[Dovecot] problems with sieve and lda
Okay, after reading the wiki and list archives, I am confused.
I am attemping to get the deliver LDA working on a centos 5.1 system
# rpm -qa | grep dovecot dovecot-1.0.7-2.el5 dovecot-sieve-1.0.2-6.el5 # rpm -qa | grep postfix postfix-2.3.3-2
so that I can use Sieve for mail filtering to imap folders, I am using the mbox format
Following the wiki here for system users
http://wiki.dovecot.org/LDA/Postfix
I never get any info in the logs about cmusieve, the only way I see anything show up is if I add the transport settings to postfix/master.cf or see below
From reading the list archives, as best as I can tell, the only time I need to make the changes in postfix's master.cf is if I am using a virtual environment, otherwise for local delivery, all I need is the mailbox_command setting in postfix/main.cf
However with that setting, I get nothing! If I then run deliver from the command line as per a couple of mailling postings,
cat /etc/hosts | /usr/libexec/dovecot/deliver -d localaccount@mydomain.com -f mygmailaccount@gmail.com
I get
deliver(localaccount@mydomail.com): Aug 10 22:07:17 Info: Loading modules from directory: /usr/lib/dovecot/lda deliver(localaccount@mydomail.com): Aug 10 22:07:17 Info: Module loaded: /usr/lib/dovecot/lda/lib90_cmusieve_plugin.so deliver(localaccount@mydomail.com): Aug 10 22:07:17 Error: Can't connect to auth server at /var/run/dovecot/auth-master: No such file or directory
Config stuff (dovecot -n)
# 1.0.7: /etc/dovecot.conf
log_path: /var/log/dovecot/dovecot.log
info_log_path: /var/log/dovecot/dovecot.log
protocols: imaps pop3s
listen(default): *:143
listen(imap): *:143
listen(pop3): [::]
ssl_listen(default): *:943
ssl_listen(imap): *:943
ssl_listen(pop3):
ssl_cert_file: /etc/pki/dovecot/certs/dovecot.cert
ssl_key_file: /etc/pki/tls/private/my.domain.tld.key
verbose_ssl: yes
login_dir: /var/run/dovecot/login
login_executable(default): /usr/libexec/dovecot/imap-login
login_executable(imap): /usr/libexec/dovecot/imap-login
login_executable(pop3): /usr/libexec/dovecot/pop3-login
mail_location:
mbox:~/mail:INBOX=/var/spool/mail/%u:INDEX=~/mail/.imap/.imap/indexes/
mail_debug: yes
mail_executable(default): /usr/libexec/dovecot/imap
mail_executable(imap): /usr/libexec/dovecot/imap
mail_executable(pop3): /usr/libexec/dovecot/pop3
mail_plugin_dir(default): /usr/lib/dovecot/imap
mail_plugin_dir(imap): /usr/lib/dovecot/imap
mail_plugin_dir(pop3): /usr/lib/dovecot/pop3
auth default:
passdb:
driver: pam
userdb:
driver: passwdpostfix/main.cf has
mailbox_commmand = /usr/libexec/dovecot/deliver
A .dovecot.sieve file with the following contents for testing purposes is located at ~/mail
require "fileinto"; if header :comparator "i;ascii-casemap" :contains "Subject" "**SPAM**" { fileinto "Trash"; stop; }
The LDA section from the dovecot.conf file
protocol lda {
# Address to use when sending rejection mails.
# postmaster_address =
# Hostname to use in various parts of sent mails, eg. in Message-Id.
# Default is the system's real hostname.
#hostname =
# Support for dynamically loadable plugins. mail_plugins is a space
separated
# list of plugins to load.
mail_plugin_dir = /usr/lib/dovecot/lda
mail_plugins = cmusieve
# Binary to use for sending mails.
#sendmail_path = /usr/lib/sendmail
# UNIX socket path to master authentication server to find users.
#auth_socket_path = /var/run/dovecot/auth-master
#sieve_global_path =
script_path = ~/.dovecot.sieve
log_path = /var/log/dovecot/deliverlog
info_log_path = /var/log/dovecot/deliverlog
debug = yes
}What am I missing here to getting this working
Harondel J. Sibble Sibble Computer Consulting Creating solutions for the small business and home computer user. help@pdscc.com (use pgp keyid 0x3AD5C11D) http://www.pdscc.com (604) 739-3709 (voice/fax) (604) 686-2253 (pager)
On 11 Aug 2008 at 6:35, Charles Marcus wrote:
If I'm not mistaken, sieve support has improved dramatically in the latest versions (1.1.2 being the current).
Use the atrpms repo...
Sure, I see that in the version history, but that won't necessarily solve the current problem I am having where deliver is not triggering at all.
