Re: Sieve Symlink Creation

2022-08-26 Thread João Silva 



On 26/08/2022 16:43, dove...@ptld.com wrote:

On 08-26-2022 11:34 am, João Silva wrote:
As far as I understood the sieve location is relative to the home.


True.



In my server I kept the default
sieve = file:~/sieve;active=~/.dovecot.sieve
In your definition there are ../ in the mix


Yes, mine is "active=~/../_sieve/.active_sieve" which has ~ same as 
yours.
And /../ is a relative path feature, you don't see /../ in full 
absolute paths.


But somehow can be interfering. In my case I would try. It is possible?

ls /home/../tmp

is valid, it's relative or absolute?



So how is using ~ and a relative path creating an absolute symlink?
How do you prevent it so dovecot only creates a relative symlink?

Re: Sieve Symlink Creation

2022-08-26 Thread João Silva 

As far as I understood the sieve location is relative to the home.

In my server I kept the default

sieve = file:~/sieve;active=~/.dovecot.sieve

the sieve is defined with relation to the home ~

In your definition there are ../ in the mix

so

home

inside the home a Maildir or whetever you want and, since the home is 
defined keep the default value for the sieve


On 26/08/2022 14:57, dove...@ptld.com wrote:

On 08-26-2022 9:22 am, João Silva wrote:

Made the question before knowing about the virtual users.
But dovecot allow to set a "home" for virtual users (as far as I 
undestood)


https://wiki2.dovecot.org/VirtualUsers/Home?highlight=%28home%29|%28mail%29 



If already had read that and didn't help let me know.



If you review my first email you can see that home is being set in the 
config.
Although i not sure how setting home has anything to do with sieve 
active symlinks.

Re: Sieve Symlink Creation

2022-08-26 Thread João Silva 



On 25/08/2022 15:20, dove...@ptld.com wrote:

On 08-25-2022 9:10 am, João Silva wrote:

User home != mail home?
mail not in the user home? is that the situation?



Do you mean `/home/user` when you say user home?


Made the question before knowing about the virtual users.

But dovecot allow to set a "home" for virtual users (as far as I undestood)

https://wiki2.dovecot.org/VirtualUsers/Home?highlight=%28home%29|%28mail%29

If already had read that and didn't help let me know.



No, mail is not stored in `/home/` because these are virtual users.
I would not want to create 1,000+ linux users with home directories 
just to provide email accounts to people who will never login to linux.

Re: Sieve Symlink Creation

2022-08-25 Thread João Silva 

User home != mail home?

mail not in the user home? is that the situation?

On 25/08/2022 13:32, dove...@ptld.com wrote:
The first time when the sieve files and folders get created, the 
active symlink is created as a full absolute path


    .active_sieve -> /mnt/email/domain/user/_sieve/filters.sieve

After that, if you disable and enable the rule set the symlink gets 
recreated as relative


    .active_sieve -> filters.sieve

How can i have the symlink always created as a relative path even on 
first time creation?

Having a full absolute path over a mounted NSF is fragile.

Dovecot 2.3.16
Pigeonhole 2.3.16

mail_home = /mnt/email/%d/%n/_dovecot
mail_location = 
maildir:/mnt/email/%d/%n/_folders:INDEX=/mnt/email/%d/%n/_dovecot:CONTROL=/mnt/email/%d/%n/_dovecot

plugin {
  sieve = file:~/../_sieve;active=~/../_sieve/.active_sieve
  sieve_max_script_size = 1M
  sieve_max_actions = 32
  sieve_max_redirects = 4
  sieve_quota_max_scripts = 20
  sieve_quota_max_storage = 5M
  sieve_vacation_min_period = 1d
  sieve_vacation_use_original_recipient = no
  sieve_vacation_dont_check_recipient = no
  sieve_vacation_send_from_recipient = no
  sieve_redirect_envelope_from = sender
  sieve_user_email = %u
}

Re: Maybe a bit offtopic, Sieve beaviour

2022-08-25 Thread João Silva 

Thanks for the detailed anwser.

So it falls under the "feature" section. I will keep that in mind in 
future sieves.


