@%-_=+:,./abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ
command_time_limit = 1000s
config_directory = /etc/postfix
connection_cache_protocol_timeout = 5s
connection_cache_service_name = scache
connection_cache_status_update_time = 600s
connection_cache_ttl_limit = 2s
content_filter =
cyrus_sasl_config_path =
daemon_directory = /usr/lib/postfix
daemon_table_open_error_is_fatal = no
daemon_timeout = 18000s
data_directory = /var/lib/postfix
debug_peer_level = 2
debug_peer_list = 127.0.0.1
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5
default_database_type = hash
default_delivery_slot_cost = 5
default_delivery_slot_discount = 50
default_delivery_slot_loan = 3
default_destination_concurrency_failed_cohort_limit = 1
default_destination_concurrency_limit = 20
default_destination_concurrency_negative_feedback = 1
default_destination_concurrency_positive_feedback = 1
default_destination_rate_delay = 0s
default_destination_recipient_limit = 50
default_extra_recipient_limit = 1000
default_filter_nexthop =
default_minimum_delivery_slots = 3
default_privs = nobody
default_process_limit = 100
default_rbl_reply = $rbl_code Service unavailable; $rbl_class [$rbl_what] blocked using $rbl_domain${rbl_reason?; $rbl_reason}
default_recipient_limit = 20000
default_recipient_refill_delay = 5s
default_recipient_refill_limit = 100
default_transport = smtp
default_verp_delimiters = +=
defer_code = 450
defer_service_name = defer
defer_transports =
delay_logging_resolution_limit = 2
delay_notice_recipient = postmaster
delay_warning_time = 0h
deliver_lock_attempts = 20
deliver_lock_delay = 1s
destination_concurrency_feedback_debug = no
detect_8bit_encoding_header = yes
disable_dns_lookups = no
disable_mime_input_processing = no
disable_mime_output_conversion = no
disable_verp_bounces = no
disable_vrfy_command = no
dnsblog_reply_delay = 0s
dnsblog_service_name = dnsblog
dont_remove = 0
double_bounce_sender = double-bounce
duplicate_filter_limit = 1000
empty_address_default_transport_maps_lookup_key = <>
empty_address_recipient = MAILER-DAEMON
empty_address_relayhost_maps_lookup_key = <>
enable_long_queue_ids = no
enable_original_recipient = yes
error_delivery_slot_cost = $default_delivery_slot_cost
error_delivery_slot_discount = $default_delivery_slot_discount
error_delivery_slot_loan = $default_delivery_slot_loan
error_destination_concurrency_failed_cohort_limit = $default_destination_concurrency_failed_cohort_limit
error_destination_concurrency_limit = $default_destination_concurrency_limit
error_destination_concurrency_negative_feedback = $default_destination_concurrency_negative_feedback
error_destination_concurrency_positive_feedback = $default_destination_concurrency_positive_feedback
error_destination_rate_delay = $default_destination_rate_delay
error_destination_recipient_limit = $default_destination_recipient_limit
error_extra_recipient_limit = $default_extra_recipient_limit
error_initial_destination_concurrency = $initial_destination_concurrency
error_minimum_delivery_slots = $default_minimum_delivery_slots
error_notice_recipient = postmaster
error_recipient_limit = $default_recipient_limit
error_recipient_refill_delay = $default_recipient_refill_delay
error_recipient_refill_limit = $default_recipient_refill_limit
error_service_name = error
execution_directory_expansion_filter = 1234567890!@%-_=+:,./abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ
expand_owner_alias = no
export_environment = TZ MAIL_CONFIG LANG
fallback_transport =
fallback_transport_maps =
fast_flush_domains = $relay_domains
fast_flush_purge_time = 7d
fast_flush_refresh_time = 12h
fault_injection_code = 0
flush_service_name = flush
fork_attempts = 5
fork_delay = 1s
forward_expansion_filter = 1234567890!@%-_=+:,./abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ
forward_path = $home/.forward${recipient_delimiter}${extension}, $home/.forward
frozen_delivered_to = yes
hash_queue_depth = 1
hash_queue_names = deferred, defer
header_address_token_limit = 10240
header_checks =
header_size_limit = 102400
helpful_warnings = yes
home_mailbox = Maildir/
hopcount_limit = 50
html_directory = no
ignore_mx_lookup_error = no
import_environment = MAIL_CONFIG MAIL_DEBUG MAIL_LOGTAG TZ XAUTHORITY DISPLAY LANG=C
in_flow_delay = 1s
inet_interfaces = all
inet_protocols = ipv4
initial_destination_concurrency = 5
internal_mail_filter_classes =
invalid_hostname_reject_code = 501
ipc_idle = 5s
ipc_timeout = 3600s
ipc_ttl = 1000s
line_length_limit = 2048
lmtp_address_preference = any
lmtp_assume_final = no
lmtp_bind_address =
lmtp_bind_address6 =
lmtp_body_checks =
lmtp_cname_overrides_servername = no
lmtp_connect_timeout = 0s
lmtp_connection_cache_destinations =
lmtp_connection_cache_on_demand = yes
lmtp_connection_cache_time_limit = 2s
lmtp_connection_reuse_time_limit = 300s
lmtp_data_done_timeout = 600s
lmtp_data_init_timeout = 120s
lmtp_data_xfer_timeout = 180s
lmtp_defer_if_no_mx_address_found = no
lmtp_delivery_slot_cost = $default_delivery_slot_cost
lmtp_delivery_slot_discount = $default_delivery_slot_discount
lmtp_delivery_slot_loan = $default_delivery_slot_loan
lmtp_destination_concurrency_failed_cohort_limit = $default_destination_concurrency_failed_cohort_limit
lmtp_destination_concurrency_limit = $default_destination_concurrency_limit
lmtp_destination_concurrency_negative_feedback = $default_destination_concurrency_negative_feedback
lmtp_destination_concurrency_positive_feedback = $default_destination_concurrency_positive_feedback
lmtp_destination_rate_delay = $default_destination_rate_delay
lmtp_destination_recipient_limit = $default_destination_recipient_limit
lmtp_discard_lhlo_keyword_address_maps =
lmtp_discard_lhlo_keywords =
lmtp_dns_resolver_options =
lmtp_enforce_tls = no
lmtp_extra_recipient_limit = $default_extra_recipient_limit
lmtp_generic_maps =
lmtp_header_checks =
lmtp_host_lookup = dns
lmtp_initial_destination_concurrency = $initial_destination_concurrency
lmtp_lhlo_name = $myhostname
lmtp_lhlo_timeout = 300s
lmtp_line_length_limit = 998
lmtp_mail_timeout = 300s
lmtp_mime_header_checks =
lmtp_minimum_delivery_slots = $default_minimum_delivery_slots
lmtp_mx_address_limit = 5
lmtp_mx_session_limit = 2
lmtp_nested_header_checks =
lmtp_per_record_deadline = no
lmtp_pix_workaround_delay_time = 10s
lmtp_pix_workaround_maps =
lmtp_pix_workaround_threshold_time = 500s
lmtp_pix_workarounds = disable_esmtp,delay_dotcrlf
lmtp_quit_timeout = 300s
lmtp_quote_rfc821_envelope = yes
lmtp_randomize_addresses = yes
lmtp_rcpt_timeout = 300s
lmtp_recipient_limit = $default_recipient_limit
lmtp_recipient_refill_delay = $default_recipient_refill_delay
lmtp_recipient_refill_limit = $default_recipient_refill_limit
lmtp_reply_filter =
lmtp_rset_timeout = 20s
lmtp_sasl_auth_cache_name =
lmtp_sasl_auth_cache_time = 90d
lmtp_sasl_auth_enable = no
lmtp_sasl_auth_soft_bounce = yes
lmtp_sasl_mechanism_filter =
lmtp_sasl_password_maps =
lmtp_sasl_path =
lmtp_sasl_security_options = noplaintext, noanonymous
lmtp_sasl_tls_security_options = $lmtp_sasl_security_options
lmtp_sasl_tls_verified_security_options = $lmtp_sasl_tls_security_options
lmtp_sasl_type = cyrus
lmtp_send_dummy_mail_auth = no
lmtp_send_xforward_command = no
lmtp_sender_dependent_authentication = no
lmtp_skip_5xx_greeting = yes
lmtp_skip_quit_response = no
lmtp_starttls_timeout = 300s
lmtp_tcp_port = 24
lmtp_tls_CAfile =
lmtp_tls_CApath =
lmtp_tls_block_early_mail_reply = no
lmtp_tls_cert_file =
lmtp_tls_ciphers = export
lmtp_tls_dcert_file =
lmtp_tls_dkey_file = $lmtp_tls_dcert_file
lmtp_tls_eccert_file =
lmtp_tls_eckey_file = $lmtp_tls_eccert_file
lmtp_tls_enforce_peername = yes
lmtp_tls_exclude_ciphers =
lmtp_tls_fingerprint_cert_match =
lmtp_tls_fingerprint_digest = md5
lmtp_tls_key_file = $lmtp_tls_cert_file
lmtp_tls_loglevel = 0
lmtp_tls_mandatory_ciphers = medium
lmtp_tls_mandatory_exclude_ciphers =
lmtp_tls_mandatory_protocols = !SSLv2
lmtp_tls_note_starttls_offer = no
lmtp_tls_per_site =
lmtp_tls_policy_maps =
lmtp_tls_protocols = !SSLv2
lmtp_tls_scert_verifydepth = 9
lmtp_tls_secure_cert_match = nexthop
lmtp_tls_security_level =
lmtp_tls_session_cache_database =
lmtp_tls_session_cache_timeout = 3600s
lmtp_tls_verify_cert_match = hostname
lmtp_use_tls = no
lmtp_xforward_timeout = 300s
local_command_shell =
local_delivery_slot_cost = $default_delivery_slot_cost
local_delivery_slot_discount = $default_delivery_slot_discount
local_delivery_slot_loan = $default_delivery_slot_loan
local_destination_concurrency_failed_cohort_limit = $default_destination_concurrency_failed_cohort_limit
local_destination_concurrency_limit = 2
local_destination_concurrency_negative_feedback = $default_destination_concurrency_negative_feedback
local_destination_concurrency_positive_feedback = $default_destination_concurrency_positive_feedback
local_destination_rate_delay = $default_destination_rate_delay
local_destination_recipient_limit = 1
local_extra_recipient_limit = $default_extra_recipient_limit
local_header_rewrite_clients = permit_inet_interfaces
local_initial_destination_concurrency = $initial_destination_concurrency
local_minimum_delivery_slots = $default_minimum_delivery_slots
local_recipient_limit = $default_recipient_limit
local_recipient_maps = proxy:unix:passwd.byname $alias_maps
local_recipient_refill_delay = $default_recipient_refill_delay
local_recipient_refill_limit = $default_recipient_refill_limit
local_transport = local:$myhostname
luser_relay =
mail_name = Postfix
mail_owner = postfix
mail_release_date = 20120801
mail_spool_directory = /var/mail
mail_version = 2.9.4
mailbox_command =
mailbox_command_maps =
mailbox_delivery_lock = fcntl, dotlock
mailbox_size_limit = 51200000
mailbox_transport =
mailbox_transport_maps =
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
maps_rbl_domains =
maps_rbl_reject_code = 554
masquerade_classes = envelope_sender, header_sender, header_recipient
masquerade_domains =
masquerade_exceptions =
master_service_disable =
max_idle = 100s
max_use = 100
maximal_backoff_time = 4000s
maximal_queue_lifetime = 5d
message_reject_characters =
message_size_limit = 10240000
message_strip_characters =
milter_command_timeout = 30s
milter_connect_macros = j {daemon_name} v
milter_connect_timeout = 30s
milter_content_timeout = 300s
milter_data_macros = i
milter_default_action = tempfail
milter_end_of_data_macros = i
milter_end_of_header_macros = i
milter_header_checks =
milter_helo_macros = {tls_version} {cipher} {cipher_bits} {cert_subject} {cert_issuer}
milter_macro_daemon_name = $myhostname
milter_macro_v = $mail_name $mail_version
milter_mail_macros = i {auth_type} {auth_authen} {auth_author} {mail_addr} {mail_host} {mail_mailer}
milter_protocol = 6
milter_rcpt_macros = i {rcpt_addr} {rcpt_host} {rcpt_mailer}
