Re: disable pop3 ports? (success)
Changing the ports to = 0 did the trick. Nothing is listening on or 995 now. Thanks for your help, all! -- Dan Egli From my Test Server OpenPGP_0x11B7451DF2015959.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
Re: disable pop3 ports?
Nice idea, but I don't use Systemd. This is a Gentoo system with SELinux and Gentoo's Selinux policies conflict with Systemd. On 5/4/2021 12:53 PM, Sven Strickroth wrote: Hi, I experienced the same issue in the past. For me it was a systemd issue. In systemd () all ports were listed so that systemd listens on these. I solved it by placing the following content in : --- snip --- [Unit] Description=Dovecot IMAP/POP3 email server activation socket [Socket] #dovecot expects separate IPv4 and IPv6 sockets BindIPv6Only=ipv6-only ListenStream=0.0.0.0:993 ListenStream=[::]:993 KeepAlive=true [Install] WantedBy=sockets.target --- snip --- best, Sven Am 04.05.2021 um 12:14 schrieb Aki Tuomi: On 04/05/2021 12:40 Dan Egli wrote: On 5/4/2021 3:18 AM, Christian Kivalo wrote: On 2021-05-04 10:29, Dan Egli wrote: For gentoo, there is only one package. And here's your output: # 2.3.13 (89f716dc2): /etc/dovecot/dovecot.conf # Pigeonhole version 0.5.13 (cdd19fe3) # OS: Linux 5.11.16-gentoo-x86_64 x86_64 Gentoo Base System release 2.7 xfs # Hostname: jupiter.newideatest.site and yet if I do doveconf protocols: # doveconf protocols protocols = imap pop3 lmtp In dovecot.conf i have a line that enables the protocols. # Enable installed protocols !include_try /usr/share/dovecot/protocols.d/*.protocol This is on debian where every protocol is a separate package to install. This could also just be: protocols = imap lmtp pop3 Remove pop3 from there and you should be good. You can even have the config in place. The other option to disable the pop3 listeners is to set the port = 0 From 10-master.conf (when using split config files) service pop3-login { inet_listener pop3 { port = 0 } inet_listener pop3s { port = 0 ssl = yes } } This disables pop3 listeners even when the pop3 protocol is enabled. I would have thought that commenting them out would do that too. But I can uncomment them and add a port = 0, see if that helps. -- Dan Egli From my Test Server Hi! To correctly enable/disable protocols, ensure they are (not) listed on protocols. doveconf protocols tells you this. Usually on debian based systems the easiest way is to uninstall `dovecot-pop3d` package. Aki -- Dan Egli From my Test Server OpenPGP_0x11B7451DF2015959.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
Re: disable pop3 ports?
On 5/4/2021 4:14 AM, Aki Tuomi wrote: Hi! To correctly enable/disable protocols, ensure they are (not) listed on protocols. doveconf protocols tells you this. Usually on debian based systems the easiest way is to uninstall `dovecot-pop3d` package. Aki Aki, That's what I'm saying. The only place pop3 IS listed is in doveconf protocols. I'm going to try settiing the ports to 0 and see if that does the trick. And for those who keep mentioning the firewall, understand that I'm beyond security paranoid. Simply blocking at the firewall is not enough. I want to ensure that NO ONE is listening on that port, even if it's just localhost. -- Dan Egli From my Test Server OpenPGP_0x11B7451DF2015959.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
Re: disable pop3 ports?
On 5/4/2021 3:18 AM, Christian Kivalo wrote: On 2021-05-04 10:29, Dan Egli wrote: For gentoo, there is only one package. And here's your output: # 2.3.13 (89f716dc2): /etc/dovecot/dovecot.conf # Pigeonhole version 0.5.13 (cdd19fe3) # OS: Linux 5.11.16-gentoo-x86_64 x86_64 Gentoo Base System release 2.7 xfs # Hostname: jupiter.newideatest.site and yet if I do doveconf protocols: # doveconf protocols protocols = imap pop3 lmtp In dovecot.conf i have a line that enables the protocols. # Enable installed protocols !include_try /usr/share/dovecot/protocols.d/*.protocol This is on debian where every protocol is a separate package to install. This could also just be: protocols = imap lmtp pop3 Remove pop3 from there and you should be good. You can even have the config in place. The other option to disable the pop3 listeners is to set the port = 0 From 10-master.conf (when using split config files) service pop3-login { inet_listener pop3 { port = 0 } inet_listener pop3s { port = 0 ssl = yes } } This disables pop3 listeners even when the pop3 protocol is enabled. I would have thought that commenting them out would do that too. But I can uncomment them and add a port = 0, see if that helps. -- Dan Egli From my Test Server OpenPGP_0x11B7451DF2015959.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
Re: disable pop3 ports?
