Re: disable pop3 ports? (success)
Changing the ports to = 0 did the trick. Nothing is listening on or 995 now. Thanks for your help, all! -- Dan Egli From my Test Server OpenPGP_0x11B7451DF2015959.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
Re: disable pop3 ports?
Nice idea, but I don't use Systemd. This is a Gentoo system with SELinux
and Gentoo's Selinux policies conflict with Systemd.
On 5/4/2021 12:53 PM, Sven Strickroth wrote:
Hi,
I experienced the same issue in the past.
For me it was a systemd issue. In systemd
() all ports were listed so that
systemd listens on these.
I solved it by placing the following content in
:
--- snip ---
[Unit]
Description=Dovecot IMAP/POP3 email server activation socket
[Socket]
#dovecot expects separate IPv4 and IPv6 sockets
BindIPv6Only=ipv6-only
ListenStream=0.0.0.0:993
ListenStream=[::]:993
KeepAlive=true
[Install]
WantedBy=sockets.target
--- snip ---
best,
Sven
Am 04.05.2021 um 12:14 schrieb Aki Tuomi:
On 04/05/2021 12:40 Dan Egli wrote:
On 5/4/2021 3:18 AM, Christian Kivalo wrote:
On 2021-05-04 10:29, Dan Egli wrote:
For gentoo, there is only one package. And here's your output:
# 2.3.13 (89f716dc2): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.13 (cdd19fe3)
# OS: Linux 5.11.16-gentoo-x86_64 x86_64 Gentoo Base System release
2.7 xfs
# Hostname: jupiter.newideatest.site
and yet if I do doveconf protocols:
# doveconf protocols
protocols = imap pop3 lmtp
In dovecot.conf i have a line that enables the protocols.
# Enable installed protocols
!include_try /usr/share/dovecot/protocols.d/*.protocol
This is on debian where every protocol is a separate package to
install.
This could also just be:
protocols = imap lmtp pop3
Remove pop3 from there and you should be good. You can even have the
config in place.
The other option to disable the pop3 listeners is to set the port =
0
From 10-master.conf (when using split config files)
service pop3-login {
inet_listener pop3 {
port = 0
}
inet_listener pop3s {
port = 0
ssl = yes
}
}
This disables pop3 listeners even when the pop3 protocol is enabled.
I would have thought that commenting them out would do that too. But I
can uncomment them and add a port = 0, see if that helps.
--
Dan Egli
From my Test Server
Hi!
To correctly enable/disable protocols, ensure they are (not) listed on
protocols.
doveconf protocols
tells you this.
Usually on debian based systems the easiest way is to uninstall
`dovecot-pop3d` package.
Aki
--
Dan Egli
From my Test Server
OpenPGP_0x11B7451DF2015959.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
Re: disable pop3 ports?
On 5/4/2021 4:14 AM, Aki Tuomi wrote: Hi! To correctly enable/disable protocols, ensure they are (not) listed on protocols. doveconf protocols tells you this. Usually on debian based systems the easiest way is to uninstall `dovecot-pop3d` package. Aki Aki, That's what I'm saying. The only place pop3 IS listed is in doveconf protocols. I'm going to try settiing the ports to 0 and see if that does the trick. And for those who keep mentioning the firewall, understand that I'm beyond security paranoid. Simply blocking at the firewall is not enough. I want to ensure that NO ONE is listening on that port, even if it's just localhost. -- Dan Egli From my Test Server OpenPGP_0x11B7451DF2015959.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
Re: disable pop3 ports?
On 5/4/2021 3:18 AM, Christian Kivalo wrote:
On 2021-05-04 10:29, Dan Egli wrote:
For gentoo, there is only one package. And here's your output:
# 2.3.13 (89f716dc2): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.13 (cdd19fe3)
# OS: Linux 5.11.16-gentoo-x86_64 x86_64 Gentoo Base System release
2.7 xfs
# Hostname: jupiter.newideatest.site
and yet if I do doveconf protocols:
# doveconf protocols
protocols = imap pop3 lmtp
In dovecot.conf i have a line that enables the protocols.
# Enable installed protocols
!include_try /usr/share/dovecot/protocols.d/*.protocol
This is on debian where every protocol is a separate package to install.
This could also just be:
protocols = imap lmtp pop3
Remove pop3 from there and you should be good. You can even have the
config in place.
The other option to disable the pop3 listeners is to set the port = 0
From 10-master.conf (when using split config files)
service pop3-login {
inet_listener pop3 {
port = 0
}
inet_listener pop3s {
port = 0
ssl = yes
}
}
This disables pop3 listeners even when the pop3 protocol is enabled.
I would have thought that commenting them out would do that too. But I
can uncomment them and add a port = 0, see if that helps.