And I think you are right, :copy only makes sense in situations where 
the flow can lead to other places than the Inbox.


On 24/08/2022 20:04, Sean Kamath wrote:
I recommend reading the RFC: 2.10.2 
<https://www.rfc-editor.org/rfc/rfc5228#section-2.10.2> is where the 
Implicit Keep is described.


Basically, if you don’t take action on a message, there is an 
“implicit keep” that will save the mail in the default location.  If 
an action *is* taken on a message (that results in it being saved 
somewhere; i.e., ‘fileinto’), then the implicit keep is removed (since 
you have explicitly said where to put it).


So there’s the “keep” keyword (see 4.3 
<https://www.rfc-editor.org/rfc/rfc5228#section-4.3>), to “do what you 
would do in the implicit keep” (more or less).


So:

fileinto :create “ac” -> puts the message into “ac” and removes 
“implicit keep”

keep -> puts implicit keep back (more or less)

fileinto :copy :create “ac” -> puts a *COPY* of the message into “ac”, 
and the original retains “implicit keep”.


They do the same thing, though I try and avoid unnecessary extensions 
when I can.


Sean


On Aug 24, 2022, at 07:29, João Silva  wrote:


On 23/08/2022 13:03, Rob Sterenborg (Lists) wrote:


On 23-08-2022 11:44, João Silva wrote:

Hi

If a sieve filter contains a rule

if header :regex ["From"] ["@xxx.com","@yyy.pt"] {
 fileinto :create "ac";
}

The mail should be copied to the folder ac and then proceed to 
other rules that a user might have or I understood the


fileinto

wrong?

Using dovecot-pigeonhole-2.2.36-8.el7.x86_64



I use it like this, and it works for me:

if address :is "From" "sender@domain" {
  fileinto :create "some_mail_folder";
  stop;
}

Almost 20 years ago, I figured out that I *need* the "stop;" line, 
but I don't remember why.


The stop; is needed to prevent further script actions on the email 
and that is a very curious thing that I dont know if falls in the 
"bug or feature" field.


if I use

if header :regex ["From"] ["@xxx.com","@yyy.pt"] {
 fileinto :create "ac";

        keep;

}

It delivers the mail in my Inbox which was my intention in the first 
place.


When I used the filter without the keep; and since I didn't had the 
stop; I was expecting further actions on that email that will lead to 
the email end up in the Inbox and that didn't happened.


So it apears that the fileinto rule have a stop; into it without the 
stop being declared.


In a complex mail management scenario that can cause problems. So my 
question is, "bug or feature"?







--
Rob

Re: Maybe a bit offtopic, Sieve beaviour

2022-08-24 Thread João Silva 

Thanks a lot.

I almost missed your email. The :copy will make it behave like intended.

On 23/08/2022 20:29, Shawn Heisey wrote:

On 8/23/22 03:44, João Silva wrote:

If a sieve filter contains a rule

if header :regex ["From"] ["@xxx.com","@yyy.pt"] {
    fileinto :create "ac";
}

The mail should be copied to the folder ac and then proceed to other 
rules that a user might have or I understood the fileinto wrong?


I just took a look at my fairly extensive sieve script that has been 
built by the managesieve plugin for the roundcube webmail server.  I 
don't often look at the script itself because that plugin lets me edit 
the script in a GUI.


The fileinto command is used in almost every one of my rules.  It is 
not copying the message, it is moving the message to the destination 
folder.  Here is one of my rules:


# rule:[blog]
if header :contains ["To","cc"] "b...@elyograg.org"
{
    fileinto "admin.blog";
    stop;
}

There is an extension to sieve that adds a :copy option to certain 
commands like fileinto for situations where that is actually what you 
want to do.  Pigeonhole does support it:


https://www.rfc-editor.org/rfc/rfc3894.html

Thanks,
Shawn

Re: Maybe a bit offtopic, Sieve beaviour

2022-08-24 Thread João Silva 



On 23/08/2022 13:03, Rob Sterenborg (Lists) wrote:


On 23-08-2022 11:44, João Silva wrote:

Hi

If a sieve filter contains a rule

if header :regex ["From"] ["@xxx.com","@yyy.pt"] {
 fileinto :create "ac";
}

The mail should be copied to the folder ac and then proceed to other 
rules that a user might have or I understood the


fileinto

wrong?