milter_unknown_command_macros =
mime_boundary_length_limit = 2048
mime_header_checks = $header_checks
mime_nesting_limit = 100
minimal_backoff_time = 300s
multi_instance_directories =
multi_instance_enable = no
multi_instance_group =
multi_instance_name =
multi_instance_wrapper =
multi_recipient_bounce_reject_code = 550
mydestination = $myhostname, localhost.$mydomain, localhost
mydomain = (hidden)
myhostname = (hidden)
mynetworks = 127.0.0.1/32 192.168.1.32/32
mynetworks_style = host
myorigin = $mydomain
nested_header_checks = $header_checks
newaliases_path = /usr/bin/newaliases
non_fqdn_reject_code = 504
non_smtpd_milters =
notify_classes = resource, software
owner_request_special = yes
parent_domain_matches_subdomains = debug_peer_list,fast_flush_domains,mynetworks,permit_mx_backup_networks,qmqpd_authorized_clients,relay_domains,smtpd_access_maps
permit_mx_backup_networks =
pickup_service_name = pickup
plaintext_reject_code = 450
postmulti_control_commands = reload flush
postmulti_start_commands = start
postmulti_stop_commands = stop abort drain quick-stop
postscreen_access_list = permit_mynetworks
postscreen_bare_newline_action = ignore
postscreen_bare_newline_enable = no
postscreen_bare_newline_ttl = 30d
postscreen_blacklist_action = ignore
postscreen_cache_cleanup_interval = 12h
postscreen_cache_map = btree:$data_directory/postscreen_cache
postscreen_cache_retention_time = 7d
postscreen_client_connection_count_limit = $smtpd_client_connection_count_limit
postscreen_command_count_limit = 20
postscreen_command_filter =
postscreen_command_time_limit = ${stress?10}${stress:300}s
postscreen_disable_vrfy_command = $disable_vrfy_command
postscreen_discard_ehlo_keyword_address_maps = $smtpd_discard_ehlo_keyword_address_maps
postscreen_discard_ehlo_keywords = $smtpd_discard_ehlo_keywords
postscreen_dnsbl_action = ignore
postscreen_dnsbl_reply_map =
postscreen_dnsbl_sites =
postscreen_dnsbl_threshold = 1
postscreen_dnsbl_ttl = 1h
postscreen_enforce_tls = $smtpd_enforce_tls
postscreen_expansion_filter = $smtpd_expansion_filter
postscreen_forbidden_commands = $smtpd_forbidden_commands
postscreen_greet_action = ignore
postscreen_greet_banner = $smtpd_banner
postscreen_greet_ttl = 1d
postscreen_greet_wait = ${stress?2}${stress:6}s
postscreen_helo_required = $smtpd_helo_required
postscreen_non_smtp_command_action = drop
postscreen_non_smtp_command_enable = no
postscreen_non_smtp_command_ttl = 30d
postscreen_pipelining_action = enforce
postscreen_pipelining_enable = no
postscreen_pipelining_ttl = 30d
postscreen_post_queue_limit = $default_process_limit
postscreen_pre_queue_limit = $default_process_limit
postscreen_reject_footer = $smtpd_reject_footer
postscreen_tls_security_level = $smtpd_tls_security_level
postscreen_use_tls = $smtpd_use_tls
postscreen_watchdog_timeout = 10s
postscreen_whitelist_interfaces = static:all
prepend_delivered_header = command, file, forward
process_id_directory = pid
propagate_unmatched_extensions = canonical, virtual
proxy_interfaces =
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $sender_bcc_maps $recipient_bcc_maps $smtp_generic_maps $lmtp_generic_maps $alias_maps
proxy_write_maps = $smtp_sasl_auth_cache_name $lmtp_sasl_auth_cache_name $address_verify_map $postscreen_cache_map
proxymap_service_name = proxymap
proxywrite_service_name = proxywrite
qmgr_clog_warn_time = 300s
qmgr_daemon_timeout = 1000s
qmgr_fudge_factor = 100
qmgr_ipc_timeout = 60s
qmgr_message_active_limit = 20000
qmgr_message_recipient_limit = 20000
qmgr_message_recipient_minimum = 10
qmqpd_authorized_clients =
qmqpd_client_port_logging = no
qmqpd_error_delay = 1s
qmqpd_timeout = 300s
queue_directory = /var/spool/postfix
queue_file_attribute_count_limit = 100
queue_minfree = 0
queue_run_delay = 300s
queue_service_name = qmgr
rbl_reply_maps =
readme_directory = no
receive_override_options =
recipient_bcc_maps =
recipient_canonical_classes = envelope_recipient, header_recipient
recipient_canonical_maps =
recipient_delimiter =
reject_code = 554
reject_tempfail_action = defer_if_permit
relay_clientcerts =
relay_delivery_slot_cost = $default_delivery_slot_cost
relay_delivery_slot_discount = $default_delivery_slot_discount
relay_delivery_slot_loan = $default_delivery_slot_loan
relay_destination_concurrency_failed_cohort_limit = $default_destination_concurrency_failed_cohort_limit
relay_destination_concurrency_limit = $default_destination_concurrency_limit
relay_destination_concurrency_negative_feedback = $default_destination_concurrency_negative_feedback
relay_destination_concurrency_positive_feedback = $default_destination_concurrency_positive_feedback
relay_destination_rate_delay = $default_destination_rate_delay
relay_destination_recipient_limit = $default_destination_recipient_limit
relay_domains = $mydestination
relay_domains_reject_code = 554
relay_extra_recipient_limit = $default_extra_recipient_limit
relay_initial_destination_concurrency = $initial_destination_concurrency
relay_minimum_delivery_slots = $default_minimum_delivery_slots
relay_recipient_limit = $default_recipient_limit
relay_recipient_maps =
relay_recipient_refill_delay = $default_recipient_refill_delay
relay_recipient_refill_limit = $default_recipient_refill_limit
relay_transport = relay
relayhost =
relocated_maps =
remote_header_rewrite_domain =
require_home_directory = no
reset_owner_alias = no
resolve_dequoted_address = yes
resolve_null_domain = no
resolve_numeric_domain = no
retry_delivery_slot_cost = $default_delivery_slot_cost
retry_delivery_slot_discount = $default_delivery_slot_discount
retry_delivery_slot_loan = $default_delivery_slot_loan
retry_destination_concurrency_failed_cohort_limit = $default_destination_concurrency_failed_cohort_limit
retry_destination_concurrency_limit = $default_destination_concurrency_limit
retry_destination_concurrency_negative_feedback = $default_destination_concurrency_negative_feedback
retry_destination_concurrency_positive_feedback = $default_destination_concurrency_positive_feedback
retry_destination_rate_delay = $default_destination_rate_delay
retry_destination_recipient_limit = $default_destination_recipient_limit
retry_extra_recipient_limit = $default_extra_recipient_limit
retry_initial_destination_concurrency = $initial_destination_concurrency
retry_minimum_delivery_slots = $default_minimum_delivery_slots
retry_recipient_limit = $default_recipient_limit
retry_recipient_refill_delay = $default_recipient_refill_delay
retry_recipient_refill_limit = $default_recipient_refill_limit
rewrite_service_name = rewrite
sample_directory = /etc/postfix/sample
send_cyrus_sasl_authzid = no
sender_bcc_maps =
sender_canonical_classes = envelope_sender, header_sender
sender_canonical_maps =
sender_dependent_default_transport_maps =
sender_dependent_relayhost_maps =
sendmail_fix_line_endings = always
sendmail_path = /usr/sbin/sendmail
service_throttle_time = 60s
setgid_group = postdrop
show_user_unknown_table_name = yes
showq_service_name = showq
smtp_address_preference = any
smtp_always_send_ehlo = yes
smtp_bind_address =
smtp_bind_address6 =
smtp_body_checks =
smtp_cname_overrides_servername = no
smtp_connect_timeout = 30s
smtp_connection_cache_destinations =
smtp_connection_cache_on_demand = yes
smtp_connection_cache_time_limit = 2s
smtp_connection_reuse_time_limit = 300s
smtp_data_done_timeout = 600s
smtp_data_init_timeout = 120s
smtp_data_xfer_timeout = 180s
smtp_defer_if_no_mx_address_found = no
smtp_delivery_slot_cost = $default_delivery_slot_cost
smtp_delivery_slot_discount = $default_delivery_slot_discount
smtp_delivery_slot_loan = $default_delivery_slot_loan
smtp_destination_concurrency_failed_cohort_limit = $default_destination_concurrency_failed_cohort_limit
smtp_destination_concurrency_limit = $default_destination_concurrency_limit
smtp_destination_concurrency_negative_feedback = $default_destination_concurrency_negative_feedback
smtp_destination_concurrency_positive_feedback = $default_destination_concurrency_positive_feedback
smtp_destination_rate_delay = $default_destination_rate_delay
smtp_destination_recipient_limit = $default_destination_recipient_limit
smtp_discard_ehlo_keyword_address_maps =
smtp_discard_ehlo_keywords =
smtp_dns_resolver_options =
smtp_enforce_tls = no
smtp_extra_recipient_limit = $default_extra_recipient_limit
smtp_fallback_relay = $fallback_relay
smtp_generic_maps =
smtp_header_checks =
smtp_helo_name = $myhostname
smtp_helo_timeout = 300s
smtp_host_lookup = dns
smtp_initial_destination_concurrency = $initial_destination_concurrency
smtp_line_length_limit = 998
smtp_mail_timeout = 300s
smtp_mime_header_checks =
smtp_minimum_delivery_slots = $default_minimum_delivery_slots
smtp_mx_address_limit = 5
smtp_mx_session_limit = 2
smtp_nested_header_checks =
smtp_never_send_ehlo = no
smtp_per_record_deadline = no
smtp_pix_workaround_delay_time = 10s
smtp_pix_workaround_maps =
smtp_pix_workaround_threshold_time = 500s
smtp_pix_workarounds = disable_esmtp,delay_dotcrlf
smtp_quit_timeout = 300s
smtp_quote_rfc821_envelope = yes
smtp_randomize_addresses = yes
smtp_rcpt_timeout = 300s
smtp_recipient_limit = $default_recipient_limit
smtp_recipient_refill_delay = $default_recipient_refill_delay
smtp_recipient_refill_limit = $default_recipient_refill_limit
smtp_reply_filter =
smtp_rset_timeout = 20s
smtp_sasl_auth_cache_name =
smtp_sasl_auth_cache_time = 90d
smtp_sasl_auth_enable = no
smtp_sasl_auth_soft_bounce = yes
smtp_sasl_mechanism_filter =
smtp_sasl_password_maps =
smtp_sasl_path =
smtp_sasl_security_options = noplaintext, noanonymous
smtp_sasl_tls_security_options = $smtp_sasl_security_options
smtp_sasl_tls_verified_security_options = $smtp_sasl_tls_security_options
smtp_sasl_type = cyrus
smtp_send_dummy_mail_auth = no
smtp_send_xforward_command = no
smtp_sender_dependent_authentication = no
smtp_skip_5xx_greeting = yes
smtp_skip_quit_response = yes
smtp_starttls_timeout = 300s
smtp_tls_CAfile =
smtp_tls_CApath =
smtp_tls_block_early_mail_reply = no
smtp_tls_cert_file =
smtp_tls_ciphers = export
smtp_tls_dcert_file =
smtp_tls_dkey_file = $smtp_tls_dcert_file
smtp_tls_eccert_file =
smtp_tls_eckey_file = $smtp_tls_eccert_file
smtp_tls_enforce_peername = yes
smtp_tls_exclude_ciphers =
smtp_tls_fingerprint_cert_match =
smtp_tls_fingerprint_digest = md5
smtp_tls_key_file = $smtp_tls_cert_file
smtp_tls_loglevel = 0
smtp_tls_mandatory_ciphers = medium
smtp_tls_mandatory_exclude_ciphers =
smtp_tls_mandatory_protocols = !SSLv2
smtp_tls_note_starttls_offer = no
smtp_tls_per_site =
smtp_tls_policy_maps =
smtp_tls_protocols = !SSLv2
smtp_tls_scert_verifydepth = 9
smtp_tls_secure_cert_match = nexthop, dot-nexthop
smtp_tls_security_level =
smtp_tls_session_cache_database =
