Replication: Cannot delete the active sieve script
Hartmut Raithel
hartmut.raithel at hof-university.de
Mo Dez 14 12:36:35 CET 2015
Hallo zusammen,
ich habe meine Mailserver kürzlich auf Ubuntu 14.04 LTS aktualisiert.
(Dovecot 2.2.9) doveconf –n hängt unten dran…
Nun habe ich einen Active/Active Cluster mit dovecot replication aufgesetzt,
welcher auch – Mailseitig – recht gut lief. Leider musste ich die
Replikation zwischenzeitlich wieder auftrennen, da offenbar die Replikation
der User-Sieve Scripts nicht richtig funktionierte. (Diese werden
ausschließlich über Managesieve von unserem Sogo Webmailer aus gepflegt)
Folgende Symptome treten auf (habe aktuell den 2. Server mit nem identischen
Testsystem zusammengehängt):
1. Sieve Script wird am Server 1 (sh-mail01) über SOGo erstellt und
auch auf den 2. Server(sht-mail01) repliziert.
2. Das Sieve Script wird vom User wieder am Server 1 gelöscht:
Dec 14 10:22:39 managesieve-login: Info: Login: user=<aaasys08a>,
method=PLAIN, rip=192.168.xxx.xxx, lip=192.168.77.1, mpid=17664
Dec 14 10:22:39 managesieve-login: Info: Login: user=<aaasys08a>,
method=PLAIN, rip=192.168.xxx.xxx, lip=192.168.77.1, mpid=17666
Dec 14 10:22:39 managesieve(aaasys08a): Info: Connection closed bytes=35/87
Dec 14 10:22:39 managesieve(aaasys08a): Info: Connection closed bytes=0/17
3. Dies wird aber nicht am 2. Server nachgezogen. Dort bleiben das
Script und der Link zu selbigem liegen.
Im Syslog Logfile des 2. Servers finden sich folgende Meldungen:
Dec 14 10:22:39 sht-mail01 dovecot: dsync-server(aaasys08a): Error: Failed
to delete Sieve script 'sogo': Cannot delete the active sieve script.
Dec 14 10:22:39 sht-mail01 dovecot: dsync-server(aaasys08a): Error: Mailbox
INBOX: Failed to set attribute
vendor/vendor.dovecot/pvt/server/sieve/files/sogo: Internal error occurred.
Refer to server log for more information. [2015-12-14 10:22:39]
Im Dovecot-info.log steht dazu leider nix…
Den unangenehmsten Nebeneffekt konnte ich in der aktuell aktiven
Test-Konstellation leider nicht mehr reproduzieren: Es wurden die Sieve
Scripte und Links sogar vom 2. auf den 1. Server zurückrepliziert, so das
z.b. deaktivierte/gelöschte Vacation-Mails ohne zutun des Users wieder aktiv
wurden…
…wobei auch die leigenbleibenden Sieve scripts am 2. Mailserver spätestens
dann fatal sind wenn der Server im Ernstfall in den aktiven Betrieb
übergeht.
Hat jemand ähnliche Erfahrungen mit der Dovecot Replikation gemacht?
Herzliche Grüße
Hartmut
Hier meine Konfig:
„Primärer“ Mailserver sh-mail01:
# 2.2.9: /etc/dovecot/dovecot.conf
# OS: Linux 3.13.0-71-generic x86_64 Ubuntu 14.04.3 LTS
auth_debug = yes
auth_master_user_separator = *
auth_mechanisms = plain login
auth_verbose = yes
debug_log_path = /var/log/dovecot-debug.log
disable_plaintext_auth = no
doveadm_password = xxxxx
hostname = sh-mail01.hof-university.de
info_log_path = /var/log/dovecot-info.log
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
listen = *
login_greeting = HAW Hof ready.
