[Dovecot] Managesieve + procmail
Hello,
I have an Ubuntu Lucid Postfix/Dovecot server. I have a web ui to manage my websites, emails and so that makes use of Procmail but would I like my users to be able to use Managesieve filters.
It it possible to "chain" them ? How?
Best regards.
-- Lox lox.dev@knc.nc
Lox put forth on 11/8/2010 10:29 PM:
Hello,
I have an Ubuntu Lucid Postfix/Dovecot server. I have a web ui to manage my websites, emails and so that makes use of Procmail but would I like my users to be able to use Managesieve filters.
It it possible to "chain" them ? How?
Read this thread:
http://www.virtualmin.com/node/11460
-- Stan
2010/11/9 Stan Hoeppner stan@hardwarefreak.com
Read this thread:
Hello,
Thank you that was usefull. But I still can't get it working ....
It seems Dovecot's LDA is not using uid and guid from my userdb file to deliver to user inbox (located in /var/mail)
I get:
dovecot: deliver(virtuser_537): file_dotlock_create(/var/mail/virtuser_537) failed: Permission denied (euid=537(virtuser_537) egid=518(neaevents) missing +w perm: /var/mail) (set mail_privileged_group=mail)
dovecot -n # 1.2.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-25-server x86_64 Ubuntu 10.04.1 LTS log_timestamp: %Y-%m-%d %H:%M:%S protocols: imap pop3 imaps pop3s managesieve ssl_ca_file: /etc/dovecot/ca.pem ssl_cert_file: /etc/dovecot/server.crt ssl_key_file: /etc/dovecot/server.key ssl_cipher_list: ALL:!LOW:!SSLv2:ALL:!aNULL:!ADH:!eNULL:!EXP:RC4+RSA:+HIGH:+MEDIUM disable_plaintext_auth: no login_dir: /var/run/dovecot/login login_executable(default): /usr/lib/dovecot/imap-login login_executable(imap): /usr/lib/dovecot/imap-login login_executable(pop3): /usr/lib/dovecot/pop3-login login_executable(managesieve): /usr/lib/dovecot/managesieve-login mail_privileged_group: mail mail_location: mbox:~/mail:LAYOUT=maildir mail_debug: yes mbox_write_locks: fcntl dotlock mail_executable(default): /usr/lib/dovecot/imap mail_executable(imap): /usr/lib/dovecot/imap mail_executable(pop3): /usr/lib/dovecot/pop3 mail_executable(managesieve): /usr/lib/dovecot/managesieve mail_plugins(default): autocreate mail_plugins(imap): autocreate mail_plugins(pop3): mail_plugins(managesieve): mail_plugin_dir(default): /usr/lib/dovecot/modules/imap mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3 mail_plugin_dir(managesieve): /usr/lib/dovecot/modules/managesieve imap_client_workarounds(default): outlook-idle delay-newmail tb-extra-mailbox-sep imap_client_workarounds(imap): outlook-idle delay-newmail tb-extra-mailbox-sep imap_client_workarounds(pop3): imap_client_workarounds(managesieve): pop3_client_workarounds(default): pop3_client_workarounds(imap): pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh pop3_client_workarounds(managesieve): lda: postmaster_address: postmaster mail_plugins: sieve quota_full_tempfail: yes deliver_log_format: msgid=%m: %$ rejection_reason: Your message to <%t> was automatically rejected:%n%r auth default: mechanisms: plain login passdb: driver: passwd-file args: /etc/dovecot/dovecot.passwd userdb: driver: passwd-file args: /etc/dovecot/dovecot.passwd userdb: driver: prefetch socket: type: listen client: path: /var/spool/postfix/private/dovecot-auth mode: 432 user: postfix group: postfix plugin: autocreate: Trash autocreate2: Junk autocreate3: Sent autocreate4: Drafts autocreate5: Archives autosubscribe: Trash autosubscribe2: Junk autosubscribe3: Sent autosubscribe4: Drafts autosubscribe5: Archives sieve: ~/.dovecot.sieve sieve_dir: ~/sieve
And /etc/procmailrc:
DELIVER="/usr/lib/dovecot/deliver -c /etc/dovecot/conf.d/01-dovecot-postfix.conf -n" LOGFILE=/var/log/procmail.log VERBOSE=on HOME= $HOME DROPPRIVS=yes
:0 w | $DELIVER
Regards.
-- Lox lox.dev@knc.nc
Lox put forth on 11/20/2010 12:02 AM:
2010/11/9 Stan Hoeppner stan@hardwarefreak.com
Read this thread:
Hello,
Thank you that was usefull. But I still can't get it working ....
It seems Dovecot's LDA is not using uid and guid from my userdb file to deliver to user inbox (located in /var/mail)
I get:
dovecot: deliver(virtuser_537): file_dotlock_create(/var/mail/virtuser_537) failed: Permission denied (euid=537(virtuser_537) egid=518(neaevents) missing +w perm: /var/mail) (set mail_privileged_group=mail)
What's the group ownership of /var/mail/virtuser_537 ? Can we see (at least partial) output of "ls -la /var/mail" and "ls -la /var/mail/virtuser_537"? That may be helpful.
