Delayed outgoing mail in active queue

Question

I am stuck for some time trying to set up an email server. I've been mostly successful in my setup, but I am currently stuck at the following impasse: every time I send an email (regardless of queue size), my message will get stuck in the active queue for ~ 5 minutes, after which it will always be sent and reach it's final destination.

postqueue -p

(shows only one mail in the queue)

postqueue -f

... has no effect

I am running postfix 3.1.0, and dovecot 2.2.22 on Ubuntu 16.04. Also, I used iRedMail scripts for the installation. I can see from /var/log/mail.log that the mail is being stored in a queue by postfix, and I'm assuming there's another setting to set the time at which it will be processed. Any help would be most appreciated.

/var/log/mail.log

Jan 9 14:35:28 mail postfix[26070]: name_mask: all

Jan 9 14:35:28 mail postfix[26070]: inet_addr_local: configured 2 IPv4 addresses

Jan 9 14:35:28 mail postfix[26070]: inet_addr_local: configured 3 IPv6 addresses

Jan 9 14:35:28 mail postfix/postfix-script[26075]: error: unknown command: ''

Jan 9 14:35:28 mail postfix/postfix-script[26076]: fatal: usage: postfix start (or stop, reload, abort, flush, check, status, set-permissions, upgrade-configuration)

Jan 9 14:35:49 mail postfix[26085]: fatal: usage: postfix [-c config_dir] [-Dv] command

Jan 9 14:35:58 mail postfix[26090]: fatal: usage: postfix [-c config_dir] [-Dv] command

Jan 9 14:40:17 mail postfix/submission/smtpd[26282]: connect from mail.example.com[127.0.0.1]

Jan 9 14:40:17 mail postfix/submission/smtpd[26282]: Anonymous TLS connection established from mail.example.com[127.0.0.1]: TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)

Jan 9 14:40:17 mail postfix/submission/smtpd[26282]: 87ABB42362: client=mail.example.com[127.0.0.1], sasl_method=PLAIN, sasl_username=jamal@example.com

Jan 9 14:40:17 mail postfix/cleanup[26288]: 87ABB42362: message-id=<0130a1e7b419fdf0f31ce406618aef97@example.com>

Jan 9 14:40:17 mail postfix/qmgr[28474]: 87ABB42362: from=, size=1845, nrcpt=1 (queue active)

Jan 9 14:40:17 mail postfix/submission/smtpd[26282]: disconnect from mail.example.com[127.0.0.1] ehlo=2 starttls=1 auth=1 mail=1 rcpt=1 data=1 quit=1 commands=8

Jan 9 14:45:05 mail amavis[10642]: (10642-08) (!)ClamAV-clamd av-scanner FAILED: run_av error: ask_daemon_internal: Exceeded allowed time at (eval 104) line 611.\n

Jan 9 14:45:05 mail amavis[10642]: (10642-08) (!)WARN: all primary virus scanners failed, considering backups

Jan 9 14:45:05 mail amavis[10642]: (10642-08) (!!)AV: ALL VIRUS SCANNERS FAILED

Jan 9 14:45:07 mail postfix/postqueue[26446]: fatal: usage: postqueue -f | postqueue -i queueid | postqueue -j | postqueue -p | postqueue -s site

Jan 9 14:45:08 mail postfix/10025/smtpd[26452]: connect from mail.example.com[127.0.0.1]

Jan 9 14:45:08 mail postfix/10025/smtpd[26452]: 60ADA423BA: client=mail.example.com[127.0.0.1]

Jan 9 14:45:08 mail postfix/cleanup[26454]: 60ADA423BA: message-id=<0130a1e7b419fdf0f31ce406618aef97@example.com>

Jan 9 14:45:08 mail postfix/10025/smtpd[26452]: disconnect from mail.example.com[127.0.0.1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5

Jan 9 14:45:08 mail postfix/qmgr[28474]: 60ADA423BA: from=, size=2920, nrcpt=1 (queue active)

