Dovecot - Secure IMAP server

Monique Y. Mudama | 1 Feb 2011 02:00

automated mailbox trimming?

Hello all,

If this is answered in the wiki, I apologize.  Please point me to it
and I'll be on my way ...

This may be more of a MailDir-generic question, except that as I
understand it there's some wiggle room in the naming of the message
files.

I've just switched from an mbox-based mail system to Dovecot with
MailDir.  With mbox, I used logrotate to keep some of my mailboxes
(spam, sent, stuff like that) down to only the most recent messages.

What's the best way to go about mailbox trimming with dovecot's
implementation of maildir?  I was thinking of writing a script to simply
move or delete old files, but would I mess up dovecot's expectations
for directory/file structure that way?

My mail directories are in my user's home directory.

I'm fine with writing a script or application (time permitting, of
course), but before I do so, is there already a solution out there?

In case it's relevant:

$ dovecot --version
1.2.15
$ dovecot -n
# 1.2.15: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.37 x86_64 Debian 6.0

(Continue reading)

Timo Sirainen | 1 Feb 2011 02:07

Picon

Picon

Re: automated mailbox trimming?

On 1.2.2011, at 3.00, Monique Y. Mudama wrote:

> I've just switched from an mbox-based mail system to Dovecot with
> MailDir.  With mbox, I used logrotate to keep some of my mailboxes
> (spam, sent, stuff like that) down to only the most recent messages.
> 
> What's the best way to go about mailbox trimming with dovecot's
> implementation of maildir?

http://wiki.dovecot.org/Plugins/Expire although it's a bit annoyingly complex with v1.x. I'm
guessing you don't have all that many users, so v2.0 would make this simpler.

>  I was thinking of writing a script to simply
> move or delete old files, but would I mess up dovecot's expectations
> for directory/file structure that way?

There's "v1.0 cronjob equivalent" in the wiki page too. It'll work fine, no messing up Dovecot.

Stan Hoeppner | 1 Feb 2011 02:36

Re: Best filesystem?

Ron Leach put forth on 1/31/2011 4:06 AM:

>> git.kernel.org - linux/kernel/git/torvalds/linux-2.6.git/blob -
>> Documentation/filesystems/xfs.txt
>> 175         "fs.xfs.xfssyncd_centisecs     (Min: 100  Default: 3000  Max: 720000)
>> 176         The interval at which the xfssyncd thread flushes metadata
>> 177         out to disk.  This thread will flush log activity out, and
>> 178         do some processing on unlinked inodes.
>> 179 "
> 
> http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=blob;f=Documentation/filesystems/xfs.txt;hb=HEAD
> 
> 
> Why does this period in the UPS availability-time matter?  Because the UPS
> available-time has, of course, to first be allocated to the application machines
> to close their applications, before the file servers can be asked to 'commit'
> any delayed allocations and close down themselves (I don't want the file servers
> to close down while Dovecot (and any other applications) still have relevant
> data yet unwritten to the file-servers).

You need to read all about the xfssyncd thread before you jump to conclusions
about what the above patch actually does, and does not, do, and how that may or
may not relate to your specific concerns here.

Note that when you do a shutdown, the kernel will flush all buffers, and XFS
will automatically push all writes to disk.  The patch you're looking at above,
IIRC, is a house cleaning parameter, not a normal operations parameter.  For
instance, if you create 10k directories that's not going to fit in the XFS log.
 Once it fills up, the inodes at the head of the log will start getting flushed
to disk, and new inodes will start coming in the tail of the log.  If

(Continue reading)

Timo Sirainen | 1 Feb 2011 02:49

Picon

Picon

Re: Best filesystem?

On 31.1.2011, at 12.34, Ron Leach wrote:

>> MainConfig - Dovecot Wiki 
> > "fsync_disable = no
> > Don't use fsync() or
>> fdatasync() calls. This makes the performance better at the cost of
>> potential data loss if the server (or the file server) goes down."
> 
> http://wiki1.dovecot.org/MainConfig
> 
> Is mail_fsync a v2 item?  We're using Dovecot v1, for now.  Presumably
> 
> fsync_disable = no
> 
> is the default, so that fsyncs take place?

Right.