smtp_tls_session_cache_timeout = 3600s
smtp_tls_verify_cert_match = hostname
smtp_use_tls = no
smtp_xforward_timeout = 300s
smtpd_authorized_verp_clients = $authorized_verp_clients
smtpd_authorized_xclient_hosts =
smtpd_authorized_xforward_hosts =
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_client_connection_count_limit = 50
smtpd_client_connection_rate_limit = 0
smtpd_client_event_limit_exceptions = ${smtpd_client_connection_limit_exceptions:$mynetworks}
smtpd_client_message_rate_limit = 0
smtpd_client_new_tls_session_rate_limit = 0
smtpd_client_port_logging = no
smtpd_client_recipient_rate_limit = 0
smtpd_client_restrictions =
smtpd_command_filter =
smtpd_data_restrictions =
smtpd_delay_open_until_valid_rcpt = yes
smtpd_delay_reject = yes
smtpd_discard_ehlo_keyword_address_maps =
smtpd_discard_ehlo_keywords =
smtpd_end_of_data_restrictions =
smtpd_enforce_tls = no
smtpd_error_sleep_time = 1s
smtpd_etrn_restrictions =
smtpd_expansion_filter = \t\40!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~
smtpd_forbidden_commands = CONNECT GET POST
smtpd_hard_error_limit = ${stress?1}${stress:20}
smtpd_helo_required = no
smtpd_helo_restrictions =
smtpd_history_flush_threshold = 100
smtpd_junk_command_limit = ${stress?1}${stress:100}
smtpd_milters =
smtpd_noop_commands =
smtpd_null_access_lookup_key = <>
smtpd_peername_lookup = yes
smtpd_per_record_deadline = ${stress?yes}${stress:no}
smtpd_policy_service_max_idle = 300s
smtpd_policy_service_max_ttl = 1000s
smtpd_policy_service_timeout = 100s
smtpd_proxy_ehlo = $myhostname
smtpd_proxy_filter =
smtpd_proxy_options =
smtpd_proxy_timeout = 100s
smtpd_recipient_limit = 1000
smtpd_recipient_overshoot_limit = 1000
smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination
smtpd_reject_footer =
smtpd_reject_unlisted_recipient = yes
smtpd_reject_unlisted_sender = no
smtpd_restriction_classes =
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = no
smtpd_sasl_exceptions_networks =
smtpd_sasl_local_domain =
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous, noplaintext
smtpd_sasl_tls_security_options = $smtpd_sasl_security_options
smtpd_sasl_type = dovecot
smtpd_sender_login_maps =
smtpd_sender_restrictions =
smtpd_service_name = smtpd
smtpd_soft_error_limit = 10
smtpd_starttls_timeout = ${stress?10}${stress:300}s
smtpd_timeout = ${stress?10}${stress:300}s
smtpd_tls_CAfile =
smtpd_tls_CApath =
smtpd_tls_always_issue_session_ids = yes
smtpd_tls_ask_ccert = no
smtpd_tls_auth_only = no
smtpd_tls_ccert_verifydepth = 9
smtpd_tls_cert_file =
smtpd_tls_ciphers = export
smtpd_tls_dcert_file =
smtpd_tls_dh1024_param_file =
smtpd_tls_dh512_param_file =
smtpd_tls_dkey_file = $smtpd_tls_dcert_file
smtpd_tls_eccert_file =
smtpd_tls_eckey_file = $smtpd_tls_eccert_file
smtpd_tls_eecdh_grade = strong
smtpd_tls_exclude_ciphers =
smtpd_tls_fingerprint_digest = md5
smtpd_tls_key_file = $smtpd_tls_cert_file
smtpd_tls_loglevel = 0
smtpd_tls_mandatory_ciphers = medium
smtpd_tls_mandatory_exclude_ciphers =
smtpd_tls_mandatory_protocols = !SSLv2
smtpd_tls_protocols =
smtpd_tls_received_header = no
smtpd_tls_req_ccert = no
smtpd_tls_security_level =
smtpd_tls_session_cache_database =
smtpd_tls_session_cache_timeout = 3600s
smtpd_tls_wrappermode = no
smtpd_use_tls = no
soft_bounce = no
stale_lock_time = 500s
stress =
strict_7bit_headers = no
strict_8bitmime = no
strict_8bitmime_body = no
strict_mailbox_ownership = yes
strict_mime_encoding_domain = no
strict_rfc821_envelopes = no
sun_mailtool_compatibility = no
swap_bangpath = yes
syslog_facility = mail
syslog_name = ${multi_instance_name:postfix}${multi_instance_name?$multi_instance_name}
tcp_windowsize = 0
tls_append_default_CA = no
tls_daemon_random_bytes = 32
tls_disable_workarounds =
tls_eecdh_strong_curve = prime256v1
tls_eecdh_ultra_curve = secp384r1
tls_export_cipherlist = aNULL:-aNULL:ALL:+RC4:@STRENGTH
tls_high_cipherlist = aNULL:-aNULL:ALL:!EXPORT:!LOW:!MEDIUM:+RC4:@STRENGTH
tls_low_cipherlist = aNULL:-aNULL:ALL:!EXPORT:+RC4:@STRENGTH
tls_medium_cipherlist = aNULL:-aNULL:ALL:!EXPORT:!LOW:+RC4:@STRENGTH
tls_null_cipherlist = eNULL:!aNULL
tls_preempt_cipherlist = no
tls_random_bytes = 32
tls_random_exchange_name = ${data_directory}/prng_exch
tls_random_prng_update_period = 3600s
tls_random_reseed_period = 3600s
tls_random_source = dev:/dev/urandom
tlsproxy_enforce_tls = $smtpd_enforce_tls
tlsproxy_service_name = tlsproxy
tlsproxy_tls_CAfile = $smtpd_tls_CAfile
tlsproxy_tls_CApath = $smtpd_tls_CApath
tlsproxy_tls_always_issue_session_ids = $smtpd_tls_always_issue_session_ids
tlsproxy_tls_ask_ccert = $smtpd_tls_ask_ccert
tlsproxy_tls_ccert_verifydepth = $smtpd_tls_ccert_verifydepth
tlsproxy_tls_cert_file = $smtpd_tls_cert_file
tlsproxy_tls_ciphers = $smtpd_tls_ciphers
tlsproxy_tls_dcert_file = $smtpd_tls_dcert_file
tlsproxy_tls_dh1024_param_file = $smtpd_tls_dh1024_param_file
tlsproxy_tls_dh512_param_file = $smtpd_tls_dh512_param_file
tlsproxy_tls_dkey_file = $smtpd_tls_dkey_file
tlsproxy_tls_eccert_file = $smtpd_tls_eccert_file
tlsproxy_tls_eckey_file = $smtpd_tls_eckey_file
tlsproxy_tls_eecdh_grade = $smtpd_tls_eecdh_grade
tlsproxy_tls_exclude_ciphers = $smtpd_tls_exclude_ciphers
tlsproxy_tls_fingerprint_digest = $smtpd_tls_fingerprint_digest
tlsproxy_tls_key_file = $smtpd_tls_key_file
tlsproxy_tls_loglevel = $smtpd_tls_loglevel
tlsproxy_tls_mandatory_ciphers = $smtpd_tls_mandatory_ciphers
tlsproxy_tls_mandatory_exclude_ciphers = $smtpd_tls_mandatory_exclude_ciphers
tlsproxy_tls_mandatory_protocols = $smtpd_tls_mandatory_protocols
tlsproxy_tls_protocols = $smtpd_tls_protocols
tlsproxy_tls_req_ccert = $smtpd_tls_req_ccert
tlsproxy_tls_security_level = $smtpd_tls_security_level
tlsproxy_tls_session_cache_timeout = $smtpd_tls_session_cache_timeout
tlsproxy_use_tls = $smtpd_use_tls
tlsproxy_watchdog_timeout = 10s
trace_service_name = trace
transport_maps =
transport_retry_time = 60s
trigger_timeout = 10s
undisclosed_recipients_header =
unknown_address_reject_code = 450
unknown_address_tempfail_action = $reject_tempfail_action
unknown_client_reject_code = 450
unknown_helo_hostname_tempfail_action = $reject_tempfail_action
unknown_hostname_reject_code = 450
unknown_local_recipient_reject_code = 550
unknown_relay_recipient_reject_code = 550
unknown_virtual_alias_reject_code = 550
unknown_virtual_mailbox_reject_code = 550
unverified_recipient_defer_code = 450
unverified_recipient_reject_code = 450
unverified_recipient_reject_reason =
unverified_recipient_tempfail_action = $reject_tempfail_action
unverified_sender_defer_code = 450
unverified_sender_reject_code = 450
unverified_sender_reject_reason =
unverified_sender_tempfail_action = $reject_tempfail_action
verp_delimiter_filter = -=+
virtual_alias_domains = $virtual_alias_maps
virtual_alias_expansion_limit = 1000
virtual_alias_maps = $virtual_maps
virtual_alias_recursion_limit = 1000
virtual_delivery_slot_cost = $default_delivery_slot_cost
virtual_delivery_slot_discount = $default_delivery_slot_discount
virtual_delivery_slot_loan = $default_delivery_slot_loan
virtual_destination_concurrency_failed_cohort_limit = $default_destination_concurrency_failed_cohort_limit
virtual_destination_concurrency_limit = $default_destination_concurrency_limit
virtual_destination_concurrency_negative_feedback = $default_destination_concurrency_negative_feedback
virtual_destination_concurrency_positive_feedback = $default_destination_concurrency_positive_feedback
virtual_destination_rate_delay = $default_destination_rate_delay
virtual_destination_recipient_limit = $default_destination_recipient_limit
virtual_extra_recipient_limit = $default_extra_recipient_limit
virtual_gid_maps =
virtual_initial_destination_concurrency = $initial_destination_concurrency
virtual_mailbox_base =
virtual_mailbox_domains = $virtual_mailbox_maps
virtual_mailbox_limit = 51200000
virtual_mailbox_lock = fcntl, dotlock
virtual_mailbox_maps =
virtual_minimum_delivery_slots = $default_minimum_delivery_slots
virtual_minimum_uid = 100
virtual_recipient_limit = $default_recipient_limit
virtual_recipient_refill_delay = $default_recipient_refill_delay
virtual_recipient_refill_limit = $default_recipient_refill_limit
virtual_transport = virtual
virtual_uid_maps =
postconf: warning: /etc/postfix/main.cf: unused parameter: smtpd_sasl_auth_only=yes
Output from doveconf:
# 2.1.9: /etc/dovecot/dovecot.conf
# OS: Linux 3.4.7-1-ARCH x86_64 Arch Linux
auth_anonymous_username = anonymous
auth_cache_negative_ttl = 1 hours
auth_cache_size = 0
auth_cache_ttl = 1 hours
auth_debug = yes
auth_debug_passwords = no
auth_default_realm =
auth_failure_delay = 2 secs
auth_first_valid_uid = 500
auth_gssapi_hostname =
auth_krb5_keytab =
auth_last_valid_uid = 0
auth_master_user_separator =
auth_mechanisms = plain login
auth_proxy_self =
auth_realms =
auth_socket_path = auth-userdb
auth_ssl_require_client_cert = no
auth_ssl_username_from_cert = no
auth_use_winbind = no
auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
auth_username_format = %Lu
auth_username_translation =
auth_verbose = no
auth_verbose_passwords = no
auth_winbind_helper_path = /usr/bin/ntlm_auth
auth_worker_max_count = 30
base_dir = /var/run/dovecot
config_cache_size = 1 M
debug_log_path =
default_client_limit = 1000
default_idle_kill = 1 mins
default_internal_user = dovecot
default_login_user = dovenull
default_process_limit = 100
default_vsz_limit = 256 M
deliver_log_format = msgid=%m: %$
dict_db_config =
director_doveadm_port = 0
director_mail_servers =
director_servers =
director_user_expire = 15 mins
director_username_hash = %Lu
disable_plaintext_auth = yes
dotlock_use_excl = yes
doveadm_allowed_commands =
doveadm_password =
doveadm_proxy_port = 0
doveadm_socket_path = doveadm-server
doveadm_worker_count = 0
dsync_alt_char = _
dsync_remote_cmd = ssh -l%{login} %{host} doveadm dsync-server -u%u -l%{lock_timeout} -n%{namespace}
first_valid_gid = 1
first_valid_uid = 500
hostname =
imap_capability =
imap_client_workarounds =
imap_id_log =
imap_id_send =
imap_idle_notify_interval = 2 mins
imap_logout_format = in=%i out=%o
imap_max_line_length = 64 k
imapc_features =
imapc_host =
imapc_list_prefix =
imapc_master_user =
imapc_password =
imapc_port = 143
imapc_rawlog_dir =
imapc_ssl = no
imapc_ssl_ca_dir =
imapc_ssl_verify = yes
imapc_user = %u
import_environment = TZ LISTEN_PID LISTEN_FDS
info_log_path =
instance_name = dovecot
last_valid_gid = 0
last_valid_uid = 0
lda_mailbox_autocreate = no
lda_mailbox_autosubscribe = no
lda_original_recipient_header =
libexec_dir = /usr/lib/dovecot
listen = *, ::
lmtp_address_translate =
lmtp_proxy = no
lmtp_save_to_detail_mailbox = no
lock_method = fcntl
log_path = /var/log/dovecot.log
log_timestamp = "%b %d %H:%M:%S "
login_access_sockets =
login_greeting = Dovecot ready.