Harondel J. Sibble Sibble Computer Consulting Creating solutions for the small business and home computer user. help@pdscc.com (use pgp keyid 0x3AD5C11D) http://www.pdscc.com (604) 739-3709 (voice/fax) (604) 686-2253 (pager)
Harondel J. Sibble wrote:
Following the wiki here for system users
http://wiki.dovecot.org/LDA/Postfix
I never get any info in the logs about cmusieve, the only way I see anything show up is if I add the transport settings to postfix/master.cf or see below
From reading the list archives, as best as I can tell, the only time I need to make the changes in postfix's master.cf is if I am using a virtual environment, otherwise for local delivery, all I need is the mailbox_command setting in postfix/main.cf
However with that setting, I get nothing! If I then run deliver from the command line as per a couple of mailling postings,
cat /etc/hosts | /usr/libexec/dovecot/deliver -d localaccount@mydomain.com -f mygmailaccount@gmail.com
I get
deliver(localaccount@mydomail.com): Aug 10 22:07:17 Info: Loading modules from directory: /usr/lib/dovecot/lda deliver(localaccount@mydomail.com): Aug 10 22:07:17 Info: Module loaded: /usr/lib/dovecot/lda/lib90_cmusieve_plugin.so deliver(localaccount@mydomail.com): Aug 10 22:07:17 Error: Can't connect to auth server at /var/run/dovecot/auth-master: No such file or directory
To use -d ACCOUNT, you need a master socket where deliver looks up user information: see the "Virtual Users" section in http://wiki.dovecot.org/LDA . But if you are not using virtual users (and only used -d to test), you should not need it.
How are you calling deliver in postfix? Do you see in postfix's logs the messages being handled to deliver?
-- Deadwood, n.: Anyone in your company who is more senior than you are.
Eduardo M KALINOWSKI eduardo@kalinowski.com.br http://move.to/hpkb
On 11 Aug 2008 at 8:24, Eduardo M KALINOWSKI wrote:
To use -d ACCOUNT, you need a master socket where deliver looks up user information: see the "Virtual Users" section in http://wiki.dovecot.org/LDA . But if you are not using virtual users (and only used -d to test), you should not need it.
Yes, that's what I figured, the lda/postfix link in the wiki makes it seem really simple, change one setting and you're done.
How are you calling deliver in postfix? Do you see in postfix's logs the messages being handled to deliver?
Exactly as noted at the wiki page above which says all I need to do is enter the proper path to deliver in mailbox_command in main.cf.
With this set, emails make it to the inbox but I never see ANY reference to deliver in the logs, it's only when I run the deliver command manually from the cli or enabled the changes in the master.cf that anything shows up in the deliver log.
Harondel J. Sibble Sibble Computer Consulting Creating solutions for the small business and home computer user. help@pdscc.com (use pgp keyid 0x3AD5C11D) http://www.pdscc.com (604) 739-3709 (voice/fax) (604) 686-2253 (pager)
On 11 Aug 2008 at 8:24, Eduardo M KALINOWSKI wrote:
How are you calling deliver in postfix? Do you see in postfix's logs the messages being handled to deliver?
Well, I seem to have made the problem worse as I was adjusting settings throughout the day.
Here's where I am at, if I now enable
mailbox_transport = dovecot
I get the following in /var/log/maillog and mail doesn't get delivered
Aug 11 18:21:50 servername postfix/local[9858]: warning: connect #7 to subsystem private/dovecot: Connection refused Aug 11 18:22:00 servername postfix/local[9858]: warning: connect #8 to subsystem private/dovecot: Connection refused Aug 11 18:22:10 servername postfix/local[9858]: warning: connect #9 to subsystem private/dovecot: Connection refused Aug 11 18:22:20 servername postfix/local[9858]: warning: connect #10 to subsystem private/dovecot: Connection refused Aug 11 18:22:30 servername postfix/local[9858]: fatal: connect #11 to subsystem private/dovecot: Connection refused Aug 11 18:22:31 servername postfix/qmgr[9838]: warning: premature end-of- input on private/local socket while reading input attribute name Aug 11 18:22:31 servername postfix/qmgr[9838]: warning: private/local socket: malformed response Aug 11 18:22:31 servername postfix/qmgr[9838]: warning: transport local failure -- see a previous warning/fatal/panic logfile record for the problem description Aug 11 18:22:31 servername postfix/master[9836]: warning: process /usr/libexec/postfix/local pid 9858 exit status 1 Aug 11 18:22:31 servername postfix/master[9836]: warning: /usr/libexec/postfix/local: bad command startup -- throttling Aug 11 18:22:31 servername postfix/qmgr[9838]: 25BC982BF7: to=myaccount@servername.sibble.net, orig_to=help@pdscc.com, relay=none, delay=101, delays=0.04/101/0/0, dsn=4.3.0, status=deferred (unknown mail transport error)
disable that setting in main.cf, restart postfix and flush the queue and all is good again.
This happen's with both the config file I was working on today and also with the one I had yesterday when I started this thread.
