Installing Dovecot and sieve on a vpopmail + qmail server

January 10, 2018 Roberto Puzzanghera46 comments

Overview

Dovecot is an open source IMAP and POP3 email server for Linux/UNIX-like systems, written with security primarily in mind. Dovecot is an excellent choice for both small and large installations. It's fast, simple to set up, requires no special administration and it uses very little memory.

Dovecot is simple to configure, the project is alive and the documentation is exhaustive. In addition there is the support for vpopmail (while Courier IMAP no more). I found Dovecot so friendly that I decided to switch off qmail-pop3d and use Dovecot not only as an IMAP but also as a POP3 server. I will show how to configure a secure connection as well.

If you want to support filters in your email you have to manage Sieve rules by means of the dovecot-pigeonhole server. When you create a filter with your webmail or email client, you write a Sieve script to customize how messages are delivered, e.g. whether they are forwarded, rejected or stored in special folders. But, in order to do so, Dovecot must also act as a Local Delivery Agent in place of vpopmail/vdelivermail, e.g. it must be Dovecot to store the email messages in the users' Maildirs. This guide will try to show how to accomplish this.

Restoring the maildirs (maildir++ patch bug fix)

Recently it was pointed out (tx MG) that the maildir++ patch was broken, causing a wrong maildir size, and this is causing troubles especially with the new dovecot-2.3. Now that patch was repaired but the maildirs' size remains broken. This can be quickly (actually this may take a long time if done with all (-A) users) restored as follows:

doveadm fetch -A text all > /dev/null

If you don't want to take the trouble to restore your users' maildirs, you can always choose to allow the broken size adding this parameter to 10-mail.conf:

maildir_broken_filename_sizes = yes

Moving to 2.3 branch

Last december 2017 dovecot-2.3.0 was released. As far as my previous 2.2 configuration is concerned, there are just a few changes:

  • the submission service can be disabled (just rename 20-submission.conf);
  • if you were using the maildir++ patch for netqmail embedded in my combined patch, you have to add "maildir_broken_filename_sizes = yes" in your 10-mail.conf (tx MG). This parameter is not needed if you restored the maildirs as explained above;
  • changes in 10-ssl.conf: you have to setup a SSL DH parameter and replace some other obsolete parameter; take a look below for more info;
  • changes in 15-lda.conf: the sendmail program was not working anymore here when called by managesieve. So we can disable it and setup a submission_host (not to be confused with the submission service above);
  • some change in both 20-managesieve.conf and 90-sieve.conf: it's better to rebuild them from scratch following the next page.

Installing

cd /usr/local/src
wget https://www.dovecot.org/releases/2.3/dovecot-2.3.0.tar.gz
tar xzf dovecot-ce-2.3.0.tar.gz
chown -R root.root dovecot-ce-2.3.0
cd dovecot-ce-2.3.0

./configure \
        --prefix=/usr/local/dovecot \
        --with-vpopmail \
        --with-sql \
        --with-mysql \
        --with-docs \
        --with-ssl \
        --without-shadow \
        --without-pam \
        --without-ldap \
        --without-pgsql \
        --without-sqlite

Install prefix . : /usr/local/dovecot
File offsets ... : 64bit
I/O polling .... : epoll
I/O notifys .... : inotify
SSL ............ : yes (OpenSSL)
GSSAPI ......... : no
passdbs ........ : static passwd passwd-file checkpassword sql vpopmail
                 : -shadow -pam -bsdauth -sia -ldap
userdbs ........ : static prefetch passwd passwd-file checkpassword sql vpopmail nss
                 : -ldap
SQL drivers .... : mysql
                 : -pgsql -sqlite
Full text search : squat
                 : -lucene -solr

In case you are compiling in a systemd environment you may need to add "--with-systemdsystemunitdir" option to your configure (thanks to Bob Greco), for example:

--with-systemdsystemunitdir=/lib/systemd/system

Check if SSL was detected and if the sql/mysql authentication backend is supported. Compile:

make

If the old dovecot is running, stop it and delete the symbolic link before installing:

dovecotctl stop
rm /usr/local/dovecot
make install

cd /usr/local
mv dovecot dovecot-2.3.0
ln -s dovecot-2.3.0 dovecot
This installs Dovecot in /usr/local/dovecot.

Configuring

Create the dovecot user/group, the log folder and the directory where to store runtime data.

groupadd dovecot
useradd -g dovecot dovecot
useradd -g dovecot dovenull

mkdir -p /var/log/dovecot 
touch /var/log/dovecot/dovecot.log
chgrp vchkpw /var/log/dovecot/dovecot.log
chmod 660 /var/log/dovecot/dovecot.log

The config files must be copied from the share/doc to etc/dovecot folder

cd /usr/local/dovecot/etc/dovecot
cp -rp /usr/local/dovecot/share/doc/dovecot/example-config/* .

Adjust the MANPATH variable (add this line to your /etc/profile as well):

export MANPATH=$MANPATH:/usr/local/dovecot/share/man

Dowload my dovecot's config files

  • Download from here

If you don't want to have the trouble to modify your conf files and want to follow the directives of this guide you can download my config files and adjust them to your needs.

cd /usr/local/dovecot
mv etc etc-bak
wget http://notes.sagredo.eu/files/qmail/dovecot.conf.tar.gz
tar xzf dovecot.conf.tar.gz
mv dovecot-etc etc
cd etc/dovecot
chown -R root.root .

dovecot.conf

protocols = imap pop3
# delete IP6 addresses here
listen = *
dict {
  #quota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext
  #expire = sqlite:/etc/dovecot/dovecot-dict-sql.conf.ext
}
!include conf.d/*.conf
!include_try local.conf

Note that all conf.d/*.conf files will be included, so rename what is not needed.

