Sieve interpreter & Dovecot ManageSieve

August 16, 2024 by Roberto Puzzanghera 56 comments

The Pigeonhole project provides Sieve support as a plugin for Dovecot's Local Delivery Agent (LDA) and also for its LMTP service. The plugin implements a Sieve interpreter, which filters incoming messages using a script specified in the Sieve language. The Sieve script is provided by the user and, using that Sieve script, the user can customize how incoming messages are handled. Messages can be delivered to specific folders, forwarded, rejected, discarded, etc.

Dovecot Managesieve Server is a service used to manage a user's Sieve script collection.

If you want to support filters in your email you have to manage the Sieve rules by means of the dovecot-pigeonhole server. When you create a filter with your webmail or email client, you write a Sieve script to customize how messages are delivered, e.g. whether they are forwarded, rejected or stored in special folders. But, in order to do so, Dovecot must also act as a Local Delivery Agent in place of vpopmail/vdelivermail, e.g. it must be Dovecot to store the email messages in the users' Maildirs. This guide will try to show how to accomplish this.

Install as follows:

PIGEONHOLE_VER=0.5.21.1
cd /usr/local/src
wget https://pigeonhole.dovecot.org/releases/2.3/dovecot-2.3-pigeonhole-${PIGEONHOLE_VER}.tar.gz
tar xzf dovecot-2.3-pigeonhole-${PIGEONHOLE_VER}.tar.gz
chown -R root:root dovecot-2.3-pigeonhole-${PIGEONHOLE_VER}
cd dovecot-2.3-pigeonhole-${PIGEONHOLE_VER}

# the program has to find the dovecot-config file in /usr/local/dovecot/lib/dovecot/
./configure \
        --prefix=/usr/local/dovecot-pigeonhole \
        --with-dovecot=/usr/local/dovecot/lib/dovecot/
make

If an old version of pigeonhole is already installed, delete the symbolic link before installing:

rm /usr/local/dovecot-pigeonhole

Then proceed with the installation

make install

cd /usr/local
mv /usr/local/dovecot-pigeonhole /usr/local/dovecot-2.3-pigeonhole-${PIGEONHOLE_VER}
ln -s /usr/local/dovecot-2.3-pigeonhole-${PIGEONHOLE_VER} /usr/local/dovecot-pigeonhole

Configuration

Copy the default config files in the actual config directory:

cd /usr/local/dovecot/etc/dovecot/conf.d
cp -p ../../../share/doc/dovecot/example-config/conf.d/20-managesieve.conf .
cp -p ../../../share/doc/dovecot/example-config/conf.d/90-sieve.conf .

In this way the next time you will run dovecot the two config files will be loaded.

Now enable (if not done yet) the plugin inside 15-lda.conf

protocol lda {
  mail_plugins = $mail_plugins sieve
}

and adjust the file conf.d/20-managesieve.conf to your needs. This is the file which works for me; you can find it in my tarball:

##
## ManageSieve specific settings
##

# Uncomment to enable managesieve protocol:
protocols = $protocols sieve

# Service definitions

service managesieve-login {
  inet_listener sieve {
    port = 4190
  }
}

service managesieve {
}

# Service configuration

protocol sieve {
}

Now adjust the file  conf.d/90-sieve.conf. This works for me (you have this file in your config directory if you have downloaded my tarball):

##
## Settings for the Sieve interpreter
##

# Do not forget to enable the Sieve plugin in 15-lda.conf and 20-lmtp.conf
# by adding it to the respective mail_plugins= settings.

plugin {
 sieve = file:~/.sieve;active=~/.sieve/dovecot.sieve
 sieve_before = /usr/local/dovecot/etc/dovecot/sieve/
 sieve_extensions = +notify +imapflags +spamtest
}

Now restart dovecot

dovecotctl restart

Adjusting dot-qmail files to enable Dovecot LDA and Sieve

Read this for more information on how the dot-qmail files work.

