[Dovecot] problems with sieve and lda

Daniel L. Miller dmiller at amfes.com
Wed Aug 13 09:37:05 EEST 2008


Harondel J. Sibble wrote:
> On 11 Aug 2008 at 8:24, Eduardo M KALINOWSKI wrote:
>
>   
>> How are you calling deliver in postfix? Do you see in postfix's logs the
>> messages being handled to deliver?
>>     
>
>
> Hmm, oddly enough, adding a .forward in the users home dir with 
>
>     | "/usr/libexec/dovecot/deliver"
>
> Then everything works. Any ideas why?  According to everything I've read 
> including the wiki, that shouldn't be necessary.
>   
I'll give it a shot.  My Postfix/Dovecot is under Debian/Ubuntu - but 
that shouldn't matter too much.  My configuration is based on all 
virtual users/mailboxes - and all mail is owned by the mail user/group.  
May have to adjust for yours.

First of all, Dovecot authorization has to be setup.  I went whole hog 
and am using Dovecot for client authorization with Postfix - I recommend 
it.  So, in your dovecot.conf file:
auth default {
    [...]
  socket listen {
    master {
      # Master socket provides access to userdb information. It's typically
      # used to give Dovecot's local delivery agent access to userdb so it
      # can find mailbox locations.
      path = /var/run/dovecot/auth-master
      mode = 0600
      # Default user/group is the one who started dovecot-auth (root)
      user = vmail
      group = mail
    }
    client {
      # The client socket is generally safe to export to everyone. 
Typical use
      # is to export it to your SMTP server so it can do SMTP AUTH lookups
      # using it.
      path = /var/spool/postfix/var/dovecot
      mode = 0666
      user = vmail
      group = mail
    }
  }
    [...]
}

Note the two paths - the auth server and client.  These paths must 
exist.  If not ... you're going to have problems.  Also - the client 
path (in my case /var/spool/postfix/var/dovecot) must be read/writeable 
by whatever user deliver is running as.  In particular, 
/var/spool/postfix/var must be readable by the deliver user.

Also - based on the error message you show, you need to verify 
/var/run/dovecot/auth-master.  Same permission issues apply.  Based on 
your reported error messages - this is probably something you need to 
look hard at.

Now in Postfix, ONE of the important settings is smtpd_sasl_path.  In my 
case, it's set to "var/dovecot".  Notice, when added to the chroot that 
Postfix operates in (/var/spool/postfix, for my own server) it matches 
the path defined in the client auth section in dovecot.conf.

Now for me, I wanted even more flexibility than the built-in behaviors 
of Postfix and Dovecot provide - however thanks to the defined 
flexibility of both programs it was easy to get what I wanted.  In 
master.cf, I've defined two transports:

dovecot unix    -       n       n       -       -       pipe
    flags=ODRhu user=vmail:mail argv=/usr/lib/dovecot/deliver -f 
${sender} -d ${recipient}

dsieve  unix    -       n       n       -       -       pipe
    flags=ODRhu user=vmail:mail 
argv=/usr/local/bin/do_postfix_deliver.sh ${sender} ${recipient}

The "dovecot" transport is for users not using sieve.  I've made that 
the default for users by setting "virtual_transport = dovecot" in main.cf.

The dsieve (short for deliver + sieve) transport enables sieve.  How?  
The magic of /usr/local/bin/do_postfix_deliver.sh:
#!/bin/sh
#
# The following parameters are passed to this script
#
# Sending address
# Destination address
# Message (piped)
#
PD_SENDER=$1
PD_DESTINATION=$2

PD_DOMAIN=`echo $PD_DESTINATION|sed s/@.*$//`
PD_USER=`echo $PD_DESTINATION|sed s/^.*@//`

HOME=/var/mail/${PD_DOMAIN}/${PD_USER}
MAIL=$HOME
export HOME
export MAIL

/usr/lib/dovecot/deliver -f ${PD_SENDER} -d ${PD_DESTINATION}
#EOF

I used this method because I wanted to minimize the information 
necessary in my LDAP database.  For everything mail related, the only 
items necessary are the complete email address and a password - 
everything else is generated from there.  I've been advised I should 
change my MAIL parameter to be something like $HOME/Maildir - I'll 
probably do that when I upgrade from 1.0.

Hope this helps.
-- 
Daniel


More information about the dovecot mailing list