2

I have a testing VM running Ubuntu with postfix, dovecot and a couple of users set up using Roundcube to send mail locally via SMTP.

If I set the Dovecot quota of User A to 20K and then send about 18K of mail to them from User B, this puts them at 90% of their quota. I can see this with doveadm quota get -u usera (and I see Roundcube shows this in its UI in fact).

But they do not get a notification that they are approaching their quota. I have also put a logging line in the notification script, but see that no log is written.

If I then send another email from User B to put User A over quota, User B doesn't get a notice of that, nor does User A. But I would expect them to. (EDIT: as per @anx comment, this isn't necessarily the correct expectation though)

When User A replies to User B when they are over quota, they get a message message from Roundcube to saying the operation can't be done as there is no free disk space. But the mail is sent OK.

How can I get quotas to message their status properly?

My userdb file has this entry in it:

usera:::::::userdb_quota_rule=*:bytes=20K

Output from doveconf -n

auth_debug = yes
auth_username_format = %n
mail_debug = yes
mail_location = maildir:~/Maildir
mail_plugins = " quota"
mail_privileged_group = mail
namespace inbox {
  inbox = yes
  location = 
  mailbox Drafts {
    special_use = \Drafts
  }
  mailbox Junk {
    special_use = \Junk
  }
  mailbox Sent {
    special_use = \Sent
  }
  mailbox "Sent Messages" {
    special_use = \Sent
  }
  mailbox Trash {
    special_use = \Trash
  }
  prefix = 
}
passdb {
  driver = pam
}
plugin {
  quota = count:User quota
  quota_grace = 10%%
  quota_max_mail_size = 50M
  quota_rule = *:storage=5G
  quota_rule2 = Trash:storage=+100M
  quota_vsizes = yes
  quota_warning = storage=95%% quota-warning 95 %u
  quota_warning2 = storage=80%% quota-warning 80 %u
  quota_warning4 = -storage=100%% quota-warning -100 %u
}
protocols = " imap"
service quota-status {
  client_limit = 1
  executable = quota-status -p postfix
  inet_listener {
    port = 12340
  }
}
service quota-warning {
  executable = script /usr/local/bin/quota-warning.sh
  unix_listener quota-warning {
    user = mail
  }
  user = dovecot
}
ssl_cert = </etc/dovecot/private/dovecot.pem
ssl_client_ca_dir = /etc/ssl/certs
ssl_dh = # hidden, use -P to show it
ssl_key = # hidden, use -P to show it
userdb {
  driver = passwd
  result_internalfail = return-fail
  result_success = continue-ok
}
userdb {
  args = /etc/dovecot/quotas
  driver = passwd-file
  result_internalfail = return-fail
  result_success = continue
}
protocol !indexer-worker {
  mail_vsize_bg_after_count = 100
}
protocol imap {
  mail_plugins = " quota imap_quota"
}

Postfix postconf -n

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
compatibility_level = 3.6
default_transport = error
home_mailbox = Maildir/
inet_interfaces = loopback-only
inet_protocols = all
mailbox_size_limit = 0
mydestination = $myhostname, localhost.localdomain, localhost
myhostname = tester.localdomain
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
readme_directory = no
recipient_delimiter = +
relay_transport = error
relayhost =
smtp_tls_CApath = /etc/ssl/certs
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_recipient_restrictions = check_policy_service inet:127.0.0.1:12340
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_security_level = may

Postfix postconf -M

smtp       inet  n       -       y       -       -       smtpd
pickup     unix  n       -       y       60      1       pickup
cleanup    unix  n       -       y       -       0       cleanup
qmgr       unix  n       -       n       300     1       qmgr
tlsmgr     unix  -       -       y       1000?   1       tlsmgr
rewrite    unix  -       -       y       -       -       trivial-rewrite
bounce     unix  -       -       y       -       0       bounce
defer      unix  -       -       y       -       0       bounce
trace      unix  -       -       y       -       0       bounce
verify     unix  -       -       y       -       1       verify
flush      unix  n       -       y       1000?   0       flush
proxymap   unix  -       -       n       -       -       proxymap
proxywrite unix  -       -       n       -       1       proxymap
smtp       unix  -       -       y       -       -       smtp
relay      unix  -       -       y       -       -       smtp -o syslog_name=postfix/$service_name
showq      unix  n       -       y       -       -       showq
error      unix  -       -       y       -       -       error
retry      unix  -       -       y       -       -       error
discard    unix  -       -       y       -       -       discard
local      unix  -       n       n       -       -       local
virtual    unix  -       n       n       -       -       virtual
lmtp       unix  -       -       y       -       -       lmtp
anvil      unix  -       -       y       -       1       anvil
scache     unix  -       -       y       -       1       scache
postlog    unix-dgram n  -       n       -       1       postlogd
maildrop   unix  -       n       n       -       -       pipe flags=DRXhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
uucp       unix  -       n       n       -       -       pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail     unix  -       n       n       -       -       pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp      unix  -       n       n       -       -       pipe flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix - n       n       -       2       pipe flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman    unix  -       n       n       -       -       pipe flags=FRX user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop} ${user}

Logs

journalctl when usera sends when they are over quota:

https://pastebin.com/NyRL40nV

and when userb sends to usera when usera is over quota (this time, userb does get a message though):

https://pastebin.com/Z7mQVd9H

TommyPeanuts
  • 472
  • 1
  • 7
  • 24
  • 1
    *"email from User B to put User A over quota, User B doesn't get a notice of that, [..]. But I would expect them to"* Not necessarily. You are allowed to go over quota (subject to the quota_grace limits) from the message that brings you above the limit, its only after you have exceeded your allowance that the *next* message fails. – anx Nov 06 '22 at 12:32
  • I recommend you put something obvious (like `logger`) in your quota warning script and observe logs, It is not entirely clear whether the condition does not trigger where it should, or the quota script fails to construct and/or deliver the warning message. – anx Nov 06 '22 at 12:35
  • Possibly harmless right now because at least your `main.cf` does not mention additional checks, but just in case you ever will: You probably want `quota_status_success=DUNNO`. You have not overridden `quota_status_success` - the default is `OK` which means any following checks in `smtpd_recipient_restrictions` would be disregarded just because the recipient user is known and not over quota. – anx Nov 06 '22 at 13:17
  • 1
    Thanks - I've edited my question to have those `postconf` outputs in there, and added links to log examples at the end. Also put a logger into the script, but see no logs so far from that. However, I when I tried sending from userb just now to usera (who is over quota) I do get a message that usera is over quota. So some notification is working? – TommyPeanuts Nov 07 '22 at 08:51
  • Oh BTW on your comment @anx about `quota_status_success=DUNNO` I was going to fine tune the configs once I was clear things were working OK. – TommyPeanuts Nov 07 '22 at 08:53

0 Answers0