For gentoo, there is only one package. And here's your output: # 2.3.13 (89f716dc2): /etc/dovecot/dovecot.conf # Pigeonhole version 0.5.13 (cdd19fe3) # OS: Linux 5.11.16-gentoo-x86_64 x86_64 Gentoo Base System release 2.7 xfs # Hostname: jupiter.newideatest.site auth_debug = yes auth_mechanisms = plain login auth_socket_path = /run/dovecot/auth-userdb auth_verbose = yes debug_log_path = /var/log/dovecot/debug.log default_vsz_limit = 1 G disable_plaintext_auth = no first_valid_uid = 114 hostname = jupiter.newideatest.site info_log_path = /var/log/dovecot/info.log log_path = /var/log/dovecot/error.log mail_debug = yes mail_gid = exim4u mail_location = maildir:/var/mail/%d/%n/Maildir:INDEX=/var/mail/indexes/%d/%1n/%n mail_plugins = fts mail_privileged_group = mail mail_server_admin = mail_uid = exim4u managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext imapsieve vnd.dovecot.imapsieve namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { fts_autoindex = yes fts_autoindex_exclude = \Junk fts_autoindex_exclude2 = \Trash fts_autoindex_exclude3 = \Drafts fts_autoindex_exclude4 = \Spam fts_enforced = yes imapsieve_mailbox1_before = file:/var/lib/dovecot/sieve/report-spam.sieve imapsieve_mailbox1_causes = COPY imapsieve_mailbox1_name = Spam imapsieve_mailbox2_before = file:/var/lib/dovecot/sieve/report-ham.sieve imapsieve_mailbox2_causes = COPY imapsieve_mailbox2_from = Spam imapsieve_mailbox2_name = * plugin = fts managesieve sieve sieve = file:%h/sieve;active=%h/.dovecot.sieve sieve_Dir = ~/sieve sieve_execute_bin_dir = /usr/lib/dovecot/sieve-execute sieve_filter_bin_dir = /usr/lib/dovecot/sieve-filter sieve_global_dir = /var/lib/dovecot/sieve/ sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.environment sieve_global_path = /var/lib/dovecot/sieve/default.sieve sieve_pipe_bin_dir = /var/lib/dovecot/sieve sieve_plugins = sieve_imapsieve sieve_extprograms } postmaster_address = postmas...@newideatest.site service auth { unix_listener auth-client { mode = 0600 user = exim4u } unix_listener auth-userdb { group = exim4u mode = 0777 user = exim4u } } service lmtp { unix_listener /var/spool/exim/dovecot-lmtp/lmtp { group = exim4u mode = 0660 user = exim4u } } service managesieve-login { inet_listener sieve { port = 4190 } } service stats { unix_listener stats-reader { mode = 0777 user = exim4u } unix_listener stats-writer { mode = 0777 user = exim4u } } service submission-login { inet_listener submission { port = 2587 } } ssl_cert = On 2021-05-04 10:20, Dan Egli wrote: Already did all of that. like I said, EVERY instance of pop3 in the entire config set is commented out. Then please post the output of doveconf -n. Seems there is still something left. The list of installed dovecot packages would also be help. -- Dan Egli From my Test Server OpenPGP_0x11B7451DF2015959.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
Re: disable pop3 ports?
