search

mailcow / mailcow-dockerized

mailcow: dockerized - 🐮 + 🐋 = 💕
https://mailcow.email
GNU General Public License v3.0
8.74k stars 1.17k forks source link

dovecot keeps restarting #2672

Closed kariae closed 5 years ago

kariae commented 5 years ago

Describe the bug, try to make it reproducible I installed mailcow on a fresh Ubuntu 18.04, I checked the ports and the ssl are fine since I can access the https://mail..., but the dovecot container keeps on restarting

System information and quick debugging General logs:

Full logs in gist

Further information (where applicable):

andryyy commented 5 years ago

I’m pretty sure it cannot read the cert or key.

Am 03.06.2019 um 10:07 schrieb Zakariae Filali notifications@github.com:

Describe the bug, try to make it reproducible I installed mailcow on a fresh Ubuntu 18.04, I checked the ports and the ssl are fine since I can access the https://mail..., but the dovecot container keeps on restarting

System information and quick debugging General logs:

Please take a look at the documentation. dovecot-mailcow_1 | 70_HS_body.cf dovecot-mailcow_1 | 70_HS_header.cf dovecot-mailcow_1 | 2019-06-03 07:52:42,595 CRIT Set uid to user 0 dovecot-mailcow_1 | 2019-06-03 07:52:42,600 INFO supervisord started with pid 1 dovecot-mailcow_1 | 2019-06-03 07:52:43,603 INFO spawned: 'processes' with pid 88 dovecot-mailcow_1 | 2019-06-03 07:52:43,606 INFO spawned: 'cron' with pid 89 dovecot-mailcow_1 | 2019-06-03 07:52:43,609 INFO spawned: 'dovecot' with pid 90 dovecot-mailcow_1 | 2019-06-03 07:52:43,612 INFO spawned: 'syslog-ng' with pid 91 dovecot-mailcow_1 | Jun 3 07:52:43 mail syslog-ng[91]: syslog-ng starting up; version='3.8.1' dovecot-mailcow_1 | 2019-06-03 07:52:43,705 INFO exited: dovecot (exit status 89; not expected) dovecot-mailcow_1 | 2019-06-03 07:52:44,706 INFO success: processes entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) dovecot-mailcow_1 | 2019-06-03 07:52:44,706 INFO success: cron entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) dovecot-mailcow_1 | 2019-06-03 07:52:44,708 INFO spawned: 'dovecot' with pid 96 dovecot-mailcow_1 | 2019-06-03 07:52:44,709 INFO success: syslog-ng entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) dovecot-mailcow_1 | 2019-06-03 07:52:44,770 INFO exited: dovecot (exit status 89; not expected) dovecot-mailcow_1 | 2019-06-03 07:52:46,775 INFO spawned: 'dovecot' with pid 98 dovecot-mailcow_1 | 2019-06-03 07:52:46,833 INFO exited: dovecot (exit status 89; not expected) dovecot-mailcow_1 | 2019-06-03 07:52:49,838 INFO spawned: 'dovecot' with pid 100 dovecot-mailcow_1 | 2019-06-03 07:52:49,899 INFO exited: dovecot (exit status 89; not expected) dovecot-mailcow_1 | 2019-06-03 07:52:49,900 INFO gave up: dovecot entered FATAL state, too many start retries too quickly dovecot-mailcow_1 | 2019-06-03 07:52:50,904 WARN received SIGQUIT indicating exit request dovecot-mailcow_1 | 2019-06-03 07:52:50,905 INFO waiting for cron, processes, syslog-ng to die dovecot-mailcow_1 | Jun 3 07:52:50 mail syslog-ng[91]: syslog-ng shutting down; version='3.8.1' dovecot-mailcow_1 | 2019-06-03 07:52:51,008 INFO stopped: syslog-ng (exit status 0) dovecot-mailcow_1 | 2019-06-03 07:52:52,010 INFO stopped: cron (terminated by SIGTERM) dovecot-mailcow_1 | 2019-06-03 07:52:52,011 INFO stopped: processes (terminated by SIGTERM) Further information (where applicable):

Your OS (is Apparmor or SELinux active?) Ubuntu 18.04 Your virtualization technology (KVM/QEMU, Xen, VMware, VirtualBox etc.) it's a baremetal server Don't try to run mailcow on a Synology or QNAP NAS, do you? No Docker and Docker Compose version: Docker version 18.09.6, docker-compose version 1.24.0 Output of git diff origin/master, any other changes to the code? services:

  • acme.sh:
  • build: acme.sh
  • environment:
    • ACME_DNS=${ACME_DNS}
    • ACME_HOST=${MAILCOW_HOSTNAME}
    • CF_Key=${CF_KEY}
    • CF_Email=${CF_EMAIL}
    • ACCOUNTEMAIL=${CF_EMAIL}
  • volumes:
    • ./data/acme:/acme.sh
    • ./data/assets/ssl/:/certs

  • unbound-mailcow: image: mailcow/unbound:1.7 build: ./data/Dockerfiles/unbound @@ -267,6 +279,7 @@ services:

    nginx-mailcow: depends_on:

    • acme.sh
      • sogo-mailcow
      • php-fpm-mailcow
      • redis-mailcow @@ -330,7 +343,7 @@ services:
      • TZ=${TZ} volumes:
      • ./data/web/.well-known/acme-challenge:/var/www/acme:rw
    • ./data/assets/ssl:/var/lib/acme/:rw

  • - ./data/assets/ssl:/var/lib/acme/:rw

     - ./data/assets/ssl-example:/var/lib/ssl-example/:ro
 - mysql-socket-vol-1:/var/run/mysqld/

    restart: always @@ -441,7 +454,7 @@ services:

    • postfix-mailcow
    • memcached-mailcow
    • nginx-mailcow
    • acme-mailcow

  • - acme-mailcow

     - netfilter-mailcow
 - watchdog-mailcow
 - dockerapi-mailcow

    All third-party firewalls and custom iptables rules are unsupported. Please check the Docker docs about how to use Docker with your own ruleset. Nevertheless, iptabels output can help us to help you: iptables -L -vn, ip6tables -L -vn, iptables -L -vn -t nat and ip6tables -L -vn -t nat All ports are open using ufw Reverse proxy? If you think this problem is related to your reverse proxy, please post your configuration. No reverse proxy Browser (if it's a Web UI issue) - please clean your browser cache and try again, problem persists? Check docker exec -it $(docker ps -qf name=acme-mailcow) dig +short stackoverflow.com @172.22.1.254 (set the IP accordingly, if you changed the internal mailcow network) and docker exec -it $(docker ps -qf name=acme-mailcow) dig +short stackoverflow.com @1.1.1.1 - output? Timeout? — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or mute the thread.

kariae commented 5 years ago

I was thinking the same thing, but an ls data/assets/ssl gives me this:

cert.pem  key.pem

which I think it's fine

andryyy commented 5 years ago

Are these files sym links? This would not work.

kariae commented 5 years ago

No they are files, maybe a permissions issue?

docker-compose exec dovecot-mailcow ls -als /etc/ssl/mail/
total 16
4 drwxr-xr-x 2 root root 4096 Jun  2 15:20 .
4 drwxr-xr-x 1 root root 4096 Jun  3 07:52 ..
4 -rw-r--r-- 1 root root 1911 Jun  2 15:17 cert.pem
4 -rw------- 1 root root 1675 Jun  2 15:17 key.pem
andryyy commented 5 years ago

