Re: Dovecot, TLS and Sieve.
On 2013-10-14, Maxime wrote: > Ok I found my mistake: the login class! > Now I dont know if my rules works, but at least I can connect to my > server with sieve enable! > > Thanks again Bernd and Vijay. > > > I found the issue in a previous thread (.1) which makes me read a... > README (.2). Ah good, I added openfiles-max in there as higher than openfiles-cur. (otherwise there would be tears when people upgrade to 5.4 without reading the upgrade notes :)
Re: Dovecot, TLS and Sieve.
Ok I found my mistake: the login class!
Now I dont know if my rules works, but at least I can connect to my
server with sieve enable!
Thanks again Bernd and Vijay.
I found the issue in a previous thread (.1) which makes me read a...
README (.2).
Finally I want to recommend the Michael W. Lucas's
"Absolute OpenBSD, 2nd Edition" book (.3) which is, I think, a must have
for every OpenBSD beginners.
Maxime
-
(1) http://marc.info/?l=openbsd-misc&m=134340250330920&w=2
(2)
http://www.openbsd.org/cgi-bin/cvsweb/ports/mail/dovecot/pkg/README-server?rev=1.1;content-type=text%2Fplain
(3) https://www.michaelwlucas.com/nonfiction/absolute-openbsd-2nd-edition
Le 14/10/2013 18:36, Maxime a écrit :
> Hello Bernd.
>
> Le 14/10/2013 08:26, Bernte a écrit :
>> Dear Maxime,
>>
>> I am running a very similar setup, without any problems running Sieve. I
>> have added my output of dovecot -n below, but perhaps you can see
>> anything that is different.
>>
>> Also, please have a look at the /var/dovecot directory. Perhaps there
>> are some permissions wrong. I have also added the output from my
>> configuration below.
>>
>> If you want to delta-debug, I am happy to provide any more information.
>>
>> Regards,
>> Bernd
>>
>
> I made my dovecot's configuration looks like yours and it's still not
> working. I'm going to be crazy! Especially as I guess I missed
> something, somewhere.
>
> I had a look to the /var/dovecot directory as you suggested but it seems
> fine too. Also I did a chmod a+r of my private key (and his parent
> directory) but nop, no change.
>
> Anyway your help is really appreciated.
>
>
> Off mailing-list a nice guy made me check my pf's configuration, but all
> ok (no filtering locally).
>
> # netstat -nat | grep LISTEN | grep -E "4190|2000"
> tcp 0 0 *.2000 *.*LISTEN
> tcp 0 0 *.4190 *.*LISTEN
> tcp6 0 0 *.2000 *.*LISTEN
> tcp6 0 0 *.4190 *.*LISTEN
>
> # telnet 91.121.65.29 4190 (same results for localhost or ipv6)
> Trying 91.121.65.29...
> Connected to 91.121.65.29.
> Escape character is '^]'.
> ^]
> telnet> quit
>
>
> Maxime
>
> -
>
> # 2.1.15: /etc/dovecot/dovecot.conf
> # OS: OpenBSD 5.3 amd64
> first_valid_uid = 1000
> managesieve_notify_capability = mailto
> managesieve_sieve_capability = fileinto reject envelope
> encoded-character vacation subaddress comparator-i;ascii-numeric
> relational regex imap4flags copy include variables body enotify
> environment mailbox date ihave
> mbox_write_locks = fcntl
> mmap_disable = yes
> namespace inbox {
> inbox = yes
> location =
> mailbox Drafts {
> special_use = \Drafts
> }
> mailbox Junk {
> special_use = \Junk
> }
> mailbox Sent {
> special_use = \Sent
> }
> mailbox "Sent Messages" {
> special_use = \Sent
> }
> mailbox Trash {
> special_use = \Trash
> }
> prefix =
> }
> passdb {
> driver = bsdauth
> }
> plugin {
> sieve = ~/.dovecot.sieve
> sieve_dir = ~/sieve
> }
> protocols = imap pop3 lmtp sieve
> service auth {
> user = $default_internal_user
> }
> service managesieve-login {
> inet_listener sieve {
> port = 4190
> }
> inet_listener sieve_deprecated {
> port = 2000
> }
> }
> ssl_ca = ssl_cert = ssl_key = userdb {
> driver = passwd
> }
> protocol lmtp {
> mail_plugins = sieve
> }
> protocol lda {
> mail_plugins = sieve
> }
> protocol imap {
> imap_client_workarounds = delay-newmail tb-extra-mailbox-sep tb-lsub-flags
> }
> protocol pop3 {
> pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
> }
>
> ###
>
> # ll -a /var/dovecot/
>
>
> total 32
> drwxr-xr-x 4 root wheel 1024 Oct 14 18:22 .