login_log_format = %$: %s
login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c session=<%{session}>
login_trusted_networks =
mail_access_groups = mail
mail_attachment_dir =
mail_attachment_fs = sis posix
mail_attachment_hash = %{sha1}
mail_attachment_min_size = 128 k
mail_cache_fields = flags
mail_cache_min_mail_count = 0
mail_chroot =
mail_debug = no
mail_fsync = optimized
mail_full_filesystem_access = no
mail_gid =
mail_home =
mail_location = maildir:~/Maildir
mail_log_prefix = "%s(%u): "
mail_max_keyword_length = 50
mail_max_lock_timeout = 0
mail_max_userip_connections = 10
mail_never_cache_fields = imap.envelope
mail_nfs_index = no
mail_nfs_storage = no
mail_plugin_dir = /usr/lib/dovecot/modules
mail_plugins =
mail_prefetch_count = 0
mail_privileged_group =
mail_save_crlf = no
mail_shared_explicit_inbox = yes
mail_temp_dir = /tmp
mail_temp_scan_interval = 1 weeks
mail_uid =
mailbox_idle_check_interval = 30 secs
mailbox_list_index = no
maildir_broken_filename_sizes = no
maildir_copy_with_hardlinks = yes
maildir_stat_dirs = no
maildir_very_dirty_syncs = no
master_user_separator =
mbox_dirty_syncs = yes
mbox_dotlock_change_timeout = 2 mins
mbox_lazy_writes = yes
mbox_lock_timeout = 5 mins
mbox_md5 = apop3d
mbox_min_index_size = 0
mbox_read_locks = fcntl
mbox_very_dirty_syncs = no
mbox_write_locks = dotlock fcntl
mdbox_preallocate_space = no
mdbox_rotate_interval = 0
mdbox_rotate_size = 2 M
mmap_disable = no
passdb {
args =
default_fields =
deny = no
driver = pam
master = no
override_fields =
pass = no
pop3_client_workarounds =
pop3_enable_last = no
pop3_fast_size_lookups = no
pop3_lock_session = no
pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s
pop3_no_flag_updates = no
pop3_reuse_xuidl = no
pop3_save_uidl = no
pop3_uidl_duplicates = allow
pop3_uidl_format = %08Xu%08Xv
pop3c_host =
pop3c_master_user =
pop3c_password =
pop3c_port = 110
pop3c_rawlog_dir =
pop3c_ssl = no
pop3c_ssl_ca_dir =
pop3c_ssl_verify = yes
pop3c_user = %u
postmaster_address =
protocols = imap
quota_full_tempfail = no
recipient_delimiter = +
rejection_reason = Your message to <%t> was automatically rejected:%n%r
rejection_subject = Rejected: %s
replication_full_sync_interval = 12 hours
replication_max_conns = 10
replicator_host = replicator
replicator_port = 0
sendmail_path = /usr/sbin/sendmail
service aggregator {
chroot = .
client_limit = 0
drop_priv_before_exec = no
executable = aggregator
extra_groups =
fifo_listener replication-notify-fifo {
group =
mode = 0600
user =
group =
idle_kill = 0
privileged_group =
process_limit = 0
process_min_avail = 0
protocol =
service_count = 0
type =
unix_listener replication-notify {
group =
mode = 0600
user =
user = $default_internal_user
vsz_limit = 18446744073709551615 B
service anvil {
chroot = empty
client_limit = 0
drop_priv_before_exec = no
executable = anvil
extra_groups =
group =
idle_kill = 4294967295 secs
privileged_group =
process_limit = 1
process_min_avail = 1
protocol =
service_count = 0
type = anvil
unix_listener anvil-auth-penalty {
group =
mode = 0600
user =
unix_listener anvil {
group =
mode = 0600
user =
user = $default_internal_user
vsz_limit = 18446744073709551615 B
service auth-worker {
chroot =
client_limit = 1
drop_priv_before_exec = no
executable = auth -w
extra_groups =
group =
idle_kill = 0
privileged_group =
process_limit = 0
process_min_avail = 0
protocol =
service_count = 1
type =
unix_listener auth-worker {
group =
mode = 0600
user = $default_internal_user
user =
vsz_limit = 18446744073709551615 B
service auth {
chroot =
client_limit = 0
drop_priv_before_exec = no
executable = auth
extra_groups =
group =
idle_kill = 0
inet_listener {
address =
port = 12345
ssl = no
privileged_group =
process_limit = 1
process_min_avail = 0
protocol =
service_count = 0
type =
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0666
user = postfix
unix_listener auth-client {
group = postfix
mode = 0660
user = postfix
unix_listener auth-login {
group =
mode = 0600
user = $default_internal_user
unix_listener auth-master {
group =
mode = 0600
user =
unix_listener auth-userdb {
group =
mode = 0666
user = $default_internal_user
unix_listener login/login {
group =
mode = 0666
user =
user = root
vsz_limit = 18446744073709551615 B
service config {
chroot =
client_limit = 0
drop_priv_before_exec = no
executable = config
extra_groups =
group =
idle_kill = 0
privileged_group =
process_limit = 0
process_min_avail = 0
protocol =
service_count = 0
type = config
unix_listener config {
group =
mode = 0600
user =
user =
vsz_limit = 18446744073709551615 B
service dict {
chroot =
client_limit = 1
drop_priv_before_exec = no
executable = dict
extra_groups =
group =
idle_kill = 0
privileged_group =
process_limit = 0
process_min_avail = 0
protocol =
service_count = 0
type =
unix_listener dict {
group =
mode = 0600
user =
user = $default_internal_user
vsz_limit = 18446744073709551615 B
service director {
chroot = .
client_limit = 0
drop_priv_before_exec = no
executable = director
extra_groups =
fifo_listener login/proxy-notify {
group =
mode = 00
user =
group =
idle_kill = 4294967295 secs
privileged_group =
process_limit = 1
process_min_avail = 0
protocol =
service_count = 0
type =
unix_listener director-admin {
group =
mode = 0600
user =
unix_listener login/director {
group =
mode = 00
user =
user = $default_internal_user
vsz_limit = 18446744073709551615 B
service dns_client {
chroot =
client_limit = 1
drop_priv_before_exec = no
executable = dns-client
extra_groups =
group =
idle_kill = 0
privileged_group =
process_limit = 0
process_min_avail = 0
protocol =
service_count = 0
type =
unix_listener dns-client {
group =
mode = 0666
user =
unix_listener login/dns-client {
group =
mode = 0666
user =
user = $default_internal_user
vsz_limit = 18446744073709551615 B
service doveadm {
chroot =
client_limit = 1
drop_priv_before_exec = no
executable = doveadm-server
extra_groups =
group =
idle_kill = 0
privileged_group =
process_limit = 0
process_min_avail = 0
protocol =
service_count = 1
type =
unix_listener doveadm-server {
group =
mode = 0600
user =
user =
vsz_limit = 18446744073709551615 B
service imap-login {
chroot = login
client_limit = 0
drop_priv_before_exec = no
executable = imap-login
extra_groups =
group =
idle_kill = 0
inet_listener imap {
address =
port = 143
ssl = no
inet_listener imaps {
address =
port = 993
ssl = yes
privileged_group =
process_limit = 0
process_min_avail = 0
protocol = imap
service_count = 1
type = login
user = $default_login_user
vsz_limit = 18446744073709551615 B
service imap {
chroot =
client_limit = 1
drop_priv_before_exec = no
executable = imap
extra_groups =
group =
idle_kill = 0
privileged_group =
process_limit = 1024
process_min_avail = 0
protocol = imap
service_count = 1
type =
unix_listener login/imap {
group =
mode = 0666
user =
user =
vsz_limit = 18446744073709551615 B
service indexer-worker {
chroot =
client_limit = 1
drop_priv_before_exec = no
executable = indexer-worker
extra_groups =
group =
idle_kill = 0
privileged_group =
process_limit = 10
process_min_avail = 0
protocol =
service_count = 0
type =
unix_listener indexer-worker {
group =
mode = 0600
user = $default_internal_user
user =
vsz_limit = 18446744073709551615 B
service indexer {
chroot =
client_limit = 0
drop_priv_before_exec = no
executable = indexer
extra_groups =
group =
idle_kill = 0
privileged_group =
process_limit = 1
process_min_avail = 0
protocol =
service_count = 0
type =
unix_listener indexer {
group =
mode = 0666
user =
user = $default_internal_user
vsz_limit = 18446744073709551615 B
service ipc {
chroot = empty
client_limit = 0
drop_priv_before_exec = no
executable = ipc
extra_groups =
group =
idle_kill = 0
privileged_group =
process_limit = 1
process_min_avail = 0
protocol =
service_count = 0
type =
unix_listener ipc {
group =
mode = 0600
user =
unix_listener login/ipc-proxy {
group =
mode = 0600
user = $default_login_user
user = $default_internal_user
vsz_limit = 18446744073709551615 B
service lmtp {
chroot =
client_limit = 1
drop_priv_before_exec = no
executable = lmtp
extra_groups =
group =
idle_kill = 0
privileged_group =
process_limit = 0
process_min_avail = 0
protocol = lmtp
service_count = 0
type =
unix_listener lmtp {
group =
mode = 0666
user =
user =
vsz_limit = 18446744073709551615 B
service log {
chroot =
client_limit = 0
drop_priv_before_exec = no
executable = log
extra_groups =
group =
idle_kill = 4294967295 secs
privileged_group =
process_limit = 1
process_min_avail = 0
protocol =
service_count = 0
type = log
unix_listener log-errors {
group =
mode = 0600
user =
user =
vsz_limit = 18446744073709551615 B
service pop3-login {
chroot = login
client_limit = 0
drop_priv_before_exec = no
executable = pop3-login
extra_groups =
group =
idle_kill = 0
inet_listener pop3 {
address =
port = 110
ssl = no
inet_listener pop3s {
address =
port = 995
ssl = yes
privileged_group =
process_limit = 0
process_min_avail = 0
protocol = pop3
service_count = 1
type = login
user = $default_login_user
vsz_limit = 18446744073709551615 B
service pop3 {
chroot =
client_limit = 1
drop_priv_before_exec = no
executable = pop3
extra_groups =
group =
idle_kill = 0
privileged_group =
process_limit = 1024
process_min_avail = 0
protocol = pop3
service_count = 1
type =
unix_listener login/pop3 {
group =
mode = 0666
user =
user =
vsz_limit = 18446744073709551615 B
service replicator {
chroot =
client_limit = 0
drop_priv_before_exec = no
executable = replicator
extra_groups =
group =
idle_kill = 4294967295 secs
privileged_group =
process_limit = 1
process_min_avail = 0
protocol =
service_count = 0
type =
unix_listener replicator {
group =
mode = 0600
user = $default_internal_user
user =
vsz_limit = 18446744073709551615 B
service ssl-params {
chroot =
client_limit = 0
drop_priv_before_exec = no
executable = ssl-params
extra_groups =
group =
idle_kill = 0
privileged_group =
process_limit = 0
process_min_avail = 0
protocol =
service_count = 0
type = startup
unix_listener login/ssl-params {
group =
mode = 0666
user =
user =
vsz_limit = 18446744073709551615 B
service stats {
chroot = empty
client_limit = 0
drop_priv_before_exec = no
executable = stats
extra_groups =
fifo_listener stats-mail {
group =
mode = 0600
user =
group =
idle_kill = 4294967295 secs
privileged_group =
process_limit = 1
process_min_avail = 0
protocol =
service_count = 0
type =
unix_listener stats {
group =
mode = 0600
user =
user = $default_internal_user
vsz_limit = 18446744073709551615 B
shutdown_clients = yes
ssl = yes
ssl_ca =
ssl_cert = /etc/ssl/certs/mail.crt
ssl_cert_username_field = commonName
ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL
ssl_client_cert =
ssl_client_key =
ssl_crypto_device =
ssl_key = /etc/ssl/private/mail.key
ssl_key_password =
ssl_parameters_regenerate = 1 weeks
ssl_protocols = !SSLv2
ssl_require_crl = yes
ssl_verify_client_cert = no
stats_command_min_time = 1 mins
stats_domain_min_time = 12 hours
stats_ip_min_time = 12 hours
stats_memory_limit = 16 M
stats_session_min_time = 15 mins
stats_user_min_time = 1 hours
submission_host =
syslog_facility = mail
userdb {
args =
default_fields =
driver = passwd
override_fields =
valid_chroot_dirs =
verbose_proctitle = no
verbose_ssl = yes
version_ignore = no
protocol imap {
imap_client_workarounds = delay-newmail tb-extra-mailbox-sep
Last edited by ryukafalz (2012-08-08 15:10:31)Oh, my apologies, I'd forgotten about the -n flag. In any case, the lines you quoted from my config are for smtp client auth, which I'm not using. The three lines you provided are for smtp server auth, and they're already in my config. My fault, it's easy to miss that when wading through that huge output I provided.