--
Dan Egli
From my Test Server
OpenPGP_0x11B7451DF2015959.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
Re: disable pop3 ports?
For gentoo, there is only one package. And here's your output:
# 2.3.13 (89f716dc2): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.13 (cdd19fe3)
# OS: Linux 5.11.16-gentoo-x86_64 x86_64 Gentoo Base System release 2.7 xfs
# Hostname: jupiter.newideatest.site
auth_debug = yes
auth_mechanisms = plain login
auth_socket_path = /run/dovecot/auth-userdb
auth_verbose = yes
debug_log_path = /var/log/dovecot/debug.log
default_vsz_limit = 1 G
disable_plaintext_auth = no
first_valid_uid = 114
hostname = jupiter.newideatest.site
info_log_path = /var/log/dovecot/info.log
log_path = /var/log/dovecot/error.log
mail_debug = yes
mail_gid = exim4u
mail_location =
maildir:/var/mail/%d/%n/Maildir:INDEX=/var/mail/indexes/%d/%1n/%n
mail_plugins = fts
mail_privileged_group = mail
mail_server_admin =
mail_uid = exim4u
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date index ihave duplicate mime foreverypart
extracttext imapsieve vnd.dovecot.imapsieve
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
}
passdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
passdb {
args = /etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
plugin {
fts_autoindex = yes
fts_autoindex_exclude = \Junk
fts_autoindex_exclude2 = \Trash
fts_autoindex_exclude3 = \Drafts
fts_autoindex_exclude4 = \Spam
fts_enforced = yes
imapsieve_mailbox1_before = file:/var/lib/dovecot/sieve/report-spam.sieve
imapsieve_mailbox1_causes = COPY
imapsieve_mailbox1_name = Spam
imapsieve_mailbox2_before = file:/var/lib/dovecot/sieve/report-ham.sieve
imapsieve_mailbox2_causes = COPY
imapsieve_mailbox2_from = Spam
imapsieve_mailbox2_name = *
plugin = fts managesieve sieve
sieve = file:%h/sieve;active=%h/.dovecot.sieve
sieve_Dir = ~/sieve
sieve_execute_bin_dir = /usr/lib/dovecot/sieve-execute
sieve_filter_bin_dir = /usr/lib/dovecot/sieve-filter
sieve_global_dir = /var/lib/dovecot/sieve/
sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.environment
sieve_global_path = /var/lib/dovecot/sieve/default.sieve
sieve_pipe_bin_dir = /var/lib/dovecot/sieve
sieve_plugins = sieve_imapsieve sieve_extprograms
}
postmaster_address = postmas...@newideatest.site
service auth {
unix_listener auth-client {
mode = 0600
user = exim4u
}
unix_listener auth-userdb {
group = exim4u
mode = 0777
user = exim4u
}
}
service lmtp {
unix_listener /var/spool/exim/dovecot-lmtp/lmtp {
group = exim4u
mode = 0660
user = exim4u
}
}
service managesieve-login {
inet_listener sieve {
port = 4190
}
}
service stats {
unix_listener stats-reader {
mode = 0777
user = exim4u
}
unix_listener stats-writer {
mode = 0777
user = exim4u
}
}
service submission-login {
inet_listener submission {
port = 2587
}
}
ssl_cert =
On 2021-05-04 10:20, Dan Egli wrote:
Already did all of that. like I said, EVERY instance of pop3 in the
entire config set is commented out.
Then please post the output of doveconf -n. Seems there is still
something left.
The list of installed dovecot packages would also be help.
--
Dan Egli
From my Test Server
OpenPGP_0x11B7451DF2015959.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
Re: disable pop3 ports?
I'm using Gentoo. They do not have separate packages for dovecot. It's
all under one roof so to speak. And I checked. doveconf protocols DOES
list pop3, but according to grep it's commented out EVERYWHERE!
# grep pop3 *
10-director.conf:#service pop3-login {
10-director.conf: #executable = pop3-login director
10-mail.conf:# pop3_uidl_format=%m. For backwards compatibility we use
apop3d inspired
10-mail.conf:#mbox_md5 = apop3d
10-master.conf:#service pop3-login {
10-master.conf:# inet_listener pop3 {
10-master.conf:# inet_listener pop3s {
10-master.conf:#completely disable pop3
10-master.conf:#service pop3 {
20-pop3.conf:#pop3_no_flag_updates = no
20-pop3.conf:#pop3_enable_last = no
20-pop3.conf:#pop3_reuse_xuidl = no
20-pop3.conf:#pop3_lock_session = no
20-pop3.conf:#pop3_fast_size_lookups = no
20-pop3.conf:# UW's ipop3d : %08Xv%08Xu
20-pop3.conf:# tpop3d : %Mf
20-pop3.conf:#pop3_uidl_format = %08Xu%08Xv
20-pop3.conf:# Permanently save UIDLs sent to POP3 clients, so
pop3_uidl_format changes
20-pop3.conf:#pop3_save_uidl = no
20-pop3.conf:#pop3_uidl_duplicates = allow
20-pop3.conf:#pop3_deleted_flag =
20-pop3.conf:#pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s
20-pop3.conf:#pop3_client_workarounds =
20-pop3.conf:#protocol pop3 {
This is PRECISELY why I'm confused. As you can see there is no
uncommented pop3 in the config files, but doveconf protocols shows imap,
lmtp, AND pop3
On 5/4/2021 2:18 AM, Jean-Daniel wrote:
Not sure what distribution you are using, but some distributions provide
distincts package for dovecot-pop, so removing it may be enough.
