MeinerEiner

Dovecot 2.4 is only available as community edition with feature cut. I do not know exactly how this affects froxlor functionality. but it seems to be ok. The only thing i cannot find in new config ist sieve after.d config to move spam marked mails to junk folder. So are there any plans to use an alternative to dovecot for the future? Dovecot 2.4 is also available for debian bookworm with dovecot repo

Here is the config I thik it should work - with diffs: #disable_plaintext_auth = no auth_allow_cleartext = yes auth_mechanisms = plain login !include auth-sql.conf.ext #mail_location = mbox:~/mail:INBOX=/var/mail/%u mail_driver = mbox = mbox mail_inbox_path = /var/mail/%u namespace inbox { inbox = yes } mail_privileged_group = mail service auth { # Postfix smtp-auth unix_listener /var/spool/postfix/private/auth { mode = 0660 user = postfix group = postfix } # Exim4 smtp-auth unix_listener auth-client { mode = 0660 user = mail #group = Debian-exim } } service stats { unix_listener stats-reader { group = vmail mode = 0666 } unix_listener stats-writer { group = vmail mode = 0666 } } ssl = yes #ssl_cert = </etc/ssl/lets-encrypt/mail/fullchain.cer ssl_server_cert_file = /etc/ssl/lets-encrypt/mail/fullchain.cer #ssl_key = </etc/ssl/lets-encrypt/mail/server.key ssl_server_key_file = /etc/ssl/lets-encrypt/mail/server.key #ssl_dh = </usr/share/dovecot/dh.pem ssl_server_dh_file = /usr/share/dovecot/dh.pem postmaster_address = postmaster@service.com #protocol imap { # mail_plugins = $mail_plugins quota imap_quota #} protocol imap { mail_plugins { quota = yes imap_quota = yes } } pop3_logout_format = in=%i out=%o top=%t/%p, retr=%r/%b, del=%d/%m, size=%s ## LDA protocol lda { mail_plugins { sieve = yes } } ## Sieve mail_plugins { sieve = yes } #plugin { # sieve = file:~/sieve;active=~/.dovecot.sieve # sieve_dir = ~/sieve #} sieve_script personal { driver = file path = ~/sieve active_path = ~/.dovecot.sieve } mailbox Spam { ## From elsewhere to Spam folder sieve_script report-spam { type = before cause = copy path = /etc/dovecot/sieve/report-spam.sieve } } ## From Spam folder to elsewhere imapsieve_from Spam { sieve_script report-ham { type = before cause = copy path = /etc/dovecot/sieve/report-ham.sieve } } ## Quota mail_plugins { quota = yes } #plugin { # quota = maildir:User quota #} quota "User quota" { driver= Maildir++ quota } quota "User quota" { warning warn-95 { quota_storage_percentage = 95 execute quota-warning { args = 95 %{user} } } warning warn-80 { quota_storage_percentage = 80 execute quota-warning { args = 80 %{user} } } } ##Sql #driver = mysql #connect = "host=127.0.0.1 dbname=froxlor user=froxlor password=FROXLOR_MYSQL_PASSWORD" sql_driver = mysql mysql 127.0.0.1 { user = froxlor password = FROXLOR_DBPASSWORD dbname = froxlor } #password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid, CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('*:storage=', quota, 'M') as userdb_quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3') OR ((postfix = 'Y' AND '%Ls' = 'smtp') OR (postfix = 'Y' AND '%Ls' = 'sieve'))) iterate_query = "SELECT username AS user FROM mail_users WHERE (imap = 1 OR pop3 = 1)" passdb sql { default_password_scheme = CRYPT query = SELECT username AS user, password_enc AS password FROM mail_users WHERE (username = '%{user}' OR email = '%{user}') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3') OR ((postfix = 'Y' AND '%Ls' = 'smtp') OR (postfix = 'Y' AND '%Ls' = 'sieve')))iterate_query = "SELECT username AS user FROM mail_users WHERE (imap = 1 OR pop3 = 1)" } #user_query = SELECT CONCAT(homedir, maildir) AS home, CONCAT('maildir:', homedir, maildir) AS mail, uid, gid, CONCAT('*:storage=', quota, 'M') as quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u') userdb sql { query = SELECT CONCAT(homedir, maildir) AS home, 'maildir' as mail_driver, CONCAT(homedir, maildir) AS mail_path, uid, gid, CONCAT('*:storage=', quota, 'M') as quota_rule FROM mail_users WHERE (username = '%{user}' OR email = '%{user}') } For password query is it enough to retrieve only neccessary fields user and password? Old entries are comment out with # obove new statement.

Nope, I#m just in hurry and I haven't got time to write more. I will post the diffs after finish.

Just look in the first post and use a diff tool to compare it. Most thins are renamings. I guess this will also affect debian bookworm with next release of dovecot.