postconf -n output:
alias_database = $alias_maps
alias_maps = hash:/etc/postfix/aliases
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/lib/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
debug_peer_list = 127.0.0.1
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5
home_mailbox = Maildir/
html_directory = no
inet_interfaces = all
inet_protocols = ipv4
mail_owner = postfix
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
mydestination = $myhostname, localhost.$mydomain, localhost
mydomain = (hidden)
myhostname = (hidden)
mynetworks_style = host
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = no
sample_directory = /etc/postfix/sample
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous, noplaintext
smtpd_sasl_type = dovecot
unknown_local_recipient_reject_code = 550
postconf: warning: /etc/postfix/main.cf: unused parameter: smtpd_sasl_auth_only=yes
doveconf -n output (in case you need it):
# 2.1.9: /etc/dovecot/dovecot.conf
# OS: Linux 3.4.7-1-ARCH x86_64 Arch Linux
auth_debug = yes
auth_mechanisms = plain login
log_path = /var/log/dovecot.log
mail_access_groups = mail
mail_location = maildir:~/Maildir
passdb {
driver = pam
protocols = imap
service auth {
inet_listener {
port = 12345
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0666
user = postfix
unix_listener auth-client {
group = postfix
mode = 0660
user = postfix
user = root
ssl_cert = /etc/ssl/certs/mail.crt
ssl_key = /etc/ssl/private/mail.key
userdb {
driver = passwd
verbose_ssl = yes
protocol imap {
imap_client_workarounds = delay-newmail tb-extra-mailbox-sep -
Is there any way to harden Dovecot against POP/IMAP denial of service attacks?
It doesn’t happen very often, but every so often a script kiddie on the Internet hits Dovecot's POP ports on our mail server hard enough to bring mail service to a crawl such that legit users can’t log in to retrieve their mail. I would say that with our 2.66GHz Intel Core 2 Duo Mac Mini Server, when we receive sustained POP login attacks that exceed ten logins per second, then eventually Dovecot gets swamped with so many requests that legit users are excluded. [Our server runs runs OS X Server 10.6.8-10K549, by the way, and Dovecot 1.1.2apple0.5 is installed as determined by running “dovecotd --version”. We keep the mail sever up to date with all available Apple software updates on a weekly basis, so we have the latest and greatest security updates.]
Here’s the problem: I’ve been studying the Dovecot 1.x Wiki at http://wiki1.dovecot.org/ and finding a number of parameters that *sort* of address this denial-of-service vulnerability, but none that appear to harden Dovecot in a similar fashion as ssh or sftp are hardened. By this, I mean that when ssh or sftp detect multiple login attempts originating from the same address above some threshold, then future login attempts are ignored for a solid fifteen minutes no matter what the login name was in the attempts. I’d like something similar for Dovecot.
I am aware of the “mail_max_userip_connections” setting which can be set independently for POP and IMAP service (see http://wiki1.dovecot.org/MainConfig?highlight=%28mail_max_userip_connections%29). This almost does what I want in that it indeed restricts the number of logins for a particular user coming from a single IP address. The problem is that the script kiddies typically scatter their attacks over hundreds of different login names and they may only attempt three or four logins per user name. What I really want is a parameter which starts to ignore logins no matter what the user name if too many come from a single IP address at the same time. Against this, I also need to balance my mail server restrictions to allow perhaps five or ten of my users with laptops to be behind a remote firewall, so all of their legit logins may hit my server perhaps three to ten at a time which could potentially look like an attack if my tuning parameter is set too low. What I’d really like to find is a tuning parameter that excludes concerted attacks without excluding my legitimate users. I also don’t want to invest in extremely expensive (>$10,000) “smart” firewalls that adaptively look for this type of attack, such as are offered by Netgear and other networking equipment manufacturers.
By examining /etc/dovecot/dovecot.conf on my mail server, it seems that Apple’s defaults are to set IMAP mail_max_userip_connections to 20, and for POP to leave the mail_max_userip_connections parameter commented out. Would there be any downside to enabling POP's mail_max_userip_connections to 20 as well? Offhand I can’t see how this would affect my users. Unfortunately, I also think that if I set the POP mail_max_userip_connections to 20 this won’t have any effect on the attackers since they typically won’t try 20 different passwords for the same login name in a given attack. I’ll post a segment of a log showing an actual attack that occurred today from the San Bernadino School District that I’ve since blocked in my network’s firewall, but it will illustrate the type of hard-core denial-of-service attack that I’m referring to. The login attempts were coming in fast, around forty-per-second, and my mail service went down in a matter of minutes as a result. [Yes: I will report this user… I haven’t gotten around to it yet with other issues.]
Any thoughts?Here’s a ten second snippet from my mail server's log, showing how intense the login frequency was from the attacker, and also how (s)he was "scattering" the login names used which I suspect would be quite hard to filter out using POP's mail_max_userip_connections parameter. The attack lasted from 1:43:39 through a server restart at 1:50:18, and even about a minute later. The attack stopped at 1:51:36 before I was able to add a firewalling rule to my router or to exclude logins from the 163.150/16 subnet from my router [FYI — that's the San Bernadino Country School District, according to http://whois.arin.net/rest/net/NET-163-150-0-0-1/pft ].
Any thoughts on how to block this type of POP attack in Dovecot?
[FYI — I changed my actual server name to 'myserver' and the actual admin name to 'Administrator'.]
Jan 13 13:43:39 myserver dovecot[72]: auth(default): od(root,163.150.246.27): user account: root not enabled for mail
Jan 13 13:43:39 myserver dovecot[72]: auth(default): od[getpwnam_ext](admin,163.150.246.27): No record for user
Jan 13 13:43:39 myserver dovecot[72]: auth(default): od(admin,163.150.246.27): lookup failed for user: admin
Jan 13 13:43:39 myserver dovecot[72]: auth(default): od(webmaster,163.150.246.27): Credentials could not be verified username or password is invalid.
Jan 13 13:43:39 myserver dovecot[72]: auth(default): od[getpwnam_ext](user,163.150.246.27): No record for user
Jan 13 13:43:39 myserver dovecot[72]: auth(default): od(user,163.150.246.27): lookup failed for user: user
Jan 13 13:43:39 myserver dovecot[72]: auth(default): od[getpwnam_ext](test,163.150.246.27): No record for user
Jan 13 13:43:39 myserver dovecot[72]: auth(default): od(test,163.150.246.27): lookup failed for user: test
Jan 13 13:43:40 myserver dovecot[72]: auth(default): od[getpwnam_ext](web,163.150.246.27): No record for user
Jan 13 13:43:40 myserver dovecot[72]: auth(default): od(web,163.150.246.27): lookup failed for user: web
Jan 13 13:43:40 myserver dovecot[72]: auth(default): od(www,163.150.246.27): user account: _www not enabled for mail
Jan 13 13:43:40 myserver dovecot[72]: auth(default): od(administrator,163.150.246.27): user account: Administrator not enabled for mail
Jan 13 13:43:40 myserver dovecot[72]: auth(default): od[getpwnam_ext](oracle,163.150.246.27): No record for user
Jan 13 13:43:40 myserver dovecot[72]: auth(default): od(oracle,163.150.246.27): lookup failed for user: oracle
Jan 13 13:43:40 myserver dovecot[72]: auth(default): od(root,163.150.246.27): user account: root not enabled for mail
Jan 13 13:43:40 myserver dovecot[72]: auth(default): od[getpwnam_ext](admin,163.150.246.27): No record for user
Jan 13 13:43:40 myserver dovecot[72]: auth(default): od(admin,163.150.246.27): lookup failed for user: admin
Jan 13 13:43:40 myserver dovecot[72]: auth(default): od[getpwnam_ext](sybase,163.150.246.27): No record for user
Jan 13 13:43:40 myserver dovecot[72]: auth(default): od(sybase,163.150.246.27): lookup failed for user: sybase
Jan 13 13:43:40 myserver dovecot[72]: auth(default): od[getpwnam_ext](informix,163.150.246.27): No record for user
Jan 13 13:43:40 myserver dovecot[72]: auth(default): od(informix,163.150.246.27): lookup failed for user: informix
Jan 13 13:43:40 myserver dovecot[72]: auth(default): od(root,163.150.246.27): user account: root not enabled for mail
Jan 13 13:43:40 myserver dovecot[72]: auth(default): od(webmaster,163.150.246.27): Credentials could not be verified username or password is invalid.
Jan 13 13:43:40 myserver dovecot[72]: auth(default): od[getpwnam_ext](oracle8,163.150.246.27): No record for user
Jan 13 13:43:40 myserver dovecot[72]: auth(default): od(oracle8,163.150.246.27): lookup failed for user: oracle8
Jan 13 13:43:40 myserver dovecot[72]: auth(default): od(backup,163.150.246.27): user account: backup not enabled for mail
Jan 13 13:43:40 myserver dovecot[72]: auth(default): od(root,163.150.246.27): user account: root not enabled for mail
Jan 13 13:43:40 myserver dovecot[72]: auth(default): od(webmaster,163.150.246.27): Credentials could not be verified username or password is invalid.
Jan 13 13:43:40 myserver dovecot[72]: auth(default): od[getpwnam_ext](lizdy,163.150.246.27): No record for user
Jan 13 13:43:40 myserver dovecot[72]: auth(default): od(lizdy,163.150.246.27): lookup failed for user: lizdy
Jan 13 13:43:40 myserver dovecot[72]: auth(default): od[getpwnam_ext](test,163.150.246.27): No record for user
Jan 13 13:43:40 myserver dovecot[72]: auth(default): od(test,163.150.246.27): lookup failed for user: test
Jan 13 13:43:40 myserver dovecot[72]: auth(default): od[getpwnam_ext](user,163.150.246.27): No record for user
Jan 13 13:43:40 myserver dovecot[72]: auth(default): od(user,163.150.246.27): lookup failed for user: user
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od[getpwnam_ext](web,163.150.246.27): No record for user
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od(web,163.150.246.27): lookup failed for user: web
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od[getpwnam_ext](admin,163.150.246.27): No record for user
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od(admin,163.150.246.27): lookup failed for user: admin
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od(www,163.150.246.27): user account: _www not enabled for mail
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od[getpwnam_ext](server,163.150.246.27): No record for user
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od(server,163.150.246.27): lookup failed for user: server
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od[getpwnam_ext](test,163.150.246.27): No record for user
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od(test,163.150.246.27): lookup failed for user: test
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od[getpwnam_ext](data,163.150.246.27): No record for user
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od(data,163.150.246.27): lookup failed for user: data
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od(administrator,163.150.246.27): user account: Administrator not enabled for mail
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od[getpwnam_ext](web,163.150.246.27): No record for user
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od(web,163.150.246.27): lookup failed for user: web
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od(webmaster,163.150.246.27): Credentials could not be verified username or password is invalid.