Jan 9 14:45:08 mail amavis[10642]: (10642-08) Passed UNCHECKED {RelayedInternal}, ORIGINATING/MYNETS LOCAL [127.0.0.1]:33748 -> , Queue-ID: 87ABB42362, Message-ID: <0130a1e7b419fdf0f31ce406618aef97@example.com>, mail_id: FFIMhQZ3j_4G, Hits: 0.204, size: 1845, queued_as: 60ADA423BA, dkim_new=dkim:example.com, 290782 ms, Tests: [ALL_TRUSTED=-1,HTML_MESSAGE=0.001,TVD_RCVD_SINGLE=1.213,T_RP_MATCHES_RCVD=-0.01]

Jan 9 14:45:08 mail postfix/amavis/smtp[26293]: 87ABB42362: to=, relay=127.0.0.1[127.0.0.1]:10026, delay=291, delays=0.16/0.03/0.04/291, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 60ADA423BA)

Jan 9 14:45:08 mail postfix/qmgr[28474]: 87ABB42362: removed

Jan 9 14:45:09 mail postfix/smtp[26455]: Untrusted TLS connection established to cornellprod-mail-onmicrosoft-com.mail.eo.outlook.com[216.32.181.106]:25: TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)

Jan 9 14:45:09 mail postfix/smtp[26455]: 60ADA423BA: to=, relay=cornellprod-mail-onmicrosoft-com.mail.eo.outlook.com[216.32.181.106]:25, delay=1.6, delays=0.02/0.03/0.64/0.89, dsn=2.6.0, status=sent (250 2.6.0 <0130a1e7b419fdf0f31ce406618aef97@example.com> [InternalId=132499741090511, Hostname=BN3PR0401MB1284.namprd04.prod.outlook.com] 10597 bytes in 0.347, 29.819 KB/sec Queued mail for delivery)

Jan 9 14:45:09 mail postfix/qmgr[28474]: 60ADA423BA: removed

Jan 9 14:45:20 mail postfix/postqueue[26468]: fatal: Flush service is not configured for destination "active"

/etc/postfix/main.cf

# -------------------- # INSTALL-TIME CONFIGURATION INFORMATION # # location of the Postfix queue. Default is /var/spool/postfix. queue_directory = /var/spool/postfix

# location of all postXXX commands. Default is /usr/sbin. command_directory = /usr/sbin

# location of all Postfix daemon programs (i.e. programs listed in the # master.cf file). This directory must be owned by root. # Default is /usr/libexec/postfix daemon_directory = /usr/lib/postfix/sbin

# location of Postfix-writable data files (caches, random numbers). # This directory must be owned by the mail_owner account (see below). # Default is /var/lib/postfix. data_directory = /var/lib/postfix

# owner of the Postfix queue and of most Postfix daemon processes. # Specify the name of a user account THAT DOES NOT SHARE ITS USER OR GROUP ID # WITH OTHER ACCOUNTS AND THAT OWNS NO OTHER FILES OR PROCESSES ON THE SYSTEM. # In particular, don't specify nobody or daemon. PLEASE USE A DEDICATED USER. # Default is postfix. mail_owner = postfix

# The following parameters are used when installing a new Postfix version. # # sendmail_path: The full pathname of the Postfix sendmail command. # This is the Sendmail-compatible mail posting interface. # sendmail_path = /usr/sbin/sendmail

# newaliases_path: The full pathname of the Postfix newaliases command. # This is the Sendmail-compatible command to build alias databases. # newaliases_path = /usr/bin/newaliases

# full pathname of the Postfix mailq command. This is the Sendmail-compatible # mail queue listing command. mailq_path = /usr/bin/mailq

# group for mail submission and queue management commands. # This must be a group name with a numerical group ID that is not shared with # other accounts, not even with the Postfix account. setgid_group = postdrop

# debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5

debug_peer_level = 2

# -------------------- # CUSTOM SETTINGS #

# SMTP server response code when recipient or domain not found. unknown_local_recipient_reject_code = 550

# Do not notify local user. biff = no

# Disable the rewriting of "site!user" into "user@site". swap_bangpath = no

# Disable the rewriting of the form "user%domain" to "user@domain". allow_percent_hack = no

# Allow recipient address start with '-'. allow_min_user = no

# Disable the SMTP VRFY command. This stops some techniques used to # harvest email addresses. disable_vrfy_command = yes

