Hello Colin,

On my installation, managesieve is configured in its own plugin directory :

/var/www/roundcubemail/plugins/managesieve/




Here's what works for me :

root@messagerie-principale[10.10.10.19] /var/www/roundcubemail-1.2.4/plugins/managesieve # pretty.remove.blanks+comments config.inc.php
<?php
$config['managesieve_port'] = null;
$config['managesieve_host'] = 'localhost';
$config['managesieve_auth_type'] = null;
$config['managesieve_auth_cid'] = null;
$config['managesieve_auth_pw'] = null;
$config['managesieve_usetls'] = false;
$config['managesieve_conn_options'] = null;
$config['managesieve_default'] = '/etc/dovecot/sieve/global';
$config['managesieve_script_name'] = 'managesieve';
$config['managesieve_mbox_encoding'] = 'UTF-8';
$config['managesieve_replace_delimiter'] = '';
$config['managesieve_disabled_extensions'] = array();
$config['managesieve_debug'] = false;
$config['managesieve_kolab_master'] = false;
$config['managesieve_filename_extension'] = '.sieve';
$config['managesieve_filename_exceptions'] = array();
$config['managesieve_domains'] = array();
$config['managesieve_vacation'] = 1;
$config['managesieve_vacation_interval'] = 0;
$config['managesieve_vacation_addresses_init'] = false;
$config['managesieve_notify_methods'] = array('mailto');
root@messagerie-principale[10.10.10.19] /var/www/roundcubemail-1.2.4/plugins/managesieve #




prety.remove.blanks+comments is just a grep alias :

$ type pretty.remove.blanks+comments
pretty.remove.blanks+comments is aliased to `egrep -v '(^[[:space:]]*#|^$|^[[:space:]]*//|^[[:space:]]*;)''
$

Maybe you could use this alias and print your config as requested?

Best,
-- 
Yassine -- sysadm
Le 11/23/22 à 8:54 PM, colin@colinlikesfood.com a écrit :

thank you again. it seems you have seen my paste of config.inc.php.  I do not have a config.php:

my_user@some_host:/usr/local/www/roundcube/config # ls -l
total 67
-rw-r--r--  1 root  wheel    164 Jul 23 15:17 .htaccess
-rw-r--r--  1 root  wheel   1867 Nov 22 15:12 config.inc.php
-rw-r--r--  1 root  wheel   2943 Jul 23 15:17 config.inc.php.sample
-rw-r--r--  1 root  wheel  63790 Oct 29 20:24 defaults.inc.php
-rw-r--r--  1 root  wheel   2806 Jul 23 15:17 mimetypes.php
my_user@some_host:/usr/local/www/roundcube/config #


I have tried changing tls:// to ssl:// and back again (in the line $config['managesieve_host'] = 'tls://obfuscated.domain';) but the error remains the same:

roundcube: PHP Error: Connection refused (GET /index.php?_task=settings&_action=plugin.managesieve)
roundcube: PHP Error: Unable to connect to managesieve on obfuscated.domain:4190 in /usr/local/www/roundcube/plugins/managesieve/lib/Roundcube/rcube_sieve_engine.php on line 221 (GET /index.php?_task=settings&_action=plugin.managesieve)
roundcube: PHP Error: Not currently in AUTHORISATION state (GET /index.php?_task=settings&_action=plugin.managesieve)
php: PHP Error: Not currently connected (GET /index.php?_task=settings&_action=plugin.managesieve)
roundcube: PHP Error: Connection refused (GET /index.php?_task=settings&_action=plugin.managesieve-action&_framed=1&_nav=hide)
roundcube: PHP Error: Unable to connect to managesieve on obfuscated.domain:4190 in /usr/local/www/roundcube/plugins/managesieve/lib/Roundcube/rcube_sieve_engine.php on line 221 (GET /index.php?_task=settings&_action=plugin.managesieve-action&_framed=1&_nav=hide)
php: PHP Error: Not currently connected (GET /index.php?_task=settings&_action=plugin.managesieve-action&_framed=1&_nav=hide)
roundcube: PHP Error: Connection refused (POST /?_task=settings&_action=plugin.managesieve-save)
roundcube: PHP Error: Unable to connect to managesieve on obfuscated.domain:4190 in /usr/local/www/roundcube/plugins/managesieve/lib/Roundcube/rcube_sieve_engine.php on line 221 (POST /?_task=settings&_action=plugin.managesieve-save)


i don't understand why it can't connect, this seems to work fine:

