Glean all from addresses from a users mailbox?
Hello all! Is there a quick and easy way to search through an entire mailbox for a user on my dovecot server and glean all the “from” email addresses? This user would like a record of all the email addresses who have contacted him. Thanks in advance for your ideas. Austin Witmer ___ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-le...@dovecot.org
Re: Permission denied UNIX perms appear ok (ACL/MAC wrong?))
Hello all! My strange permission errors in my log files seem to have disappeared. The only thing I can think of that I changed was mounting my encrypted folder without using sudo. Example “gocryptfs -allow_other cipher plain” instead of "sudo gocryptfs -allow_other cipher plain”. Thanks to all of you for your help and suggestions! Austin Witmer > On Aug 21, 2022, at 10:03 AM, Remo Mattei wrote: > > It’s a mount partition you should check that probably it is nfs. > > Good luck. > >> Il giorno 21 ago 2022, alle ore 07:43, Austin Witmer >> ha scritto: >> >> Thanks to all of your for your input! >> >> I think I may have gotten this resolved. More time and testing will tell! >> More details later . . . >> >> Austin Witmer >> >> >>> On Aug 20, 2022, at 9:06 AM, Erwan David >> <mailto:er...@rail.eu.org>> wrote: >>> >>> Le 20/08/2022 à 16:52, Austin Witmer a écrit : >>>> Hello all! >>>> >>>> Recently I upgraded my mail server to Ubuntu 22.04 LTS and ever since then >>>> I am periodically getting some dovecot errors like the below in my mail >>>> log. As far as I can tell, my unix perms are just fine. What is ACL/MAC? >>>> >>>> Aug 20 14:41:58 mail dovecot: imap(u...@domain.com >>>> <mailto:u...@domain.com>)<56316><1NieGKPmuOdKwxVI>: Error: Mailbox INBOX: >>>> stat(/mnt/volume1/mailserver/plain/maildir/domain.com/user/dovecot.index.log >>>> <http://domain.com/user/dovecot.index.log> >>>> <http://domain.com/user/dovecot.index.log >>>> <http://domain.com/user/dovecot.index.log>>) failed: Permission denied >>>> (euid=1000(austin) egid=1000(austin) UNIX perms appear ok (ACL/MAC wrong?)) >>>> >>>> And here is the listing showing the permissions for that file. >>>> >>>> *austin@mail*:*~*$ ls -la >>>> /mnt/volume1/mailserver/plain/maildir/domain.com/user/dovecot.index.log >>>> <http://domain.com/user/dovecot.index.log> >>>> <http://domain.com/user/dovecot.index.log >>>> <http://domain.com/user/dovecot.index.log>> >>>> -rwxrwxr-- 1 austin austin 15796 Aug 20 14:41 >>>> */mnt/volume1/mailserver/plain/maildir/domain.com/user/dovecot.index.log >>>> <http://domain.com/user/dovecot.index.log> >>>> <http://domain.com/user/dovecot.index.log >>>> <http://domain.com/user/dovecot.index.log>>* >>>> >>>> What in the world is causing these errors, and what can I do about them? >>>> >>>> Thanks in advance! >>>> >>>> Austin Witmer >>> >>> Did you check wether your linux distribution uses SeLINUX or Apparmor ? In >>> that case you would have to check their policy to give dovecot access to >>> this directory. >>> >>
Re: Permission denied UNIX perms appear ok (ACL/MAC wrong?))
No, I am manually mounting it when I start my server. I then start dovecot. Austin Witmer > On Aug 30, 2022, at 9:40 PM, pe...@chubb.wattle.id.au wrote: > > >> >>>>>> "Austin" == Austin Witmer writes: > > > Austin> So, the location of my mail storage > Austin> (/mnt/volume1/mailserver/plain/maildir/%d/%n/) is a filesystem > Austin> mounted by gocryptfs. Do you think gocryptfs could be at fault > Austin> here? > > Is it automounted? I've seen issues where dovecot tries to access a > file before the mount has finished, giving a pmerssions denied error. > > Peter C
Re: Permission denied UNIX perms appear ok (ACL/MAC wrong?))
See below . . . > On Aug 30, 2022, at 1:41 PM, spi wrote: > > > > Am 30.08.22 um 20:43 schrieb Austin Witmer: >> I’m am still getting the errors I mentioned previously. Maybe half a dozen >> of them per day . . . >> >> So, the location of my mail storage >> (/mnt/volume1/mailserver/plain/maildir/%d/%n/) is a filesystem mounted by >> gocryptfs. Do you think gocryptfs could be at fault here? >> >> Austin Witmer >> > > Before and after mounting: What are the mount folder's user/group > permissions? Who owns the mount folder (user/group)? > > The owner is austin and group is austin before and after mounting the folder. I would need to verify that the owner is still the same before the folder is mounted sometime while my server is offline. > If you do a "stat > /mnt/volume1/mailserver/plain/maildir/domain.com/user/dovecot.index.log > <http://domain.com/user/dovecot.index.log>" as the user dovecot is running as > (from your mail I see austin owns that file - is dovecot run as user austin?) > - do you also get an error? > I would think that dovecot is running as user austin, but I’m not sure how to verify that? > If you do get an error - could you create a small encrypted fs and mount it > to another folder, create a file there and check again for "stat file"? Play > with the permissions and user/group assignments. Still getting an error? > > -- > Cheers > spi So here is one of the last log lines from my mail.err file. Aug 30 23:09:11 mail dovecot: lmtp(u...@domain.com)<179137>: Error: open(/mnt/volume1/mailserver/plain/maildir/domain.com/user/dovecot-uidlist.lock) failed: Operation not permitted Aug 30 23:09:11 mail dovecot: lmtp(u...@domain.com)<179137>: Error: lmtp-server: conn unix:pid=179136,uid=112 [1]: rcpt u...@domain.com: Mailbox INBOX: file_dotlock_create(/mnt/volume1/mailserver/plain/maildir/domain.com/user/dovecot-uidlist) failed: Operation not permitted Aug 30 23:09:11 mail dovecot: lmtp(u...@domain.com)<179137>: Error: sieve: msgid=: failed to store into mailbox 'INBOX': Mailbox INBOX: file_dotlock_create(/mnt/volume1/mailserver/plain/maildir/domain.com/user/dovecot-uidlist) failed: Operation not permitted Aug 30 23:09:11 mail dovecot: lmtp(u...@domain.com)<179137>: Error: sieve: Execution of script /var/lib/dovecot/sieve/default.sieve was aborted due to temporary failure Here is the stat command one of the files that dovecot seem to not be able to access. austin@mail:/mnt/volume1/mailserver$ stat /mnt/volume1/mailserver/plain/maildir/domain.com/user/dovecot-uidlist File: /mnt/volume1/mailserver/plain/maildir/domain.com/user/dovecot-uidlist Size: 60565 Blocks: 120IO Block: 4096 regular file Device: 2bh/43d Inode: 146325 Links: 1 Access: (0660/-rw-rw) Uid: ( 1000/ austin) Gid: ( 1000/ austin) Access: 2022-08-30 23:19:24.701469295 + Modify: 2022-08-30 23:16:34.155318207 + Change: 2022-08-30 23:16:34.163318308 + Birth: - Is the problem that the x perm is missing from both the user and group for this file? I have tried different times to recursively apply wrx permissions to all the folders and files but it seems like dovecot must create files that it later cannot access. Or maybe I am not understanding this correctly? Why am I getting these errors only about 1% of the time and the rest of the time it works fine? This seems to be randomly happening to various users on my server. Thanks again to all of you for your help! Austin Witmer
Re: Permission denied UNIX perms appear ok (ACL/MAC wrong?))
I’m am still getting the errors I mentioned previously. Maybe half a dozen of them per day . . . So, the location of my mail storage (/mnt/volume1/mailserver/plain/maildir/%d/%n/) is a filesystem mounted by gocryptfs. Do you think gocryptfs could be at fault here? Austin Witmer > On Aug 24, 2022, at 12:10 PM, lorek wrote: > > There are a number of issues that can appear to be ACL issues when in fact > its something else. > > As other's have mentioned, AppArmor profiles and SELinux contexts can be > checked and are the most common. There are ACL permissions as well if you > enabled ACL (they are not enabled by default on Ubuntu server). > I've occasionally (rarely) seen some weird interactions with sockets between > MDA and MTA if the permissions on the directory were not set correctly. > > Additionally, if a mount permission mask is being used, that can occasionally > cause similar issues as well, as is often the case with using an NTFS backing > filesystem for maildir that's been mounted with unix perms. > There can also be some edge-cases with permissions in Ubuntu's flavored snap > containers as well as docker containers and custom sieves. > > Its difficult to say with any accuracy what is causing your issue with the > information provided. > > Have you increased the verbosity of the logging? > > If all of the normal culprits do not stand out, maybe some others will have > an idea. > > As a final fallback you can always set a breakpoint and use a reverse > debugger. Its not going to be performant but it will at least narrow down > where the issue is coming from, and what the intermediate states were that > led to the error so you can save/replicate them moving forward for > resolution. Non-determinism can creep into code in a lot of different ways. > > Best Regards, > N > > > On Tue, Aug 23, 2022 at 4:53 AM Austin Witmer <mailto:austi...@emypeople.net>> wrote: > Here is the output of dovecot -n > > austin@mail:~$ doveconf -n > # 2.3.16 (7e2e900c1a): /etc/dovecot/dovecot.conf > # Pigeonhole version 0.5.16 (09c29328) > # OS: Linux 5.15.0-46-generic x86_64 Ubuntu 22.04.1 LTS > # Hostname: mail > auth_mechanisms = plain login > listen = * > mail_location = mbox:~/mail:INBOX=/var/mail/%u > mail_privileged_group = mail > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope encoded-character > vacation subaddress comparator-i;ascii-numeric relational regex imap4flags > copy include variables body enotify environment mailbox date index ihave > duplicate mime foreverypart extracttext > namespace inbox { > inbox = yes > location = > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > auto = subscribe > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Spam { > auto = subscribe > } > mailbox Trash { > auto = subscribe > special_use = \Trash > } > prefix = > } > passdb { > driver = pam > } > passdb { > args = /etc/dovecot/dovecot-sql.conf > driver = sql > } > passdb { > args = /etc/dovecot/dovecot-sql.conf > driver = sql > } > plugin { > sieve = > file:/mnt/volume1/mailserver/plain/sieve/%d/%n/scripts;active=/mnt/volume1/mailserver/plain/sieve/%d/%n/%n.sieve > sieve_before = /var/lib/dovecot/sieve/ > sieve_global_dir = /var/lib/dovecot/sieve/ > sieve_global_path = /var/lib/dovecot/sieve/default.sieve > sieve_user_log = > file:/mnt/volume1/mailserver/plain/sieve/%d/%n/sieve_error.log > } > protocols = imap lmtp pop3 imap lmtp sieve pop3 > service auth { > unix_listener /var/spool/postfix/private/auth { > group = postfix > mode = 0660 > user = postfix > } > } > service imap-login { > inet_listener imap { > port = 0 > } > inet_listener imaps { > port = 993 > } > } > service lmtp { > unix_listener /var/spool/postfix/private/dovecot-lmtp { > group = postfix > mode = 0600 > user = postfix > } > } > service managesieve-login { > inet_listener sieve { > port = 4190 > } > service_count = 1 > } > ssl = required > ssl_cert = <http://mail.mydomain.com/fullchain.pem> > ssl_dh = # hidden, use -P to show it > ssl_key = # hidden, use -P to show it > ssl_prefer_server_ciphers = yes > userdb { > driver = passwd > } > userdb { > driver = prefetch > } > userdb { > args = /etc/dovecot/dovecot-sql.conf > driver = sql > } > userdb { > driver = pref
Re: Permission denied UNIX perms appear ok (ACL/MAC wrong?))