login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c %k
mail_fsync = always
mail_gid = 5000
mail_location = maildir:%h
mail_nfs_index = yes
mail_nfs_storage = yes
mail_plugins = " notify replication"
mail_uid = 5000
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags
copy include variables body enotify environment mailbox date ihave
mmap_disable = yes
namespace inbox {
inbox = yes
location =
mailbox Drafts {
auto = subscribe
special_use = \Drafts
}
mailbox Junk {
auto = subscribe
special_use = \Junk
}
mailbox Sent {
auto = subscribe
special_use = \Sent
}
mailbox "Sent Messages" {
auto = subscribe
special_use = \Sent
}
mailbox Trash {
auto = subscribe
special_use = \Trash
}
prefix = INBOX.
separator = .
subscriptions = yes
type = private
}
passdb {
args = /etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
passdb {
args = /etc/dovecot/passwd.%s
driver = passwd-file
master = yes
}
plugin {
mail_log_fields = uid box msgid size
mail_replica = tcp:192.168.77.33:12099
recipient_delimiter = +
sieve = ~/../.dovecot.sieve
sieve_dir = ~/../sieve
sieve_global_dir = /var/mail/sieve/global
}
postmaster_address = postmaster at hof-university.de
protocols = imap pop3 sieve
rejection_reason = HAW Hof: Your message to <%t> was automatically
rejected:%n%r
service aggregator {
fifo_listener replication-notify-fifo {
mode = 0666
user = vmail
}
unix_listener replication-notify {
mode = 0666
user = vmail
}
}
service auth {
client_limit = 6644
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
}
unix_listener /var/spool/postfix/private/dovecot-auth {
group = postfix
mode = 0666
user = postfix
}
unix_listener auth-userdb {
mode = 0777
}
}
service doveadm {
inet_listener {
port = 12099
}
}
service imap-login {
inet_listener imap {
port = 143
}
inet_listener imaps {
port = 993
ssl = yes
}
service_count = 0
vsz_limit = 256 M
}
service imap {
process_limit = 2096
vsz_limit = 512 M
}
service lmtp {
unix_listener lmtp {
group = postfix
mode = 0666
user = postfix
}
}
service managesieve-login {
inet_listener sieve {
port = 4190
}
}
service pop3-login {
inet_listener pop3 {
port = 110
}
inet_listener pop3s {
port = 995
ssl = yes
}
}
service pop3 {
process_limit = 1024
}
service replicator {
process_min_avail = 1
unix_listener replicator-doveadm {
mode = 0666
}
}
ssl_cert = </etc/ssl/certs/allcerts.pem
ssl_cipher_list =
ALL:!LOW:!SSLv2:ALL:!aNULL:!ADH:!eNULL:!EXP:RC4+RSA:+HIGH:+MEDIUM
ssl_key = </etc/ssl/private/smtp-2.hof-university.de.privKey
userdb {
args = /etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
verbose_proctitle = yes
protocol imap {
imap_client_workarounds = delay-newmail
imap_max_line_length = 256 k
mail_max_userip_connections = 20
mail_plugins = " notify replication"
}
protocol pop3 {
mail_max_userip_connections = 10
pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
}
protocol lda {
deliver_log_format = msgid=%m: %$
log_path = /var/log/dovecot/dovecot-deliver.log
mail_plugins = sieve
postmaster_address = postmaster
quota_full_tempfail = yes
rejection_reason = Your message to <%t> was automatically rejected:%n%r
}
protocol lmtp {
info_log_path = /var/log/dovecot-lmtp.log
}
Partner – sht-mail01:
# 2.2.9: /etc/dovecot/dovecot.conf
# OS: Linux 3.13.0-71-generic x86_64 Ubuntu 14.04.3 LTS
auth_debug = yes
auth_mechanisms = plain login
auth_verbose = yes
debug_log_path = /var/log/dovecot-debug.log
disable_plaintext_auth = no
doveadm_password = xxxxx
hostname = sht-mail01.hof-university.de
info_log_path = /var/log/dovecot-info.log
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
listen = *
login_greeting = HAW Hof ready.
