[Dovecot] Vacation message with Sieve
Hello all,
I am trying to get my vacation messages to work correctly. In general it works like how I want, and replies when a message is arived to for example info@domain.com, but I have some problems to get my vacation message to work on catch-all boxes. Is there an option to for example auto-reply on every mail that is sendto @domain.com?
I am using Ubuntu 9.10 default packages, which are the following versions:
dovecot -n # 1.1.11: /etc/dovecot/dovecot.conf # OS: Linux 2.6.31-14-server x86_64 Ubuntu 9.10 ext4
mail_plugins = cmusieve
My example file of the vacation message I use is:
require ["vacation"]; vacation # Reply at most once a day to a same sender :days [vacationmessage_delay_days] :subject "Autorespond: [vacationmessage_subject]" # List of recipient addresses which are included in the auto replying. # If a mail's recipient is not on this list, no vacation reply is sent for it. :addresses ["[username]@[domain]"] "[vacationmessage_message]";
I tried changing [username]@[domain] into @[domain] or *@[domain], but that is giving me errors. Anyone has any pointers how to achieve this (if its possible at all)...
Regards, Rene
On 11/23/2009 01:19 PM Rene Bakkum wrote:
Hello all,
I am trying to get my vacation messages to work correctly. In general it works like how I want, and replies when a message is arived to for example info@domain.com, but I have some problems to get my vacation message to work on catch-all boxes. Is there an option to for example auto-reply on every mail that is sendto @domain.com? … Anyone has any pointers how to achieve this (if its possible at all)...
No, a 'Catch-all-vacation' reply is not possible. A workaround may be to list all possible addresses in the ":addresses" argument. But do you really want to show each 'spammer¹', that you have configured a vacation auto-reply?
Regards, Pascal
1 = They use mostly faked or invalid addresses.
The trapper recommends today: decade.0932702@localdomain.org
On 11/23/2009 7:19 AM, Rene Bakkum wrote:
Hello all,
I am trying to get my vacation messages to work correctly. In general it works like how I want, and replies when a message is arived to for example info@domain.com, but I have some problems to get my vacation message to work on catch-all boxes. Is there an option to for example auto-reply on every mail that is sendto @domain.com?
As stated by Pascal, catch-all addresses are evil. Especially when the spammers do a dictionary attack run against your domain (you'll get messages for aa@example.com, ab@example.com, ac@example.com...).
In our setup, we specify multiple addresses as:
:addresses ["name1@example.com", "name2@example.com", "name3@example.com"]
(For the few people that we allow inbound mail via multiple aliases.)
I understand the desire to have a catch-all address, I used to do it myself a few years ago. But the aggravation eventually caused me to reevaluate whether it was worth all of the dictionary attack spam. So I setup aliases in postfix for all of the addresses that I was truly interested in monitoring and simply "5xx unknown user" the rest of them.
Thanks for all the response.
I understand the desire to have a catch-all address, I used to do it myself a few years ago. But the aggravation eventually caused me to reevaluate whether it was worth all of the dictionary attack spam. So I setup aliases in postfix for all of the addresses that I was truly interested in monitoring and simply "5xx unknown user" the rest of them.
I don't like catch-all addresses either, and I have almost never used them myself. But our customers seems to like them sometimes, so I can't ignore their wishes. But if they are doing a dirctionary attack, wouldn't it just sent 1 time a vacation message, and next time see it already sent one today - so than ignoring it, unless they change their from address ofcourse. Or are the vacation message linked to 'from' and 'to' - so if I sent an e-mail to rene@domain.com I get vacation message reply, but if I sent another mail (same from) to rene.bakkum@domain.com I get another vacation message since it are 2 different to-addresses - even though they are linked to the same mailbox?
The reason I was searching for this option, is because I am migrating from Courier/Maildrop to Dovecot/Sieve. In maildrop I think the default configuration of the vacation messages are active for any address that was received to the mailbox, you don't specify the 'to' address. And since some of the customers are liking the catch-all boxes I was searching to be any help for them so that the migration don't cause much problems on their side. But if its not possible, its not possible! It would explain why there is not much information to find about the subject :)
Thanks again
- Rene
On November 23, 2009 1:19:00 PM +0100 Rene Bakkum <rene.bakkum@gmail.com> wrote:
Is there an option to for example auto-reply on every mail that is sendto @domain.com?