This package main purpose it to install a file in /usr/share/dovecot/protocols.d/
which is then imported in the config by a line like "!include_try
/usr/share/dovecot/protocols.d/*.protocol »
Also, make sure "doveconf protocols" does not include pop3
Presence of service pop3-login, service pop3 in config should not be enough to
start listening on pop3 ports.
Le 4 mai 2021 à 06:40, Dan Egli a écrit :
I admit I don't quite understand dovecot's config yet, but this is driving me batty. I was looking at my server and noticed that dovecot was listening on the pop3 ports (110/TCP). Since I do not use pop3 at all, nor does anyone who has ever or ever will connect to the server, that seems like a needless waste. So I went through the config files and commented out every reference to pop3 in them. But when I restart dovecot, it STILL opens a listener on 110. How do I fix this? The ONLY external ports I want
dovecot listening to are imap4 and imap4s.
Thanks!
--
Dan Egli
From my Test Server
--
Dan Egli
From my Test Server
OpenPGP_0x11B7451DF2015959.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
Re: disable pop3 ports?
Already did all of that. like I said, EVERY instance of pop3 in the entire config set is commented out. On 5/4/2021 1:12 AM, Marc wrote: maybe remove pop3 from protocols, remove service pop3-login, service pop3? I admit I don't quite understand dovecot's config yet, but this is driving me batty. I was looking at my server and noticed that dovecot was listening on the pop3 ports (110/TCP). Since I do not use pop3 at all, nor does anyone who has ever or ever will connect to the server, that seems like a needless waste. So I went through the config files and commented out every reference to pop3 in them. But when I restart dovecot, it STILL opens a listener on 110. How do I fix this? The ONLY external ports I want dovecot listening to are imap4 and imap4s. Thanks! -- Dan Egli From my Test Server OpenPGP_0x11B7451DF2015959.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
disable pop3 ports?
I admit I don't quite understand dovecot's config yet, but this is driving me batty. I was looking at my server and noticed that dovecot was listening on the pop3 ports (110/TCP). Since I do not use pop3 at all, nor does anyone who has ever or ever will connect to the server, that seems like a needless waste. So I went through the config files and commented out every reference to pop3 in them. But when I restart dovecot, it STILL opens a listener on 110. How do I fix this? The ONLY external ports I want dovecot listening to are imap4 and imap4s. Thanks! -- Dan Egli From my Test Server OpenPGP_0x11B7451DF2015959.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
Re: Sieve daemon errors? (Part 1 of 2, Pt 2 to follow when Pt 1 resolved)
Thanks. That did indeed fix the situation. So I can declare Part 1 resolved. Let's see if it also resolved part two. 😁 On 5/1/2021 9:46 AM, Arjen de Korte wrote: Citeren Dan Egli : Still haven't heard back on why 4190 isn't being listened to. I put the entire /etc/dovecot/conf.d directory into https://www.newideatest.site/dovecot, so feel free to look at the configs and see if you can figure out why the sieve listener isn't running. You messed up your 20-managesieve.conf. You should only have to follow the below instruction to get the sieve listener running: # Uncomment to enable managesieve protocol: #protocols = $protocols sieve So restore the original (it looks like it is in 20-managesieve.conf.ucf-dist) an just uncomment the one line that is mentioned above so that it reads # Uncomment to enable managesieve protocol: protocols = $protocols sieve -- Dan Egli From my Test Server OpenPGP_0x11B7451DF2015959.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
Re: Sieve daemon errors? (Part 1 of 2, Pt 2 to follow when Pt 1 resolved)
Still haven't heard back on why 4190 isn't being listened to. I put the
entire /etc/dovecot/conf.d directory into
https://www.newideatest.site/dovecot, so feel free to look at the
configs and see if you can figure out why the sieve listener isn't running.
On 5/1/2021 1:14 AM, Dan Egli wrote:
So I see. THAT part is fixed. But now when I restart dovecot, NOTHING
is listening on 4190. So how to I tell dovecot to listen on 4190 with
the sieve daemon?