Here is the output of dovecot -n austin@mail:~$ doveconf -n # 2.3.16 (7e2e900c1a): /etc/dovecot/dovecot.conf # Pigeonhole version 0.5.16 (09c29328) # OS: Linux 5.15.0-46-generic x86_64 Ubuntu 22.04.1 LTS # Hostname: mail auth_mechanisms = plain login listen = * mail_location = mbox:~/mail:INBOX=/var/mail/%u mail_privileged_group = mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { auto = subscribe special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Spam { auto = subscribe } mailbox Trash { auto = subscribe special_use = \Trash } prefix = } passdb { driver = pam } passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } plugin { sieve = file:/mnt/volume1/mailserver/plain/sieve/%d/%n/scripts;active=/mnt/volume1/mailserver/plain/sieve/%d/%n/%n.sieve sieve_before = /var/lib/dovecot/sieve/ sieve_global_dir = /var/lib/dovecot/sieve/ sieve_global_path = /var/lib/dovecot/sieve/default.sieve sieve_user_log = file:/mnt/volume1/mailserver/plain/sieve/%d/%n/sieve_error.log } protocols = imap lmtp pop3 imap lmtp sieve pop3 service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } } service imap-login { inet_listener imap { port = 0 } inet_listener imaps { port = 993 } } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } service managesieve-login { inet_listener sieve { port = 4190 } service_count = 1 } ssl = required ssl_cert = On Aug 20, 2022, at 12:09 PM, Austin Witmer wrote: > > And no, I don’t think I am using ACL’s. > > getfacl austin /mnt/volume1/mailserver/plain/maildir/ > getfacl: austin: No such file or directory > getfacl: Removing leading '/' from absolute path names > # file: mnt/volume1/mailserver/plain/maildir/ > # owner: austin > # group: austin > user::rwx > group::rwx > other::r-- > > Austin Witmer > >> On Aug 20, 2022, at 11:15 AM, spi wrote: >> >> >>> Am 20.08.22 um 16:52 schrieb Austin Witmer: >>> Hello all! >>> >>> Recently I upgraded my mail server to Ubuntu 22.04 LTS and ever since >>> then I am periodically getting some dovecot errors like the below in >>> my mail log. As far as I can tell, my unix perms are just fine. What >>> is ACL/MAC? >>> >>> Aug 20 14:41:58 mail dovecot: >>> imap(u...@domain.com)<56316><1NieGKPmuOdKwxVI>: Error: Mailbox INBOX: >>> stat(/mnt/volume1/mailserver/plain/maildir/domain.com/user/dovecot.index.log >>> <http://domain.com/user/dovecot.index.log>) failed: Permission denied >>> (euid=1000(austin) egid=1000(austin) UNIX perms appear ok (ACL/MAC >>> wrong?)) >>> >>> And here is the listing showing the permissions for that file. >>> >>> *austin@mail*:*~*$ ls -la >>> /mnt/volume1/mailserver/plain/maildir/domain.com/user/dovecot.index.log >>> <http://domain.com/user/dovecot.index.log> >>> -rwxrwxr-- 1 austin austin 15796 Aug 20 14:41 >>> */mnt/volume1/mailserver/plain/maildir/domain.com/user/dovecot.index.log >>> <http://domain.com/user/dovecot.index.log>* >>> >>> What in the world is causing these errors, and what can I do about them? >>> >>> Thanks in advance! >>> >>> Austin Witmer >> >> >> Do you use any ACLs? Is this just a block device mounted or do you use >> any network file sharing like nfs? >> >> ACLs you can check by 'getfacl foo'. >> >> -- >> Cheers >> spi
Re: Permission denied UNIX perms appear ok (ACL/MAC wrong?))
Thanks to all of your for your input! I think I may have gotten this resolved. More time and testing will tell! More details later . . . Austin Witmer > On Aug 20, 2022, at 9:06 AM, Erwan David wrote: > > Le 20/08/2022 à 16:52, Austin Witmer a écrit : >> Hello all! >> >> Recently I upgraded my mail server to Ubuntu 22.04 LTS and ever since then I >> am periodically getting some dovecot errors like the below in my mail log. >> As far as I can tell, my unix perms are just fine. What is ACL/MAC? >> >> Aug 20 14:41:58 mail dovecot: >> imap(u...@domain.com)<56316><1NieGKPmuOdKwxVI>: Error: Mailbox INBOX: >> stat(/mnt/volume1/mailserver/plain/maildir/domain.com/user/dovecot.index.log >> <http://domain.com/user/dovecot.index.log>) failed: Permission denied >> (euid=1000(austin) egid=1000(austin) UNIX perms appear ok (ACL/MAC wrong?)) >> >> And here is the listing showing the permissions for that file. >> >> *austin@mail*:*~*$ ls -la >> /mnt/volume1/mailserver/plain/maildir/domain.com/user/dovecot.index.log >> <http://domain.com/user/dovecot.index.log> >> -rwxrwxr-- 1 austin austin 15796 Aug 20 14:41 >> */mnt/volume1/mailserver/plain/maildir/domain.com/user/dovecot.index.log >> <http://domain.com/user/dovecot.index.log>* >> >> What in the world is causing these errors, and what can I do about them? >> >> Thanks in advance! >> >> Austin Witmer > > Did you check wether your linux distribution uses SeLINUX or Apparmor ? In > that case you would have to check their policy to give dovecot access to this > directory. >
Re: Permission denied UNIX perms appear ok (ACL/MAC wrong?))
My mail storage is located on a block storage volume connected to my droplet in digital ocean. Austin Witmer > On Aug 20, 2022, at 11:15 AM, spi wrote: > > >> Am 20.08.22 um 16:52 schrieb Austin Witmer: >> Hello all! >> >> Recently I upgraded my mail server to Ubuntu 22.04 LTS and ever since >> then I am periodically getting some dovecot errors like the below in >> my mail log. As far as I can tell, my unix perms are just fine. What >> is ACL/MAC? >> >> Aug 20 14:41:58 mail dovecot: >> imap(u...@domain.com)<56316><1NieGKPmuOdKwxVI>: Error: Mailbox INBOX: >> stat(/mnt/volume1/mailserver/plain/maildir/domain.com/user/dovecot.index.log >> <http://domain.com/user/dovecot.index.log>) failed: Permission denied >> (euid=1000(austin) egid=1000(austin) UNIX perms appear ok (ACL/MAC >> wrong?)) >> >> And here is the listing showing the permissions for that file. >> >> *austin@mail*:*~*$ ls -la >> /mnt/volume1/mailserver/plain/maildir/domain.com/user/dovecot.index.log >> <http://domain.com/user/dovecot.index.log> >> -rwxrwxr-- 1 austin austin 15796 Aug 20 14:41 >> */mnt/volume1/mailserver/plain/maildir/domain.com/user/dovecot.index.log >> <http://domain.com/user/dovecot.index.log>* >> >> What in the world is causing these errors, and what can I do about them? >> >> Thanks in advance! >> >> Austin Witmer > > > Do you use any ACLs? Is this just a block device mounted or do you use > any network file sharing like nfs? > > ACLs you can check by 'getfacl foo'. > > -- > Cheers > spi
Re: Permission denied UNIX perms appear ok (ACL/MAC wrong?))
And no, I don’t think I am using ACL’s. getfacl austin /mnt/volume1/mailserver/plain/maildir/ getfacl: austin: No such file or directory getfacl: Removing leading '/' from absolute path names # file: mnt/volume1/mailserver/plain/maildir/ # owner: austin # group: austin user::rwx group::rwx other::r-- Austin Witmer > On Aug 20, 2022, at 11:15 AM, spi wrote: > > >> Am 20.08.22 um 16:52 schrieb Austin Witmer: >> Hello all! >> >> Recently I upgraded my mail server to Ubuntu 22.04 LTS and ever since >> then I am periodically getting some dovecot errors like the below in >> my mail log. As far as I can tell, my unix perms are just fine. What >> is ACL/MAC? >> >> Aug 20 14:41:58 mail dovecot: >> imap(u...@domain.com)<56316><1NieGKPmuOdKwxVI>: Error: Mailbox INBOX: >> stat(/mnt/volume1/mailserver/plain/maildir/domain.com/user/dovecot.index.log >> <http://domain.com/user/dovecot.index.log>) failed: Permission denied >> (euid=1000(austin) egid=1000(austin) UNIX perms appear ok (ACL/MAC >> wrong?)) >> >> And here is the listing showing the permissions for that file. >> >> *austin@mail*:*~*$ ls -la >> /mnt/volume1/mailserver/plain/maildir/domain.com/user/dovecot.index.log >> <http://domain.com/user/dovecot.index.log> >> -rwxrwxr-- 1 austin austin 15796 Aug 20 14:41 >> */mnt/volume1/mailserver/plain/maildir/domain.com/user/dovecot.index.log >> <http://domain.com/user/dovecot.index.log>* >> >> What in the world is causing these errors, and what can I do about them? >> >> Thanks in advance! >> >> Austin Witmer > > > Do you use any ACLs? Is this just a block device mounted or do you use > any network file sharing like nfs? > > ACLs you can check by 'getfacl foo'. > > -- > Cheers > spi
Re: Permission denied UNIX perms appear ok (ACL/MAC wrong?))