I'm using Gentoo. They do not have separate packages for dovecot. It's all under one roof so to speak. And I checked. doveconf protocols DOES list pop3, but according to grep it's commented out EVERYWHERE! # grep pop3 * 10-director.conf:#service pop3-login { 10-director.conf: #executable = pop3-login director 10-mail.conf:# pop3_uidl_format=%m. For backwards compatibility we use apop3d inspired 10-mail.conf:#mbox_md5 = apop3d 10-master.conf:#service pop3-login { 10-master.conf:# inet_listener pop3 { 10-master.conf:# inet_listener pop3s { 10-master.conf:#completely disable pop3 10-master.conf:#service pop3 { 20-pop3.conf:#pop3_no_flag_updates = no 20-pop3.conf:#pop3_enable_last = no 20-pop3.conf:#pop3_reuse_xuidl = no 20-pop3.conf:#pop3_lock_session = no 20-pop3.conf:#pop3_fast_size_lookups = no 20-pop3.conf:# UW's ipop3d : %08Xv%08Xu 20-pop3.conf:# tpop3d : %Mf 20-pop3.conf:#pop3_uidl_format = %08Xu%08Xv 20-pop3.conf:# Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes 20-pop3.conf:#pop3_save_uidl = no 20-pop3.conf:#pop3_uidl_duplicates = allow 20-pop3.conf:#pop3_deleted_flag = 20-pop3.conf:#pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s 20-pop3.conf:#pop3_client_workarounds = 20-pop3.conf:#protocol pop3 { This is PRECISELY why I'm confused. As you can see there is no uncommented pop3 in the config files, but doveconf protocols shows imap, lmtp, AND pop3 On 5/4/2021 2:18 AM, Jean-Daniel wrote: Not sure what distribution you are using, but some distributions provide distincts package for dovecot-pop, so removing it may be enough. This package main purpose it to install a file in /usr/share/dovecot/protocols.d/ which is then imported in the config by a line like "!include_try /usr/share/dovecot/protocols.d/*.protocol » Also, make sure "doveconf protocols" does not include pop3 Presence of service pop3-login, service pop3 in config should not be enough to start listening on pop3 ports. Le 4 mai 2021 à 06:40, Dan Egli a écrit : I admit I don't quite understand dovecot's config yet, but this is driving me batty. I was looking at my server and noticed that dovecot was listening on the pop3 ports (110/TCP). Since I do not use pop3 at all, nor does anyone who has ever or ever will connect to the server, that seems like a needless waste. So I went through the config files and commented out every reference to pop3 in them. But when I restart dovecot, it STILL opens a listener on 110. How do I fix this? The ONLY external ports I want dovecot listening to are imap4 and imap4s. Thanks! -- Dan Egli From my Test Server -- Dan Egli From my Test Server OpenPGP_0x11B7451DF2015959.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
Re: disable pop3 ports?
Already did all of that. like I said, EVERY instance of pop3 in the entire config set is commented out. On 5/4/2021 1:12 AM, Marc wrote: maybe remove pop3 from protocols, remove service pop3-login, service pop3? I admit I don't quite understand dovecot's config yet, but this is driving me batty. I was looking at my server and noticed that dovecot was listening on the pop3 ports (110/TCP). Since I do not use pop3 at all, nor does anyone who has ever or ever will connect to the server, that seems like a needless waste. So I went through the config files and commented out every reference to pop3 in them. But when I restart dovecot, it STILL opens a listener on 110. How do I fix this? The ONLY external ports I want dovecot listening to are imap4 and imap4s. Thanks! -- Dan Egli From my Test Server OpenPGP_0x11B7451DF2015959.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
disable pop3 ports?
I admit I don't quite understand dovecot's config yet, but this is driving me batty. I was looking at my server and noticed that dovecot was listening on the pop3 ports (110/TCP). Since I do not use pop3 at all, nor does anyone who has ever or ever will connect to the server, that seems like a needless waste. So I went through the config files and commented out every reference to pop3 in them. But when I restart dovecot, it STILL opens a listener on 110. How do I fix this? The ONLY external ports I want dovecot listening to are imap4 and imap4s. Thanks! -- Dan Egli From my Test Server OpenPGP_0x11B7451DF2015959.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
Re: Sieve daemon errors? (Part 1 of 2, Pt 2 to follow when Pt 1 resolved)