If you want to use the sieve rules your delivery agent has to be Dovecot-LDA. This can be accomplished enabling Dovecot-LDA in the dot-qmail file which has to handle the delivery in this way:

|/var/qmail/bin/preline -f /usr/local/dovecot/libexec/dovecot/deliver -d $EXT@$USER

But you may want to have control over qmail forwards as well, which needs the vpopmail's vdelivermail delivery. The trick is to have vdelivermail in the domain's .qmail-default, which will eventually handle the forwards, and Dovecot-LDA in each users' .qmail file, which will be responsible for the final storing of the email and for the sieve filters. If you have patched vpopmail with my combined patch and configured it with --enable-defaultdelivery the dot-qmail files will be managed by vpopmail according to this logic. Read this page for detailed informations.

Setting up an anti spam sieve rule

Info:

If you decided to let simscan pass through the spam with a score below spam_hits (qmail/control/simcontrol file), you may want to store them in the Junk folder. In this case Managesieve server will execute a script before processing the user's script so that all spam messages will be discarded or moved into junk and all the other rules ignored.

First of all create a folder where to store your global scripts and assign the write priviledges to the vpopmail user:

cd /usr/local/dovecot/etc
mkdir sieve
chown -R vpopmail.vchkpw sieve

Modify conf.d/90-sieve.conf to enable the required sieve extensions and load the script that you want to execute before:

sieve_extensions = +spamtest +spamtestplus +relational +comparator-i;ascii-numeric
sieve_before = /usr/local/dovecot/etc/sieve/

Now create the script /usr/local/dovecot/etc/sieve/move-spam.sieve (.sieve extension otherwise it will be ignored):

require ["fileinto"];
if anyof (header :contains "X-Spam-Flag" "YES")
{
 fileinto "Junk";
}
/* Other messages get filed into INBOX */

Every time you modify the global files you have to pre-compile them using the sievec program (more info here):

su vpopmail
cd /usr/local/dovecot/etc/sieve
/usr/local/dovecot-pigeonhole/bin/sievec .

Testing managesieve

First of all try to connect to the 4190 port via telnet. This is what you are going to see if the server is working:

> telnet 0 4190

Trying 0.0.0.0...
Connected to 0.
Escape character is '^]'.
"IMPLEMENTATION" "Dovecot Pigeonhole"
"SIEVE" "fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date spamtest spamtestplus"
"NOTIFY" "mailto"
"SASL" "PLAIN LOGIN CRAM-MD5"
"STARTTLS"
"VERSION" "1.0"
OK "Dovecot ready."

If you create a sieve rule by your mail client (Mozilla Thunderbird provides a special add-on here https://addons.mozilla.org/en-US/thunderbird/addon/2548/) or via webmail (read the next note concerning Roundcube webmail), this is what you should see in the log simply setting a redirect filter:

Oct 22 00:03:13 lda(test@yourdomain.net): Info: sieve: msgid=<c3445037f979a8cb793df1f858b7a4f9@somedomain.com>: forwarded to <someone@somewhere.net>

Comments

Error net connect

I'm using this in my .qmail files:

|/var/qmail/bin/preline -f /usr/lib/dovecot/dovecot-lda -d $EXT@$USER

However, when I try to deliver mail I get this error in qmail-send:

delivery 2: deferral: lda(smtp.edm-inc.com):_Error:_net_connect_unix(/var/run/dovecot/stats-writer)_failed:_Permission_denied/

Any ideas what is causing this?

Reply |

Error net connect

You have to setup the stats-writer service's privileges as explained here

Reply |

not delivered to the mailbox under domain's subfolder 0 or 1

Hi,

I'm implementing the Dovecot LDA and Sieve as below:

|/var/qmail/bin/preline -f /usr/local/dovecot/libexec/dovecot/deliver -d $EXT@$USER

I noticed that the mail was accepeted and send to local folder, however, if the mailbox in the domain's 0 and 1, was never show the mails.

If I changed to:

| /var/qmail/vpopmail/bin/vdelivermail '' delete

The mails show in the mailbox in the domain's 0 and 1, 

Reply |

not delivered to the mailbox under domain's subfolder 0 or 1

Assuming that you are using the sql driver with my sql queries, I think that the userdb lookup for LDA in auth-sql.conf.ext is not correct in your case

# This is for LDA. It will do a passdb query in any case.
# But using the prefetch driver will speed up our normal imap operations and
# this is more important.
userdb {
driver = static
args = uid=89 gid=89 home=/home/vpopmail/domains/%d/%n
}

You can see that the home dir is not retrieved correctly.