See below. > On Aug 20, 2022, at 9:56 AM, Remo Mattei wrote: > > Try ls -laZ > >> Il giorno 20 ago 2022, alle ore 08:08, Erwan David ha >> scritto: >> >> Le 20/08/2022 à 16:52, Austin Witmer a écrit : >>> Hello all! >>> >>> Recently I upgraded my mail server to Ubuntu 22.04 LTS and ever since then >>> I am periodically getting some dovecot errors like the below in my mail >>> log. As far as I can tell, my unix perms are just fine. What is ACL/MAC? >>> >>> Aug 20 14:41:58 mail dovecot: >>> imap(u...@domain.com)<56316><1NieGKPmuOdKwxVI>: Error: Mailbox INBOX: >>> stat(/mnt/volume1/mailserver/plain/maildir/domain.com/user/dovecot.index.log >>> <http://domain.com/user/dovecot.index.log>) failed: Permission denied >>> (euid=1000(austin) egid=1000(austin) UNIX perms appear ok (ACL/MAC wrong?)) >>> >>> And here is the listing showing the permissions for that file. >>> >>> *austin@mail*:*~*$ ls -la >>> /mnt/volume1/mailserver/plain/maildir/domain.com/user/dovecot.index.log >>> <http://domain.com/user/dovecot.index.log> >>> -rwxrwxr-- 1 austin austin 15796 Aug 20 14:41 >>> */mnt/volume1/mailserver/plain/maildir/domain.com/user/dovecot.index.log >>> <http://domain.com/user/dovecot.index.log>* >>> >>> What in the world is causing these errors, and what can I do about them? >>> >>> Thanks in advance! >>> >>> Austin Witmer >> >> Did you check wether your linux distribution uses SeLINUX or Apparmor ? In >> that case you would have to check their policy to give dovecot access to >> this directory. >> >> No, I’m not familiar with SeLinux or Apparmor. Tell me what I should do or check. Thanks! Austin Witmer
Re: Permission denied UNIX perms appear ok (ACL/MAC wrong?))
Ok, here is the output of that command. austin@mail:~$ ls -laZ /mnt/volume1/mailserver/plain/maildir/domain.com/user/dovecot.list.index.log -rwxrwxr-- 1 austin austin ? 6796 Aug 20 14:40 /mnt/volume1/mailserver/plain/maildir/domain.com/user/dovecot.list.index.log Does that tell you anything? Austin Witmer > On Aug 20, 2022, at 9:56 AM, Remo Mattei wrote: > > Try ls -laZ > >> Il giorno 20 ago 2022, alle ore 08:08, Erwan David ha >> scritto: >> >> Le 20/08/2022 à 16:52, Austin Witmer a écrit : >>> Hello all! >>> >>> Recently I upgraded my mail server to Ubuntu 22.04 LTS and ever since then >>> I am periodically getting some dovecot errors like the below in my mail >>> log. As far as I can tell, my unix perms are just fine. What is ACL/MAC? >>> >>> Aug 20 14:41:58 mail dovecot: >>> imap(u...@domain.com)<56316><1NieGKPmuOdKwxVI>: Error: Mailbox INBOX: >>> stat(/mnt/volume1/mailserver/plain/maildir/domain.com/user/dovecot.index.log >>> <http://domain.com/user/dovecot.index.log>) failed: Permission denied >>> (euid=1000(austin) egid=1000(austin) UNIX perms appear ok (ACL/MAC wrong?)) >>> >>> And here is the listing showing the permissions for that file. >>> >>> *austin@mail*:*~*$ ls -la >>> /mnt/volume1/mailserver/plain/maildir/domain.com/user/dovecot.index.log >>> <http://domain.com/user/dovecot.index.log> >>> -rwxrwxr-- 1 austin austin 15796 Aug 20 14:41 >>> */mnt/volume1/mailserver/plain/maildir/domain.com/user/dovecot.index.log >>> <http://domain.com/user/dovecot.index.log>* >>> >>> What in the world is causing these errors, and what can I do about them? >>> >>> Thanks in advance! >>> >>> Austin Witmer >> >> Did you check wether your linux distribution uses SeLINUX or Apparmor ? In >> that case you would have to check their policy to give dovecot access to >> this directory. >> >>
Permission denied UNIX perms appear ok (ACL/MAC wrong?))
Is there any chance that high memory utilization could be responsible for some of these errors? I’ve noticed recently that my memory is running anywhere from 80-85%. Austin Witmer > On Aug 20, 2022, at 8:52 AM, Austin Witmer wrote: > > Hello all! > > Recently I upgraded my mail server to Ubuntu 22.04 LTS and ever since then I > am periodically getting some dovecot errors like the below in my mail log. As > far as I can tell, my unix perms are just fine. What is ACL/MAC? > > Aug 20 14:41:58 mail dovecot: imap(u...@domain.com > <mailto:u...@domain.com>)<56316><1NieGKPmuOdKwxVI>: Error: Mailbox INBOX: > stat(/mnt/volume1/mailserver/plain/maildir/domain.com/user/dovecot.index.log > <http://domain.com/user/dovecot.index.log>) failed: Permission denied > (euid=1000(austin) egid=1000(austin) UNIX perms appear ok (ACL/MAC wrong?)) > > And here is the listing showing the permissions for that file. > > austin@mail:~$ ls -la > /mnt/volume1/mailserver/plain/maildir/domain.com/user/dovecot.index.log > <http://domain.com/user/dovecot.index.log> > -rwxrwxr-- 1 austin austin 15796 Aug 20 14:41 > /mnt/volume1/mailserver/plain/maildir/domain.com/user/dovecot.index.log > <http://domain.com/user/dovecot.index.log> > > What in the world is causing these errors, and what can I do about them? > > Thanks in advance! > > Austin Witmer
Permission denied UNIX perms appear ok (ACL/MAC wrong?))
Hello all! Recently I upgraded my mail server to Ubuntu 22.04 LTS and ever since then I am periodically getting some dovecot errors like the below in my mail log. As far as I can tell, my unix perms are just fine. What is ACL/MAC? Aug 20 14:41:58 mail dovecot: imap(u...@domain.com)<56316><1NieGKPmuOdKwxVI>: Error: Mailbox INBOX: stat(/mnt/volume1/mailserver/plain/maildir/domain.com/user/dovecot.index.log) failed: Permission denied (euid=1000(austin) egid=1000(austin) UNIX perms appear ok (ACL/MAC wrong?)) And here is the listing showing the permissions for that file. austin@mail:~$ ls -la /mnt/volume1/mailserver/plain/maildir/domain.com/user/dovecot.index.log -rwxrwxr-- 1 austin austin 15796 Aug 20 14:41 /mnt/volume1/mailserver/plain/maildir/domain.com/user/dovecot.index.log What in the world is causing these errors, and what can I do about them? Thanks in advance! Austin Witmer
Re: Trouble configuring managesive plugin for roundcube
That seems to have done it! Thanks again! Austin Witmer > On Jul 14, 2022, at 2:00 AM, Christian Kivalo wrote: > > > > >>> But you can make php think it connects to the correct hostname with the ssl >>> connection options >>> >>> $config['managesieve_conn_options'] = [ >>> 'ssl' => [ >>> 'verify_peer' => false, >>> 'peer_name' => 'FQDN of mailserver', >>> ], >>> ]; >>> >>> This probably even works without the "verify_peer" line, haven't tested. >>> >> >> I added the block above to my managesieve configuration in Roundcube and now >> connected to an internal IP address works beautifully! >> >> Now I just need to figure out how to accomplish the same thing for the imap >> and smtp server that Roundcube is using. Is there a block similar to the one >> above that I could add to my Roundcube config.inc.php file to enable me to >> use internal addresses for my imap and smtp servers? > > Hi yes the same ssl connection config should work in roundcube config.inc.php > just use ['imap_conn_options'] and ['smtp_conn_options'] respectively. > There are examples in roundcubes default.inc.php file > > -- > Christian Kivalo
Re: Trouble configuring managesive plugin for roundcube
Thanks so much Christian Kivalo! See below. > On Jul 12, 2022, at 9:13 AM, Christian Kivalo wrote: > > On 2022-07-12 16:19, Austin Witmer wrote: >> So, I changed the $config['managesieve_host'] = >> 'tls://mail.mydomain.com’; to the fqdn of my mail server instead of >> the internal IP address and now it works! > Good to hear it works now :) > >> Why would using the fqdn work, but not the internal LAN IP address? > The client, here php / roundcube checks if the presented certificate contains > the address it connected to and ip addresses are very seldomly added as hosts > to certificates. > >> As a side note, I am now remembering that in my main Roundcube config, >> I had to use the fqdn for the imap and smtp server instead of the >> internal LAN IP address. Is it because it needs to connect to a host >> with the same hostname that the certificate returns? Would it work to >> add an entry in my hosts file that says "10.116.0.2 mail.mydomain.com >> [1]”? I should be able to use the internal IP addresses, right? Are >> there downsides to using the fqdn? > > The hosts file entry would help with name resolution but not with certificate > verification. > > But you can make php think it connects to the correct hostname with the ssl > connection options > > $config['managesieve_conn_options'] = [ > 'ssl' => [ > 'verify_peer' => false, > 'peer_name' => 'FQDN of mailserver', > ], > ]; > > This probably even works without the "verify_peer" line, haven't tested. > I added the block above to my managesieve configuration in Roundcube and now connected to an internal IP address works beautifully! Now I just need to figure out how to accomplish the same thing for the imap and smtp server that Roundcube is using. Is there a block similar to the one above that I could add to my Roundcube config.inc.php file to enable me to use internal addresses for my imap and smtp servers? > >> I may have some questions about configuring sieve rules later, but I >> can start a new thread for that. >> Austin Witmer >>> On Jul 11, 2022, at 1:06 PM, Christian Kivalo >>> wrote: >>>> I added “login” to my auth_mechanisms line in >>>> /etc/dovecot/conf.d/10-auth.conf. That line already looked like >>>> auth_mechanisms = plain >>>> This is what the line looks like now: auth_mechanisms = plain >>>> login >>>> I restarted dovecot and it still is not advertising anything after >>>> “SASL” in the sieve log file. See below: >>>> [10-Jul-2022 16:33:27 -0600]: <4d9b66la> S: "NOTIFY" "mailto" >>>> [10-Jul-2022 16:33:27 -0600]: <4d9b66la> S: "SASL" "" >>>> [10-Jul-2022 16:33:27 -0600]: <4d9b66la> S: "STARTTLS" >>>> [10-Jul-2022 16:33:27 -0600]: <4d9b66la> S: "VERSION" "1.0" >>>> [10-Jul-2022 16:33:27 -0600]: <4d9b66la> S: OK "Dovecot (Ubuntu) >>>> ready." >>>> [10-Jul-2022 16:33:27 -0600]: <4d9b66la> C: STARTTLS >>>> [10-Jul-2022 16:33:27 -0600]: <4d9b66la> S: OK "Begin TLS >>>> negotiation now." >>>> [10-Jul-2022 16:33:30 -0600]: <4d9b66la> C: LOGOUT >>>> [10-Jul-2022 16:33:30 -0600]: <4d9b66la> S: >>>> Y8h#u??Lu?u?V2??N[?