1

Topic: Roundcube webmail error - no connection to storage server

==== Required information ====
- iRedMail version: 0.8.3
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Linux/BSD distribution name and version: Ubuntu 12.04 64bit
- Related log if you're reporting an issue:
====

I have set up iRedMail 0.8.3 recently, and generally, it is working well.

Sporadically, some e-mail users are getting an error when attempting to log into their e-mail account with the Roundcube webmail:

No connection to storage server.

I searched for this issue in Roundcube forum and the only possibly useful information was that you should set "ssl=yes" in the dovecot configuration file.
I don't know if that is a proper solution as it seems entirely disrelated. it also does not work for me, because I had to set ssl=yes and disable_plaintext_auth=no in order to accomodate older Microsoft Outlook clients which don't understand STARTTLS for POP accounts.
This is the only modification I made on the mail server config files after install.

Yet it normally works, just sometimes a user gets this message. I am not sure where to look to locate this error.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Roundcube webmail error - no connection to storage server

*) ssl=yes means SSL/TLS over POP3/IMAP is optional.
*) disable_plaintext_auth=no means enabling PLAIN auth method. iRedMail uses LOGIN default.

There must be something wrong, please try to find it in Dovecot log file (/var/log/dovecot.log and /var/log/sieve.log).

3

Re: Roundcube webmail error - no connection to storage server

Thanks.
The log file /var/log/sieve.log was a good tip, here I am getting the error that dovecot cannot read the sieve file

Error: sieve: main_script: failed to stat sieve script: stat(/maildisk/sieve/dovecot.sieve) failed:
Permission denied (euid=1001(vmail) egid=1001(vmail) missing +r perm: /maildisk/sieve/dovecot.sieve, UNIX perms appear ok (ACL/MAC wrong?))

The folder /maildisk actually a mount point for a second drive. It contains all the mail files (this is the location I input at the installer screen for mail dir).
Searching for this type of error I found I might have to mount this drive with the "acl" option in /etc/fstab, so I tried this but then nothing worked any longer, nobody could access the server. I am however not familiar with ACL in Linux.

What user do I need to grant permission for on this sieve file and/or directory?

4

Re: Roundcube webmail error - no connection to storage server

Maybe you have incorrect per-user sieve_dir setting or global setting in Dovecot. Please show us your dovecot config, command "dovecot -n" is the best.

Also, show me the output of below command:

# ls -dl /maildisk
# ls -dl /maildisk/sieve
# ls -dl /maildisk/sieve/dovecot.sieve

5

Re: Roundcube webmail error - no connection to storage server

Thanks. I have been experimenting with the permissions, and found errors in sieve.log which said that the user "vmail" needs access to that sieve. And it needs write access to the directory /maildisk/sieve/ so it can create temporary files.

I don't know what that user is for, but following permissions seem to work:

getfacl /maildisk/sieve/dovecot.sieve
getfacl: Removing leading '/' from absolute path names
# file: maildisk/sieve/dovecot.sieve
# owner: vmail
# group: vmail
user::r-x
group::r-x
other::r-x

root@mx1:~# getfacl /maildisk/sieve/
getfacl: Removing leading '/' from absolute path names
# file: maildisk/sieve/
# owner: vmail
# group: vmail
user::rwx
group::rwx
other::--x

Like this I could now see in the sieve.log no a message routed to the Junk folder, for the first time.

Not sure if the permissions I set are really what is needed. If you have the precise data on what should be there, it would be nice to have this published.

<Wish>Or even better, to have this set as an option in the admin panel?</Wish>

6

Re: Roundcube webmail error - no connection to storage server

You solved it improperly.

*) /maildisk/sieve/ must be owned by user vmail, group vmail, with permission 0700.
*) No setfacl required.

So, a simple "chmod -R 0700 /maildisk/sieve" can solve your issue.

7

Re: Roundcube webmail error - no connection to storage server

Thanks. Quite true.
The permissions solved the problem with the sieve - and it solved incidentally another issue I had posted in another thread - that the junk messages should be sent to the junk folder, not the users's inbox. This is now properly routed.

However, the issue for which I started this thread still exists - "No connection to storage server" - both with the permissions I set and the permissions you suggest here.

8

Re: Roundcube webmail error - no connection to storage server

pschulz wrote:

However, the issue for which I started this thread still exists - "No connection to storage server" - both with the permissions I set and the permissions you suggest here.

Any related log of this issue in Dovecot log file?

9

Re: Roundcube webmail error - no connection to storage server

It is not a problem on every login.

When a user does get this error, this login request does not make it at all into the dovecot log file. There is no line for this attempt.

If a user does get in, a line like this gets logged:

Mar 01 16:32:34 imap-login: Info: Login: user=<xyzz@w.com>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=26570, secured

(By the way, is iti correct that uses "method=PLAIN"?)

Originally I thought this error was related to another error (max connections exceeded in a Thunderbird client) as I seemed to get those at the same time. Haven't seen max connection errors in Tthunderbird any longer, but still the "no connection to storage server" in the Roundcube webmail.

issuing "service dovecot restart" handles that problem every time, probably for hours, but I cannot use that as a solution.

10

Re: Roundcube webmail error - no connection to storage server

Could you please post LDIF data of this user (who has this issue)? We need to check it, maybe it doesn't have "enabledService=lib-storage".