Try to replace it with an explicit sql lookup as follows

userdb {
driver = sql
args = /usr/local/dovecot/etc/dovecot/dovecot-sql.conf.ext
}

Now it should read the correct home dir in the database.

Let me know if this solves, so that I can correct this page

Reply |

not delivered to the mailbox under domain's subfolder 0 or 1

Hi, I solved it as below:

change: dovecot-sql.conf.ext

user_query = CALL dovecot_user_query_disable_many_domains('%n','%d')

A new stored procedure as below:

==start==

/**************************************************************************
Stored procedure for user_query in case of "disabled many domains"
**************************************************************************/
DELIMITER $$
CREATE PROCEDURE `dovecot_user_query_disable_many_domains`(IN `name` VARCHAR(255), IN `domain` VARCHAR(255))
BEGIN
DECLARE vpopmail varchar(256);
SET vpopmail = get_domain_table(domain);

IF (vpopmail) IS NULL THEN
SET @SQL = "SELECT NULL";
ELSE
set @SQL = concat("SELECT ",vpopmail,".pw_dir AS home, 89 AS uid, 89 AS gid FROM ",vpopmail," where ",vpopmail,".pw_name='",name,"'");
END IF;

PREPARE sql_code FROM @SQL;
EXECUTE sql_code;
DEALLOCATE PREPARE sql_code;

END$$
DELIMITER ;

==end==

Reply |

not delivered to the mailbox under domain's subfolder 0 or 1

Thank's for the contribution, appreciated. I didn't get that you were using the "disable many domains" configuration.

Anyway, I don't understand what's wrong in my procedure, as I select the userdb_home field in the password_query:

SET @SQL = CONCAT("SELECT CONCAT(",vpopmail,".pw_name, '@', '",domain,"') AS user,",
vpopmail,".pw_passwd AS password,",
vpopmail,".pw_dir AS userdb_home,
89 AS userdb_uid,
89 AS userdb_gid,
CONCAT('*:bytes=', REPLACE(SUBSTRING_INDEX(",vpopmail,".pw_shell, 'S', 1), 'NOQUOTA', '0')) AS userdb_quota_rule

so, why not using the prefetch driver for the userdb and avoid to write an additional procedure?

Reply |

not delivered to the mailbox under domain's subfolder 0 or 1

Hi,

In the dovecot-sql.conf.ex:

user_query = \
SELECT \
vpopmail.pw_dir AS home, \
89 AS uid, \
89 AS gid \
FROM vpopmail \
WHERE \
vpopmail.pw_name='%n' \
AND \
vpopmail.pw_domain='%d'

The dovecot debug log show:

Debug: mysql(127.0.0.1): Finished query 'SELECT vpopmail.pw_dir AS home, 89 AS uid, 89 AS gid FROM vpopmail WHERE vpopmail.pw_name='user01' AND vpopmail.pw_domain='domain.com'' in 0 msecs: Table 'vpopmail.vpopmail' doesn't exist

The dovecot_password_query_disable_many_domains is for password_query, however for user_query, it is still refer to vpopmail table (one table for all domains setup)

Reply |

not delivered to the mailbox under domain's subfolder 0 or 1

Sorry, you are right. LDA won't work with prefetch and needs its own userdb_query.

I'm going to add your procedure and update my patch

Thanks for the contribution

Reply |

not delivered to the mailbox under domain's subfolder 0 or 1

>> The dovecot_password_query_disable_many_domains is for password_query, however for user_query, it is still refer to vpopmail table (one table for all domains setup)

No. The password_query can do the stuff for user_query provided that you declare the prefetch driver for user_query in your auth-sql.conf.ext

userdb {
driver = prefetch
}

you can see that in my password query I'm including all the queries needed for user_query:

 SET @SQL = CONCAT("SELECT CONCAT(",vpopmail,".pw_name, '@', '",domain,"') AS user,",
vpopmail,".pw_passwd AS password,",
vpopmail,".pw_dir AS userdb_home,
89 AS userdb_uid,
89 AS userdb_gid,
CONCAT('*:bytes=', REPLACE(SUBSTRING_INDEX(",vpopmail,".pw_shell, 'S', 1), 'NOQUOTA', '0')) AS userdb_quota_rule

those field with a "userdb_" prefix are for the user_query.