˴?+)u?F?'{ֺ?G?r?iS??pݥ??D}? >>>> [10-Jul-2022 16:33:30 -0600]: <4d9b66la> S: >>>> ?>??0??SxfXC%]c?|?y?"w???K_ޕ???N >>>> ?.?c? >>>> ??_D?r???ǿ?r??w??#?/j?l/Wu?=.I^~??y??(-n?6]!a??;?E?l??qn?j >>>> [10-Jul-2022 16:33:30 -0600]: <4d9b66la> S: >>> ?.e???i8p?{Ur"???3GZ?C??7??U)s?;,c?6HY??B?ڑB.g=TtAk?dq???nV?i >>>> ?BG2D???7?hܖQTl?)G??9??W?M^?? >>>> ??D&?䢀rQ???2E?pn?Ez?䉉i? >>>> @1??փiC???=???W?M\ >> `?]?}?D$`?:???^?/K???5?aB?c??ar)?l@C??X?ٹ?!J???k??"/1?r???w?_??@?p??w >>>> )R?d??ok*?*? >>>> i?O?i%S?l^?o2?H >>>> [10-Jul-2022 16:33:30 -0600]: <4d9b66la> S: >>>> 5?7?x??w?z"??hu4?E??:?/?F(d?;??i??"??5??G,5E?C?MS >>>> L???*??*???LO?D?? J?l???ځ? >>>> ??IN??v?fR?5t?:???SG?>{mY??D?˱t?Rj?w?# >>>> ??n??[?S? >>>> V4O?z?=.ܰې??uA?ھ9?τ???c??oE?;LBOg??Ql'w?= >>>> [10-Jul-2022 16:33:30 -0600]: <4d9b66la> S: >>>> ?&???C/_??*??|.??$O?~? >>>> ??5?"縉?? >>>> ?r??0~?+~B >>>&
Re: Trouble configuring managesive plugin for roundcube
So, I changed the $config['managesieve_host'] = 'tls://mail.mydomain.com’; to the fqdn of my mail server instead of the internal IP address and now it works! Why would using the fqdn work, but not the internal LAN IP address? As a side note, I am now remembering that in my main Roundcube config, I had to use the fqdn for the imap and smtp server instead of the internal LAN IP address. Is it because it needs to connect to a host with the same hostname that the certificate returns? Would it work to add an entry in my hosts file that says "10.116.0.2 mail.mydomain.com <http://mail.mydomain.com/>”? I should be able to use the internal IP addresses, right? Are there downsides to using the fqdn? I may have some questions about configuring sieve rules later, but I can start a new thread for that. Austin Witmer > On Jul 11, 2022, at 1:06 PM, Christian Kivalo wrote: > >> I added “login” to my auth_mechanisms line in >> /etc/dovecot/conf.d/10-auth.conf. That line already looked like >> auth_mechanisms = plain >> This is what the line looks like now: auth_mechanisms = plain login >> I restarted dovecot and it still is not advertising anything after >> “SASL” in the sieve log file. See below: >> [10-Jul-2022 16:33:27 -0600]: <4d9b66la> S: "NOTIFY" "mailto" >> [10-Jul-2022 16:33:27 -0600]: <4d9b66la> S: "SASL" "" >> [10-Jul-2022 16:33:27 -0600]: <4d9b66la> S: "STARTTLS" >> [10-Jul-2022 16:33:27 -0600]: <4d9b66la> S: "VERSION" "1.0" >> [10-Jul-2022 16:33:27 -0600]: <4d9b66la> S: OK "Dovecot (Ubuntu) ready." >> [10-Jul-2022 16:33:27 -0600]: <4d9b66la> C: STARTTLS >> [10-Jul-2022 16:33:27 -0600]: <4d9b66la> S: OK "Begin TLS negotiation now." >> [10-Jul-2022 16:33:30 -0600]: <4d9b66la> C: LOGOUT >> [10-Jul-2022 16:33:30 -0600]: <4d9b66la> S: >> Y8h#u??Lu?u?V2??N[?˴?+)u?F?'{ֺ?G?r?iS??pݥ??D}? >> [10-Jul-2022 16:33:30 -0600]: <4d9b66la> S: ?>??0??SxfXC%]c?|?y?"w???K_ޕ???N >> ?.?c? ??_D?r???ǿ?r??w??#?/j?l/Wu?=.I^~??y??(-n?6]!a??;?E?l??qn?j >> [10-Jul-2022 16:33:30 -0600]: <4d9b66la> S: >> ?.e???i8p?{Ur"???3GZ?C??7??U)s?;,c?6HY??B?ڑB.g=TtAk?dq???nV?i >> ?BG2D???7?hܖQTl?)G??9??W?M^?? >> ??D&?䢀rQ???2E?pn?Ez?䉉i? @1??փiC???=???W?M\ >> `?]?}?D$`?:???^?/K???5?aB?c??ar)?l@C??X?ٹ?!J???k??"/1?r???w?_??@?p??w >> )R?d??ok*?*? >> i?O?i%S?l^?o2?H >> [10-Jul-2022 16:33:30 -0600]: <4d9b66la> S: >> 5?7?x??w?z"??hu4?E??:?/?F(d?;??i??"??5??G,5E?C?MS >> L???*??*???LO?D?? J?l???ځ? >> ??IN??v?fR?5t?:???SG?>{mY??D?˱t?Rj?w?# >> ??n??[?S? >> V4O?z?=.ܰې??uA?ھ9?τ???c??oE?;LBOg??Ql'w?= >> [10-Jul-2022 16:33:30 -0600]: <4d9b66la> S: ?&???C/_??*??|.??$O?~? >> ??5?"縉?? >> ?r??0~?+~B >> ??5)]cZ?Z?t??D??-?dZ??M?z??2TɉOp?q?o?T?3?`'g??6 >> [10-Jul-2022 16:33:30 -0600]: <4d9b66la> S: m??]~5??? >> [10-Jul-2022 16:33:30 -0600]: <4d9b66la> S: >> And once again the line from my mail.log file. >> Jul 10 22:33:27 mail dovecot: managesieve-login: Disconnected (no auth >> attempts in 0 secs): user=<>, rip=10.116.0.3, lip=10.116.0.2, TLS, >> session=<7VswBnvjXuIKdAAD> >> Any further suggestions? Why do you suppose that the auth mechanisms >> are not being advertised? > The auth mechanisms are not shown because you access from a remote host, have > STARTTLS available and "disable_plaintext_auth = yes" set. The auth > mechanisms will be shown after STARTTLS. > This is described here > https://wiki.dovecot.org/Pigeonhole/ManageSieve/Troubleshooting > > > > One more thing comes to mind regarding the ssl options in the managesieve > plugin config. Do you use a self signed cert in dovecot? > > One more thing you could try, in your managesieve plugin config.inc.php > > remove this section: > $config['managesieve_conn_options'] = array( >'ssl' => array( >'verify_peer' => false, >'allow_self_signed' => true, >), >); > > add this section: > $config['managesieve_conn_options'] = [ >'ssl' => [ >'verify_peer' => false, >'peer_name' => 'change to the hostname from dovecots ssl certificate', >], > ]; > > add in there, when using self-signed cert > 'allow_self_signed' => true, > > -- > Christian Kivalo
Re: Trouble configuring managesive plugin for roundcube
On Jul 10, 2022, at 5:34 PM, Benny Pedersen wrote: > > On 2022-07-11 00:38, Austin Witmer wrote: > >> Jul 10 22:33:27 mail dovecot: managesieve-login: Disconnected (no auth >> attempts in 0 secs): user=<>, rip=10.116.0.3, lip=10.116.0.2, TLS, >> session=<7VswBnvjXuIKdAAD> > > roundcube send no user login to dovecot managesived, thats why it fails now > imho That’s what I’m thinking to, but I don’t have a clue how to remedy that. > > what are the managesieve config in roundcube, try disable tls, tls is > overkill for rfc1918 ips, why not 127.0.0.1 ? I posted my managesieve earlier in this thread. I have tried disabling tls in the managesieve config in roundcube but that doesn’t work either. Roundcube is running on a different server than dovecot so I don’t see how I could use 127.0.0.1 in my managesieve config in roundcube. > > chrooted something ? > > i am not an expert, but it works for me on gentoo :) Are your running dovecot and roundcube on the same server? > Austin Witmer
Re: Trouble configuring managesive plugin for roundcube
See below. > On Jul 10, 2022, at 4:03 PM, Christian Kivalo wrote: > > > > On 2022-07-10 23:10, Austin Witmer wrote: >> Ok, I changed to $config['managesieve_host'] = 'tls://10.116.0.2’; and >> the below is the log from /var/www/roundcube/logs/sieve.log during a >> connection attempt. Does this log give you any clues? >> [10-Jul-2022 14:59:48 -0600]: S: "IMPLEMENTATION" "Dovecot >> (Ubuntu) Pigeonhole" >> [10-Jul-2022 14:59:48 -0600]: S: "SIEVE" "fileinto reject >> envelope encoded-character vacation subaddress >> comparator-i;ascii-numeric relational regex imap4flags copy include >> variables body enotify environment mailbox date index ihave duplicate >> mime foreverypart extracttext" >> [10-Jul-2022 14:59:48 -0600]: S: "NOTIFY" "mailto" >> [10-Jul-2022 14:59:48 -0600]: S: "SASL" "" > > No auth mechanisms are advertised. > >> [10-Jul-2022 14:59:48 -0600]: S: "STARTTLS" >> [10-Jul-2022 14:59:48 -0600]: S: "VERSION" "1.0" >> [10-Jul-2022 14:59:48 -0600]: S: OK "Dovecot (Ubuntu) ready." >> [10-Jul-2022 14:59:48 -0600]: C: STARTTLS >> [10-Jul-2022 14:59:48 -0600]: S: OK "Begin TLS negotiation now." >> [10-Jul-2022 14:59:50 -0600]: C: LOGOUT > > Client disconnect immediately after starttls. > >> [10-Jul-2022 14:59:50 -0600]: S: ?=?C-ɓH(??̸?.?2 >> [`S?w??K???:?&Bn3v?*?z[??'K?x?@??W??T-?q?\?o?Tub.Nr?)*??j?ב??= >> ?P^??.mr???+?5e.ُ?q?.$/uݚ?B~?f+>?.ܮ?.?=ʑ? >> [10-Jul-2022 14:59:50 -0600]: S: ?A?\???F???X? >> c+ԩ???!???{?-??\?]?7H1+v?y?5?G-6c0???av?_1?5n??i7˃U??L@?AH??O?N???Ie?r?F??weqfR???Y???b? >> ??kT+?.??S?uԕ?Тc?Z'݀?nTȣȆ?m???(6?~&WC??B?m???Z?1?R?3??i@??R???=VHf?5??1??}u9m >> [10-Jul-2022 14:59:50 -0600]: S: ? >> ??*}??OG?C??,.ä?Cg??RM?? ?Kiq? >> [10-Jul-2022 14:59:50 -0600]: S: >> W?qWN?]ۿ?8??dց?=?&?H8y??"?6?D?!*?ޒ?K??$eV??.On???M???h??C???AU?G2?O,E?C\*?~,?ќ?$?{W0w??B?E??X`?!VH???k+??e???Ero̎0ȭ???&2?&I?^D?;??f?4Zn%Y_û?/s1hj??;???ujt?d?H?vܓt3"?Wm0` >> z???AU?QRE?Ƽ\Bz-V??W???,?bp???e?D???0m?-? >> ?8?%???4??V?\?'MR[?O1?