Can you try this? =>

docker-compose exec dovecot-mailcow doveconf

You probably need to run it a few times as the container keeps restarting. :)

kariae commented 5 years ago 
# 2.3.6 (7eab80676): /usr/local/etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.6 (92dc263a)
# OS: Linux 4.9.93-mainline-rev1 x86_64 Debian 9.6 
# Hostname: mail.backupr.io
doveconf: Error: t_readlink(/usr/local/var/run/dovecot/dovecot.conf) failed: readlink() failed: No such file or directory
# NOTE: Send doveconf -n output instead when asking for help.
auth_anonymous_username = anonymous
auth_cache_negative_ttl = 1 hours
auth_cache_size = 0
auth_cache_ttl = 1 hours
auth_cache_verify_password_with_worker = no
auth_debug = yes
auth_debug_passwords = yes
auth_default_realm = 
auth_failure_delay = 2 secs
auth_gssapi_hostname = 
auth_krb5_keytab = 
auth_master_user_separator = *
auth_mechanisms = plain login
auth_policy_check_after_auth = yes
auth_policy_check_before_auth = yes
auth_policy_hash_mech = sha256
auth_policy_hash_nonce = 
auth_policy_hash_truncate = 12
auth_policy_log_only = no
auth_policy_reject_on_fail = no
auth_policy_report_after_auth = yes
auth_policy_request_attributes = login=%{requested_username} pwhash=%{hashed_password} remote=%{rip} device_id=%{client_id} protocol=%s
auth_policy_server_api_header = 
auth_policy_server_timeout_msecs = 2000
auth_policy_server_url = 
auth_proxy_self = 
auth_realms = 
auth_socket_path = auth-userdb
auth_ssl_require_client_cert = no
auth_ssl_username_from_cert = no
auth_stats = no
auth_use_winbind = no
auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
auth_username_format = %Lu
auth_username_translation = 
auth_verbose = yes
auth_verbose_passwords = yes
auth_winbind_helper_path = /usr/bin/ntlm_auth
auth_worker_max_count = 30
base_dir = /usr/local/var/run/dovecot
config_cache_size = 1 M
debug_log_path = 
default_client_limit = 10400
default_idle_kill = 1 mins
default_internal_group = dovecot
default_internal_user = dovecot
default_login_user = dovenull
default_process_limit = 100
default_vsz_limit = 1 G
deliver_log_format = msgid=%m: %$
dict {
  sieve_after = mysql:/usr/local/etc/dovecot/sql/dovecot-dict-sql-sieve_after.conf
  sieve_before = mysql:/usr/local/etc/dovecot/sql/dovecot-dict-sql-sieve_before.conf
  sqlquota = mysql:/usr/local/etc/dovecot/sql/dovecot-dict-sql-quota.conf
}
dict_db_config = 
director_flush_socket = 
director_mail_servers = 
director_max_parallel_kicks = 100
director_max_parallel_moves = 100
director_output_buffer_size = 10 M
director_ping_idle_timeout = 30 secs
director_ping_max_timeout = 1 mins
director_servers = 
director_user_expire = 15 mins
director_user_kick_delay = 2 secs
director_username_hash = %u
disable_plaintext_auth = yes
dotlock_use_excl = yes
doveadm_allowed_commands = 
doveadm_api_key = 
doveadm_http_rawlog_dir = 
doveadm_password = 
doveadm_port = 0
doveadm_socket_path = doveadm-server
doveadm_username = doveadm
doveadm_worker_count = 0
dsync_alt_char = _
dsync_commit_msgs_interval = 100
dsync_features = 
dsync_hashed_headers = Date Message-ID
dsync_remote_cmd = ssh -l%{login} %{host} doveadm dsync-server -u%u -U
first_valid_gid = 1
first_valid_uid = 500
haproxy_timeout = 3 secs
haproxy_trusted_networks = 
hostname = 
imap_capability = 
imap_client_workarounds = 
imap_fetch_failure = disconnect-immediately
imap_hibernate_timeout = 0
imap_id_log = 
imap_id_retain = no
imap_id_send = name *
imap_idle_notify_interval = 2 mins
imap_literal_minus = no
imap_logout_format = in=%i out=%o deleted=%{deleted} expunged=%{expunged} trashed=%{trashed} hdr_count=%{fetch_hdr_count} hdr_bytes=%{fetch_hdr_bytes} body_count=%{fetch_body_count} body_bytes=%{fetch_body_bytes}
imap_max_line_length = 2 M
imap_metadata = no
imap_urlauth_host = 
imap_urlauth_logout_format = in=%i out=%o
imap_urlauth_port = 143
imapc_cmd_timeout = 5 mins
imapc_connection_retry_count = 1
imapc_connection_retry_interval = 1 secs
imapc_features = 
imapc_host = 
imapc_list_prefix = 
imapc_master_user = 
imapc_max_idle_time = 29 mins
imapc_max_line_length = 0
imapc_password = 
imapc_port = 143
imapc_rawlog_dir = 
imapc_sasl_mechanisms = 
imapc_ssl = no
imapc_ssl_verify = yes
imapc_user = 
import_environment = TZ CORE_OUTOFMEM CORE_ERROR
info_log_path = 
instance_name = dovecot
last_valid_gid = 0
last_valid_uid = 0
lda_mailbox_autocreate = no
lda_mailbox_autosubscribe = no
lda_original_recipient_header = 
libexec_dir = /usr/local/libexec/dovecot
listen = *,[::]
lmtp_hdr_delivery_address = final
lmtp_proxy = no
lmtp_proxy_rawlog_dir = 
lmtp_rawlog_dir = 
lmtp_rcpt_check_quota = no
lmtp_save_to_detail_mailbox = no
lmtp_user_concurrency_limit = 0
lock_method = fcntl
log_core_filter = 
log_debug = 
log_path = syslog
log_timestamp = "%Y-%m-%d %H:%M:%S "
login_access_sockets = 
login_greeting = Dovecot ready.
login_log_format = %$: %s
login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c %k
login_plugin_dir = /usr/local/lib/dovecot/login
login_plugins = 
login_proxy_max_disconnect_delay = 0
login_proxy_notify_path = proxy-notify
login_source_ips = 
login_trusted_networks = 
mail_access_groups = 
mail_always_cache_fields = 
mail_attachment_detection_options = 
mail_attachment_dir = /var/attachments
mail_attachment_fs = crypt:set_prefix=mail_crypt_global:posix:
mail_attachment_hash = %{sha1}
mail_attachment_min_size = 128 k
mail_attribute_dict = file:%h/dovecot-attributes
mail_cache_compress_continued_percentage = 200
mail_cache_compress_delete_percentage = 20
mail_cache_compress_header_continue_count = 4
mail_cache_compress_min_size = 32 k
mail_cache_fields = flags
mail_cache_min_mail_count = 0
mail_cache_record_max_size = 64 k
mail_cache_unaccessed_field_drop = 30 days
mail_chroot = 
mail_debug = yes
mail_fsync = optimized
mail_full_filesystem_access = no
mail_gid = 
mail_home = /var/vmail/%d/%n
mail_index_log2_max_age = 2 days
mail_index_log_rotate_max_size = 1 M
mail_index_log_rotate_min_age = 5 mins
mail_index_log_rotate_min_size = 32 k
mail_index_rewrite_max_log_bytes = 128 k
mail_index_rewrite_min_log_bytes = 8 k
mail_location = maildir:~/
mail_log_prefix = "%s(%u)<%{pid}><%{session}>: "
mail_max_keyword_length = 50
mail_max_lock_timeout = 0
mail_max_userip_connections = 500
mail_never_cache_fields = imap.envelope
mail_nfs_index = no
mail_nfs_storage = no
mail_plugin_dir = /usr/local/lib/dovecot
mail_plugins = </usr/local/etc/dovecot/mail_plugins
mail_prefetch_count = 30
mail_privileged_group = 
mail_save_crlf = no
mail_server_admin = 
mail_server_comment = 
mail_shared_explicit_inbox = yes
mail_sort_max_read_count = 0
mail_temp_dir = /tmp
mail_temp_scan_interval = 1 weeks
mail_uid = 
mail_vsize_bg_after_count = 0
mailbox_idle_check_interval = 30 secs
mailbox_list_index = yes
mailbox_list_index_include_inbox = no
mailbox_list_index_very_dirty_syncs = no
maildir_broken_filename_sizes = no
maildir_copy_with_hardlinks = yes
maildir_empty_new = no
maildir_stat_dirs = no
maildir_very_dirty_syncs = no
managesieve_client_workarounds = 
managesieve_implementation_string = Dovecot Pigeonhole
managesieve_logout_format = bytes=%i/%o
managesieve_max_compile_errors = 5
managesieve_max_line_length = 65536
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext vacation-seconds imapflags notify imapsieve vnd.dovecot.imapsieve