> As I understand it, Dovecot rebuilds its indexes if they become corrupted and, if that's the case, then
there is no filesystem vulnerability in respect of those.  We're using maildir.  How soon after each mail
message is written, moved, renamed, etc, does Dovecot issue fsyncs?  Is there much 'commit-delay' up to
that point, which might be a vulnerability window?

Success isn't returned to dovecot-lda or IMAP APPEND call until the mail has been fsynced. As long as the
disk doesn't lie and the filesystem doesn't lie, there is zero data loss when fsyncing isn't disabled with Dovecot.

> Finally, and I do apologise for all the questions, we're wishing to move to NFS.  (At the moment we have a 'one
box' Dovecot solution, but this makes upgrade of OS, upgrade of Dovecot, or upgrade of storage always a
problem.  We have already exported the new XFS filestore over NFS - but Dovecot is not (yet) using it, that's
the next step for us.) Does the fsync solution we've been discussing work just as well when the XFS

(Continue reading)

Stan Hoeppner | 1 Feb 2011 04:11

Re: Best filesystem?

Frank Cusack put forth on 1/31/2011 3:06 PM:
> On 1/30/11 5:07 PM -0600 Stan Hoeppner wrote:
>> To be clear, for any subscribers who haven't followed all of the various
>> filesystem and data security threads, with any modern *nix system, you
>> WILL lose data when power fails.  How much depends on how many writes to
>> disk were in flight when the power failed, and how one has their RAID
>> controller and inside-the-disk caches configured, whether using barriers,
>> etc.
> 
> That's incorrect.  When you fsync() a file, all sane modern filesystems
> guarantee no data loss, unless you tune that out administratively for
> performance reasons.  If you use a log structured filesystem (like zfs
> or WAFL) you can optimize the performance as well.  With other types
> of filesystems (like xfs), performance suffers severely under heavy
> sync write loads.

This depends on how the dev does his syncs.  If done intelligently, XFS
performance won't suffer.  In fact, the preferred write method to XFS for high
performance applications is using O_DIRECT.  Using O_DIRECT, correctly, with
XFS, actually _increases_ write performance versus going through the buffer
cache.  So you get the best of both worlds:  higher performance and data
guaranteed on disk.

But not all applications use fsync, O_DIRECT, et al.  The point I was making is
that on any general system, you will likely have some applications/daemons
writing without fsync or O_DIRECT, so you will likely suffer some data loss when
the plug is pulled or the kernel crashes.  If the timing of the crash is right
you can even lose data when using fsync.  Depends on how busy the system is and
how many synced writes are in flight when the power drops.  There truly aren't
any guarantees that data will always be on disk.  There are always corner cases

(Continue reading)

Stan Hoeppner | 1 Feb 2011 04:27

Re: Best filesystem?

Frank Cusack put forth on 1/31/2011 3:13 PM:
> On 1/30/11 5:07 PM -0600 Stan Hoeppner wrote:
>> To be clear, for any subscribers who haven't followed all of the various
>> filesystem and data security threads, with any modern *nix system, you
>> WILL lose data when power fails.
> 
> No, you won't, at least not necessarily.
> 
> I know I'm replying with just about the same content multiple times
> but there are multiple messages where you are spreading this
> misinformation.
> 
> It is possible to configure a file system to not suffer from data
> loss on power loss, and for mail stores that is generally the
> desired behavior.

Maybe not every time, but it should surely motivate OPs to look at their power
continuity solution(s).

Even using fsync et al, you can still lose data with power loss.  It all depends
on what is in flight where, on which bus or cable, and whether the pulses made
it to the platters.  fsync is a best effort.  It can't guarantee all the
hardware was able to play its part correctly before the electrons stopped
flowing to the disk head actuator or spindle motor.

This is common sense.  Anyone with the slightest knowledge of electricity and
background in electronics, and working with computers for any amount of time,
should realize this.

There is no 100% guarantee.  This is one reason why the massive power backup

(Continue reading)

Stan Hoeppner | 1 Feb 2011 04:37

Re: Best filesystem?

Ron Leach put forth on 1/31/2011 5:00 PM:

> What does everyone else do?  Lose emails?

No.  We have decent power backup systems and management interfaces so systems
don't abruptly lose power.  We also use good hardware with a good mainline
kernel driver track record.