> drwxr-xr-x 25 root wheel 512 Aug 24 19:20 ..
> srw--- 1 root wheel 0 Oct 14 18:19 anvil
> srw--- 1 root wheel 0 Oct 14 18:19 anvil-auth-penalty
> srw--- 1 root wheel 0 Oct 14 18:19 auth-client
> srw--- 1 _dovecot wheel 0 Oct 14 18:19 auth-login
> srw--- 1 root wheel 0 Oct 14 18:19 auth-master
> srw-rw-rw- 1 _dovecot wheel 0 Oct 14 18:19 auth-userdb
> srw--- 1 _dovecot wheel 0 Oct 14 18:19 auth-worker
> srw--- 1 root wheel 0 Oct 14 18:19 config
> srw--- 1 root wheel 0 Oct 14 18:19 dict
> srw--- 1 root wheel 0 Oct 14 18:19 director-admin
> srw--- 1 root wheel 0 Oct 14 18:19 director-userdb
> srw-rw-rw- 1 root wheel 0 Oct 14 18:19 dns-client
> srw--- 1 root wheel 0 Oct 14 18:19 doveadm-server
> lrwx-- 1 root wheel25 Oct 14 18:19 dovecot.conf ->
> /etc/dovecot/dovecot.conf
> drwxr-xr-x 2 root wheel 512 May 19 15:14 empty
> srw-rw-rw- 1 root wheel 0 Oct 14 18:19 index
Re: Dovecot, TLS and Sieve.
Hello Bernd.
Le 14/10/2013 08:26, Bernte a écrit :
> Dear Maxime,
>
> I am running a very similar setup, without any problems running Sieve. I
> have added my output of dovecot -n below, but perhaps you can see
> anything that is different.
>
> Also, please have a look at the /var/dovecot directory. Perhaps there
> are some permissions wrong. I have also added the output from my
> configuration below.
>
> If you want to delta-debug, I am happy to provide any more information.
>
> Regards,
> Bernd
>
I made my dovecot's configuration looks like yours and it's still not
working. I'm going to be crazy! Especially as I guess I missed
something, somewhere.
I had a look to the /var/dovecot directory as you suggested but it seems
fine too. Also I did a chmod a+r of my private key (and his parent
directory) but nop, no change.
Anyway your help is really appreciated.
Off mailing-list a nice guy made me check my pf's configuration, but all
ok (no filtering locally).
# netstat -nat | grep LISTEN | grep -E "4190|2000"
tcp 0 0 *.2000 *.*LISTEN
tcp 0 0 *.4190 *.*LISTEN
tcp6 0 0 *.2000 *.*LISTEN
tcp6 0 0 *.4190 *.*LISTEN
# telnet 91.121.65.29 4190 (same results for localhost or ipv6)
Trying 91.121.65.29...
Connected to 91.121.65.29.
Escape character is '^]'.
