• Quota
• Dict

Dictionary quota

NOTE: Using the count backend (possibly together with quota_clone plugin) is now preferred to using this backend. It has less of a chance of quota usage becoming wrong.

The dictionary quota backend supports both storage and messages quota limits. The current quota is kept in the specified dictionary. The available dictionaries include:

• SQL
• Redis
• Flat files

See Dictionary for full description of the available backends.

The quota root format is:

quota = dict:<quota root name>:<username>[:<option>[...]]:<dictionary URI>

If username is left empty, the logged in username is used (this is typically what you want). Another useful username is '%d' for supporting domain-wide quotas.

The supported options are:

• noenforcing: Don't enforce quota limits, only track them.
• ignoreunlimited: If user has unlimited quota, don't track it.

• ns=<prefix>: This quota root is tracked only for the given namespace.

• hidden: Hide the quota root from IMAP GETQUOTA* commands.
• no-unset: When recalculating quota, don't unset the quota first. This is needed if you wish to store the quota usage among other data in the same SQL row - otherwise the entire row could get deleted. Note that the unset is required with PostgreSQL or the merge_quota() trigger doesn't work correctly. (v2.2.20+)

NOTE: The dictionary stores only the current quota usage. The quota limits are still configured in userdb the same way as with other quota backends.

NOTE2: By default the quota dict may delete rows from the database when it wants to rebuild the quota. You must use a separate table that contains only the quota information, or you'll lose the other data. This can be avoided with the "no-unset" parameter.

Examples

Simple per-user flat file

This will create one quota-accounting file for each user.

The Dovecot user process (imap, pop3 or lda) needs write access to this file, so %h or mail_location are good candidates to store it.

Warning: if a user has shell or file access to this location, he can mangle his quota file, thus overcoming his quota limit by lying about his used capacity.

plugin {
  quota = dict:User quota::file:%h/mdbox/dovecot-quota
  quota_rule = *:storage=10M:messages=1000
}

Server-based dictionaries

plugin {
  # SQL backend:
  quota = dict:User quota::proxy::sqlquota
  # Redis backend (v2.1.9+):
  quota = dict:User quota::redis:host=127.0.0.1:prefix=user/

  quota_rule = *:storage=10M:messages=1000
}
dict {
  sqlquota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext
}

The above SQL example uses dictionary proxy process (see below), because SQL libraries aren't linked to all Dovecot binaries. The file and Redis examples use direct access.

Example dovecot-dict-sql.conf.ext:

connect = host=localhost dbname=mails user=sqluser password=sqlpass
map {
  pattern = priv/quota/storage
  table = quota
  username_field = username
  value_field = bytes
}
map {
  pattern = priv/quota/messages
  table = quota
  username_field = username
  value_field = messages
}

Create the table like this:

CREATE TABLE quota (
  username varchar(100) not null,
  bytes bigint not null default 0,
  messages integer not null default 0,
  primary key (username)
);

MySQL uses the following queries to update the quota. You need suitable privileges.

INSERT INTO table (bytes,username) VALUES ('112497180','foo@example.com') ON DUPLICATE KEY UPDATE bytes='112497180';
INSERT INTO table (messages,username) VALUES ('1743','foo@example.com') ON DUPLICATE KEY UPDATE messages='1743';
UPDATE table SET bytes=bytes-14433,messages=messages-2 WHERE username = 'foo@example.com';
DELETE FROM table WHERE username = 'foo@example.com';

If you're using SQLite, then take a look at the trigger in this post: http://dovecot.org/pipermail/dovecot/2013-July/091421.html

If you're using PostgreSQL, you'll need a trigger:

CREATE OR REPLACE FUNCTION merge_quota() RETURNS TRIGGER AS $$
BEGIN
  IF NEW.messages < 0 OR NEW.messages IS NULL THEN
    -- ugly kludge: we came here from this function, really do try to insert
    IF NEW.messages IS NULL THEN
      NEW.messages = 0;
    ELSE
      NEW.messages = -NEW.messages;
    END IF;
    return NEW;
  END IF;

  LOOP
    UPDATE quota SET bytes = bytes + NEW.bytes,
      messages = messages + NEW.messages
      WHERE username = NEW.username;
    IF found THEN
      RETURN NULL;
    END IF;

    BEGIN
      IF NEW.messages = 0 THEN
        INSERT INTO quota (bytes, messages, username)
          VALUES (NEW.bytes, NULL, NEW.username);
      ELSE
        INSERT INTO quota (bytes, messages, username)
          VALUES (NEW.bytes, -NEW.messages, NEW.username);
      END IF;
      return NULL;
    EXCEPTION WHEN unique_violation THEN
      -- someone just inserted the record, update it
    END;
  END LOOP;
END;
$$ LANGUAGE plpgsql;

CREATE TRIGGER mergequota BEFORE INSERT ON quota
   FOR EACH ROW EXECUTE PROCEDURE merge_quota();

Dictionary proxy server

To avoid each process making a new SQL connection, you can make all dictionary communications go through a dictionary server process which keeps the connections permanently open.

The dictionary server is referenced with URI proxy:<dictionary server socket path>:<dictionary name>. The socket path may be left empty if you haven't changed base_dir setting in dovecot.conf. Otherwise set it to <base_dir>/dict-server. The dictionary names are configured in dovecot.conf. For example:

dict {
  quota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext
  expire = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext
}

See Dict for more information, especially about permission issues.