10-auth.conf

# if the roundcube connection is from the local net this is secure provided that the 143 port is firewalled for the outnet
# put yes if you have roundcube on localhost
disable_plaintext_auth = no
# To append @domain to username in plaintext logins
auth_default_realm = defaultdomain.net
auth_mechanisms = plain login # the sql drivers requires that the pwd is transmitted with no encryption
# !include auth-system.conf.ext # now commented
# !include auth-vpopmail.conf.ext # commented
!include auth-sql.conf.ext

auth-sql.conf.ext

passdb {
  driver = sql
  # Path for SQL configuration file, see example-config/dovecot-sql.conf.ext
  args = /usr/local/dovecot/etc/dovecot/dovecot-sql.conf.ext
}

userdb {
  driver = sql
  args = /usr/local/dovecot/etc/dovecot/dovecot-sql.conf.ext
}

dovecot-sql.conf.ext

NB: the file has now to be edited from the etc/dovecot/ directory

# This file is opened as root, so it should be owned by root and mode 0600.
#
# Database driver: mysql, pgsql, sqlite
driver = mysql

# Database connection string. This is driver-specific setting.
#
connect = host=[MySQL IP] dbname=vpopmail user=vpopmail password=[PASSWORD]

# Default password scheme.
#
default_pass_scheme = MD5-CRYPT

# passdb query to retrieve the password. It can return fields:
password_query = SELECT CONCAT(pw_name, '@', '%d') AS user, \
  pw_passwd AS password, \
  pw_dir as userdb_home, \
  89 AS userdb_uid, \
  89 AS userdb_gid \
  FROM `vpopmail` \
  WHERE pw_name = '%n' AND pw_domain = '%d'

# userdb query to retrieve the user information. It can return fields:
# (Thanks to Arturo Blanco for his hints concerning vpopmail limits)
user_query = \
  SELECT pw_dir AS home, \
  89 AS uid, \
  89 AS gid \
  FROM vpopmail \
  WHERE pw_name = '%n' AND pw_domain = '%d' \
  AND ('%a'!='995' or !(pw_gid & 2)) \
  AND ('%r'!='[WEBMAIL-IP]' or !(pw_gid & 4)) \
  AND ('%r'='[WEBMAIL-IP]' or '%a'!='993' or !(pw_gid & 8))

# [WEBMAIL-IP] is the IP of your webmail web server. 
# I'm assuming that the imap connection is only on port 993 and the pop3 connection is on port 955.
# Adjust to your needs
#
# logically this means:
# SELECT user
# WHEN POP is not disabled for that user connecting on port 995 (995 is the pop3s port allowed from remote in my configuration)
# AND WHEN webmail access is not disabled for that user when connecting from [WEBMAIL-IP]
# AND WHEN IMAP is not disabled for that user connecting on port 993 (993 is the imaps port allowed from remote 
# in my configuration) unless his remote ip the one belonging to the webmail

# Query to get a list of all usernames.
iterate_query = SELECT CONCAT(pw_name,'@',pw_domain) AS username FROM `vpopmail`

Since this file stores the database password and is open only by root, you must secure the access priviledges:

chmod go-wrx ../dovecot-sql.conf.ext

10-director.conf

If you don't want to use the Director service rename the conf file, so that it will not be loaded:

mv 10-director.conf 10-director.conf.disabled

10-logging.conf

Set your log destination. I prefer to have a dedicated logfile for dovecot (default is syslog)

log_path = /var/log/dovecot/dovecot.log
plugin {
}

Logrotate

Save the below scriptlet as /etc/logrotate.d/dovecot:

cat > /etc/logrotate.d/dovecot << __EOF__
/var/log/dovecot/*.log {
missingok
notifempty
delaycompress
sharedscripts
postrotate
/usr/local/dovecot/bin/doveadm log reopen
endscript
}
__EOF__

10-mail.conf

We have to tell Dovecot which is the mailbox location. It will look for the Maildir in the home directory (%h):

mail_location = maildir:%h/Maildir
namespace inbox {
  inbox = yes
}

Set to 89 (vpopmail userid number) the mail_uid and mail_gid. The same for the valid first/last id as you want to manage only vpopmail users:

mail_uid = 89
mail_gid = 89

mail_privileged_group = 89
mail_access_groups = 89

first_valid_uid = 89
last_valid_uid = 89

first_valid_gid = 89
last_valid_gid = 89

Adjust the socket and the plugin folder:

auth_socket_path = /usr/local/dovecot/var/run/dovecot/auth-userdb
mail_plugin_dir = /usr/local/dovecot/lib/dovecot
mail_plugins = $mail_plugins quota

Finally, this is to be enabled because of the troubles caused by a broken maildir++ patch (now repaired, tx MG)

##
## Maildir-specific settings
##

# If enabled, Dovecot doesn't use the S=<size> in the Maildir filenames for
# getting the mail's physical size, except when recalculating Maildir++ quota.
# This can be useful in systems where a lot of the Maildir filenames have a
# broken size. The performance hit for enabling this is very small.
maildir_broken_filename_sizes = yes

10-master.conf

Read carefully this before continuing.

#default_process_limit = 100
#default_client_limit = 1000

# Default VSZ (virtual memory size) limit for service processes. This is mainly
# intended to catch and kill processes that leak memory before they eat up
# everything.
#default_vsz_limit = 256M

# Login user is internally used by login processes. This is the most untrusted
# user in Dovecot system. It shouldn't have access to anything at all.
default_login_user = vpopmail

# Internal user is used by unprivileged processes. It should be separate from
# login user, so that login processes can't disturb other processes.
#default_internal_user = dovecot

service imap-login {
  inet_listener imap {
    #port = 143
  }
  inet_listener imaps {
    #port = 993
    #ssl = yes
  }

  # Number of connections to handle before starting a new process. Typically
  # the only useful values are 0 (unlimited) or 1. 1 is more secure, but 0
  # is faster. <doc/wiki/LoginProcess.txt>
  #service_count = 1

  # Number of processes to always keep waiting for more connections.
  #process_min_avail = 0

  # If you set service_count=0, you probably need to grow this.
  #vsz_limit = $default_vsz_limit
}

service pop3-login {
  inet_listener pop3 {
    #port = 110
  }
  inet_listener pop3s {
    #port = 995
    #ssl = yes
  }
}

service lmtp {
  unix_listener lmtp {
    #mode = 0666
  }

  # Create inet listener only if you can't use the above UNIX socket
  #inet_listener lmtp {
    # Avoid making LMTP visible for the entire internet
    #address =
    #port = 
  #}
}

service imap {
  # Most of the memory goes to mmap()ing files. You may need to increase this
  # limit if you have huge mailboxes.
  #vsz_limit = $default_vsz_limit