Please test the prefetch driver and let me know

PS: of course in the @SQL above "vpopmail" stands for the domain table

Reply |

not delivered to the mailbox under domain's subfolder 0 or 1

In my auth-sql.conf.ext, it is declared driver = prefetch, and still calling for user_query

userdb {
driver = prefetch
}

Reply |

not delivered to the mailbox under domain's subfolder 0 or 1

Yes, I know. The user_query with prefetch is for the imap connection, while LDA needs a dedicate user_query (I don't know why it is not satisfied by the other one)

Reply |

not delivered to the mailbox under domain's subfolder 0 or 1

Both procedures return different column name, and I believe password_query & user_query are expecting different column name

dovecot_password_query_disable_many_domains return:

| user | password | userdb_home | userdb_uid | userdb_gid | userdb_quota_rule 

dovecot_user_query_disable_many_domains return:

| home | uid | gid |

Reply |

not delivered to the mailbox under domain's subfolder 0 or 1

Yes. You have to prepend userdb_ if you want those column to be recognized by the user_query with the prefetch driver. I don't know why LDA complains that the password_query doesn't provide enough informations.

Reply |

dovecot mail delivery

Hello Roberto

I am having a problem delivering mail to the mailboxes, incoming mail is accepted and delivered to the queue after that the mail is not delivered to the mailbox.

This is in my log file:

Jul 29 16:18:57 lda(@ed)<30730><>: Debug: Loading modules from directory: /usr/local/dovecot/lib/dovecot
Jul 29 16:18:57 lda(@ed)<30730><>: Debug: Module loaded: /usr/local/dovecot/lib/dovecot/lib10_quota_plugin.so
Jul 29 16:18:57 lda(@ed)<30730><>: Debug: Module loaded: /usr/local/dovecot/lib/dovecot/lib90_sieve_plugin.so
Jul 29 16:18:57 lda(@ed)<30730><>: Debug: auth-master: userdb lookup(@ed): Started userdb lookup
Jul 29 16:18:57 lda(@ed)<30730><>: Debug: auth-master: conn unix:/usr/local/dovecot/var/run/dovecot/auth-userdb: Connecting
Jul 29 16:18:57 lda(@ed)<30730><>: Debug: auth-master: conn unix:/usr/local/dovecot/var/run/dovecot/auth-userdb (pid=29022,uid=0): Client connected (fd=11)
Jul 29 16:18:57 auth: Debug: Loading modules from directory: /usr/local/dovecot/lib/dovecot/auth
Jul 29 16:18:57 auth: Debug: Module loaded: /usr/local/dovecot/lib/dovecot/auth/lib20_auth_var_expand_crypt.so
Jul 29 16:18:57 auth: Debug: Read auth token secret from /usr/local/dovecot/var/run/dovecot/auth-token-secret.dat
Jul 29 16:18:57 auth: Debug: master in: USER 1 @ed service=lda
Jul 29 16:18:57 auth: Debug: sql(@ed): Performing userdb lookup
Jul 29 16:18:57 auth-worker(30732): Debug: Loading modules from directory: /usr/local/dovecot/lib/dovecot/auth
Jul 29 16:18:57 auth-worker(30732): Debug: Module loaded: /usr/local/dovecot/lib/dovecot/auth/lib20_auth_var_expand_crypt.so
Jul 29 16:18:57 auth-worker(30732): Debug: conn unix:auth-worker (pid=30731,uid=7797): Server accepted connection (fd=16)
Jul 29 16:18:57 auth-worker(30732): Debug: conn unix:auth-worker (pid=30731,uid=7797): Sending version handshake
Jul 29 16:18:57 auth-worker(30732): Debug: conn unix:auth-worker (pid=30731,uid=7797): auth-worker<1>: Handling USER request
Jul 29 16:18:57 auth-worker(30732): Debug: sql(@ed): Performing userdb lookup
Jul 29 16:18:57 auth-worker(30732): Debug: sql(@ed): SELECT pw_dir AS home, 89 AS uid, 89 AS gid, CONCAT('*:bytes=', REPLACE(SUBSTRING_INDEX(pw_shell, 'S', 1), 'NOQUOTA', '0')) AS quota_rule FROM vpopmail WHERE pw_name = '' AND pw_domain = 'ed' AND ('0'!='995' or !(pw_gid & 2)) AND (''!='xxxxx' or !(pw_gid & 4)) AND (''='xxxxx' or '0'!='993' or !(pw_gid & 8))
Jul 29 16:18:57 auth-worker(30732): Info: sql(@ed): unknown user
Jul 29 16:18:57 lda(@ed)<30730><>: Debug: auth-master: userdb lookup(@ed): auth USER input:
Jul 29 16:18:57 lda(@ed)<30730><>: Debug: auth-master: userdb lookup(@ed): Userdb lookup failed