ި4 ? >> 4Z?X >> [10-Jul-2022 14:59:50 -0600]: S: >> And here is the log from the mail server during the same connection attempt. >> Jul 10 20:59:48 mail dovecot: managesieve-login: Disconnected (no auth >> attempts in 0 secs): user=<>, rip=10.116.0.3, lip=10.116.0.2, TLS, >> session= >> And here is the output of doveconf -n > >> austin@mail:~$ doveconf -n >> # 2.3.7.2 (3c910f64b): /etc/dovecot/dovecot.conf >> # Pigeonhole version 0.5.7.2 () >> # OS: Linux 5.4.0-121-generic x86_64 Ubuntu 20.04.4 LTS >> # Hostname: mail.mydomain.com >> listen = * >> mail_location = mbox:~/mail:INBOX=/var/mail/%u >> mail_privileged_group = mail >> managesieve_notify_capability = mailto >> managesieve_sieve_capability = fileinto reject envelope >> encoded-character vacation subaddress comparator-i;ascii-numeric >> relational regex imap4flags copy include variables body enotify >> environment mailbox date index ihave duplicate mime foreverypart >> extracttext >> namespace inbox { >> inbox = yes >> location = >> mailbox Drafts { >>special_use = \Drafts >> } >> mailbox Junk { >>special_use = \Junk >> } >> mailbox Sent { >>auto = subscribe >>special_use = \Sent >> } >> mailbox "Sent Messages" { >>special_use = \Sent >> } >> mailbox Spam { >>auto = subscribe >> } >> mailbox Trash { >>auto = subscribe >>special_use = \Trash >> } >> prefix = >> } >> passdb { >> driver = pam >> } >> passdb { >> args = /etc/dovecot/dovecot-sql.conf >> driver = sql >> } >> passdb { >> args = /etc/dovecot/dovecot-sql.conf >> driver = sql >> } >> plugin { >> sieve = /mnt/volume1/mailserver/plain/sieve/%d/%n/%n.sieve >> sieve_global_dir = /var/lib/dovecot/sieve/ >> sieve_global_path = /var/lib/dovecot/sieve/default.sieve >> sieve_user_log = >> file:/mnt/volume1/mailserver/plain/sieve/%d/%n/sieve_error.log >> } >> protocols = imap lmtp pop3 imap lmtp sieve pop3 >> service auth { >> unix_listener /var/spool/postfix/private/auth { >>group = postfix >>mode
Re: Trouble configuring managesive plugin for roundcube
Ok, I changed to $config['managesieve_host'] = 'tls://10.116.0.2’; and the below is the log from /var/www/roundcube/logs/sieve.log during a connection attempt. Does this log give you any clues? [10-Jul-2022 14:59:48 -0600]: S: "IMPLEMENTATION" "Dovecot (Ubuntu) Pigeonhole" [10-Jul-2022 14:59:48 -0600]: S: "SIEVE" "fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext" [10-Jul-2022 14:59:48 -0600]: S: "NOTIFY" "mailto" [10-Jul-2022 14:59:48 -0600]: S: "SASL" "" [10-Jul-2022 14:59:48 -0600]: S: "STARTTLS" [10-Jul-2022 14:59:48 -0600]: S: "VERSION" "1.0" [10-Jul-2022 14:59:48 -0600]: S: OK "Dovecot (Ubuntu) ready." [10-Jul-2022 14:59:48 -0600]: C: STARTTLS [10-Jul-2022 14:59:48 -0600]: S: OK "Begin TLS negotiation now." [10-Jul-2022 14:59:50 -0600]: C: LOGOUT [10-Jul-2022 14:59:50 -0600]: S: ?=?C-ɓH(??̸?.?2 [`S?w??K???:?&Bn3v?*?z[??'K?x?@??W??T-?q?\?o?Tub.Nr?)*??j?ב??= ?P^??.mr???+?5e.ُ?q?.$/uݚ?B~?f+>?.ܮ?.?=ʑ? [10-Jul-2022 14:59:50 -0600]: S: ?A?\???F???X? c+ԩ???!???{?-??\?]?7H1+v?y?5?G-6c0???av?_1?5n??i7˃U??L@?AH??O?N???Ie?r?F??weqfR???Y???b? ??kT+?.??S?uԕ?Тc?Z'݀?nTȣȆ?m???(6?~&WC??B?m???Z?1?R?3??i@??R???=VHf?5??1??}u9m [10-Jul-2022 14:59:50 -0600]: S: ? ??*}??OG?C??,.ä?Cg??RM?? ?Kiq? [10-Jul-2022 14:59:50 -0600]: S: W?qWN?]ۿ?8??dց?=?&?H8y??"?6?D?!*?ޒ?K??$eV??.On???M???h??C???AU?G2?O,E?C\*?~,?ќ?$?{W0w??B?E??X`?!VH???k+??e???Ero̎0ȭ???&2?&I?^D?;??f?4Zn%Y_û?/s1hj??;???ujt?d?H?vܓt3"?Wm0` z???AU?QRE?Ƽ\Bz-V??W???,?bp???e?D???0m?-? ?8?%???4??V?\?'MR[?O1?ި4 ? 4Z?X [10-Jul-2022 14:59:50 -0600]: S: And here is the log from the mail server during the same connection attempt. Jul 10 20:59:48 mail dovecot: managesieve-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=10.116.0.3, lip=10.116.0.2, TLS, session= And here is the output of doveconf -n austin@mail:~$ doveconf -n # 2.3.7.2 (3c910f64b): /etc/dovecot/dovecot.conf # Pigeonhole version 0.5.7.2 () # OS: Linux 5.4.0-121-generic x86_64 Ubuntu 20.04.4 LTS # Hostname: mail.mydomain.com listen = * mail_location = mbox:~/mail:INBOX=/var/mail/%u mail_privileged_group = mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { auto = subscribe special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Spam { auto = subscribe } mailbox Trash { auto = subscribe special_use = \Trash } prefix = } passdb { driver = pam } passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } plugin { sieve = /mnt/volume1/mailserver/plain/sieve/%d/%n/%n.sieve sieve_global_dir = /var/lib/dovecot/sieve/ sieve_global_path = /var/lib/dovecot/sieve/default.sieve sieve_user_log = file:/mnt/volume1/mailserver/plain/sieve/%d/%n/sieve_error.log } protocols = imap lmtp pop3 imap lmtp sieve pop3 service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } } service imap-login { inet_listener imap { port = 0 } inet_listener imaps { port = 993 } } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } service managesieve-login { inet_listener sieve { port = 4190 } service_count = 1 } ssl = required ssl_cert = On Jul 10, 2022, at 9:49 AM, Christian Kivalo wrote: > > > On July 10, 2022 5:01:02 PM GMT+02:00, Austin Witmer > wrote: >> When I enable ssl = yes in my /etc/dovecot/conf.d/20-managesieve.conf file, >> I get the log line below from mail.log on my mail server. >> Jul 10 14:57:18 mail dovecot: managesieve-login: Disconnected (no auth >> attempts in 62 secs): user=<>, rip=10.116.0.3, lip=10.116.0.2, TLS >> handshaking: SSL_accept() failed: error:1408F10B:SSL >> routines:ssl3_get_record:w
Re: POSSIBLE SPAM: Re: Trouble configuring managesive plugin for roundcube
When I enable ssl = yes in my /etc/dovecot/conf.d/20-managesieve.conf file, I get the log line below from mail.log on my mail server. Jul 10 14:57:18 mail dovecot: managesieve-login: Disconnected (no auth attempts in 62 secs): user=<>, rip=10.116.0.3, lip=10.116.0.2, TLS handshaking: SSL_accept() failed: error:1408F10B:SSL routines:ssl3_get_record:wrong version number, session= I’m not smart enough with ssl stuff to know what the root cause of that error is. Can somebody help me out? Thanks! Austin Witmer > On Jul 10, 2022, at 8:52 AM, Austin Witmer wrote: > > So, here is my dovecot configuration. /etc/dovecot/dovecot.conf > > ## Dovecot configuration file > > # Enable installed protocols > !include_try /usr/share/dovecot/protocols.d/*.protocol > > dict { > #quota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext > #expire = sqlite:/etc/dovecot/dovecot-dict-sql.conf.ext > } > > !include conf.d/*.conf > > !include_try local.conf > > !include_try /usr/share/dovecot/protocols.d/*.protocol > > listen = * > > disable_plaintext_auth = yes > mail_privileged_group = mail > > passdb { > args = /etc/dovecot/dovecot-sql.conf > driver = sql > } > protocols = imap lmtp pop3 > > namespace inbox { > inbox = yes > > mailbox Trash { >auto = subscribe # autocreate and autosubscribe the Trash mailbox >special_use = \Trash > } > mailbox Sent { >auto = subscribe # autocreate and autosubscribe the Sent mailbox >special_use = \Sent > } > mailbox Spam { >auto = subscribe # autocreate and autosubscribe the Spam mailbox > } > } > > service auth { > unix_listener /var/spool/postfix/private/auth { >group = postfix >mode = 0660 >user = postfix > } > } > service imap-login { > inet_listener imap { >port = 0 > } > inet_listener imaps { >port = 993 > } > } > > service lmtp { >unix_listener /var/spool/postfix/private/dovecot-lmtp { > group = postfix > mode = 0600 > user = postfix >} > } > protocol lmtp { >postmaster_address=postmas...@mydomain.com >hostname=mail.mydomain.com > } > > ssl = required # Enable installed protocols > !include_try /usr/share/dovecot/protocols.d/*.protocol > > listen = * > > disable_plaintext_auth = yes > mail_privileged_group = mail > > passdb { > args = /etc/dovecot/dovecot-sql.conf > driver = sql > } > > namespace inbox { > inbox = yes > > mailbox Trash { >auto = subscribe # autocreate and autosubscribe the Trash mailbox >special_use = \Trash > } > mailbox Sent { >auto = subscribe # autocreate and autosubscribe the Sent mailbox >special_use = \Sent > } > } > > service auth { > unix_listener /var/spool/postfix/private/auth { >group = postfix >mode = 0660 >user = postfix > } > } > service imap-login { > inet_listener imap { >port = 0 > } > inet_listener imaps { >port = 993 > } > } > > service lmtp { >unix_listener /var/spool/postfix/private/dovecot-lmtp { > group = postfix > mode = 0600 > user = postfix >} > } > protocol lmtp { >postmaster_address=postmas...@mydomain.com >hostname=mail.mydomain.com > } > > ssl = required > ssl_cert = ssl_cipher_list = AES128+EECDH:AES128+EDH > ssl_key = ssl_prefer_server_ciphers = yes > > > userdb { > driver = prefetch > } > > userdb { > driver = sql > args = /etc/dovecot/dovecot-sql.conf > } > > ssl_cert = ssl_cipher_list = AES128+EECDH:AES128+EDH > #ssl_dh_parameters_length = 4096 > ssl_key = ssl_prefer_server_ciphers = yes > #ssl_protocols = !SSLv3 > > userdb { > driver = prefetch > } > > userdb { > driver = sql > args = /etc/dovecot/dovecot-sql.conf > } > > And here is the /etc/dovecot/conf.d/20-managesieve.conf file. I tried > enabling ssl = yes in the config below but it still didn’t work. > > ## > ## ManageSieve specific settings > ## > > # Uncomment to enable managesieve protocol: > protocols = $protocols sieve > > # Service definitions > > service managesieve-login { > inet_listener sieve { >port = 4190 > #ssl = yes > } > > #inet_listener sieve_deprecated { > # port = 2000 > #} > > # Number of connections to handle before starting a new process. Typically > # the only useful values are 0 (unlimited) or 1. 1 is more secure, but 0 > # is faster. > #service_count = 1 > > # Number of processes to always keep waiting for more connections. > #process_min_avail = 0 >