Using dovecot-pigeonhole-2.2.36-8.el7.x86_64



I use it like this, and it works for me:

if address :is "From" "sender@domain" {
  fileinto :create "some_mail_folder";
  stop;
}

Almost 20 years ago, I figured out that I *need* the "stop;" line, but 
I don't remember why.


The stop; is needed to prevent further script actions on the email and 
that is a very curious thing that I dont know if falls in the "bug or 
feature" field.


if I use

if header :regex ["From"] ["@xxx.com","@yyy.pt"] {
 fileinto :create "ac";

        keep;

}

It delivers the mail in my Inbox which was my intention in the first place.

When I used the filter without the keep; and since I didn't had the 
stop; I was expecting further actions on that email that will lead to 
the email end up in the Inbox and that didn't happened.


So it apears that the fileinto rule have a stop; into it without the 
stop being declared.


In a complex mail management scenario that can cause problems. So my 
question is, "bug or feature"?







--
Rob

Maybe a bit offtopic, Sieve beaviour

2022-08-23 Thread João Silva 

Hi

If a sieve filter contains a rule

if header :regex ["From"] ["@xxx.com","@yyy.pt"] {
    fileinto :create "ac";
}

The mail should be copied to the folder ac and then proceed to other 
rules that a user might have or I understood the


fileinto

wrong?

Using dovecot-pigeonhole-2.2.36-8.el7.x86_64

Re: rawlog data in a lua script

2022-07-28 Thread João Silva 

Thanks a lot for this thread.

I was starting to plan a system where multiples processes can write to a 
file and completely forgot that syslog is designed to do that.


It is a perfect solution, I only had to configure a local facility to 
receive the data and add 3 lines of code to the program (including the 
import).


On 28/07/2022 12:01, Paul Kudla (SCOM.CA Internet Services Inc.) wrote:


Hi - I use this python script to capture a socket (ie the log file) 
and then send it to syslog, i use this for all the systems that do not 
really support syslogging (apache etc)


basic useage

/usr/bin/nohup /programs/common/capture -s 
/usr/local/apache2/logs/httpd-access.log -l httpd -d 10.228.0.6:514 -p 
httpd & > /dev/null


i typically run this at startup in rc.local

hope this helps :

--

## cat capture
#!/usr/local/bin/python3
# -*- coding: UTF-8 -*-


import os,sys,socket
import datetime,time
from optparse import OptionParser

from lib import *

USAGE_TEXT = '''\
usage: %%prog %s[options]
'''

parser = OptionParser(usage=USAGE_TEXT % '', version='0.4')

parser.add_option("-s", "--socket", dest="socket_file", help="Socket 
File to Capture")
parser.add_option("-l", "--label", dest="label", help="Syslog Label to 
Insert")
parser.add_option("-d", "--destination", dest="destination", 
help="Syslog Destibnation Server:Port")

parser.add_option("-p", "--pid", dest="pid", help="PID Process Name")
#parser.add_option("-e", "--email", dest="email", help="Additional 
Email To")
#parser.add_option("-t", "--temp", dest="tempdir", help="Local Temp 
Directory")


options, args = parser.parse_args()

print (options.socket_file)
print (options.label)
print (options.destination)
print (options.pid)



if options.socket_file == None :
    print ('Missing Socket File Information')
    sys.exit()

if options.label == None :
    print ('Missing Syslog Label Information')
    sys.exit()

if options.destination == None :
    print ('Missing Syslog Destination host:[port]')
    sys.exit()

if options.pid == None :
    print ('Missing Syslog Pid Process Name')
    sys.exit()


#try local syslog (/var/run/log)

UDP_IP = options.destination.split(':')

if len(UDP_IP) == 2 : #Set Port
    UDP_PORT = int(UDP_IP[1])
else :
    UDP_PORT = 514 #Default

UDP_IP = UDP_IP[0]  #Server

#MESSAGE = str("<22>Mar 27 04:16:16 es-scom[12345] offsite.scom.ca su: 
Hello, World!")