# Enable both IPv4 and/or IPv6: ipv4, ipv6, all. inet_protocols = all

# Enable all network interfaces. inet_interfaces = all

# # TLS settings. # # SSL key, certificate, CA # smtpd_tls_key_file = /etc/letsencrypt/live/mail.example.com/privkey.pem smtpd_tls_cert_file = /etc/letsencrypt/live/mail.example.com/cert.pem smtpd_tls_CAfile = /etc/letsencrypt/live/mail.example.com/chain.pem

# # Disable SSLv2, SSLv3 # smtpd_tls_protocols = !SSLv2 !SSLv3 smtpd_tls_mandatory_protocols = !SSLv2 !SSLv3 smtp_tls_protocols = !SSLv2 !SSLv3 smtp_tls_mandatory_protocols = !SSLv2 !SSLv3 lmtp_tls_protocols = !SSLv2 !SSLv3 lmtp_tls_mandatory_protocols = !SSLv2 !SSLv3

# # Fix 'The Logjam Attack'. # smtpd_tls_exclude_ciphers = aNULL, eNULL, EXPORT, DES, RC4, MD5, PSK, aECDH, EDH-DSS-DES-CBC3-SHA, EDH-RSA-DES-CDC3-SHA, KRB5-DE5, CBC3-SHA smtpd_tls_dh512_param_file = /etc/ssl/dh512_param.pem smtpd_tls_dh1024_param_file = /etc/ssl/dh2048_param.pem

tls_random_source = dev:/dev/urandom

smtpd_tls_loglevel = 1

# Opportunistic TLS: announce STARTTLS support to remote SMTP clients, but do # not require that clients use TLS encryption. smtpd_tls_security_level = may

# Produce Received: message headers that include information about the # protocol and cipher used, as well as the remote SMTP client CommonName and # client certificate issuer CommonName. # This is disabled by default, as the information may be modified in transit # through other mail servers. Only information that was recorded by the final # destination can be trusted. #smtpd_tls_received_header = yes

# Opportunistic TLS, used when Postfix sends email to remote SMTP server. # Use TLS if this is supported by the remote SMTP server, otherwise use # plaintext. # References: # - http://www.postfix.org/TLS_README.html#client_tls_may # - http://www.postfix.org/postconf.5.html#smtp_tls_security_level smtp_tls_security_level = may

# Use the same CA file as smtpd. smtp_tls_CAfile = $smtpd_tls_CAfile smtp_tls_note_starttls_offer = yes

# Enable long, non-repeating, queue IDs (queue file names). # The benefit of non-repeating names is simpler logfile analysis and easier # queue migration (there is no need to run "postsuper" to change queue file # names that don't match their message file inode number). #enable_long_queue_ids = yes

# Reject unlisted sender and recipient smtpd_reject_unlisted_recipient = yes smtpd_reject_unlisted_sender = yes

# Header and body checks with PCRE table header_checks = pcre:/etc/postfix/header_checks body_checks = pcre:/etc/postfix/body_checks.pcre

# A mechanism to transform commands from remote SMTP clients. # This is a last-resort tool to work around client commands that break # interoperability with the Postfix SMTP server. Other uses involve fault # injection to test Postfix's handling of invalid commands. # Requires Postfix-2.7+. #smtpd_command_filter = pcre:/etc/postfix/command_filter.pcre

# HELO restriction smtpd_helo_required = yes smtpd_helo_restrictions = permit_mynetworks permit_sasl_authenticated check_helo_access pcre:/etc/postfix/helo_access.pcre reject_non_fqdn_helo_hostname reject_unknown_helo_hostname

# Sender restrictions smtpd_sender_restrictions = reject_unknown_sender_domain reject_non_fqdn_sender reject_unlisted_sender permit_mynetworks permit_sasl_authenticated check_sender_access pcre:/etc/postfix/sender_access.pcre

# Recipient restrictions smtpd_recipient_restrictions = reject_unknown_recipient_domain reject_non_fqdn_recipient reject_unlisted_recipient check_policy_service inet:127.0.0.1:7777 permit_mynetworks permit_sasl_authenticated reject_unauth_destination

