Learn how easy it is to sync an existing GitHub or Google Code repo to a SourceForge project! See Demo

Close

quota with maildrop, courier, mysql

Manix
2011-01-05
2013-01-23
  • Manix
    Manix
    2011-01-05

    Hello,

    I am looking for a way to support quotas in my system. I've read of two solutions, the Postfix VDA patch and maildrop.
    If anybody has succeeded in configuring maildrop I would appreciate help with the configuration files, maildroprc, maildropmysql or any general directive.

    Thanks in advance

     
  • Simon Hobson
    Simon Hobson
    2012-10-01

    OK, I've read the page linked to, and I think I'm missing something.
    EDIT: Was, sorted that out. Need to add "virtual_transport = maildrop" to main.cf.

    And leading on from that, what is the transport field in PFA used for ? It doesn't seem to be referenced by anything in the setup docs.

    So I now have Postfix calling maildrop, but I'm stuck at :
    relay=maildrop, delay=1, delays=0.56/0.04/0/0.41, dsn=5.1.1, status=bounced (user unknown. Command output: ERR: authdaemon: s_connect() failed: Permission denied Invalid user specified. )
    I can't see anything in the logs that gives any hint where the problem lies.

     
  • You are right - usage of the transport field is not described in the setup docs. (Feel free to submit a patch for the documentation ;-)

    If you google for the maildrop error message, one of the first hits is
    http://www.mail-archive.com/courier-users@lists.sourceforge.net/msg22121.html
    which includes possible reasons and solutions for your problem.

     
  • Simon Hobson
    Simon Hobson
    2012-10-04

    Finally getting somewhere now, though it's not that ideal.

    OK, making maildrop suid root fixed the problem I was having. Then I found maildirs weren't created with quotas - slaphead time as I realised I'd left the MYSQL_QUOTA_FIELD commented out in my authmysqlrc file.

    Modified maildroprc a bit (mainly adding creation of Drafts, Sent, and Trash folders), I now have :

    # Global maildrop filter file
    # Uncomment this line to make maildrop default to ~/Maildir for
    # delivery- this is where courier-imap (amongst others) will look.
    #DEFAULT="$HOME/Maildir"
    # Derived from config provided by christian_boltz
    # https://sourceforge.net/apps/mediawiki/postfixadmin/index.php?title=Courier_configuration
    # parameters: (for foo+test@example.com)
    # test   foo+test@example.com   foo        example.com
    # EXT    Envelope-To            Localpart  Domain
    # $1     $2                     $3         $4
    EXTENSION=$1
    ENVELOPETO=$2
    TOMAILBOX=$3
    TODOMAIN=$4
    MailDirBase="/var/spool/mail/virtual"
    #`test -d "$MailDirBase/$TODOMAIN" || mkdir "$MailDirBase/$TODOMAIN"`
    # logfile "$MailDirBase/$TODOMAIN/maildrop.log" 
    # create maildir if it doesn't exist
    #MAILDIR=$HOME$DEFAULT
    MAILDIR=$MailDirBase/$TODOMAIN/$TOMAILBOX
    echo "MAILDIR is $MAILDIR"
    `test -d "$MAILDIR"`                              # check if dir exist
    if ($RETURNCODE != 0)
    {
             # log "`date` creating maildir $MAILDIR"
            `mkdir -p $MAILDIR`                       # create dirs with parents
            `rmdir $MAILDIR`                          # remove dir for init
            `/usr/bin/maildirmake $MAILDIR`           # create maildir
            `/usr/bin/maildirmake -f Drafts $MAILDIR`
            `/usr/bin/maildirmake -f Sent $MAILDIR`
            `/usr/bin/maildirmake -f Trash $MAILDIR`
    }
    to "$MAILDIR"
    

    I do still have some questions.

    maildirmake is clearly getting it's quota value from somewhere, presumably from an environment variable. However I've been unable to get any logging or echo commands to work. I'm not a fan of stuff that works "because it does" (I don't know how it's working, so I can't work out what's wrong if it stops) so I'd be happier if I could explicitly set the quota - ie "maildirmake -q <something> …"
    Is there a variable accessible in maildroprc containing the quota value ?

    The next issue is the way this setup works. Maildrop fails to deliver if delivering this mail would take the mailbox over quota. If it does fail to deliver, then Postfix queues it. Not too bad, the sender will get a warning message from Postfix after 4 hours so they will know - but I'll still be storing it for up to 4 or 5 days.
    But smaller messages may get through - I've tested this. That's likely to confuse users as they may assume that the warning is false as they're still getting mail ! They may well continue to get "old" mail arriving out-of-order as they delete stuff.
    Still, 100% better than the quotas we don't have working now !