#MESSAGE = str("<183>Mar 27 16:17:41 scom-live[72178]: Hello World")

print("UDP target IP: %s" % UDP_IP)
print("UDP target port: %s" % UDP_PORT)
#print("message: %s" % MESSAGE)

count = 10


#sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
#sock.sendto(MESSAGE, (UDP_IP, UDP_PORT))
#sock.sendto(bytes(MESSAGE, "utf-8"), (UDP_IP, UDP_PORT))
#sock.close()
#sys.exit()


#def read_commands():
try:
    print ("Creating read pipe... %s"  %options.socket_file )
    os.mkfifo(options.socket_file)    # Create pipe
    print ("Pipe %s created!" %options.socket_file )
except:
    print ("Pipe %s already exists" %options.socket_file )

#chmod 777 the file so everyone can talk to it
os.system('/bin/chmod 777 %s' %options.socket_file)


with open(options.socket_file, "r") as pipecmd:
    while True:
    time.sleep(.001)
    try:
    line = pipecmd.readline()
    if line != '' : #New Data
    if line == '\n' :
    continue
    print ('Raw Text : %s' %line)
    encoded_string = line.encode("ascii", 
"ignore")

    line = encoded_string.decode()
    line = create_ascii(line)
    line = line.ascii
    print ('Line after ASCII : %s' %line)
    print ( 'Line Count : %s' %len(line) )
    #line = data
    #go get my pid
    pid_process = '0'
    if options.pid == 'postfix' : #its a 
diverted postfix process get the actual pid from raw text
    pid_process = 
line.split('[',1)[1].split(']',1)[0]


    else :
    command = commands('/bin/ps 
-axww | /usr/bin/grep %s' %options.pid)

    print ()
    #print (command.output)

    for n in range 
(0,len(command.output)) :
    if '/bin/ps -axww | 
/usr/bin/grep' not in command.output[n] and '/usr/bin/grep' not in 
command.output[n] and '/usr/local/bin/python3' not in 
command.output[n]  :
pid_process = ( command.output.spli

Re: Permissions and ownership on /dev/shm/dovecot

2022-03-25 Thread João Silva 

In that case things can be more peacefull.

I once had the mail in a NFS storage and was told to move to local 
storage because of speed issues.


Really don't know if the .cache and .log should be put in a fast local 
storage to speed up things.


On 25/03/2022 16:40, doug wrote:
Thank you João! I too am concerned if this is a risky configuration. 
My understanding is that the list indexes are not critical and that is 
why the recommendation in an NFS environment is to place just those 
and the lock files in memory. Other index files are on permanent storage:


[doug@mailserverdev doug]$ find ./ -name *index*
./mail/mailboxes/INBOX/dbox-Mails/dovecot.index.cache
./mail/mailboxes/INBOX/dbox-Mails/dovecot.index.log
./mail/storage/dovecot.map.index.log.2
./mail/storage/dovecot.map.index
./mail/storage/dovecot.map.index.log

Should I still be concerned?

Doug

On 3/25/2022 11:46 AM, João Silva wrote:


I'm not sure about that configuration.

I have seen huge index cache files for users with lots of mail, 
putting those in memory may be a risk.



On 25/03/2022 14:56, doug wrote:

Hi,

Environment: Dovecot  2.3.18 running on CentOS 7, mdbox, LDAP users

I'm in the process of moving my mailboxes to NFS and moving with 
lock and index files in temp storage following instructions from 
https://doc.dovecot.org/configuration_manual/nfs.


I set mail_location as:

mail_location =

mdbox:/mailstore/%u/mail:VOLATILEDIR=/dev/shm/dovecot/%u:LISTINDEX=/dev/shm/dovecot/%u/dovecot.list.index

What I discovered is /dev/shm/dovecot is created by the initial user 
who accesses their mail from a client, and with permissions 700.  
This prevents subsequent users from creating their own index and 
lock files.