In my defaultdelivery i have | /var/qmail/bin/preline -f /usr/local/dovecot/libexec/dovecot/deliver -d $EXT@$USER

It looks like lda is looking for user ' ' @ domain 'ed' while it should look at user 'ed' @ domain 'xxxx'

where could be the problem 

Reply |

dovecot mail delivery

Hi Ed, can you share the content of doveconf?

Reply |

dovecot mail delivery

Hi Roberto,

Sorry bit late on the awnser had to work.

Wich of the dovecot conf files would you like to see.

Is it possible to past as zip file?

Reply |

dovecot mail delivery

the best would be that you post the output of the "doveconf" command on https://pastebin.com/ (don't forget to masquerade your sql pwd :) so that everybody can see your configuration.

Reply |

dovecot mail delivery

Hi Roberto, here is my config dovecotconf

Reply |

dovecot mail delivery

Can you please post just the output of "dovecot -n" so that only non default options will be shown? Sorry if I didn't tell it before

Reply |

dovecot mail delivery

Hi Roberto,

doveconf -n doveconf -n

dovecot-sql.conf.ext dovecot-sql.conf.ext

Reply |

dovecot mail delivery

the doveconf seems to be ok. Something seems to alter the envelope before it gets through dovecot/lda. Did you already tested if the the delivery is restored when restoring vdelivermail, i.e. putting "| /home/vpopmail/bin/vdelivermail '' delete" in your .qmail-default?

are you using my patches/installation/configuration? did you added anything to the process that could alter the mail header? wrappers?

Reply |

dovecot mail delivery

Hi Roberto, 

I tried " | /home/vpopmail/bin/vdelivermail '' delete " my qmail send log tells me the messages are delivered but they are not in the mailbox.

Yes i am using your patches/configuration nothing else.

no SPF or DKIM because i cannot put a TXT record in DNS will check anyway for sender and no EZMLM because i don't need that

Reply |

dovecot mail delivery

And the recipient address is correct according to the logs?

Reply |

Pigeonhole installation - upgrade

Hello Roberto,

just a small point: before installing / upgrading dovecot-pigeonhole, I think it's better to perform the same move / relink operation that you describe for dovecot,

in order to keep the old version:

cd /usr/local
rm /usr/local/dovecot-pigeonhole

mv /usr/local/dovecot-pigeonhole /usr/local/dovecot-2.3-pigeonhole-0.5.8
ln -s /usr/local/dovecot-2.3-pigeonhole-0.5.8 /usr/local/dovecot-pigeonhole

Reply |

Pigeonhole installation - upgrade

ok, approved ;-)

Reply |

POP3 user

Hi,

Just wondering, what happen to the spams if the user is on POP3 and Junk folder is not available?

Thanks
nic

Reply |

Hi Roberto,

My pop3 user do  not have a Junk folder. So spams scoring 6.0 - 9.4 will be discard?

Reply |

Re: POP3 user

Do you mean a junk folder in their server's maildir? I haven't verified what happens in that case

Reply |

Hi,

Yes. Correct,

POP3 has only

cur
new
tmp

Thanks

Reply |

Autocreate

The folders should be autocreated, look at lda and plug-in config

Reply |

Autocreate

Hello,

I am using your config files and i had downloaded again to compare. They are exactly the same.

I noticed that if i setup the account as pop3, .Junk will not be created. If i setup with IMAP or login  via roundcube, .Junk will be created.

Is it correct? If so, those users who only create their account on pop3 and did not login to roundcube, .Junk will not be created, what will happen to the spam email scoring 6.0 - 9.4 goes to?

Many thanks
nic

Reply |

Autocreate and dovecot-lda

Nic, according to the documentation inside 15-lda.conf file, a nonexistent mailbox is automatically created before saving an e-mail into it.