On 5/1/2021 12:53 AM, dove...@steve.wattlink.net wrote:
Exactly as I suspected:
> service lmtp {
> inet_listener lmtp {
> address = 127.0.0.1
> port = 4190
> }
> }
As for why it looks that way? Dunno. Check conf.d/20-lmtp.conf.
That doesn’t make sense.
--
Steve Watt KD6GGD PP-ASEL-IA factories.words.yappy
Don't let your schooling get in the way of your education.
*From:* Dan Egli
*Sent:* Friday, April 30, 2021 23:50
*To:* st...@watt.com; dovecot@dovecot.org
*Subject:* Re: Sieve daemon errors? (Part 1 of 2, Pt 2 to follow when
Pt 1 resolved)
Ask and ye shall receive: # dovecot -n
# 2.3.13 (89f716dc2): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.13 (cdd19fe3)
# OS: Linux 5.11.16-gentoo-x86_64 x86_64 Gentoo Base System release
2.7 xfs
# Hostname: jupiter.newideatest.site
auth_debug = yes
auth_mechanisms = plain login
auth_socket_path = /run/dovecot/auth-userdb
auth_verbose = yes
debug_log_path = /var/log/dovecot/debug.log
default_vsz_limit = 1 G
disable_plaintext_auth = no
first_valid_uid = 114
hostname = jupiter.newideatest.site
info_log_path = /var/log/dovecot/info.log
log_path = /var/log/dovecot/error.log
mail_debug = yes
mail_gid = exim4u
mail_location =
maildir:/var/mail/%d/%n/Maildir:INDEX=/var/mail/indexes/%d/%1n/% n
mail_plugins = fts
mail_privileged_group = mail
mail_server_admin =
mail_uid = exim4u
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacati on subaddress comparator-i;ascii-numeric
relational regex imap4flags copy includ e variables body enotify
environment mailbox date index ihave duplicate mime for everypart
extracttext imapsieve vnd.dovecot.imapsieve
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
}
passdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
passdb {
args = /etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
plugin {
fts_autoindex = yes
fts_autoindex_exclude = \Junk
fts_autoindex_exclude2 = \Trash
fts_autoindex_exclude3 = \Drafts
fts_autoindex_exclude4 = \Spam
fts_enforced = yes
imapsieve_mailbox1_before =
file:/var/lib/dovecot/sieve/report-spam.sieve
imapsieve_mailbox1_causes = COPY
imapsieve_mailbox1_name = Spam
imapsieve_mailbox2_before =
file:/var/lib/dovecot/sieve/report-ham.sieve
imapsieve_mailbox2_causes = COPY
imapsieve_mailbox2_from = Spam
imapsieve_mailbox2_name = *
plugin = fts managesieve sieve
sieve = file:%h/sieve;active=%h/.dovecot.sieve
sieve_Dir = ~/sieve
sieve_execute_bin_dir = /usr/lib/dovecot/sieve-execute
sieve_filter_bin_dir = /usr/lib/dovecot/sieve-filter
sieve_global_dir = /var/lib/dovecot/sieve/
sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.environment
sieve_global_path = /var/lib/dovecot/sieve/default.sieve
sieve_pipe_bin_dir = /var/lib/dovecot/sieve
sieve_plugins = sieve_imapsieve sieve_extprograms
}
postmaster_address = postmas...@newideatest.site
<mailto:postmas...@newideatest.site>
service auth {
unix_listener auth-client {
mode = 0600
user = exim4u
}
unix_listener auth-userdb {
group = exim4u
mode = 0777
user = exim4u
}
}
service lmtp {
inet_listener lmtp {
address = 127.0.0.1
port = 4190
}
}
service managesieve-login {
inet_listener sieve {
port = 4190
}
process_min_avail = 0
service_count = 1
vsz_limit = 64 M
}
service managesieve {
process_limit = 1024
}
service stats {
unix_listener stats-reader {
mode = 0777
user = exim4u
}
unix_listener stats-writer {
mode = 0777
user = exim4u
}
}
service submission-login {
inet_listener submission {
port = 2587
}
}
ssl_cert = postmaster_address = postmas...@newideatest.site
<mailto:postmas...@newideatest.site>
}
protocol lda {
info_log_path = /var/log/dovecot/lda.log
log_path = /var/log/dovecot/lda-errors.log
mail_plugins = fts sieve sieve
}
protocol imap {
mail_plugins = fts imap_sieve
}
protocol sieve {
info_log_path = /var/log/dovecot/sieve.log
log_path = /var/log/dovecot/sieve-errors.log
managesieve_implementation_string = Dovecot
managesieve_max_compile_errors = 5
managesieve_max_line_length = 64 k
}
j
On 5/1/2021 12:44 AM, Stev
Re: Sieve daemon errors? (Part 1 of 2, Pt 2 to follow when Pt 1 resolved)
So I see. THAT part is fixed. But now when I restart dovecot, NOTHING is
listening on 4190. So how to I tell dovecot to listen on 4190 with the
sieve daemon?