Thanks. That did indeed fix the situation. So I can declare Part 1 resolved. Let's see if it also resolved part two. 😁 On 5/1/2021 9:46 AM, Arjen de Korte wrote: Citeren Dan Egli : Still haven't heard back on why 4190 isn't being listened to. I put the entire /etc/dovecot/conf.d directory into https://www.newideatest.site/dovecot, so feel free to look at the configs and see if you can figure out why the sieve listener isn't running. You messed up your 20-managesieve.conf. You should only have to follow the below instruction to get the sieve listener running: # Uncomment to enable managesieve protocol: #protocols = $protocols sieve So restore the original (it looks like it is in 20-managesieve.conf.ucf-dist) an just uncomment the one line that is mentioned above so that it reads # Uncomment to enable managesieve protocol: protocols = $protocols sieve -- Dan Egli From my Test Server OpenPGP_0x11B7451DF2015959.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
Re: Sieve daemon errors? (Part 1 of 2, Pt 2 to follow when Pt 1 resolved)
Still haven't heard back on why 4190 isn't being listened to. I put the entire /etc/dovecot/conf.d directory into https://www.newideatest.site/dovecot, so feel free to look at the configs and see if you can figure out why the sieve listener isn't running. On 5/1/2021 1:14 AM, Dan Egli wrote: So I see. THAT part is fixed. But now when I restart dovecot, NOTHING is listening on 4190. So how to I tell dovecot to listen on 4190 with the sieve daemon? On 5/1/2021 12:53 AM, dove...@steve.wattlink.net wrote: Exactly as I suspected: > service lmtp { > inet_listener lmtp { > address = 127.0.0.1 > port = 4190 > } > } As for why it looks that way? Dunno. Check conf.d/20-lmtp.conf. That doesn’t make sense. -- Steve Watt KD6GGD PP-ASEL-IA factories.words.yappy Don't let your schooling get in the way of your education. *From:* Dan Egli *Sent:* Friday, April 30, 2021 23:50 *To:* st...@watt.com; dovecot@dovecot.org *Subject:* Re: Sieve daemon errors? (Part 1 of 2, Pt 2 to follow when Pt 1 resolved) Ask and ye shall receive: # dovecot -n # 2.3.13 (89f716dc2): /etc/dovecot/dovecot.conf # Pigeonhole version 0.5.13 (cdd19fe3) # OS: Linux 5.11.16-gentoo-x86_64 x86_64 Gentoo Base System release 2.7 xfs # Hostname: jupiter.newideatest.site auth_debug = yes auth_mechanisms = plain login auth_socket_path = /run/dovecot/auth-userdb auth_verbose = yes debug_log_path = /var/log/dovecot/debug.log default_vsz_limit = 1 G disable_plaintext_auth = no first_valid_uid = 114 hostname = jupiter.newideatest.site info_log_path = /var/log/dovecot/info.log log_path = /var/log/dovecot/error.log mail_debug = yes mail_gid = exim4u mail_location = maildir:/var/mail/%d/%n/Maildir:INDEX=/var/mail/indexes/%d/%1n/% n mail_plugins = fts mail_privileged_group = mail mail_server_admin = mail_uid = exim4u managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacati on subaddress comparator-i;ascii-numeric relational regex imap4flags copy includ e variables body enotify environment mailbox date index ihave duplicate mime for everypart extracttext imapsieve vnd.dovecot.imapsieve namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { fts_autoindex = yes fts_autoindex_exclude = \Junk fts_autoindex_exclude2 = \Trash fts_autoindex_exclude3 = \Drafts fts_autoindex_exclude4 = \Spam fts_enforced = yes imapsieve_mailbox1_before = file:/var/lib/dovecot/sieve/report-spam.sieve imapsieve_mailbox1_causes = COPY imapsieve_mailbox1_name = Spam imapsieve_mailbox2_before = file:/var/lib/dovecot/sieve/report-ham.sieve imapsieve_mailbox2_causes = COPY imapsieve_mailbox2_from = Spam imapsieve_mailbox2_name = * plugin = fts managesieve sieve sieve = file:%h/sieve;active=%h/.dovecot.sieve sieve_Dir = ~/sieve sieve_execute_bin_dir = /usr/lib/dovecot/sieve-execute sieve_filter_bin_dir = /usr/lib/dovecot/sieve-filter sieve_global_dir = /var/lib/dovecot/sieve/ sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.environment sieve_global_path = /var/lib/dovecot/sieve/default.sieve sieve_pipe_bin_dir = /var/lib/dovecot/sieve sieve_plugins = sieve_imapsieve sieve_extprograms } postmaster_address = postmas...@newideatest.site <mailto:postmas...@newideatest.site> service auth { unix_listener auth-client { mode = 0600 user = exim4u } unix_listener auth-userdb { group = exim4u mode = 0777 user = exim4u } } service lmtp { inet_listener lmtp { address = 127.0.0.1 port = 4190 } } service managesieve-login { inet_listener sieve { port = 4190 } process_min_avail = 0 service_count = 1 vsz_limit = 64 M } service managesieve { process_limit = 1024 } service stats { unix_listener stats-reader { mode = 0777 user = exim4u } unix_listener stats-writer { mode = 0777 user = exim4u } } service submission-login { inet_listener submission { port = 2587 } } ssl_cert = postmaster_address = postmas...@newideatest.site <mailto:postmas...@newideatest.site> } protocol lda { info_log_path = /var/log/dovecot/lda.log log_path = /var/log/dovecot/lda-errors.log mail_plugins = fts sieve sieve } protocol imap { mail_plugins = fts imap_sieve } protocol sieve { info_log_path = /var/log/dovecot/sieve.log log_path = /var/log/dovecot/sieve-errors.log managesieve_implementation_string = Dovecot managesieve_max_compile_errors = 5 managesieve_max_line_length = 64 k } j On 5/1/2021 12:44 AM, Stev