  # Max. number of IMAP processes (connections)
  #process_limit = 1024
}

service pop3 {
  # Max. number of POP3 processes (connections)
  #process_limit = 1024
}

service auth {
  # auth_socket_path points to this userdb socket by default. It's typically
  # used by dovecot-lda, doveadm, possibly imap process, etc. Users that have
  # full permissions to this socket are able to get a list of all usernames and
  # get the results of everyone's userdb lookups.
  #
  # The default 0666 mode allows anyone to connect to the socket, but the
  # userdb lookups will succeed only if the userdb returns an "uid" field that
  # matches the caller process's UID. Also if caller's uid or gid matches the
  # socket's uid or gid the lookup succeeds. Anything else causes a failure.
  #
  # To give the caller full permissions to lookup all users, set the mode to
  # something else than 0666 and Dovecot lets the kernel enforce the
  # permissions (e.g. 0777 allows everyone full permissions).
  unix_listener auth-userdb {
    mode = 0600
    user = vpopmail
    group = vchkpw
  }

  # Postfix smtp-auth
  #unix_listener /var/spool/postfix/private/auth {
  #  mode = 0666
  #}

  # Auth process is run as this user.
  user = $default_internal_user
}

service auth-worker {
  # Auth worker process is run as root by default, so that it can access
  # /etc/shadow. If this isn't necessary, the user should be changed to
  # $default_internal_user.
  user = $default_internal_user
}

service dict {
  # If dict proxy is used, mail processes should have access to its socket.
  # For example: mode=0660, group=vmail and global mail_access_groups=vmail
  unix_listener dict {
    #mode = 0600
    #user = 
    #group = 
  }
}

10-ssl.conf

Of course we want SSL support. First of all let's create a self-signed SSL certificate. Dovecot includes a script to build self-signed SSL certificates using OpenSSL; you can find it in doc/mkcert.sh:

cd /usr/local/src/dovecot/doc

mkcert.sh will create the SSL certificate. Before running mkcert.sh you have to customize the cert editing dovecot-openssl.cnf (in the same folder):

> nano dovecot-openssl.cnf

[ req ]
default_bits = 1024
encrypt_key = yes
distinguished_name = req_dn
x509_extensions = cert_type
prompt = no

[ req_dn ]
# country (2 letter code)
C=IT

# State or Province Name (full name)
ST=Italy

# Locality Name (eg. city)
L=MyLocality

# Organization (eg. company)
O=My Organization Name

# Organizational Unit Name (eg. section)
OU=IMAP server

# Common Name (*.example.com is also possible)
CN=mymailserver.net

# E-mail contact
emailAddress=postmaster@mymailserver.net

[ cert_type ]
nsCertType = server

Now we are ready to create the SSL certificate:

> sh mkcert.sh

and the files /etc/ssl/private/dovecot.pem and /etc/ssl/certs/dovecot.pem have been created. Remember their locations because you have to insert them in 10-ssl.conf:

ssl_cert = </etc/ssl/certs/dovecot.pem
ssl_key = </etc/ssl/private/dovecot.pem

Remember also to switch off SSLv3 because of security reasons:

ssl_min_protocol = TLSv1

Now generate new SSL DH parameters from command line with

openssl dhparam -out /usr/local/dovecot/etc/dh.pem 4096

and adjust the ssl_dh parameter accordingly:

ssl_dh = </usr/local/dovecot/etc/dh.pem

15-lda.conf

As I already said dovecot will also act as an LDA because we want to manage sieve rules and filter our incoming emails.

postmaster_address = postmaster@yourdomain.net
hostname = mail.yourdomain.net

submission_host = 0.0.0.0:25

# the next two to auto create folders
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes

protocol lda {
  # Space separated list of plugins to load (default is global mail_plugins).
  mail_plugins = $mail_plugins quota # if you want to use sieve put sieve here
}

15-mailboxes.conf

##
## Mailbox definitions
##

# NOTE: Assumes "namespace inbox" has been defined in 10-mail.conf.
namespace inbox {

  #mailbox name {
    # auto=create will automatically create this mailbox.
    # auto=subscribe will both create and subscribe to the mailbox.
    #auto = no

    # Space separated list of IMAP SPECIAL-USE attributes as specified by
    # RFC 6154: \All \Archive \Drafts \Flagged \Junk \Sent \Trash
    #special_use =
  #}

  # These mailboxes are widely used and could perhaps be created automatically:
  mailbox Drafts {
    special_use = \Drafts
    auto = subscribe
  }
  mailbox Junk {
    special_use = \Junk
    auto = subscribe
  }
  mailbox Trash {
    special_use = \Trash
    auto = subscribe
  }

  # For \Sent mailboxes there are two widely used names. We'll mark both of
  # them as \Sent. User typically deletes one of them if duplicates are created.
  mailbox Sent {
    special_use = \Sent
    auto = subscribe
  }
#  mailbox "Sent Messages" {
#    special_use = \Sent
#  }

  # If you have a virtual "All messages" mailbox:
  #mailbox virtual/All {
  #  special_use = \All
  #}

  # If you have a virtual "Flagged" mailbox:
  #mailbox virtual/Flagged {
  #  special_use = \Flagged
  #}
}

20-imap.conf

protocol imap {
  mail_plugins = $mail_plugins imap_quota
}

20-lmtp.conf

I don't want the support for proxying to other LMTP/SMTP servers, so I disable lmtp:

mv 20-lmtp.conf 20-lmtp.conf.disabled

20-pop3.conf

protocol pop3 {
  mail_plugins = $mail_plugins quota
}

20-submission.conf

If the submission service is not needed we can disable its configuration file:

mv 20-submission.conf 20-submission.conf.disabled

90-acl.conf

If no acl is needed you can disable it:

mv 90-acl.conf 90-acl.conf.disabled

90-plugin.conf

plugin {
# autocreate plugin
# This plugin allows administrator to specify mailboxes that must always 
# exist for all users. They can optionally also be subscribed. The 
# mailboxes are created and subscribed always after user logs in. 
# Namespaces are fully supported, so namespace prefixes need to be used 
# where necessary. 
  autocreate = Sent
  autocreate2 = Drafts
  autocreate3 = Junk
  autocreate4 = Trash
  #autocreate5 = ..etc..
  autosubscribe = Sent
  autosubscribe2 = Drafts
  autosubscribe3 = Junk
  autosubscribe4 = Trash
  #autosubscribe5 = ..etc
}

90-quota.conf

To enable maildir++ comment out this line (thanks to Nicolas for the hint!):

quota = maildir:User quota

Adjusting PATH and MANPATH

You may want to modify your environment variable as follows inside your /etc/profile:

export PATH=$PATH:/usr/local/dovecot/bin
export MANPATH=$MANPATH:/usr/local/dovecot/share/man

Comments

imap-login: Info: Aborted login (no auth attempts in 0 secs): user=<>, rip=#.#.#.#, lip=#.#.#.#, session=

Hi there Roberto,

My system is CentOS-7 64bit, and runs as an LXC container under Proxmox on a dedicated server I rent. The domain for MX is mail.MYDOMAIN.TLD and the reverse lookup is working fine.