Re: Trouble configuring managesive plugin for roundcube
n this: openssl s_client -connect 10.116.0.2:4190 On Jul 10, 2022, at 2:17 AM, Tomas Habarta wrote: > > I can't see your dovecot conf, but anyway -- roundcube side has to be aligned > with dovecot's, i.e. if you use ssl on roundcube side, make sure you have it > enabled on dovecot side too, something like: > > service managesieve-login { > inet_listener sieve { >port = 4190 >ssl = yes > } > > or just use tls, i.e. no "ssl=yes" in dovecot conf, but tls://10.116.0.2 in > roundcube conf > This seems to be the same case: > https://github.com/roundcube/roundcubemail/issues/7127 > > Tomas > > > On Sat, Jul 09, 2022 at 10:31:04PM -0600, Austin Witmer wrote: >> Hello all! >> I’ve got a bit of a problem that I would like some help with. So, I have >> two servers, one is my mail server running postfix, dovecot etc. I have a >> second server setup as my roundcube server. Both servers are running on >> the same LAN network. >> I have sieve scripts setup in dovecot in my mail server and they are >> working great! My trouble is that I can’t seem to make my roundcube talk >> correctly to managesieve on my mail server. >> Here is the mail.log file from the mail server when I try to create a >> sievescript from roundcube webmail: >> Jul 10 04:11:45 mail dovecot: managesieve-login: Disconnected: Too many >> invalid commands. (no auth attempts in 0 secs): user=<>, rip=10.116.0.3, >> lip=10.116.0.2, session= >> And here is my managesieve configuration from my roundcube server. >> /var/www/roundcube/plugins/managesieve/config.inc.php >> > $config['managesieve_port'] = 4190; >> $config['managesieve_host'] = '[1]ssl://10.116.0.2'; >> $config['managesieve_auth_type'] = null; >> $config['managesieve_auth_cid'] = null; >> $config['managesieve_auth_pw'] = null; >> $config['managesieve_usetls'] = false; >> $config['managesieve_conn_options'] = array( >> 'ssl' => array( >> 'verify_peer' => false, >> 'allow_self_signed' => true, >> ), >> ); >> $config['managesieve_default'] = 'var/lib/dovecot/sieve/default.sieve'; >> $config['managesieve_script_name'] = 'default.sieve'; >> $config['managesieve_mbox_encoding'] = 'UTF-8'; >> $config['managesieve_replace_delimiter'] = ''; >> $config['managesieve_disabled_extensions'] = []; >> $config['managesieve_debug'] = true; >> $config['managesieve_kolab_master'] = false; >> $config['managesieve_filename_extension'] = '.sieve'; >> $config['managesieve_filename_exceptions'] = []; >> $config['managesieve_domains'] = []; >> $config['managesieve_default_headers'] = ['Subject', 'From', 'To']; >> $config['managesieve_vacation'] = 0; >> $config['managesieve_forward'] = 0; >> $config['managesieve_vacation_interval'] = 0; >> $config['managesieve_vacation_addresses_init'] = false; >> $config['managesieve_vacation_from_init'] = false; >> $config['managesieve_notify_methods'] = ['mailto']; >> $config['managesieve_raw_editor'] = true; >> $config['managesieve_disabled_actions'] = []; >> $config['managesieve_allowed_hosts'] = null; >> Does anybody have any clue why roundcube isn’t able to login in to >> managesieve on my mail server? >> Are there more logs/configs you would like to see? >> Thanks in advance for your help and suggestions! >> Austin Witmer >> >> References >> >> Visible links >> 1. file:///tmp/ssl:/10.116.0.2
Trouble configuring managesive plugin for roundcube
Hello all! I’ve got a bit of a problem that I would like some help with. So, I have two servers, one is my mail server running postfix, dovecot etc. I have a second server setup as my roundcube server. Both servers are running on the same LAN network. I have sieve scripts setup in dovecot in my mail server and they are working great! My trouble is that I can’t seem to make my roundcube talk correctly to managesieve on my mail server. Here is the mail.log file from the mail server when I try to create a sievescript from roundcube webmail: Jul 10 04:11:45 mail dovecot: managesieve-login: Disconnected: Too many invalid commands. (no auth attempts in 0 secs): user=<>, rip=10.116.0.3, lip=10.116.0.2, session= And here is my managesieve configuration from my roundcube server. /var/www/roundcube/plugins/managesieve/config.inc.php array( 'verify_peer' => false, 'allow_self_signed' => true, ), ); $config['managesieve_default'] = 'var/lib/dovecot/sieve/default.sieve'; $config['managesieve_script_name'] = 'default.sieve'; $config['managesieve_mbox_encoding'] = 'UTF-8'; $config['managesieve_replace_delimiter'] = ''; $config['managesieve_disabled_extensions'] = []; $config['managesieve_debug'] = true; $config['managesieve_kolab_master'] = false; $config['managesieve_filename_extension'] = '.sieve'; $config['managesieve_filename_exceptions'] = []; $config['managesieve_domains'] = []; $config['managesieve_default_headers'] = ['Subject', 'From', 'To']; $config['managesieve_vacation'] = 0; $config['managesieve_forward'] = 0; $config['managesieve_vacation_interval'] = 0; $config['managesieve_vacation_addresses_init'] = false; $config['managesieve_vacation_from_init'] = false; $config['managesieve_notify_methods'] = ['mailto']; $config['managesieve_raw_editor'] = true; $config['managesieve_disabled_actions'] = []; $config['managesieve_allowed_hosts'] = null; Does anybody have any clue why roundcube isn’t able to login in to managesieve on my mail server? Are there more logs/configs you would like to see? Thanks in advance for your help and suggestions! Austin Witmer
Re: POSSIBLE SPAM: Re: Move sent emails to sent folder?
Thanks to all of you for your help and suggestions! My setup seems to be working not that I have added the "-o receive_override_options=no_address_mappings” to all but one of the delivery stages in the postfix master.cf file. Austin Witmer > On Jun 18, 2022, at 9:15 AM, Austin Witmer wrote: > > Here is the output of postconf -M: > > Austin Witmer > > pickup unix n - y 60 1 pickup > cleanupunix n - y - 0 cleanup > qmgr unix n - n 300 1 qmgr > tlsmgr unix - - y 1000? 1 tlsmgr > rewriteunix - - y - - trivial-rewrite > bounce unix - - y - 0 bounce > defer unix - - y - 0 bounce > trace unix - - y - 0 bounce > verify unix - - y - 1 verify > flush unix n - y 1000? 0 flush > proxymap unix - - n - - proxymap > proxywrite unix - - n - 1 proxymap > smtp unix - - y - - smtp > relay unix - - y - - smtp -o > syslog_name=postfix/$service_name > showq unix n - y - - showq > error unix - - y - - error > retry unix - - y - - error > discardunix - - y - - discard > local unix - n n - - local > virtualunix - n n - - virtual > lmtp unix - - y - - lmtp > anvil unix - - y - 1 anvil > scache unix - - y - 1 scache > postlogunix-dgram n - n - 1 postlogd > smtp inet n - - - - smtpd -o > content_filter=gpgit-pipe -o cleanup_service_name=subcleanup > submission inet n - n - - smtpd -o > syslog_name=postfix/submission -o smtpd_tls_security_level=encrypt -o > smtpd_sasl_auth_enable=yes -o > smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject > -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o > milter_macro_daemon_name=ORIGINATING -o smtpd_sasl_type=dovecot -o > smtpd_sasl_path=private/auth -o content_filter=gpgit-pipe -o > cleanup_service_name=subcleanup -o smtpd_enforce_tls=yes > smtps inet n - - - - smtpd -o > syslog_name=postfix/smtps -o smtpd_tls_wrappermode=yes -o > smtpd_sasl_auth_enable=yes -o > smtpd_client_restrictions=permit_sasl_authenticated,reject -o > milter_macro_daemon_name=ORIGINATING -o content_filter=gpgit-pipe -o > cleanup_service_name=subcleanup > dovecotunix - n n - - pipe flags=DRhu > user=email:email argv=/usr/lib/dovecot/deliver -f ${sender} -d ${recipient} > policy-spf unix - n n - - spawn user=nobody > argv=/usr/bin/policyd-spf > maildrop unix - n n - - pipe flags=DRhu > user=vmail argv=/usr/bin/maildrop -d ${recipient} > uucp unix - n n - - pipe flags=Fqhu > user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) > ifmail unix - n n - - pipe flags=F > user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) > bsmtp unix - n n - - pipe flags=Fq. > user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient > scalemail-backend unix - n n - 2 pipe flags=R > user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} > ${extension} > mailmanunix - n n - - pipe flags=FR > user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop} ${user} > amavis unix - - - - 2 smtp -o > smtp_send_xforward_command=yes -o smtp_tls_security_level=none -o > cleanup_service_name=subcleanup -o > receive_override_options=no_address_mappings > 127.0.0.1:10025 inet n - - - - smtpd -o > content_filter= -o receive_override_options=no_milters > gpgit-pipe unix - n n - - pipe flags=Rq > user=gpgit argv=/var/opt/gpgit/gpgit_postfix.sh -oi -f ${sender} ${recipient} > subcleanup unix n - - - 0 cleanup -o > header_checks=pcre:/etc/postfix/smtp_header_checks.pcre > >> On Jun 18, 2
Re: Move sent emails to sent folder?
