Dovecot 2.3.0 released

DirectAdmin Support

Administrator
Staff member
Joined
Feb 27, 2003
Messages
9,158
Hello,

Dovecot 2.3.0 is available for download/update:
https://dovecot.org/list/dovecot-news/2017-December/000366.html

You can use both CustomBuild 2.0 and 1.2 for this update (not CB 1.1, which is end-of-life)

To Update
Code:
cd /usr/local/directadmin/custombuild
./build update
./build dovecot

Important changes are
Code:
ssl_protocols = !SSLv2 !SSLv3
has been replaced with the single minimum protocol:
Code:
ssl_min_protocol = TLSv1
Also, the /etc/dovecot/dh.pem is generated, and included in the config with
Code:
ssl_dh=</etc/dovecot/dh.pem
I'm not entirely sure why, but they've chagned the directory naming format within the tar.gz from dovecot-2.3.0 to dovecot-ce-2.3.0, so that also had to be handled.

For CustomBuild 2.0 with the modern dovecot config, the above 2 changes are done in:
Code:
/etc/dovecot/conf/ssl.conf
but CB1.2, that file does not exist, so modifies
Code:
/etc/dovecot/dovecot.conf

At the moment, the configure/dovecot/conf/ssl.conf still uses the old values, but any ./build dovecot or ./build dovecot_conf will check to ensure things are set correctly for 2.3.0.

As before, you can no longer compile dovecot on CentOS 5 or older OSs with older openssl versions. You'll get this error
Code:
checking if OpenSSL version is 1.0.1 or newer... false
configure: error: Found deprecated OpenSSL version, use 1.0.1 or newer

John
 
Note, if you run pigeonhole, you must also update it as well:
Code:
./build update
./build pigeonhole
You'd be looking for ./build version "rev 1793".
 
We updated Dovecot and rebuilded Pigeonhole as suggested, now filters have this issue:

Jan 04 00:54:41 lmtp([email protected])<28977><9BInJkFtTVoxcQAAIiOdtg>: Error: sieve: Invalid postmaster_address: invalid address `root' specified for the postmaster_address setting

We already run rev1793 of CB2, lmtp.conf contains:
Code:
#Regex HOSTNAMe below.#add sieve to end of line in:
#/etc/dovecot/conf/lmtp_mail_plugins.conf
#mail_plugins = $mail_plugins sieve


# LMTP socket for local delivery from exim
service lmtp {
  executable = lmtp -L
  process_min_avail = 16
  unix_listener lmtp-client {
    user = mail
    group = mail
    mode = 0660
  }
}


lmtp_rcpt_check_quota = yes


protocol lmtp {
  !include lmtp_mail_plugins.conf
  log_path = /var/log/dovecot-lmtp-errors.log
  info_log_path = /var/log/dovecot-lmtp.log
  postmaster_address = root
  quota_full_tempfail = no
}
 
Last edited:
Hello,

Thanks for the report.
I've changed the default value to be:
Code:
postmaster_address = root@%{hostname}
so manually change to that, or get CB2 rev 1795, then do
Code:
./build update
./build version
./build dovecot_conf
John
 
Since this update CSF/LFD sends me these messages:
Code:
Time:         Fri Jan  5 11:44:42 2018 +0100
Account:      dovecot
Resource:     Process Time
Exceeded:     12742 > 1800 (seconds)
Executable:   /usr/libexec/dovecot/stats
Command Line: dovecot/stats [16 connections]
PID:          1462 (Parent PID:714)
Killed:       No


I'll add it to the /etc/csf/csf.pignore list.
 
Hi all, since this update now when a user is over quota dovecot gives a defer even if in /etc/dovecot/conf/lmtp.conf under protocol lmtp is set quota_full_tempfail = no anyone knows why?

Code:
2018-01-09 17:36:10 1eYwsi-0001lg-6o == *****@asdasdasd.net R=virtual_user T=dovecot_lmtp_udp defer (-1): LMTP connection closed after RCPT TO:<*****@asdasdasd.net>
 
The build folder dovecot-ce-2.3.0 (~500MB) didn't delete automatically after the update. Is this already fixed in the latest CB rev?
 
After updating, I have a lot of this in /var/log/dovecot-lmtp-errors.log. Any idea what it is?

