Installing a new setup

I am keeping notes, so when I got this working, maybe i will write something

@florian030 @michelangelo could you share your working config? and maybe some details on how it is set up, to see if I'm missing something?

 

Did some testing, read <-> unread seemed to work. Now did another test by sending a email to myself, and it is not replicated. Will do some digging...

When running

Code:

doveadm sync -A tcp:server1.example.com

from server2, the replication of the new email is done. Previously this happened automatically... Not sure why it doesn't do that anymore.

 

I did, can't find anything off except that replication is not initiated.

dovecot.conf:

Code:

listen = *,[::]
protocols = imap pop3 lmtp
auth_mechanisms = plain login
disable_plaintext_auth = no
log_timestamp = "%Y-%m-%d %H:%M:%S "
mail_privileged_group = vmail
ssl_cert = </etc/postfix/smtpd.cert
ssl_key = </etc/postfix/smtpd.key
ssl_dh = </etc/dovecot/dh.pem
ssl_min_protocol = TLSv1.2
#ssl_cipher_list = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
ssl_cipher_list = kEECDH:+kEECDH+SHA:kEDH:+kEDH+SHA:+kEDH+CAMELLIA:kECDH:+kECDH+SHA:kRSA:+kRSA+SHA:+kRSA+CAMELLIA:!aNULL:!eNULL:!SSLv2:!RC4:!MD5:!DES:!EXP:!SEED:!IDEA:!3DES
# Dit aangepast naar yes:
ssl_prefer_server_ciphers = yes
mail_max_userip_connections = 100
# notify and replication toegoevoegd:
mail_plugins = quota notify replication
passdb {
  args = /etc/dovecot/dovecot-sql.conf
  driver = sql
}
userdb {
  driver = prefetch
}
userdb {
  args = /etc/dovecot/dovecot-sql.conf
  driver = sql
}
plugin {
  quota = dict:user::file:/var/vmail/%d/%n/.quotausage

  # no longer needed, as 'sieve' is in userdb extra fields:
  sieve=/var/vmail/%d/%n/.sieve

  sieve_before=/var/vmail/%d/%n/.ispconfig-before.sieve
  sieve_after=/var/vmail/%d/%n/.ispconfig.sieve
  sieve_max_script_size = 2M
  sieve_max_actions = 100
  sieve_max_redirects = 25
}
service auth {
  unix_listener /var/spool/postfix/private/auth {
    group = postfix
    mode = 0660
    user = postfix
  }
  unix_listener auth-userdb {
    group = vmail
    mode = 0600
    user = vmail
  }
  user = root
}
service lmtp {
  unix_listener /var/spool/postfix/private/dovecot-lmtp {
   group = postfix
   mode = 0600
   user = postfix
   # For higher volume sites, it may be desirable to increase the number of active listener processes.
   # A range of 5 to 20 is probably good for most sites
   #process_min_avail = 5
  }
}
lmtp_rcpt_check_quota = yes
service imap-login {
  client_limit = 1000
  process_limit = 512
}
protocol imap {
  mail_plugins = $mail_plugins quota imap_quota
  auth_verbose = yes
}
protocol pop3 {
  pop3_uidl_format = %08Xu%08Xv
  mail_plugins = quota
  auth_verbose = yes
}
protocol lda {
postmaster_address = [email protected]
  mail_plugins = $mail_plugins sieve quota
}
protocol lmtp {
postmaster_address = [email protected]
  mail_plugins = quota sieve
}

service stats {
    unix_listener stats-reader {
        user = vmail
        group = vmail
        mode = 0660
    }

    unix_listener stats-writer {
        user = vmail
        group = vmail
        mode = 0660
    }
}

service quota-status {
  executable = quota-status -p postfix
  unix_listener /var/spool/postfix/private/quota-status {
    group = postfix
    mode = 0660
    user = postfix
  }
  client_limit = 1
}
plugin {
  quota_status_success = DUNNO
  quota_status_nouser = DUNNO
  quota_status_overquota = "552 5.2.2 Mailbox is full"
}

imap_capability=+SEPCIAL-USE XLIST
namespace inbox {
  inbox = yes
  separator = .
  mailbox Drafts {
    special_use = \Drafts
  }
  mailbox Junk {
    special_use = \Junk
  }
  mailbox Sent {
    special_use = \Sent
  }
  mailbox "Sent Messages" {
    special_use = \Sent
  }
  mailbox Trash {
    special_use = \Trash
  }
}

# DSYNC MX1 <-> MX2
# Enable the replication plugin globally
mail_plugins = $mail_plugins notify replication

# Replicator process should be started at startup, so it can start replicating users immediately:
service replicator {
  process_min_avail = 1
}

# The mail processes need to have access to the replication-notify fifo and socket.
service aggregator {
  fifo_listener replication-notify-fifo {
    user = vmail
    mode = 0666
  }
  unix_listener replication-notify {
    user = vmail
    mode = 0666
  }
}

# Enable doveadm replicator commands
service replicator {
  unix_listener replicator-doveadm {
    mode = 0666
  }
}

# Create a listener for doveadm-server
service doveadm {
  user = vmail
  inet_listener {
    port = 12345
  }
}

# configure how many dsyncs can be run in parallel (10 by default)
replication_max_conns = 10

# tell doveadm client to use this port by default
doveadm_port = 12345

#Both the client and the server also need to have a shared secret
doveadm_password = REMOVED

# use tcp:hostname as the dsync target
plugin {
  mail_replica = tcp:server2.example.com
  #mail_replica = tcp:server2.example.com:12345
}

service config {
  unix_listener config {
    user = vmail
  }
}

2 problems currently:
1: New emails are not replicated. They are replicated after interacting (e.g. reading) them, or when running

Code:

doveadm sync -A tcp:otherhost.example.com

2: When I move email X in my local mail client to a different mail account / local folder, the email is shown in Roundcube as deleted (see attached screenshot). Not sure if this is a misconfiguration in Roundcube or the synchronisation.

 

That comes from the original tutorial, but I had it commented out currently. Just not in the config I shared.

I redid the config and added $mail_plugins to service lmtp:

Code:

protocol lmtp {
postmaster_address = [email protected]
  mail_plugins = $mail_plugins quota sieve
}

I think that's new config in 3.2, @Jesse Norell might be able to confirm that. It seems to work now, will do some more tests and let you know.

Thanks Florian!

 

lmtp config is new. If notify and replication need added to mail_plugins for all protocols (note you don't have it for pop3), just add $mail_plugins to all protocols (and remove 'quota') and add those at the top level like you did. Have the installer and server plugin check for dsync being installed as to whether to add the entry at the top level or not.

While you're at it, can you add 'acl' to the top level and and 'imap_acl' to the imap protocol?

 

That is not an easy thing to do as the base software is installed in the perfect server tutorials, so we could aswell always enable replication and notify, but I don't think that's needed

 

Yes, it is finished and working very well. The HA Load balancer will be put in place later due to a lack of functionality right now.

 

I have done that: https://www.howtoforge.com/tutorial/ispconfig-multiserver-setup-debian-ubuntu/