1

Topic: The easiest way to upgrade Dovecot 1.x to 2.0 on RHEL/CentOS 5.

Hi, all.

Just want to show you how easy to upgrade Dovecot-1.x to 2.0 on RHEL/CentOS 5.

Summary

We are going to setup a new virtual machine with RHEL/CentOS 6, so that we have a working config file for Dovecot-2.0. Then simply copy it after we upgraded Dovecot packages.

Notes:

[+] If you don't want to setup a new virtual machine, we have a sample Dovecot-2.0 config file available for your use: https://bitbucket.org/zhb/iredmail/raw/ … ecot2.conf

[+] If you're running Debian, just setup a Debian virtual machine to get sample Dovecot-2 config file. The same to other Linux/BSD distributions.

Important notes before you start

[+] The latest iRedMail forces clients to use secure connection for POP3 and IMAP services, if you don't want to do this, please check this tutorial: How to allow insecure POP3/IMAP connection

Steps

*) Download Dovecot-2.0 from below URLs:

[+] Dovecot-2.0.x: http://packages.atrpms.net/dist/el5/dovecot-2.0.x/
[+] dovecot-managesieve and dovecot-pigeonhole: http://packages.atrpms.net/dist/el5/dovecot-pigeonhole/

*) Backup Dovecot config file first.

[+] WARNING: Please copy files with '-p' option to keep file owner and permission.
[+] Note: We backup /etc/dovecot.conf, but we don't use it for upgrading at all. it's useful if you want to downgrade from Dovecot-2.0 to 1.x.

# mkdir /root/dovecot-backup/
# cp -p /etc/dovecot.conf /root/dovecot-backup/old.dovecot.conf
# cp -p /etc/dovecot-* /root/dovecot-backup/

*) Setup a virtual machine (VMware/Xen/VirtualBox/KVM/etc), install RHEL/CentOS 6 on it. Then deploy iRedMail. iRedMail will install Dovecot-2.0 for you. Its config files are all placed under /etc/dovecot/. Main config file is /etc/dovecot/dovecot.conf.

Again, If you don't want to setup a new virtual machine, we have a sample Dovecot-2.0 config file available for your use: https://bitbucket.org/zhb/iredmail/raw/ … ecot2.conf

Note: iRedMail doesn't use config files under /etc/dovecot/conf.d/.

[+] Copy /etc/dovecot/dovecot.conf to your iRedMail server which running Dovecot-1.x. assume it's /root/dovecot2.conf.
[+] Now open /root/dovecot2.conf, make sure you have the same values for below parameter as Dovecot-1.x.

# Make sure Dovecot has right owner/permission to store received emails.
mail_uid = 
mail_gid =
first_valid_uid =
last_valid_uid =

# Make sure Dovecot will delivers email to correct mailboxes.
mail_location = maildir:/%Lh/Maildir/:INDEX=/%Lh/Maildir/

# Append this domain name if client gives empty realm (no '@domain.com' part in login username).
auth_default_realm = 

# Make sure per-user sieve filters can be read/write.
sieve_dir = /%Lh/sieve
sieve = /%Lh/sieve/dovecot.sieve

After you sync above parameters in new config file, it's ready to upgrade Dovecot-1.x.

*) Stop Dovecot service and remove RPM packages.

# /etc/init.d/dovecot
# rpm -e dovecot dovecot-managesieve dovecot-pigeonhole

*) Install Dovecot-2.0 you download. it's mentioned above (step 1).

# rpm -ivh dovecot-2.0.xxx dovecot-pigeonhole-xxx dovecot-managesieve-xxx

*) Copy sample config file to /etc/dovecot/:

# cp /root/dovecot2.conf /etc/dovecot/dovecot.conf
# chown root:root /etc/dovecot/dovecot.conf
# chmod 0664 /etc/dovecot/dovecot.conf

*) Restore backup files to /etc/dovecot/. Again, copy files with '-p' option to keep file owner and permission.

# cp -p /root/dovecot-backup/dovecot-* /etc/dovecot/

*) It's now ok to restart Dovecot service and testing:

# /etc/init.d/dovecot restart

Dovecot logs to /var/log/dovecot.log by default, so please send some testing emails and make sure no error occur.

After upgrading

[+] You may want to move /etc/dovecot*.conf (used by Dovecot-1.x) to another place to avoid confusion.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: The easiest way to upgrade Dovecot 1.x to 2.0 on RHEL/CentOS 5.