The part of this question that was overlooked is "on every mail". It would be nice if '0' days meant respond to every message.
Alternatively, can I create an empty address database file that is non-writable (or maybe a link to /dev/zero)?
-frank
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi,
On 2009-11-24 00:38, Frank Cusack wrote:
On November 23, 2009 1:19:00 PM +0100 Rene Bakkum <rene.bakkum@gmail.com> wrote:
Is there an option to for example auto-reply on every mail that is sendto @domain.com?
The part of this question that was overlooked is "on every mail". It would be nice if '0' days meant respond to every message.
Alternatively, can I create an empty address database file that is non-writable (or maybe a link to /dev/zero)?
Yes, I'd also be interested in that. I tried a few things when I needed to set up an auto reply that responds more than once a day, but couldn't get it to work. I didn't know any other way than having an 'rm /home/user/.dovecot.lda-dupes' as a cron job run every minute (if there had come two mails within one minute it wouldn't have been a problem if only the first had been answered).
Someone will probably ask why an auto reply to the same person more than once a day might be necessary. This is why I needed it: A project manager was leaving the company, and the contacts writing him had to be informed that they should write to another address, and that the address they sent their mail to would soon cease to exist. When I set 'days' to 1, there was an outcry by other project managers that the contacts would probably not read the auto reply on the first time, or forget about it immediately, and then send more mails during the day. I had a lengthy discussion involving me questioning those contacts' intellect, but in the end I had to give in to a strong opposition against "only one auto reply per day".
Patrick.
STAR Software (Shanghai) Co., Ltd. http://www.star-group.net/ Phone: +86 (21) 3462 7688 x 826 Fax: +86 (21) 3462 7779
PGP key E883A005 https://stshacom1.star-china.net/keys/patrick_nagel.asc Fingerprint: E09A D65E 855F B334 E5C3 5386 EF23 20FC E883 A005
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/
iEYEARECAAYFAksLVrMACgkQ7yMg/OiDoAXdAwCglwmrmlUt6QZHmKAy7tqhYbtU B9MAnjEKatvh3PxNJySzcgTyYgtlb6DE =5PJG -----END PGP SIGNATURE-----
On Nov 23, 2009, at 10:44 PM, Patrick Nagel wrote:
Someone will probably ask why an auto reply to the same person more than once a day might be necessary. This is why I needed it: A project manager was leaving the company, and the contacts writing him had to be informed that they should write to another address, and that the address they sent their mail to would soon cease to exist. When I set 'days' to 1, there was an outcry by other project managers that the contacts would probably not read the auto reply on the first time, or forget about it immediately, and then send more mails during the day. I had a lengthy discussion involving me questioning those contacts' intellect, but in the end I had to give in to a strong opposition against "only one auto reply per day".
Shouldn't that be more like:
reject "this guy is gone"; keep;
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi Timo,
On 2009-11-24 11:50, Timo Sirainen wrote:
On Nov 23, 2009, at 10:44 PM, Patrick Nagel wrote:
Someone will probably ask why an auto reply to the same person more than once a day might be necessary. This is why I needed it: A project manager was leaving the company, and the contacts writing him had to be informed that they should write to another address, and that the address they sent their mail to would soon cease to exist. When I set 'days' to 1, there was an outcry by other project managers that the contacts would probably not read the auto reply on the first time, or forget about it immediately, and then send more mails during the day. I had a lengthy discussion involving me questioning those contacts' intellect, but in the end I had to give in to a strong opposition against "only one auto reply per day".
Shouldn't that be more like:
reject "this guy is gone"; keep;
Yes, that was my first proposal, but that was also rejected harshly by the other project managers. They wanted to have some "transit time" in which the replacement guy would still access the leaving guy's mailbox.
They felt that just deactivating the mailbox and rejecting mails would be "rude".
Patrick.
STAR Software (Shanghai) Co., Ltd. http://www.star-group.net/ Phone: +86 (21) 3462 7688 x 826 Fax: +86 (21) 3462 7779
PGP key E883A005 https://stshacom1.star-china.net/keys/patrick_nagel.asc Fingerprint: E09A D65E 855F B334 E5C3 5386 EF23 20FC E883 A005 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/
iEYEARECAAYFAksLWPYACgkQ7yMg/OiDoAXkfwCgrmgKFZRgrTp3lyeWWNjGQDHU GSkAnitaSPEnupTXG2Oyckz7F2d2EjpJ =smsY -----END PGP SIGNATURE-----
On Nov 23, 2009, at 10:54 PM, Patrick Nagel wrote:
Shouldn't that be more like:
reject "this guy is gone"; keep;
Yes, that was my first proposal, but that was also rejected harshly by the other project managers. They wanted to have some "transit time" in which the replacement guy would still access the leaving guy's mailbox.