login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c %k
mail_fsync = always
mail_gid = 5000
mail_location = maildir:%h
mail_nfs_index = yes
mail_nfs_storage = yes
mail_plugins = " notify replication"
mail_uid = 5000
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags
copy include variables body enotify environment mailbox date ihave
mmap_disable = yes
namespace inbox {
inbox = yes
location =
mailbox Drafts {
auto = subscribe
special_use = \Drafts
}
mailbox Junk {
auto = subscribe
special_use = \Junk
}
mailbox Sent {
auto = subscribe
special_use = \Sent
}
mailbox "Sent Messages" {
auto = subscribe
special_use = \Sent
}
mailbox Trash {
auto = subscribe
special_use = \Trash
}
prefix = INBOX.
separator = .
subscriptions = yes
type = private
}
passdb {
args = /etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
passdb {
args = /etc/dovecot/passwd.%s
driver = passwd-file
master = yes
pass = yes
}
plugin {
mail_log_fields = uid box msgid size
mail_replica = tcp:192.168.77.1:12099
recipient_delimiter = +
sieve = ~/../.dovecot.sieve
sieve_dir = ~/../sieve
sieve_global_dir = /var/mail/sieve/global
}
postmaster_address = postmaster at hof-university.de
protocols = imap pop3 sieve
rejection_reason = HAW Hof: Your message to <%t> was automatically
rejected:%n%r
service aggregator {
fifo_listener replication-notify-fifo {
mode = 0666
user = vmail
}
unix_listener replication-notify {
mode = 0666
user = vmail
}
}
service auth {
client_limit = 6644
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
}
unix_listener /var/spool/postfix/private/dovecot-auth {
group = postfix
mode = 0666
user = postfix
}
unix_listener auth-userdb {
mode = 0777
}
}
service doveadm {
inet_listener {
port = 12099
}
}
service imap-login {
inet_listener imap {
port = 143
}
inet_listener imaps {
port = 993
ssl = yes
}
service_count = 0
vsz_limit = 256 M
}
service imap {
process_limit = 2096
vsz_limit = 512 M
}
service lmtp {
unix_listener lmtp {
group = postfix
mode = 0666
user = postfix
}
}
service managesieve-login {
inet_listener sieve {
port = 4190
}
}
service pop3-login {
inet_listener pop3 {
port = 110
}
inet_listener pop3s {
port = 995
ssl = yes
}
}
service pop3 {
process_limit = 1024
}
service replicator {
process_min_avail = 1
unix_listener replicator-doveadm {
mode = 0666
}
}
ssl_cert = </etc/ssl/certs/allcerts.pem
ssl_cipher_list =
ALL:!LOW:!SSLv2:ALL:!aNULL:!ADH:!eNULL:!EXP:RC4+RSA:+HIGH:+MEDIUM
ssl_key = </etc/ssl/private/smtp-2.hof-university.de.privKey
userdb {
args = /etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
verbose_proctitle = yes
protocol imap {
imap_client_workarounds = delay-newmail
imap_max_line_length = 256 k
mail_max_userip_connections = 20
mail_plugins = " notify replication"
}
protocol pop3 {
mail_max_userip_connections = 10
pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
}
protocol lda {
deliver_log_format = msgid=%m: %$
log_path = /var/log/dovecot/dovecot-deliver.log
mail_plugins = sieve
postmaster_address = postmaster
quota_full_tempfail = yes
rejection_reason = Your message to <%t> was automatically rejected:%n%r
}
protocol lmtp {
info_log_path = /var/log/dovecot-lmtp.log
}
Hartmut Raithel
hartmut.raithel at hof-university.de
<http://www.hof-university.de/> www.hof-university.de
-------------- nächster Teil --------------
Ein Dateianhang mit HTML-Daten wurde abgetrennt...
URL: <https://listen.jpberlin.de/pipermail/dovecot/attachments/20151214/c080b18d/attachment-0001.html>
-------------- nächster Teil --------------
Ein Dateianhang mit Binärdaten wurde abgetrennt...
Dateiname : smime.p7s
Dateityp : application/pkcs7-signature
Dateigröße : 6619 bytes
Beschreibung: nicht verfügbar
URL : <https://listen.jpberlin.de/pipermail/dovecot/attachments/20151214/c080b18d/attachment-0001.p7s>
Mehr Informationen über die Mailingliste Dovecot