Re: Sieve daemon errors? (Part 1 of 2, Pt 2 to follow when Pt 1 resolved)
So I see. THAT part is fixed. But now when I restart dovecot, NOTHING is listening on 4190. So how to I tell dovecot to listen on 4190 with the sieve daemon? On 5/1/2021 12:53 AM, dove...@steve.wattlink.net wrote: Exactly as I suspected: > service lmtp { > inet_listener lmtp { > address = 127.0.0.1 > port = 4190 > } > } As for why it looks that way? Dunno. Check conf.d/20-lmtp.conf. That doesn’t make sense. -- Steve Watt KD6GGD PP-ASEL-IA factories.words.yappy Don't let your schooling get in the way of your education. *From:* Dan Egli *Sent:* Friday, April 30, 2021 23:50 *To:* st...@watt.com; dovecot@dovecot.org *Subject:* Re: Sieve daemon errors? (Part 1 of 2, Pt 2 to follow when Pt 1 resolved) Ask and ye shall receive: # dovecot -n # 2.3.13 (89f716dc2): /etc/dovecot/dovecot.conf # Pigeonhole version 0.5.13 (cdd19fe3) # OS: Linux 5.11.16-gentoo-x86_64 x86_64 Gentoo Base System release 2.7 xfs # Hostname: jupiter.newideatest.site auth_debug = yes auth_mechanisms = plain login auth_socket_path = /run/dovecot/auth-userdb auth_verbose = yes debug_log_path = /var/log/dovecot/debug.log default_vsz_limit = 1 G disable_plaintext_auth = no first_valid_uid = 114 hostname = jupiter.newideatest.site info_log_path = /var/log/dovecot/info.log log_path = /var/log/dovecot/error.log mail_debug = yes mail_gid = exim4u mail_location = maildir:/var/mail/%d/%n/Maildir:INDEX=/var/mail/indexes/%d/%1n/% n mail_plugins = fts mail_privileged_group = mail mail_server_admin = mail_uid = exim4u managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacati on subaddress comparator-i;ascii-numeric relational regex imap4flags copy includ e variables body enotify environment mailbox date index ihave duplicate mime for everypart extracttext imapsieve vnd.dovecot.imapsieve namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { fts_autoindex = yes fts_autoindex_exclude = \Junk fts_autoindex_exclude2 = \Trash fts_autoindex_exclude3 = \Drafts fts_autoindex_exclude4 = \Spam fts_enforced = yes imapsieve_mailbox1_before = file:/var/lib/dovecot/sieve/report-spam.sieve imapsieve_mailbox1_causes = COPY imapsieve_mailbox1_name = Spam imapsieve_mailbox2_before = file:/var/lib/dovecot/sieve/report-ham.sieve imapsieve_mailbox2_causes = COPY imapsieve_mailbox2_from = Spam imapsieve_mailbox2_name = * plugin = fts managesieve sieve sieve = file:%h/sieve;active=%h/.dovecot.sieve sieve_Dir = ~/sieve sieve_execute_bin_dir = /usr/lib/dovecot/sieve-execute sieve_filter_bin_dir = /usr/lib/dovecot/sieve-filter sieve_global_dir = /var/lib/dovecot/sieve/ sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.environment sieve_global_path = /var/lib/dovecot/sieve/default.sieve sieve_pipe_bin_dir = /var/lib/dovecot/sieve sieve_plugins = sieve_imapsieve sieve_extprograms } postmaster_address = postmas...@newideatest.site <mailto:postmas...@newideatest.site> service auth { unix_listener auth-client { mode = 0600 user = exim4u } unix_listener auth-userdb { group = exim4u mode = 0777 user = exim4u } } service lmtp { inet_listener lmtp { address = 127.0.0.1 port = 4190 } } service managesieve-login { inet_listener sieve { port = 4190 } process_min_avail = 0 service_count = 1 vsz_limit = 64 M } service managesieve { process_limit = 1024 } service stats { unix_listener stats-reader { mode = 0777 user = exim4u } unix_listener stats-writer { mode = 0777 user = exim4u } } service submission-login { inet_listener submission { port = 2587 } } ssl_cert = postmaster_address = postmas...@newideatest.site <mailto:postmas...@newideatest.site> } protocol lda { info_log_path = /var/log/dovecot/lda.log log_path = /var/log/dovecot/lda-errors.log mail_plugins = fts sieve sieve } protocol imap { mail_plugins = fts imap_sieve } protocol sieve { info_log_path = /var/log/dovecot/sieve.log log_path = /var/log/dovecot/sieve-errors.log managesieve_implementation_string = Dovecot managesieve_max_compile_errors = 5 managesieve_max_line_length = 64 k } j On 5/1/2021 12:44 AM, Steve Watt wrote: From a little bit of poking around in the source, I wonder if you somehow have the LMTP listener running on the sieve port. The output of doveconf -n will help more than just the 90-sieve.conf. Also check the dovecot log; I found it helpful (once I figured out how to configure