Jan 16 15:15:27 lmtp(16002): Panic: file lib-event.c: line 148 (event_unref): assertion failed: (event != current_global_event)
Jan 16 15:15:27 lmtp(16002): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0xc8d44) [0x7f0cbb3e8d44] -> /usr/lib/dovecot/libdovecot.so.0(default_fatal_handler+0x2a) [0x7f0cbb3e8d8a] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7f0cbb35c1b0] -> /usr/lib/dovecot/libdovecot.so.0(+0xe44fb) [0x7f0cbb4044fb] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_storage_service_user_unref+0xb4) [0x7f0cbb6e6ac4] -> dovecot/lmtp [local DATA](+0x63fa) [0x7f0cbbe153fa] -> dovecot/lmtp [local DATA](lmtp_local_deinit+0x5c) [0x7f0cbbe158dc] -> dovecot/lmtp [local DATA](client_state_reset+0x1a) [0x7f0cbbe14a5a] -> /usr/lib/dovecot/libdovecot.so.0(smtp_server_connection_reset_state+0x3c) [0x7f0cbb37397c] -> /usr/lib/dovecot/libdovecot.so.0(smtp_server_command_completed+0x4d) [0x7f0cbb37132d] -> /usr/lib/dovecot/libdovecot.so.0(+0x54858) [0x7f0cbb374858] -> /usr/lib/dovecot/libdovecot.so.0(+0xf0740) [0x7f0cbb410740] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x65) [0x7f0cbb400335] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run_internal+0x10f) [0x7f0cbb401bdf] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0x52) [0x7f0cbb400432] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x38) [0x7f0cbb400658] -> /usr/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f0cbb37eb93] -> dovecot/lmtp [local DATA](main+0x226) [0x7f0cbbe141a6] -> /lib64/libc.so.6(__libc_start_main+0xf5) [0x7f0cbaf7ec05] -> dovecot/lmtp [local DATA](+0x52d2) [0x7f0cbbe142d2]
 
Don't know dovecot and exim after latest updates and reboot

spamd[1790]: razor2: razor2 check failed: Connection refused razor2: razor2 had unknown error during get_server_info at /usr/share/perl5/Mail/SpamAssassin/Plugin/Razor2.pm line 187. at /usr/share/perl5/Mail/SpamAssassin/Plugin/Razor2.pm line 330.

Also the csf dovecot running message.
Account: dovecot
Resource: Process Time
Exceeded: 37972 > 1800 (seconds)
Executable: /usr/libexec/dovecot/stats
Command Line: dovecot/stats [16 connections]
PID: 1309 (Parent PID:760)
Killed: No
 
You can ignore the CSF message and add it to the ignore process list. This is a new dovecot stats feature.
 
Since this update CSF/LFD sends me these messages:
Code:
Time:         Fri Jan  5 11:44:42 2018 +0100
Account:      dovecot
Resource:     Process Time
Exceeded:     12742 > 1800 (seconds)
Executable:   /usr/libexec/dovecot/stats
Command Line: dovecot/stats [16 connections]
PID:          1462 (Parent PID:714)
Killed:       No


I'll add it to the /etc/csf/csf.pignore list.

That's one way to deal with it, but I'd rather know why the stats module takes so much time to execute. That can't be right. I've seen "Exceeded" over 60000 seconds here.
 
The dovecot/stats is a dovecot's service, and it's supposed to run in memory alongside with dovecot's main processes. See https://wiki.dovecot.org/Services#stats They say:


stats


Mail process statistics tracking. Its behavior is very similar to the anvil process, but anvil's data is of higher importance and lower traffic than stats, so stats are tracked in a separate process.


Change the default settings for the service per your needs (the block might be missing, so you will need to add it manually):


Code:
service stats {
  chroot = empty
  client_limit = 0
  drop_priv_before_exec = no
  executable = stats
  extra_groups =
  group =
  idle_kill = 4294967295 secs
  privileged_group =
  process_limit = 1
  process_min_avail = 0
  protocol =
  service_count = 0
  type =
  unix_listener stats-reader {
    group =
    mode = 0600
    user =
  }
  unix_listener stats-writer {
    group =
    mode = 0600
    user =
  }
  user = $default_internal_user
  vsz_limit = 18446744073709551615 B
}
 
Back
Top