Random behavior with sieve extprograms

Thomas Sommer ts-2016 at flightsupport.ch
Tue May 31 20:51:51 UTC 2022 

Hi

I have a random behavior with dovecot and sieve extprograms.

Here is my sieve file:
require ["fileinto", "vnd.dovecot.pipe", "copy", "imap4flags"];
# rule:[DABS]
if header :contains "X-Original-To" "dabs at mydomain.ch"
{
	pipe "sieve-dabs-execute.sh";
	setflag "\\Seen";
	fileinto "acme.DABS";
	stop;
}

Emails matching the condition are processed by a laravel (php) artisan 
command. See service sieve-pipe-script below.
The exit code of this php command is 0.

I randomly get the following in my postfix logs:
Sieve thinks that the command failed, but the email was always processed 
correctly. In that case I get a copy in my Inbox.
I'm wondering what could be the cause for this random behavior.
My guess is that approximately 70% are processed correctly, 30% is as 
below.

May 31 13:50:38 star dovecot[99425]: 
lda(user)<99425><kma+MC4dlmJhhAEAzJBnyA>: sieve: 
msgid=<62961d1c.5y4hr0Vqi97JFnyb%DABS.zsmsvp02 at example.com>: fileinto 
action: stored mail into mailbox 'acme.DABS'
May 31 13:50:39 star dovecot[99425]: 
lda(user)<99425><kma+MC4dlmJhhAEAzJBnyA>: sieve: 
msgid=<62961d1c.5y4hr0Vqi97JFnyb%DABS.zsmsvp02 at example.com>: stored mail 
into mailbox 'INBOX'
May 31 13:50:39 star dovecot[99425]: 
lda(user)<99425><kma+MC4dlmJhhAEAzJBnyA>: sieve: Execution of script 
/home/user/sieve/.dovecot.sieve failed, but implicit keep was successful 
(user logfile /home/user/sieve/.dovecot.sieve.log may reveal additional 
details)

.dovecot.sieve.log:
sieve: info: started log at May 31 13:50:39.
error: failed to pipe message to program `sieve-dabs-execute.sh': refer 
to server log for more information. [2022-05-31 13:50:39].

It's weird. "failed to pipe message to program" is simply not true. The 
command was processed correctly.

Any ideas where to look for clues or how to debug this?

Regards
Thomas

config:

# 2.3.14 (cee3cbc0d): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.14 (1b5c82b2)
# OS: Linux 5.17.5-x86_64-linode154 x86_64 Ubuntu 20.04.4 LTS
auth_mechanisms = plain login
auth_username_format = %n
auth_verbose = yes
mail_location = maildir:~/Maildir
mail_plugins = " quota"
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope 
encoded-character vacation subaddress comparator-i;ascii-numeric 
relational regex imap4flags copy include variables body enotify 
environment mailbox date index ihave duplicate mime foreverypart 
extracttext vnd.dovecot.pipe vnd.dovecot.execute
namespace inbox {
   inbox = yes
   location =
   mailbox Drafts {
     special_use = \Drafts
   }
   mailbox Junk {
     special_use = \Junk
   }
   mailbox Sent {
     special_use = \Sent
   }
   mailbox "Sent Messages" {
     special_use = \Sent
   }
   mailbox Trash {
     special_use = \Trash
   }
   prefix =
}
passdb {
   driver = pam
}
plugin {
   quota = fs:User quota
   quota_grace = 1%%
   quota_status_nouser = DUNNO
   quota_status_overquota = 552 5.2.2 Mailbox is full
   quota_status_success = DUNNO
   sieve = file:~/sieve;active=~/sieve/.dovecot.sieve
   sieve_execute_socket_dir =
   sieve_extensions = +vnd.dovecot.pipe +vnd.dovecot.execute
   sieve_pipe_exec_timeout = 30s
   sieve_pipe_socket_dir =
   sieve_plugins = sieve_extprograms
   sieve_redirect_envelope_from = recipient
   sieve_trace_debug = no
   sieve_trace_dir = ~/sieve/trace
   sieve_trace_level = matching
}
protocols = imap sieve
service auth {
   unix_listener /var/spool/postfix/private/dovecot-auth {
     group = postfix
     mode = 0660
     user = postfix
   }
}
service quota-status {
   client_limit = 1
   executable = /usr/lib/dovecot/quota-status -p postfix
   inet_listener {
     address = 127.0.0.1
     port = 8881
   }
}
service sieve-pipe-script {
   executable = script /usr/bin/php /srv/www/mydomain/status/artisan 
dabs:processEmail
   unix_listener sieve-dabs-execute.sh {
     mode = 0660
     user = user
   }
   user = www-data
   vsz_limit = 512 M
}
ssl = required
ssl_cert = </etc/letsencrypt/live/star.mydomain.ch/fullchain.pem
ssl_cipher_list = AES128+EECDH:AES128+EDH
ssl_client_ca_dir = /etc/ssl/certs
ssl_dh = # hidden, use -P to show it
ssl_key = # hidden, use -P to show it
ssl_min_protocol = TLSv1.2
ssl_prefer_server_ciphers = yes
userdb {
   driver = passwd
}
protocol lda {
   deliver_log_format = msgid=%m: %$
   mail_plugins = " quota sieve"
   postmaster_address = postmaster at mydomain.ch
   quota_full_tempfail = yes
   rejection_reason = Your message to <%t> was automatically 
rejected:%n%r
}
protocol imap {
   mail_max_userip_connections = 20
   mail_plugins = " quota mail_log notify imap_quota"
}

More information about the dovecot mailing list