They felt that just deactivating the mailbox and rejecting mails would be "rude".
Ah, but that's why I had the "keep" there! The reject message of course could have been nicer and said how the guy is gone but this address will be read for a bit longer but anyway stop sending mail here.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi,
On 2009-11-24 11:58, Timo Sirainen wrote:
On Nov 23, 2009, at 10:54 PM, Patrick Nagel wrote:
Shouldn't that be more like:
reject "this guy is gone"; keep;
Yes, that was my first proposal, but that was also rejected harshly by the other project managers. They wanted to have some "transit time" in which the replacement guy would still access the leaving guy's mailbox.
They felt that just deactivating the mailbox and rejecting mails would be "rude".
Ah, but that's why I had the "keep" there! The reject message of course could have been nicer and said how the guy is gone but this address will be read for a bit longer but anyway stop sending mail here.
Oh... yeah. I never got past the "reject", I guess ;) That would probably be a good solution. Does 'reject' also refrain from sending mails to mailing lists, auto-generated messages, etc., like 'vacation' does?
Patrick.
STAR Software (Shanghai) Co., Ltd. http://www.star-group.net/ Phone: +86 (21) 3462 7688 x 826 Fax: +86 (21) 3462 7779
PGP key E883A005 https://stshacom1.star-china.net/keys/patrick_nagel.asc Fingerprint: E09A D65E 855F B334 E5C3 5386 EF23 20FC E883 A005 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/
iEYEARECAAYFAksLXMQACgkQ7yMg/OiDoAWaZgCguKuzYmEzUBhxMC1C2XzB/WLy gJEAniwNr1m195qxpsIkxl2jNN5HLMsO =nS3d -----END PGP SIGNATURE-----
On Nov 23, 2009, at 11:10 PM, Patrick Nagel wrote:
Ah, but that's why I had the "keep" there! The reject message of course could have been nicer and said how the guy is gone but this address will be read for a bit longer but anyway stop sending mail here.
Oh... yeah. I never got past the "reject", I guess ;) That would probably be a good solution. Does 'reject' also refrain from sending mails to mailing lists,
No, but they get caught as bounces because they're sent from <> address and get dropped from the lists.
auto-generated messages, etc., like 'vacation' does?
IIRC there are a couple of checks against that too. This is anyway basically the same as what happens when a user really gets deleted. I don't remember seeing any "user doesn't exist" bounces to mailing lists..
Timo Sirainen wrote:
On Nov 23, 2009, at 10:54 PM, Patrick Nagel wrote:
Shouldn't that be more like:
reject "this guy is gone"; keep; Yes, that was my first proposal, but that was also rejected harshly by the other project managers. They wanted to have some "transit time" in which the replacement guy would still access the leaving guy's mailbox.
They felt that just deactivating the mailbox and rejecting mails would be "rude".
Ah, but that's why I had the "keep" there! The reject message of course could have been nicer and said how the guy is gone but this address will be read for a bit longer but anyway stop sending mail here.
== RFC 5429; page 8
"reject" MUST be incompatible with the "vacation" [VACATION] action. It is NOT RECOMMENDED that implementations permit the use of "reject" with actions that cause mail delivery, such as "keep", "fileinto", and "redirect".
Making "reject" compatible with actions that cause mail delivery violates the RFC 5321 [SMTP] principle that a message is either delivered or bounced back to the sender. So bouncing a message back (rejecting) and delivering it will make the sender believe that the message was not delivered.
Timo, your script would cause a runtime error, because reject is not allowed with an explicit keep currently.
Regards,
Stephan.
On 11/23/2009, Patrick Nagel (patrick.nagel@star-group.net) wrote:
Yes, that was my first proposal, but that was also rejected harshly by the other project managers. They wanted to have some "transit time" in which the replacement guy would still access the leaving guy's mailbox.
They felt that just deactivating the mailbox and rejecting mails would be "rude".
I think you're way overcomplicating things...