Reply |

Autocreate and dovecot-lda

I did a test and it works well. Steps to reproduce

-create a new account

-login via webmail and set a minimum spamscore =1 using your spam/userprefs settings

-manually delete the .Junk folder from shell

-send from the outnet a message to that account. To get a spamscore > 1 you can simply start the body with "Dear friend". It is important to send the test messages from the outnet, otherwise spamassassin won't be called

Reply |

Autocreate

Yes, I think this is correct.. that folder is created as soon as user enters the mailbox via imap. What happens to the spam? Unfortunately I don't know, tests would be needed... and I would like to investigate if it's possible to force the autocreation with pop3 as well, when I find some time..

Edit: dovecot-lda is going to autocreate the missing folder before saving the message. Look at 15-lda.conf

Reply |

Autocreate

Hello,

Google leads me to these sites.
https://sys4.de/de/blog/2013/02/11/dovecot-virtual-setup-mit-globaler-sieve-spamfilter-regel-fur-pop3-nutzer/ 

https://wiki.dovecot.org/Plugins/Virtual

I will try them out on a test server. Hopefully i can get it.

Thanks
nic

Reply |

POP3 and junk folder

In my configuration, if the score is beyond the allowed threeshold (9.5 or so) the messages will be deleted and not shown to the user, if the score is in the "grey zone" (say 6.0 to 9.5) it is saved in the junk folder inside the Maildir, but the user will never retrieve these messages via POP3. This is because the junk folder is in the server, but the POP3 user just downloads the new messages stored in the Inbox

Reply |

New versions of dovecot

Hello Roberto,

just to let you and all of the users that the procedure works also for version 2.2.9 of dovecot.

I'm testing version 2.2.10 which has been just released.

thank you again !

Reply |

Good to know, mz! Have you

Good to know, mz! Have you already tested pigeonhole-0.4.2? I think it will work as well.

btw, I think I will stick with the 2.2.2 version unless I have to install a new server before the next major release. It is very time consuming to update the dovecot.conf.tar.gz file with all the configuration files.

In case you are doing your configuration files from scratch, having copied them from the share/doc/dovecot/example-config/ dir, I hope you will be so kind to send me a targz. Send me it in private if you like at "roberto dot puzzanghera at sagredo dot eu" so that I can make it available for all users.

Reply |

yes, I'm using

  1. yes, I'm using pigeonhole-0.4.2 and everything seems working, even if I still haven't my new server in production yet :-)

I made my config files starting from the examples and then customizing them step by step following your guide.

I'm using plain vpopmail authentication (not mysql) so configs are a bit different.

Didn't find differences between version 2.2.2 and 2.2.9; I just compiled and installed version 2.2.10 because there are a few interesting updates and bugfix  on various quota stuff which I need:

http://dovecot.org/list/dovecot-news/2013-December/000268.html

+ imap: Implemented SETQUOTA command for admin user when quota_set is configured. See http://master.wiki2.dovecot.org/Quota/Configuration + quota: Support "*" and "?" wildcards in mailbox names in quota_rules - quota-status: quota_grace was ignored

Will definitely send you my files when I'm confident that everything is working correcty, but now I have to go buy the last presents, so Merry Christmas to all of you out there ! :-)

Reply |

Error in the config file

Hello Roberto,
thank you for your GREAT tutorial!

Just to point out a little mistake in the conf file you are pasting here:

#protocols = $protocols sieve

should be

protocols = $protocols sieve

as your zipped tar reports correctly.

Thank you !
mz

Reply |

corrected. thank you

corrected. thank you

Reply |

Dovecot-lda and vpopmail quotas

Hi roberto Congrats for your great  job I have to admit your blog is  the reason why i decided to use this implementation for mail server

I have tried to follow your instructions as closer as as i  could. Everything works fine but  ... What i noticed is when i use dovecot-lda for delicery the sieve rule works fine but the per user quotas i have set through vpopmail are ignored Any ideas ??

this is my .qmail-default on the domain level

| /usr/bin/spamc | /var/qmail/bin/preline -f /usr/local/libexec/dovecot/deliver -d $EXT@$USER

Reply |

no idea at the moment..

no idea at the moment.. at least I can confirm that my config works fine here

Reply |

defaultdelivery

Thank you for your site.
Everything works fine, but there was a problem with the /var/qmail/control/defaultdelivery

If line |/ var/qmail/bin/preline -f /usr/local/dovecot/libexec/dovecot/deliver -d $EXT@$USER in place .qmail, sieve-script works, if it is placed in .qmail-default, too fine.