Here is the output of postconf -M: Austin Witmer pickup unix n - y 60 1 pickup cleanupunix n - y - 0 cleanup qmgr unix n - n 300 1 qmgr tlsmgr unix - - y 1000? 1 tlsmgr rewriteunix - - y - - trivial-rewrite bounce unix - - y - 0 bounce defer unix - - y - 0 bounce trace unix - - y - 0 bounce verify unix - - y - 1 verify flush unix n - y 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - y - - smtp relay unix - - y - - smtp -o syslog_name=postfix/$service_name showq unix n - y - - showq error unix - - y - - error retry unix - - y - - error discardunix - - y - - discard local unix - n n - - local virtualunix - n n - - virtual lmtp unix - - y - - lmtp anvil unix - - y - 1 anvil scache unix - - y - 1 scache postlogunix-dgram n - n - 1 postlogd smtp inet n - - - - smtpd -o content_filter=gpgit-pipe -o cleanup_service_name=subcleanup submission inet n - n - - smtpd -o syslog_name=postfix/submission -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o milter_macro_daemon_name=ORIGINATING -o smtpd_sasl_type=dovecot -o smtpd_sasl_path=private/auth -o content_filter=gpgit-pipe -o cleanup_service_name=subcleanup -o smtpd_enforce_tls=yes smtps inet n - - - - smtpd -o syslog_name=postfix/smtps -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o milter_macro_daemon_name=ORIGINATING -o content_filter=gpgit-pipe -o cleanup_service_name=subcleanup dovecotunix - n n - - pipe flags=DRhu user=email:email argv=/usr/lib/dovecot/deliver -f ${sender} -d ${recipient} policy-spf unix - n n - - spawn user=nobody argv=/usr/bin/policyd-spf maildrop unix - n n - - pipe flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient} uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) ifmail unix - n n - - pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) bsmtp unix - n n - - pipe flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient scalemail-backend unix - n n - 2 pipe flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension} mailmanunix - n n - - pipe flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop} ${user} amavis unix - - - - 2 smtp -o smtp_send_xforward_command=yes -o smtp_tls_security_level=none -o cleanup_service_name=subcleanup -o receive_override_options=no_address_mappings 127.0.0.1:10025 inet n - - - - smtpd -o content_filter= -o receive_override_options=no_milters gpgit-pipe unix - n n - - pipe flags=Rq user=gpgit argv=/var/opt/gpgit/gpgit_postfix.sh -oi -f ${sender} ${recipient} subcleanup unix n - - - 0 cleanup -o header_checks=pcre:/etc/postfix/smtp_header_checks.pcre > On Jun 18, 2022, at 5:47 AM, Markus Winkler wrote: > > On 18.06.22 12:33, Gedalya wrote: >> On 6/17/22 22:18, Austin Witmer wrote: >>> For some reason I am now getting five duplicate emails placed in my sent >>> folder >> You want to apply this rule only once, perhaps on the way back in from >> amavisd. This can probably be accomplished by applying the sender_bcc_maps >> to a specific listener in master.cf, for the general idea see examples here: > > If it's a usual Amavis setup then there should be an additional smtpd process > listening on port 10026 for example. And there Austin could use: > > -o receive_over
Re: Move sent emails to sent folder?
I believe my client is using an iPhone to check mail on this address. The interesting thing is that it seems like apple mail clients don’t show the duplicate messages like thunderbird does. I don’t like the idea of the unnecessary emails piling up. Are you saying that doing a repair on a folder in thunderbird will delete the duplicate messages? Doing an ls /maildir/user/.Sent/cur folder shows the duplicate messages. It seems like postfix is bccing the outgoing message more than once somehow. Maybe I need to take this conversation over to the postfix mailing list? Austin Witmer > On Jun 17, 2022, at 11:21 AM, Christopher Wensink > wrote: > > What client is being used? > > For this kind of thing in Thunderbird we right click on the folder with > duplicates > properties > repair folder (button) > > > > On 6/17/2022 12:00 PM, Gedalya wrote: >> On 6/17/22 22:18, Austin Witmer wrote: >>> Now I’ve run into a bit of a problem . . . For some reason I am now getting >>> five duplicate emails placed in my sent folder! I have the email client I >>> am testing with set to not place a copy in the sent folder, so none of >>> those are being synced to my sent folder by my email client. >> Is it possible that the message is routed outwards and then in again somehow? >> >> Each time a message with the sender address user@domain comes in, the extra >> recipient will be added. You could easily get into a loop. >> >> > > -- > Christopher Wensink > IS Administrator > Five Star Plastics, Inc > 1339 Continental Drive > Eau Claire, WI 54701 > Office: 715-831-1682 > Mobile: 715-563-3112 > Fax: 715-831-6075 > cwens...@five-star-plastics.com > www.five-star-plastics.com
Re: Move sent emails to sent folder?
Now I’ve run into a bit of a problem . . . For some reason I am now getting five duplicate emails placed in my sent folder! I have the email client I am testing with set to not place a copy in the sent folder, so none of those are being synced to my sent folder by my email client. How do I ensure that the email only gets placed in my sent folder once? Thanks! Austin Witmer > On Jun 16, 2022, at 11:52 PM, Gedalya wrote: > > On 6/17/22 12:29, Austin Witmer wrote: >> Do I add this to my postfix main.cf file and what is the exact syntax? > Yes, e.g.: > sender_bcc_maps = hash:/etc/postfix/back-to-sent-folder > > /etc/postfix/back-to-sent-folder : (simple key-value) > user@domain user+sent@domain > > hash the file with: postmap back-to-sent-folder > this will create back-to-sent-folder.db which is what postfix will actually > look at > > >> Will this affect all users or just this user? > > The content of the file determines that. > > For details: https://www.postfix.org/postconf.5.html#sender_bcc_maps > > In this example, we have only one line affecting only one user. > > The data can be taken from other sources, including SQL database: > > https://www.postfix.org/DATABASE_README.html#types >
Re: Move sent emails to sent folder?
Thank you so much for the detailed info! I really appreciate it! I think I’ve got this working now how I want it. Austin Witmer > On Jun 16, 2022, at 11:52 PM, Gedalya wrote: > > On 6/17/22 12:29, Austin Witmer wrote: >> Do I add this to my postfix main.cf file and what is the exact syntax? > Yes, e.g.: > sender_bcc_maps = hash:/etc/postfix/back-to-sent-folder > > /etc/postfix/back-to-sent-folder : (simple key-value) > user@domain user+sent@domain > > hash the file with: postmap back-to-sent-folder > this will create back-to-sent-folder.db which is what postfix will actually > look at > > >> Will this affect all users or just this user? > > The content of the file determines that. > > For details: https://www.postfix.org/postconf.5.html#sender_bcc_maps > > In this example, we have only one line affecting only one user. > > The data can be taken from other sources, including SQL database: > > https://www.postfix.org/DATABASE_README.html#types >
Re: Move sent emails to sent folder?
See below. > On Jun 16, 2022, at 8:50 PM, Gedalya wrote: > > On 6/17/22 07:33, Austin Witmer wrote: >> Hello all! >> >> I have a server running dovecot & postfix. I have a user on my server who is >> sending email via smtp on an HP printer and because of that, a copy of the >> email is not placed in the sent folder like usually happens with clients >> like outlook and thunderbird. >> >> Is there any way to have the sent emails copied to the sent folder for just >> this user on my server? >> >> Thx! >> >> Austin Witmer > > On the postfix side, use sender_bcc_maps to add a user+sent@domain recipient. > This will send the message back as an incoming message to the user, with the > +sent address detail. Do I add this to my postfix main.cf file and what is the exact syntax? Will this affect all users or just this user? > > On the receiving end, use sieve to check for the +sent address detail, mark > as read and file into the Sent folder. I already have sieve set up, so this part should be easy. >
Move sent emails to sent folder?
Hello all! I have a server running dovecot & postfix. I have a user on my server who is sending email via smtp on an HP printer and because of that, a copy of the email is not placed in the sent folder like usually happens with clients like outlook and thunderbird. Is there any way to have the sent emails copied to the sent folder for just this user on my server? Thx! Austin Witmer
Re: Set up per user sieve rules
Thanks to all of you for your help! I finally was able to get this figured out. My per user sieve rules are now working. Austin Witmer > On Apr 10, 2022, at 10:20 PM, Austin Witmer wrote: > > Thanks to all of you for your tips. I am still struggling to process all of > this, but will keep working at it. > > Do you any of you know of a detailed tutorial on the net somewhere that would > explain how to set this up from a-z? > > Thanks again! > > Austin Witmer > >> On Apr 10, 2022, at 12:00 PM, hi@zakaria.website wrote: >> >> On 2022-04-10 00:00, Austin Witmer wrote: >>> Hello! >>> I am struggling to wrap my mind around how to set up sieve rules for my >>> individual users on my mail server. >>> I set up a global sieve script file at >>> "/var/lib/dovecot/sieve/default.sieve” and that works great. >>> My users maildirs are located at /mnt/volume1/mailserver/maildir/user. Do I >>> need to create a sieve script file inside of that folder for sieve scripts >>> to work on an individual basis? If so, what permissions will that script >>> file need? >>> Thanks in advance for your help! >>> Austin Witmer >> >> Hi there, >> >> You will need to configure ManageSieve in your 15-lda and 20-lmtp and create >> a service in 10-master and set sieve in dovecot.conf protocols. >> >> In 90-plugin make sure to use sieve_before and compile its file using sievec >> if you want default sieve for every user and test on it, >> >> If it worked then make sure there is personal modifiable one perhaps with >> User.sieve name and set with proper ownership settings given to LDA/LMTP >> user since its compiled when user receives an email, therefore refer to >> dovecot status or logs if there is permission issues. Lastly, you will have >> to create for it a symbolic link with .dovecot.sieve name referencing >> user.sieve personal file e.g. like the following:- >> >> ln -s .../%u/User.sieve .../%u/.dovecot.sieve. >> >> Refer to for more info >> https://wiki.dovecot.org/Pigeonhole/ManageSieve/Configuration >> >> Zakaria.
