Re: Dovecot, TLS and Sieve.
On 2013-10-14, Maxime wrote: > Ok I found my mistake: the login class! > Now I dont know if my rules works, but at least I can connect to my > server with sieve enable! > > Thanks again Bernd and Vijay. > > > I found the issue in a previous thread (.1) which makes me read a... > README (.2). Ah good, I added openfiles-max in there as higher than openfiles-cur. (otherwise there would be tears when people upgrade to 5.4 without reading the upgrade notes :)
Re: Dovecot, TLS and Sieve.
Ok I found my mistake: the login class! Now I dont know if my rules works, but at least I can connect to my server with sieve enable! Thanks again Bernd and Vijay. I found the issue in a previous thread (.1) which makes me read a... README (.2). Finally I want to recommend the Michael W. Lucas's "Absolute OpenBSD, 2nd Edition" book (.3) which is, I think, a must have for every OpenBSD beginners. Maxime - (1) http://marc.info/?l=openbsd-misc&m=134340250330920&w=2 (2) http://www.openbsd.org/cgi-bin/cvsweb/ports/mail/dovecot/pkg/README-server?rev=1.1;content-type=text%2Fplain (3) https://www.michaelwlucas.com/nonfiction/absolute-openbsd-2nd-edition Le 14/10/2013 18:36, Maxime a écrit : > Hello Bernd. > > Le 14/10/2013 08:26, Bernte a écrit : >> Dear Maxime, >> >> I am running a very similar setup, without any problems running Sieve. I >> have added my output of dovecot -n below, but perhaps you can see >> anything that is different. >> >> Also, please have a look at the /var/dovecot directory. Perhaps there >> are some permissions wrong. I have also added the output from my >> configuration below. >> >> If you want to delta-debug, I am happy to provide any more information. >> >> Regards, >> Bernd >> > > I made my dovecot's configuration looks like yours and it's still not > working. I'm going to be crazy! Especially as I guess I missed > something, somewhere. > > I had a look to the /var/dovecot directory as you suggested but it seems > fine too. Also I did a chmod a+r of my private key (and his parent > directory) but nop, no change. > > Anyway your help is really appreciated. > > > Off mailing-list a nice guy made me check my pf's configuration, but all > ok (no filtering locally). > > # netstat -nat | grep LISTEN | grep -E "4190|2000" > tcp 0 0 *.2000 *.*LISTEN > tcp 0 0 *.4190 *.*LISTEN > tcp6 0 0 *.2000 *.*LISTEN > tcp6 0 0 *.4190 *.*LISTEN > > # telnet 91.121.65.29 4190 (same results for localhost or ipv6) > Trying 91.121.65.29... > Connected to 91.121.65.29. > Escape character is '^]'. > ^] > telnet> quit > > > Maxime > > - > > # 2.1.15: /etc/dovecot/dovecot.conf > # OS: OpenBSD 5.3 amd64 > first_valid_uid = 1000 > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope > encoded-character vacation subaddress comparator-i;ascii-numeric > relational regex imap4flags copy include variables body enotify > environment mailbox date ihave > mbox_write_locks = fcntl > mmap_disable = yes > namespace inbox { > inbox = yes > location = > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = > } > passdb { > driver = bsdauth > } > plugin { > sieve = ~/.dovecot.sieve > sieve_dir = ~/sieve > } > protocols = imap pop3 lmtp sieve > service auth { > user = $default_internal_user > } > service managesieve-login { > inet_listener sieve { > port = 4190 > } > inet_listener sieve_deprecated { > port = 2000 > } > } > ssl_ca = ssl_cert = ssl_key = userdb { > driver = passwd > } > protocol lmtp { > mail_plugins = sieve > } > protocol lda { > mail_plugins = sieve > } > protocol imap { > imap_client_workarounds = delay-newmail tb-extra-mailbox-sep tb-lsub-flags > } > protocol pop3 { > pop3_client_workarounds = outlook-no-nuls oe-ns-eoh > } > > ### > > # ll -a /var/dovecot/ > > > total 32 > drwxr-xr-x 4 root wheel 1024 Oct 14 18:22 . > drwxr-xr-x 25 root wheel 512 Aug 24 19:20 .. > srw--- 1 root wheel 0 Oct 14 18:19 anvil > srw--- 1 root wheel 0 Oct 14 18:19 anvil-auth-penalty > srw--- 1 root wheel 0 Oct 14 18:19 auth-client > srw--- 1 _dovecot wheel 0 Oct 14 18:19 auth-login > srw--- 1 root wheel 0 Oct 14 18:19 auth-master > srw-rw-rw- 1 _dovecot wheel 0 Oct 14 18:19 auth-userdb > srw--- 1 _dovecot wheel 0 Oct 14 18:19 auth-worker > srw--- 1 root wheel 0 Oct 14 18:19 config > srw--- 1 root wheel 0 Oct 14 18:19 dict > srw--- 1 root wheel 0 Oct 14 18:19 director-admin > srw--- 1 root wheel 0 Oct 14 18:19 director-userdb > srw-rw-rw- 1 root wheel 0 Oct 14 18:19 dns-client > srw--- 1 root wheel 0 Oct 14 18:19 doveadm-server > lrwx-- 1 root wheel25 Oct 14 18:19 dovecot.conf -> > /etc/dovecot/dovecot.conf > drwxr-xr-x 2 root wheel 512 May 19 15:14 empty > srw-rw-rw- 1 root wheel 0 Oct 14 18:19 index
Re: Dovecot, TLS and Sieve.