 According to the description has changed .qmail-default, ie delete the first line, second line #. Added to defaultdelivery command preline, mail delivery stops working. But in the process, I see that defaultdelivery works:

qmail-lspawn |/var/qmail/bin/preline -f /usr/local/libexec/dovecot/deliver -d $EXT@$USER

I would be grateful for any idea.

Thank you.

Reply |

Hi Nik

Hi Nik, I would try to clean up the .qmail-default file so that it is completely blank

Reply |

defauldelivery

Hello Roberto!

Thank you very much for your reply.

Sorry for the delay in response.

So. I cleaned .qmail-default.

# cat/var/qmail/control/defauldelivery
|/var/qmail/bin/preline -f /usr/local/libexec/dovecot/deliver -d $EXT@$USER
# sudo ps -ax | grep deliver
qmail-lspawn |/var/qmail/bin/preline -f/usr/local/libexec/dovecot/deliver -d $EXT@$USER

But mail delivery stopped working.

In qmail logs the message:

delivery 6: deferral: Uh-oh: _first_line_of_.qmail_file_is_blank._ (# 4.2.1) /

The blog reported: "If you decide to enable sieve by default you can always adjust / var / qmail / control / defaultdelivery provided that you clean. Qmail-default of newly created domain (just remove the first line, never erase that file if you don't want vpopmail to stop working), even though this is not a good idea. "

Of course, I can use. Qmail-default, but:

1. Want to understand why this is not working (either you control the situation, or the situation control you)

2. I also need to use bounced messages:

|/usr/local/vpopmail/bin/vdelivermail'' delete

If I use in .qmail-default, these two lines, the messages duplicated, i.e. email goes through 'vdelivermail' and through 'deliver'.

Perhaps there is a solution based on the deliver a bounce message?

Thank you again.

I hope for your help.

P.S. Very uncomfortable system of confirmation messages.The picture is very promiscuous.

Reply |

Re: defaultdelivery

Sorry for the delay in response.

So. I cleaned .qmail-default.

# cat/var/qmail/control/defauldelivery
|/var/qmail/bin/preline -f /usr/local/libexec/dovecot/deliver -d $EXT@$USER
# sudo ps -ax | grep deliver
qmail-lspawn |/var/qmail/bin/preline -f/usr/local/libexec/dovecot/deliver -d $EXT@$USER

But mail delivery stopped working.

In qmail logs the message:

delivery 6: deferral: Uh-oh: _first_line_of_.qmail_file_is_blank._ (# 4.2.1) /

The blog reported: "If you decide to enable sieve by default you can always adjust / var / qmail / control / defaultdelivery provided that you clean. Qmail-default of newly created domain (just remove the first line, never erase that file if you don't want vpopmail to stop working), even though this is not a good idea. "

I can confirm that cleaning .qmail-default works fine here. I wrote that it could not be a good idea just because at the time I wrote this note, as I said, qmailadmin showed a maling-list named "default" in that case. I'm doing some test right now but the issue is not shown anymore.

Of course, I can use. Qmail-default, but:

1. Want to understand why this is not working (either you control the situation, or the situation control you
)

I don't think that this guide would be available to the public if I am not experienced on this topic. That said, vpopmail, qmailadmin and so on are not programmed to make dovecot-lda or whatelse to manage the delivery, but patches and tests are needed. So feel free to contribute posting yours

2. I also need to use bounced messages:

|/usr/local/vpopmail/bin/vdelivermail'' delete

If I use in .qmail-default, these two lines, the messages duplicated, i.e. email goes through 'vdelivermail' and through 'deliver'.

I suppose that you can do it by means of a global sieve rules.

P.S. Very uncomfortable system of confirmation messages.The picture is very promiscuous.

I know, but I have tens of bots trying to break the captcha filter at the same time. If I relax the filter I would have to connect at least once an hour to check/moderate spam messages..