# ls -l /dev/shm/dovecot
total 0
drwx-- 2 mary users 60 Mar 25 10:00 mary

Sample error message from maillog during mail delivery and from a 
dsync script.


Mar 25 10:37:15 mailsrv1 dovecot: imap(doug)<19284>: 
Error: mkdir(/dev/shm/dovecot/doug) failed: Permission denied (euid=1002(doug) 
egid=100(users) missing +x perm: /dev/shm/dovecot, dir owned by 97:100 mode=0700)

dsync(test): Error: mkdir(/dev/shm/dovecot/test) failed: Permission denied 
(euid=2003(test) egid=100(users) missing +x perm: /dev/shm/dovecot, dir owned 
by 97:100 mode=0700)

I couldn't locate documentation or discussions on how to set the 
ownership or permissions for /dev/shm/dovecot in the Dovecot 
configuration files.


As a hack, I added this to /usr/libexec/dovecot/prestartscript.

! [[ -d  /dev/shm/dovecot ]] && mkdir /dev/shm/dovecot
chown dovecot:users /dev/shm/dovecot
chmod 770 /dev/shm/dovecot

This solved the problem, but left me wondering if I missed something 
obvious or if I am setting myself up for a problem later on, like 
with a Dovecot version upgrade. I could run these commands at bootup 
out of rc.local or a systemd script rather than customizing a 
Dovecot provided script.


Is there a appropriate way of doing this that I missed?

TIA,
Doug

Re: Permissions and ownership on /dev/shm/dovecot

2022-03-25 Thread João Silva 

I'm not sure about that configuration.

I have seen huge index cache files for users with lots of mail, putting 
those in memory may be a risk.



On 25/03/2022 14:56, doug wrote:

Hi,

Environment: Dovecot 2.3.18 running on CentOS 7, mdbox, LDAP users

I'm in the process of moving my mailboxes to NFS and moving with lock 
and index files in temp storage following instructions from 
https://doc.dovecot.org/configuration_manual/nfs.


I set mail_location as:

mail_location =

mdbox:/mailstore/%u/mail:VOLATILEDIR=/dev/shm/dovecot/%u:LISTINDEX=/dev/shm/dovecot/%u/dovecot.list.index

What I discovered is /dev/shm/dovecot is created by the initial user 
who accesses their mail from a client, and with permissions 700.  This 
prevents subsequent users from creating their own index and lock files.


# ls -l /dev/shm/dovecot
total 0
drwx-- 2 mary users 60 Mar 25 10:00 mary

Sample error message from maillog during mail delivery and from a 
dsync script.


Mar 25 10:37:15 mailsrv1 dovecot: imap(doug)<19284>: 
Error: mkdir(/dev/shm/dovecot/doug) failed: Permission denied (euid=1002(doug) 
egid=100(users) missing +x perm: /dev/shm/dovecot, dir owned by 97:100 mode=0700)

dsync(test): Error: mkdir(/dev/shm/dovecot/test) failed: Permission denied 
(euid=2003(test) egid=100(users) missing +x perm: /dev/shm/dovecot, dir owned 
by 97:100 mode=0700)

I couldn't locate documentation or discussions on how to set the 
ownership or permissions for /dev/shm/dovecot in the Dovecot 
configuration files.


As a hack, I added this to /usr/libexec/dovecot/prestartscript.

! [[ -d  /dev/shm/dovecot ]] && mkdir /dev/shm/dovecot
chown dovecot:users /dev/shm/dovecot
chmod 770 /dev/shm/dovecot

This solved the problem, but left me wondering if I missed something 
obvious or if I am setting myself up for a problem later on, like with 
a Dovecot version upgrade. I could run these commands at bootup out of 
rc.local or a systemd script rather than customizing a Dovecot 
provided script.


Is there a appropriate way of doing this that I missed?

TIA,
Doug

Re: Password Mismatch when connecting from Email Client

2022-02-04 Thread João Silva 


On 04/02/2022 16:51, Francis Greaves wrote:

My dovecot-sql.conf.ext file has this line:
default_pass_scheme = MD5-CRYPT
looking in the postfixadmin database passwords are encrypted


How? there are several ways to encrypt passwords. If the 
default_pass_scheme mismatch the way postfixadmin encrypts the passwords 
the verification will fail.