I've been pulling my hair out since yesterday with being able to log in from my mail client to Dovecot. I have downloaded and used your default config files for etc and modified them according to my TLD. But everytime I try to log in, the dovecot.log reports:

imap-login: Info: Aborted login (no auth attempts in 0 secs): user=<>, rip=#.#.#.#, lip=#.#.#.#, session=

(i substituted my real IPs with hashes for privacy).

The user=<> is blank? Do you think I have an issue with vpopmail? I am able to add/remove domains and users using the vQAdmin or just by prompt without any problems, and the SQL database is updating accordingly.

The service is running as follows:

[root@######conf.d]# ps axfu
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.2 124976 4912 ? Ss 11:17 0:00 /sbin/init
root 37 0.0 0.2 36844 5652 ? Ss 11:17 0:00 /usr/lib/systemd/systemd-journald
root 48 0.0 0.1 24216 2768 ? Ss 11:17 0:00 /usr/lib/systemd/systemd-logind
dbus 50 0.0 0.1 24408 2820 ? Ss 11:17 0:00 /bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation
root 52 0.0 0.2 212132 4944 ? Ssl 11:17 0:00 /usr/sbin/rsyslogd -n
root 54 0.0 0.0 6468 1688 pts/0 Ss+ 11:17 0:00 /sbin/agetty --noclear --keep-baud pts/0 115200 38400 9600 vt220
root 55 0.0 0.0 6468 1572 lxc/console Ss+ 11:17 0:00 /sbin/agetty --noclear --keep-baud console 115200 38400 9600 vt220
root 56 0.0 0.1 22656 2740 ? Ss 11:17 0:00 /usr/sbin/crond -n
root 60 0.0 0.0 6468 1564 pts/1 Ss+ 11:17 0:00 /sbin/agetty --noclear --keep-baud pts/1 115200 38400 9600 vt220
root 62 0.0 0.1 9524 2176 ? Ss 11:17 0:00 /bin/sh /usr/local/bin/svscanboot /dev/ttyS0
root 68 0.0 0.0 4360 1180 ? S 11:17 0:00 \_ svscan /var/service
root 70 0.0 0.0 4188 600 ? S 11:17 0:00 | \_ supervise vpopmaild
root 1268 0.0 0.0 4232 752 ? S 12:27 0:00 | | \_ /usr/local/bin/tcpserver -v -H -R -l 0 -u 0 -g 0 0 89 /home/vpopmail/bin/vpopmaild
root 71 0.0 0.0 4188 656 ? S 11:17 0:00 | \_ supervise log
qmaill 79 0.0 0.0 4200 612 ? S 11:17 0:00 | | \_ /usr/local/bin/multilog t /var/log/qmail/vpopmaild
root 72 0.0 0.0 4188 664 ? S 11:17 0:00 | \_ supervise qmail-send
qmails 1260 0.0 0.0 10752 1288 ? S 12:27 0:00 | | \_ qmail-send
root 1270 0.0 0.0 4364 624 ? S 12:27 0:00 | | \_ qmail-lspawn | /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox
qmailr 1272 0.0 0.0 4360 712 ? S 12:27 0:00 | | \_ qmail-rspawn
qmailq 1273 0.0 0.0 4320 1104 ? S 12:27 0:00 | | \_ qmail-clean
qmails 1274 0.0 0.0 4344 1092 ? S 12:27 0:00 | | \_ qmail-todo
qmailq 1275 0.0 0.0 4320 1108 ? S 12:27 0:00 | | \_ qmail-clean
root 73 0.0 0.0 4188 668 ? S 11:17 0:00 | \_ supervise log
qmaill 82 0.0 0.0 4200 704 ? S 11:17 0:00 | | \_ /usr/local/bin/multilog t s16000000 n200 /var/log/qmail/send
root 74 0.0 0.0 4188 704 ? S 11:17 0:00 | \_ supervise qmail-smtpd
vpopmail 1261 0.0 0.0 4232 692 ? S 12:27 0:00 | | \_ /usr/local/bin/tcpserver -v -H -R -l 0 -x /home/vpopmail/etc/tcp.smtp.cdb -c 20 -u 89 -g 89 0 25 /var/qmail/bin/qmail-smtpd
root 75 0.0 0.0 4188 620 ? S 11:17 0:00 | \_ supervise log
qmaill 87 0.0 0.0 4200 712 ? S 11:17 0:00 | | \_ /usr/local/bin/multilog t s16000000 n200 /var/log/qmail/smtpd
root 76 0.0 0.0 4188 668 ? S 11:17 0:00 | \_ supervise qmail-submission
vpopmail 1264 0.0 0.0 4232 676 ? S 12:27 0:00 | | \_ /usr/local/bin/tcpserver -v -H -R -l 0 -x /home/vpopmail/etc/tcp.submission.cdb -c 20 -u 89 -g 89 0 587 /var/qmail/bin/qmail-smtpd /home/vpopmail/bin/vchkpw /bi
root 77 0.0 0.0 4188 712 ? S 11:17 0:00 | \_ supervise log
qmaill 90 0.0 0.0 4200 676 ? S 11:17 0:00 | \_ /usr/local/bin/multilog t s16000000 n200 /var/log/qmail/submission
root 69 0.0 0.0 4176 684 ? S 11:17 0:00 \_ readproctitle service errors: ..........................................................................................................................................
root 404 0.0 1.1 466252 24132 ? Ss 11:17 0:00 /usr/sbin/httpd -DFOREGROUND
apache 532 0.0 1.1 572184 24100 ? S 11:17 0:00 \_ /usr/sbin/httpd -DFOREGROUND
apache 534 0.0 0.7 466384 15020 ? S 11:17 0:00 \_ /usr/sbin/httpd -DFOREGROUND
apache 535 0.0 1.4 577624 29572 ? S 11:17 0:00 \_ /usr/sbin/httpd -DFOREGROUND
apache 537 0.0 1.3 577368 29336 ? S 11:17 0:00 \_ /usr/sbin/httpd -DFOREGROUND
apache 538 0.0 0.7 466384 15024 ? S 11:17 0:00 \_ /usr/sbin/httpd -DFOREGROUND
apache 620 0.0 0.6 466252 14040 ? S 11:27 0:00 \_ /usr/sbin/httpd -DFOREGROUND
apache 883 0.0 0.7 466384 15012 ? S 11:50 0:00 \_ /usr/sbin/httpd -DFOREGROUND
apache 884 0.0 0.7 466384 15036 ? S 11:50 0:00 \_ /usr/sbin/httpd -DFOREGROUND
apache 885 0.0 0.7 466384 15004 ? S 11:50 0:00 \_ /usr/sbin/httpd -DFOREGROUND
root 405 0.0 0.3 106008 7380 ? Ss 11:17 0:00 /usr/sbin/sshd -D
root 591 0.0 0.4 141656 9400 ? Ss 11:21 0:00 \_ sshd: root@pts/2
root 593 0.0 0.1 11924 3084 pts/2 Ss 11:21 0:00 \_ -bash
root 1308 0.0 0.1 47588 3408 pts/2 R+ 12:47 0:00 \_ ps axfu
root 407 0.0 0.1 176016 2120 ? Sl 11:17 0:00 /home/vpopmail/bin/vusaged
mysql 449 0.0 0.1 9528 2524 ? Ss 11:17 0:00 /bin/sh /usr/bin/mysqld_safe --basedir=/usr
mysql 554 0.0 4.3 1038868 90552 ? Sl 11:17 0:02 \_ /usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib64/mysql/plugin --log-error=/var/lib/mysql/mangve.info.err --pid-file=mangve.info.pid
root 1091 0.0 0.1 12156 2472 ? Ss 12:12 0:00 /usr/local/dovecot/sbin/dovecot
dovecot 1092 0.0 0.1 9960 2576 ? S 12:12 0:00 \_ dovecot/anvil
root 1093 0.0 0.1 10092 2596 ? S 12:12 0:00 \_ dovecot/log
root 1094 0.0 0.2 20272 4364 ? S 12:12 0:00 \_ dovecot/config
dovecot 1289 0.0 0.3 142648 7660 ? S 12:27 0:00 \_ dovecot/auth