On 5/1/2021 12:53 AM, dove...@steve.wattlink.net wrote:
Exactly as I suspected:
> service lmtp {
> inet_listener lmtp {
> address = 127.0.0.1
> port = 4190
> }
> }
As for why it looks that way? Dunno. Check conf.d/20-lmtp.conf. That
doesn’t make sense.
--
Steve Watt KD6GGD PP-ASEL-IA factories.words.yappy
Don't let your schooling get in the way of your education.
*From:* Dan Egli
*Sent:* Friday, April 30, 2021 23:50
*To:* st...@watt.com; dovecot@dovecot.org
*Subject:* Re: Sieve daemon errors? (Part 1 of 2, Pt 2 to follow when
Pt 1 resolved)
Ask and ye shall receive: # dovecot -n
# 2.3.13 (89f716dc2): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.13 (cdd19fe3)
# OS: Linux 5.11.16-gentoo-x86_64 x86_64 Gentoo Base System release
2.7 xfs
# Hostname: jupiter.newideatest.site
auth_debug = yes
auth_mechanisms = plain login
auth_socket_path = /run/dovecot/auth-userdb
auth_verbose = yes
debug_log_path = /var/log/dovecot/debug.log
default_vsz_limit = 1 G
disable_plaintext_auth = no
first_valid_uid = 114
hostname = jupiter.newideatest.site
info_log_path = /var/log/dovecot/info.log
log_path = /var/log/dovecot/error.log
mail_debug = yes
mail_gid = exim4u
mail_location =
maildir:/var/mail/%d/%n/Maildir:INDEX=/var/mail/indexes/%d/%1n/% n
mail_plugins = fts
mail_privileged_group = mail
mail_server_admin =
mail_uid = exim4u
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacati on subaddress comparator-i;ascii-numeric
relational regex imap4flags copy includ e variables body enotify
environment mailbox date index ihave duplicate mime for everypart
extracttext imapsieve vnd.dovecot.imapsieve
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
}
passdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
passdb {
args = /etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
plugin {
fts_autoindex = yes
fts_autoindex_exclude = \Junk
fts_autoindex_exclude2 = \Trash
fts_autoindex_exclude3 = \Drafts
fts_autoindex_exclude4 = \Spam
fts_enforced = yes
imapsieve_mailbox1_before =
file:/var/lib/dovecot/sieve/report-spam.sieve
imapsieve_mailbox1_causes = COPY
imapsieve_mailbox1_name = Spam
imapsieve_mailbox2_before =
file:/var/lib/dovecot/sieve/report-ham.sieve
imapsieve_mailbox2_causes = COPY
imapsieve_mailbox2_from = Spam
imapsieve_mailbox2_name = *
plugin = fts managesieve sieve
sieve = file:%h/sieve;active=%h/.dovecot.sieve
sieve_Dir = ~/sieve
sieve_execute_bin_dir = /usr/lib/dovecot/sieve-execute
sieve_filter_bin_dir = /usr/lib/dovecot/sieve-filter
sieve_global_dir = /var/lib/dovecot/sieve/
sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.environment
sieve_global_path = /var/lib/dovecot/sieve/default.sieve
sieve_pipe_bin_dir = /var/lib/dovecot/sieve
sieve_plugins = sieve_imapsieve sieve_extprograms
}
postmaster_address = postmas...@newideatest.site
<mailto:postmas...@newideatest.site>
service auth {
unix_listener auth-client {
mode = 0600
user = exim4u
}
unix_listener auth-userdb {
group = exim4u
mode = 0777
user = exim4u
}
}
service lmtp {
inet_listener lmtp {
address = 127.0.0.1
port = 4190
}
}
service managesieve-login {
inet_listener sieve {
port = 4190
}
process_min_avail = 0
service_count = 1
vsz_limit = 64 M
}
service managesieve {
process_limit = 1024
}
service stats {
unix_listener stats-reader {
mode = 0777
user = exim4u
}
unix_listener stats-writer {
mode = 0777
user = exim4u
}
}
service submission-login {
inet_listener submission {
port = 2587
}
}
ssl_cert = postmaster_address = postmas...@newideatest.site
<mailto:postmas...@newideatest.site>
}
protocol lda {
info_log_path = /var/log/dovecot/lda.log
log_path = /var/log/dovecot/lda-errors.log
mail_plugins = fts sieve sieve
}
protocol imap {
mail_plugins = fts imap_sieve
}
protocol sieve {
info_log_path = /var/log/dovecot/sieve.log
log_path = /var/log/dovecot/sieve-errors.log
managesieve_implementation_string = Dovecot
managesieve_max_compile_errors = 5
managesieve_max_line_length = 64 k
}
j
On 5/1/2021 12:44 AM, Steve Watt wrote:
From a little bit of poking around in the source, I wonder if you
somehow have the LMTP listener running on the sieve port.