I think you forgot about the two failure scenarios that you need to worry about
in this thread:

1.  Kernel/system crash
2.  Power loss

If you're using decent hardware with decent drivers that have been fleshed out
over the years in mainline, you can forget #1.  If you have decent UPS units,
management interfaces, and shutdown software, you don't need to worry about #2.

After those two are covered, the only thing you need to worry about is hardware
going flaky.  In that case, nothing will save you but good backups.  Thankfully
most hardware today is pretty reliable (system boards, HBAs, etc).

--

-- 
Stan

Frank Cusack | 1 Feb 2011 04:37

Re: Best filesystem?

On 1/31/11 9:11 PM -0600 Stan Hoeppner wrote:
> Frank Cusack put forth on 1/31/2011 3:06 PM:
>> That's incorrect.  When you fsync() a file, all sane modern filesystems
>> guarantee no data loss, unless you tune that out administratively for
>> performance reasons.  If you use a log structured filesystem (like zfs
>> or WAFL) you can optimize the performance as well.  With other types
>> of filesystems (like xfs), performance suffers severely under heavy
>> sync write loads.
>
> This depends on how the dev does his syncs.  If done intelligently, XFS
> performance won't suffer.  In fact, the preferred write method to XFS for
> high performance applications is using O_DIRECT.  Using O_DIRECT,
> correctly, with XFS, actually _increases_ write performance versus going
> through the buffer cache.  So you get the best of both worlds:  higher
> performance and data guaranteed on disk.

Most applications don't work well with O_DIRECT.  O_DIRECT is meant
as a tunable for write-mostly applications and a few other specific
classes.  A mail store is decidedly not in that class of application.
As a data point, zfs (and all log structured filesystems) does not
support O_DIRECT because it doesn't make sense given the on-disk
layout -- there is no performance benefit to be had.

> But not all applications use fsync, O_DIRECT, et al.  The point I was
> making is that on any general system, you will likely have some
> applications/daemons writing without fsync or O_DIRECT, so you will
> likely suffer some data loss when the plug is pulled or the kernel
> crashes.  If the timing of the crash is right you can even lose data when
> using fsync.  Depends on how busy the system is and how many synced
> writes are in flight when the power drops.  There truly aren't any

(Continue reading)

Frank Cusack | 1 Feb 2011 04:40

Re: Best filesystem?

On 2/1/11 3:49 AM +0200 Timo Sirainen wrote:
> fsync() makes sure that the data is sent to NFS server. I don't know if
> NFS protocol itself has a fsync() call that guarantees that the data is
> written on disk on the server, but I very much doubt it does. So I don't
> think NFS will help with any data guarantees.

I think it was Stan that pointed this out, sorry if that's a misattribution,
but all calls in v2 are synchronous, v3 and v4 have specific calls (which
are invoked by a local fsync()) which the NFS protocol requires that
the data be committed to disk, so that fsync() semantics are preserved.

But as I noted earlier, if the filesystem lies to the NFS stack, or
the NFS stack intentionally lies to the client, this may not be true.

As far as the NFS protocol is concerned though, there is such a call.

Frank Cusack | 1 Feb 2011 04:42

Re: Best filesystem?

On 1/31/11 9:27 PM -0600 Stan Hoeppner wrote:
> Frank Cusack put forth on 1/31/2011 3:13 PM:
>> On 1/30/11 5:07 PM -0600 Stan Hoeppner wrote:
>>> To be clear, for any subscribers who haven't followed all of the various
>>> filesystem and data security threads, with any modern *nix system, you
>>> WILL lose data when power fails.
>>
>> No, you won't, at least not necessarily.
>>
>> I know I'm replying with just about the same content multiple times
>> but there are multiple messages where you are spreading this
>> misinformation.
>>
>> It is possible to configure a file system to not suffer from data
>> loss on power loss, and for mail stores that is generally the
>> desired behavior.
>
> Maybe not every time, but it should surely motivate OPs to look at their
> power continuity solution(s).
>
> Even using fsync et al, you can still lose data with power loss.  It all
> depends on what is in flight where, on which bus or cable, and whether
> the pulses made it to the platters.  fsync is a best effort.  It can't
> guarantee all the hardware was able to play its part correctly before the
> electrons stopped flowing to the disk head actuator or spindle motor.
>
> This is common sense.  Anyone with the slightest knowledge of electricity
> and background in electronics, and working with computers for any amount
> of time, should realize this.
>

(Continue reading)

Group

gmane.mail.imap.dovecot.