I've created the required pem files also.

Any help with where I should be looking to debug this would be greatly appreciated.

Reply | Permalink

imap-login: Info: Aborted login (no auth attempts in 0 secs): user=<>, rip=#.#.#.#, lip=#.#.#.#, session=

Hi Nick, did you compile vpopmail with --enable-auth-module=mysql? Did you pass the vpopmail test from command line? If yes, please post the logs and an imap telnet session as explained in the "testing dovecot" page

Reply | Permalink

imap-login: Info: Aborted login (no auth attempts in 0 secs): user=<>, rip=#.#.#.#, lip=#.#.#.#, session=

Hi again,

Just to add: As for vpopmail, i tested SMTP  on 25 using swaks and it worked fine.

And then vpop_auth, by telnet to 89:

[...] 

However!! SMTP on 587 seems to hang!

[root@mangve qmail-submission]# telnet 176.31.140.146 587
Trying 176.31.140.146...
Connected to 176.31.140.146.
Escape character is '^]'.
220 mail.mangve.info ESMTP

(then nothing forever!)

Reply | Permalink

imap-login: Info: Aborted login (no auth attempts in 0 secs): user=<>, rip=#.#.#.#, lip=#.#.#.#, session=

check also the GREETDELAY value in your run file...

Reply | Permalink

imap-login: Info: Aborted login (no auth attempts in 0 secs): user=<>, rip=#.#.#.#, lip=#.#.#.#, session=

this is a separate issue, I suggest to che check the logs. Please post a comment on the qmail/configuration page if you like

Reply | Permalink

imap-login: Info: Aborted login (no auth attempts in 0 secs): user=<>, rip=#.#.#.#, lip=#.#.#.#, session=

Hi Roberto,

Many thanks for your prompt and kind help.

Yes, I compiled vpopmail with the mysql authentification module, and have tested it localy from prompt. Please see below my sucess with it (only locally):

root@mangve dovecot]# telnet 176.31.140.146 143
Trying 176.31.140.146...
Connected to 176.31.140.146.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
a login nick@mangve.info PASSWORDHIDDEN
a OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS BINARY MOVE LITERAL+ NOTIFY QUOTA] Logged in
a select inbox
* FLAGS (\Answered \Flagged \Deleted \Seen \Draft)
* OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft \*)] Flags permitted.
* 0 EXISTS
* 0 RECENT
* OK [UIDVALIDITY 1519135948] UIDs valid
* OK [UIDNEXT 1] Predicted next UID
a OK [READ-WRITE] Select completed (0.001 + 0.000 secs).
a list "" *
* LIST (\HasNoChildren) "." INBOX
a OK List completed (0.001 + 0.000 secs).
a logout
* BYE Logging out
a OK Logout completed (0.001 + 0.000 secs).
Connection closed by foreign host.