What I would do is either:
Add an alias to the x-managers account that forwards all incoming mail to his replacement, or
Add the x-managers account to your replacements email client, so they can check it as well as theirs.
In either case you could also enable the vacation message notification if you like, but once per day is plenty in this case since someone else is (or should be) reading the mail).
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi Charles,
On 2009-11-24 19:27, Charles Marcus wrote:
On 11/23/2009, Patrick Nagel (patrick.nagel@star-group.net) wrote:
Yes, that was my first proposal, but that was also rejected harshly by the other project managers. They wanted to have some "transit time" in which the replacement guy would still access the leaving guy's mailbox.
They felt that just deactivating the mailbox and rejecting mails would be "rude".
I think you're way overcomplicating things...
I wish it was me... ;)
What I would do is either:
Add an alias to the x-managers account that forwards all incoming mail to his replacement, or
Add the x-managers account to your replacements email client, so they can check it as well as theirs.
- is what we did.
In either case you could also enable the vacation message notification if you like, but once per day is plenty in this case since someone else is (or should be) reading the mail).
Well, as I said, they weren't satisfied with that.
Additionally most mail does not come in during our office hours (different time zone), so when one of those contacts would have been mailing away to the guy who left, because he didn't read the (single) auto reply, it would have gone unnoticed for quite some time. Sure, the mail could then still be forwarded to the replacement...
In any case, as I explained, it wasn't my preferred solution - but it's what was asked for. It would be great if sieve 'vacation' allowed to optionally disable the max. once per day auto reply thing.
Patrick.
STAR Software (Shanghai) Co., Ltd. http://www.star-group.net/ Phone: +86 (21) 3462 7688 x 826 Fax: +86 (21) 3462 7779
PGP key E883A005 https://stshacom1.star-china.net/keys/patrick_nagel.asc Fingerprint: E09A D65E 855F B334 E5C3 5386 EF23 20FC E883 A005 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/
iEYEARECAAYFAksL3ToACgkQ7yMg/OiDoAXjigCZAbBq+kHQzlpN+qGdLFs/v95B yo8AniPNM8HN+SF8FwNW6ZpS54xn+J4p =FT4d -----END PGP SIGNATURE-----
On 11/24/2009, Patrick Nagel (patrick.nagel@star-group.net) wrote:
- Add the x-managers account to your replacements email client, so they can check it as well as theirs.
- is what we did.
In either case you could also enable the vacation message notification if you like, but once per day is plenty in this case since someone else is (or should be) reading the mail).
Well, as I said, they weren't satisfied with that.
So, the guy who is replacing the x-manager has direct access to the guys email and all incoming messages, but is refusing to accept the responsibility for it?
Fire the new manager would be my next step.
:)
Fire the new manager, eh?
Now you need to keep TWO old addresses working for the same position!
Stop compounding the issue! ;)
Thomas Berezansky Merrimack Valley Library Consortium
Quoting Charles Marcus <CMarcus@Media-Brokers.com>:
On 11/24/2009, Patrick Nagel (patrick.nagel@star-group.net) wrote:
- Add the x-managers account to your replacements email client, so they can check it as well as theirs.
- is what we did.
In either case you could also enable the vacation message notification if you like, but once per day is plenty in this case since someone else is (or should be) reading the mail).
Well, as I said, they weren't satisfied with that.
So, the guy who is replacing the x-manager has direct access to the guys email and all incoming messages, but is refusing to accept the responsibility for it?
Fire the new manager would be my next step.
:)
On 11/24/2009 6:27 AM, Charles Marcus wrote:
On 11/23/2009, Patrick Nagel (patrick.nagel@star-group.net) wrote:
Yes, that was my first proposal, but that was also rejected harshly by the other project managers. They wanted to have some "transit time" in which the replacement guy would still access the leaving guy's mailbox.
They felt that just deactivating the mailbox and rejecting mails would be "rude".
Add an alias to the x-managers account that forwards all incoming mail to his replacement, or
Add the x-managers account to your replacements email client, so they can check it as well as theirs.
- (slightly different) Have the vacation auto-reply set and also use the sieve redirect method after the vacation message gets processed?
redirect :copy "newmanager@example.com";
New manager gets the email, clients get a "hey, I retired but these folks over here will also get a copy of your message and will help you" message.
90% sure you can do that (vacation is supposed to be compatible with redirect)... I'll have to try it the next time that someone retires around here.
Eventually (30-90 days), we turned off the redirect and changed the vacation message.