    Lastly, I guess I'm going to have to run a script periodically to pick up quota changes made in PFA and update the maildirsize file in the users maildir. Or is there a hook in PFA that can call a script when things change ?
    Not that big a deal, I'm looking at knocking up a script to purge old mail from users Trash, update maildir quotas (if needed), and mail users along the lines of "Your quota is <x>, and you are currently using <y>" if they are getting anywhere near their quota.

    Oh yes, as to the transport field. I can document what I've done with it (I've implemented an option for "Relay") - I'd be interested to know what (if anything) the authors had in mind for it ?

     
  • making maildrop suid root fixed the problem I was having.

    It should work without suid root - at least it does on my setup ;-)

    maildirmake is clearly getting it's quota value from somewhere,

    Not really ;-)

    Typically maildirmake creates a maildir without quota information, and maildrop adds the quota information (by creating the file "maildirsize") to it when the first mail is delivered. It takes the quota information from the database.

    To update "maildirsize" when someone changes the quota in postfixadmin, use the $CONF hook. AFAIK deleting "maildirsize" should be enough - courier/maildrop will re-create it when the mailbox is accessed the next time.

    Oh yes, as to the transport field. I can document what I've done with it (I've implemented an option for "Relay") - I'd be interested to know what (if anything) the authors had in mind for it ?

    The field was there before I started to work on postfixadmin, but I'd guess the intention is to use it for the "transport_map" postfix parameter (probably as additional map, because the vacation domain is typically listed in hash:/etc/postfix/transport)

     
  • Simon Hobson
    Simon Hobson
    2012-10-05

    I fell more testing coming on …

    One more question, if it possible for maildrop to get the maildir location from the database ? Either by being passed it as a parameter from Postfix, or from the DB via Courier-Authdaemon ? I'm uneasy about embedding the mail directory base and structure in as many places as it is - especially when there's a database field holding the maildir location.

    It should work without suid root - at least it does on my setup ;-)

    It doesn't for me :-( The alternative is (as I read the page you linked to) to open up the permissions on the authdaemon socket so UID virtual can access it - but I think I tried that and it still didn't work (different error, still didn't work).
    I'll have another go.
    Whatever, I'll need to figure out how to properly override permissions in Debian so that future upgrades don't suddenly break it.

    I'll start a new thread for discussion of handling the transport field.

     
  • Simon Hobson
    Simon Hobson
    2012-10-05

    Changing ownership of /var/run/courier/authdaemon/ from daemon:daemon to daemon:virtual fixed maildrop to run without suid root.

     
  • One more question, if it possible for maildrop to get the maildir location from the database ? Either by being passed it as a parameter from Postfix, or from the DB via Courier-Authdaemon ? I'm uneasy about embedding the mail directory base and structure in as many places as it is - especially when there's a database field holding the maildir location.

    The maildir location _is_ taken from the database - if you use "MAILDIR=$HOME$DEFAULT" ;-)

    (The two lines explicitely containing /var/vmail/ on the wiki page about courier configuration were only needed for the logfile IIRC, so you can remove them.)

    BTW: Do you want write access to the wiki? You could then document what you found out there, to make life easier for other users (and even for you if you have to do a similar setup in some months or years).

     
  • Simon Hobson
    Simon Hobson
    2012-10-05

    Dunno how I managed not to find this page earlier : http://www.courier-mta.org/maildrop/maildropfilter.html
    Shows the variables that should be defined. I'll have a look on Monday when I'm on office time ;-)

    As to updating the wiki, I need to work out what I've done first ! Not sure where to go next, I've got a little cluster so can work on one machine. I can either just clone this to the others when I'm done, or it might be better to do another one from scratch - both so it's a "clean" setup, and also so I can make notes as I go rather than trying to remember later.
    I'll probably try upgrading one to Wheezy soon and see how much breaks.

     
  • Simon Hobson
    Simon Hobson
    2012-10-08

    After a little more testing, I find that all I need is MAILDIR=$DEFAULT
    I added `set > /tmp/xxx` to maildroprc to see what variables were set.

    According to http://www.courier-mta.org/maildrop/maildropfilter.html :

    DEFAULT
    The default mailbox to deliver the message to. If the filter file does not indicate a mailbox to deliver this message to, the message is delivered to this mailbox. The default mailbox is defined by the system administrator.

    In /etc/courier/authmysqlrc I have "MYSQL_MAILDIR_FIELD     concat('/var/spool/mail/virtual','/',maildir)" so I'm happy now I know where everything is coming from !

    Also, the quota is being updated automagically - so that's that taken care of :)

    So I think that can go live and I'll see what happens …

    Then I think I might upgrade another of the frontends to Wheezy and go through the config from scratch on that - and document it as I go. TBH, I've slightly lost track of exactly what steps I've been through on this box now.