# END-OF-MESSAGE restrictions smtpd_end_of_data_restrictions = check_policy_service inet:127.0.0.1:7777

# Data restrictions smtpd_data_restrictions = reject_unauth_pipelining

proxy_read_maps = $canonical_maps $lmtp_generic_maps $local_recipient_maps $mydestination $mynetworks $recipient_bcc_maps $recipient_canonical_maps $relay_domains $relay_recipient_maps $relocated_maps $sender_bcc_maps $sender_canonical_maps $smtp_generic_maps $smtpd_sender_login_maps $transport_maps $virtual_alias_domains $virtual_alias_maps $virtual_mailbox_domains $virtual_mailbox_maps $smtpd_sender_restrictions $sender_dependent_relayhost_maps

# Avoid duplicate recipient messages. Default is 'yes'. enable_original_recipient = no

# Virtual support. virtual_minimum_uid = 2000 virtual_uid_maps = static:2000 virtual_gid_maps = static:2000 virtual_mailbox_base = /var/vmail

# Do not set virtual_alias_domains. virtual_alias_domains =

# # Enable SASL authentication on port 25 and force TLS-encrypted SASL authentication. # WARNING: NOT RECOMMENDED to enable smtp auth on port 25, all end users should # be forced to submit email through port 587 instead. # #smtpd_sasl_auth_enable = yes #smtpd_sasl_security_options = noanonymous #smtpd_tls_auth_only = yes

# hostname myhostname = mail.example.com myorigin = mail.example.com mydomain = mail.example.com

# trusted SMTP clients which are allowed to relay mail through Postfix. # # Note: additional IP addresses/networks listed in mynetworks should be listed # in iRedAPD setting 'MYNETWORKS' (in /opt/iredapd/settings.py) too. # for example: # # MYNETWORKS = ['xx.xx.xx.xx', 'xx.xx.xx.0/24', ...] # mynetworks = 127.0.0.1 [::1]

# Accepted local emails mydestination = $myhostname, localhost, localhost.localdomain

alias_maps = hash:/etc/postfix/aliases alias_database = hash:/etc/postfix/aliases

# Default message_size_limit. message_size_limit = 15728640

# The set of characters that can separate a user name from its extension # (example: user+foo), or a .forward file name from its extension (example: # .forward+foo). # Postfix 2.11 and later supports multiple characters. recipient_delimiter = +

# The time after which the sender receives a copy of the message headers of # mail that is still queued. Default setting is disabled (0h) by Postfix. #delay_warning_time = 1h compatibility_level = 2 # # Lookup virtual mail accounts # transport_maps = proxy:mysql:/etc/postfix/mysql/transport_maps_user.cf proxy:mysql:/etc/postfix/mysql/transport_maps_domain.cf

sender_dependent_relayhost_maps = proxy:mysql:/etc/postfix/mysql/sender_dependent_relayhost_maps.cf

# Lookup table with the SASL login names that own the sender (MAIL FROM) addresses. smtpd_sender_login_maps = proxy:mysql:/etc/postfix/mysql/sender_login_maps.cf

virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql/virtual_mailbox_domains.cf

relay_domains = $mydestination proxy:mysql:/etc/postfix/mysql/relay_domains.cf

virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql/virtual_mailbox_maps.cf

virtual_alias_maps = proxy:mysql:/etc/postfix/mysql/virtual_alias_maps.cf proxy:mysql:/etc/postfix/mysql/domain_alias_maps.cf proxy:mysql:/etc/postfix/mysql/catchall_maps.cf proxy:mysql:/etc/postfix/mysql/domain_alias_catchall_maps.cf

sender_bcc_maps = proxy:mysql:/etc/postfix/mysql/sender_bcc_maps_user.cf proxy:mysql:/etc/postfix/mysql/sender_bcc_maps_domain.cf

recipient_bcc_maps = proxy:mysql:/etc/postfix/mysql/recipient_bcc_maps_user.cf proxy:mysql:/etc/postfix/mysql/recipient_bcc_maps_domain.cf

# # Postscreen # postscreen_greet_action = enforce postscreen_blacklist_action = enforce postscreen_dnsbl_action = enforce postscreen_dnsbl_threshold = 2 postscreen_dnsbl_sites = zen.spamhaus.org=127.0.0.[2..11]*3 b.barracudacentral.org=127.0.0.[2..11]*2

postscreen_dnsbl_reply_map = texthash:/etc/postfix/postscreen_dnsbl_reply postscreen_access_list = permit_mynetworks cidr:/etc/postfix/postscreen_access.cidr