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od[getpwnam_ext](user,163.150.246.27): No record for user
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od(user,163.150.246.27): lookup failed for user: user
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od[getpwnam_ext](account,163.150.246.27): No record for user
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od(account,163.150.246.27): lookup failed for user: account
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od(www,163.150.246.27): user account: _www not enabled for mail
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od[getpwnam_ext](oracle,163.150.246.27): No record for user
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od(oracle,163.150.246.27): lookup failed for user: oracle
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od[getpwnam_ext](sybase,163.150.246.27): No record for user
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od(sybase,163.150.246.27): lookup failed for user: sybase
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od[getpwnam_ext](test,163.150.246.27): No record for user
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od(test,163.150.246.27): lookup failed for user: test
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od[getpwnam_ext](access,163.150.246.27): No record for user
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od(access,163.150.246.27): lookup failed for user: access
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od(administrator,163.150.246.27): user account: Administrator not enabled for mail
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od[getpwnam_ext](web,163.150.246.27): No record for user
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od(web,163.150.246.27): lookup failed for user: web
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od[getpwnam_ext](pwrchute,163.150.246.27): No record for user
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od(pwrchute,163.150.246.27): lookup failed for user: pwrchute
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od[getpwnam_ext](oracle,163.150.246.27): No record for user
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od(oracle,163.150.246.27): lookup failed for user: oracle
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od[getpwnam_ext](informix,163.150.246.27): No record for user
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od(informix,163.150.246.27): lookup failed for user: informix
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od(www,163.150.246.27): user account: _www not enabled for mail
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od[getpwnam_ext](sybase,163.150.246.27): No record for user
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od(sybase,163.150.246.27): lookup failed for user: sybase
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od[getpwnam_ext](oracle8,163.150.246.27): No record for user
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od(oracle8,163.150.246.27): lookup failed for user: oracle8
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od(administrator,163.150.246.27): user account: Administrator not enabled for mail
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od[getpwnam_ext](informix,163.150.246.27): No record for user
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od(informix,163.150.246.27): lookup failed for user: informix
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od[getpwnam_ext](test,163.150.246.27): No record for user
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od(test,163.150.246.27): lookup failed for user: test
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od[getpwnam_ext](admin,163.150.246.27): No record for user
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od(admin,163.150.246.27): lookup failed for user: admin
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od(backup,163.150.246.27): user account: backup not enabled for mail
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od[getpwnam_ext](user,163.150.246.27): No record for user
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od(user,163.150.246.27): lookup failed for user: user
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od(webmaster,163.150.246.27): Credentials could not be verified username or password is invalid.
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od(root,163.150.246.27): user account: root not enabled for mail
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od[getpwnam_ext](oracle,163.150.246.27): No record for user
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od(oracle,163.150.246.27): lookup failed for user: oracle
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od[getpwnam_ext](lizdy,163.150.246.27): No record for user
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od(lizdy,163.150.246.27): lookup failed for user: lizdy
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od[getpwnam_ext](oracle8,163.150.246.27): No record for user
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od(oracle8,163.150.246.27): lookup failed for user: oracle8
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od[getpwnam_ext](sybase,163.150.246.27): No record for user
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od(sybase,163.150.246.27): lookup failed for user: sybase
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od(backup,163.150.246.27): user account: backup not enabled for mail
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od[getpwnam_ext](server,163.150.246.27): No record for user
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od(server,163.150.246.27): lookup failed for user: server
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od[getpwnam_ext](user,163.150.246.27): No record for user
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od(user,163.150.246.27): lookup failed for user: user
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od(root,163.150.246.27): user account: root not enabled for mail
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od[getpwnam_ext](admin,163.150.246.27): No record for user
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od(admin,163.150.246.27): lookup failed for user: admin
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od[getpwnam_ext](informix,163.150.246.27): No record for user
Jan 13 13:43:41 myserver dovecot[72]: auth(default): od(informix,163.150.246.27): lookup failed for user: informix
Jan 13 13:43:42 myserver dovecot[72]: auth(default): od[getpwnam_ext](lizdy,163.150.246.27): No record for user
Jan 13 13:43:42 myserver dovecot[72]: auth(default): od(lizdy,163.150.246.27): lookup failed for user: lizdy
Jan 13 13:43:42 myserver dovecot[72]: auth(default): od[getpwnam_ext](admin,163.150.246.27): No record for user
Jan 13 13:43:42 myserver dovecot[72]: auth(default): od(admin,163.150.246.27): lookup failed for user: admin
Jan 13 13:43:42 myserver dovecot[72]: auth(default): od[getpwnam_ext](data,163.150.246.27): No record for user
Jan 13 13:43:42 myserver dovecot[72]: auth(default): od(data,163.150.246.27): lookup failed for user: data
Jan 13 13:43:42 myserver dovecot[72]: auth(default): od[getpwnam_ext](oracle8,163.150.246.27): No record for user
Jan 13 13:43:42 myserver dovecot[72]: auth(default): od(oracle8,163.150.246.27): lookup failed for user: oracle8
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od(webmaster,163.150.246.27): Credentials could not be verified username or password is invalid.
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od(backup,163.150.246.27): user account: backup not enabled for mail
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od[getpwnam_ext](user,163.150.246.27): No record for user
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od(user,163.150.246.27): lookup failed for user: user
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od[getpwnam_ext](access,163.150.246.27): No record for user
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od(access,163.150.246.27): lookup failed for user: access
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od[getpwnam_ext](pwrchute,163.150.246.27): No record for user
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od(pwrchute,163.150.246.27): lookup failed for user: pwrchute
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od[getpwnam_ext](server,163.150.246.27): No record for user
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od(server,163.150.246.27): lookup failed for user: server
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od[getpwnam_ext](server,163.150.246.27): No record for user
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od(server,163.150.246.27): lookup failed for user: server
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od[getpwnam_ext](data,163.150.246.27): No record for user
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od(data,163.150.246.27): lookup failed for user: data
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od[getpwnam_ext](lizdy,163.150.246.27): No record for user
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od(lizdy,163.150.246.27): lookup failed for user: lizdy
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od(root,163.150.246.27): user account: root not enabled for mail
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od[getpwnam_ext](account,163.150.246.27): No record for user
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od(account,163.150.246.27): lookup failed for user: account
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od[getpwnam_ext](test,163.150.246.27): No record for user
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od(test,163.150.246.27): lookup failed for user: test
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od[getpwnam_ext](web,163.150.246.27): No record for user
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od(web,163.150.246.27): lookup failed for user: web
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od[getpwnam_ext](access,163.150.246.27): No record for user
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od(access,163.150.246.27): lookup failed for user: access
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od[getpwnam_ext](admin,163.150.246.27): No record for user
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od(admin,163.150.246.27): lookup failed for user: admin
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od[getpwnam_ext](account,163.150.246.27): No record for user
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od(account,163.150.246.27): lookup failed for user: account
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od[getpwnam_ext](data,163.150.246.27): No record for user
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od(data,163.150.246.27): lookup failed for user: data
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od(www,163.150.246.27): user account: _www not enabled for mail
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od[getpwnam_ext](admin,163.150.246.27): No record for user
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od(admin,163.150.246.27): lookup failed for user: admin
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od(administrator,163.150.246.27): user account: Administrator not enabled for mail
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od(www,163.150.246.27): user account: _www not enabled for mail
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od[getpwnam_ext](oracle8,163.150.246.27): No record for user
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od(oracle8,163.150.246.27): lookup failed for user: oracle8
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od[getpwnam_ext](oracle,163.150.246.27): No record for user
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od(oracle,163.150.246.27): lookup failed for user: oracle
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od(administrator,163.150.246.27): user account: Administrator not enabled for mail
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od[getpwnam_ext](oracle8,163.150.246.27): No record for user
Jan 13 13:43:44 myserver dovecot[72]: auth(default): od(oracle8,163.150.246.27): lookup failed for user: oracle8
Jan 13 13:43:46 myserver dovecot[72]: auth(default): od(webmaster,163.150.246.27): Credentials could not be verified username or password is invalid.
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od[getpwnam_ext](oracle,163.150.246.27): No record for user
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od(oracle,163.150.246.27): lookup failed for user: oracle
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od[getpwnam_ext](data,163.150.246.27): No record for user
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od(data,163.150.246.27): lookup failed for user: data
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od[getpwnam_ext](lizdy,163.150.246.27): No record for user
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od(lizdy,163.150.246.27): lookup failed for user: lizdy
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od[getpwnam_ext](admin,163.150.246.27): No record for user
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od(admin,163.150.246.27): lookup failed for user: admin
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od(backup,163.150.246.27): user account: backup not enabled for mail
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od[getpwnam_ext](user,163.150.246.27): No record for user
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od(user,163.150.246.27): lookup failed for user: user
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od[getpwnam_ext](admin,163.150.246.27): No record for user
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od(admin,163.150.246.27): lookup failed for user: admin
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od[getpwnam_ext](test,163.150.246.27): No record for user
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od(test,163.150.246.27): lookup failed for user: test
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od[getpwnam_ext](web,163.150.246.27): No record for user
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od(web,163.150.246.27): lookup failed for user: web
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od[getpwnam_ext](account,163.150.246.27): No record for user
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od(account,163.150.246.27): lookup failed for user: account
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od(www,163.150.246.27): user account: _www not enabled for mail
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od[getpwnam_ext](admin,163.150.246.27): No record for user
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od(admin,163.150.246.27): lookup failed for user: admin
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od(backup,163.150.246.27): user account: backup not enabled for mail
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od[getpwnam_ext](oracle8,163.150.246.27): No record for user
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od(oracle8,163.150.246.27): lookup failed for user: oracle8
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od[getpwnam_ext](web,163.150.246.27): No record for user
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od(web,163.150.246.27): lookup failed for user: web
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od[getpwnam_ext](web,163.150.246.27): No record for user
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od(web,163.150.246.27): lookup failed for user: web
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od[getpwnam_ext](informix,163.150.246.27): No record for user
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od(informix,163.150.246.27): lookup failed for user: informix
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od[getpwnam_ext](oracle,163.150.246.27): No record for user
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od(oracle,163.150.246.27): lookup failed for user: oracle
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od[getpwnam_ext](test,163.150.246.27): No record for user
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od(test,163.150.246.27): lookup failed for user: test
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od[getpwnam_ext](lizdy,163.150.246.27): No record for user
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od(lizdy,163.150.246.27): lookup failed for user: lizdy
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od(backup,163.150.246.27): user account: backup not enabled for mail
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od(www,163.150.246.27): user account: _www not enabled for mail
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od[getpwnam_ext](sybase,163.150.246.27): No record for user
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od(sybase,163.150.246.27): lookup failed for user: sybase
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od(administrator,163.150.246.27): user account: Administrator not enabled for mail
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od(root,163.150.246.27): user account: root not enabled for mail
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od[getpwnam_ext](sybase,163.150.246.27): No record for user
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od(sybase,163.150.246.27): lookup failed for user: sybase
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od[getpwnam_ext](informix,163.150.246.27): No record for user
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od(informix,163.150.246.27): lookup failed for user: informix
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od[getpwnam_ext](sybase,163.150.246.27): No record for user
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od(sybase,163.150.246.27): lookup failed for user: sybase
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od[getpwnam_ext](server,163.150.246.27): No record for user
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od(server,163.150.246.27): lookup failed for user: server
Jan 13 13:43:48 myserver dovecot[72]: auth(default): od(www,163.150.246.27): user account: _www not enabled for mail -
Mail Server: problem configuring dovecot with postifx and virtualhosts
Hi all,
I'm am struggling trying to configure a mail server. I have a dedicated server running archlinux.
I want to setup a complete mail server, ie: web access (for that I installed roundcube) and being able to retrieve mails on any e-mail client.