The output of doveconf -n will help more than just the
90-sieve.conf. Also check the dovecot log; I found it helpful
(once I figured out how to configure
Re: Sieve daemon errors? (Part 1 of 2, Pt 2 to follow when Pt 1 resolved)
Ask and ye shall receive: # dovecot -n
# 2.3.13 (89f716dc2): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.13 (cdd19fe3)
# OS: Linux 5.11.16-gentoo-x86_64 x86_64 Gentoo Base System release 2.7 xfs
# Hostname: jupiter.newideatest.site
auth_debug = yes
auth_mechanisms = plain login
auth_socket_path = /run/dovecot/auth-userdb
auth_verbose = yes
debug_log_path = /var/log/dovecot/debug.log
default_vsz_limit = 1 G
disable_plaintext_auth = no
first_valid_uid = 114
hostname = jupiter.newideatest.site
info_log_path = /var/log/dovecot/info.log
log_path = /var/log/dovecot/error.log
mail_debug = yes
mail_gid = exim4u
mail_location =
maildir:/var/mail/%d/%n/Maildir:INDEX=/var/mail/indexes/%d/%1n/% n
mail_plugins = fts
mail_privileged_group = mail
mail_server_admin =
mail_uid = exim4u
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacati on subaddress comparator-i;ascii-numeric
relational regex imap4flags copy includ e variables body enotify
environment mailbox date index ihave duplicate mime for everypart
extracttext imapsieve vnd.dovecot.imapsieve
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
}
passdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
passdb {
args = /etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
plugin {
fts_autoindex = yes
fts_autoindex_exclude = \Junk
fts_autoindex_exclude2 = \Trash
fts_autoindex_exclude3 = \Drafts
fts_autoindex_exclude4 = \Spam
fts_enforced = yes
imapsieve_mailbox1_before = file:/var/lib/dovecot/sieve/report-spam.sieve
imapsieve_mailbox1_causes = COPY
imapsieve_mailbox1_name = Spam
imapsieve_mailbox2_before = file:/var/lib/dovecot/sieve/report-ham.sieve
imapsieve_mailbox2_causes = COPY
imapsieve_mailbox2_from = Spam
imapsieve_mailbox2_name = *
plugin = fts managesieve sieve
sieve = file:%h/sieve;active=%h/.dovecot.sieve
sieve_Dir = ~/sieve
sieve_execute_bin_dir = /usr/lib/dovecot/sieve-execute
sieve_filter_bin_dir = /usr/lib/dovecot/sieve-filter
sieve_global_dir = /var/lib/dovecot/sieve/
sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.environment
sieve_global_path = /var/lib/dovecot/sieve/default.sieve
sieve_pipe_bin_dir = /var/lib/dovecot/sieve
sieve_plugins = sieve_imapsieve sieve_extprograms
}
postmaster_address = postmas...@newideatest.site
service auth {
unix_listener auth-client {
mode = 0600
user = exim4u
}
unix_listener auth-userdb {
group = exim4u
mode = 0777
user = exim4u
}
}
service lmtp {
inet_listener lmtp {
address = 127.0.0.1
port = 4190
}
}
service managesieve-login {
inet_listener sieve {
port = 4190
}
process_min_avail = 0
service_count = 1
vsz_limit = 64 M
}
service managesieve {
process_limit = 1024
}
service stats {
unix_listener stats-reader {
mode = 0777
user = exim4u
}
unix_listener stats-writer {
mode = 0777
user = exim4u
}
}
service submission-login {
inet_listener submission {
port = 2587
}
}
ssl_cert =
From a little bit of poking around in the source, I wonder if you
somehow have the LMTP listener running on the sieve port.
The output of doveconf -n will help more than just the 90-sieve.conf.
Also check the dovecot log; I found it helpful (once I figured out how
to configure it) with debugging.
[ Apologies for top post; brain-damaged MUA in use. ]
--
Steve Watt KD6GGD PP-ASEL-IA factories.words.yappy
Don't let your schooling get in the way of your education.