Re: Sieve daemon errors? (Part 1 of 2, Pt 2 to follow when Pt 1 resolved)
Ask and ye shall receive: # dovecot -n # 2.3.13 (89f716dc2): /etc/dovecot/dovecot.conf # Pigeonhole version 0.5.13 (cdd19fe3) # OS: Linux 5.11.16-gentoo-x86_64 x86_64 Gentoo Base System release 2.7 xfs # Hostname: jupiter.newideatest.site auth_debug = yes auth_mechanisms = plain login auth_socket_path = /run/dovecot/auth-userdb auth_verbose = yes debug_log_path = /var/log/dovecot/debug.log default_vsz_limit = 1 G disable_plaintext_auth = no first_valid_uid = 114 hostname = jupiter.newideatest.site info_log_path = /var/log/dovecot/info.log log_path = /var/log/dovecot/error.log mail_debug = yes mail_gid = exim4u mail_location = maildir:/var/mail/%d/%n/Maildir:INDEX=/var/mail/indexes/%d/%1n/% n mail_plugins = fts mail_privileged_group = mail mail_server_admin = mail_uid = exim4u managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacati on subaddress comparator-i;ascii-numeric relational regex imap4flags copy includ e variables body enotify environment mailbox date index ihave duplicate mime for everypart extracttext imapsieve vnd.dovecot.imapsieve namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { fts_autoindex = yes fts_autoindex_exclude = \Junk fts_autoindex_exclude2 = \Trash fts_autoindex_exclude3 = \Drafts fts_autoindex_exclude4 = \Spam fts_enforced = yes imapsieve_mailbox1_before = file:/var/lib/dovecot/sieve/report-spam.sieve imapsieve_mailbox1_causes = COPY imapsieve_mailbox1_name = Spam imapsieve_mailbox2_before = file:/var/lib/dovecot/sieve/report-ham.sieve imapsieve_mailbox2_causes = COPY imapsieve_mailbox2_from = Spam imapsieve_mailbox2_name = * plugin = fts managesieve sieve sieve = file:%h/sieve;active=%h/.dovecot.sieve sieve_Dir = ~/sieve sieve_execute_bin_dir = /usr/lib/dovecot/sieve-execute sieve_filter_bin_dir = /usr/lib/dovecot/sieve-filter sieve_global_dir = /var/lib/dovecot/sieve/ sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.environment sieve_global_path = /var/lib/dovecot/sieve/default.sieve sieve_pipe_bin_dir = /var/lib/dovecot/sieve sieve_plugins = sieve_imapsieve sieve_extprograms } postmaster_address = postmas...@newideatest.site service auth { unix_listener auth-client { mode = 0600 user = exim4u } unix_listener auth-userdb { group = exim4u mode = 0777 user = exim4u } } service lmtp { inet_listener lmtp { address = 127.0.0.1 port = 4190 } } service managesieve-login { inet_listener sieve { port = 4190 } process_min_avail = 0 service_count = 1 vsz_limit = 64 M } service managesieve { process_limit = 1024 } service stats { unix_listener stats-reader { mode = 0777 user = exim4u } unix_listener stats-writer { mode = 0777 user = exim4u } } service submission-login { inet_listener submission { port = 2587 } } ssl_cert = From a little bit of poking around in the source, I wonder if you somehow have the LMTP listener running on the sieve port. The output of doveconf -n will help more than just the 90-sieve.conf. Also check the dovecot log; I found it helpful (once I figured out how to configure it) with debugging. [ Apologies for top post; brain-damaged MUA in use. ] -- Steve Watt KD6GGD PP-ASEL-IA factories.words.yappy Don't let your schooling get in the way of your education. *From:* dovecot *On Behalf Of *Dan Egli *Sent:* Friday, April 30, 2021 23:13 *To:* dovecot@dovecot.org *Subject:* Sieve daemon errors? (Part 1 of 2, Pt 2 to follow when Pt 1 resolved) Folks, I am still trying to get help here. Let me re-state what is going on. I have a webmail program (SOGo) that connects to the Dovecot sieve system to handle things like mail filters and what not. That way dovecot's lda program can move things where they belong. So I went through the config files, and found the places where I need to enable sieve (this is in Gentoo Linux, by the way). Now, when dovecot starts I do see a listener on the sieve port on localhost: #netstat -tl | grep sieve tcp 0 0 localhost:sieve 0.0.0.0:* LISTEN And when I telnet to the port, it does connect. But it doesn't say much. telnet localhost sieve Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 jupiter.newideatest.site Dovecot ready. Yet every example I see online is showing a HECK of a lot more than this. So what's up? Anyone got any idea what I did wrong? I've put the 90-sieve.conf file on my web server