master_user_separator = 
mbox_dirty_syncs = yes
mbox_dotlock_change_timeout = 2 mins
mbox_lazy_writes = yes
mbox_lock_timeout = 5 mins
mbox_md5 = apop3d
mbox_min_index_size = 0
mbox_read_locks = fcntl
mbox_very_dirty_syncs = no
mbox_write_locks = dotlock fcntl
mdbox_preallocate_space = no
mdbox_rotate_interval = 0
mdbox_rotate_size = 10 M
mmap_disable = no
namespace {
  disabled = no
  hidden = no
  ignore_on_failure = no
  inbox = no
  list = children
  location = maildir:%%h/Maildir:INDEX=~/Maildir/Shared/%%u;CONTROL=~/Maildir/Shared/%%u
  order = 0
  prefix = Shared/%%u/
  separator = /
  subscriptions = no
  type = shared
}
namespace inbox {
  disabled = no
  hidden = no
  ignore_on_failure = no
  inbox = yes
  list = yes
  location = 
  mailbox Archief {
    auto = no
    autoexpunge = 0
    autoexpunge_max_mails = 0
    comment = 
    driver = 
    special_use = \Archive
  }
  mailbox Archiv {
    auto = no
    autoexpunge = 0
    autoexpunge_max_mails = 0
    comment = 
    driver = 
    special_use = \Archive
  }
  mailbox Archive {
    auto = subscribe
    autoexpunge = 0
    autoexpunge_max_mails = 0
    comment = 
    driver = 
    special_use = \Archive
  }
  mailbox Archives {
    auto = no
    autoexpunge = 0
    autoexpunge_max_mails = 0
    comment = 
    driver = 
    special_use = \Archive
  }
  mailbox Arquivo {
    auto = no
    autoexpunge = 0
    autoexpunge_max_mails = 0
    comment = 
    driver = 
    special_use = \Archive
  }
  mailbox Arquivos {
    auto = no
    autoexpunge = 0
    autoexpunge_max_mails = 0
    comment = 
    driver = 
    special_use = \Archive
  }
  mailbox Concepten {
    auto = no
    autoexpunge = 0
    autoexpunge_max_mails = 0
    comment = 
    driver = 
    special_use = \Drafts
  }
  mailbox "Deleted Items" {
    auto = no
    autoexpunge = 0
    autoexpunge_max_mails = 0
    comment = 
    driver = 
    special_use = \Trash
  }
  mailbox "Deleted Messages" {
    auto = no
    autoexpunge = 0
    autoexpunge_max_mails = 0
    comment = 
    driver = 
    special_use = \Trash
  }
  mailbox Drafts {
    auto = subscribe
    autoexpunge = 0
    autoexpunge_max_mails = 0
    comment = 
    driver = 
    special_use = \Drafts
  }
  mailbox Entwürfe {
    auto = no
    autoexpunge = 0
    autoexpunge_max_mails = 0
    comment = 
    driver = 
    special_use = \Drafts
  }
  mailbox Enviados {
    auto = no
    autoexpunge = 0
    autoexpunge_max_mails = 0
    comment = 
    driver = 
    special_use = \Sent
  }
  mailbox "Gelöschte Elemente" {
    auto = no
    autoexpunge = 0
    autoexpunge_max_mails = 0
    comment = 
    driver = 
    special_use = \Trash
  }
  mailbox "Gelöschte Objekte" {
    auto = no
    autoexpunge = 0
    autoexpunge_max_mails = 0
    comment = 
    driver = 
    special_use = \Trash
  }
  mailbox Gesendet {
    auto = no
    autoexpunge = 0
    autoexpunge_max_mails = 0
    comment = 
    driver = 
    special_use = \Sent
  }
  mailbox "Gesendete Elemente" {
    auto = no
    autoexpunge = 0
    autoexpunge_max_mails = 0
    comment = 
    driver = 
    special_use = \Sent
  }
  mailbox "Gesendete Objekte" {
    auto = no
    autoexpunge = 0
    autoexpunge_max_mails = 0
    comment = 
    driver = 
    special_use = \Sent
  }
  mailbox "Itens Enviados" {
    auto = no
    autoexpunge = 0
    autoexpunge_max_mails = 0
    comment = 
    driver = 
    special_use = \Sent
  }
  mailbox "Itens Excluídos" {
    auto = no
    autoexpunge = 0
    autoexpunge_max_mails = 0
    comment = 
    driver = 
    special_use = \Trash
  }
  mailbox "Itens Excluidos" {
    auto = no
    autoexpunge = 0
    autoexpunge_max_mails = 0
    comment = 
    driver = 
    special_use = \Trash
  }
  mailbox Junk-E-Mail {
    auto = no
    autoexpunge = 0
    autoexpunge_max_mails = 0
    comment = 
    driver = 
    special_use = \Junk
  }
  mailbox Junk {
    auto = subscribe
    autoexpunge = 0
    autoexpunge_max_mails = 0
    comment = 
    driver = 
    special_use = \Junk
  }
  mailbox "Junk E-Mail" {
    auto = no
    autoexpunge = 0
    autoexpunge_max_mails = 0
    comment = 
    driver = 
    special_use = \Junk
  }
  mailbox Koncepty {
    auto = no
    autoexpunge = 0
    autoexpunge_max_mails = 0
    comment = 
    driver = 
    special_use = \Drafts
  }
  mailbox Lixeira {
    auto = no
    autoexpunge = 0
    autoexpunge_max_mails = 0
    comment = 
    driver = 
    special_use = \Trash
  }
  mailbox "Lixo Eletrônico" {
    auto = no
    autoexpunge = 0
    autoexpunge_max_mails = 0
    comment = 
    driver = 
    special_use = \Junk
  }
  mailbox "Nevyžádaná pošta" {
    auto = no
    autoexpunge = 0
    autoexpunge_max_mails = 0
    comment = 
    driver = 
    special_use = \Junk
  }
  mailbox "Odeslaná pošta" {
    auto = no
    autoexpunge = 0
    autoexpunge_max_mails = 0
    comment = 
    driver = 
    special_use = \Sent
  }
  mailbox "Odstraněná pošta" {
    auto = no
    autoexpunge = 0
    autoexpunge_max_mails = 0
    comment = 
    driver = 
    special_use = \Trash
  }
  mailbox "Ongewenste e-mail" {
    auto = no
    autoexpunge = 0
    autoexpunge_max_mails = 0
    comment = 
    driver = 
    special_use = \Junk
  }
  mailbox Papierkorb {
    auto = no
    autoexpunge = 0
    autoexpunge_max_mails = 0
    comment = 
    driver = 
    special_use = \Trash
  }
  mailbox Prullenbak {
    auto = no
    autoexpunge = 0
    autoexpunge_max_mails = 0
    comment = 
    driver = 
    special_use = \Trash
  }
  mailbox Rascunhos {
    auto = no
    autoexpunge = 0
    autoexpunge_max_mails = 0
    comment = 
    driver = 
    special_use = \Drafts
  }
  mailbox Rubbish {
    auto = no
    autoexpunge = 0
    autoexpunge_max_mails = 0
    comment = 
    driver = 
    special_use = \Trash
  }
  mailbox Sent {
    auto = subscribe
    autoexpunge = 0
    autoexpunge_max_mails = 0
    comment = 
    driver = 
    special_use = \Sent
  }
  mailbox "Sent Items" {
    auto = no
    autoexpunge = 0
    autoexpunge_max_mails = 0
    comment = 
    driver = 
    special_use = \Sent
  }
  mailbox "Sent Messages" {
    auto = no
    autoexpunge = 0
    autoexpunge_max_mails = 0
    comment = 
    driver = 
    special_use = \Sent
  }
  mailbox Spam {
    auto = no
    autoexpunge = 0
    autoexpunge_max_mails = 0
    comment = 
    driver = 
    special_use = \Junk
  }
  mailbox Trash {
    auto = subscribe
    autoexpunge = 0
    autoexpunge_max_mails = 0
    comment = 
    driver = 
    special_use = \Trash
  }
  mailbox "Verwijderde items" {
    auto = no
    autoexpunge = 0
    autoexpunge_max_mails = 0
    comment = 
    driver = 
    special_use = \Trash
  }
  mailbox Verzonden {
    auto = no
    autoexpunge = 0
    autoexpunge_max_mails = 0
    comment = 
    driver = 
    special_use = \Sent
  }
  mailbox "Verzonden items" {
    auto = no
    autoexpunge = 0
    autoexpunge_max_mails = 0
    comment = 
    driver = 
    special_use = \Sent
  }
  order = 0
  prefix = 
  separator = /
  subscriptions = yes
  type = private
}
old_stats_carbon_interval = 30 secs
old_stats_carbon_name = 
old_stats_carbon_server = 
old_stats_command_min_time = 1 mins