Quick Note looks like you cant remove dovecot without also removing  dovecot-sieve

error: Failed dependencies:
        dovecot >= 1.2 is needed by (installed) dovecot-sieve-0.1.19-9.1.el5.x86_64

Also once you removed dovecot-sieve

And you do the install dovecot-2 installs fine but managesieve and pigeonhole have issues.

rpm -ivh dovecot-managesieve-0.4.1-28.el5.x86_64.rpm dovecot-pigeonhole-0.4.1-28.el5.x86_64.rpm
warning: dovecot-managesieve-0.4.1-28.el5.x86_64.rpm: Header V4 DSA signature: NOKEY, key ID 66534c2b
error: Failed dependencies:
        dovecot >= 1:2.2 is needed by dovecot-pigeonhole-0.4.1-28.el5.x86_64

This is on Red Hat Enterprise Linux Server release 5.6

3

Re: The easiest way to upgrade Dovecot 1.x to 2.0 on RHEL/CentOS 5.

Yes, they're dependences. You have to remove packages whose package name starts with 'dovecot', and install packages 'dovecot*', it will install 3 packages for you.

4

Re: The easiest way to upgrade Dovecot 1.x to 2.0 on RHEL/CentOS 5.

Yes that's what was done

Remove
dovecot-1.2.17-0_116.el5
dovecot-managesieve-0.11.13-0_6.el5
dovecot-sieve-0.1.19-9.1.el5


then installed Dovecot
[dovecot-upgrade]# rpm -ivh dovecot-2.0.21-0_136.el5.x86_64.rpm
warning: dovecot-2.0.21-0_136.el5.x86_64.rpm: Header V4 DSA signature: NOKEY, key ID 66534c2b
Preparing...                ########################################### [100%]
   1:dovecot                ########################################### [100%]
[root@mail dovecot-upgrade]# rpm -ivh dovecot-managesieve-0.4.1-28.el5.x86_64.rpm dovecot-pigeonhole-0.4.1-28.el5.x86_64.rpm
warning: dovecot-managesieve-0.4.1-28.el5.x86_64.rpm: Header V4 DSA signature: NOKEY, key ID 66534c2b
error: Failed dependencies:
        dovecot >= 1:2.2 is needed by dovecot-pigeonhole-0.4.1-28.el5.x86_64
[root@mail dovecot-upgrade]# rpm -ivh dovecot-pigeonhole-0.4.1-28.el5.x86_64.rpm
warning: dovecot-pigeonhole-0.4.1-28.el5.x86_64.rpm: Header V4 DSA signature: NOKEY, key ID 66534c2b
error: Failed dependencies:
        dovecot >= 1:2.2 is needed by dovecot-pigeonhole-0.4.1-28.el5.x86_64

But dovecot is already installed

5

Re: The easiest way to upgrade Dovecot 1.x to 2.0 on RHEL/CentOS 5.

You can install Dovecot via yum, it's available in iRedMail repository:
http://iredmail.org/yum/rpms/6/

6 (edited by connor_mcl 2013-12-14 19:52:11)

Re: The easiest way to upgrade Dovecot 1.x to 2.0 on RHEL/CentOS 5.

Please, Can any help me with debian?, Boss upgrade server yersterday to debian 7 and now mail server is not working.
I read this post, but im in dovecot2.0 and i dont know what i have to do.

I did:
doveconf -n -c /etc/dovecot/dovecot.conf.old >dovecot.conf

and looks like dovecot from old conf create a new config file.
Restart dovecot service but i cant connect via pop3 o imap
Dovecot log says:
Dec 14 12:26:23 auth: Error: net_connect_unix(auth-worker) in directory /run/dovecot failed: Permission denied (euid=1000(vmail) egid=1000(vmail) missing +w perm: /run/dovecot/auth-worker, dir owned by 0:0 mode=0755)

Can any help me pls?

P.D - With mysql backend and last iredmail version

7

Re: The easiest way to upgrade Dovecot 1.x to 2.0 on RHEL/CentOS 5.

ok if If do -> chown vmail:vmail /run/dovecot/auth-worker all works again but if i restart dovecot service it change the owner.
dovecot.conf
service auth {
  unix_listener /var/spool/postfix/dovecot-auth {
    group = postfix
    mode = 0666
    user = postfix
  }
  unix_listener auth-master {
    group = vmail
    mode = 0666
    user = vmail
  }
  user = vmail
}

its ok? no?

What im doing bad?

8 (edited by connor_mcl 2013-12-15 03:02:05)

Re: The easiest way to upgrade Dovecot 1.x to 2.0 on RHEL/CentOS 5.

i answer to myself, i need to add this lines to dovecot.conf. Now i think all work ok.

service auth-worker {
       user = $default_internal_user

       unix_listener auth-worker {
              user = vmail
       }
}

P.D - Still no working, now mail log ok and receive mails ok, but no send. I had to add this lines too:
service dict {
  extra_groups = vmail
  unix_listener dict {
    group = vmail
    mode = 0660
  }
}

so can any tell me if i need to modify more files?

