Re: SMTPUTF8 support

On 05/04/2019 08:57, David Bürgin via dovecot wrote:

André, are you quite sure you have it working?

In this thread someone from Open-Xchange stated that no, Dovecot doesn’t have SMTPUTF8 support implemented, and the same response was given by another Dovecot developer last September (it ‘is being considered’ was the answer then, see https://dovecot.org/pipermail/dovecot/2018-September/112887.html).

I am using LMTP to deliver mail to Dovecot from Postfix, and delivery fails with Postfix reporting: ‘SMTPUTF8 is required, but was not offered by host mail.my.org[private/dovecot-lmtp]’. I doubt that this can work without a change in Dovecot LMTP.

Anyway, I am also interested in SMTPUTF8 support, so +1 from me!

Hello David et al,

I have it working with my set up, and I confirm it is not easy.

If I limit the stack to OpenLDAP, Postfix and Dovecot to their simplest configuration, it is relatively easy, even with slightly outdated software in Debian Stretch.

The trick I am using is to include the internationalised email address aside the main one, and to use Postfix LDAP lookup.

For instance, I am using this LDAP schema: https://tools.ietf.org/html/draft-stroeder-mailboxrelatedobject-07

So, my LDAP lookup table for Postfix looks like this:

 # Basic LDAP settings for postfix
 server_host = ldap://ldap.rodier.me/
 start_tls = yes

 search_base = dc=rodier,dc=me
 search_scope = sub

 # Allow advanced LDAP search with the recipient delimiter
 query_filter = (|(mail=%s)(intlMailAddr=%s))
 result_attribute = mail

 # Force support for UTF8
 version = 3

Therefore, postmap query works as expected:

 postmap -q andré@rodier.me ldap:/etc/postfix/ldap-aliases.cf
 andre@rodier.me

That said, if only one of the milter reject your message, it is breaking the whole chain.

For instance, the quota plugin for Dovecot, I had to use DUNNO when the user is unknown instead of reject.

I have it working perfectly from Homebox to Homebox, so perhaps Postfix to Postfix, but I reckon I still have some bugs.

Some providers are working, others not. Outlook does not seems to work , but I am on it. Yahoo does not let you type an accent in the email address, only Google allows you to.

However, I made a test yesterday, and realised that the emails from GMail are rejected by one of the plugin, and I need to investigate which one. The error message is:

Apr 5 10:16:39 portal postfix/smtpd[2566]: Anonymous TLS connection established from mail-lf1-f51.google.com[209.85.167.51]: TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits) Apr 5 10:16:39 portal policyd-spf[2574]: prepend Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=209.85.167.51; helo=mail-lf1-f51.google.com; envelope-from=andre.rodier@gmail.com; receiver=<UNKNOWN> Apr 5 10:16:39 portal postfix/smtpd[2566]: EB38240467: client=mail-lf1-f51.google.com[209.85.167.51] Apr 5 10:16:40 portal postfix/cleanup[2576]: EB38240467: message-id=CAKr9_Nv1pgDAC31cFF4YPE-mnYxSusmKsWHOCxWPSeJ2Adj8cQ@mail.gmail.com Apr 5 10:16:40 portal opendkim[15477]: EB38240467: mail-lf1-f51.google.com [209.85.167.51] not internal Apr 5 10:16:40 portal opendkim[15477]: EB38240467: not authenticated Apr 5 10:16:40 portal opendkim[15477]: EB38240467: DKIM verification successful Apr 5 10:16:40 portal opendkim[15477]: EB38240467: s=20161025 d=gmail.com SSL Apr 5 10:16:40 portal opendmarc[16548]: implicit authentication service: portal.homebox.space Apr 5 10:16:40 portal opendmarc[16548]: EB38240467: gmail.com pass Apr 5 10:16:40 portal postfix/cleanup[2576]: EB38240467: milter-reject: END-OF-MESSAGE from mail-lf1-f51.google.com[209.85.167.51]: 4.7.1 Try again later; from=andre.rodier@gmail.com to= proto=ESMTP helo= Apr 5 10:16:40 portal postfix/smtpd[2566]: disconnect from mail-lf1-f51.google.com[209.85.167.51] ehlo=2 starttls=1 mail=1 rcpt=1 data=0/1 quit=1 commands=6/7

So perhaps it is one of the milter. I will investigate today.

Also, it seems the client is important. I have no problem with SOGo or Evolution. Roundcube and Thunderbird, in Debian Stretch, don't support this yet.

With Debian Buster coming soon, I am sure this will work better. I will create a branch to test this. My preliminary investigations don't show major problems in the upgrade.

At one point, I was using the Dovecot packages from backports, but I reverted this as there has been an incompatibility.

Happy to answer more questions if you have.

-- André Rodier