I followed this guide, from the documentation but I've read that courier-imap is a lot more resources hungry than dovecot. As I could not have it working using the documentation, I tought I would use dovecot. The problem is that I am not able to configure it.
What I already have up and running: web server (nginx) with postfixadmin and roundcubemail, postfix, mysql.
Now, I want to be able to send and receive mails using dovecot. Could you guide me a little in order to replace courier-imap with dovecot, starting from this documentation? I already have my databases configured, a vmail user, ssl certificates and postifx configured for virtualhosts. Seems that the only thing missing is imap + smts thrue TLS.
Thanks for any help.
Last edited by Rolinh (2011-08-17 10:40:19)The dovecot configuration files are very well commented with documentation and examples in /etc/dovecot/
As for TLS and SMTP Auth, this is the relevant part of my main.cf for postfix:
# TLS Settings
smtpd_use_tls = yes
smtpd_tls_key_file = /etc/postfix/wildcard.example.com.key
smtpd_tls_cert_file = /etc/postfix/wildcard.example.com.crt
smtpd_tls_CAfile = /etc/postfix/root.crt
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_loglevel = 1
smtpd_tls_session_cache_timeout = 3600s
smtp_use_tls = yes
smtp_tls_security_level = may
smtp_tls_note_starttls_offer = yes
tls_random_source = dev:/dev/urandom
# Enable SMTP authentication support
broken_sasl_auth_clients = yes
smtp_sasl_auth_enable = no
smtpd_sasl_auth_enable = yes
smtpd_sasl_type = dovecot
smtpd_sasl_local_domain = $mydomain
smtpd_sasl_path = /srv/postfix/private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_authenticated_header = yes
smtpd_sender_restrictions = permit_sasl_authenticated
Last edited by fukawi2 (2011-08-17 12:33:15) -
[SOLVED]Dovecot error when roundcube tries to test IMAP
I am trying to get a virtual user mail server up and running. I have VM setup to be just a mail server. I have a couple things not working but Ill start with trying to resolve this error first.
error with journalctl -b -u dovecot
Aug 13 19:22:46 hermes dovecot[574]: master: Dovecot v2.2.13 starting up for imap, sieve (core dumps disabled)
Aug 13 19:23:58 hermes dovecot[577]: imap-login: Fatal: Can't load private ssl_key: Key is for a different cert than ssl_cert
Aug 13 19:23:58 hermes dovecot[574]: master: Error: service(imap-login): command startup failed, throttling for 2 secs
Aug 13 19:24:07 hermes dovecot[577]: imap-login: Fatal: Can't load private ssl_key: Key is for a different cert than ssl_cert
Aug 13 19:24:07 hermes dovecot[574]: master: Error: service(imap-login): command startup failed, throttling for 4 secs
I tried deleting the dovecot.pem files and recreating the ssl cert and that did not change the error.
dovecot.conf
protocols = imap sieve
ssl = yes
ssl_cert = </etc/ssl/certs/server.crt
ssl_key = </etc/ssl/private/server.key
first_valid_uid = 5000
first_valid_gid = 5000
mail_home = /home/vmail/%d/%u
mail_location = maildir:~
auth_mechanisms = plain login cram-md5
auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
service auth {
unix_listener auth-client {
group = postfix
mode = 0660
user = postfix
user = root
protocol imap {
imap_client_workarounds = delay-newmail tb-extra-mailbox-sep
protocol lda {
postmaster_address = [email protected]
hostname = example.com
sendmail_path = /usr/sbin/sendmail
mail_plugins = sieve
log_path = /var/log/dovecot-lda-errors.log
info_log_path = /var/log/dovecot-lda.log
service managesieve-login {
inet_listener sieve {
port = 4190
service managesieve {
protocol sieve {
# Defaults are OK, so nothing in this section.
plugin {
sieve = ~/.dovecot.sieve
sieve_global_path = /home/vmail/sieve.sieverc
sieve_dir = ~/
passdb {
driver = sql
args = /etc/dovecot/dovecot-sql.conf
userdb {
driver = sql
args = /etc/dovecot/dovecot-sql.conf
dovecot-sql.conf
driver = mysql
connect = host=localhost dbname=postfix_db user=user password=password
default_pass_scheme = MD5-CRYPT
user_query = SELECT '/home/vmail/%d/%u' as home, 'maildir:/home/vmail/%d/%u' as mail, 5000 AS uid, 5000 AS gid, concat('dirsize:storage=', quota) AS quota FROM mailbox WHERE username = '%u' AND active = '1'
password_query = SELECT username as user, password, '/home/vmail/%d/%u' as userdb_home, 'maildir:/home/vmail/%d/%u' as userdb_mail, 5000 as userdb_uid, 5000 as userdb_gid FROM mailbox WHERE username = '%u' AND active = '1'
Thank you to anyone who takes the time to read and especially anyone who takes the time to reply.
Last edited by ScottMB (2014-08-15 11:42:56)fixed. I was pointing to the incorrect ssl_cert.
-
Error: Can't connect to auth server at /var/run/dovecot/auth-master: No such file or directory
error showing up, there is no auth-master file in /var/run/dovecot
this has just happnened over night
any ideas how to re-install dovecot
google search goes on about linux but barely any info about max osx serverauth-master is created when you start the mail service. Deleted if you stop the mail service. If that is not happening, you may have to re-install mail. Dovecot is the IMAP/POP part of the mail service. I am not sure what happens if you disable IMAP. I am guessing it is not there. But that is the extent of any tips I can offer. I suppose you could reinstall, but that seems a bit extreme to me.
-
Question about Mailserver and Dovecot policies
Hello Apple Cummunity members,
I'm currently installing a mac mini server for a client in the health sector. The installation and migration from 10.6 to 10.7 went smoothly but we hit a problem.
This healthcare bussiness has never used e-mailservice from a mac server but want to switch to mail services that are built into 10.7. The problem we are facing is about group-e-mail. We want to be able to use group e-mail like distribution groups in Exchange, and we don't want to use the built-in mailing-lists because we think they are not as user friendly as apple discribes. So we came up with a solution that utilizes server-side rules to forward e-mail from one e-mail adress to all the employees. The problem with this setup is that dovecot (mail managing) doesn't allow for more than four simultaneous forwards in server-side rules. I located the policy file in mountain lion server. But since we are using lion, this wasn't very usefull. I found a few lines that described the limitation to the amount of simultaneous forwards. But again, this was in mountain lion.
My questions are:
What version of dovecot does lion run on?
Is it possible for us to edit the policy configuration file from dovecot?
if so, where is this policy configuration file located in Mac OS X Lion?
Is there another soluciton in Mac OS X Lion Server to use a kind of distribution group-like feature?
I'm truly greatfull for all the help you guys can give me on this.
Kind regards,
Léon van de Broek
NetherlandsHi,
Agree with words of Samir, for more details you can refer the article “Understanding Authorization Policies for Remote Desktop Gateway”, might help in your case.
Hope it helps!
Thanks.
Dharmesh Solanki
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected] -
These may be two different problems, but they happen about the same time and resolution work arounds work for both.
1) My inbox occasionally fills up with duplicates of most (but not all) messages. There seems to be no rhyme or reason behind what gets duplicated. Once duplication starts, the messages that appear multiple times usually appear about the same number of repeats (1-5 repeats of each message) but not always exactly the same.
Weirdly, sometimes an incoming mail triggers a refresh that disappears the duplicate messages and everything goes back to normal for a while spontaneously.
I've tried Properties->Repair folder, manually deleting the .msf files, restarting TB, rebooting the computer, restarting the mail server, and changing mail directories. Restarting the server does nothing, the others sometimes but not always resolve the problem temporarily. (all the fixes I could find from similar problems posted by others).
It is quite annoying - not only does my inbox become unreadable, I don't know which instance to reply to.
I'm connected to the same account on the same server with K9 and have no such problems.
Problem 2: occasionally the header of a message in the list pane doesn't match the message in the preview pane. The above fixes resolve this problem to greater or lesser degree most of the time as well, but it always comes back.
Is there a problem between TB and Dovecot? are there any possible fixes?
I've been having this problem for a while: http://forums.mozillazine.org/viewtopic.php?f=39&t=2852813
Maybe has found a fix? I keep hoping an update will magically fix the problem, but so far no such luck.
-DavidThese may be two different problems, but they happen about the same time and resolution work arounds work for both.
1) My inbox occasionally fills up with duplicates of most (but not all) messages. There seems to be no rhyme or reason behind what gets duplicated. Once duplication starts, the messages that appear multiple times usually appear about the same number of repeats (1-5 repeats of each message) but not always exactly the same.
Weirdly, sometimes an incoming mail triggers a refresh that disappears the duplicate messages and everything goes back to normal for a while spontaneously.
I've tried Properties->Repair folder, manually deleting the .msf files, restarting TB, rebooting the computer, restarting the mail server, and changing mail directories. Restarting the server does nothing, the others sometimes but not always resolve the problem temporarily. (all the fixes I could find from similar problems posted by others).
It is quite annoying - not only does my inbox become unreadable, I don't know which instance to reply to.
I'm connected to the same account on the same server with K9 and have no such problems.
Problem 2: occasionally the header of a message in the list pane doesn't match the message in the preview pane. The above fixes resolve this problem to greater or lesser degree most of the time as well, but it always comes back.
Is there a problem between TB and Dovecot? are there any possible fixes?
I've been having this problem for a while: http://forums.mozillazine.org/viewtopic.php?f=39&t=2852813
Maybe has found a fix? I keep hoping an update will magically fix the problem, but so far no such luck.
-David -
[solved] dovecot errors after renewing SSL certificate
System:
OS X Server (Mountain Lion) 2.2
Using a single SSL Certificate for all services.
Symptom:
Users can't log into their IMAP accounts hosted on OS X Server (Mountain Lion) after renewing SSL Certificate
Diagnostics:
Give you an indication whether it's this problem. Some or all may apply:
Log shows all kinds of dovecot errors. e.g.
dovecotd[nnn]: master: Error: service(config): command startup failed, throttling
config: Fatal: Error in configuration file /Library/Server/Mail/Config/dovecot/dovecot.conf: ssl enabled, but ssl_cert not set
dovecotd[nnn]: master: Error: service(config): command startup failed, throttling
/Library/Server/Mail/Config/dovecot/conf.d/10-ssl.conf shows commented out lines:
ssl_cert
ssl_key
ssl_ca
Solution:
Go to the Certificates pane of the Server App and choose Secure Services Using: Custom
Set IMAP and POP server certificates to to None
Keep an eye on what the server App is doing to /Library/Server/Mail/Config/dovecot/conf.d/10-ssl.conf
Now set Secure Services Using: <My single SSL Certificate for all services>
Keep an eye on what the server App is doing to /Library/Server/Mail/Config/dovecot/conf.d/10-ssl.conf and you should now see all the ssl* settings as you would expect, and pointing to the correct SSL certificate in /etc/certificates
Hope this works for you too!I had something similar happen. When I do anything with SSL certificates it deletes any regular websites. Only the sites that are setup for https are listed.
Couldn't understand why my website wasn't working and it turned out that the system had deleted it. The web server had multiple host set and I had to rebuild all the ones that had used port 80. All the ones that use 443 were fine.
Hope this helps. -
Some incoming messages sent via dovecot are not arriving in inboxes
One of my clients has just found out that messages sent to her, from a specific sender were never received. The recipient has no rules set-up in Outlook, and looking at her account via IMAP/WebMail show no sign of the messages either. The SMTP log seems to show it getting processed and then the: delivered via dovecot service" message at the end of the process. But the message never shows up in my clients inbox. My client is a lawyer and right now she's worrying about other messages that may have not made their way into her inbox. I'm using SpamAssasin, ClamAV, spamhaus black lists, but everything in the log looks OK to me. is it possible that the sender is using an SMTP server other than the registered domain and that is causing the reverse lookup to reject it? I can't find anything in the logs to show that the messages are getting rejected at some point along the way. And they're not sitting in the Que waiting to be distributed. i'm stumped.