You'll want a very good server-side spam filter with aggressive quarantine levels for that user if you're going to have a long-running vacation reply in place. That'll avoid the vacation script replying to every joe-jobbed message that makes it into the mailbox.
The sooner that you can start returning 5xx codes for the old address the better (IMHO).
(Still doesn't address the issue of more then one per day, but you'd have to complain about that to the folks who wrote RFC 5230 who specify that :days has to be greater then zero.)
On 11/24/2009, Thomas Harold (thomas-lists@nybeta.com) wrote:
- (slightly different) Have the vacation auto-reply set and also use the sieve redirect method after the vacation message gets processed?
redirect :copy "newmanager@example.com";
Different how? Thats was my #1 option, combined with my last comment about also enabling the vacation if desired - but that once per day would be ok in this case, since someone live is actually seeing the emails.
On November 24, 2009 11:44:52 AM +0800 Patrick Nagel <patrick.nagel@star-group.net> wrote:
Someone will probably ask why an auto reply to the same person more than once a day might be necessary.
In my case I want an autoresponder for a shared email account. info@
"Your message has been received, thank you blah bah".
Easy enough for me to patch the sieve code which is likely what I'll do.
-frank
Just wanted to followup to encourage anyone who thought this was a stupid idea to speak up. I know in the past we (other companies I've been at) have always had an autoresponder program and the MTA was set to deliver to that program. I see no reason for that to not just be sieve.
-frank
On November 29, 2009 10:15:55 AM -0800 Frank Cusack <fcusack@fcusack.com> wrote:
On November 24, 2009 11:44:52 AM +0800 Patrick Nagel <patrick.nagel@star-group.net> wrote:
Someone will probably ask why an auto reply to the same person more than once a day might be necessary.
In my case I want an autoresponder for a shared email account. info@
"Your message has been received, thank you blah bah".
Easy enough for me to patch the sieve code which is likely what I'll do.
On November 29, 2009 10:15:55 AM -0800 Frank Cusack <fcusack@fcusack.com> wrote:
Easy enough for me to patch the sieve code which is likely what I'll do.
Here it is. I decided to store the timestamp (dup) info even though it isn't used when deciding to send a response, because
- it saves the addresses that vacation replies were sent to, so that when disabling vacation the user can get a report of those recipients
- if the user changes the vacation :days the dup database already exists and doesn't have to start fresh -- just like happens if they change it from (e.g.) :1 to :2
If you want to use this patch, you might want to consider using a magic number (e.g. 999) for :days instead of 0, so that users unaware of the magic number can't easily send unthrottled vacation responses. Just change the
if ( ctx->days && senv->duplicate_check != NULL ) {
part to be
if ( ctx->days != 999 && senv->duplicate_check != NULL ) {
-frank
On December 2, 2009 2:31:12 AM -0800 Frank Cusack <fcusack@fcusack.com> wrote:
If you want to use this patch, you might want to consider using a magic number (e.g. 999) for :days instead of 0, so that users unaware of the magic number can't easily send unthrottled vacation responses. Just change the ^^^^
"Just" is wrong:
if ( ctx->days && senv->duplicate_check != NULL ) {
part to be
if ( ctx->days != 999 && senv->duplicate_check != NULL ) {
oh sorry, that wouldn't work because if :days were 0 then the dup check would still happen and the throttling would simply be limited to one response per second as opposed to unlimited. But to make it work, just remove the #ifdefs (the rest of the patch) and ONLY include the above part of the patch. Then, :days 0 won't be allowed just as in the spec, however the magic value of :days will mean, no throttlling.
-frank
On November 24, 2009 11:44:52 AM +0800 Patrick Nagel <patrick.nagel@star-group.net> wrote:
set 'days' to 1, there was an outcry by other project managers that the contacts would probably not read the auto reply on the first time, or forget about it immediately, and then send more mails during the day. I had a lengthy discussion involving me questioning those contacts' intellect, but in the end I had to give in to a strong opposition against "only one auto reply per day".
Sometimes the correct solution in a case like that is to agree and then do nothing. They will never notice.
-frank
participants (10)
-
Charles Marcus
-
Frank Cusack
-
Pascal Volk
-
Patrick Nagel
-
Rene Bakkum
-
Seth Mattinen
-
Stephan Bosch
-
Thomas Berezansky
-
Thomas Harold
-
Timo Sirainen