Hi,
I'm starting to wonder if dsync is supposed to sync sieve scripts at all? Or should it work only as a part of replicator? Because I was not able to get it working on multiple Dovecot and Pigeon versions, and I see lots of replication/dsync and sieve related questions in the mailing list.
I'm trying to get it to work using latest versions on http://repo.dovecot.org/ce-2.3-latest repo.
The versions I am testing at the moment are:
- Dovecot 2.3.13 (89f716dc2)
- Pigeonhole 0.5.13 (cdd19fe3)
It's a straightforward setup, nothing fancy. So the question is - is it supposed to work at all without replicator?
On 17. Feb 2021, at 23.53, Edgaras Lukoševičius <edgaras.lukosevicius@gmail.com> wrote:
Hi,
I'm starting to wonder if dsync is supposed to sync sieve scripts at all? Or should it work only as a part of replicator? Because I was not able to get it working on multiple Dovecot and Pigeon versions, and I see lots of replication/dsync and sieve related questions in the mailing list.
I'm trying to get it to work using latest versions on http://repo.dovecot.org/ce-2.3-latest repo.
The versions I am testing at the moment are:
- Dovecot 2.3.13 (89f716dc2)
- Pigeonhole 0.5.13 (cdd19fe3)
It's a straightforward setup, nothing fancy. So the question is - is it supposed to work at all without replicator?
It does sync sieve scripts as long as you have the plugin installed in both ends and have correct configuration regarding sieve script location.
Sami
Then what is a correct configuration? Because I was not able to get it to work.
It is a simple setup using VirtualUsers, Maildir format, Home and Mail directories are separate as per documentation here https://wiki2.dovecot.org/VirtualUsers/Home, and here: https://doc.dovecot.org/configuration_manual/mail_location/
Both of the hosts have exactly same versions, and exactly same configurations (except for hostnames of course)
ManageSieve, and Sieve itself is working (tested), and while I was going through all the steps and configuration variations I have also enabled imap_sieve plugin.
Directory layout on source.host.tld:
/home/vmail/d/o/domin.tld/local ├── Maildir │ ├── cur │ ├── new │ ├── tmp │ ├── dovecot.index.log │ ├── dovecot.list.index.log │ ├── dovecot-uidlist │ ├── dovecot-uidvalidity │ ├── dovecot-uidvalidity.602d8428 │ └── subscriptions └── sieve │ ├── script.sieve │ └── tmp └── .dovecot.sieve -> sieve/script.sieve
I have tried to pull data from source: /usr/bin/dsync -Dv -o imapc_host=source.host.tld -o imapc_port=143 -o imapc_user=local@domain.tld -o imapc_password=123456789 sync -1 -R -f -u local@domain.tld imapc:
I have also tried to push data to destination: /usr/bin/dsync -Dv -o imapc_host=destination.host.tld -o imapc_port=143 -o imapc_user=local@domain.tld -o imapc_password=123456789 sync -1 -f -u local@domain.tld imapc:
Output of dsync is as follows:
Debug: Loading modules from directory: /usr/lib64/dovecot Debug: Module loaded: /usr/lib64/dovecot/lib10_quota_plugin.so Debug: Module loaded: /usr/lib64/dovecot/lib20_quota_clone_plugin.so Debug: Module loaded: /usr/lib64/dovecot/lib20_zlib_plugin.so Debug: Loading modules from directory: /usr/lib64/dovecot/doveadm Debug: Module loaded: /usr/lib64/dovecot/doveadm/lib10_doveadm_quota_plugin.so Debug: Module loaded: /usr/lib64/dovecot/doveadm/lib10_doveadm_sieve_plugin.so ... dsync(edgaras@hoslinger.com): Debug: imapc(source.host.tld:143): Server capabilities: IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ STARTTLS AUTH=PLAIN AUTH=LOGIN dsync(edgaras@hoslinger.com): Debug: imapc(source.host.tld:143): Authenticating as local@domain.tld dsync(edgaras@hoslinger.com): Debug: imapc(source.host.tld:143): Server capabilities: IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS BINARY MOVE SNIPPET=FUZZY PREVIEW=FUZZY STATUS=SIZE SAVEDATE LITERAL+ NOTIFY SPECIAL-USE IMAPSIEVE=sieve://source.host.tld:4190 QUOTA ... dsync(local@domain.tld): Debug: doveadm-sieve: Iterating Sieve mailbox attributes dsync(local@domain.tld): Debug: sieve: Pigeonhole version 0.5.13 (cdd19fe3) initializing dsync(local@domain.tld): Debug: sieve: include: sieve_global is not set; it is currently not possible to include `:global' scripts. dsync(local@domain.tld): Debug: sieve: Sieve imapsieve plugin for Pigeonhole version 0.5.13 (cdd19fe3) loaded dsync(local@domain.tld): Debug: sieve: Sieve Extprograms plugin for Pigeonhole version 0.5.13 (cdd19fe3) loaded dsync(local@domain.tld): Debug: sieve: file storage: Using active Sieve script path: /home/vmail/d/o/domin.tld/local/.dovecot.sieve dsync(local@domain.tld): Debug: sieve: file storage: Using script storage path: /home/vmail/d/o/domin.tld/local/sieve dsync(local@domain.tld): Debug: sieve: file storage: Using permissions from /home/vmail/d/o/domin.tld/local/sieve: mode=0700 gid=-1 dsync(local@domain.tld): Debug: sieve: file storage: Relative path to sieve storage in active link: sieve/ dsync(local@domain.tld): Debug: sieve: file storage: sync: Synchronization active <end of sieve related logs> ... dsync(local@domain.tld): Debug: brain M: Import INBOX: Last common UID=0. Delayed expunges= dsync(local@domain.tld): Debug: brain M: Import INBOX: Saved UIDs: dsync(local@domain.tld): Debug: brain M: Import INBOX: Finish update: min_next_uid=1 min_first_recent_uid=1 min_highest_modseq=1 min_highest_pvt_modseq=0 ... dsync(local@domain.tld): Debug: imapc(source.host.tld:143): Disconnected dsync(local@domain.tld): Debug: auth-master: conn unix:/var/run/dovecot/auth-userdb (pid=3284,uid=0): Disconnected: Connection closed (fd=10) ...
Configuration on both hosts is as follows
2.3.13 (89f716dc2): /etc/dovecot/dovecot.conf
Pigeonhole version 0.5.13 (cdd19fe3)
OS: Linux 3.10.0-1062.18.1.el7.x86_64 x86_64 CentOS Linux release
7.7.1908 (Core)
Hostname: destination.domain.tld
NOTE: Send doveconf -n output instead when asking for help.