^]
telnet> quit
Maxime
-
# 2.1.15: /etc/dovecot/dovecot.conf
# OS: OpenBSD 5.3 amd64
first_valid_uid = 1000
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date ihave
mbox_write_locks = fcntl
mmap_disable = yes
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
}
passdb {
driver = bsdauth
}
plugin {
sieve = ~/.dovecot.sieve
sieve_dir = ~/sieve
}
protocols = imap pop3 lmtp sieve
service auth {
user = $default_internal_user
}
service managesieve-login {
inet_listener sieve {
port = 4190
}
inet_listener sieve_deprecated {
port = 2000
}
}
ssl_ca =
/etc/dovecot/dovecot.conf
drwxr-xr-x 2 root wheel 512 May 19 15:14 empty
srw-rw-rw- 1 root wheel 0 Oct 14 18:19 indexer
srw--- 1 _dovecot wheel 0 Oct 14 18:19 indexer-worker
-rw-r--r-- 1 root wheel58 Oct 14 18:19 instances
srw--- 1 root wheel 0 Oct 14 18:19 ipc
srw-rw-rw- 1 root wheel 0 Oct 14 18:19 lmtp
srw--- 1 root wheel 0 Oct 14 18:19 log-errors
drwxr-x--- 2 root _dovenull 512 Oct 14 18:19 login
-rw--- 1 root wheel 6 Oct 14 18:19 master.pid
-rw-r--r-- 1 root wheel 133 Oct 14 18:19 mounts
srw--- 1 root wheel 0 Oct 14 18:19 replication-notify
prw--- 1 root wheel 0 Oct 14 18:19
replication-notify-fifo
srw--- 1 _dovecot wheel 0 Oct 14 18:19 replicator
-rw-r--r-- 1 root wheel 230 Oct 12 17:44 ssl-parameters.dat
srw--- 1 root wheel 0 Oct 14 18:19 stats
prw--- 1 root wheel 0 Oct 14 18:19 stats-mail
Re: Dovecot, TLS and Sieve.
On 10/13/13 7:27 PM, Maxime wrote:> Hi all.
>
> I'm trying to use Sieve with Dovecot and imaps (OpenBSD 5.3).
>
> When sieve protocol is enabled I can't connect to my IMAP server
> anymore; as soon as I remove sieve from the "protocols" list it works
again.
> Does anyone already experienced this?
> Any help would be really appreciated.
Dear Maxime,
I am running a very similar setup, without any problems running Sieve. I
have added my output of dovecot -n below, but perhaps you can see
anything that is different.
Also, please have a look at the /var/dovecot directory. Perhaps there
are some permissions wrong. I have also added the output from my
configuration below.
If you want to delta-debug, I am happy to provide any more information.
Regards,
Bernd
--
# 2.1.15: /etc/dovecot/dovecot.conf
# OS: OpenBSD 5.3 amd64
first_valid_uid = 1000
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date ihave
mbox_write_locks = fcntl
mmap_disable = yes
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
}
passdb {
driver = bsdauth
}
plugin {
sieve = ~/.dovecot.sieve
sieve_dir = ~/sieve
}
protocols = imap pop3 lmtp sieve
service auth {
user = $default_internal_user
}
service managesieve-login {
inet_listener sieve {
port = 4190
}
inet_listener sieve_deprecated {
port = 2000
}
}
ssl_cert = imap_client_workarounds = delay-newmail tb-extra-mailbox-sep
tb-lsub-flags
mail_max_userip_connections = 30
}
protocol pop3 {
pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
}
-
total 64
drwxr-xr-x 4 root wheel 1024 Oct 14 06:11 .
drwxr-xr-x 32 root wheel 512 Feb 27 2013 ..