One of my clients has just found out that messages sent to her, from a specific sender were never received. The recipient has no rules set-up in Outlook, and looking at her account via IMAP/WebMail show no sign of the messages either. The SMTP log seems to show it getting processed and then the: delivered via dovecot service" message at the end of the process. But the message never shows up in my clients inbox. My client is a lawyer and right now she's worrying about other messages that may have not made their way into her inbox. I'm using SpamAssasin, ClamAV, spamhaus black lists, but everything in the log looks OK to me. is it possible that the sender is using an SMTP server other than the registered domain and that is causing the reverse lookup to reject it? I can't find anything in the logs to show that the messages are getting rejected at some point along the way. And they're not sitting in the Que waiting to be distributed. i'm stumped.
-
Move 10.6.8 Dovecot to clean server setup 3.1.2
Hi All,
I am planing to do a clean Server.app 3.1.2 on 10.9.3 setup. I currently have a 10.6.8 Server running e-mail. Both are Dovecot but when I setup new Users on 10.9.3 they will have new GUID. The Dovecot mail directories will not match without some manual labor.
Any ideas or suggestions on how to tackle this would be helpful.
Thank you in advance.Thank You bobaloo2,
Sounds like a solid way to go. Just curious with the "Export your users and groups from Snow Leopard Server" and import into Mavericks server will I still have the Schema errors I have under 10.6.8?
Since I migrated each server update starting 10.3 to 10.4 then jump to 10.6.8 I noticed some fields give me errors when I try to enter them. I was informed this was a Schema issues but I should not worry to much. (i.e. Under WGM fill user "info" fields in like "Company, JobTitle, Department") These field where added later in the server builds but even when I create brand new users under 10.6.8 I can not add to these fields since to the best of my understanding the migration imported the old Schema as well as other related Open directory data.
I will try the move and CLI perm on the Mail and post back my results. -
Note: Mail.app and Folders with Dovecot - Copying Folders w Subfolders
I found a problem with Apple Mail regarding folder creation with the new Dovecot Server...
Say you import some mail from Eudora or some other mail client, and you have folders with no messages, only subfolders (or mailboxes if you want to call them that). The mailbox on "My Mac" appears white instead of blue, and you can see the subfolders just fine and everything looks great. Drag that folder (the white one with subfolders) to your IMAP account to copy it to the server. It will copy just fine. Now try to rename or delete that white folder you just copied to the server. You will get the following error:
For this example I will call the problem folder "TestFolder"
The IMAP command RENAME (or DELETE if you try to delete) (to TestFolder) failed with the server error: Mailbox does not exist: TestFolder
The problem is this:
Dovecot creates folders and subfolders as separate directories on the server:
.TestFolder
.TestFolder.TestSubFolder1
.TestFolder.TestSubFolder2
In the above example, there is a folder (or mailbox) called TestFolder with two folders inside it, TestSubFolder1, and TestSubFolder2. This example is the correct way to create a folder with dovecot, or if not "correct", at least you can delete or rename the "TestFolder" without an error.
What happens with Apple Mail (Mail.app), is that when you drag a white folder to the server, it would create the following:
.TestFolder.TestSubFolder1
.TestFolder.TestSubFolder2
Notice the root folder .TestFolder is missing. This is why you get the error message noted above. If you create .TestFolder in the directory, chmod 700 .TestFolder and chown <username> .TestFolder, you can rename or delete the problem folder (notice it turns blue as well). This gets rather annoying when dealing with multiple folders/subfolders, and is not a real graceful way of dealing with the situation.
Apparently there is some intended difference with the white folders and blue folders, in that blue folders can contain messages but white folders can only contain other folders. Great, but Mail.app needs to somehow create the folder on the server in a way that is compatible with Dovecot.
If someone has a developer account (mine keeps complaining that there is missing information, but there is no missing information and won't let me log in), could you post this as a bug report? I'll deal with my developer account later...
Thanks.> It's not that they don't show up in Mail. In Mail, they are in their
(manually) sorted folders. On the server they are in BOTH their
sorted folder, AND the main inbox where they first appeared.
Yes, but what I’m saying is that, according to your reports, even after rebuilding the Inbox of the .Mac account that has the problem, there are still messages in that mailbox on the server that don’t show up in Mail in that same mailbox. Is that correct? This is what doesn’t make sense to me...
> Mac-mydotmacusername1
Mac-mydotmacusername2
[email protected]
So you have two .Mac accounts and a POP account. You hadn’t mentioned this before, had you? I got the impression that you only had one .Mac account...
Which account has the problem, i.e. for which account there are messages on the server’s Inbox that don’t show up in Mail even after rebuilding that mailbox? Are you moving messages from a .Mac account’s Inbox to custom mailboxes of that same account or to mailboxes associated with the other .Mac account?
<hr>
Try this to determine the scope of the problem:
1. Go to Apple Menu > System Preferences > Accounts and create a new user account for testing purposes.
2. Either log out of your main user account or just quit Mail so that it does not interfere with the other user account.
3. Log in as the newly created user and set up Mail anew there.
4. For spam-related security reasons, go to Preferences > Viewing and disable Display remote images in HTML messages if it’s enabled.
5. If you set up a POP account, go to Preferences > Accounts > Advanced and disable Remove copy from server after retrieving a message if it’s enabled, to avoid messages being accidentally removed from the server while testing.
6. Check whether the problem also happens when logged in as another user. -
I tried to set up a mailserver on my server, and it is possible to recieve mails normally. Strangely, whenever I connect to my server via a mailclient, it does not seem to get any emails, nor can I send any. The error message
May 25 15:47:37 thunderserver sm-mta[14374]: r4PDeNDN014241: SYSERR(root): Cannot exec /usr/bin/procmail: No such file or directory
makes me scratch my head. procmail is intalled, has a barebone config, and the file does exist. I triple checked it. Where could be the issue that 1. the mailclient cannot get mails from my server 2. cannot send any?
Thanks in advancenh1256 wrote:Mar 09 06:03:31 mail postfix/pipe[18980]: EDC9B1C8047C: to=<[email protected]>, relay=dovecot, delay=592, delays=592/0.05/0/0.12, dsn=4.3.0, status=deferred (temporary failure)
The dovecot logs should tell why dovecot fails to accept the mail. -
How do I stop/disable/remove dovecot and postfix?
Hello,
So the story is somehow I managed to install Lion Server on my personal computer from the App Store. Fine until I realized all the proccesses my computer is spending resources on now. I've looked through what I think is every guide in the book on how to "remove" Lion Server, meaning just disable the additional servers it installs. I think I've gotten almost all of it, following basic things such as shutting everything "off" in Server.app.
Seems that though, no matter what Launch daemons or agents I disable, two are persistent on starting up with my comptuer and I can't seem to rid myself of them. Yes, I need to stop/disable/remove them. The following shows up in Console.app > All Messages:
Dovecot (or something related):
1/24/12 10:57:58.490 PM dovecot: lda: Error: userdb lookup: connect(/var/run/dovecot/auth-userdb) failed: No such file or directory
1/24/12 10:57:58.491 PM dovecot: lda: Fatal: Internal error occurred. Refer to server log for more information.
Postfix:
1/24/12 10:57:58.105 PM postfix/master: master exit time has arrived
1/24/12 10:57:58.143 PM postfix/master: daemon started -- version 2.8.4, configuration /etc/postfix
1/24/12 10:57:58.160 PM postfix/qmgr: 127555F00C2C: from=<>, size=6804, nrcpt=1 (queue active)
1/24/12 10:57:58.508 PM postfix/pipe: 127555F00C2C: to=<[email protected]>, relay=dovecot, delay=2877, delays=2876/0.03/0/0.31, dsn=4.3.0, status=deferred (temporary failure)
I believe both of these are related to mail somehow. I have ticked off "Mail" switch box in Server.app.
These messages keep on looping in the Console since I'm assuming they are crashing and then restarting due to a "stay alive" in some plist file I can't seem to find...
Please, I would be very grateful to anyone who can help me unclutter my Console of these messages. I know I can filter senders, but I will like to see if I might get some advice to resolve this. I'm sure it's minimal, but it can't be good for battery life. I wish I had the time to do a fresh install of the client.
Cheers!
RyanI have the exact same problem, and I'd appreciate a response. My logs are flooded by nonsense!
-
How: poll POP3 from ISP and feed into OSX mail server (Dovecot)
Hi all,
My desire: use IMAP for all my iOS and OSX devices to forget about the synchronization nightmare when using POP.
My ISP only provides POP3, and I can fetch emails from his POP3 server so they end up in my mail client on any OSX workstation.
But I want to use IMAP via the Dovecot email server on OSX server mountain lion.
How do I implement that missing link?
Can this be done by a cron script, mimicking a MTA?
Somehow the OSX mailserver cannot be convinced to fetch the emails from the POP3 server at the Internet Server Provider (ISP).
All the OSX or iOS device connects to my OSX Mountain Lion server running the mailserver (i.e. Dovecot).
In my private network sending emails and fetching them using IMAP already works fine.
I am lost on this one. Any help would be appreciated.
Thanks already.
best regards,
BolkoOne solution is to use a server based software (i.e. that runs on OS X server) which polls a remote POP3 server and delivers mail to an SMTP server — the Postfix SMTP server on your OS X server (NOT Dovecot, Postfix is the SMTP server which then hands off mail to Dovecot the IMAP on your OS X server)
This software would have to be installed 'by hand' meaning you have to download the source and compile it as is standard with Linux type utilities.
Here is link to the utility 'fetchmail'.
http://fetchmail.berlios.de/index.html
You may want to confirm with the package maintainers that this would work on OS X. If you are not comfortable working at the level of installing Linux packages then I would advise not to proceed.
UPDATE: I found this page on the Apple developers website:
http://developer.apple.com/library/mac/#documentation/Darwin/Reference/ManPages/ man1/fetchmail.1.html
it refers to the fetchmail program above so it looks like it runs OK on OS X, but you still have to manually set it up.
Another option is this software
http://www.sspi-software.com/mailfwd_macx.html
I don't have any experience with it personally and I don't know if it can run as a service (that is with no-one logged into the machine). -
I have a 2011 Mac mini, 8GB ram, default 10.7.4 server install. Filesharing, OD (replica) and most things work fine.
Recently i've set my sights on getting non-spammy logs, and as such i've started to try to resolve every repeating log message.
Today the message is:
Jun 4 16:22:42 minecraft dovecot[3586]: lda: Error: userdb lookup: connect(/var/run/dovecot/auth-userdb) failed: Operation timed out
Jun 4 16:22:42 minecraft dovecot[3586]: lda: Fatal: Internal error occurred. Refer to server log for more information.
(every 30 seconds!)
Some poking in the config -
Dovecot SMTP (out/incoming) will not stop, if i stop it it stalls on "shutting down" and after a minute it's running again. All other parts of the server are "stopped".
As a solution i tried to configure the mail server, set it up as if i would start using it. (So it would make all configs and such) then stop the server.
Also i cleared the Mail queue and deleted all account data from the maintenance tab (server admin)
I have deleted the sockets and recreated them.
None of this worked.
Any ideas?I think i solved it, in part i already did, but i've updated this earlier post - http://meandmymac.net/1470/lion-server-still-broken-mail-this-time/
Maybe you are looking for
-
Mandatory condition VPRS is missing
Does the total stock of material affects the pricing condition to not to determine the standard cost? when i check on the analysis, the diagnosis in the pricing condition vprs says the minimum amount of free goods condition is not reached that is why
-
Opening numbers file on iPhone
I have created a numbers file on my mac, then uploaded it to iCloud. When I try and open the file in Numbers on my iPhone, I get the message "....an unknown error occurred spreadsheet couldn't be imported..." I have tried different spreadsheets and e
-
When fire fox newest virson down loads and installs i get nothing but a blank page
when your new version down loads and installs i get a blank page and fire fox does not work then i have to go to a restore point to remove the down load == This happened == A few times a week == new version down loaded
-
JBOSS implementation for JSF : error Log4JConversionFilter
Hello comunity!! This is my problem, :D i have a small application with JSF and Facelets that run on Jboss Server Application 5.0.1GA. The application uses JBOSS implementation for JSF (it uses jboss libraries to jsf core (SUN -RI - 1.2_10) ). When i
-
I cannot play video content on itunes using my ibook g4. I can download it and play it on my ipod. I can watch video content on bbc iplayer and youtube but if i try video content on itunes the below error occurs and itunes crashes. Can anyone help? D