*From:* dovecot *On Behalf Of *Dan Egli
*Sent:* Friday, April 30, 2021 23:13
*To:* dovecot@dovecot.org
*Subject:* Sieve daemon errors? (Part 1 of 2, Pt 2 to follow when Pt 1
resolved)
Folks, I am still trying to get help here. Let me re-state what is
going on. I have a webmail program (SOGo) that connects to the Dovecot
sieve system to handle things like mail filters and what not. That way
dovecot's lda program can move things where they belong. So I went
through the config files, and found the places where I need to enable
sieve (this is in Gentoo Linux, by the way). Now, when dovecot starts
I do see a listener on the sieve port on localhost:
#netstat -tl | grep sieve
tcp 0 0 localhost:sieve 0.0.0.0:* LISTEN
And when I telnet to the port, it does connect. But it doesn't say much.
telnet localhost sieve
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 jupiter.newideatest.site Dovecot ready.
Yet every example I see online is showing a HECK of a lot more than
this. So what's up? Anyone got any idea what I did wrong? I've put the
90-sieve.conf file on my web server
Sieve daemon errors? (Part 1 of 2, Pt 2 to follow when Pt 1 resolved)
Folks, I am still trying to get help here. Let me re-state what is going on. I have a webmail program (SOGo) that connects to the Dovecot sieve system to handle things like mail filters and what not. That way dovecot's lda program can move things where they belong. So I went through the config files, and found the places where I need to enable sieve (this is in Gentoo Linux, by the way). Now, when dovecot starts I do see a listener on the sieve port on localhost: #netstat -tl | grep sieve tcp 0 0 localhost:sieve 0.0.0.0:* LISTEN And when I telnet to the port, it does connect. But it doesn't say much. telnet localhost sieve Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 jupiter.newideatest.site Dovecot ready. Yet every example I see online is showing a HECK of a lot more than this. So what's up? Anyone got any idea what I did wrong? I've put the 90-sieve.conf file on my web server at www.newideatest.site/90-sieve.conf for those who want to see it. If any other config files are wanted/needed to help figure this out, let me know what they are and I'll take care of it. Here's an example of what other websites I've looked at say I SHOULD see: Trying 162.243.12.140... Connected to test3.rtcamp.com. Escape character is '^]'. *"IMPLEMENTATION" "Dovecot Pigeonhole" "SIEVE" "fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave" *"NOTIFY" "mailto" "SASL" "PLAIN LOGIN" "STARTTLS" "VERSION" "1.0" OK "Dovecot ready." so why am I not getting all this? -- Dan Egli From my Test Server OpenPGP_0x11B7451DF2015959.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
Re: Sieve Auth failing (ignore previous message please)
Hello, All you mention is done. I'm not using a Debian based distribution so the dpkg commands won't work for me. But I can assure you that all the packages are present. The sieve daemon is listening on 4190, and even answers the connections. But the greeting is a one line "Ready" message without anything else where as all the examples I see online are multiple lines. So it's not that the daemon' isn't running. It is. But somehow the communications are getting screwed up. On 4/28/2021 4:15 AM, Yassine Chaouche wrote: Le 4/28/21 à 7:42 AM, Dan Egli a écrit : For some reason my sieve daemon won't allow people to log on. Dan Egli >From my Test Server 1/ Are dovecot-sieve and dovecot-managesieved installed ? # dpkg-query -W dovecot-managesieved dovecot-sieve 2/ Is there something listening on the sieve port ? $ lsof -i :sieve -n 3/ if not, is sieve enabled ? /etc/dovecot/conf.d/20-lmtp.conf: mail_plugins = $mail_plugins sieve quota You can start with these 3 points and go from there. Report back in case you still can't get it to work. -- Yassine -- Dan Egli From my Test Server
Sieve Auth failing (ignore previous message please)
Hi folks. I'm VERY new to Dovecot and Sieve. But I'm having an issue
that I need help with. For some reason my sieve daemon won't allow
people to log on. I have dovecot set to read information from a MySQL
table, and that works fine. I can login to dovecot's imap server just
fine. But I have SOGo for the webmail and it won't login to the sieve
daemon. Here's what I see in the log files when I, for example, try to
save my preferences in SOGo:
==> info.log <==
Apr 28 00:33:14 lmtp(5938): Info: Connect from 127.0.0.1
==> /var/log/sogo/sogod.log <==
Apr 28 00:33:14 sogod [24168]: <0x0x557cfa9083c0[SOGoSieveManager]>
failure. Attempting with a renewed password (no authname supported)
Apr 28 00:33:14 sogod [24168]: <0x0x557cfa9083c0[SOGoSieveManager]>
Could not login 'd...@newideatest.site' on Sieve server:
<0x0x557cfaa03a70[NGSieveClient]:
socket=address=<0x0x557cfa89d5d0[NGInternetSocketAddress]: host=localhost
port=45456> connectedTo=<0x0x557cfa837c00[NGInternetSocketAddress]:
host=127.0.0.1 port=4190>>>: {RawResponse = "{}"; result = 0; }
==> info.log <==
Apr 28 00:33:14 lmtp(5938): Info: Disconnect from 127.0.0.1: Remote
closed connection unexpectedly (state=READY)
==> /var/log/sogo/sogod.log <==
Apr 28 00:33:14 sogod [24168]: 2600:387:8:7::70 "POST
/SOGo/so/d...@newideatest.site/Preferences/save HTTP/1.1" 503 46/3676
0.024 - - 0 - 17
I've read a lot of pages about getting sieve running, but they show
things I don't get. For example, from
https://rtcamp.com/tutorials/mail/server/sieve-filtering/ I see that
telnet localhost 4190 should give this:
Escape character is '^]'.