old_stats_domain_min_time = 12 hours
old_stats_ip_min_time = 12 hours
old_stats_memory_limit = 16 M
old_stats_session_min_time = 15 mins
old_stats_user_min_time = 1 hours
passdb {
  args = /usr/local/etc/dovecot/dovecot-master.passwd
  auth_verbose = default
  default_fields = 
  deny = no
  driver = passwd-file
  master = yes
  mechanisms = 
  name = 
  override_fields = 
  pass = yes
  result_failure = continue
  result_internalfail = continue
  result_success = return-ok
  skip = never
  username_filter = 
}
passdb {
  args = /usr/local/etc/dovecot/sql/dovecot-dict-sql-passdb.conf
  auth_verbose = default
  default_fields = 
  deny = no
  driver = sql
  master = no
  mechanisms = 
  name = 
  override_fields = 
  pass = no
  result_failure = continue
  result_internalfail = continue
  result_success = return-ok
  skip = never
  username_filter = 
}
passdb {
  args = /usr/local/etc/dovecot/dovecot-master.passwd
  auth_verbose = default
  default_fields = 
  deny = no
  driver = passwd-file
  master = no
  mechanisms = 
  name = 
  override_fields = 
  pass = no
  result_failure = continue
  result_internalfail = continue
  result_success = return-ok
  skip = authenticated
  username_filter = 
}
plugin {
  acl = vfile
  acl_anyone = </usr/local/etc/dovecot/acl_anyone
  acl_shared_dict = file:/var/vmail/shared-mailboxes.db
  fts = solr
  fts_autoindex = yes
  fts_solr = url=http://solr:8983/solr/dovecot-fts/
  imapsieve_mailbox1_before = file:/usr/local/lib/dovecot/sieve/report-spam.sieve
  imapsieve_mailbox1_causes = COPY
  imapsieve_mailbox1_name = Junk
  imapsieve_mailbox2_before = file:/usr/local/lib/dovecot/sieve/report-ham.sieve
  imapsieve_mailbox2_causes = COPY
  imapsieve_mailbox2_from = Junk
  imapsieve_mailbox2_name = *
  listescape_char = \
  mail_crypt_global_private_key = # hidden, use -P to show it
  mail_crypt_global_public_key = # hidden, use -P to show it
  mail_crypt_save_version = 2
  mail_log_cached_only = yes
  mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename
  mail_log_fields = uid box msgid size
  quota = dict:Userquota::proxy::sqlquota
  quota_rule2 = Trash:storage=+100%%
  quota_warning = storage=95%% quota-warning 95 %u
  quota_warning2 = storage=80%% quota-warning 80 %u
  sieve = /var/vmail/sieve/%u.sieve
  sieve_after = dict:proxy::sieve_after;name=active;bindir=/var/vmail/sieve_after_bindir
  sieve_after2 = /var/vmail/sieve/global.sieve
  sieve_before = dict:proxy::sieve_before;name=active;bindir=/var/vmail/sieve_before_bindir
  sieve_extensions = +notify +imapflags +vacation-seconds
  sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.execute
  sieve_max_redirects = 30
  sieve_max_script_size = 1M
  sieve_pipe_bin_dir = /usr/local/lib/dovecot/sieve
  sieve_plugins = sieve_imapsieve sieve_extprograms
  sieve_quota_max_scripts = 0
  sieve_quota_max_storage = 0
  sieve_redirect_envelope_from = recipient
  sieve_vacation_default_period = 60s
  sieve_vacation_max_period = 0
  sieve_vacation_min_period = 5s
  sieve_vacation_send_from_recipient = yes
  zlib_save = lz4
}
pop3_client_workarounds = 
pop3_delete_type = default
pop3_deleted_flag = 
pop3_enable_last = no
pop3_fast_size_lookups = no
pop3_lock_session = no
pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s
pop3_no_flag_updates = no
pop3_reuse_xuidl = no
pop3_save_uidl = no
pop3_uidl_duplicates = allow
pop3_uidl_format = %08Xu%08Xv
pop3c_features = 
pop3c_host = 
pop3c_master_user = 
pop3c_password = 
pop3c_port = 110
pop3c_quick_received_date = no
pop3c_rawlog_dir = 
pop3c_ssl = no
pop3c_ssl_verify = yes
pop3c_user = %u
postmaster_address = postmaster@%{if;%d;ne;;%d;%{hostname}}
protocols = imap sieve lmtp pop3
quota_full_tempfail = no
rawlog_dir = 
recipient_delimiter = +
rejection_reason = Your message to <%t> was automatically rejected:%n%r
rejection_subject = Rejected: %s
replication_dsync_parameters = -d -N -l 30 -U
replication_full_sync_interval = 1 days
replication_max_conns = 10
replicator_host = replicator
replicator_port = 0
sendmail_path = /usr/sbin/sendmail
service aggregator {
  chroot = .
  client_limit = 0
  drop_priv_before_exec = no
  executable = aggregator
  extra_groups = 
  fifo_listener replication-notify-fifo {
    group = 
    mode = 0600
    user = 
  }
  group = 
  idle_kill = 0
  privileged_group = 
  process_limit = 0
  process_min_avail = 0
  protocol = 
  service_count = 0
  type = 
  unix_listener replication-notify {
    group = 
    mode = 0600
    user = 
  }
  user = $default_internal_user
  vsz_limit = 18446744073709551615 B
}
service anvil {
  chroot = empty
  client_limit = 0
  drop_priv_before_exec = no
  executable = anvil
  extra_groups = 
  group = 
  idle_kill = 4294967295 secs
  privileged_group = 
  process_limit = 1
  process_min_avail = 1
  protocol = 
  service_count = 0
  type = anvil
  unix_listener anvil-auth-penalty {
    group = 
    mode = 0600
    user = 
  }
  unix_listener anvil {
    group = 
    mode = 0600
    user = 
  }
  user = $default_internal_user
  vsz_limit = 18446744073709551615 B
}
service auth-worker {
  chroot = 
  client_limit = 1
  drop_priv_before_exec = no
  executable = auth -w
  extra_groups = 
  group = 
  idle_kill = 0
  privileged_group = 
  process_limit = 0
  process_min_avail = 0
  protocol = 
  service_count = 1
  type = 
  unix_listener auth-worker {
    group = 
    mode = 0600
    user = $default_internal_user
  }
  user = 
  vsz_limit = 18446744073709551615 B
}
service auth {
  chroot = 
  client_limit = 0
  drop_priv_before_exec = no
  executable = auth
  extra_groups = 
  group = 
  idle_kill = 0
  inet_listener auth-inet {
    address = 
    haproxy = no
    port = 10001
    reuse_port = no
    ssl = no
  }
  privileged_group = 
  process_limit = 1
  process_min_avail = 0
  protocol = 
  service_count = 0
  type = 
  unix_listener auth-client {
    group = 
    mode = 0600
    user = $default_internal_user
  }
  unix_listener auth-login {
    group = 
    mode = 0600
    user = $default_internal_user
  }
  unix_listener auth-master {
    group = 
    mode = 0600
    user = vmail
  }
  unix_listener auth-userdb {
    group = 
    mode = 0600
    user = vmail
  }
  unix_listener login/login {
    group = 
    mode = 0666
    user = 
  }
  unix_listener token-login/tokenlogin {
    group = 
    mode = 0666
    user = 
  }
  user = $default_internal_user
  vsz_limit = 18446744073709551615 B
}
service config {
  chroot = 
  client_limit = 0
  drop_priv_before_exec = no
  executable = config
  extra_groups = 
  group = 
  idle_kill = 4294967295 secs
  privileged_group = 
  process_limit = 0
  process_min_avail = 0
  protocol = 
  service_count = 0
  type = config
  unix_listener config {
    group = vmail
    mode = 0660
    user = root
  }
  user = 
  vsz_limit = 18446744073709551615 B
}
service dict-async {
  chroot = 
  client_limit = 0
  drop_priv_before_exec = no
  executable = dict
  extra_groups = 
  group = 
  idle_kill = 0
  privileged_group = 
  process_limit = 0
  process_min_avail = 0
  protocol = 
  service_count = 0
  type = 
  unix_listener dict-async {
    group = $default_internal_group
    mode = 0660
    user = 
  }
  user = $default_internal_user
  vsz_limit = 18446744073709551615 B
}
service dict {
