Dovecot discards mail in a certain situation
Hi all:
I'm using Dovecot with Postfix (via LMTP). Because Postfix doesn't de-duplicate recipients, I'm using sieve to drop duplicates, following this recipe: https://serverfault.com/questions/112958/postfix-aliases-and-duplicate-e-mai...
A "sieve_before" script contains:
require ["duplicate"]; if duplicate { discard; stop; }
It works well, except when the recipient is over quota. Dovecot is configured for tempfail in this case: quota_full_tempfail = yes
When a mail arrives for a user who's over quota, Postfix logs this:
AF4481700032: to=<?@?>, relay=?[private/dovecot-lmtp], delay=0.05, delays=0.05/0/0/0, dsn=4.2.2, status=deferred (host ?[private/dovecot-lmtp] said: 452 4.2.2 <?@?> Quota exceeded (mailbox for user is full) (in reply to end of DATA command))
Approximately 10 minutes later, Postfix retries, and log shows:
dovecot: lmtp(?)<1742912><+EYHBXjidmBAmBoAcAY70w>: sieve: msgid=<489132c2-7b77-cd2f-ce60-439f6558ddcf@?>: marked message to be discarded if not explicitly delivered (discard action) postfix/lmtp[1742691]: AF4481700032: to=<?@?>, relay=?[private/dovecot-lmtp], delay=431, delays=431/0/0/0, dsn=2.0.0, status=sent (250 2.0.0 <?@?> +EYHBXjidmBAmBoAcAY70w Saved) postfix/qmgr[421343]: AF4481700032: removed
The message is then nowhere to be found: it's not delivered to mailbox, bounce isn't sent to the sender, mail is not in postfix queue. Apparently it's been discarded.
I'd say that at first LMTP delivery attempt, sieve records message as seen, even though it is eventually rejected (452 over quota). During second attempt sieve "recognizes" the message as seen before and discards it. (This is just my interpretation of what could be happening.)
Is this a bug or have I misconfigured something? My dovecot -n output is below.
Thanks for help,
Aleš Pečnik
# dovecot -n # 2.3.7.2 (3c910f64b): /etc/dovecot/dovecot.conf # Pigeonhole version 0.5.7.2 () # OS: Linux 5.4.0-62-generic x86_64 Ubuntu 20.04.1 LTS auth_mechanisms = plain login auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@: auth_username_format = %Ln auth_worker_max_count = 3 default_vsz_limit = 1 G first_valid_gid = 12 first_valid_uid = 8 hostname = something.org last_valid_gid = 12 last_valid_uid = 8 listen = * mail_access_groups = mail mail_location = maildir:/var/dovecot/%u mail_plugins = " quota mailbox_alias mail_log notify acl" mail_privileged_group = mail namespace { location = maildir:/var/dovecot/public:INDEXPVT=/var/dovecot/%n/public prefix = Public. separator = . subscriptions = no type = public } namespace inbox { inbox = yes location = mailbox Drafts { auto = no special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { auto = subscribe special_use = \Sent } mailbox "Sent Messages" { auto = no special_use = \Sent } mailbox Trash { auto = no special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-sql-master.conf.ext driver = sql master = yes pass = yes } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { acl = vfile mailbox_alias_new = Sent Messages mailbox_alias_new2 = Sent Items mailbox_alias_new3 = Deleted Items mailbox_alias_new4 = Deleted Messages mailbox_alias_old = Sent mailbox_alias_old2 = Sent mailbox_alias_old3 = Trash mailbox_alias_old4 = Trash quota = maildir:User quota quota_rule = *:storage=200M quota_rule2 = Trash:storage=+50M quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u sieve = file:/var/dovecot/%n/sieve;active=/var/dovecot/%n/sieve/active.sieve sieve_before = /var/lib/dovecot/sieve.d/ sieve_extensions = +notify +imapflags +editheader +duplicate } postmaster_address = postmaster@something.org protocols = " imap lmtp" quota_full_tempfail = yes service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 0 } process_min_avail = 12 service_count = 0 } service imap-postlogin { executable = script-login /etc/dovecot/postlogin.sh user = $default_internal_user } service imap { executable = imap imap-postlogin } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } service pop3-login { inet_listener pop3 { port = 0 } inet_listener pop3s { port = 0 } } ssl_cert = </etc/ssl/my.crt ssl_client_ca_dir = /etc/ssl/certs ssl_dh = # hidden, use -P to show it ssl_key = # hidden, use -P to show it userdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } protocol lmtp { mail_plugins = " quota mailbox_alias mail_log notify acl sieve" } protocol lda { mail_plugins = " quota mailbox_alias mail_log notify acl sieve" } protocol imap { mail_max_userip_connections = 30 mail_plugins = " quota mailbox_alias mail_log notify acl imap_quota imap_acl" }
On 2021-04-20 20:41, Aleš Pečnik wrote:
I'm using Dovecot with Postfix (via LMTP). Because Postfix doesn't de-duplicate recipients, I'm using sieve to drop duplicates, following this recipe: https://serverfault.com/questions/112958/postfix-aliases-and-duplicate-e-mai...
its a bug, but the workaround is to
https://doc.dovecot.org/configuration_manual/quota_plugin/
so postfix tempfail before lmtp delivery the first time
hopefully it credited you report this problem
Thank you for your help. It works, but only for e-mail addressed to an actual username - i.e., not an alias.
For e-mails addressed to an alias@domain, Postfix doesn't translate the alias to username before asking Dovecot, which then replies with "user unknown" and mail is rejected.
For example, an e-mail sent to a user over quota and his alias:
----- The following addresses had permanent fatal errors ----- <alias@domain> (reason: 554 5.7.1 <alias@domain>: Recipient address rejected: Unknown user) <username@domain> (reason: 554 5.2.2 <username@domain>: Recipient address rejected: Quota exceeded (mailbox for user is full))
Anyway, this is what I added to Dovecot's configuration:
service quota-status { executable = quota-status -p postfix inet_listener { port = 999 } client_limit = 1 }
And this to Postfix's configuration:
smtpd_recipient_restrictions = check_policy_service inet:localhost:999
Is there any timeline for fixing the bug in the current sieve behaviour regarding duplicates?
On 21. 04. 21 03:16, Benny Pedersen wrote:
On 2021-04-20 20:41, Aleš Pečnik wrote:
I'm using Dovecot with Postfix (via LMTP). Because Postfix doesn't de-duplicate recipients, I'm using sieve to drop duplicates, following this recipe: https://serverfault.com/questions/112958/postfix-aliases-and-duplicate-e-mai...
its a bug, but the workaround is to
https://doc.dovecot.org/configuration_manual/quota_plugin/
so postfix tempfail before lmtp delivery the first time
hopefully it credited you report this problem
participants (2)
-
Aleš Pečnik
-
Benny Pedersen