Re: Set up per user sieve rules
Thanks to all of you for your tips. I am still struggling to process all of this, but will keep working at it. Do you any of you know of a detailed tutorial on the net somewhere that would explain how to set this up from a-z? Thanks again! Austin Witmer > On Apr 10, 2022, at 12:00 PM, hi@zakaria.website wrote: > > On 2022-04-10 00:00, Austin Witmer wrote: >> Hello! >> I am struggling to wrap my mind around how to set up sieve rules for my >> individual users on my mail server. >> I set up a global sieve script file at >> "/var/lib/dovecot/sieve/default.sieve” and that works great. >> My users maildirs are located at /mnt/volume1/mailserver/maildir/user. Do I >> need to create a sieve script file inside of that folder for sieve scripts >> to work on an individual basis? If so, what permissions will that script >> file need? >> Thanks in advance for your help! >> Austin Witmer > > Hi there, > > You will need to configure ManageSieve in your 15-lda and 20-lmtp and create > a service in 10-master and set sieve in dovecot.conf protocols. > > In 90-plugin make sure to use sieve_before and compile its file using sievec > if you want default sieve for every user and test on it, > > If it worked then make sure there is personal modifiable one perhaps with > User.sieve name and set with proper ownership settings given to LDA/LMTP user > since its compiled when user receives an email, therefore refer to dovecot > status or logs if there is permission issues. Lastly, you will have to create > for it a symbolic link with .dovecot.sieve name referencing user.sieve > personal file e.g. like the following:- > > ln -s .../%u/User.sieve .../%u/.dovecot.sieve. > > Refer to for more info > https://wiki.dovecot.org/Pigeonhole/ManageSieve/Configuration > > Zakaria.
Re: Set up per user sieve rules
This is the contents of /etc/dovecot/conf.d/90-sieve.conf plugin { sieve = ~/.dovecot.sieve sieve_global_path = /var/lib/dovecot/sieve/default.sieve sieve_dir = ~/sieve sieve_global_dir = /var/lib/dovecot/sieve/ } Does that give any further insights? The contents of that file make me think that would work if I was using unix users in my mail server instead of virtual users. Is there something that I need change to make this work with virtual users? I am curious Shawn, what the contents of your /etc/dovecot/conf.d/90-sieve.conf file is? Thanks, Austin Witmer > On Apr 9, 2022, at 8:16 PM, Shawn Heisey wrote: > > On 4/9/2022 6:00 PM, Austin Witmer wrote: >> I am struggling to wrap my mind around how to set up sieve rules for my >> individual users on my mail server. >> >> I set up a global sieve script file at >> "/var/lib/dovecot/sieve/default.sieve” and that works great. >> >> My users maildirs are located at /mnt/volume1/mailserver/maildir/user. Do I >> need to create a sieve script file inside of that folder for sieve scripts >> to work on an individual basis? If so, what permissions will that script >> file need? >> >> Thanks in advance for your help! > > I've got the user database for dovecot in a MySQL database managed by > phpmyadmin. > > This is what can be found as far as files and permissions for my email user's > sieve setup: > > https://paste.elyograg.org/view/8442b4d0 > > I use the managesieve plugin for roundcube to handle changes to my sieve > script. At least I think that's what the plugin is called. I set it up a > LONG time ago. Most of the time I access mail with Thunderbird. This is my > doveconf -n output: > > https://paste.elyograg.org/view/08536e83 > > If somebody sees something I should change in my config, please tell me. I > am not an expert. > > Thanks, > Shawn
Re: Set up per user sieve rules
Thanks Shawn for your reply. I am a novice at this as well! I should clarify that I have my user database in PostgreSQL. The maildirs are at /mnt/volume1/mailserver/plain/maildir/austin See below. What am I doing wrong? austin@mail:/mnt/volume1/mailserver/plain/maildir/austin$ ls -la total 176 drwx-- 11 austin austin 4096 Apr 10 03:13 . drwx-- 6 austin austin 4096 Apr 9 03:03 .. drwx-- 5 austin austin 4096 Apr 10 00:07 .Codeblocks drwx-- 5 austin austin 4096 Apr 9 16:52 .Drafts drwx-- 5 austin austin 4096 Apr 10 00:41 .Sent drwx-- 5 austin austin 4096 Apr 9 22:18 .Trash lrwxrwxrwx 1 austin austin18 Apr 10 03:13 .dovecot.sieve -> sieve/austin.sieve drwx-- 5 austin austin 4096 Apr 9 23:56 .test drwx-- 2 austin austin 4096 Apr 10 03:09 cur -rw--- 1 austin austin31 Apr 5 17:35 dovecot-keywords -rw--- 1 austin austin 1631 Apr 10 03:08 dovecot-uidlist -rw--- 1 austin austin 8 Apr 9 23:03 dovecot-uidvalidity -r--r--r-- 1 austin austin 0 Apr 3 23:14 dovecot-uidvalidity.624a2a76 -rw--- 1 austin austin 1040 Apr 10 03:03 dovecot.index -rw--- 1 austin austin 25860 Apr 10 03:08 dovecot.index.cache -rw--- 1 austin austin 10804 Apr 10 03:09 dovecot.index.log -rw--- 1 austin austin 32852 Apr 10 00:05 dovecot.index.log.2 -rw--- 1 austin austin 888 Apr 10 00:04 dovecot.list.index -rw--- 1 austin austin 1340 Apr 10 03:03 dovecot.list.index.log -rw--- 1 austin austin 8292 Apr 9 23:56 dovecot.list.index.log.2 -rw--- 1 austin austin 120 Apr 9 23:03 dovecot.mailbox.log -rw--- 1 austin austin 0 Apr 3 23:14 maildirfolder drwx-- 2 austin austin 4096 Apr 10 03:09 new drwxrwxr-x 2 austin austin 4096 Apr 10 03:13 sieve -rw--- 1 austin austin39 Apr 9 23:03 subscriptions drwx-- 2 austin austin 4096 Apr 10 03:08 tmp Can anyone else chip in here to help me out? Thanks so much! Austin Witmer > On Apr 9, 2022, at 8:16 PM, Shawn Heisey wrote: > > On 4/9/2022 6:00 PM, Austin Witmer wrote: >> I am struggling to wrap my mind around how to set up sieve rules for my >> individual users on my mail server. >> >> I set up a global sieve script file at >> "/var/lib/dovecot/sieve/default.sieve” and that works great. >> >> My users maildirs are located at /mnt/volume1/mailserver/maildir/user. Do I >> need to create a sieve script file inside of that folder for sieve scripts >> to work on an individual basis? If so, what permissions will that script >> file need? >> >> Thanks in advance for your help! > > I've got the user database for dovecot in a MySQL database managed by > phpmyadmin. > > This is what can be found as far as files and permissions for my email user's > sieve setup: > > https://paste.elyograg.org/view/8442b4d0 > > I use the managesieve plugin for roundcube to handle changes to my sieve > script. At least I think that's what the plugin is called. I set it up a > LONG time ago. Most of the time I access mail with Thunderbird. This is my > doveconf -n output: > > https://paste.elyograg.org/view/08536e83 > > If somebody sees something I should change in my config, please tell me. I > am not an expert. > > Thanks, > Shawn
Set up per user sieve rules
Hello! I am struggling to wrap my mind around how to set up sieve rules for my individual users on my mail server. I set up a global sieve script file at "/var/lib/dovecot/sieve/default.sieve” and that works great. My users maildirs are located at /mnt/volume1/mailserver/maildir/user. Do I need to create a sieve script file inside of that folder for sieve scripts to work on an individual basis? If so, what permissions will that script file need? Thanks in advance for your help! Austin Witmer
Re: Sv: Force clients to use pgp encryption when sending email?
Thank a bunch for the suggestions. I really appreciate the help. On 12/8/2021 1:17 AM, Sebastian Nielsen wrote: Another solution is to use for example Ciphermail to automatically encrypt mail server-side. In this way you don't need to reject non-encrypted mail, you can just make sure it gets encrypted before it leaves premises. -Ursprungligt meddelande- Från: dovecot-boun...@dovecot.org För Austin Witmer Skickat: den 8 december 2021 07:15 Till: dove...@ptld.com; dovecot@dovecot.org Ämne: Re: Force clients to use pgp encryption when sending email? Thanks for that info! It’s just what I needed! On Dec 7, 2021, at 8:35 PM, dove...@ptld.com wrote: Basically I want the server to check if the message being sent is encrypted with OpenGPG and either proceed or reject the message based on that criteria. Postfix is your submission service so i think best to look that direction. If there is a header you can check for (if the header exist then allow sending) then postfix has header checks regexp/pcre that would be simple enough to setup. On the more complex side, postfix also supports policy servers you can write as a script (php, perl, python, etc) or you can go full on milter. http://www.postfix.org/header_checks.5.html http://www.postfix.org/SMTPD_POLICY_README.html http://www.postfix.org/postconf.5.html#non_smtpd_milters
Re: Force clients to use pgp encryption when sending email?
Thanks for that info! It’s just what I needed! > On Dec 7, 2021, at 8:35 PM, dove...@ptld.com wrote: > > >> >> Basically I want the server to check if the message being sent is encrypted >> with OpenGPG and either proceed or reject the message based on that criteria. > > > Postfix is your submission service so i think best to look that direction. If > there is a header you can check for (if the header exist then allow sending) > then postfix has header checks regexp/pcre that would be simple enough to > setup. > > On the more complex side, postfix also supports policy servers you can write > as a script (php, perl, python, etc) or you can go full on milter. > > > http://www.postfix.org/header_checks.5.html > http://www.postfix.org/SMTPD_POLICY_README.html > http://www.postfix.org/postconf.5.html#non_smtpd_milters
Force clients to use pgp encryption when sending email?
Hello all! I am looking for a way to force imap clients to encrypt their messages with the public keys of the recipients before sending them. Would a post-login script in dovecot work for something like this? I am using postfix and dovecot on my mail server. Basically I want the server to check if the message being sent is encrypted with OpenGPG and either proceed or reject the message based on that criteria. If the message is rejected, the user could then encrypt the outgoing email message with the recipient public key and try again. Does anybody have a suggestion on how to implement something like this? Would there be a way that the the client software (thunderbird) could show an alert asking the user to encrypt the message and then attempt to resend the message? I realize that you can tell a client (like thunderbird) to automatically encrypt outgoing messages with pgp but I would like to have some way to enforce that policy at the server level before the email is sent. I want to have all messages end-to-end encrypted, hence my desire for functionality like this. Any suggestions are welcome. Thanks in advance for your help!