[Dovecot] Dovecot + managesieve + ldap not working
Hi,
I want to use managesieve in my dovecot server which uses virtual users and a ldap for the users. This is in my dovecot.conf:
# 1.2.15: /etc/dovecot/dovecot.conf # OS: Linux 3.0.0-x86_64-jb1 x86_64 Debian 6.0.1 ext3 log_path: /var/log/dovecot.log info_log_path: /var/log/dovecot-info.log log_timestamp: %Y-%m-%d %H:%M:%S protocols: imap imaps managesieve listen(default): * listen(imap): * listen(managesieve): *:2000 disable_plaintext_auth: no login_dir: /var/run/dovecot/login login_executable(default): /usr/lib/dovecot/imap-login login_executable(imap): /usr/lib/dovecot/imap-login login_executable(managesieve): /usr/lib/dovecot/managesieve-login mail_privileged_group: mail mail_uid: 5000 mail_gid: 5000 mail_location: maildir:/var/mail/%u/Maildir mail_debug: yes mbox_write_locks: fcntl dotlock mail_executable(default): /usr/lib/dovecot/imap mail_executable(imap): /usr/lib/dovecot/imap mail_executable(managesieve): /usr/lib/dovecot/managesieve mail_plugin_dir(default): /usr/lib/dovecot/modules/imap mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap mail_plugin_dir(managesieve): /usr/lib/dovecot/modules/managesieve lda: postmaster_address: pbrechler@piratenfraktion-berlin.de mail_plugins: sieve mail_plugin_dir: /usr/lib/dovecot/modules/lda auth default: mechanisms: plain login verbose: yes debug: yes passdb: driver: pam passdb: driver: ldap args: /etc/dovecot/dovecot-ldap.conf userdb: driver: ldap args: /etc/dovecot/dovecot-ldap.conf socket: type: listen client: path: /var/spool/postfix/private/auth mode: 432 user: postfix group: postfix master: path: /var/run/dovecot/auth-master mode: 384 user: vmail group: vmail plugin: sieve_dir: /var/mail/sievescript/%u_scripts/ sieve_extensions: +imapflags
And my ldap conf:
hosts = ldap.piratenfraktion-berlin.de auth_bind = yes auth_bind_userdn = uid=%u,ou=people,dc=domain,dc=de ldap_version = 3 base = dc=domaindc=de deref = never scope = subtree user_attrs = uid=mail=maildir:/var/mail/%$/Maildir/ user_filter = (|(&(objectClass=organizationalPerson)(uid=%Ln))(&(objectClass=organizationalPerson)(mail=%Lu))) pass_attrs = uid=user,userPassword=password pass_filter = (&(objectClass=organizationalPerson)(uid=%u))
If I try to talk to managesieve with telnet this happens:
Trying ::1... Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. "IMPLEMENTATION" "dovecot" "SIEVE" "fileinto reject envelope encoded-character vacation subaddress comparator- i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date imapflags" "SASL" "PLAIN LOGIN" "STARTTLS" "NOTIFY" "mailto" "VERSION" "1.0" OK "Dovecot ready." # ca. 2 Seconds pause AUTHENTICATE "PLAIN" "xxxxxxxxxxxxx"
BYE "Internal error occured. Refer to server log for more information. [2011-10-02 00:48:09]" Connection closed by foreign host.
Dies is a log reading
2011-10-02 00:48:09 MANAGESIEVE(user): Fatal: Failed to create sieve storage with data: /var/mail/sievescript/user_scripts
But the permissions are 775 dovecot:dovecot and the system tells me that dovecot was the last user who had access to the directory.
Can someone help me? Thanks!
kind regards
Philip Brechler
On 10/5/2011 6:11 PM, Philip Brechler wrote:
I want to use managesieve in my dovecot server which uses virtual users and a ldap for the users. This is in my dovecot.conf:
# 1.2.15: /etc/dovecot/dovecot.conf [...] mail_location: maildir:/var/mail/%u/Maildir mail_debug: yes [...] plugin: sieve_dir: /var/mail/sievescript/%u_scripts/ [...] If I try to talk to managesieve with telnet this happens:
BYE "Internal error occured. Refer to server log for more information. [2011-10-02 00:48:09]" Connection closed by foreign host.
Dies is a log reading
2011-10-02 00:48:09 MANAGESIEVE(user): Fatal: Failed to create sieve storage with data: /var/mail/sievescript/user_scripts
But the permissions are 775 dovecot:dovecot and the system tells me that dovecot was the last user who had access to the directory.
I'd expect to see more errors and debug messages preceding the log line above.
Looking at your config, I suspect your problem has something to do with the fact that you provide no 'home' directory for your users. The default location of the active sieve script (as configured with sieve=) is ~/.dovecot.sieve. You don't override this, so this is what you are now using. Since no home directory is defined, ~/ cannot be substituted, causing this failure (there must be an error about this in your logs somewhere). You can do something analogous to your sieve_dir setting and use % variable substitution in your sieve= setting. Still, having no home directory for your users is a bad idea. Read the wiki for more information:
http://wiki2.dovecot.org/VirtualUsers/Home
Also read this carefully:
http://wiki2.dovecot.org/Pigeonhole/ManageSieve/Configuration
Regards,
Stephan.
Am 05.10.2011 um 21:04 schrieb Stephan Bosch:
On 10/5/2011 6:11 PM, Philip Brechler wrote:
I'd expect to see more errors and debug messages preceding the log line above.
