1

Topic: [SOLVED] Dovecot start error

==== Provide basic information to help troubleshoot ====
- iRedMail version:
- Linux/BSD distribution name and version:
- Any related log? Log is helpful for troubleshooting.
====

Installed on Freebsd 8

Dovecot send an error concerning with certificates and .conf file error.
I guess it doesn't find the certificates or the .conf file miss this information.

Second question, if I buy an certificate by versign or better Godaddy, how I install on my IredMail, and where, in witch folder.

Here is the dovecot.conf

#
# File generated by iRedMail (2011.08.19.11.57.37):
#
# Version:  0.7.3-rc2
# Project:  http://www.iredmail.org/
#
# Community: http://www.iredmail.org/forum/
#

# Provided services.
protocols =  pop3 imap sieve managesieve

# Listen addresses. for Dovecot-1.1.x.
# ipv4: *
# ipv6: [::]
#listen = *, [::]
listen = *

# mail uid/gid.
mail_uid = 1002
mail_gid = 1002
first_valid_uid = 1002
last_valid_uid = 1002

#
# Debug options.
#
#mail_debug = yes
#auth_verbose = yes
#auth_debug = yes
#auth_debug_passwords = yes

#
# Log file.
#
#log_timestamp = "%Y-%m-%d %H:%M:%S "
log_path = /var/log/dovecot.log

#login_processes_count = 3
#login_max_processes_count = 128
#login_max_connections = 256

# Maximum number of running mail processes. Default is 512.
# When this limit is reached, new users aren't allowed to log in.
#max_mail_processes = 512

# Set max process size in megabytes. Default is 256.
# Most of the memory goes to mmap()ing files, so it shouldn't harm
# much even if this limit is set pretty high.
#
# Note:
# Some user reported that if mailbox is too large (e.g. 80GB), dovecot
# will disconnect the client with error:
# "pool_system_malloc(100248): Out of memory".
mail_process_size = 1024

disable_plaintext_auth = no

# Performance Tuning. Reference:
#   http://wiki.dovecot.org/LoginProcess
#
# High-Security mode. Dovecot default setting.
#
# It works by using a new imap-login or pop3-login process for each
# incoming connection. Since the processes run in a highly restricted
# chroot, running each connection in a separate process means that in
# case there is a security hole in Dovecot's pre-authentication code
# or in the SSL library, the attacker can't see other users'
# connections and can't really do anything destructive.
login_process_per_connection=yes

#
# High-Performance mode.
#
# It works by using a number of long running login processes,
# each handling a number of connections. This loses much of
# the security benefits of the login process design, because
# in case of a security hole the attacker is now able to see
# other users logging in and steal their passwords.
#login_process_per_connection = no

# Default realm/domain to use if none was specified.
# This is used for both SASL realms and appending '@domain.ltd' to username in plaintext logins.
auth_default_realm = prlsrl.it

# ---- NFS storage ----
# Set to 'no' For NFSv2. Default is 'yes'.
#dotlock_use_excl = yes

#mail_nfs_storage = yes # v1.1+ only

# If indexes are on NFS.
#mail_nfs_index = yes # v1.1+ only
# ----

plugin {
    # Quota warning.
    #
    # You can find sample script from Dovecot wiki:
    # http://wiki.dovecot.org/Quota/1.1#head- … b45bec1734
    #
    # If user suddenly receives a huge mail and the quota jumps from
    # 85% to 95%, only the 95% script is executed.
    #
    quota_warning = storage=85%% /usr/local/bin/dovecot-quota-warning.sh 85
    quota_warning2 = storage=90%% /usr/local/bin/dovecot-quota-warning.sh 90
    quota_warning3 = storage=95%% /usr/local/bin/dovecot-quota-warning.sh 95
}