Below is my dovecot.log output from the above session:

Feb 20 14:26:07 auth: Debug: client in: AUTH 1 PLAIN service=imap secured session=PBxol6Vl8sSwH4yS lip=176.31.140.146 rip=176.31.140.146 lport=143 rport=50418 resp=AG5pY2tAbWFuZ3ZlLmluZm8AcjNuYWlzc2FuY2U= (previous base64 data may contain sensitive data)
Feb 20 14:26:07 auth-worker(20163): Debug: Loading modules from directory: /usr/local/dovecot/lib/dovecot/auth
Feb 20 14:26:07 auth-worker(20163): Debug: Module loaded: /usr/local/dovecot/lib/dovecot/auth/lib20_auth_var_expand_crypt.so
Feb 20 14:26:07 auth-worker(20163): Debug: sql(nick@mangve.info,176.31.140.146,): query: SELECT CONCAT(pw_name, '@', 'mangve.info') AS user, pw_passwd AS password, pw_dir as userdb_home, 89 AS userdb_uid, 89 AS userdb_gid FROM `vpopmail` WHERE pw_name = 'nick' AND pw_domain = 'mangve.info'
Feb 20 14:26:07 auth: Debug: client passdb out: OK 1 user=nick@mangve.info
Feb 20 14:26:07 auth: Debug: master in: REQUEST 2776629249 20160 1 f66d64a38fe65c15d3866c47df933597 session_pid=20166 request_auth_token
Feb 20 14:26:07 auth-worker(20163): Debug: sql(nick@mangve.info,176.31.140.146,): SELECT pw_dir AS home, 89 AS uid, 89 AS gid FROM vpopmail WHERE pw_name = 'nick' AND pw_domain = 'mangve.info' AND ('143'!='995' or !(pw_gid & 2)) AND ('176.31.140.146'!='176.31.140.145' or !(pw_gid & 4)) AND ('176.31.140.146'='176.31.140.145' or '143'!='993' or !(pw_gid & 8))
Feb 20 14:26:07 auth: Debug: master userdb out: USER 2776629249 nick@mangve.info home=/home/vpopmail/domains/mangve.info/nick uid=89 gid=89 auth_token=25f7d7d36ca630b8471a9c9b2e2f7a33fbf20cab
Feb 20 14:26:07 imap-login: Info: Login: user=<nick@mangve.info>, method=PLAIN, rip=176.31.140.146, lip=176.31.140.146, mpid=20166, secured, session=
Feb 20 14:26:07 imap(nick@mangve.info)<20166>: Debug: Loading modules from directory: /usr/local/dovecot/lib/dovecot
Feb 20 14:26:07 imap(nick@mangve.info)<20166>: Debug: Module loaded: /usr/local/dovecot/lib/dovecot/lib10_quota_plugin.so
Feb 20 14:26:07 imap(nick@mangve.info)<20166>: Debug: Module loaded: /usr/local/dovecot/lib/dovecot/lib11_imap_quota_plugin.so
Feb 20 14:26:07 imap(nick@mangve.info)<20166>: Debug: Effective uid=89, gid=89, home=/home/vpopmail/domains/mangve.info/nick
Feb 20 14:26:07 imap(nick@mangve.info)<20166>: Debug: Quota root: name=User quota backend=maildir args=
Feb 20 14:26:07 imap(nick@mangve.info)<20166>: Debug: Quota grace: root=User quota bytes=0 (10%)
Feb 20 14:26:07 imap(nick@mangve.info)<20166>: Debug: Namespace inbox: type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:/home/vpopmail/domains/mangve.info/nick/Maildir
Feb 20 14:26:07 imap(nick@mangve.info)<20166>: Debug: maildir++: root=/home/vpopmail/domains/mangve.info/nick/Maildir, index=, indexpvt=, control=, inbox=/home/vpopmail/domains/mangve.info/nick/Maildir, alt=
Feb 20 14:26:07 imap(nick@mangve.info)<20166>: Debug: quota: quota_over_flag check: quota_over_script unset - skipping
Feb 20 14:26:25 imap(nick@mangve.info)<20166>: Debug: INBOX: Mailbox opened because: SELECT
Feb 20 14:26:27 auth: Debug: auth client connected (pid=20169)
Feb 20 14:26:36 pop3-login: Info: Disconnected (no auth attempts in 9 secs): user=<>, rip=192.241.213.179, lip=176.31.140.145, session=
Feb 20 14:26:42 imap(nick@mangve.info)<20166>: Info: Logged out in=37 out=794 deleted=0 expunged=0 trashed=0 hdr_count=0 hdr_bytes=0 body_count=0 body_bytes=0

Reply | Permalink

imap-login: Info: Aborted login (no auth attempts in 0 secs): user=<>, rip=#.#.#.#, lip=#.#.#.#, session=

So dovecot/vpopmail is fine. Check out your client's configuration

Reply | Permalink

imap-login: Info: Aborted login (no auth attempts in 0 secs): user=<>, rip=#.#.#.#, lip=#.#.#.#, session=

I see that qmail seems to be issue with login:

[root@mangve qmail-submission]# telnet 176.31.140.146 587
Trying 176.31.140.146...
Connected to 176.31.140.146.
Escape character is '^]'.
220 mail.mangve.info ESMTP
EHLO test
250-mail.mangve.info
250-STARTTLS
250-PIPELINING
250-8BITMIME
250 SIZE 20000000
AUTH PLAIN
538 auth not available without TLS (#5.3.3)
STARTTLS
220 ready for tls
AUTH PLAIN
454 TLS connection failed: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol (#4.3.0)
Connection closed by foreign host.

Reply | Permalink

Dovecot vpopmail userdb and passdb without SQL backend.

Some fixes required in your config files.

I've installed dovecot and added just auth-vpopmail.conf.ext in 10-auth.conf

But authentication was broken. (always unknown user)

After some investigation i found that auth-worker works with "default_internal_user" (which is dovecot) with no access to vpopmail domains.

So i suugest to add dovecot to "vchkpw" group or swithch auth-worker to vpopmail user...

Thanks.

Reply | Permalink

Dovecot vpopmail userdb and passdb without SQL backend.

My configuration concerns the sql auth driver, so these fixes are not needed. Of course some adjustments would  be needed if using the vpopmail driver

Reply | Permalink

openssl dhparam -out /usr/local/dovecot/etc/dh.pem

Requires the bits specifying: 1024

i.e.: # openssl dhparam -out /usr/local/dovecot/etc/dh.pem 1024

Reply | Permalink

yes, thank you

Reply | Permalink

maildir++ patch and dovecot

The maildir++ patch to calculate the size for quota enforcement is actually broken. This causes issues with newer versions of Dovecot, it will complain about S= being wrong and either bail or try to fix it one at a time. You can fix this by setting this in 10-mail.conf:

maildir_broken_filename_sizes = yes

There's a post about it here: http://dovecot.2317879.n4.nabble.com/Maildir-filename-has-wrong-S-value-td22996.html#a23000 and a patch to fix it in the FreeBSD port of qmail (https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=168870)  - perhaps the same patch could be pulled into your huge patch. 

