2

I have a testing VM running Ubuntu with postfix, dovecot and a couple of users set up using Roundcube to send mail locally via SMTP.

If I set the Dovecot quota of User A to 20K and then send about 18K of mail to them from User B, this puts them at 90% of their quota. I can see this with doveadm quota get -u usera (and I see Roundcube shows this in its UI in fact).

But they do not get a notification that they are approaching their quota. I have also put a logging line in the notification script, but see that no log is written.

If I then send another email from User B to put User A over quota, User B doesn't get a notice of that, nor does User A. But I would expect them to. (EDIT: as per @anx comment, this isn't necessarily the correct expectation though)

When User A replies to User B when they are over quota, they get a message message from Roundcube to saying the operation can't be done as there is no free disk space. But the mail is sent OK.

How can I get quotas to message their status properly?


My userdb file has this entry in it:

usera:::::::userdb_quota_rule=*:bytes=20K

Output from doveconf -n

auth_debug = yes
auth_username_format = %n
mail_debug = yes
mail_location = maildir:~/Maildir
mail_plugins = " quota"
mail_privileged_group = mail
namespace inbox {
  inbox = yes
  location = 
  mailbox Drafts {
    special_use = \Drafts
  }
  mailbox Junk {
    special_use = \Junk
  }
  mailbox Sent {
    special_use = \Sent
  }
  mailbox "Sent Messages" {
    special_use = \Sent
  }
  mailbox Trash {
    special_use = \Trash
  }
  prefix = 
}
passdb {
  driver = pam
}
plugin {
  quota = count:User quota
  quota_grace = 10%%
  quota_max_mail_size = 50M
  quota_rule = *:storage=5G
  quota_rule2 = Trash:storage=+100M
  quota_vsizes = yes
  quota_warning = storage=95%% quota-warning 95 %u
  quota_warning2 = storage=80%% quota-warning 80 %u
  quota_warning4 = -storage=100%% quota-warning -100 %u
}
protocols = " imap"
service quota-status {
  client_limit = 1
  executable = quota-status -p postfix
  inet_listener {
    port = 12340
  }
}
service quota-warning {
  executable = script /usr/local/bin/quota-warning.sh
  unix_listener quota-warning {
    user = mail
  }
  user = dovecot
}
ssl_cert = </etc/dovecot/private/dovecot.pem
ssl_client_ca_dir = /etc/ssl/certs
ssl_dh = # hidden, use -P to show it
ssl_key = # hidden, use -P to show it
userdb {
  driver = passwd
  result_internalfail = return-fail
  result_success = continue-ok
}
userdb {
  args = /etc/dovecot/quotas
  driver = passwd-file
  result_internalfail = return-fail
  result_success = continue
}
protocol !indexer-worker {
  mail_vsize_bg_after_count = 100
}
protocol imap {
  mail_plugins = " quota imap_quota"
}

Postfix postconf -n

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
compatibility_level = 3.6
default_transport = error
home_mailbox = Maildir/
inet_interfaces = loopback-only
inet_protocols = all
mailbox_size_limit = 0
mydestination = $myhostname, localhost.localdomain, localhost
myhostname = tester.localdomain
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
readme_directory = no
recipient_delimiter = +
relay_transport = error
relayhost =
smtp_tls_CApath = /etc/ssl/certs
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_recipient_restrictions = check_policy_service inet:127.0.0.1:12340
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_security_level = may

Postfix postconf -M

smtp       inet  n       -       y       -       -       smtpd
pickup     unix  n       -       y       60      1       pickup
cleanup    unix  n       -       y       -       0       cleanup
qmgr       unix  n       -       n       300     1       qmgr
tlsmgr     unix  -       -       y       1000?   1       tlsmgr
rewrite    unix  -       -       y       -       -       trivial-rewrite
bounce     unix  -       -       y       -       0       bounce
defer      unix  -       -       y       -       0       bounce
trace      unix  -       -       y       -       0       bounce
verify     unix  -       -       y       -       1       verify
flush      unix  n       -       y       1000?   0       flush
proxymap   unix  -       -       n       -       -       proxymap
proxywrite unix  -       -       n       -       1       proxymap
smtp       unix  -       -       y       -       -       smtp
relay      unix  -       -       y       -       -       smtp -o syslog_name=postfix/$service_name
showq      unix  n       -       y       -       -       showq
error      unix  -       -       y       -       -       error
retry      unix  -       -       y       -       -       error
discard    unix  -       -       y       -       -       discard
local      unix  -       n       n       -       -       local
virtual    unix  -       n       n       -       -       virtual
lmtp       unix  -       -       y       -       -       lmtp
anvil      unix  -       -       y       -       1       anvil
scache     unix  -       -       y       -       1       scache
postlog    unix-dgram n  -       n       -       1       postlogd
maildrop   unix  -       n       n       -       -       pipe flags=DRXhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
uucp       unix  -       n       n       -       -       pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail     unix  -       n       n       -       -       pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp      unix  -       n       n       -       -       pipe flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix - n       n       -       2       pipe flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman    unix  -       n       n       -       -       pipe flags=FRX user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop} ${user}

Logs

journalctl when usera sends when they are over quota:

https://pastebin.com/NyRL40nV

and when userb sends to usera when usera is over quota (this time, userb does get a message though):

https://pastebin.com/Z7mQVd9H

5
  • 1
    "email from User B to put User A over quota, User B doesn't get a notice of that, [..]. But I would expect them to" Not necessarily. You are allowed to go over quota (subject to the quota_grace limits) from the message that brings you above the limit, its only after you have exceeded your allowance that the next message fails.
    – anx
    Commented Nov 6, 2022 at 12:32
  • I recommend you put something obvious (like logger) in your quota warning script and observe logs, It is not entirely clear whether the condition does not trigger where it should, or the quota script fails to construct and/or deliver the warning message.
    – anx
    Commented Nov 6, 2022 at 12:35
  • Possibly harmless right now because at least your main.cf does not mention additional checks, but just in case you ever will: You probably want quota_status_success=DUNNO. You have not overridden quota_status_success - the default is OK which means any following checks in smtpd_recipient_restrictions would be disregarded just because the recipient user is known and not over quota.
    – anx
    Commented Nov 6, 2022 at 13:17
  • 1
    Thanks - I've edited my question to have those postconf outputs in there, and added links to log examples at the end. Also put a logger into the script, but see no logs so far from that. However, I when I tried sending from userb just now to usera (who is over quota) I do get a message that usera is over quota. So some notification is working? Commented Nov 7, 2022 at 8:51
  • Oh BTW on your comment @anx about quota_status_success=DUNNO I was going to fine tune the configs once I was clear things were working OK. Commented Nov 7, 2022 at 8:53

0

You must log in to answer this question.