 On Fri, 04 Feb 2022 16:37:54 + *Benny Pedersen * 
wrote 


On 2022-02-04 17:17, Dr Francis Greaves wrote:

> Any help much appreciated.

what is stored in mysql on the password field ?

you dont need to expose passwords in maillists

Re: Password Mismatch when connecting from Email Client

2022-02-04 Thread João Silva 

The passwords are stored in plaintext in the database?

Already checked

https://github.com/postfixadmin/postfixadmin/blob/master/DOCUMENTS/DOVECOT.txt 



Once a dumped to a postfix admin database crypt passwords straight from 
/etc/shadow without a single issue, that's why I'm asking if the 
passwords are in plaintext or not.


On 04/02/2022 16:17, Dr Francis Greaves wrote:


Dear All

I have Postfix version 3.3.0, Dovecot Version 2.2.33.2 and 
PostfixAdmin version 3.3.10 using MySQL on a small device running 
Ubuntu VERSION="18.04.6 LTS (Bionic Beaver)" for my internal LAN Mail.


I have a user ad...@fsoft.nnet with a mailbox setup in PostfixAdmin 
with a password as 'Test75?'


Everything is running fine, but I cannot get my Email Client 
Thunderbird to connect.


I have setup the debugging to see that the correct password is being 
used, which it is, but I have this error:


dovecot: auth-worker(26468):
sql(ad...@fsoft.nnet,10.6.10.10,): Password
mismatch (given password: Test75?)

showing that dovecot disagrees!!!

Why is this? Is it something to do with the permissions in PostfixAdmin?

I did find a post on Server Fault 
 
where someone had the same problem. He just tried various passwords 
until he found one that worked I have not found any other post 
about this exact problem.


Any help much appreciated.

Regards
Francis

Re: Question about sieves

2021-11-10 Thread João Silva 
That was the first thing I thought, I checked a user (where I saw that 
happening) Trash folder and it was empty (maybe I need to check more cases).


I can search but maybe somebody already knows, I can put on the sieve 
one exception that prevents the pipe action in the case of the 
destination dir is Trash. What is the most effective way of doing that?


Thanks

On 10/11/2021 12:24, Aki Tuomi wrote:

On 10/11/2021 14:22 João Silva  wrote:

  
Hi


I'm having a problem related to Dovecot (version 2.2.36) sieves and I'm
not finding information.

I'm calling a sieve with

90-sieve.conf:  imapsieve_mailbox2_name = *
90-sieve.conf:  imapsieve_mailbox2_from = SPAM
90-sieve.conf:  imapsieve_mailbox2_causes = COPY
90-sieve.conf:  imapsieve_mailbox2_before =
file:/etc/dovecot/sieve/learn-ham.sieve

The SPAM folder have a autoexpunge set.

  From the log analysis I have a very strong suspect that the sieve is
being called when the mails from the Spam folder are expunged, is that
possible? Is any other imapsieve_mailbox2_causes that could be used to
prevent that?

Thanks

I'd guess this is happening because mail is being moved from SPAM to Trash.

Aki

Question about sieves

2021-11-10 Thread João Silva 

Hi

I'm having a problem related to Dovecot (version 2.2.36) sieves and I'm 
not finding information.


I'm calling a sieve with

90-sieve.conf:  imapsieve_mailbox2_name = *
90-sieve.conf:  imapsieve_mailbox2_from = SPAM
90-sieve.conf:  imapsieve_mailbox2_causes = COPY
90-sieve.conf:  imapsieve_mailbox2_before = 
file:/etc/dovecot/sieve/learn-ham.sieve


The SPAM folder have a autoexpunge set.

From the log analysis I have a very strong suspect that the sieve is 
being called when the mails from the Spam folder are expunged, is that 
possible? Is any other imapsieve_mailbox2_causes that could be used to 
prevent that?


Thanks