# Require Postfix-2.11+ postscreen_dnsbl_whitelist_threshold = -2 # # Dovecot SASL support. # smtpd_sasl_type = dovecot smtpd_sasl_path = private/dovecot-auth virtual_transport = dovecot dovecot_destination_recipient_limit = 1

# # Amavisd + SpamAssassin + ClamAV # content_filter = smtp-amavis:[127.0.0.1]:10024

# Concurrency per recipient limit. smtp-amavis_destination_recipient_limit = 1

/etc/dovecot/dovecot.conf

# More details about Dovecot settings: # - http://wiki2.dovecot.org/ # - http://wiki2.dovecot.org/Variables

# Listen addresses. # - '*' means all available IPv4 addresses. # - '[::]' means all available IPv6 addresses. # Listen on all available addresses by default listen = * [::]

#base_dir = /var/run/dovecot mail_plugins = quota mailbox_alias acl mail_log notify

# Enabled mail protocols. protocols = pop3 imap sieve lmtp

# User/group who owns the message files: mail_uid = 2000 mail_gid = 2000

# Assign uid to virtual users. first_valid_uid = 2000 last_valid_uid = 2000

# Logging. Reference: http://wiki2.dovecot.org/Logging # # Use syslog syslog_facility = local5 # Log file path if we use internal log system #log_path = /var/log/dovecot/dovecot.log

# Debug #mail_debug = yes #auth_verbose = yes #auth_debug = yes #auth_debug_passwords = yes # Possible values: no, plain, sha1. #auth_verbose_passwords = no

# SSL: Global settings. # Refer to wiki site for per protocol, ip, server name SSL settings: # http://wiki2.dovecot.org/SSL/DovecotConfiguration ssl_protocols = !SSLv2 !SSLv3 ssl = required verbose_ssl = no #ssl_ca =

# Fix 'The Logjam Attack' ssl_cipher_list = ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5 # Dovecot 2.2.6 or greater: # Specify the wanted DH parameters length ssl_dh_parameters_length = 2048 ssl_prefer_server_ciphers = yes

# With disable_plaintext_auth=yes AND ssl=required, STARTTLS is mandatory. # Set disable_plaintext_auth=no AND ssl=yes to allow plain password transmitted # insecurely. disable_plaintext_auth = yes

# Allow plain text password per IP address/net #remote 192.168.0.0/24 { # disable_plaintext_auth = no #}

# Mail location and mailbox format. mail_location = maildir:%Lh/Maildir/:INDEX=%Lh/Maildir/

# Authentication related settings. # Append this domain name if client gives empty realm. #auth_default_realm = example.com

# Authentication mechanisms. auth_mechanisms = PLAIN LOGIN

# Limits the number of users that can be logging in at the same time. # Default is 100. This can be overridden by process_limit = in # service [protocol] block. # e.g. # protocol imap-login { # ... # process_limit = 500 # } #default_process_limit = 100

service auth { unix_listener /var/spool/postfix/private/dovecot-auth { user = postfix group = postfix mode = 0666 } unix_listener auth-master { user = vmail group = vmail mode = 0666 } unix_listener auth-userdb { user = vmail group = vmail mode = 0660 } }

# LMTP server (Local Mail Transfer Protocol). # Reference: http://wiki2.dovecot.org/LMTP service lmtp { user = vmail

\# For higher volume sites, it may be desirable to increase the number of
\# active listener processes. A range of 5 to 20 is probably good for most
\# sites.
process_min_avail = 5

\# Logging.
\# Require 'log_path =' in 'protocol lmtp {}' block.
executable = lmtp -L

\# Listening on socket file and TCP
unix_listener /var/spool/postfix/private/dovecot-lmtp {
    user = postfix
    group = postfix
    mode = 0600
}

inet_listener lmtp {
    \# Listen on localhost (ipv4)
    address = 127.0.0.1
    port = 24
} }