Reply |

this is not true

I also need to use bounced messages:

|/usr/local/vpopmail/bin/vdelivermail'' delete

If I use in .qmail-default, these two lines, the messages duplicated, i.e. email goes through 'vdelivermail' and through 'deliver'.

I suppose that you can do it by means of a global sieve rules.

sorry, this is not true, because at the time of dovecot-lda delivery chkuser has already bounced the message..

Reply |

.qmail-default

Hello, Roberto.

Apparently I was wrong to describe the situation.

The file contains two lines:

|/var/qmail/bin/preline -f /usr/local/libexec/dovecot/deliver -d $EXT@$USER
|/usr/local/vpopmail/bin/vdelivermail '' delete

In this case, the message is delivered to a mailbox twice:

  1. dovecot (/usr/local/libexec/dovecot/deliver)
  2. vpopmail (/usr/local/vpopmail/bin/vdelivermail)

Now, about chkuser.

chkuser closes the session when a message is received for a nonexistent mailbox (ie step rcpt to). I believe that it is wrong, because spammers can understand that this mailbox does not exist. Therefore, I accept all the messages and then vdelivermail deletes messages to nonexistent mailboxes.

Please correct me if I'm wrong.

Therefore, the question is by what means to remove messages to non-existent mailboxes?

Again, that using dovecot vpopmail in the file, it works. But the messages are duplicated.

Thank you for your help!

Reply |

Hi Nik, of course you get a

Hi Nik, of course you get a double relay in the situation described.

I've never tried to make chkuser delete messages for non existent users, but I suppose that it can do it. I would try to play with the CHKUSER_SPECIFIC_BOUNCING variable in the chkuser_settings.h and recompile. The documentation on the purpose is not so clear to me, but it seems like chkuser is going to look for a specific file in the domain dir to decide if the bouncing has to be done.

Let me know if you manage to avoid the reply.

Reply |

Sieve interpreter AND catch all in .qmail-default

hi roberto,

i wonder how i can make a catch all account available per domain but maintain the the functionality of thie in the .qmail-default per domain:

|/var/qmail/bin/preline -f /usr/local/dovecot/libexec/dovecot/deliver -d $EXT@$USER

the above works great untill i activate a catch all account, the i have this instead:

| /home/vpopmail/bin/vdelivermail '' catchalluser@test.com

can i combine the two somehow or even better, can i alter the catchall function of qmailadmin to use a different line in .qmail-default including to have both enabled ?

thanks
Jan

Reply |

in case you are patching

in case you are patching qmail with chkuser, I would try to turn on this chkuser's option

CHKUSER_SPECIFIC_BOUNCING

and see if it does the trick. But you have to recompile qmail. See details here http://www.interazioni.it/opensource/chkuser/documentation/chkuser_settings.html

Let me know if it works!

Reply |

i will have another go on

i will have another go on monday, was at it all day today for over 12hrs now. i am getting 'blind' and start making mistakes. i let you know beginning next week how i get on.

thanks and have a nice sunday
Jan

Reply |

permission problems with 'sievec'

I am getting errors about directory permission and i am unsure how i can resolve this and stay secure. here the error i get after i have followed this

su vpopmail
cd /usr/local/dovecot/etc/dovecot/sieve
/usr/local/dovecot-2-0-pigeonhole/bin/sievec .

This is what i get:

$ /usr/local/dovecot-2-0-pigeonhole/bin/sievec .
sievec(vpopmail): Error: sieve: .: failed to stat sieve script: stat(.) in directory /root failed: Permission denied (euid=89(vpopmail) egid=89(vchkpw) missing +x perm: /root, dir owned by 0:0 mode=0700)
.: error: failed to open sieve script: internal error occurred: refer to server log for more information. [2011-11-26 16:19:38].
sievec(vpopmail): Error: failed to compile sieve script '.'
$

Any help would be very much appreciated

Thanks
Jan

Reply |

Re: permission problems

Hi Jan, it seems like if the sievec file is not executable. In this case, simply try to:

chmod +x /usr/local/dovecot-2-0-pigeonhole/bin/sievec

and recompile

Reply |

I see what i have

I see what i have missed:

chown -R vpopmail.vchkpw sieve

Thanks for the help

Reply |

Add a comment

Recent comments
See also...
Recent posts

RSS feeds