# Maildir format and location.
mail_location = maildir:/%Lh/Maildir/:INDEX=/%Lh/Maildir/

plugin {
    # Quota, stored in file 'maildirsize' under user mailbox.
    # Dict quota. Used to store realtime quota in SQL.
    # Dict quota is recalculated only if the quota goes below zero. For example:
    #
    #   mysql> UPDATE mailbox SET bytes=-1,messages=-1 WHERE username='user@domain.ltd';
    #
    quota = dict:user::proxy::quotadict
    # Quota rules. Reference: http://wiki.dovecot.org/Quota/1.1
    # The following limit names are supported:
    #   - storage: Quota limit in kilobytes, 0 means unlimited.
    #   - bytes: Quota limit in bytes, 0 means unlimited.
    #   - messages: Quota limit in number of messages, 0 means unlimited. This probably isn't very useful.
    #   - backend: Quota backend-specific limit configuration.
    #   - ignore: Don't include the specified mailbox in quota at all (v1.1.rc5+).
    quota_rule = *:storage=0
    #quota_rule2 = *:messages=0
    #quota_rule3 = Trash:storage=1G
    #quota_rule4 = Junk:ignore
}

dict {
    # NOTE: dict process currently runs as root, so this file will be owned as root.
    expire = db:/var/lib/dovecot/expire/expire.db
}

plugin {
    # ---- Expire plugin ----
    # Expire plugin. Mails are expunged from mailboxes after being there the
    # configurable time. The first expiration date for each mailbox is stored in
    # a dictionary so it can be quickly determined which mailboxes contain
    # expired mails. The actual expunging is done in a nightly cronjob, which
    # you must set up:
    #
    #   1   3   *   *   *   /usr/sbin/dovecot --exec-mail ext /usr/libexec/dovecot/expire-tool
    #
    # Trash: 7 days
    # Trash's children directories: 7 days
    # Junk: 30 days
    expire = Trash 7 Trash/* 7 Junk 30
    expire_dict = proxy::expire

    # If you have a non-default path to auth-master, set also:
    auth_socket_path = /var/run/dovecot/auth-master
}

# Per-user sieve mail filter.
plugin {
    # For maildir format.
    sieve = /var/vmail/sieve/%Ld/%Ln/dovecot.sieve
}
# LDA: Local Deliver Agent
protocol lda {
    postmaster_address = root
    auth_socket_path = /var/run/dovecot/auth-master
    mail_plugins = quota sieve autocreate
    sieve_global_path = /var/vmail/sieve/dovecot.sieve
    log_path = /var/log/sieve.log
}

# IMAP configuration
protocol imap {
    mail_plugins = quota imap_quota autocreate

    imap_client_workarounds = tb-extra-mailbox-sep

    # number of connections per-user per-IP
    #mail_max_userip_connections = 10
}

# POP3 configuration
protocol pop3 {
    mail_plugins = quota
    pop3_uidl_format = %08Xu%08Xv
    pop3_client_workarounds = outlook-no-nuls oe-ns-eoh

    # number of connections per-user per-IP
    #mail_max_userip_connections = 10
}

auth default {
    mechanisms = plain login
    user = vmail
    passdb ldap {
        args = /usr/local/etc/dovecot-ldap.conf
    }
    userdb ldap {
        args = /usr/local/etc/dovecot-ldap.conf
    }
    socket listen {
        master {
            path = /var/run/dovecot/auth-master
            mode = 0666
            user = vmail
            group = vmail
        }
        client {
            path = /var/spool/postfix/dovecot-auth
            mode = 0666
            user = postfix
            group = postfix
        }
    }
}
plugin {
    autocreate = INBOX
    autocreate2 = Sent
    autocreate3 = Trash
    autocreate4 = Drafts
    autocreate5 = Junk

    autosubscribe = INBOX
    autosubscribe2 = Sent
    autosubscribe3 = Trash
    autosubscribe4 = Drafts
    autosubscribe5 = Junk
}
dict {
    # Dict quota. Used to store realtime quota in SQL.
    quotadict = mysql:/usr/local/etc/dovecot-used-quota.conf
}
namespace private {
    separator = /
    prefix =
    #location defaults to mail_location.
    inbox = yes
}

namespace shared {
    separator = /
    prefix = Shared/%%u/
    location = maildir:/%%Lh/Maildir/:INDEX=/%%Lh/Maildir/Shared/%%u
    # this namespace should handle its own subscriptions or not.
    subscriptions = yes
    list = children
}

plugin {
    acl = vfile
    acl_shared_dict = proxy::acl
}
dict {
    acl = mysql:/usr/local/etc/dovecot-share-folder.conf
}
# ManageSieve service. http://wiki.dovecot.org/ManageSieve
protocol managesieve {
    # IP or host address where to listen in for connections.
    listen = 127.0.0.1:2000