srw--- 1 root wheel 0 Jul 27 19:09 anvil
srw--- 1 root wheel 0 Jul 27 19:09 anvil-auth-penalty
srw--- 1 root wheel 0 Jul 27 19:09 auth-client
srw--- 1 _dovecot wheel 0 Jul 27 19:09 auth-login
srw--- 1 root wheel 0 Jul 27 19:09 auth-master
srw-rw-rw- 1 _dovecot wheel 0 Jul 27 19:09 auth-userdb
srw--- 1 _dovecot wheel 0 Jul 27 19:09 auth-worker
srw--- 1 root wheel 0 Jul 27 19:09 config
srw--- 1 root wheel 0 Jul 27 19:09 dict
srw--- 1 root wheel 0 Jul 27 19:09 director-admin
srw--- 1 root wheel 0 Jul 27 19:09 director-userdb
srw-rw-rw- 1 root wheel 0 Jul 27 19:09 dns-client
srw--- 1 root wheel 0 Jul 27 19:09 doveadm-server
lrwx-- 1 root wheel25 Jul 27 19:09 dovecot.conf ->
/etc/dovecot/dovecot.conf
drwxr-xr-x 2 root wheel 512 Dec 30 2012 empty
srw-rw-rw- 1 root wheel 0 Jul 27 19:09 indexer
srw--- 1 _dovecot wheel 0 Jul 27 19:09 indexer-worker
-rw-r--r-- 1 root wheel58 Oct 13 21:54 instances
srw--- 1 root wheel 0 Jul 27 19:09 ipc
srw-rw-rw- 1 root wheel 0 Jul 27 19:09 lmtp
srw--- 1 root wheel 0 Jul 27 19:09 log-errors
drwxr-x--- 2 root _dovenull 512 Jul 27 19:09 login
-rw--- 1 root wheel 6 Jul 27 19:09 master.pid
-rw-r--r-- 1 root wheel58 Jul 27 19:09 mounts
srw--- 1 root wheel 0 Jul 27 19:09 replication-notify
prw--- 1 root wheel 0 Jul 27 19:09
replication-notify-fifo
srw--- 1 _dovecot wheel 0 Jul 27 19:09 replicator
-rw-r--r-- 1 root wheel 230 Oct 14 02:22 ssl-parameters.dat
srw--- 1 root wheel 0 Jul 27 19:09 stats
prw--- 1 root wheel 0 Jul 27 19:09 stats-mail
-
Dovecot, TLS and Sieve.
Hi all.
I'm trying to use Sieve with Dovecot and imaps (OpenBSD 5.3).
When sieve protocol is enabled I can't connect to my IMAP server
anymore; as soon as I remove sieve from the "protocols" list it works again.
Here is the dovecot logs:
Oct 13 17:32:54 dovecot: anvil: Fatal: Error reading configuration:
Timeout reading config from /var/dovecot/config
Oct 13 17:32:54 dovecot: master: Error: service(anvil): command startup
failed, throttling for 2 secs
Oct 13 17:32:54 dovecot: ssl-params: Fatal: Error reading configuration:
Timeout reading config from /var/dovecot/config
Oct 13 17:32:54 dovecot: master: Error: service(ssl-params): command
startup failed, throttling for 2 secs
Oct 13 17:32:55 dovecot: imap-login: Fatal: Error reading configuration:
Timeout reading config from /var/dovecot/config
Oct 13 17:32:55 dovecot: master: Error: service(imap-login): command
startup failed, throttling for 2 secs
No error returned by "dovecot -F".
Here is the result of a gnutls-cli test:
*** Fatal error: The TLS connection was non-properly terminated.
*** Handshake has failed
GnuTLS error: The TLS connection was non-properly terminated.
Does anyone already experienced this?
Any help would be really appreciated.
Thanks.
# dovecot --version
2.1.15
# dovecot -n
# 2.1.15: /etc/dovecot/dovecot.conf
# OS: OpenBSD 5.3 amd64
first_valid_uid = 1000
mail_location = maildir:~/Maildir
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date ihave
mbox_write_locks = fcntl
mmap_disable = yes
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
}
passdb {
driver = bsdauth
}
plugin {
sieve = ~/.dovecot.sieve
sieve_dir = ~/sieve
}
protocols = imap sieve
service auth {
unix_listener /var/spool/postfix/private/auth {
mode = 0666
user = _postfix
}
}
service imap-login {
inet_listener imap {
port = 0
}
inet_listener imaps {
port = 993
ssl = yes
}
}
service managesieve-login {
inet_listener sieve {
port = 4190
}
inet_listener sieve_deprecated {
port = 2000
}
}
service pop3-login {
inet_listener pop3 {
port = 0
}
inet_listener pop3s {
port = 0
}
}
ssl_ca =