  chroot = 
  client_limit = 1
  drop_priv_before_exec = no
  executable = dict
  extra_groups = 
  group = 
  idle_kill = 0
  privileged_group = 
  process_limit = 0
  process_min_avail = 0
  protocol = 
  service_count = 0
  type = 
  unix_listener dict {
    group = vmail
    mode = 0660
    user = vmail
  }
  user = $default_internal_user
  vsz_limit = 18446744073709551615 B
}
service director {
  chroot = .
  client_limit = 0
  drop_priv_before_exec = no
  executable = director
  extra_groups = 
  fifo_listener login/proxy-notify {
    group = 
    mode = 00
    user = 
  }
  group = 
  idle_kill = 4294967295 secs
  privileged_group = 
  process_limit = 1
  process_min_avail = 0
  protocol = 
  service_count = 0
  type = 
  unix_listener director-admin {
    group = 
    mode = 0600
    user = 
  }
  unix_listener login/director {
    group = 
    mode = 00
    user = 
  }
  user = $default_internal_user
  vsz_limit = 18446744073709551615 B
}
service dns_client {
  chroot = 
  client_limit = 1
  drop_priv_before_exec = no
  executable = dns-client
  extra_groups = 
  group = 
  idle_kill = 0
  privileged_group = 
  process_limit = 0
  process_min_avail = 0
  protocol = 
  service_count = 0
  type = 
  unix_listener dns-client {
    group = 
    mode = 0666
    user = 
  }
  user = $default_internal_user
  vsz_limit = 18446744073709551615 B
}
service doveadm {
  chroot = 
  client_limit = 1
  drop_priv_before_exec = no
  executable = doveadm-server
  extra_groups = $default_internal_group
  group = 
  idle_kill = 0
  inet_listener {
    address = 
    haproxy = no
    port = 12345
    reuse_port = no
    ssl = no
  }
  privileged_group = 
  process_limit = 0
  process_min_avail = 0
  protocol = 
  service_count = 1
  type = 
  unix_listener doveadm-server {
    group = 
    mode = 0600
    user = 
  }
  user = 
  vsz_limit = 18446744073709551615 B
}
service imap-hibernate {
  chroot = 
  client_limit = 0
  drop_priv_before_exec = no
  executable = imap-hibernate
  extra_groups = 
  group = 
  idle_kill = 0
  privileged_group = 
  process_limit = 0
  process_min_avail = 0
  protocol = imap
  service_count = 0
  type = 
  unix_listener imap-hibernate {
    group = $default_internal_group
    mode = 0660
    user = 
  }
  user = $default_internal_user
  vsz_limit = 18446744073709551615 B
}
service imap-login {
  chroot = login
  client_limit = 0
  drop_priv_before_exec = no
  executable = imap-login
  extra_groups = 
  group = 
  idle_kill = 0
  inet_listener imap {
    address = 
    haproxy = no
    port = 143
    reuse_port = no
    ssl = no
  }
  inet_listener imaps {
    address = 
    haproxy = no
    port = 993
    reuse_port = no
    ssl = yes
  }
  privileged_group = 
  process_limit = 10000
  process_min_avail = 0
  protocol = imap
  service_count = 1
  type = login
  user = dovenull
  vsz_limit = 1 G
}
service imap-postlogin {
  chroot = 
  client_limit = 0
  drop_priv_before_exec = no
  executable = script-login /usr/local/bin/postlogin.sh
  extra_groups = 
  group = 
  idle_kill = 0
  privileged_group = 
  process_limit = 0
  process_min_avail = 0
  protocol = 
  service_count = 0
  type = 
  unix_listener imap-postlogin {
    group = 
    mode = 0600
    user = 
  }
  user = 
  vsz_limit = 18446744073709551615 B
}
service imap-urlauth-login {
  chroot = token-login
  client_limit = 0
  drop_priv_before_exec = no
  executable = imap-urlauth-login
  extra_groups = 
  group = 
  idle_kill = 0
  privileged_group = 
  process_limit = 0
  process_min_avail = 0
  protocol = imap
  service_count = 1
  type = login
  unix_listener imap-urlauth {
    group = 
    mode = 0666
    user = 
  }
  user = $default_login_user
  vsz_limit = 18446744073709551615 B
}
service imap-urlauth-worker {
  chroot = 
  client_limit = 1
  drop_priv_before_exec = no
  executable = imap-urlauth-worker
  extra_groups = $default_internal_group
  group = 
  idle_kill = 0
  privileged_group = 
  process_limit = 1024
  process_min_avail = 0
  protocol = imap
  service_count = 1
  type = 
  unix_listener imap-urlauth-worker {
    group = 
    mode = 0600
    user = $default_internal_user
  }
  user = 
  vsz_limit = 18446744073709551615 B
}
service imap-urlauth {
  chroot = 
  client_limit = 1
  drop_priv_before_exec = no
  executable = imap-urlauth
  extra_groups = 
  group = 
  idle_kill = 0
  privileged_group = 
  process_limit = 1024
  process_min_avail = 0
  protocol = imap
  service_count = 1
  type = 
  unix_listener token-login/imap-urlauth {
    group = 
    mode = 0666
    user = 
  }
  user = $default_internal_user
  vsz_limit = 18446744073709551615 B
}
service imap {
  chroot = 
  client_limit = 1
  drop_priv_before_exec = no
  executable = imap imap-postlogin
  extra_groups = $default_internal_group
  group = 
  idle_kill = 0
  privileged_group = 
  process_limit = 1024
  process_min_avail = 0
  protocol = imap
  service_count = 1
  type = 
  unix_listener imap-master {
    group = 
    mode = 0600
    user = 
  }
  unix_listener login/imap {
    group = 
    mode = 0666
    user = 
  }
  user = vmail
  vsz_limit = 1 G
}
service indexer-worker {
  chroot = 
  client_limit = 1
  drop_priv_before_exec = no
  executable = indexer-worker
  extra_groups = $default_internal_group
  group = 
  idle_kill = 0
  privileged_group = 
  process_limit = 10
  process_min_avail = 0
  protocol = 
  service_count = 0
  type = 
  unix_listener indexer-worker {
    group = 
    mode = 0600
    user = $default_internal_user
  }
  user = 
  vsz_limit = 18446744073709551615 B
}
service indexer {
  chroot = 
  client_limit = 0
  drop_priv_before_exec = no
  executable = indexer
  extra_groups = 
  group = 
  idle_kill = 0
  privileged_group = 
  process_limit = 1
  process_min_avail = 0
  protocol = 
  service_count = 0
  type = 
  unix_listener indexer {
    group = 
    mode = 0666
    user = 
  }
  user = $default_internal_user
  vsz_limit = 18446744073709551615 B
}
service ipc {
  chroot = empty
  client_limit = 0
  drop_priv_before_exec = no
  executable = ipc
  extra_groups = 
  group = 
  idle_kill = 0
  privileged_group = 
  process_limit = 1
  process_min_avail = 0
  protocol = 
  service_count = 0
  type = 
  unix_listener ipc {
    group = 
    mode = 0600
    user = $default_internal_user
  }
  unix_listener login/ipc-proxy {
    group = 
    mode = 0600
    user = $default_login_user
  }
  user = $default_internal_user
  vsz_limit = 18446744073709551615 B
}
service lmtp {
  chroot = 
  client_limit = 1
  drop_priv_before_exec = no
  executable = lmtp
  extra_groups = $default_internal_group
  group = 
  idle_kill = 0
  inet_listener lmtp-inet {
    address = 
    haproxy = no
    port = 24
    reuse_port = no
    ssl = no
  }
  privileged_group = 
  process_limit = 0
  process_min_avail = 0
  protocol = lmtp
  service_count = 0
  type = 
  unix_listener lmtp {
    group = 
    mode = 0666
    user = 
  }
  user = vmail
  vsz_limit = 18446744073709551615 B
}
service log {
  chroot = 
  client_limit = 0
  drop_priv_before_exec = no
  executable = log
  extra_groups = 
  group = 
  idle_kill = 4294967295 secs
  privileged_group = 
  process_limit = 1
  process_min_avail = 0
  protocol = 
  service_count = 0
  type = log