# Virtual mail accounts. userdb { args = /etc/dovecot/dovecot-mysql.conf driver = sql } passdb { args = /etc/dovecot/dovecot-mysql.conf driver = sql } auth_master_user_separator = * passdb { driver = passwd-file args = /etc/dovecot/dovecot-master-users master = yes }

plugin { # Quota configuration. # Reference: http://wiki2.dovecot.org/Quota/Configuration quota = dict:user::proxy::quotadict quota_rule = *:storage=1G #quota_rule2 = *:messages=0 #quota_rule3 = Trash:storage=1G #quota_rule4 = Junk:ignore

\# Quota warning.
\#
\# If user suddenly receives a huge mail and the quota jumps from
\# 85% to 95%, only the 95% script is executed.
\#
\# Only the command for the first exceeded limit is executed, so configure
\# the highest limit first.
quota_warning = storage=100%% quota-warning 100 %u
quota_warning2 = storage=95%% quota-warning 95 %u
quota_warning3 = storage=90%% quota-warning 90 %u
quota_warning4 = storage=85%% quota-warning 85 %u

\# allow user to become max 10% (or 50 MB) over quota
quota_grace = 10%%
\#quota_grace = 50 M

\# Custom Quota Exceeded Message.
\# You can specify the message directly or read the message from a file.
\#quota_exceeded_message = Quota exceeded, please try again later.
\#quota_exceeded_message = </path/to/quota_exceeded_message.txt

\# Plugin: expire.
\#expire = Trash 7 Trash/* 7 Junk 30
\#expire_dict = proxy::expire

\# ACL and share folder
acl = vfile
acl_shared_dict = proxy::acl

\# By default Dovecot doesn't allow using the IMAP "anyone" or
\# "authenticated" identifier, because it would be an easy way to spam
\# other users in the system. If you wish to allow it,
\#acl_anyone = allow

\# Pigeonhole managesieve service.
\# Reference: http://wiki2.dovecot.org/Pigeonhole/Sieve/Configuration
\# Per-user sieve settings.
sieve_dir = %Lh/sieve
sieve = %Lh/sieve/dovecot.sieve

\# Global sieve settings.
sieve_global_dir = /var/vmail/sieve
\# Note: if user has personal sieve script, global sieve rules defined in
\#       sieve_default will be ignored. Please use sieve_before or
\#       sieve_after instead.
\#sieve_default =

sieve_before = /var/vmail/sieve/dovecot.sieve
\#sieve_after =

\# The maximum number of redirect actions that can be performed during a
\# single script execution.
\# The meaning of 0 differs based on your version. For pigeonhole-0.3.0 and
\# beyond this means that redirect is prohibited. For older versions,
\# however, this means that the number of redirects is unlimited.
sieve_max_redirects = 30

\# Reference: http://wiki2.dovecot.org/Plugins/MailboxAlias
mailbox_alias_old = Sent
mailbox_alias_new = Sent Messages
mailbox_alias_old2 = Sent
mailbox_alias_new2 = Sent Items

\# Events to log. `autoexpunge` is included in `expunge`
\# Defined in https://github.com/dovecot/core/blob/master/src/plugins/mail-log/mail-log-plugin.c
mail_log_events = delete undelete expunge mailbox_delete mailbox_rename
mail_log_fields = uid box msgid size from subject }

service quota-warning { executable = script /usr/local/bin/dovecot-quota-warning.sh unix_listener quota-warning { user = vmail group = vmail mode = 0660 } }

service dict { unix_listener dict { mode = 0660 user = vmail group = vmail } }

dict { #expire = db:/var/lib/dovecot/expire/expire.db quotadict = mysql:/etc/dovecot/dovecot-used-quota.conf acl = mysql:/etc/dovecot/dovecot-share-folder.conf }

protocol lda { # Reference: http://wiki2.dovecot.org/LDA mail_plugins = $mail_plugins sieve lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes postmaster_address = root

\# Log file path if we use internal log system
\#log_path = /var/log/dovecot/sieve.log }

protocol lmtp { # Log file path if we use internal log system #log_path = /var/log/dovecot/lmtp.log