auth_anonymous_username = anonymous auth_cache_negative_ttl = 1 hours auth_cache_size = 0 auth_cache_ttl = 1 hours auth_cache_verify_password_with_worker = no auth_debug = no auth_debug_passwords = no auth_default_realm = auth_failure_delay = 2 secs auth_gssapi_hostname = auth_krb5_keytab = auth_master_user_separator = * auth_mechanisms = plain login auth_policy_check_after_auth = yes auth_policy_check_before_auth = yes auth_policy_hash_mech = sha256 auth_policy_hash_nonce = auth_policy_hash_truncate = 12 auth_policy_log_only = no auth_policy_reject_on_fail = no auth_policy_report_after_auth = yes auth_policy_request_attributes = login=%{requested_username} pwhash=%{hashed_password} remote=%{rip} device_id=%{client_id} protocol=%s session_id=%{session} auth_policy_server_api_header = auth_policy_server_timeout_msecs = 2000 auth_policy_server_url = auth_proxy_self = auth_realms = auth_socket_path = auth-userdb auth_ssl_require_client_cert = no auth_ssl_username_from_cert = no auth_stats = no auth_use_winbind = no auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ auth_username_format = %Lu auth_username_translation = auth_verbose = no auth_verbose_passwords = no auth_winbind_helper_path = /usr/bin/ntlm_auth auth_worker_max_count = 500 base_dir = /var/run/dovecot/ config_cache_size = 1 M debug_log_path = default_client_limit = 1000 default_idle_kill = 1 mins default_internal_group = dovecot default_internal_user = dovecot default_login_user = dovenull default_process_limit = 100 default_vsz_limit = 256 M deliver_log_format = msgid=%m: %$ dict_db_config = director_flush_socket = director_mail_servers = director_max_parallel_kicks = 100 director_max_parallel_moves = 100 director_output_buffer_size = 10 M director_ping_idle_timeout = 30 secs director_ping_max_timeout = 1 mins director_servers = director_user_expire = 15 mins director_user_kick_delay = 2 secs director_username_hash = %u disable_plaintext_auth = no dotlock_use_excl = yes doveadm_allowed_commands = doveadm_api_key = doveadm_http_rawlog_dir = doveadm_password = doveadm_port = 0 doveadm_socket_path = doveadm-server doveadm_ssl = no doveadm_username = doveadm doveadm_worker_count = 0 dsync_alt_char = _ dsync_commit_msgs_interval = 100 dsync_features = dsync_hashed_headers = Date Message-ID dsync_remote_cmd = ssh -l%{login} %{host} doveadm dsync-server -u%u -U first_valid_gid = 500 first_valid_uid = 500 haproxy_timeout = 3 secs haproxy_trusted_networks = hostname = imap_capability = imap_client_workarounds = imap_fetch_failure = disconnect-immediately imap_hibernate_timeout = 0 imap_id_log = imap_id_retain = no imap_id_send = name * imap_idle_notify_interval = 2 mins imap_literal_minus = no imap_logout_format = in=%i out=%o deleted=%{deleted} expunged=%{expunged} trashed=%{trashed} hdr_count=%{fetch_hdr_count} hdr_bytes=%{fetch_hdr_bytes} body_count=%{fetch_body_count} body_bytes=%{fetch_body_bytes} imap_max_line_length = 64 k imap_metadata = no imap_urlauth_host = imap_urlauth_logout_format = in=%i out=%o imap_urlauth_port = 143 imapc_cmd_timeout = 5 mins imapc_connection_retry_count = 1 imapc_connection_retry_interval = 1 secs imapc_features = imapc_host = imapc_list_prefix = imapc_master_user = imapc_max_idle_time = 29 mins imapc_max_line_length = 0 imapc_password = imapc_port = 143 imapc_rawlog_dir = imapc_sasl_mechanisms = imapc_ssl = no imapc_ssl_verify = yes imapc_user = import_environment = TZ CORE_OUTOFMEM CORE_ERROR LISTEN_PID LISTEN_FDS info_log_path = instance_name = dovecot last_valid_gid = 0 last_valid_uid = 0 lda_mailbox_autocreate = no lda_mailbox_autosubscribe = no lda_original_recipient_header = libexec_dir = /usr/libexec/dovecot listen = *, :: lmtp_add_received_header = yes lmtp_client_workarounds = lmtp_hdr_delivery_address = final lmtp_proxy = no lmtp_proxy_rawlog_dir = lmtp_rawlog_dir = lmtp_rcpt_check_quota = no lmtp_save_to_detail_mailbox = no lmtp_user_concurrency_limit = 0 lock_method = fcntl log_core_filter = log_debug = log_path = syslog log_timestamp = "%b %d %H:%M:%S " login_access_sockets = login_greeting = Server ready. login_log_format = %$: %s login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c session=<%{session}> login_plugin_dir = /usr/lib64/dovecot/login login_plugins = login_proxy_max_disconnect_delay = 0 login_proxy_max_reconnects = 3 login_proxy_notify_path = proxy-notify login_proxy_timeout = 30 secs login_source_ips = login_trusted_networks = mail_access_groups = vmail mail_always_cache_fields = mail_attachment_detection_options = mail_attachment_dir = mail_attachment_fs = sis posix mail_attachment_hash = %{sha1} mail_attachment_min_size = 128 k mail_attribute_dict = file:~/dovecot-attributes mail_cache_fields = flags mail_cache_max_size = 1 G mail_cache_min_mail_count = 0 mail_cache_purge_continued_percentage = 200 mail_cache_purge_delete_percentage = 20 mail_cache_purge_header_continue_count = 4 mail_cache_purge_min_size = 32 k mail_cache_record_max_size = 64 k mail_cache_unaccessed_field_drop = 30 days mail_chroot = mail_debug = no mail_fsync = optimized mail_full_filesystem_access = no mail_gid = mail_home = mail_index_log2_max_age = 2 days mail_index_log_rotate_max_size = 1 M mail_index_log_rotate_min_age = 5 mins mail_index_log_rotate_min_size = 32 k mail_index_rewrite_max_log_bytes = 128 k mail_index_rewrite_min_log_bytes = 8 k mail_location = maildir:%h/Maildir mail_log_prefix = "%s(%u)<%{pid}><%{session}>: " mail_max_keyword_length = 50 mail_max_lock_timeout = 0 mail_max_userip_connections = 10 mail_never_cache_fields = imap.envelope mail_nfs_index = no mail_nfs_storage = no mail_plugin_dir = /usr/lib64/dovecot mail_plugins = quota quota_clone zlib mail_prefetch_count = 0 mail_privileged_group = mail_save_crlf = no mail_server_admin = mail_server_comment = mail_shared_explicit_inbox = no mail_sort_max_read_count = 0 mail_temp_dir = /tmp mail_temp_scan_interval = 1 weeks mail_uid = mail_vsize_bg_after_count = 0 mailbox_idle_check_interval = 30 secs mailbox_list_index = yes mailbox_list_index_include_inbox = no mailbox_list_index_very_dirty_syncs = no maildir_broken_filename_sizes = no maildir_copy_with_hardlinks = yes maildir_empty_new = no maildir_stat_dirs = no maildir_very_dirty_syncs = no managesieve_client_workarounds = managesieve_implementation_string = Dovecot Pigeonhole managesieve_logout_format = bytes=%i/%o managesieve_max_compile_errors = 5 managesieve_max_line_length = 64 k managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext imapsieve vnd.dovecot.imapsieve master_user_separator = mbox_dirty_syncs = yes mbox_dotlock_change_timeout = 2 mins mbox_lazy_writes = yes mbox_lock_timeout = 5 mins mbox_md5 = apop3d mbox_min_index_size = 0 mbox_read_locks = fcntl mbox_very_dirty_syncs = no mbox_write_locks = dotlock fcntl mdbox_preallocate_space = no mdbox_rotate_interval = 0 mdbox_rotate_size = 10 M metric auth_request_finished { description = exporter = exporter_include = name hostname timestamps categories fields fields = filter = event = auth_request_finished group_by = policy_result } metric imap_command_finished { description = exporter = exporter_include = name hostname timestamps categories fields fields = filter = event = imap_command_finished group_by = cmd_name tagged_reply_state } metric mail_index_recreated { description = exporter = exporter_include = name hostname timestamps categories fields fields = filter = event = mail_index_recreated group_by = } metric server_connection_connected { description = exporter = exporter_include = name hostname timestamps categories fields fields = filter = event = server_connection_connected group_by = } metric sieve_action_finished { description = exporter = exporter_include = name hostname timestamps categories fields fields = filter = event = sieve_action_finished group_by = action_name } metric sieve_runtime_script_finished { description = exporter = exporter_include = name hostname timestamps categories fields fields = filter = event = sieve_runtime_script_finished group_by = } mmap_disable = no namespace inbox { disabled = no hidden = no ignore_on_failure = no inbox = yes list = yes location = mailbox Drafts { auto = subscribe autoexpunge = 0 autoexpunge_max_mails = 0 comment = driver = special_use = \Drafts } mailbox Junk { auto = subscribe autoexpunge = 0 autoexpunge_max_mails = 0 comment = driver = special_use = \Junk } mailbox Sent { auto = subscribe autoexpunge = 0 autoexpunge_max_mails = 0 comment = driver = special_use = \Sent } mailbox "Sent Messages" { auto = no autoexpunge = 0 autoexpunge_max_mails = 0 comment = driver = special_use = \Sent } mailbox Trash { auto = subscribe autoexpunge = 0 autoexpunge_max_mails = 0 comment = driver = special_use = \Trash } order = 0 prefix = separator = / subscriptions = yes type = private } old_stats_carbon_interval = 30 secs old_stats_carbon_name = old_stats_carbon_server = old_stats_command_min_time = 1 mins old_stats_domain_min_time = 12 hours old_stats_ip_min_time = 12 hours old_stats_memory_limit = 16 M old_stats_session_min_time = 15 mins old_stats_user_min_time = 1 hours passdb { args = /etc/dovecot/master-users auth_verbose = default default_fields = deny = no driver = passwd-file master = yes mechanisms = name = override_fields = pass = yes result_failure = continue result_internalfail = continue result_success = return-ok skip = never username_filter = } passdb { args = /etc/dovecot/dovecot-sql.conf.ext auth_verbose = default default_fields = deny = no driver = sql master = no mechanisms = name = override_fields = pass = no result_failure = continue result_internalfail = continue result_success = return-ok skip = never username_filter = } plugin { imapsieve_url = sieve://destination.domain.tld:4190 quota = count:Mailbox quota quota_clone_dict = redis:host=127.0.0.1:port=6379 quota_grace = 5%% quota_max_mail_size = 50M quota_rule3 = INBOX.Trash:storage=+100%% quota_status_nouser = DUNNO quota_status_overquota = 552 5.2.2 Mailbox is full quota_status_success = DUNNO quota_vsizes = yes quota_warning = storage=80%% quota-warning 80 %u quota_warning2 = storage=95%% quota-warning 95 %u sieve = file:~/sieve;active=~/.dovecot.sieve sieve_plugins = sieve_imapsieve sieve_extprograms } pop3_client_workarounds = pop3_delete_type = default pop3_deleted_flag = pop3_enable_last = no pop3_fast_size_lookups = no pop3_lock_session = no pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s pop3_no_flag_updates = no pop3_reuse_xuidl = no pop3_save_uidl = no pop3_uidl_duplicates = allow pop3_uidl_format = %08Xu%08Xv pop3c_features = pop3c_host = pop3c_master_user = pop3c_password = pop3c_port = 110 pop3c_quick_received_date = no pop3c_rawlog_dir = pop3c_ssl = no pop3c_ssl_verify = yes pop3c_user = %u postmaster_address = postmaster@domain.tld protocols = imap lmtp pop3 sieve quota_full_tempfail = no rawlog_dir = recipient_delimiter = + rejection_reason = Your message to <%t> was automatically rejected:%n%r rejection_subject = Rejected: %s replication_dsync_parameters = -d -N -l 30 -U replication_full_sync_interval = 1 days replication_max_conns = 10 replicator_host = replicator replicator_port = 0 sendmail_path = /usr/sbin/sendmail service aggregator { chroot = . client_limit = 0 drop_priv_before_exec = no executable = aggregator extra_groups = fifo_listener replication-notify-fifo { group = mode = 0600 user = } group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener replication-notify { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service anvil { chroot = empty client_limit = 10000 drop_priv_before_exec = no executable = anvil extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 1 protocol = service_count = 0 type = anvil unix_listener anvil-auth-penalty { group = mode = 0600 user = } unix_listener anvil { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service auth-worker { chroot = client_limit = 1 drop_priv_before_exec = no executable = auth -w extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 1 type = unix_listener auth-worker { group = mode = 0600 user = $default_internal_user } user = vsz_limit = 18446744073709551615 B } service auth { chroot = client_limit = 5000 drop_priv_before_exec = no executable = auth extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener auth-client { group = mode = 0600 user = $default_internal_user } unix_listener auth-login { group = mode = 0600 user = $default_internal_user } unix_listener auth-master { group = mode = 0600 user = } unix_listener auth-userdb { group = mode = 0666 user = $default_internal_user } unix_listener login/login { group = mode = 0666 user = } unix_listener token-login/tokenlogin { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service config { chroot = client_limit = 0 drop_priv_before_exec = no executable = config extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = config unix_listener config { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service dict-async { chroot = client_limit = 0 drop_priv_before_exec = no executable = dict extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener dict-async { group = $default_internal_group mode = 0660 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service dict { chroot = client_limit = 1 drop_priv_before_exec = no executable = dict extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener dict { group = vmail mode = 0600 user = vmail } user = $default_internal_user vsz_limit = 18446744073709551615 B } service director { chroot = . client_limit = 0 drop_priv_before_exec = no executable = director extra_groups = fifo_listener login/proxy-notify { group = mode = 00 user = } group = idle_kill = 4294967295 secs inet_listener { address = haproxy = no port = 0 reuse_port = no ssl = no } privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener director-admin { group = mode = 0600 user = } unix_listener director-userdb { group = mode = 0600 user = } unix_listener login/director { group = mode = 00 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service dns-client { chroot = client_limit = 1 drop_priv_before_exec = no executable = dns-client extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener dns-client { group = mode = 0666 user = } unix_listener login/dns-client { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service doveadm { chroot = client_limit = 1 drop_priv_before_exec = no executable = doveadm-server extra_groups = $default_internal_group group = idle_kill = 0 inet_listener doveadm-server { address = haproxy = no port = 12345 reuse_port = no ssl = no } privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 1 type = unix_listener doveadm-server { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service health-check { chroot = client_limit = 1 drop_priv_before_exec = yes executable = script -p health-check.sh extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = user = $default_internal_user vsz_limit = 18446744073709551615 B } service imap-hibernate { chroot = client_limit = 0 drop_priv_before_exec = no executable = imap-hibernate extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = imap service_count = 0 type = unix_listener imap-hibernate { group = $default_internal_group mode = 0660 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service imap-login { chroot = login client_limit = 0 drop_priv_before_exec = no executable = imap-login extra_groups = group = idle_kill = 0 inet_listener imap-dsync { address = haproxy = no port = 1143 reuse_port = no ssl = no } inet_listener imap { address = haproxy = no port = 143 reuse_port = no ssl = no } inet_listener imaps { address = haproxy = no port = 993 reuse_port = no ssl = yes } privileged_group = process_limit = 300 process_min_avail = 1 protocol = imap service_count = 1 type = login user = $default_login_user vsz_limit = 18446744073709551615 B } service imap-urlauth-login { chroot = token-login client_limit = 0 drop_priv_before_exec = no executable = imap-urlauth-login extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = imap service_count = 1 type = login unix_listener imap-urlauth { group = mode = 0666 user = } user = $default_login_user vsz_limit = 18446744073709551615 B } service imap-urlauth-worker { chroot = client_limit = 1 drop_priv_before_exec = no executable = imap-urlauth-worker extra_groups = $default_internal_group group = idle_kill = 0 privileged_group = process_limit = 1024 process_min_avail = 0 protocol = imap service_count = 1 type = unix_listener imap-urlauth-worker { group = mode = 0600 user = $default_internal_user } user = vsz_limit = 18446744073709551615 B } service imap-urlauth { chroot = client_limit = 1 drop_priv_before_exec = no executable = imap-urlauth extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1024 process_min_avail = 0 protocol = imap service_count = 1 type = unix_listener token-login/imap-urlauth { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service imap { chroot = client_limit = 1 drop_priv_before_exec = no executable = imap extra_groups = $default_internal_group group = idle_kill = 0 privileged_group = process_limit = 1024 process_min_avail = 0 protocol = imap service_count = 1 type = unix_listener imap-master { group = mode = 0600 user = } unix_listener login/imap { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service indexer-worker { chroot = client_limit = 1 drop_priv_before_exec = no executable = indexer-worker extra_groups = $default_internal_group group = idle_kill = 0 privileged_group = process_limit = 10 process_min_avail = 0 protocol = service_count = 0 type = unix_listener indexer-worker { group = mode = 0600 user = $default_internal_user } user = vsz_limit = 18446744073709551615 B } service indexer { chroot = client_limit = 0 drop_priv_before_exec = no executable = indexer extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener indexer { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service ipc { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = ipc extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener ipc { group = mode = 0600 user = $default_internal_user } unix_listener login/ipc-proxy { group = mode = 0600 user = $default_login_user } user = $default_internal_user vsz_limit = 18446744073709551615 B } service lmtp { chroot = client_limit = 1 drop_priv_before_exec = no executable = lmtp extra_groups = $default_internal_group group = idle_kill = 0 inet_listener lmtp { address = haproxy = no port = 24 reuse_port = no ssl = no } privileged_group = process_limit = 0 process_min_avail = 5 protocol = lmtp service_count = 0 type = unix_listener lmtp { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service log { chroot = client_limit = 0 drop_priv_before_exec = no executable = log extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = log unix_listener log-errors { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service managesieve-login { chroot = login client_limit = 0 drop_priv_before_exec = no executable = managesieve-login extra_groups = group = idle_kill = 0 inet_listener sieve { address = haproxy = no port = 4190 reuse_port = no ssl = yes } privileged_group = process_limit = 0 process_min_avail = 5 protocol = sieve service_count = 1 type = login user = $default_login_user vsz_limit = 18446744073709551615 B } service managesieve { chroot = client_limit = 1 drop_priv_before_exec = no executable = managesieve extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = sieve service_count = 1 type = unix_listener login/sieve { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service old-stats { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = old-stats extra_groups = fifo_listener old-stats-mail { group = mode = 0600 user = } fifo_listener old-stats-user { group = mode = 0600 user = } group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener old-stats { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service pop3-login { chroot = login client_limit = 0 drop_priv_before_exec = no executable = pop3-login extra_groups = group = idle_kill = 0 inet_listener pop3-dsync { address = haproxy = no port = 1110 reuse_port = no ssl = no } inet_listener pop3 { address = haproxy = no port = 110 reuse_port = no ssl = no } inet_listener pop3s { address = haproxy = no port = 995 reuse_port = no ssl = yes } privileged_group = process_limit = 300 process_min_avail = 1 protocol = pop3 service_count = 1 type = login user = $default_login_user vsz_limit = 18446744073709551615 B } service pop3 { chroot = client_limit = 1 drop_priv_before_exec = no executable = pop3 extra_groups = $default_internal_group group = idle_kill = 0 privileged_group = process_limit = 1024 process_min_avail = 0 protocol = pop3 service_count = 1 type = unix_listener login/pop3 { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service quota-warning { chroot = client_limit = 0 drop_priv_before_exec = no executable = script /usr/local/bin/quota-warning.sh extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener quota-warning { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service replicator { chroot = client_limit = 0 drop_priv_before_exec = no executable = replicator extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener replicator-doveadm { group = mode = 00 user = $default_internal_user } unix_listener replicator { group = mode = 0600 user = $default_internal_user } user = vsz_limit = 18446744073709551615 B } service stats { chroot = client_limit = 3000 drop_priv_before_exec = no executable = stats extra_groups = group = idle_kill = 4294967295 secs inet_listener http { address = haproxy = no port = 9166 reuse_port = no ssl = no } privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener stats-reader { group = mode = 0600 user = } unix_listener stats-writer { group = $default_internal_group mode = 0660 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service submission-login { chroot = login client_limit = 0 drop_priv_before_exec = no executable = submission-login extra_groups = group = idle_kill = 0 inet_listener submission { address = haproxy = no port = 587 reuse_port = no ssl = no } privileged_group = process_limit = 0 process_min_avail = 0 protocol = submission service_count = 1 type = login user = $default_login_user vsz_limit = 18446744073709551615 B } service submission { chroot = client_limit = 1 drop_priv_before_exec = no executable = submission extra_groups = $default_internal_group group = idle_kill = 0 privileged_group = process_limit = 1024 process_min_avail = 0 protocol = submission service_count = 1 type = unix_listener login/submission { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service tcpwrap { chroot = client_limit = 1 drop_priv_before_exec = no executable = tcpwrap extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = user = $default_internal_user vsz_limit = 18446744073709551615 B } shutdown_clients = yes ssl = yes ssl_alt_cert = ssl_alt_key = ssl_ca = ssl_cert = </etc/pki/tls/certs/domain.tld.crt ssl_cert_username_field = commonName ssl_cipher_list = ALL:!kRSA:!SRP:!kDHd:!DSS:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@STRENGTH ssl_client_ca_dir = ssl_client_ca_file = ssl_client_cert = ssl_client_key = ssl_client_require_valid_cert = yes ssl_crypto_device = ssl_curve_list = ssl_dh = # hidden, use -P to show it ssl_key = # hidden, use -P to show it ssl_key_password = ssl_min_protocol = TLSv1 ssl_options = ssl_prefer_server_ciphers = no ssl_require_crl = yes ssl_verify_client_cert = no state_dir = /var/lib/dovecot stats_http_rawlog_dir = stats_writer_socket_path = stats-writer submission_client_workarounds = submission_host = submission_logout_format = in=%i out=%o submission_max_mail_size = 0 submission_max_recipients = 0 submission_relay_command_timeout = 5 mins submission_relay_connect_timeout = 30 secs submission_relay_host = submission_relay_master_user = submission_relay_max_idle_time = 29 mins submission_relay_password = submission_relay_port = 25 submission_relay_rawlog_dir = submission_relay_ssl = no submission_relay_ssl_verify = yes submission_relay_trusted = no submission_relay_user = submission_ssl = no submission_timeout = 30 secs syslog_facility = mail userdb { args = /etc/dovecot/dovecot-sql.conf.ext auth_verbose = default default_fields = driver = sql name = override_fields = result_failure = continue result_internalfail = continue result_success = return-ok skip = never } valid_chroot_dirs = verbose_proctitle = no verbose_ssl = no version_ignore = no protocol lmtp { mail_plugins = quota quota_clone zlib sieve notify } protocol lda { mail_plugins = quota quota_clone zlib sieve postmaster_address = postmaster@domain.tld } protocol imap { imap_client_workarounds = delay-newmail tb-extra-mailbox-sep mail_max_userip_connections = 50 mail_plugins = quota quota_clone zlib imap_quota notify } protocol sieve { mail_max_userip_connections = 10 } protocol pop3 { mail_plugins = quota quota_clone zlib pop3_client_workarounds = outlook-no-nuls oe-ns-eoh pop3_enable_last = yes } protocol doveadm { mail_plugins = quota quota_clone zlib }
On 2021-02-22 16:33, Sami Ketola wrote:
On 17. Feb 2021, at 23.53, Edgaras Lukoševičius <edgaras.lukosevicius@gmail.com> wrote:
Hi,
I'm starting to wonder if dsync is supposed to sync sieve scripts at all? Or should it work only as a part of replicator? Because I was not able to get it working on multiple Dovecot and Pigeon versions, and I see lots of replication/dsync and sieve related questions in the mailing list.