  unix_listener log-errors {
    group = 
    mode = 0600
    user = 
  }
  user = dovenull
  vsz_limit = 18446744073709551615 B
}
service managesieve-login {
  chroot = login
  client_limit = 0
  drop_priv_before_exec = no
  executable = managesieve-login
  extra_groups = 
  group = 
  idle_kill = 0
  inet_listener sieve {
    address = 
    haproxy = no
    port = 4190
    reuse_port = no
    ssl = no
  }
  privileged_group = 
  process_limit = 0
  process_min_avail = 2
  protocol = sieve
  service_count = 1
  type = login
  user = $default_login_user
  vsz_limit = 1 G
}
service managesieve {
  chroot = 
  client_limit = 1
  drop_priv_before_exec = no
  executable = managesieve
  extra_groups = 
  group = 
  idle_kill = 0
  privileged_group = 
  process_limit = 256
  process_min_avail = 0
  protocol = sieve
  service_count = 1
  type = 
  unix_listener login/sieve {
    group = 
    mode = 0666
    user = 
  }
  user = 
  vsz_limit = 18446744073709551615 B
}
service old-stats {
  chroot = empty
  client_limit = 0
  drop_priv_before_exec = no
  executable = old-stats
  extra_groups = 
  fifo_listener old-stats-mail {
    group = 
    mode = 0600
    user = 
  }
  fifo_listener old-stats-user {
    group = 
    mode = 0600
    user = 
  }
  group = 
  idle_kill = 4294967295 secs
  privileged_group = 
  process_limit = 1
  process_min_avail = 0
  protocol = 
  service_count = 0
  type = 
  unix_listener old-stats {
    group = 
    mode = 0600
    user = 
  }
  user = $default_internal_user
  vsz_limit = 18446744073709551615 B
}
service pop3-login {
  chroot = login
  client_limit = 0
  drop_priv_before_exec = no
  executable = pop3-login
  extra_groups = 
  group = 
  idle_kill = 0
  inet_listener pop3 {
    address = 
    haproxy = no
    port = 110
    reuse_port = no
    ssl = no
  }
  inet_listener pop3s {
    address = 
    haproxy = no
    port = 995
    reuse_port = no
    ssl = yes
  }
  privileged_group = 
  process_limit = 0
  process_min_avail = 0
  protocol = pop3
  service_count = 1
  type = login
  user = $default_login_user
  vsz_limit = 1 G
}
service pop3 {
  chroot = 
  client_limit = 1
  drop_priv_before_exec = no
  executable = pop3
  extra_groups = $default_internal_group
  group = 
  idle_kill = 0
  privileged_group = 
  process_limit = 1024
  process_min_avail = 0
  protocol = pop3
  service_count = 1
  type = 
  unix_listener login/pop3 {
    group = 
    mode = 0666
    user = 
  }
  user = 
  vsz_limit = 18446744073709551615 B
}
service quota-warning {
  chroot = 
  client_limit = 0
  drop_priv_before_exec = no
  executable = script /usr/local/bin/quota_notify.py
  extra_groups = 
  group = 
  idle_kill = 0
  privileged_group = 
  process_limit = 0
  process_min_avail = 0
  protocol = 
  service_count = 0
  type = 
  unix_listener quota-warning {
    group = 
    mode = 0600
    user = vmail
  }
  user = vmail
  vsz_limit = 18446744073709551615 B
}
service replicator {
  chroot = 
  client_limit = 0
  drop_priv_before_exec = no
  executable = replicator
  extra_groups = 
  group = 
  idle_kill = 4294967295 secs
  privileged_group = 
  process_limit = 1
  process_min_avail = 0
  protocol = 
  service_count = 0
  type = 
  unix_listener replicator-doveadm {
    group = 
    mode = 00
    user = $default_internal_user
  }
  unix_listener replicator {
    group = 
    mode = 0600
    user = $default_internal_user
  }
  user = 
  vsz_limit = 18446744073709551615 B
}
service stats {
  chroot = empty
  client_limit = 0
  drop_priv_before_exec = no
  executable = stats
  extra_groups = 
  group = 
  idle_kill = 4294967295 secs
  privileged_group = 
  process_limit = 1
  process_min_avail = 0
  protocol = 
  service_count = 0
  type = 
  unix_listener stats-reader {
    group = 
    mode = 0600
    user = 
  }
  unix_listener stats-writer {
    group = $default_internal_group
    mode = 0660
    user = vmail
  }
  user = $default_internal_user
  vsz_limit = 18446744073709551615 B
}
service submission-login {
  chroot = login
  client_limit = 0
  drop_priv_before_exec = no
  executable = submission-login
  extra_groups = 
  group = 
  idle_kill = 0
  inet_listener submission {
    address = 
    haproxy = no
    port = 587
    reuse_port = no
    ssl = no
  }
  privileged_group = 
  process_limit = 0
  process_min_avail = 0
  protocol = submission
  service_count = 1
  type = login
  user = $default_login_user
  vsz_limit = 18446744073709551615 B
}
service submission {
  chroot = 
  client_limit = 1
  drop_priv_before_exec = no
  executable = submission
  extra_groups = $default_internal_group
  group = 
  idle_kill = 0
  privileged_group = 
  process_limit = 1024
  process_min_avail = 0
  protocol = submission
  service_count = 1
  type = 
  unix_listener login/submission {
    group = 
    mode = 0666
    user = 
  }
  user = 
  vsz_limit = 18446744073709551615 B
}
shutdown_clients = yes
ssl = yes
ssl_alt_cert = 
ssl_alt_key = 
ssl_ca = 
ssl_cert = </etc/ssl/mail/cert.pem
ssl_cert_username_field = commonName
ssl_cipher_list = ALL:!ADH:!LOW:!SSLv2:!SSLv3:!EXP:!aNULL:!eNULL:!3DES:!MD5:!PSK:!DSS:!RC4:!SEED:!IDEA:+HIGH:+MEDIUM
ssl_client_ca_dir = 
ssl_client_ca_file = 
ssl_client_cert = 
ssl_client_key = 
ssl_client_require_valid_cert = yes
ssl_crypto_device = 
ssl_curve_list = 
ssl_dh = # hidden, use -P to show it
ssl_key = # hidden, use -P to show it
ssl_key_password = 
ssl_min_protocol = TLSv1
ssl_options = no_compression
ssl_prefer_server_ciphers = yes
ssl_require_crl = yes
ssl_verify_client_cert = no
state_dir = /usr/local/var/lib/dovecot
stats_writer_socket_path = stats-writer
submission_client_workarounds = 
submission_host = postfix:588
submission_logout_format = in=%i out=%o
submission_max_mail_size = 40 M
submission_max_recipients = 0
submission_relay_command_timeout = 5 mins
submission_relay_connect_timeout = 30 secs
submission_relay_host = 
submission_relay_master_user = 
submission_relay_max_idle_time = 29 mins
submission_relay_password = 
submission_relay_port = 25
submission_relay_rawlog_dir = 
submission_relay_ssl = no
submission_relay_ssl_verify = yes
submission_relay_trusted = no
submission_relay_user = 
submission_ssl = no
submission_timeout = 30 secs
syslog_facility = mail
userdb {
  args = /usr/local/etc/dovecot/dovecot-master.userdb
  auth_verbose = default
  default_fields = 
  driver = passwd-file
  name = 
  override_fields = 
  result_failure = continue
  result_internalfail = continue
  result_success = return-ok
  skip = never
}
userdb {
  args = /usr/local/etc/dovecot/sql/dovecot-dict-sql-userdb.conf
  auth_verbose = default
  default_fields = 
  driver = sql
  name = 
  override_fields = 
  result_failure = continue
  result_internalfail = continue
  result_success = return-ok
  skip = found
}
valid_chroot_dirs = 
verbose_proctitle = no
verbose_ssl = no
version_ignore = no
protocol imap {
  imap_metadata = yes
  mail_plugins = </usr/local/etc/dovecot/mail_plugins_imap
}
protocol lmtp {
  auth_socket_path = /usr/local/var/run/dovecot/auth-master
  mail_plugins = </usr/local/etc/dovecot/mail_plugins_lmtp
}
protocol sieve {
  managesieve_logout_format = bytes=%i/%o
}
remote 127.0.0.1 {
  disable_plaintext_auth = no
}
andryyy commented 5 years ago