    # Login executable location.
    #login_executable = /usr/local/libexec/dovecot/managesieve-login

    # ManageSieve executable location. See IMAP's mail_executable above for
    # examples how this could be changed.
    #mail_executable = /usr/local/libexec/dovecot/managesieve

    # Maximum ManageSieve command line length in bytes. This setting is
    # directly borrowed from IMAP. But, since long command lines are very
    # unlikely with ManageSieve, changing this will not be very useful.
    #managesieve_max_line_length = 65536

    # ManageSieve logout format string:
    #  %i - total number of bytes read from client
    #  %o - total number of bytes sent to client
    #managesieve_logout_format = bytes=%i/%o

    # If, for some inobvious reason, the sieve_storage remains unset, the
    # ManageSieve daemon uses the specification of the mail_location to find out
    # where to store the sieve files (see explaination in README.managesieve).
    # The example below, when uncommented, overrides any global mail_location
    # specification and stores all the scripts in '~/mail/sieve' if sieve_storage
    # is unset. However, you should always use the sieve_storage setting.
    # mail_location = mbox:~/mail

    # To fool ManageSieve clients that are focused on timesieved you can
    # specify the IMPLEMENTATION capability that the dovecot reports to clients
    # (default: "dovecot").
    #managesieve_implementation_string = dovecot
}

# sieve plugin. http://wiki.dovecot.org/LDA/Sieve
plugin {
    # If the user has no personal active script (i.e. if the file
    # indicated in sieve= does not exist), use this one:
    #sieve_global_path = /var/vmail/sieve/dovecot.sieve

    # The include extension fetches the :global scripts from this
    # directory.
    #sieve_global_dir =

    # Path to a script file or a directory containing script files
    # that need to be executed before the user's script. If the path
    # points to a directory, all the Sieve scripts contained therein
    # (with the proper .sieve extension) are executed. The order of
    # execution is determined by the file names, using a normal 8bit
    # per-character comparison.
    #sieve_before = /var/vmail/sieve/dovecot.sieve

    # Identical to sieve_before, only the specified scripts are
    # executed after the user's script (only when keep is still in
    # effect!).
    #sieve_after = /var/vmail/sieve/dovecot.sieve

    # Location of the active script. When ManageSieve is used this is actually
    # a symlink pointing to the active script in the sieve storage directory.
    sieve = /var/vmail/sieve/%Ld/%Ln/dovecot.sieve

    # The path to the directory where the personal Sieve scripts are stored. For
    # ManageSieve this is where the uploaded scripts are stored.
    sieve_dir = /var/vmail/sieve/%Ld/%Ln/
}

2

Re: [SOLVED] Dovecot start error

priosoft wrote:

Dovecot send an error concerning with certificates and .conf file error.

Could you please paste this error message here? It helps a lot for troubleshooting.

3

Re: [SOLVED] Dovecot start error

Here you are below :

Error: ssl_cert_file: Can't use /etc/ssl/certs/dovecot.pem: No such file or directory
Fatal: Invalid configuration in /usr/local/etc/dovecot.conf
usage: install ecc...
install: -: Invalid argument

/etc/rc WARNING: failed precmd routine for dovecot
postfix/posftix-script: starting the Postfix mail system
Starting iredapd ...

and so on... no error

at last another messages
login: Aug 20 13:14:16 mail sshd[1248]: error: ssh_msg_send: write


More or less it seems that it does not find a dovecot.pem certificates, in fact in some directory i've found a IredMail.pem certificates (I dont' know in which directory) but it is strange that the dovecot.conf does not contain the SSL configuration so where it tell to find the .pem certifactes.?
And how I do to enable certificates also for Imaps, i wish to use only imaps not POP not IMAP and with a go daddy firmed certificates.

Thank's a lot.!!!

4

Re: [SOLVED] Dovecot start error

Strange, you don't have SSL enabled in dovecot, which should be enabled by default.

Try to add below settings in /usr/local/etc/dovecot.conf:

ssl = yes
verbose_ssl = no
ssl_key_file = /etc/ssl/private/iRedMail.key
ssl_cert_file = /etc/ssl/certs/iRedMail_CA.pem
ssl_ca_file = /etc/ssl/certs/iRedMail_CA.pem

Restart dovecot.

5

Re: [SOLVED] Dovecot start error

Really well done.!!
Thanks' this step is ok now.

Thank's a lot.