I'm trying to get it to work using latest versions on http://repo.dovecot.org/ce-2.3-latest repo.
The versions I am testing at the moment are:
- Dovecot 2.3.13 (89f716dc2)
- Pigeonhole 0.5.13 (cdd19fe3)
It's a straightforward setup, nothing fancy. So the question is - is it supposed to work at all without replicator?
It does sync sieve scripts as long as you have the plugin installed in both ends and have correct configuration regarding sieve script location.
Sami
Hi,
imapc does not sync sieve scripts. You need to use native doveadm protocol.
Sami
On 25. Feb 2021, at 20.56, Edgaras Lukoševičius <edgaras.lukosevicius@gmail.com> wrote:
Then what is a correct configuration? Because I was not able to get it to work.
It is a simple setup using VirtualUsers, Maildir format, Home and Mail directories are separate as per documentation here https://wiki2.dovecot.org/VirtualUsers/Home, and here: https://doc.dovecot.org/configuration_manual/mail_location/
Both of the hosts have exactly same versions, and exactly same configurations (except for hostnames of course)
ManageSieve, and Sieve itself is working (tested), and while I was going through all the steps and configuration variations I have also enabled imap_sieve plugin.
Directory layout on source.host.tld:
/home/vmail/d/o/domin.tld/local ├── Maildir │ ├── cur │ ├── new │ ├── tmp │ ├── dovecot.index.log │ ├── dovecot.list.index.log │ ├── dovecot-uidlist │ ├── dovecot-uidvalidity │ ├── dovecot-uidvalidity.602d8428 │ └── subscriptions └── sieve │ ├── script.sieve │ └── tmp └── .dovecot.sieve -> sieve/script.sieve
I have tried to pull data from source: /usr/bin/dsync -Dv -o imapc_host=source.host.tld -o imapc_port=143 -o imapc_user=local@domain.tld -o imapc_password=123456789 sync -1 -R -f -u local@domain.tld imapc:
I have also tried to push data to destination: /usr/bin/dsync -Dv -o imapc_host=destination.host.tld -o imapc_port=143 -o imapc_user=local@domain.tld -o imapc_password=123456789 sync -1 -f -u local@domain.tld imapc:
Output of dsync is as follows:
Debug: Loading modules from directory: /usr/lib64/dovecot Debug: Module loaded: /usr/lib64/dovecot/lib10_quota_plugin.so Debug: Module loaded: /usr/lib64/dovecot/lib20_quota_clone_plugin.so Debug: Module loaded: /usr/lib64/dovecot/lib20_zlib_plugin.so Debug: Loading modules from directory: /usr/lib64/dovecot/doveadm Debug: Module loaded: /usr/lib64/dovecot/doveadm/lib10_doveadm_quota_plugin.so Debug: Module loaded: /usr/lib64/dovecot/doveadm/lib10_doveadm_sieve_plugin.so ... dsync(edgaras@hoslinger.com): Debug: imapc(source.host.tld:143): Server capabilities: IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ STARTTLS AUTH=PLAIN AUTH=LOGIN dsync(edgaras@hoslinger.com): Debug: imapc(source.host.tld:143): Authenticating as local@domain.tld dsync(edgaras@hoslinger.com): Debug: imapc(source.host.tld:143): Server capabilities: IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS BINARY MOVE SNIPPET=FUZZY PREVIEW=FUZZY STATUS=SIZE SAVEDATE LITERAL+ NOTIFY SPECIAL-USE IMAPSIEVE=sieve://source.host.tld:4190 QUOTA ... dsync(local@domain.tld): Debug: doveadm-sieve: Iterating Sieve mailbox attributes dsync(local@domain.tld): Debug: sieve: Pigeonhole version 0.5.13 (cdd19fe3) initializing dsync(local@domain.tld): Debug: sieve: include: sieve_global is not set; it is currently not possible to include `:global' scripts. dsync(local@domain.tld): Debug: sieve: Sieve imapsieve plugin for Pigeonhole version 0.5.13 (cdd19fe3) loaded dsync(local@domain.tld): Debug: sieve: Sieve Extprograms plugin for Pigeonhole version 0.5.13 (cdd19fe3) loaded dsync(local@domain.tld): Debug: sieve: file storage: Using active Sieve script path: /home/vmail/d/o/domin.tld/local/.dovecot.sieve dsync(local@domain.tld): Debug: sieve: file storage: Using script storage path: /home/vmail/d/o/domin.tld/local/sieve dsync(local@domain.tld): Debug: sieve: file storage: Using permissions from /home/vmail/d/o/domin.tld/local/sieve: mode=0700 gid=-1 dsync(local@domain.tld): Debug: sieve: file storage: Relative path to sieve storage in active link: sieve/ dsync(local@domain.tld): Debug: sieve: file storage: sync: Synchronization active <end of sieve related logs> ... dsync(local@domain.tld): Debug: brain M: Import INBOX: Last common UID=0. Delayed expunges= dsync(local@domain.tld): Debug: brain M: Import INBOX: Saved UIDs: dsync(local@domain.tld): Debug: brain M: Import INBOX: Finish update: min_next_uid=1 min_first_recent_uid=1 min_highest_modseq=1 min_highest_pvt_modseq=0 ... dsync(local@domain.tld): Debug: imapc(source.host.tld:143): Disconnected dsync(local@domain.tld): Debug: auth-master: conn unix:/var/run/dovecot/auth-userdb (pid=3284,uid=0): Disconnected: Connection closed (fd=10) ...
Configuration on both hosts is as follows
2.3.13 (89f716dc2): /etc/dovecot/dovecot.conf
Pigeonhole version 0.5.13 (cdd19fe3)
OS: Linux 3.10.0-1062.18.1.el7.x86_64 x86_64 CentOS Linux release 7.7.1908 (Core)
Hostname: destination.domain.tld
NOTE: Send doveconf -n output instead when asking for help.