# gnutls-cli --tofu --starttls -p 4190 10.0.0.91
Processed 142 CA certificate(s).
Resolving '10.0.0.91:4190'...
Connecting to '10.0.0.91:4190'...

- Simple Client Mode:

"IMPLEMENTATION" "dovecot"
"SIEVE" "fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext"
"NOTIFY" "mailto"
"SASL" "CRAM-MD5"
"STARTTLS"
"VERSION" "1.0"
OK "Dovecot ready."
STARTTLS
OK "Begin TLS negotiation now."
*** Starting TLS handshake
- Certificate type: X.509
- Got a certificate list of 3 certificates.
- Certificate[0] info:
 - subject `CN=obfuscated.domain.com', issuer `CN=R3,O=Let's Encrypt,C=US', serial xxxxxxxxxxxxxxxxxxxxxx, RSA key 2048 bits, signed using RSA-SHA256, activated `yyyy-mm-dd 17:48:15 UTC', expires `yyyy-mm-dd 17:48:14 UTC', pin-sha256="xxxxxxxxxxxxxxxxxxxxxx"
        Public Key ID:
                sha1:xxxxxxxxxxxxxxxxxxxxxx
                sha256:xxxxxxxxxxxxxxxxxxxxxx
        Public Key PIN:
                pin-sha256:xxxxxxxxxxxxxxxxxxxxxx

- Certificate[1] info:
 - subject `CN=R3,O=Let's Encrypt,C=US', issuer `CN=ISRG Root X1,O=Internet Security Research Group,C=US', serial xxxxxxxxxxxxxxxxxxxxxx, RSA key 2048 bits, signed using RSA-SHA256, activated `yyyy-mm-dd 00:00:00 UTC', expires `yyyy-mm-dd 16:00:00 UTC', pin-sha256="xxxxxxxxxxxxxxxxxxxxxx"
- Certificate[2] info:
 - subject `CN=ISRG Root X1,O=Internet Security Research Group,C=US', issuer `CN=DST Root CA X3,O=Digital Signature Trust Co.', serial yyyy-mm-dd, RSA key 4096 bits, signed using RSA-SHA256, activated `yyyy-mm-dd 19:14:03 UTC', expires `yyyy-mm-dd 18:14:03 UTC', pin-sha256="xxxxxxxxxxxxxxxxxxxxxx"
- Status: The certificate is NOT trusted. The name in the certificate does not match the expected.
*** PKI verification of server certificate failed...
Host 10.0.0.91 (sieve) has never been contacted before.
Its certificate is valid for 10.0.0.91.
Are you sure you want to trust it? (y/N): y
- Description: (TLS1.3-X.509)-(ECDHE-SECP256R1)-(RSA-PSS-RSAE-SHA256)-(AES-256-GCM)
- Session ID: xx:yy:xx:yy:xx:yy...
- Options:
"IMPLEMENTATION" "dovecot"
"SIEVE" "fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext"
"NOTIFY" "mailto"
"SASL" "CRAM-MD5"
"VERSION" "1.0"
OK "TLS negotiation successful."



On 2022-11-23 13:35, Yassine Chaouche wrote:

also make sure your are editing config.php and not config.inc.php (which you pasted)

Yassine.

Le 23 novembre 2022 8:30:36 PM GMT+01:00, Yassine Chaouche <a.chaouche@algerian-radio.dz> a écrit :
good. we have established that the problem shouldn't be on dovecot's side. i suspect roundcube is misconfigured or can't connect for some reason. I believe someone mentioned SSL and TLS support problem in RC for a specific version? can you try without? also can you paste RC config?

Yassine.