Looks like I was getting this yesterday too, but slightly different
Aug 10 18:29:17 servername postfix/local[11905]: warning: connect #1 to subsystem private/dovecot: No such file or directory Aug 10 18:29:27 servername postfix/local[11905]: warning: connect #2 to subsystem private/dovecot: No such file or directory Aug 10 18:29:37 servername postfix/local[11905]: warning: connect #3 to subsystem private/dovecot: No such file or directory
Although I suspect that was when I had enabled the transport changes in master.cf just for testing purposes. The logs show connection refused stuff only happening today. Googling's coming up with squat.
Harondel J. Sibble Sibble Computer Consulting Creating solutions for the small business and home computer user. help@pdscc.com (use pgp keyid 0x3AD5C11D) http://www.pdscc.com (604) 739-3709 (voice/fax) (604) 686-2253 (pager)
On 11 Aug 2008 at 8:24, Eduardo M KALINOWSKI wrote:
How are you calling deliver in postfix? Do you see in postfix's logs the messages being handled to deliver?
Hmm, oddly enough, adding a .forward in the users home dir with
| "/usr/libexec/dovecot/deliver"Then everything works. Any ideas why? According to everything I've read including the wiki, that shouldn't be necessary.
-- Harondel J. Sibble Sibble Computer Consulting Creating solutions for the small business and home computer user. help@pdscc.com (use pgp keyid 0x3AD5C11D) http://www.pdscc.com (604) 739-3709 (voice/fax) (604) 686-2253 (pager)
Harondel J. Sibble wrote:
On 11 Aug 2008 at 8:24, Eduardo M KALINOWSKI wrote:
How are you calling deliver in postfix? Do you see in postfix's logs the messages being handled to deliver?
Hmm, oddly enough, adding a .forward in the users home dir with
| "/usr/libexec/dovecot/deliver"Then everything works. Any ideas why? According to everything I've read including the wiki, that shouldn't be necessary.
I'll give it a shot. My Postfix/Dovecot is under Debian/Ubuntu - but
that shouldn't matter too much. My configuration is based on all
virtual users/mailboxes - and all mail is owned by the mail user/group.
May have to adjust for yours.
First of all, Dovecot authorization has to be setup. I went whole hog and am using Dovecot for client authorization with Postfix - I recommend it. So, in your dovecot.conf file: auth default { [...] socket listen { master { # Master socket provides access to userdb information. It's typically # used to give Dovecot's local delivery agent access to userdb so it # can find mailbox locations. path = /var/run/dovecot/auth-master mode = 0600 # Default user/group is the one who started dovecot-auth (root) user = vmail group = mail } client { # The client socket is generally safe to export to everyone. Typical use # is to export it to your SMTP server so it can do SMTP AUTH lookups # using it. path = /var/spool/postfix/var/dovecot mode = 0666 user = vmail group = mail } } [...] }
Note the two paths - the auth server and client. These paths must exist. If not ... you're going to have problems. Also - the client path (in my case /var/spool/postfix/var/dovecot) must be read/writeable by whatever user deliver is running as. In particular, /var/spool/postfix/var must be readable by the deliver user.
Also - based on the error message you show, you need to verify /var/run/dovecot/auth-master. Same permission issues apply. Based on your reported error messages - this is probably something you need to look hard at.
Now in Postfix, ONE of the important settings is smtpd_sasl_path. In my case, it's set to "var/dovecot". Notice, when added to the chroot that Postfix operates in (/var/spool/postfix, for my own server) it matches the path defined in the client auth section in dovecot.conf.
Now for me, I wanted even more flexibility than the built-in behaviors of Postfix and Dovecot provide - however thanks to the defined flexibility of both programs it was easy to get what I wanted. In master.cf, I've defined two transports:
dovecot unix - n n - - pipe flags=ODRhu user=vmail:mail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${recipient}
dsieve unix - n n - - pipe flags=ODRhu user=vmail:mail argv=/usr/local/bin/do_postfix_deliver.sh ${sender} ${recipient}
The "dovecot" transport is for users not using sieve. I've made that the default for users by setting "virtual_transport = dovecot" in main.cf.
The dsieve (short for deliver + sieve) transport enables sieve. How?
The magic of /usr/local/bin/do_postfix_deliver.sh:
#!/bin/sh
#
# The following parameters are passed to this script
#
# Sending address
# Destination address
# Message (piped)
#
PD_SENDER=$1
PD_DESTINATION=$2
PD_DOMAIN=echo $PD_DESTINATION|sed s/@.*$//
PD_USER=echo $PD_DESTINATION|sed s/^.*@//
HOME=/var/mail/${PD_DOMAIN}/${PD_USER} MAIL=$HOME export HOME export MAIL
/usr/lib/dovecot/deliver -f ${PD_SENDER} -d ${PD_DESTINATION} #EOF
I used this method because I wanted to minimize the information necessary in my LDAP database. For everything mail related, the only items necessary are the complete email address and a password - everything else is generated from there. I've been advised I should change my MAIL parameter to be something like $HOME/Maildir - I'll probably do that when I upgrade from 1.0.
Hope this helps.
Daniel
participants (4)
-
Charles Marcus
-
Daniel L. Miller
-
Eduardo M KALINOWSKI
-
Harondel J. Sibble