9

Re: The easiest way to upgrade Dovecot 1.x to 2.0 on RHEL/CentOS 5.

ZhangHuangbin wrote:

Hi, all.

Just want to show you how easy to upgrade Dovecot-1.x to 2.0 on RHEL/CentOS 5.
....
[+] If you don't want to setup a new virtual machine, we have a sample Dovecot-2.0 config file available for your use: https://bitbucket.org/zhb/iredmail/raw/ … ecot2.conf

[+] If you're running Debian, just setup a Debian virtual machine to get sample Dovecot-2 config file. The same to other Linux/BSD distributions.

Important notes before you start

The proposed dovecot2.conf is not good, its mising crucial information - sieve protocol and service. Without it the filters in roundcube don't work. You need this also in dovecot2.conf because iRedMail doesn't read and use /etc/dovecot/conf.d/*. I'm posting what you must also add, please post recommended tuning options for this:

protocol sieve {
  managesieve_max_line_length = 65536
  # Maximum number of ManageSieve connections allowed for a user from each IP
  # address.
  # NOTE: The username is compared case-sensitively.
  #mail_max_userip_connections = 10

  # Space separated list of plugins to load (none known to be useful so far).
  # Do NOT try to load IMAP plugins here.
  #mail_plugins =

  # MANAGESIEVE logout format string:
  #  %i - total number of bytes read from client
  #  %o - total number of bytes sent to client
  #managesieve_logout_format = bytes=%i/%o

  # To fool ManageSieve clients that are focused on CMU's timesieved you can
  # specify the IMPLEMENTATION capability that Dovecot reports to clients.
  # For example: 'Cyrus timsieved v2.2.13'
  managesieve_implementation_string = dovecot

  # Explicitly specify the SIEVE and NOTIFY capability reported by the server
  # before login. If left unassigned these will be reported dynamically
  # according to what the Sieve interpreter supports by default (after login
  # this may differ depending on the user).
  #managesieve_sieve_capability =
  #managesieve_notify_capability =

  # The maximum number of compile errors that are returned to the client upon
  # script upload or script verification.
  #managesieve_max_compile_errors = 5

  # Refer to 90-sieve.conf for script quota configuration and configuration of
  # Sieve execution limits.
}

service managesieve-login {
  inet_listener sieve {
    port = 4190
  }

  inet_listener sieve_deprecated {
    port = 2000
  }

  # Number of connections to handle before starting a new process. Typically
  # the only useful values are 0 (unlimited) or 1. 1 is more secure, but 0
  # is faster. <doc/wiki/LoginProcess.txt>
  #service_count = 1

  # Number of processes to always keep waiting for more connections.
  #process_min_avail = 0

  # If you set service_count=0, you probably need to grow this.
  #vsz_limit = 64M
}

#service managesieve {
  # Max. number of ManageSieve processes (connections)
  #process_count = 1024
#}

10

Re: The easiest way to upgrade Dovecot 1.x to 2.0 on RHEL/CentOS 5.

Clouseau wrote:

The proposed dovecot2.conf is not good, its mising crucial information - sieve protocol and service.

Hi Clouseau,

iRedMail generates Dovecot config file for Dovecot-2.0/2.1 with this sample config file:
https://bitbucket.org/zhb/iredmail/src/ … ecot2.conf
And it works.

11 (edited by Clouseau 2013-12-21 21:03:44)

Re: The easiest way to upgrade Dovecot 1.x to 2.0 on RHEL/CentOS 5.

ZhangHuangbin wrote:
Clouseau wrote:

The proposed dovecot2.conf is not good, its mising crucial information - sieve protocol and service.

Hi Clouseau,

iRedMail generates Dovecot config file for Dovecot-2.0/2.1 with this sample config file:
https://bitbucket.org/zhb/iredmail/src/ … ecot2.conf
And it works.

I just figured it out and  you're right. I was on roundcube 0.7.2 which expects sieve on 2000 port but the new dovecot pushes it by default on 4190... Those values I added are defaults in dovecot and they don't need to be explicitly noted in dovecot.conf, only this part was fixing it: inet_listener sieve_deprecated {  port = 2000}. I upgraded later to latest roundcube and now I removed those entries in dovecot and now it works because new roundcube has managesieve plugin configured to connect to port 4190... Sry, my bad smile