Looking at your config, I suspect your problem has something to do with the fact that you provide no 'home' directory for your users. The default location of the active sieve script (as configured with sieve=) is ~/.dovecot.sieve. You don't override this, so this is what you are now using. Since no home directory is defined, ~/ cannot be substituted, causing this failure (there must be an error about this in your logs somewhere). You can do something analogous to your sieve_dir setting and use % variable substitution in your sieve= setting. Still, having no home directory for your users is a bad idea. Read the wiki for more information:
http://wiki2.dovecot.org/VirtualUsers/Home
Also read this carefully:
http://wiki2.dovecot.org/Pigeonhole/ManageSieve/Configuration
Hi, thanks for your fast response I added a sieve= Option and now I get this log reading until it fails with the same error massage in telnet
Info: client out: OK 1 user=user 2011-10-05 21:15:53 auth(default): Info: master in: REQUEST 3 12101 1 2011-10-05 21:15:53 auth(default): Info: ldap(user,127.0.0.1): user search: base=dc=piratenfraktion-berlin,dc=de scope=subtree filter=(|(&(objectClass=organizationalPerson)(uid=user))(&(objectClass=organizationalPerson)(mail=user))) fields=uid 2011-10-05 21:15:53 auth(default): Info: ldap(user,127.0.0.1): result: uid(mail=maildir:/var/mail/%$/Maildir/)=maildir:/var/mail/user/Maildir/ 2011-10-05 21:15:53 auth(default): Info: master out: USER 3 user mail=maildir:/var/mail/user/Maildir/ 2011-10-05 21:15:53 managesieve-login: Info: Login: user=<user>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured 2011-10-05 21:15:53 MANAGESIEVE(user): Info: Effective uid=5000, gid=5000, home=(none) 2011-10-05 21:15:53 MANAGESIEVE(user): Info: sieve-storage: using active sieve script path: /var/var/mail/sievescript/user_scripts/.dovecot.sieve 2011-10-05 21:15:53 MANAGESIEVE(user): Info: sieve-storage: using sieve script storage directory: /var/mail/sievescript/user_scripts/
That's it no more errors or anything.
thanks.
Philip
On 10/5/2011 9:20 PM, Philip Brechler wrote:
Am 05.10.2011 um 21:04 schrieb Stephan Bosch:
On 10/5/2011 6:11 PM, Philip Brechler wrote:
I'd expect to see more errors and debug messages preceding the log line above.
Looking at your config, I suspect your problem has something to do with the fact that you provide no 'home' directory for your users. The default location of the active sieve script (as configured with sieve=) is ~/.dovecot.sieve. You don't override this, so this is what you are now using. Since no home directory is defined, ~/ cannot be substituted, causing this failure (there must be an error about this in your logs somewhere). You can do something analogous to your sieve_dir setting and use % variable substitution in your sieve= setting. Still, having no home directory for your users is a bad idea. Read the wiki for more information:
http://wiki2.dovecot.org/VirtualUsers/Home
Also read this carefully:
http://wiki2.dovecot.org/Pigeonhole/ManageSieve/Configuration
Hi, thanks for your fast response I added a sieve= Option and now I get this log reading until it fails with the same error massage in telnet
Info: client out: OK 1 user=user 2011-10-05 21:15:53 auth(default): Info: master in: REQUEST 3 12101 1 2011-10-05 21:15:53 auth(default): Info: ldap(user,127.0.0.1): user search: base=dc=piratenfraktion-berlin,dc=de scope=subtree filter=(|(&(objectClass=organizationalPerson)(uid=user))(&(objectClass=organizationalPerson)(mail=user))) fields=uid 2011-10-05 21:15:53 auth(default): Info: ldap(user,127.0.0.1): result: uid(mail=maildir:/var/mail/%$/Maildir/)=maildir:/var/mail/user/Maildir/ 2011-10-05 21:15:53 auth(default): Info: master out: USER 3 user mail=maildir:/var/mail/user/Maildir/ 2011-10-05 21:15:53 managesieve-login: Info: Login: user=<user>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured 2011-10-05 21:15:53 MANAGESIEVE(user): Info: Effective uid=5000, gid=5000, home=(none) 2011-10-05 21:15:53 MANAGESIEVE(user): Info: sieve-storage: using active sieve script path: /var/var/mail/sievescript/user_scripts/.dovecot.sieve 2011-10-05 21:15:53 MANAGESIEVE(user): Info: sieve-storage: using sieve script storage directory: /var/mail/sievescript/user_scripts/
That's it no more errors or anything.
In fact, I see no errors at all. That is not possible if you get that same critical error in telnet. I would also expect the following additional debug message:
MANAGESIEVE(user): Info: sieve-storage: relative path to sieve storage in active link: ...
Or an error aboutsieve_storage_verify_dir() failing.
I'm not sure what is going on at your end. Make sure you are checking the correct log file: the BYE error in telnet has a time stamp that matches the line in your log file.
Two additional things I notice:
- You still don't return a home directory from your userdb.
- You placed the active sieve script link (.dovecot.sieve) inside your sieve_dir directory (/var/mail/sievescript/user_scripts/). That is not recommended. I would recommend something like the following:
sieve_dir=/var/mail/sievescript/%u/scripts/ sieve=/var/mail/sievescript/%u/.dovecot.sieve
Regards,
Stephan.
participants (2)
-
Philip Brechler
-
Stephan Bosch