Hello Bernd. Le 14/10/2013 08:26, Bernte a écrit : > Dear Maxime, > > I am running a very similar setup, without any problems running Sieve. I > have added my output of dovecot -n below, but perhaps you can see > anything that is different. > > Also, please have a look at the /var/dovecot directory. Perhaps there > are some permissions wrong. I have also added the output from my > configuration below. > > If you want to delta-debug, I am happy to provide any more information. > > Regards, > Bernd > I made my dovecot's configuration looks like yours and it's still not working. I'm going to be crazy! Especially as I guess I missed something, somewhere. I had a look to the /var/dovecot directory as you suggested but it seems fine too. Also I did a chmod a+r of my private key (and his parent directory) but nop, no change. Anyway your help is really appreciated. Off mailing-list a nice guy made me check my pf's configuration, but all ok (no filtering locally). # netstat -nat | grep LISTEN | grep -E "4190|2000" tcp 0 0 *.2000 *.*LISTEN tcp 0 0 *.4190 *.*LISTEN tcp6 0 0 *.2000 *.*LISTEN tcp6 0 0 *.4190 *.*LISTEN # telnet 91.121.65.29 4190 (same results for localhost or ipv6) Trying 91.121.65.29... Connected to 91.121.65.29. Escape character is '^]'. ^] telnet> quit Maxime - # 2.1.15: /etc/dovecot/dovecot.conf # OS: OpenBSD 5.3 amd64 first_valid_uid = 1000 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mbox_write_locks = fcntl mmap_disable = yes namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = bsdauth } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap pop3 lmtp sieve service auth { user = $default_internal_user } service managesieve-login { inet_listener sieve { port = 4190 } inet_listener sieve_deprecated { port = 2000 } } ssl_ca = /etc/dovecot/dovecot.conf drwxr-xr-x 2 root wheel 512 May 19 15:14 empty srw-rw-rw- 1 root wheel 0 Oct 14 18:19 indexer srw--- 1 _dovecot wheel 0 Oct 14 18:19 indexer-worker -rw-r--r-- 1 root wheel58 Oct 14 18:19 instances srw--- 1 root wheel 0 Oct 14 18:19 ipc srw-rw-rw- 1 root wheel 0 Oct 14 18:19 lmtp srw--- 1 root wheel 0 Oct 14 18:19 log-errors drwxr-x--- 2 root _dovenull 512 Oct 14 18:19 login -rw--- 1 root wheel 6 Oct 14 18:19 master.pid -rw-r--r-- 1 root wheel 133 Oct 14 18:19 mounts srw--- 1 root wheel 0 Oct 14 18:19 replication-notify prw--- 1 root wheel 0 Oct 14 18:19 replication-notify-fifo srw--- 1 _dovecot wheel 0 Oct 14 18:19 replicator -rw-r--r-- 1 root wheel 230 Oct 12 17:44 ssl-parameters.dat srw--- 1 root wheel 0 Oct 14 18:19 stats prw--- 1 root wheel 0 Oct 14 18:19 stats-mail
Re: Dovecot, TLS and Sieve.