-- Stan
dovecot -n # 1.2.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-25-server x86_64 Ubuntu 10.04.1 LTS log_timestamp: %Y-%m-%d %H:%M:%S protocols: imap pop3 imaps pop3s managesieve ssl_ca_file: /etc/dovecot/ca.pem ssl_cert_file: /etc/dovecot/server.crt ssl_key_file: /etc/dovecot/server.key ssl_cipher_list: ALL:!LOW:!SSLv2:ALL:!aNULL:!ADH:!eNULL:!EXP:RC4+RSA:+HIGH:+MEDIUM disable_plaintext_auth: no login_dir: /var/run/dovecot/login login_executable(default): /usr/lib/dovecot/imap-login login_executable(imap): /usr/lib/dovecot/imap-login login_executable(pop3): /usr/lib/dovecot/pop3-login login_executable(managesieve): /usr/lib/dovecot/managesieve-login mail_privileged_group: mail mail_location: mbox:~/mail:LAYOUT=maildir mail_debug: yes mbox_write_locks: fcntl dotlock mail_executable(default): /usr/lib/dovecot/imap mail_executable(imap): /usr/lib/dovecot/imap mail_executable(pop3): /usr/lib/dovecot/pop3 mail_executable(managesieve): /usr/lib/dovecot/managesieve mail_plugins(default): autocreate mail_plugins(imap): autocreate mail_plugins(pop3): mail_plugins(managesieve): mail_plugin_dir(default): /usr/lib/dovecot/modules/imap mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3 mail_plugin_dir(managesieve): /usr/lib/dovecot/modules/managesieve imap_client_workarounds(default): outlook-idle delay-newmail tb-extra-mailbox-sep imap_client_workarounds(imap): outlook-idle delay-newmail tb-extra-mailbox-sep imap_client_workarounds(pop3): imap_client_workarounds(managesieve): pop3_client_workarounds(default): pop3_client_workarounds(imap): pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh pop3_client_workarounds(managesieve): lda: postmaster_address: postmaster mail_plugins: sieve quota_full_tempfail: yes deliver_log_format: msgid=%m: %$ rejection_reason: Your message to <%t> was automatically rejected:%n%r auth default: mechanisms: plain login passdb: driver: passwd-file args: /etc/dovecot/dovecot.passwd userdb: driver: passwd-file args: /etc/dovecot/dovecot.passwd userdb: driver: prefetch socket: type: listen client: path: /var/spool/postfix/private/dovecot-auth mode: 432 user: postfix group: postfix plugin: autocreate: Trash autocreate2: Junk autocreate3: Sent autocreate4: Drafts autocreate5: Archives autosubscribe: Trash autosubscribe2: Junk autosubscribe3: Sent autosubscribe4: Drafts autosubscribe5: Archives sieve: ~/.dovecot.sieve sieve_dir: ~/sieve
And /etc/procmailrc:
DELIVER="/usr/lib/dovecot/deliver -c /etc/dovecot/conf.d/01-dovecot-postfix.conf -n" LOGFILE=/var/log/procmail.log VERBOSE=on HOME= $HOME DROPPRIVS=yes
:0 w | $DELIVER
Regards.
2010/11/21 Stan Hoeppner stan@hardwarefreak.com
What's the group ownership of /var/mail/virtuser_537 ? Can we see (at least partial) output of "ls -la /var/mail" and "ls -la /var/mail/virtuser_537"? That may be helpful.
Hello,
This is a hosting server. So for each website a group is created, so that each mailbox in /var/mail belongs to its user and to its website group:
-rw------- 1 virtuser_548 pacificaland 0 2010-09-05 20:54 virtuser_548 -rw------- 1 virtuser_549 fretexpress 537 2010-11-24 11:17 virtuser_549 -rw------- 1 virtuser_551 infocom 995 2010-11-03 15:01 virtuser_551 -rw------- 1 virtuser_552 infocom 22M 2010-11-24 11:37 virtuser_552 -rw------- 1 virtuser_553 infocom 7,2K 2010-11-22 23:36 virtuser_553
-- Lox lox.dev@knc.nc
On Sat, 2010-11-20 at 17:02 +1100, Lox wrote:
dovecot: deliver(virtuser_537): file_dotlock_create(/var/mail/virtuser_537) failed: Permission denied (euid=537(virtuser_537) egid=518(neaevents) missing +w perm: /var/mail) (set mail_privileged_group=mail)
See http://wiki.dovecot.org/MailLocation/Mbox#Locking
And especially see the first NOTE.
2010/11/23 Timo Sirainen tss@iki.fi
See http://wiki.dovecot.org/MailLocation/Mbox#Locking
And especially see the first NOTE.
Sticky bit is set:
drwxrwsr-x 4 root mail 4,0K 2010-11-24 11:44 mail
-- Lox lox.dev@knc.nc
2010/11/24 Lox lox.dev@knc.nc
Sticky bit is set:
drwxrwsr-x 4 root mail 4,0K 2010-11-24 11:44 mail
Sorry that was it, chmod a+rwxt /var/mail did the trick.
Is there any security issue with such a permission set ?
-- Lox lox.dev@knc.nc
On 24.11.2010, at 1.42, Lox wrote:
2010/11/24 Lox lox.dev@knc.nc
Sticky bit is set:
drwxrwsr-x 4 root mail 4,0K 2010-11-24 11:44 mail
Sorry that was it, chmod a+rwxt /var/mail did the trick.
Is there any security issue with such a permission set ?
Any user can create new files in there now, including lock files for other users' mailboxes, which the other user can't then delete anymore.
participants (3)
-
Lox
-
Stan Hoeppner
-
Timo Sirainen