Project Web Page

Dovecot - Secure IMAP server

Search Archive

Page

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 64

Articles in period: 635

February 2011

Language

Change language

Options

Current view: Threads only / Showing only 20 lines / Not hiding cited text.
Change to All messages, whole messages, or hide cited text.

Post a message
NNTP Newsgroup
Classic Gmane web interface
XML

XML

RSS Feed
List Information

About Gmane

Recent entries

. (dot) in maildir folder names (24 May 2013)
Passwordless auth? (24 May 2013)
How the does "new" autocreate method works? (23 May 2013)
Error: Initial status notification not received (23 May 2013)
Virtual Servers, or different authentication setups. (23 May 2013)
auth with passwd file , doublepoint in paasword (22 May 2013)
Speed up mail retrieval by keyword (22 May 2013)
Dovecot 2.2.2 compiling error (22 May 2013)
problem with proxy setup (22 May 2013)
LDA and enkive (22 May 2013)
Problems with Apple Mail: Enter Password for Account "..." (22 May 2013)
read only users's mailboxes (22 May 2013)
dsync Migration Couldn't keep all uids dove 2.1.16 (22 May 2013)
put users's mailbox in read only mode (22 May 2013)
should dovecot store maildir files with CRLF or LF? (22 May 2013)
Outlook 2013 - mounting folders with XLIST (21 May 2013)
CATENATE/literal8 issue (21 May 2013)
Configure dovecot to provide SASL (20 May 2013)
v2.2.2 + dsync version incompatibility (20 May 2013)
Sieve/pigeonhole with Exim and Dovecot LDA (20 May 2013)
dsync-2.2.2 incorrectly synchronizes subscription status of deleted ma (20 May 2013)

Archives

525	May 2013
640	April 2013
686	March 2013
636	February 2013
450	January 2013
384	December 2012
547	November 2012
661	October 2012
542	September 2012
536	August 2012
681	July 2012
654	June 2012
535	May 2012
629	April 2012
790	March 2012
736	February 2012
619	January 2012
523	December 2011
561	November 2011
313	October 2011
599	September 2011
456	August 2011
355	July 2011
639	June 2011
557	May 2011
510	April 2011
682	March 2011
578	February 2011
954	January 2011
813	December 2010
864	November 2010
1020	October 2010
1003	September 2010
1200	August 2010
927	July 2010
831	June 2010
794	May 2010
616	April 2010
778	March 2010
821	February 2010
826	January 2010
730	December 2009
667	November 2009
999	October 2009
616	September 2009
778	August 2009
949	July 2009
769	June 2009
792	May 2009
778	April 2009
626	March 2009
872	February 2009
880	January 2009
567	December 2008
564	November 2008
960	October 2008
667	September 2008
763	August 2008
764	July 2008
652	June 2008
735	May 2008
632	April 2008
617	March 2008
634	February 2008
783	January 2008
576	December 2007
706	November 2007
601	October 2007
718	September 2007
673	August 2007
599	July 2007
658	June 2007
855	May 2007
814	April 2007
1308	March 2007
987	February 2007
764	January 2007
471	December 2006
655	November 2006
757	October 2006
599	September 2006
804	August 2006
539	July 2006
838	June 2006
707	May 2006
702	April 2006
464	March 2006
549	February 2006
676	January 2006
470	December 2005
302	November 2005
474	October 2005
503	September 2005
514	August 2005
478	July 2005
333	June 2005
300	May 2005
455	April 2005
399	March 2005
186	February 2005
305	January 2005
445	December 2004
248	November 2004
326	October 2004
316	September 2004
198	August 2004
352	July 2004
400	June 2004
284	May 2004
158	April 2004
100	March 2004
139	February 2004
93	January 2004
72	December 2003
196	November 2003
98	October 2003
174	September 2003
232	August 2003
195	July 2003
202	June 2003
223	May 2003
200	April 2003
156	March 2003
64	February 2003
1	January 2000

Design

Zawodny | Right Menu | Left Menu

Your Own Design

Paste the URL of your CSS below. Download CSS template