On 10/13/13 7:27 PM, Maxime wrote:> Hi all. > > I'm trying to use Sieve with Dovecot and imaps (OpenBSD 5.3). > > When sieve protocol is enabled I can't connect to my IMAP server > anymore; as soon as I remove sieve from the "protocols" list it works again. > Does anyone already experienced this? > Any help would be really appreciated. Dear Maxime, I am running a very similar setup, without any problems running Sieve. I have added my output of dovecot -n below, but perhaps you can see anything that is different. Also, please have a look at the /var/dovecot directory. Perhaps there are some permissions wrong. I have also added the output from my configuration below. If you want to delta-debug, I am happy to provide any more information. Regards, Bernd -- # 2.1.15: /etc/dovecot/dovecot.conf # OS: OpenBSD 5.3 amd64 first_valid_uid = 1000 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mbox_write_locks = fcntl mmap_disable = yes namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = bsdauth } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap pop3 lmtp sieve service auth { user = $default_internal_user } service managesieve-login { inet_listener sieve { port = 4190 } inet_listener sieve_deprecated { port = 2000 } } ssl_cert = imap_client_workarounds = delay-newmail tb-extra-mailbox-sep tb-lsub-flags mail_max_userip_connections = 30 } protocol pop3 { pop3_client_workarounds = outlook-no-nuls oe-ns-eoh } - total 64 drwxr-xr-x 4 root wheel 1024 Oct 14 06:11 . drwxr-xr-x 32 root wheel 512 Feb 27 2013 .. srw--- 1 root wheel 0 Jul 27 19:09 anvil srw--- 1 root wheel 0 Jul 27 19:09 anvil-auth-penalty srw--- 1 root wheel 0 Jul 27 19:09 auth-client srw--- 1 _dovecot wheel 0 Jul 27 19:09 auth-login srw--- 1 root wheel 0 Jul 27 19:09 auth-master srw-rw-rw- 1 _dovecot wheel 0 Jul 27 19:09 auth-userdb srw--- 1 _dovecot wheel 0 Jul 27 19:09 auth-worker srw--- 1 root wheel 0 Jul 27 19:09 config srw--- 1 root wheel 0 Jul 27 19:09 dict srw--- 1 root wheel 0 Jul 27 19:09 director-admin srw--- 1 root wheel 0 Jul 27 19:09 director-userdb srw-rw-rw- 1 root wheel 0 Jul 27 19:09 dns-client srw--- 1 root wheel 0 Jul 27 19:09 doveadm-server lrwx-- 1 root wheel25 Jul 27 19:09 dovecot.conf -> /etc/dovecot/dovecot.conf drwxr-xr-x 2 root wheel 512 Dec 30 2012 empty srw-rw-rw- 1 root wheel 0 Jul 27 19:09 indexer srw--- 1 _dovecot wheel 0 Jul 27 19:09 indexer-worker -rw-r--r-- 1 root wheel58 Oct 13 21:54 instances srw--- 1 root wheel 0 Jul 27 19:09 ipc srw-rw-rw- 1 root wheel 0 Jul 27 19:09 lmtp srw--- 1 root wheel 0 Jul 27 19:09 log-errors drwxr-x--- 2 root _dovenull 512 Jul 27 19:09 login -rw--- 1 root wheel 6 Jul 27 19:09 master.pid -rw-r--r-- 1 root wheel58 Jul 27 19:09 mounts srw--- 1 root wheel 0 Jul 27 19:09 replication-notify prw--- 1 root wheel 0 Jul 27 19:09 replication-notify-fifo srw--- 1 _dovecot wheel 0 Jul 27 19:09 replicator -rw-r--r-- 1 root wheel 230 Oct 14 02:22 ssl-parameters.dat srw--- 1 root wheel 0 Jul 27 19:09 stats prw--- 1 root wheel 0 Jul 27 19:09 stats-mail -
Dovecot, TLS and Sieve.
Hi all. I'm trying to use Sieve with Dovecot and imaps (OpenBSD 5.3). When sieve protocol is enabled I can't connect to my IMAP server anymore; as soon as I remove sieve from the "protocols" list it works again. Here is the dovecot logs: Oct 13 17:32:54 dovecot: anvil: Fatal: Error reading configuration: Timeout reading config from /var/dovecot/config Oct 13 17:32:54 dovecot: master: Error: service(anvil): command startup failed, throttling for 2 secs Oct 13 17:32:54 dovecot: ssl-params: Fatal: Error reading configuration: Timeout reading config from /var/dovecot/config Oct 13 17:32:54 dovecot: master: Error: service(ssl-params): command startup failed, throttling for 2 secs Oct 13 17:32:55 dovecot: imap-login: Fatal: Error reading configuration: Timeout reading config from /var/dovecot/config Oct 13 17:32:55 dovecot: master: Error: service(imap-login): command startup failed, throttling for 2 secs No error returned by "dovecot -F". Here is the result of a gnutls-cli test: *** Fatal error: The TLS connection was non-properly terminated. *** Handshake has failed GnuTLS error: The TLS connection was non-properly terminated. Does anyone already experienced this? Any help would be really appreciated. Thanks. # dovecot --version 2.1.15 # dovecot -n # 2.1.15: /etc/dovecot/dovecot.conf # OS: OpenBSD 5.3 amd64 first_valid_uid = 1000 mail_location = maildir:~/Maildir managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mbox_write_locks = fcntl mmap_disable = yes namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = bsdauth } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap sieve service auth { unix_listener /var/spool/postfix/private/auth { mode = 0666 user = _postfix } } service imap-login { inet_listener imap { port = 0 } inet_listener imaps { port = 993 ssl = yes } } service managesieve-login { inet_listener sieve { port = 4190 } inet_listener sieve_deprecated { port = 2000 } } service pop3-login { inet_listener pop3 { port = 0 } inet_listener pop3s { port = 0 } } ssl_ca =