Reply | Permalink

maildir++ patch and dovecot

It's worth to notice what it's suggested in the thread that you linked above... the maildirs can be restored in this way (it can take a long time if done for all (-A) users):

doveadm fetch -A text all > /dev/null

In this case the additional option maildir_broken_filename_sizes = yes is not needed

Reply | Permalink

maildir++ patch and dovecot

I have just updated my big patch and corrected the dovecot config (2.3!) accordingly. Thanks again for the hint

Reply | Permalink

maildir++ patch and dovecot

Thank you. I'll check it out

Reply | Permalink

dovecot configure

Dear Roberto

Thank you for this thorough qmail guide. Its the best available...

I am building a new server 10 years after the last time I did it. It's so wonderful to have these step-by-step instructions. It really saves the day.

Concerning the dovecot configuration here are some minor remarks:

Probably the ssl_dh_parameters_length  in 10-ssl.conf should become 2048 to comply with current security recommendations.

Additionaly if someone wants to enable the dovecot service in a systemd environment (eg Debian jessie) the proposed way is

to configure the dovecot sources --with-systemdsystemunitdir=/lib/systemd/system

Thanks again  and good night from Greece.

Reply | Permalink

Thanks Bob, I just added your

Thanks Bob, I just added your remarks to this page

Reply | Permalink

Just gone in production !

Hi everybody,

just to let you know after a few month of testing I have successfully migrated my old qmailrocks / fedora 6 istallation on a new,

virtualized Centos 6.5 - 64 bit qmail+vpopmail+roundcube+all the other goodies here described.

Everything works fine ! a big thank you to Roberto for this great guide !

BTW, I'm using dovecot 2.2.13 and it works perfectly.

The only problem experienced is related to some POP3 clients re-downloading all the email, even if I have used the courier-dovecot-migrate.pl script; mostly some MAC+thunderbird.

Cheers up !

Reply | Permalink

Table 'vpopmail.vpopmail' doesn't exist

Hi,

Has anyone tried with dovecot 2.2.4/2.2.6?
I am having a mysql issue

Oct 27 04:16:46 auth-worker(464): Warning: mysql: Query failed, retrying: Table 'vpopmail.vpopmail' doesn't exist
Oct 27 04:16:46 auth-worker(464): Error: sql(user@test.com,127.0.0.1): Password query failed: Table 'vpopmail.vpopmail' doesn't exist

I had tested pop3 login without any issue. Should i downgrade to 2.2.2?


Thanks
nic

Reply | Permalink

I'm testing version 2.2.6,

I'm testing version 2.2.6, telnetting port 143, sql driver, and the auth works fine

Reply | Permalink

Hi,I had tried 2.2.6 and

Hi,

I had tried 2.2.6 and still having the same error.
My backend is mysql-5.5.34.

ll /var/lib/mysql/vpopmail/
total 64
-rw-rw---- 1 mysql mysql 8836 Oct 27 05:38 subdomain_domain_com.frm
-rw-rw---- 1 mysql mysql   65 Oct 27 02:35 db.opt
-rw-rw---- 1 mysql mysql 9248 Oct 27 03:48 dir_control.frm
-rw-rw---- 1 mysql mysql 8674 Oct 27 03:49 lastauth.frm
-rw-rw---- 1 mysql mysql 8836 Oct 27 03:49 test_com.frm
-rw-rw---- 1 mysql mysql 8832 Oct 27 05:00 vlog.frm

 Any idea?
 
 regards
 nic

Reply | Permalink

I correct myself. It appears

I correct myself. It appears that you configured vpopmail to use separate tables for each domain, so you have to modify the auth query accordingly, since it is looking for a common table 'vpopmail'

Reply | Permalink

Hi,Understand nowMany

Hi,

Understand now

Many thanks

nic

Reply | Permalink

Ok, please post the query

Ok, please post the query that should be used in case of many domains if you can

Reply | Permalink

Sorry for the late reply.

Sorry for the late reply.
I had setup more toasters and also tested with different versions of dovecot up to 2.2.23.
No such error occur anymore. So i am posting my configuration for anyone who is interested to have an individual table for each domain.

Thank you

auth-sql.conf.ext
passdb {
driver = sql
# Path for SQL configuration file, see example-config/dovecot-sql.conf.ext
args = /usr/local/dovecot/etc/dovecot/dovecot-sql.conf.ext
}

userdb {
driver = sql
args = /usr/local/dovecot/etc/dovecot/dovecot-sql.conf.ext
}

dovecot-sql.conf.ext
driver = mysql

connect = host=localhost dbname=vpopmail user=user password=password
#(please replace with your mysql username and password)

# passdb query to retrieve the password. It can return fields:
password_query = SELECT CONCAT(pw_name, '@', '%d') AS user, \
pw_passwd AS password, \
pw_dir as userdb_home, \
89 AS userdb_uid, \
89 AS userdb_gid \
FROM `vpopmail` \
WHERE pw_name = '%n' AND pw_domain = '%d'

# userdb query to retrieve the user information. It can return fields:
user_query = \
SELECT pw_dir AS home, \
89 AS uid, \
89 AS gid \
FROM vpopmail \
WHERE pw_name = '%n' AND pw_domain = '%d'

# Query to get a list of all usernames.
iterate_query = SELECT CONCAT(pw_name,'@',pw_domain) AS username FROM `vpopmail
}

Reply | Permalink

Nic, you really miss the

Nic, you really miss the vpopmail table. I have:

-rw-rw---- 1 mysql mysql      65 Nov  8  2012 db.opt
-rw-rw---- 1 mysql mysql    3509 Jul  2 13:15 dir_control.MYD
-rw-rw---- 1 mysql mysql    2048 Jul  2 16:03 dir_control.MYI
-rw-rw---- 1 mysql mysql    9248 Dec 12  2012 dir_control.frm
-rw-rw---- 1 mysql mysql    4185 Oct 27 08:22 lastauth.MYD
-rw-rw---- 1 mysql mysql    2048 Oct 27 08:22 lastauth.MYI
-rw-rw---- 1 mysql mysql    8674 Dec 12  2012 lastauth.frm
-rw-rw---- 1 mysql mysql       0 Dec 12  2012 valias.MYD
-rw-rw---- 1 mysql mysql    1024 Dec 12  2012 valias.MYI
-rw-rw---- 1 mysql mysql    8640 Dec 12  2012 valias.frm
-rw-rw---- 1 mysql mysql 8183044 Oct  1 14:43 vlog.MYD
-rw-rw---- 1 mysql mysql 3813376 Oct  1 16:08 vlog.MYI
-rw-rw---- 1 mysql mysql    8832 Dec 12  2012 vlog.frm
-rw-rw---- 1 mysql mysql    8970 Dec 12  2012 vpopmail.frm

create again the domain and check if it is created.