All images up to date? I don't know, hard to say. I'd say you revert your changes (start over clean) and use acme.sh in front of mailcow instead of changing the compose file.

kariae commented 5 years ago

Yes all the images are updated, any idea on how to put acme.sh in front?

andryyy commented 5 years ago

You can run mailcow with a reverse proxy in front of it: https://mailcow.github.io/mailcow-dockerized-docs/firststeps-rp/

If you want to handle certs with acme.sh, you need to set SKIP_LETS_ENCRYPT=y in mailcow.conf.

You still need to copy the certificates acquired by acme.sh to mailcow with a post-hook script: https://mailcow.github.io/mailcow-dockerized-docs/firststeps-rp/#optional-post-hook-script-for-non-mailcow-acme-clients

That said, do you really need to use acme.sh? :)

kariae commented 5 years ago

The certificates are already in the folder so I don't think I'll need the post-hook script, I need acme.sh cause let's encrypt needs the port 80 to be opened to verify the domain name, and the port 80 in this server is already used :/

ghost commented 5 years ago

Bumping as I am also having this issue.

ghost commented 5 years ago

Manually rolling the docker-compose file back to 1.77 has fixed it for me.

It looks like it is a problem with the latest mailcow/dovecot image (1.78)

andryyy commented 5 years ago

What's in your data/conf/dovecot/ folder?

kariae commented 5 years ago

@andryyy 

ll data/conf/dovecot/                                                                                                                                                                          [797e97d6]
total 56K
-rw-r--r-- 1 root root    8 Jun  4 04:50 acl_anyone
-rw-r--r-- 1 root root 9.2K Jun  4 04:34 dovecot.conf
-rw-r--r-- 1 root root   78 Jun  4 04:50 dovecot-master.passwd
-rw-r--r-- 1 root root   46 Jun  4 04:50 dovecot-master.userdb
-rw-r--r-- 1 root root  553 Jun  4 04:34 global_sieve_after
-rw-r--r-- 1 root root  140 Jun  4 04:34 global_sieve_before
drwxr-xr-x 2 root root 4.0K Jun  4 04:34 ldap
-rw-r--r-- 1 root root   67 Jun  4 04:50 mail_plugins
-rw-r--r-- 1 root root  108 Jun  4 04:50 mail_plugins_imap
-rw-r--r-- 1 root root   57 Jun  4 04:50 mail_plugins_lmtp
-rw-r--r-- 1 root root  231 Jun  4 04:50 shared_namespace.conf
drwxr-xr-x 2 root root 4.0K Jun  4 04:50 sql
ghost commented 5 years ago

My data/conf/dovecot folder is pretty much identical. I have customised a few config settings but they don't explain this issue...

diff --git a/data/conf/postfix/main.cf b/data/conf/postfix/main.cf

-maximal_queue_lifetime = 1d
+maximal_queue_lifetime = 10d
-postscreen_dnsbl_sites = b.barracudacentral.org=127.0.0.2*7 dnsbl.inps.de=127.0.0.2*7 bl.mailspike.net=127.0.0.2*5 bl.mailspike.net=127.0.0.[10;11;12]*4 dnsbl.sorbs.net=127.0.0.10*8 dnsbl.sorbs.net=127.0.0.5*6 dnsbl.sorbs.net=127.0.0.7*3 dnsbl.sorbs.net=127.0.0.8*2 dnsbl.sorbs.net=127.0.0.6*2 dnsbl.sorbs.net=127.0.0.9*2 zen.spamhaus.org=127.0.0.[10;11]*8 zen.spamhaus.org=127.0.0.[4..7]*6 zen.spamhaus.org=127.0.0.3*4 zen.spamhaus.org=127.0.0.2*3 hostkarma.junkemailfilter.com=127.0.0.2*3 hostkarma.junkemailfilter.com=127.0.0.4*1 hostkarma.junkemailfilter.com=127.0.1.2*1 wl.mailspike.net=127.0.0.[18;19;20]*-2 hostkarma.junkemailfilter.com=127.0.0.1*-2
+postscreen_dnsbl_sites = b.barracudacentral.org=127.0.0.2*7 zen.spamhaus.org=127.0.0.[10;11]*8 zen.spamhaus.org=127.0.0.[4..7]*6 zen.spamhaus.org=127.0.0.3*4 zen.spamhaus.org=127.0.0.2*3
-smtpd_sender_restrictions = reject_authenticated_sender_login_mismatch, permit_mynetworks, permit_sasl_authenticated, reject_unlisted_sender, reject_unknown_sender_domain
+smtpd_sender_restrictions =

diff --git a/data/conf/postfix/master.cf b/data/conf/postfix/master.cf

-  -o smtpd_sender_restrictions=permit_mynetworks,reject_unlisted_sender,reject_unknown_sender_domain
+  -o smtpd_sender_restrictions=permit_mynetworks,reject_unlisted_sender
andryyy commented 5 years ago

I would need to see it on the machine, I cannot replicate this issue.

ghost commented 5 years ago

I've just updated to mailcow/dovecot 1.79 and I am no longer seeing issues.

Braintelligence commented 5 years ago

@kariae If you still see problems after updating mailcow feel free to comment, otherwise it looks like this issue is solved.

choffman5718 commented 4 years ago

Hello,

I just updated my Mailcow server, and now Dovecot is not working with Imap. Something to do with Auth. I really really need help with this.

I keep getting these errors:

auth: Fatal: passdb-lua: initialization failed: lua_load(/var/lib/dovecot/app-passdb.lua) failed: error loading file

PLEASE HELP!!!!! Thank you so much. I am preparing for finals week and this happened at the absolute worst time. Please please please.

alexanderadam commented 4 years ago

I just updated my Mailcow server, and now Dovecot is not working

Can't you just downgrade to the version that was working for you?

choffman5718 commented 4 years ago

I'm afraid I don't know how to do that. I would love to do that though and am very thankful for your reply. I am having panic attack after panic attack here, pulling my hair out. How do I downgrade?

These are the specific errors:

12/4/2019, 9:26:20 PM crit auth: Fatal: passdb-lua: initialization failed: lua_load(/var/lib/dovecot/app-passdb.lua) failed: error loading file
12/4/2019, 9:26:15 PM warning imap-login: Warning: Auth process not responding, delayed sending initial response (greeting): user=<>, rip= [I edited out IP addresses] , lip= [I edited out IP addresses], TLS, TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
12/4/2019, 9:26:01 PM warning imap-login: Warning: Auth process not responding, delayed sending initial response (greeting): user=<>, rip=[I edited out IP addresses], lip=[I edited out IP addresses], TLS, TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
12/4/2019, 9:26:00 PM warning imap-login: Warning: Auth process not responding, delayed sending initial response (greeting): user=<>, rip=[I edited out IP addresses], lip=[I edited out IP addresses], TLS, TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
12/4/2019, 9:25:50 PM info imap-login: Disconnected: Auth process broken (disconnected before auth was ready, waited 30 secs): user=<>, rip=[I edited out IP addresses], lip=[I edited out IP addresses], TLS, TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
12/4/2019, 9:25:50 PM err imap-login: Error: auth-client: conn unix:login (pid=111,uid=0): Timeout waiting for handshake from auth server. my pid=635, input bytes=0
12/4/2019, 9:25:50 PM info imap-login: Disconnected: Auth process broken (disconnected before auth was ready, waited 30 secs): user=<>, rip=[I edited out IP addresses], lip=[I edited out IP addresses], TLS, TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
12/4/2019, 9:25:50 PM err imap-login: Error: auth-client: conn unix:login (pid=111,uid=0): Timeout waiting for handshake from auth server. my pid=634, input bytes=0
12/4/2019, 9:25:50 PM err managesieve-login: Error: auth-client: conn unix:login (pid=111,uid=0): Timeout waiting for handshake from auth server. my pid=118, input bytes=0
12/4/2019, 9:25:50 PM err managesieve-login: Error: auth-client: conn unix:login (pid=111,uid=0): Timeout waiting for handshake from auth server. my pid=121, input bytes=0
12/4/2019, 9:25:30 PM warning imap-login: Warning: Auth process not responding, delayed sending initial response (greeting): user=<>, rip=[I edited out IP addresses], lip=[I edited out IP addresses], TLS, TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)

I am in the idle of prepping for finals. I programmed this server for my best friend a couple years ago. It has had no problems up until now. I simply ran ./update.sh --ours , and this error started immediately after.

I will be indebted to you if you can help me solve this. The anxiety is so overwhelming. I needed o be in bed 3 hours ago for a class tomorrow. Im hyper paniccing.. Please please please help Thank you!!

choffman5718 commented 4 years ago

I just updated my Mailcow server, and now Dovecot is not working

Can't you just downgrade to the version that was working for you?

I forgot to quote your reply in my last message. I'm dying of anxiety here. I really appreciate your reply and I really hope you can help.

alexanderadam commented 4 years ago

I'm not mailcow maintainer and I have no idea about the internals but AFAIK you have a docker-compose.yml somewhere.

What I would do is: edit the file to the last revision (you can see the changes here, so change mailcow/dovecot:1.101 to mailcow/dovecot:1.99 and mailcow/watchdog:1.65 to mailcow/watchdog:1.64).

Afterwards I would do a docker-compose restart.