Hello, Just take a look at this fix for additional config: auth_allow_cleartext = yes auth_mechanisms = plain login !include auth-sql.conf.ext mail_driver = mbox = mbox mail_inbox_path = /var/mail/%u namespace inbox { inbox = yes } mail_privileged_group = mail service auth { # Postfix smtp-auth unix_listener /var/spool/postfix/private/auth { mode = 0660 user = postfix group = postfix } # Exim4 smtp-auth unix_listener auth-client { mode = 0660 user = mail #group = Debian-exim } } service stats { unix_listener stats-reader { group = vmail mode = 0666 } unix_listener stats-writer { group = vmail mode = 0666 } } ssl = yes ssl_server_cert_file = /etc/ssl/lets-encrypt/mail/fullchain.cer ssl_server_key_file = /etc/ssl/lets-encrypt/mail/server.key ssl_server_dh_file = /usr/share/dovecot/dh.pem postmaster_address = postmaster@service.com protocol imap { mail_plugins { quota = yes imap_quota = yes } } pop3_logout_format = in=%i out=%o top=%t/%p, retr=%r/%b, del=%d/%m, size=%s ## Sieve mail_plugins { sieve = yes } sieve_script personal { driver = file path = ~/sieve active_path = ~/.dovecot.sieve } ## Quota mail_plugins { quota = yes } quota "User quota" { driver= Maildir++ quota } quota "User quota" { warning warn-95 { quota_storage_percentage = 95 execute quota-warning { args = 95 %{user} } } warning warn-80 { quota_storage_percentage = 80 execute quota-warning { args = 80 %{user} } } } Later I will check how to fix file /etc/dovecot/dovecot-sql.conf.ext.

Hello, latest updates to dovecot breaks imap and pop. File /etc/dovecot/dovecot-sql.conf.ext is oblolete and dovecot will mnot start any more. Config file: disable_plaintext_auth = no auth_mechanisms = plain login !include auth-sql.conf.ext mail_location = mbox:~/mail:INBOX=/var/mail/%u namespace inbox { inbox = yes } mail_privileged_group = mail service auth { # Postfix smtp-auth unix_listener /var/spool/postfix/private/auth { mode = 0660 user = postfix group = postfix } # Exim4 smtp-auth unix_listener auth-client { mode = 0660 user = mail #group = Debian-exim } } service stats { unix_listener stats-reader { group = vmail mode = 0666 } unix_listener stats-writer { group = vmail mode = 0666 } } ssl = yes ssl_cert = </etc/ssl/custom/system.com.pem ssl_key = </etc/ssl/custom/system.com.key ssl_dh = </usr/share/dovecot/dh.pem postmaster_address = postmaster@isp-template.system.com protocol imap { mail_plugins = $mail_plugins quota imap_quota } pop3_logout_format = in=%i out=%o top=%t/%p, retr=%r/%b, del=%d/%m, size=%s plugin { sieve = file:~/sieve;active=~/.dovecot.sieve sieve_dir = ~/sieve } plugin { quota = maildir:User quota } Are the any developments on debian trixie or available fixes for dovecot?

So I checked permissiins on customrs web, they are right. I do a nscd -i group and nscd -i passwd and restart service php8.4-fpm restart and now it works. I purged nscd and reboot the system and it seems to work! Thank you sooo much for fast response 😉