Reply | Permalink

Hi,I had deleted the existing

Hi,

I had deleted the existing domains and re-added them again.
vpopmail.frm is still no where to be found.

I had checked my other production servers, they are working fine
and yet there isn't any vpopmail.frm also.

Pretty weird. Google has no answer too.

regards
nic

Reply | Permalink

as said above, the problem

as said above, the problem should be the configuration of vpopmail with

--enable-many-domains     Creates a table for each virtual domain instead of storing all users in a single table. Only valid for MySQL and PostgreSQL

Reply | Permalink

Hi Roberto,I had configured

Hi Roberto,

I had configured vpopmail with --disable-many-domains

I had figured out if i use

!include auth-vpopmail.conf.ext

but not

!include auth-sql.conf.ext

I have no problem. Because the latest guide instructs to use auth-sql, Dovecot looks for vpopmail.frm instead.

I don't know by doing is this correct. Please correct me.

Many thanks again

regards
nic

Reply | Permalink

yes if you use the vpopmail

yes if you use the vpopmail driver you don't have to adjust the sql query. I switched to the mysql/sql drivers since the vpomail one was not working for me, but it's interesting to know that you have it working

Reply | Permalink

I tested with mariadb 5.5,

I tested with mariadb 5.5, that is pretty much the same as mysql 5.5.

But.. are you sure that the table was actually created?

Reply | Permalink

Then it must be me. Let me

Then it must be me. Let me try re-installing it again

 

Thanks

nic

Reply | Permalink

Dovecot-2.2.0 and Vpopmail

Hi Roberto
Thanks for your excellent guide.

I had no problems upgrading from dovecot 2.1.16 to 2.2.0
Instead of using the vpopmail auth driver, I am set up to use the sql driver. I appreciate this might not be what you are trying to achieve, but at least it will allow you to have vpopmail work with dovecot 2.2.0

My relevant configuration:

in /etc/dovecot/conf.d/10-auth.conf:
!include auth-sql.conf.ext

in /etc/dovecot/conf.d/auth-sql.conf.ext:
passdb {
  driver = sql
  args = /etc/dovecot/dovecot-sql.conf.ext
}
userdb {
  driver = prefetch
}

in /etc/dovecot/dovecot-sql.conf.ext:
driver = mysql
default_pass_scheme = MD5-CRYPT
password_query = SELECT CONCAT(pw_name, '@', '%d') AS user, \
  pw_passwd AS password, \
  pw_dir as userdb_home, \
  89 AS userdb_uid, \
  89 AS userdb_gid \
  FROM `vpopmail` \
  WHERE pw_name = '%n' AND pw_domain = '%d'

I haven't spent the time looking to see what has happened to the vpopmail auth driver.

Best wishes,
Michael Dick

Reply | Permalink

Re: Dovecot-2.2.0 and Vpopmail

Hi Michael, thanks for your contribution.

of course the sql drivers works fine now as worked in the past. Anyway this is not the first time that the vpopmail breaks, so your comment is appreciated. Soon or later I should consider to expand this page with the sql driver method.

Reply | Permalink

qmail & dovecot

Please be patient with me.....am a newbie...I've been trying to install qmail on my F16 64 bit home machine for the past 3 weeks but haven't managed to get it running yet but I'm very hopeful despite the many many frustrations. I wanted to know whether i install dovecot after the successful installation of qmail or do i start my dovecot installation 'independent' of the qmail installation. Thanks for the great piece by....

Reply | Permalink

my answer is yes

Despite of the fact that you can have a dovecot successfull installation, if you don't have qmail or another MTA installed it doesn't make much sense having an imap server without the smtp service in order to transfer your emails around the world; at least you should have your MTA in another machine. So yes, you should install qmail firstly.

You may want to take a look at this article which shortly explains how all things work together: http://wiki.dovecot.org/MailServerOverview

Reply | Permalink

Pretty good post

Pretty good post. I just stumbled upon your blog and wanted to say that I have really enjoyed reading your blog posts. Any way I'll be subscribing to your feed and I hope you post again soon.

Reply | Permalink

Thanks for this great HOWTO!

Thanks for this great HOWTO! Just tested it and it's ok!

Reply | Permalink

some more features about quota

to makes IMAP quota working with maildir++, you should change these settings :

20-imap.conf

You should replace quota with imap_quota

90-quota.conf

You should uncomment this line:

quota = maildir:User quota

Reply | Permalink

I tested it, and it's ok.

I tested it, and it's ok. Thanks for the contribution!

Reply | Permalink

doveadm

First of all thanks for this HOWTO!

anyway i'm having a problem with the "doveadm -A" listing "ErrorUser listing returned failure doveadm",

"doveadm mailbox list -u user@domain" is working just fine.

did i miss something?

Reply | Permalink

doveadm & vpopmail

If you are using vpopmail as a backend, I don't have an answer. It seems like the driver is not programmed to do the iteration..

Reply | Permalink

doveadm expunge for vpopmail

I have found a way....this is how is working for me:
(this is just for "Trash" ...same for "Junk" ...just change mailbox param)
 
#!/bin/bash
# MySQL details

HOST="localhost";
USER="vpopmail";
PWD="vpopmailpasswod";

# Output sql to a file that we want to run
echo "USE vpopmail; select concat(pw_name,'@',pw_domain) as username from vpopmail;" > /tmp/query.sql;

# Run the query and get the results
results=`mysql -h $HOST -u $USER -p$PWD -N < /tmp/query.sql`;

# Loop through each row
for row in $results
do
/usr/local/dovecot/bin/doveadm expunge mailbox Trash -u $row savedbefore 30d
done

Reply | Permalink

Excellent solution!

Can you believe it! I was facing the same problem with doveadm expunge and found on google your excellent solution inside your comment of my own blog! Thank you..

Reply | Permalink

networking

The exact same thing happened to me once, isn`t it great how networking works!

Reply | Permalink

Recent comments
Recent posts

RSS feeds