Sieve daemon errors? (Part 1 of 2, Pt 2 to follow when Pt 1 resolved)
Folks, I am still trying to get help here. Let me re-state what is going on. I have a webmail program (SOGo) that connects to the Dovecot sieve system to handle things like mail filters and what not. That way dovecot's lda program can move things where they belong. So I went through the config files, and found the places where I need to enable sieve (this is in Gentoo Linux, by the way). Now, when dovecot starts I do see a listener on the sieve port on localhost: #netstat -tl | grep sieve tcp 0 0 localhost:sieve 0.0.0.0:* LISTEN And when I telnet to the port, it does connect. But it doesn't say much. telnet localhost sieve Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 jupiter.newideatest.site Dovecot ready. Yet every example I see online is showing a HECK of a lot more than this. So what's up? Anyone got any idea what I did wrong? I've put the 90-sieve.conf file on my web server at www.newideatest.site/90-sieve.conf for those who want to see it. If any other config files are wanted/needed to help figure this out, let me know what they are and I'll take care of it. Here's an example of what other websites I've looked at say I SHOULD see: Trying 162.243.12.140... Connected to test3.rtcamp.com. Escape character is '^]'. *"IMPLEMENTATION" "Dovecot Pigeonhole" "SIEVE" "fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave" *"NOTIFY" "mailto" "SASL" "PLAIN LOGIN" "STARTTLS" "VERSION" "1.0" OK "Dovecot ready." so why am I not getting all this? -- Dan Egli From my Test Server OpenPGP_0x11B7451DF2015959.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
Re: Sieve Auth failing (ignore previous message please)
Hello, All you mention is done. I'm not using a Debian based distribution so the dpkg commands won't work for me. But I can assure you that all the packages are present. The sieve daemon is listening on 4190, and even answers the connections. But the greeting is a one line "Ready" message without anything else where as all the examples I see online are multiple lines. So it's not that the daemon' isn't running. It is. But somehow the communications are getting screwed up. On 4/28/2021 4:15 AM, Yassine Chaouche wrote: Le 4/28/21 à 7:42 AM, Dan Egli a écrit : For some reason my sieve daemon won't allow people to log on. Dan Egli >From my Test Server 1/ Are dovecot-sieve and dovecot-managesieved installed ? # dpkg-query -W dovecot-managesieved dovecot-sieve 2/ Is there something listening on the sieve port ? $ lsof -i :sieve -n 3/ if not, is sieve enabled ? /etc/dovecot/conf.d/20-lmtp.conf: mail_plugins = $mail_plugins sieve quota You can start with these 3 points and go from there. Report back in case you still can't get it to work. -- Yassine -- Dan Egli From my Test Server
Sieve Auth failing (ignore previous message please)
Hi folks. I'm VERY new to Dovecot and Sieve. But I'm having an issue that I need help with. For some reason my sieve daemon won't allow people to log on. I have dovecot set to read information from a MySQL table, and that works fine. I can login to dovecot's imap server just fine. But I have SOGo for the webmail and it won't login to the sieve daemon. Here's what I see in the log files when I, for example, try to save my preferences in SOGo: ==> info.log <== Apr 28 00:33:14 lmtp(5938): Info: Connect from 127.0.0.1 ==> /var/log/sogo/sogod.log <== Apr 28 00:33:14 sogod [24168]: <0x0x557cfa9083c0[SOGoSieveManager]> failure. Attempting with a renewed password (no authname supported) Apr 28 00:33:14 sogod [24168]: <0x0x557cfa9083c0[SOGoSieveManager]> Could not login 'd...@newideatest.site' on Sieve server: <0x0x557cfaa03a70[NGSieveClient]: socket=address=<0x0x557cfa89d5d0[NGInternetSocketAddress]: host=localhost port=45456> connectedTo=<0x0x557cfa837c00[NGInternetSocketAddress]: host=127.0.0.1 port=4190>>>: {RawResponse = "{}"; result = 0; } ==> info.log <== Apr 28 00:33:14 lmtp(5938): Info: Disconnect from 127.0.0.1: Remote closed connection unexpectedly (state=READY) ==> /var/log/sogo/sogod.log <== Apr 28 00:33:14 sogod [24168]: 2600:387:8:7::70 "POST /SOGo/so/d...