*"IMPLEMENTATION" "Dovecot Pigeonhole" "SIEVE" "fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date ihave" *"NOTIFY" "mailto"
"SASL" "PLAIN LOGIN"
"STARTTLS"
"VERSION" "1.0"
OK "Dovecot ready."
But I don't see any of that.
Escape character is '^]'.
220 jupiter.newideatest.site Dovecot ready.
I've gotten to the point where I'm pulling my hair out. I don't understand
dovecot well enough to even begin to guess what's going on. So I could REALLY
use some pointers.
Thanks all!
Oh, ignore the first message. For some reason my MUA will occasionally send a
draft to the smtp server. I still haven't figured that one out yet.
--
Dan Egli
From my Test Server
Re: Spam learning for rspamd
On 10/12/2020 10:54 PM, Aki Tuomi wrote: > Try this guide: > https://doc.dovecot.org/configuration_manual/howto/antispam_with_sieve/ > > Aki I will, but that doesn't seem to answer the question of the header rewriting. How can I explain to rspamd and/or sieve that a message that was delivered, but marked as spam is in fact NOT spam? -- Dan Egli On my Test server OpenPGP_0xF8A7B3F2AAB08F9D.asc Description: application/pgp-keys OpenPGP_signature Description: OpenPGP digital signature
Re: Procmail with Dovecot
On 10/13/2020 4:56 AM, Marc Roos wrote: > > No need for user shell access. Before switching to sieve, I made some > email interface where users could turn on 'services' by sending an email > to themselves. I'd love to take a look at that. As for using sieve, I still don't understand it at all. I've already got another thread going about problems where sieve is supposed to be calling scripts to learn spam/ham based on user choices, but doesn't seem to be doing so. Perhaps someone could write the definitive guide to sieve. That would be great. -- Dan Egli On my Test server OpenPGP_0xF8A7B3F2AAB08F9D.asc Description: application/pgp-keys OpenPGP_signature Description: OpenPGP digital signature
Procmail with Dovecot
Hey folks, here's a question. I want to enable procmail for the users so that they can have their incoming messages sorted info various folders and such regardless of MUA access or web access. I know I can set procmail to deliver to a maildir, but wouldn't that screw up dovecot's indexes? If it would, what can I do to ensure that the indexes stay correct? Thanks! -- Dan Egli On my Test server OpenPGP_0xF8A7B3F2AAB08F9D.asc Description: application/pgp-keys OpenPGP_signature Description: OpenPGP digital signature
Re: Spam learning for rspamd
On 10/12/2020 7:28 PM, Gedalya wrote: > On 10/13/20 8:49 AM, Dan Egli wrote: >> >> I'm quite new to Dovecot, so forgive me if this is a simple question. >> I've got rspamd running, and it's rewriting the subject of many >> messages as spam even when they are not. I've moved things out of the >> spam folder, which I was under the impression would teach rspamd >> since I've connected a sieve script that is supposed to call rspamd's >> learning tool, but nothing is happening. I'm really at a loss as to >> where to even begin searching for an answer, so any help is appreciated! >> >> -- >> Dan Egli >> On my Test server > > At first we'd want to see your current configuration, sieve scripts etc. > > Find them attached to this message. The contents of /etc/dovecot and /usr/lib/dovecot/sieve, packaged in a tarball. Hope that helps. And how do you train rspamd when it doesn't put the files in the spam folder but still gives them a spam warning in the subject? (i.e. [*SP4M*])?? -- Dan Egli On my Test server dovecot.tbz2 Description: Binary data OpenPGP_0xF8A7B3F2AAB08F9D.asc Description: application/pgp-keys OpenPGP_signature Description: OpenPGP digital signature
Spam learning for rspamd
I'm quite new to Dovecot, so forgive me if this is a simple question. I've got rspamd running, and it's rewriting the subject of many messages as spam even when they are not. I've moved things out of the spam folder, which I was under the impression would teach rspamd since I've connected a sieve script that is supposed to call rspamd's learning tool, but nothing is happening. I'm really at a loss as to where to even begin searching for an answer, so any help is appreciated! -- Dan Egli On my Test server OpenPGP_0xF8A7B3F2AAB08F9D.asc Description: application/pgp-keys OpenPGP_signature Description: OpenPGP digital signature
