Re: SMTPUTF8 support

Sat, 06 Apr 2019 01:08:46 -0700 

On 05/04/2019 08:57, David Bürgin via dovecot wrote:

André, are you quite sure you have it working?

In this thread someone from Open-Xchange stated that no, Dovecot doesn’t
have SMTPUTF8 support implemented, and the same response was given by
another Dovecot developer last September (it ‘is being considered’ was
the answer then, see
https://dovecot.org/pipermail/dovecot/2018-September/112887.html).

I am using LMTP to deliver mail to Dovecot from Postfix, and delivery
fails with Postfix reporting: ‘SMTPUTF8 is required, but was not offered
by host mail.my.org[private/dovecot-lmtp]’. I doubt that this can work
without a change in Dovecot LMTP.

Anyway, I am also interested in SMTPUTF8 support, so +1 from me!




Hello David et al,

I have it working with my set up, and I confirm it is not easy.
If I limit the stack to OpenLDAP, Postfix and Dovecot to their simplest configuration, it is relatively easy, even with slightly outdated software in Debian Stretch.
The trick I am using is to include the internationalised email address aside the main one, and to use Postfix LDAP lookup. 

For instance, I am using this LDAP schema:
https://tools.ietf.org/html/draft-stroeder-mailboxrelatedobject-07

So, my LDAP lookup table for Postfix looks like this:

    # Basic LDAP settings for postfix
    server_host = ldap://ldap.rodier.me/
    start_tls = yes

    search_base = dc=rodier,dc=me
    search_scope = sub

    # Allow advanced LDAP search with the recipient delimiter
    query_filter = (|(mail=%s)(intlMailAddr=%s))
    result_attribute = mail

    # Force support for UTF8
    version = 3

Therefore, postmap query works as expected:

    postmap -q andré@rodier.me ldap:/etc/postfix/ldap-aliases.cf
    an...@rodier.me
That said, if only one of the milter reject your message, it is breaking the whole chain.
For instance, the quota plugin for Dovecot, I had to use DUNNO when the user is unknown instead of reject.
I have it working perfectly from Homebox to Homebox, so perhaps Postfix to Postfix, but I reckon I still have some bugs.
Some providers are working, others not. Outlook does not seems to work , but I am on it. Yahoo does not let you type an accent in the email address, only Google allows you to.
However, I made a test yesterday, and realised that the emails from GMail are rejected by one of the plugin, and I need to investigate which one. The error message is: 


Apr  5 10:16:39 portal postfix/smtpd[2566]: Anonymous TLS connection 
established from mail-lf1-f51.google.com[209.85.167.51]: TLSv1.2 with cipher 
ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)
Apr  5 10:16:39 portal policyd-spf[2574]: prepend Received-SPF: Pass (mailfrom) 
identity=mailfrom; client-ip=209.85.167.51; helo=mail-lf1-f51.google.com; 
envelope-from=andre.rod...@gmail.com; receiver=<UNKNOWN>
Apr  5 10:16:39 portal postfix/smtpd[2566]: EB38240467: 
client=mail-lf1-f51.google.com[209.85.167.51]
Apr  5 10:16:40 portal postfix/cleanup[2576]: EB38240467: 
message-id=<cakr9_nv1pgdac31cff4ype-mnyxsusmkswhocxwpsej2adj...@mail.gmail.com>
Apr  5 10:16:40 portal opendkim[15477]: EB38240467: mail-lf1-f51.google.com 
[209.85.167.51] not internal
Apr  5 10:16:40 portal opendkim[15477]: EB38240467: not authenticated
Apr  5 10:16:40 portal opendkim[15477]: EB38240467: DKIM verification successful
Apr  5 10:16:40 portal opendkim[15477]: EB38240467: s=20161025 d=gmail.com SSL
Apr  5 10:16:40 portal opendmarc[16548]: implicit authentication service: 
portal.homebox.space
Apr  5 10:16:40 portal opendmarc[16548]: EB38240467: gmail.com pass
Apr  5 10:16:40 portal postfix/cleanup[2576]: EB38240467: milter-reject: END-OF-MESSAGE from 
mail-lf1-f51.google.com[209.85.167.51]: 4.7.1 Try again later; 
from=<andre.rod...@gmail.com> to=<andré@homebox.space> proto=ESMTP 
helo=<mail-lf1-f51.google.com>
Apr  5 10:16:40 portal postfix/smtpd[2566]: disconnect from 
mail-lf1-f51.google.com[209.85.167.51] ehlo=2 starttls=1 mail=1 rcpt=1 data=0/1 
quit=1 commands=6/7


So perhaps it is one of the milter. I will investigate today.
Also, it seems the client is important. I have no problem with SOGo or Evolution. Roundcube and Thunderbird, in Debian Stretch, don't support this yet.
With Debian Buster coming soon, I am sure this will work better. I will create a branch to test this. My preliminary investigations don't show major problems in the upgrade.
At one point, I was using the Dovecot packages from backports, but I reverted this as there has been an incompatibility. 

Happy to answer more questions if you have.

--
André Rodier

Reply via email to