@newideatest.site/Preferences/save HTTP/1.1" 503 46/3676 0.024 - - 0 - 17 I've read a lot of pages about getting sieve running, but they show things I don't get. For example, from https://rtcamp.com/tutorials/mail/server/sieve-filtering/ I see that telnet localhost 4190 should give this: Escape character is '^]'. *"IMPLEMENTATION" "Dovecot Pigeonhole" "SIEVE" "fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave" *"NOTIFY" "mailto" "SASL" "PLAIN LOGIN" "STARTTLS" "VERSION" "1.0" OK "Dovecot ready." But I don't see any of that. Escape character is '^]'. 220 jupiter.newideatest.site Dovecot ready. I've gotten to the point where I'm pulling my hair out. I don't understand dovecot well enough to even begin to guess what's going on. So I could REALLY use some pointers. Thanks all! Oh, ignore the first message. For some reason my MUA will occasionally send a draft to the smtp server. I still haven't figured that one out yet. -- Dan Egli From my Test Server
Re: Spam learning for rspamd
On 10/12/2020 10:54 PM, Aki Tuomi wrote: > Try this guide: > https://doc.dovecot.org/configuration_manual/howto/antispam_with_sieve/ > > Aki I will, but that doesn't seem to answer the question of the header rewriting. How can I explain to rspamd and/or sieve that a message that was delivered, but marked as spam is in fact NOT spam? -- Dan Egli On my Test server OpenPGP_0xF8A7B3F2AAB08F9D.asc Description: application/pgp-keys OpenPGP_signature Description: OpenPGP digital signature
Re: Procmail with Dovecot
On 10/13/2020 4:56 AM, Marc Roos wrote: > > No need for user shell access. Before switching to sieve, I made some > email interface where users could turn on 'services' by sending an email > to themselves. I'd love to take a look at that. As for using sieve, I still don't understand it at all. I've already got another thread going about problems where sieve is supposed to be calling scripts to learn spam/ham based on user choices, but doesn't seem to be doing so. Perhaps someone could write the definitive guide to sieve. That would be great. -- Dan Egli On my Test server OpenPGP_0xF8A7B3F2AAB08F9D.asc Description: application/pgp-keys OpenPGP_signature Description: OpenPGP digital signature
Procmail with Dovecot
Hey folks, here's a question. I want to enable procmail for the users so that they can have their incoming messages sorted info various folders and such regardless of MUA access or web access. I know I can set procmail to deliver to a maildir, but wouldn't that screw up dovecot's indexes? If it would, what can I do to ensure that the indexes stay correct? Thanks! -- Dan Egli On my Test server OpenPGP_0xF8A7B3F2AAB08F9D.asc Description: application/pgp-keys OpenPGP_signature Description: OpenPGP digital signature
Re: Spam learning for rspamd
On 10/12/2020 7:28 PM, Gedalya wrote: > On 10/13/20 8:49 AM, Dan Egli wrote: >> >> I'm quite new to Dovecot, so forgive me if this is a simple question. >> I've got rspamd running, and it's rewriting the subject of many >> messages as spam even when they are not. I've moved things out of the >> spam folder, which I was under the impression would teach rspamd >> since I've connected a sieve script that is supposed to call rspamd's >> learning tool, but nothing is happening. I'm really at a loss as to >> where to even begin searching for an answer, so any help is appreciated! >> >> -- >> Dan Egli >> On my Test server > > At first we'd want to see your current configuration, sieve scripts etc. > > Find them attached to this message. The contents of /etc/dovecot and /usr/lib/dovecot/sieve, packaged in a tarball. Hope that helps. And how do you train rspamd when it doesn't put the files in the spam folder but still gives them a spam warning in the subject? (i.e. [*SP4M*])?? -- Dan Egli On my Test server dovecot.tbz2 Description: Binary data OpenPGP_0xF8A7B3F2AAB08F9D.asc Description: application/pgp-keys OpenPGP_signature Description: OpenPGP digital signature
Spam learning for rspamd
I'm quite new to Dovecot, so forgive me if this is a simple question. I've got rspamd running, and it's rewriting the subject of many messages as spam even when they are not. I've moved things out of the spam folder, which I was under the impression would teach rspamd since I've connected a sieve script that is supposed to call rspamd's learning tool, but nothing is happening. I'm really at a loss as to where to even begin searching for an answer, so any help is appreciated! -- Dan Egli On my Test server OpenPGP_0xF8A7B3F2AAB08F9D.asc Description: application/pgp-keys OpenPGP_signature Description: OpenPGP digital signature