Hello, we have 3 froxlor (version 2.2.6, debian trixie, PHP-FPM, PHP8.4.x) systems, 2 works fine, if we create a new customer with domain. On one system it is faulted, an error occurs for domian (also if I open webalyzer): [Mon Apr 21 10:34:28.730401 2025] [core:crit] [pid 1032037:tid 1032037] (13)Permission denied: [client xx.xxx.xxx.xxx:51055] AH00529: /var/customers/webs/Test/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable and that '/var/customers/webs/Test/' is executable So i checked the libnss-extrausers configurations and versions on all three systems and they are identically version libnss-extrausers 0.6-6 nssswitch.conf: # Make sure that `passwd`, `group` and `shadow` have extrausers in their lines # You should place extrausers at the end, so that it is queried after the other mechanisams # passwd: compat extrausers group: compat extrausers shadow: compat extrausers hosts: files dns networks: files dns services: db files protocols: db files rpc: db files ethers: db files netmasks: files netgroup: files bootparams: files automount: files aliases: files nscd.conf: # # /etc/nscd.conf # # An example Name Service Cache config file. This file is needed by nscd. # # WARNING: Running nscd with a secondary caching service like sssd may lead to # unexpected behaviour, especially with how long entries are cached. # # Legal entries are: # # logfile <file> # debug-level <level> # threads <initial #threads to use> # max-threads <maximum #threads to use> # server-user <user to run server as instead of root> # server-user is ignored if nscd is started with -S parameters # stat-user <user who is allowed to request statistics> # reload-count unlimited|<number> # paranoia <yes|no> # restart-interval <time in seconds> # # enable-cache <service> <yes|no> # positive-time-to-live <service> <time in seconds> # negative-time-to-live <service> <time in seconds> # suggested-size <service> <prime number> # check-files <service> <yes|no> # persistent <service> <yes|no> # shared <service> <yes|no> # NOTE: Setting 'shared' to a value of 'yes' will accelerate the lookup, # but those lookups will not be counted as cache hits # i.e. 'nscd -g' may show '0%'. # max-db-size <service> <number bytes> # auto-propagate <service> <yes|no> # # Currently supported cache names (services): passwd, group, hosts, services # # logfile /var/log/nscd.log # threads 4 # max-threads 32 # server-user nobody # stat-user somebody debug-level 0 # reload-count 5 paranoia no # restart-interval 3600 enable-cache passwd yes positive-time-to-live passwd 600 negative-time-to-live passwd 20 suggested-size passwd 211 check-files passwd yes persistent passwd yes shared passwd yes max-db-size passwd 33554432 auto-propagate passwd yes enable-cache group yes positive-time-to-live group 3600 negative-time-to-live group 60 suggested-size group 211 check-files group yes persistent group yes shared group yes max-db-size group 33554432 auto-propagate group yes enable-cache hosts yes positive-time-to-live hosts 3600 negative-time-to-live hosts 20 suggested-size hosts 211 check-files hosts yes persistent hosts yes shared hosts yes max-db-size hosts 33554432 enable-cache services yes positive-time-to-live services 28800 negative-time-to-live services 20 suggested-size services 211 check-files services yes persistent services yes shared services yes max-db-size services 33554432 enable-cache netgroup yes positive-time-to-live netgroup 28800 negative-time-to-live netgroup 20 suggested-size netgroup 211 check-files netgroup yes persistent netgroup yes shared netgroup yes max-db-size netgroup 33554432 #/var/lib/extrausers seems to be correct. www-data is in all groups Any idea?

So I created a new customer on froxlor 2.2.4, debian bookworm and assign a new domain to this customer. Then I activate the letsencrypt certificate, which is generated in /root/acme.sh/new-domain.tld, but the certificate is not copied to /etc/ssl/froxlor-custom/*.key *.crt *.CA *.chain.pem, etc. The domain is not valid for ssl, cause the certificate is missing. Any suggestions?

It is working with version 2.0.23! Thank's alot.

So, it seems to be fixed. Is there a new release planned with that fix? And yes we have a multiple running systems with customers.

Hello, I try to upgrade froxlor to 2.0.22. The previous version was 2.0.21. The update is successful. Login page is display normal. After login I get an error: Uncaught exception 500 SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ') AND `d`.`email_only` = '0' AND `d`.`id` NOT IN ()' at line 3 #0 /var/www/froxlor/lib/Froxlor/Database/Database.php(124): Froxlor\Database\Database::showerror() #1 /var/www/froxlor/lib/Froxlor/Database/Database.php(102): Froxlor\Database\Database::pexecute() #2 /var/www/froxlor/lib/Froxlor/Api/Commands/SubDomains.php(1074): Froxlor\Database\Database::pexecute_first() #3 /var/www/froxlor/lib/Froxlor/UI/Collection.php(132): Froxlor\Api\Commands\SubDomains->listingCount() #4 /var/www/froxlor/lib/Froxlor/CurrentUser.php(156): Froxlor\UI\Collection->count() #5 /var/www/froxlor/lib/navigation/00.froxlor.main.php(84): Froxlor\CurrentUser::canAddResource() #6 /var/www/froxlor/lib/Froxlor/PhpHelper.php(235): include('...') #7 /var/www/froxlor/lib/init.php(271): Froxlor\PhpHelper::loadConfigArrayDir() #8 /var/www/froxlor/admin_index.php(27): require('...') #9 {main} System Debian Bookworm Serversoftware Apache/2.4.57 (Debian) PHP-Version 8.2.9 MySQL server version 8.0.34 Webserver interface FPM-FCGI Kernel 6.1.0-11-amd64 (x86_64) Any suggestions

Hello, do we get soon a version of froxlor that fully supports php8.1 without deprecated warnings? PHP warning/error #8192 htmlentities(): Passing null to parameter #1 ($string) of type string is deprecated lib/Froxlor/PhpHelper.php:67

Hello, i was unable to add a new domain with froxlor version 0.10.29.1. No own dns server is used, instead external 1.1.1.1 and 1.0.0.1 is used. I got an error: he domains DNS does not include any of the chosen IP addresses. Let's Encrypt certificate generation not possible. other domains that created before with version 0.10.28.x are working and in .acme/... certificates are created, also they are available in /etc/ssl/custom-froxlor. So what's happend? Setting the panel-domain tables entry for domian letsencrypt and run php /var/www/froxlor/scripts/froxlor_master_cronjob.php --letsencrypt --debug creates the certificates in /root/.acme.sh, but they are not present in /etc/ssl/custom-froxlor. Any suggestions?