auth_anonymous_username = anonymous auth_cache_negative_ttl = 1 hours auth_cache_size = 0 auth_cache_ttl = 1 hours auth_cache_verify_password_with_worker = no auth_debug = no auth_debug_passwords = no auth_default_realm = auth_failure_delay = 2 secs auth_gssapi_hostname = auth_krb5_keytab = auth_master_user_separator = * auth_mechanisms = plain login auth_policy_check_after_auth = yes auth_policy_check_before_auth = yes auth_policy_hash_mech = sha256 auth_policy_hash_nonce = auth_policy_hash_truncate = 12 auth_policy_log_only = no auth_policy_reject_on_fail = no auth_policy_report_after_auth = yes auth_policy_request_attributes = login=%{requested_username} pwhash=%{hashed_password} remote=%{rip} device_id=%{client_id} protocol=%s session_id=%{session} auth_policy_server_api_header = auth_policy_server_timeout_msecs = 2000 auth_policy_server_url = auth_proxy_self = auth_realms = auth_socket_path = auth-userdb auth_ssl_require_client_cert = no auth_ssl_username_from_cert = no auth_stats = no auth_use_winbind = no auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ auth_username_format = %Lu auth_username_translation = auth_verbose = no auth_verbose_passwords = no auth_winbind_helper_path = /usr/bin/ntlm_auth auth_worker_max_count = 500 base_dir = /var/run/dovecot/ config_cache_size = 1 M debug_log_path = default_client_limit = 1000 default_idle_kill = 1 mins default_internal_group = dovecot default_internal_user = dovecot default_login_user = dovenull default_process_limit = 100 default_vsz_limit = 256 M deliver_log_format = msgid=%m: %$ dict_db_config = director_flush_socket = director_mail_servers = director_max_parallel_kicks = 100 director_max_parallel_moves = 100 director_output_buffer_size = 10 M director_ping_idle_timeout = 30 secs director_ping_max_timeout = 1 mins director_servers = director_user_expire = 15 mins director_user_kick_delay = 2 secs director_username_hash = %u disable_plaintext_auth = no dotlock_use_excl = yes doveadm_allowed_commands = doveadm_api_key = doveadm_http_rawlog_dir = doveadm_password = doveadm_port = 0 doveadm_socket_path = doveadm-server doveadm_ssl = no doveadm_username = doveadm doveadm_worker_count = 0 dsync_alt_char = _ dsync_commit_msgs_interval = 100 dsync_features = dsync_hashed_headers = Date Message-ID dsync_remote_cmd = ssh -l%{login} %{host} doveadm dsync-server -u%u -U first_valid_gid = 500 first_valid_uid = 500 haproxy_timeout = 3 secs haproxy_trusted_networks = hostname = imap_capability = imap_client_workarounds = imap_fetch_failure = disconnect-immediately imap_hibernate_timeout = 0 imap_id_log = imap_id_retain = no imap_id_send = name * imap_idle_notify_interval = 2 mins imap_literal_minus = no imap_logout_format = in=%i out=%o deleted=%{deleted} expunged=%{expunged} trashed=%{trashed} hdr_count=%{fetch_hdr_count} hdr_bytes=%{fetch_hdr_bytes} body_count=%{fetch_body_count} body_bytes=%{fetch_body_bytes} imap_max_line_length = 64 k imap_metadata = no imap_urlauth_host = imap_urlauth_logout_format = in=%i out=%o imap_urlauth_port = 143 imapc_cmd_timeout = 5 mins imapc_connection_retry_count = 1 imapc_connection_retry_interval = 1 secs imapc_features = imapc_host = imapc_list_prefix = imapc_master_user = imapc_max_idle_time = 29 mins imapc_max_line_length = 0 imapc_password = imapc_port = 143 imapc_rawlog_dir = imapc_sasl_mechanisms = imapc_ssl = no imapc_ssl_verify = yes imapc_user = import_environment = TZ CORE_OUTOFMEM CORE_ERROR LISTEN_PID LISTEN_FDS info_log_path = instance_name = dovecot last_valid_gid = 0 last_valid_uid = 0 lda_mailbox_autocreate = no lda_mailbox_autosubscribe = no lda_original_recipient_header = libexec_dir = /usr/libexec/dovecot listen = *, :: lmtp_add_received_header = yes lmtp_client_workarounds = lmtp_hdr_delivery_address = final lmtp_proxy = no lmtp_proxy_rawlog_dir = lmtp_rawlog_dir = lmtp_rcpt_check_quota = no lmtp_save_to_detail_mailbox = no lmtp_user_concurrency_limit = 0 lock_method = fcntl log_core_filter = log_debug = log_path = syslog log_timestamp = "%b %d %H:%M:%S " login_access_sockets = login_greeting = Server ready. login_log_format = %$: %s login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c session=<%{session}> login_plugin_dir = /usr/lib64/dovecot/login login_plugins = login_proxy_max_disconnect_delay = 0 login_proxy_max_reconnects = 3 login_proxy_notify_path = proxy-notify login_proxy_timeout = 30 secs login_source_ips = login_trusted_networks = mail_access_groups = vmail mail_always_cache_fields = mail_attachment_detection_options = mail_attachment_dir = mail_attachment_fs = sis posix mail_attachment_hash = %{sha1} mail_attachment_min_size = 128 k mail_attribute_dict = file:~/dovecot-attributes mail_cache_fields = flags mail_cache_max_size = 1 G mail_cache_min_mail_count = 0 mail_cache_purge_continued_percentage = 200 mail_cache_purge_delete_percentage = 20 mail_cache_purge_header_continue_count = 4 mail_cache_purge_min_size = 32 k mail_cache_record_max_size = 64 k mail_cache_unaccessed_field_drop = 30 days mail_chroot = mail_debug = no mail_fsync = optimized mail_full_filesystem_access = no mail_gid = mail_home = mail_index_log2_max_age = 2 days mail_index_log_rotate_max_size = 1 M mail_index_log_rotate_min_age = 5 mins mail_index_log_rotate_min_size = 32 k mail_index_rewrite_max_log_bytes = 128 k mail_index_rewrite_min_log_bytes = 8 k mail_location = maildir:%h/Maildir mail_log_prefix = "%s(%u)<%{pid}><%{session}>: " mail_max_keyword_length = 50 mail_max_lock_timeout = 0 mail_max_userip_connections = 10 mail_never_cache_fields = imap.envelope mail_nfs_index = no mail_nfs_storage = no mail_plugin_dir = /usr/lib64/dovecot mail_plugins = quota quota_clone zlib mail_prefetch_count = 0 mail_privileged_group = mail_save_crlf = no mail_server_admin = mail_server_comment = mail_shared_explicit_inbox = no mail_sort_max_read_count = 0 mail_temp_dir = /tmp mail_temp_scan_interval = 1 weeks mail_uid = mail_vsize_bg_after_count = 0 mailbox_idle_check_interval = 30 secs mailbox_list_index = yes mailbox_list_index_include_inbox = no mailbox_list_index_very_dirty_syncs = no maildir_broken_filename_sizes = no maildir_copy_with_hardlinks = yes maildir_empty_new = no maildir_stat_dirs = no maildir_very_dirty_syncs = no managesieve_client_workarounds = managesieve_implementation_string = Dovecot Pigeonhole managesieve_logout_format = bytes=%i/%o managesieve_max_compile_errors = 5 managesieve_max_line_length = 64 k managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext imapsieve vnd.dovecot.imapsieve master_user_separator = mbox_dirty_syncs = yes mbox_dotlock_change_timeout = 2 mins mbox_lazy_writes = yes mbox_lock_timeout = 5 mins mbox_md5 = apop3d mbox_min_index_size = 0 mbox_read_locks = fcntl mbox_very_dirty_syncs = no mbox_write_locks = dotlock fcntl mdbox_preallocate_space = no mdbox_rotate_interval = 0 mdbox_rotate_size = 10 M metric auth_request_finished { description = exporter = exporter_include = name hostname timestamps categories fields fields = filter = event = auth_request_finished group_by = policy_result } metric imap_command_finished { description = exporter = exporter_include = name hostname timestamps categories fields fields = filter = event = imap_command_finished group_by = cmd_name tagged_reply_state } metric mail_index_recreated { description = exporter = exporter_include = name hostname timestamps categories fields fields = filter = event = mail_index_recreated group_by = } metric server_connection_connected { description = exporter = exporter_include = name hostname timestamps categories fields fields = filter = event = server_connection_connected group_by = } metric sieve_action_finished { description = exporter = exporter_include = name hostname timestamps categories fields fields = filter = event = sieve_action_finished group_by = action_name } metric sieve_runtime_script_finished { description = exporter = exporter_include = name hostname timestamps categories fields fields = filter = event = sieve_runtime_script_finished group_by = } mmap_disable = no namespace inbox { disabled = no hidden = no ignore_on_failure = no inbox = yes list = yes location = mailbox Drafts { auto = subscribe autoexpunge = 0 autoexpunge_max_mails = 0 comment = driver = special_use = \Drafts } mailbox Junk { auto = subscribe autoexpunge = 0 autoexpunge_max_mails = 0 comment = driver = special_use = \Junk } mailbox Sent { auto = subscribe autoexpunge = 0 autoexpunge_max_mails = 0 comment = driver = special_use = \Sent } mailbox "Sent Messages" { auto = no autoexpunge = 0 autoexpunge_max_mails = 0 comment = driver = special_use = \Sent } mailbox Trash { auto = subscribe autoexpunge = 0 