SMTPUTF8 support
André Rodier
andre at rodier.me
Sat Apr 6 11:07:31 EEST 2019
On 05/04/2019 08:57, David Bürgin via dovecot wrote:
> André, are you quite sure you have it working?
>
> In this thread someone from Open-Xchange stated that no, Dovecot doesn’t
> have SMTPUTF8 support implemented, and the same response was given by
> another Dovecot developer last September (it ‘is being considered’ was
> the answer then, see
> https://dovecot.org/pipermail/dovecot/2018-September/112887.html).
>
> I am using LMTP to deliver mail to Dovecot from Postfix, and delivery
> fails with Postfix reporting: ‘SMTPUTF8 is required, but was not offered
> by host mail.my.org[private/dovecot-lmtp]’. I doubt that this can work
> without a change in Dovecot LMTP.
>
> Anyway, I am also interested in SMTPUTF8 support, so +1 from me!
>
>
Hello David et al,
I have it working with my set up, and I confirm it is not easy.
If I limit the stack to OpenLDAP, Postfix and Dovecot to their simplest
configuration, it is relatively easy, even with slightly outdated
software in Debian Stretch.
The trick I am using is to include the internationalised email address
aside the main one, and to use Postfix LDAP lookup.
For instance, I am using this LDAP schema:
https://tools.ietf.org/html/draft-stroeder-mailboxrelatedobject-07
So, my LDAP lookup table for Postfix looks like this:
# Basic LDAP settings for postfix
server_host = ldap://ldap.rodier.me/
start_tls = yes
search_base = dc=rodier,dc=me
search_scope = sub
# Allow advanced LDAP search with the recipient delimiter
query_filter = (|(mail=%s)(intlMailAddr=%s))
result_attribute = mail
# Force support for UTF8
version = 3
Therefore, postmap query works as expected:
postmap -q andré@rodier.me ldap:/etc/postfix/ldap-aliases.cf
andre at rodier.me
That said, if only one of the milter reject your message, it is breaking
the whole chain.
For instance, the quota plugin for Dovecot, I had to use DUNNO when the
user is unknown instead of reject.
I have it working perfectly from Homebox to Homebox, so perhaps Postfix
to Postfix, but I reckon I still have some bugs.
Some providers are working, others not. Outlook does not seems to work ,
but I am on it. Yahoo does not let you type an accent in the email
address, only Google allows you to.
However, I made a test yesterday, and realised that the emails from
GMail are rejected by one of the plugin, and I need to investigate which
one. The error message is:
> Apr 5 10:16:39 portal postfix/smtpd[2566]: Anonymous TLS connection established from mail-lf1-f51.google.com[209.85.167.51]: TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)
> Apr 5 10:16:39 portal policyd-spf[2574]: prepend Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=209.85.167.51; helo=mail-lf1-f51.google.com; envelope-from=andre.rodier at gmail.com; receiver=<UNKNOWN>
> Apr 5 10:16:39 portal postfix/smtpd[2566]: EB38240467: client=mail-lf1-f51.google.com[209.85.167.51]
> Apr 5 10:16:40 portal postfix/cleanup[2576]: EB38240467: message-id=<CAKr9_Nv1pgDAC31cFF4YPE-mnYxSusmKsWHOCxWPSeJ2Adj8cQ at mail.gmail.com>
> Apr 5 10:16:40 portal opendkim[15477]: EB38240467: mail-lf1-f51.google.com [209.85.167.51] not internal
> Apr 5 10:16:40 portal opendkim[15477]: EB38240467: not authenticated
> Apr 5 10:16:40 portal opendkim[15477]: EB38240467: DKIM verification successful
> Apr 5 10:16:40 portal opendkim[15477]: EB38240467: s=20161025 d=gmail.com SSL
> Apr 5 10:16:40 portal opendmarc[16548]: implicit authentication service: portal.homebox.space
> Apr 5 10:16:40 portal opendmarc[16548]: EB38240467: gmail.com pass
> Apr 5 10:16:40 portal postfix/cleanup[2576]: EB38240467: milter-reject: END-OF-MESSAGE from mail-lf1-f51.google.com[209.85.167.51]: 4.7.1 Try again later; from=<andre.rodier at gmail.com> to=<andré@homebox.space> proto=ESMTP helo=<mail-lf1-f51.google.com>
> Apr 5 10:16:40 portal postfix/smtpd[2566]: disconnect from mail-lf1-f51.google.com[209.85.167.51] ehlo=2 starttls=1 mail=1 rcpt=1 data=0/1 quit=1 commands=6/7
So perhaps it is one of the milter. I will investigate today.
Also, it seems the client is important. I have no problem with SOGo or
Evolution. Roundcube and Thunderbird, in Debian Stretch, don't support
this yet.
With Debian Buster coming soon, I am sure this will work better. I will
create a branch to test this. My preliminary investigations don't show
major problems in the upgrade.
At one point, I was using the Dovecot packages from backports, but I
reverted this as there has been an incompatibility.
Happy to answer more questions if you have.
--
André Rodier
More information about the dovecot
mailing list