It's none of my business but can't you fix the problem after your class tomorrow? Otherwise: emails will most probably delivered later. If you need the server, you should hope that someone in IRC or Forum can help you.

Good luck!

PS: Don't do such things when you don't have time (but I guess you learned that the hard way now anyway.

Braintelligence commented 4 years ago

Never update anything on production without a snapshot beforehand.

choffman5718 commented 4 years ago

I'm not mailcow maintainer and I have no idea about the internals but AFAIK you have a docker-compose.yml somewhere.

What I would do is: edit the file to the last revision (you can see the changes here, so change mailcow/dovecot:1.101 to mailcow/dovecot:1.99 and mailcow/watchdog:1.65 to mailcow/watchdog:1.64).

Afterwards I would do a docker-compose restart.

It's none of my business but can't you fix the problem after your class tomorrow? Otherwise: emails will most probably delivered later. If you need the server, you should hope that someone in IRC or Forum can help you.

Good luck!

PS: Don't do such things when you don't have time (but I guess you learned that the hard way now anyway.

I just made those changes and did a restart. It seems that I am still getting the same error.

Normally I would fix it after class, but this is a server I made for one of my best friends. He depends on it and I can't leave him hanging.

I gotta do everything I can.

I really appreciate your reply. I'm so torn up with anxiety right now, but for a bit I felt some hope there. Thank you for your help. If you have any other suggestions I would greatly be indebted to you... Im going to try IRC and the forums. Iv never used them before. THis server has been rocksolid until now. THank you again

choffman5718 commented 4 years ago

I'm not mailcow maintainer and I have no idea about the internals but AFAIK you have a docker-compose.yml somewhere.

What I would do is: edit the file to the last revision (you can see the changes here, so change mailcow/dovecot:1.101 to mailcow/dovecot:1.99 and mailcow/watchdog:1.65 to mailcow/watchdog:1.64).

Afterwards I would do a docker-compose restart.

It's none of my business but can't you fix the problem after your class tomorrow? Otherwise: emails will most probably delivered later. If you need the server, you should hope that someone in IRC or Forum can help you.

Good luck!

PS: Don't do such things when you don't have time (but I guess you learned that the hard way now anyway.

These are the most recent errors I have.

12/4/2019, 11:59:19 PM err master: Error: service(auth): command startup failed, throttling for 8.000 secs
12/4/2019, 11:59:19 PM crit auth: Fatal: passdb-lua: initialization failed: lua_load(/var/lib/dovecot/app-passdb.lua) failed: error loading file
12/4/2019, 11:59:14 PM err master: Error: service(auth): command startup failed, throttling for 4.000 secs
12/4/2019, 11:59:14 PM crit auth: Fatal: passdb-lua: initialization failed: lua_load(/var/lib/dovecot/app-passdb.lua) failed: error loading file
12/4/2019, 11:59:09 PM err master: Error: service(auth): command startup failed, throttling for 2.000 secs
12/4/2019, 11:59:09 PM crit auth: Fatal: passdb-lua: initialization failed: lua_load(/var/lib/dovecot/app-passdb.lua) failed: error loading file
andryyy commented 4 years ago

If it is non-commercial and for a friend of yours...... mail me to info@servercow.de

I won't do hands-on for commercially used setups anymore, there are support packages available for this.

choffman5718 commented 4 years ago

If it is non-commercial and for a friend of yours...... mail me to info@servercow.de

I won't do hands-on for commercially used setups anymore, there are support packages available for this.

I sent you an email. I made the server for his business. I am absolutely certain he will have no problems paying for the support, but if this isn't working when he wakes up in the morning, then I am going to be without a job. I would pay for the support, but my bank account is down to less than $60 USD. Im begging you Andryyy. I will ask him to purchase the support first thing in the morning.

I can paypal you every penny in my bank account if that helps. It seems like it would be a quick fix, but I just dont know what to do. I would be foreve indebted to you. Please man

alexanderadam commented 4 years ago

Never update anything on production without a snapshot beforehand.

I agree with that but it's also not a good sign if a project doesn't even have git version tags or releases which would allow proper rolling back on the source. And it would probably also good if the docs would explain how to rollback a release in general in case there's a problem (or maybe I'm just not good in searching). :wink:

@andryyy will you add the problem and solution to the documentation if you found the issue (PS: thank you for mailcow :pray:)?

choffman5718 commented 4 years ago

@andryyy Yes thank you for mailcow. It has put food on my table and helped me get through school. I will absolutely send you whatever I can via paypal or Zelle, etc. I have about $60 in my account. I am very neurodivergent and dont fit into regular jobs well, so this has helped me tremendously. I really need your help.

andryyy commented 4 years ago

I won't accept a single Euro from you. :P

choffman5718 commented 4 years ago

Andryyy IS THE GREATEST OF ALL TIME!!! Thank you so so so much. Your email has made me feel so much better. Thank you again.

andryyy commented 4 years ago

It is a stupid race condition that is fixed by touching the Lua file before starting Dovecot. Took me quite a while to understand.

I don't really know why this happens though. I have honestly not a single system in support, that behaves like this. Could be related to slower i/o performance or just a bug in Dovecot?

andryyy commented 4 years ago

Anyone with this problem: can you please update?

Yatekii commented 4 years ago

I have the very same issue. I am kinda clueless how to fix it ...

choffman5718 commented 4 years ago

I have the very same issue. I am kinda clueless how to fix it ...

Hello Yatekii,

André fixed the issue by touching the Lua file before starting Dovecot.

I believe that the issue is also fixable by updating the kernel. This post explains how to do that: https://mailcow.email/2019/12/05/update-your-kernel-if-you-are-on-ubuntu-16-04/

Best, Chris H

Yatekii commented 4 years ago

Well, thanks for the hint with the kernel! Unfortunately I am on 18.04 and I have the 4.15 kernel ...

I will try and touch the file. I don't think that will fix postfix tho ... The update just killed everything ... kinda whacky.

andryyy commented 4 years ago

Not sure if you ask for help.

You could start with posting logs etc.

pilotboy72 commented 4 years ago

Hi,

I also had this issue. I tracked it down to a "syntax" error in the dovecot lua authentication script. The issue was that my database password contained a " character in it. Once I changed the password it worked fine.

Brian

andryyy commented 4 years ago

I see. :) you mean DBPASS? Thanks for your feedback

zauberstuhl commented 4 years ago

@Braintelligence I just updated and have the very same issue:

doveconf: Error: t_readlink(/var/run/dovecot/dovecot.conf) failed: readlink() failed: No such file or directory

I am using mailcow/dovecot:1.108

root@bastila:/opt/mailcow-dockerized# docker exec -ti 06aa769292f3 ls -lha /var/run/
total 20K
drwxr-xr-x 1 root root 4.0K Jan 12 17:05 .
drwxr-xr-x 1 root root 4.0K Jan 12 16:48 ..
-rw-r--r-- 1 root root    4 Jan 12 17:04 crond.pid
---------- 1 root root    0 Jan 12 16:48 crond.reboot
drwxrwxrwt 2 root root 4.0K Dec 24 01:00 lock
drwxrwxrwx 2  999  999 4.0K Jan 12 16:48 mysqld
-rw-rw-r-- 1 root utmp    0 Dec 24 01:00 utmp

fixed it by adding dhparams to the ssl folder:

root@bastila:/opt/mailcow-dockerized# ls -lha data/assets/ssl
total 20K
drwxr-xr-x 2 root root 4.0K Jan 12 17:13 .
drwxr-xr-x 8 root root 4.0K Jan 12 16:39 ..
-rw------- 1 root root 3.9K Jan 12 16:58 cert.pem
-rw-r--r-- 1 root root  424 Jan 12 17:13 dhparams.pem
-rw------- 1 root root 3.2K Jan 12 16:37 key.pem
andryyy commented 4 years ago

There should be a file by default. :)

The dovecot.conf error is ok.

zauberstuhl commented 4 years ago

@andryyy can be. my issue was that I took https://mailcow.github.io/mailcow-dockerized-docs/firststeps-ssl/#how-to-use-your-own-certificate too seriously. they talk only about cert and key.

so I replaced the whole folder which led to this issue. maybe it would be good to add a hint to the documentation for the minimum required files. Afterwards its obvious why it failed but tracing my steps to this point took a while ;)

Tominator89 commented 4 years ago

I have the same problem and i think it is a timing problem with the start order. When i run "docker-compose restart dovecot-mailcow" after all containers started from the mailcow directory it will work fine.