autoexpunge_max_mails = 0 comment = driver = special_use = \Trash } order = 0 prefix = separator = / subscriptions = yes type = private } old_stats_carbon_interval = 30 secs old_stats_carbon_name = old_stats_carbon_server = old_stats_command_min_time = 1 mins old_stats_domain_min_time = 12 hours old_stats_ip_min_time = 12 hours old_stats_memory_limit = 16 M old_stats_session_min_time = 15 mins old_stats_user_min_time = 1 hours passdb { args = /etc/dovecot/master-users auth_verbose = default default_fields = deny = no driver = passwd-file master = yes mechanisms = name = override_fields = pass = yes result_failure = continue result_internalfail = continue result_success = return-ok skip = never username_filter = } passdb { args = /etc/dovecot/dovecot-sql.conf.ext auth_verbose = default default_fields = deny = no driver = sql master = no mechanisms = name = override_fields = pass = no result_failure = continue result_internalfail = continue result_success = return-ok skip = never username_filter = } plugin { imapsieve_url = sieve://destination.domain.tld:4190 quota = count:Mailbox quota quota_clone_dict = redis:host=127.0.0.1:port=6379 quota_grace = 5%% quota_max_mail_size = 50M quota_rule3 = INBOX.Trash:storage=+100%% quota_status_nouser = DUNNO quota_status_overquota = 552 5.2.2 Mailbox is full quota_status_success = DUNNO quota_vsizes = yes quota_warning = storage=80%% quota-warning 80 %u quota_warning2 = storage=95%% quota-warning 95 %u sieve = file:~/sieve;active=~/.dovecot.sieve sieve_plugins = sieve_imapsieve sieve_extprograms } pop3_client_workarounds = pop3_delete_type = default pop3_deleted_flag = pop3_enable_last = no pop3_fast_size_lookups = no pop3_lock_session = no pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s pop3_no_flag_updates = no pop3_reuse_xuidl = no pop3_save_uidl = no pop3_uidl_duplicates = allow pop3_uidl_format = %08Xu%08Xv pop3c_features = pop3c_host = pop3c_master_user = pop3c_password = pop3c_port = 110 pop3c_quick_received_date = no pop3c_rawlog_dir = pop3c_ssl = no pop3c_ssl_verify = yes pop3c_user = %u postmaster_address = postmaster@domain.tld protocols = imap lmtp pop3 sieve quota_full_tempfail = no rawlog_dir = recipient_delimiter = + rejection_reason = Your message to <%t> was automatically rejected:%n%r rejection_subject = Rejected: %s replication_dsync_parameters = -d -N -l 30 -U replication_full_sync_interval = 1 days replication_max_conns = 10 replicator_host = replicator replicator_port = 0 sendmail_path = /usr/sbin/sendmail service aggregator { chroot = . client_limit = 0 drop_priv_before_exec = no executable = aggregator extra_groups = fifo_listener replication-notify-fifo { group = mode = 0600 user = } group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener replication-notify { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service anvil { chroot = empty client_limit = 10000 drop_priv_before_exec = no executable = anvil extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 1 protocol = service_count = 0 type = anvil unix_listener anvil-auth-penalty { group = mode = 0600 user = } unix_listener anvil { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service auth-worker { chroot = client_limit = 1 drop_priv_before_exec = no executable = auth -w extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 1 type = unix_listener auth-worker { group = mode = 0600 user = $default_internal_user } user = vsz_limit = 18446744073709551615 B } service auth { chroot = client_limit = 5000 drop_priv_before_exec = no executable = auth extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener auth-client { group = mode = 0600 user = $default_internal_user } unix_listener auth-login { group = mode = 0600 user = $default_internal_user } unix_listener auth-master { group = mode = 0600 user = } unix_listener auth-userdb { group = mode = 0666 user = $default_internal_user } unix_listener login/login { group = mode = 0666 user = } unix_listener token-login/tokenlogin { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service config { chroot = client_limit = 0 drop_priv_before_exec = no executable = config extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = config unix_listener config { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service dict-async { chroot = client_limit = 0 drop_priv_before_exec = no executable = dict extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener dict-async { group = $default_internal_group mode = 0660 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service dict { chroot = client_limit = 1 drop_priv_before_exec = no executable = dict extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener dict { group = vmail mode = 0600 user = vmail } user = $default_internal_user vsz_limit = 18446744073709551615 B } service director { chroot = . client_limit = 0 drop_priv_before_exec = no executable = director extra_groups = fifo_listener login/proxy-notify { group = mode = 00 user = } group = idle_kill = 4294967295 secs inet_listener { address = haproxy = no port = 0 reuse_port = no ssl = no } privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener director-admin { group = mode = 0600 user = } unix_listener director-userdb { group = mode = 0600 user = } unix_listener login/director { group = mode = 00 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service dns-client { chroot = client_limit = 1 drop_priv_before_exec = no executable = dns-client extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener dns-client { group = mode = 0666 user = } unix_listener login/dns-client { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service doveadm { chroot = client_limit = 1 drop_priv_before_exec = no executable = doveadm-server extra_groups = $default_internal_group group = idle_kill = 0 inet_listener doveadm-server { address = haproxy = no port = 12345 reuse_port = no ssl = no } privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 1 type = unix_listener doveadm-server { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service health-check { chroot = client_limit = 1 drop_priv_before_exec = yes executable = script -p health-check.sh extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = user = $default_internal_user vsz_limit = 18446744073709551615 B } service imap-hibernate { chroot = client_limit = 0 drop_priv_before_exec = no executable = imap-hibernate extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = imap service_count = 0 type = unix_listener imap-hibernate { group = $default_internal_group mode = 0660 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service imap-login { chroot = login client_limit = 0 drop_priv_before_exec = no executable = imap-login extra_groups = group = idle_kill = 0 inet_listener imap-dsync { address = haproxy = no port = 1143 reuse_port = no ssl = no } inet_listener imap { address = haproxy = no port = 143 reuse_port = no ssl = no } inet_listener imaps { address = haproxy = no port = 993 reuse_port = no ssl = yes } privileged_group = process_limit = 300 process_min_avail = 1 protocol = imap service_count = 1 type = login user = $default_login_user vsz_limit = 18446744073709551615 B } service imap-urlauth-login { chroot = token-login client_limit = 0 drop_priv_before_exec = no executable = imap-urlauth-login extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = imap service_count = 1 type = login unix_listener imap-urlauth { group = mode = 0666 user = } user = $default_login_user vsz_limit = 18446744073709551615 B } service imap-urlauth-worker { chroot = client_limit = 1 drop_priv_before_exec = no executable = imap-urlauth-worker extra_groups = $default_internal_group group = idle_kill = 0 privileged_group = process_limit = 1024 process_min_avail = 0 protocol = imap service_count = 1 type = unix_listener imap-urlauth-worker { group = mode = 0600 user = $default_internal_user } user = vsz_limit = 18446744073709551615 B } service imap-urlauth { chroot = client_limit = 1 drop_priv_before_exec = no executable = imap-urlauth extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1024 process_min_avail = 0 protocol = imap service_count = 1 type = unix_listener token-login/imap-urlauth { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service imap { chroot = client_limit = 1 drop_priv_before_exec = no executable = imap extra_groups = $default_internal_group group = idle_kill = 0 privileged_group = process_limit = 1024 process_min_avail = 0 protocol = imap service_count = 1 type = unix_listener imap-master { group = mode = 0600 user = } unix_listener login/imap { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service indexer-worker { chroot = client_limit = 1 drop_priv_before_exec = no executable = indexer-worker extra_groups = $default_internal_group group = idle_kill = 0 privileged_group = process_limit = 10 process_min_avail = 0 protocol = service_count = 0 type = unix_listener indexer-worker { group = mode = 0600 user = $default_internal_user } user = vsz_limit = 18446744073709551615 B } service indexer { chroot = client_limit = 0 drop_priv_before_exec = no executable = indexer extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener indexer { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service ipc { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = ipc extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener ipc { group = mode = 0600 user = $default_internal_user } unix_listener login/ipc-proxy { group = mode = 0600 user = $default_login_user } user = $default_internal_user vsz_limit = 18446744073709551615 B } service lmtp { chroot = client_limit = 1 drop_priv_before_exec = no executable = lmtp extra_groups = $default_internal_group group = idle_kill = 0 inet_listener lmtp { address = haproxy = no port = 24 reuse_port = no ssl = no } privileged_group = process_limit = 0 process_min_avail = 5 protocol = lmtp service_count = 0 type = unix_listener lmtp { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service log { chroot = client_limit = 0 drop_priv_before_exec = no executable = log extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = log unix_listener log-errors { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service managesieve-login { chroot = login client_limit = 0 drop_priv_before_exec = no executable = managesieve-login extra_groups = group = idle_kill = 0 inet_listener sieve { address = haproxy = no port = 4190 reuse_port = no ssl = yes } privileged_group = process_limit = 0 process_min_avail = 5 protocol = sieve service_count = 1 type = login user = $default_login_user vsz_limit = 18446744073709551615 B } service managesieve { chroot = client_limit = 1 drop_priv_before_exec = no executable = managesieve extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = sieve service_count = 1 type = unix_listener login/sieve { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service old-stats { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = old-stats extra_groups = fifo_listener old-stats-mail { group = mode = 0600 user = } fifo_listener old-stats-user { group = mode = 0600 user = } group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener old-stats { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service pop3-login { chroot = login client_limit = 0 drop_priv_before_exec = no executable = pop3-login extra_groups = group = idle_kill = 0 inet_listener pop3-dsync { address = haproxy = no port = 1110 reuse_port = no ssl = no } inet_listener pop3 { address = haproxy = no port = 110 reuse_port = no ssl = no } inet_listener pop3s { address = haproxy = no port = 995 reuse_port = no ssl = yes } privileged_group = process_limit = 300 process_min_avail = 1 protocol = pop3 service_count = 1 type = login user = $default_login_user vsz_limit = 18446744073709551615 B } service pop3 { chroot = client_limit = 1 drop_priv_before_exec = no executable = pop3 extra_groups = $default_internal_group group = idle_kill = 0 privileged_group = process_limit = 1024 process_min_avail = 0 protocol = pop3 service_count = 1 type = unix_listener login/pop3 { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service quota-warning { chroot = client_limit = 0 drop_priv_before_exec = no executable = script /usr/local/bin/quota-warning.sh extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener quota-warning { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service replicator { chroot = client_limit = 0 drop_priv_before_exec = no executable = replicator extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener replicator-doveadm { group = mode = 00 user = $default_internal_user } unix_listener replicator { group = mode = 0600 user = $default_internal_user } user = vsz_limit = 18446744073709551615 B } service stats { chroot = client_limit = 3000 drop_priv_before_exec = no executable = stats extra_groups = group = idle_kill = 4294967295 secs inet_listener http { address = haproxy = no port = 9166 reuse_port = no ssl = no } privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener stats-reader { group = mode = 0600 user = } unix_listener stats-writer { group = $default_internal_group mode = 0660 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service submission-login { chroot = login client_limit = 0 drop_priv_before_exec = no executable = submission-login extra_groups = group = idle_kill = 0 inet_listener submission { address = haproxy = no port = 587 reuse_port = no ssl = no } privileged_group = process_limit = 0 process_min_avail = 0 protocol = submission service_count = 1 type = login user = $default_login_user vsz_limit = 18446744073709551615 B } service submission { chroot = client_limit = 1 drop_priv_before_exec = no executable = submission extra_groups = $default_internal_group group = idle_kill = 0 privileged_group = process_limit = 1024 process_min_avail = 0 protocol = submission service_count = 1 type = unix_listener login/submission { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service tcpwrap { chroot = client_limit = 1 drop_priv_before_exec = no executable = tcpwrap extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = user = $default_internal_user vsz_limit = 18446744073709551615 B } shutdown_clients = yes ssl = yes ssl_alt_cert = ssl_alt_key = ssl_ca = ssl_cert = </etc/pki/tls/certs/domain.tld.crt ssl_cert_username_field = commonName ssl_cipher_list = ALL:!kRSA:!SRP:!kDHd:!DSS:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@STRENGTH ssl_client_ca_dir = ssl_client_ca_file = ssl_client_cert = ssl_client_key = ssl_client_require_valid_cert = yes ssl_crypto_device = ssl_curve_list = ssl_dh = # hidden, use -P to show it ssl_key = # hidden, use -P to show it ssl_key_password = ssl_min_protocol = TLSv1 ssl_options = ssl_prefer_server_ciphers = no ssl_require_crl = yes ssl_verify_client_cert = no state_dir = /var/lib/dovecot stats_http_rawlog_dir = stats_writer_socket_path = stats-writer submission_client_workarounds = submission_host = submission_logout_format = in=%i out=%o submission_max_mail_size = 0 submission_max_recipients = 0 submission_relay_command_timeout = 5 mins submission_relay_connect_timeout = 30 secs submission_relay_host = submission_relay_master_user = submission_relay_max_idle_time = 29 mins submission_relay_password = submission_relay_port = 25 submission_relay_rawlog_dir = submission_relay_ssl = no submission_relay_ssl_verify = yes submission_relay_trusted = no submission_relay_user = submission_ssl = no submission_timeout = 30 secs syslog_facility = mail userdb { args = /etc/dovecot/dovecot-sql.conf.ext auth_verbose = default default_fields = driver = sql name = override_fields = result_failure = continue result_internalfail = continue result_success = return-ok skip = never } valid_chroot_dirs = verbose_proctitle = no verbose_ssl = no version_ignore = no protocol lmtp { mail_plugins = quota quota_clone zlib sieve notify } protocol lda { mail_plugins = quota quota_clone zlib sieve postmaster_address = postmaster@domain.tld } protocol imap { imap_client_workarounds = delay-newmail tb-extra-mailbox-sep mail_max_userip_connections = 50 mail_plugins = quota quota_clone zlib imap_quota notify } protocol sieve { mail_max_userip_connections = 10 } protocol pop3 { mail_plugins = quota quota_clone zlib pop3_client_workarounds = outlook-no-nuls oe-ns-eoh pop3_enable_last = yes } protocol doveadm { mail_plugins = quota quota_clone zlib }
On 2021-02-22 16:33, Sami Ketola wrote:
On 17. Feb 2021, at 23.53, Edgaras Lukoševičius <edgaras.lukosevicius@gmail.com> wrote:
Hi,
I'm starting to wonder if dsync is supposed to sync sieve scripts at all? Or should it work only as a part of replicator? Because I was not able to get it working on multiple Dovecot and Pigeon versions, and I see lots of replication/dsync and sieve related questions in the mailing list.
I'm trying to get it to work using latest versions on http://repo.dovecot.org/ce-2.3-latest repo.
The versions I am testing at the moment are:
- Dovecot 2.3.13 (89f716dc2)
- Pigeonhole 0.5.13 (cdd19fe3)
It's a straightforward setup, nothing fancy. So the question is - is it supposed to work at all without replicator?
It does sync sieve scripts as long as you have the plugin installed in both ends and have correct configuration regarding sieve script location.
Sami
participants (2)
-
Edgaras Lukoševičius
-
Sami Ketola