\# Plugins
mail_plugins = quota sieve
postmaster_address = postmaster

\# Address extension delivery
lmtp_save_to_detail_mailbox = yes
recipient_delimiter = + }

protocol imap { mail_plugins = $mail_plugins imap_quota imap_acl imap_client_workarounds = tb-extra-mailbox-sep

\# Maximum number of IMAP connections allowed for a user from each IP address.
\# NOTE: The username is compared case-sensitively.
\# Default is 10.
\# Increase it to avoid issue like below:
\# "Maximum number of concurrent IMAP connections exceeded"
mail_max_userip_connections = 30 }

protocol pop3 { mail_plugins = $mail_plugins pop3_client_workarounds = outlook-no-nuls oe-ns-eoh pop3_uidl_format = %08Xu%08Xv

\# Maximum number of IMAP connections allowed for a user from each IP address.
\# NOTE: The username is compared case-sensitively.
\# Default is 10.
mail_max_userip_connections = 30

\# POP3 logout format string:
\#  %i - total number of bytes read from client
\#  %o - total number of bytes sent to client
\#  %t - number of TOP commands
\#  %p - number of bytes sent to client as a result of TOP command
\#  %r - number of RETR commands
\#  %b - number of bytes sent to client as a result of RETR command
\#  %d - number of deleted messages
\#  %m - number of messages (before deletion)
\#  %s - mailbox size in bytes (before deletion)
\# Default format doesn't have 'in=%i, out=%o'.
\#pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s, in=%i, out=%o }

# Login processes. Refer to Dovecot wiki for more details: # http://wiki2.dovecot.org/LoginProcess service imap-login { #inet_listener imap { # port = 143 #} #inet_listener imaps { # port = 993 # ssl = yes #}

service_count = 1

\# To avoid startup latency for new client connections, set process_min_avail
\# to higher than zero. That many idling processes are always kept around
\# waiting for new connections.
\#process_min_avail = 0

\# number of simultaneous IMAP connections
process_limit = 500

\# vsz_limit should be fine at its default 64MB value
\#vsz_limit = 64M }

service pop3-login { #inet_listener pop3 { # port = 110 #} #inet_listener pop3s { # port = 995 # ssl = yes #}

service_count = 1

\# number of simultaneous POP3 connections
\#process_limit = 500 }

service managesieve-login { inet_listener sieve { # Listen on localhost (ipv4) address = 127.0.0.1 port = 4190 } }

namespace { type = private separator = / prefix = inbox = yes

\# Refer to document for more details about alias mailbox:
\# http://wiki2.dovecot.org/MailboxSettings
\#
\# Sent
mailbox Sent {
    auto = subscribe
    special_use = \Sent
}
mailbox "Sent Messages" {
    auto = no
    special_use = \Sent
}
mailbox "Sent Items" {
    auto = no
    special_use = \Sent
}

mailbox Drafts {
    auto = subscribe
    special_use = \Drafts
}

\# Trash
mailbox Trash {
    auto = subscribe
    special_use = \Trash
}

mailbox "Deleted Messages" {
    auto = no
    special_use = \Trash
}

\# Junk
mailbox Junk {
    auto = subscribe
    special_use = \Junk
}
mailbox Spam {
    auto = no
    special_use = \Junk
}
mailbox "Junk E-mail" {
    auto = no
    special_use = \Junk
}

\# Archive
mailbox Archive {
    auto = no
    special_use = \Archive
}
mailbox Archives {
    auto = no
    special_use = \Archive
} }

namespace { type = shared separator = / prefix = Shared/%%u/ location = maildir:%%Lh/Maildir/:INDEX=%%Lh/Maildir/Shared/%%Ld/%%Ln

\# this namespace should handle its own subscriptions or not.
subscriptions = yes
list = children }

# Public mailboxes. # Refer to Dovecot wiki page for more details: # http://wiki2.dovecot.org/SharedMailboxes/Public #namespace { #
type = public # separator = / # prefix = Public/ #
location = maildir:/var/vmail/public:CONTROL=%Lh/Maildir/public:INDEXPVT=%Lh/Maildir/public # # # Allow users to subscribe to the public folders. #
subscriptions = yes #}

Answer 1

It looks like the ClamAV hangs and times out after 5 minutes. Would that explain things? I find it hard to read your configurations.