[solved] managesieve configuration

Dominik Menke dom at digineo.de
Fri Jan 11 17:05:04 EET 2019 

Hello Gerald,

that did the trick, thank you very much!

--Dominik


On 1/11/19 10:54 AM, Gerald Galster wrote:
> Hi Dominik,
> 
> I have set ssl = required in 10-ssl.conf globally but no ssl here:
> 
> service managesieve-login {
>    inet_listener sieve {
>      port = 4190
>    }
>    ...
> }
> 
> 
> Nevertheless, STARTTLS is offered
> 
> "IMPLEMENTATION" "Dovecot Pigeonhole"
> "SIEVE" "fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext"
> "NOTIFY" "mailto"
> "SASL" ""
> "STARTTLS"
> "VERSION" "1.0"
> OK "service active"
> 
> 
> and the connection will be encrypted (tested with roudcube webmail)
> 
> 
>> STARTTLS
> < OK "Begin TLS negotiation now."
> 
> ...
> 
> 
> You can check if it works with tcpdump:
> 
> tcpdump -nn -l -A -i eth0 port 4190
> 
> 
> Best regards
> Gerald
> 
> 
>> Am 11.01.2019 um 09:59 schrieb Dominik Menke <dom at digineo.de>:
>>
>> Sure, here you go (I've masked a few unimportant fields, though):
>>
>>
>>     # 2.2.33.2 (d6601f4ec): /etc/dovecot/dovecot.conf
>>     # Pigeonhole version 0.4.21 (92477967)
>>     # OS: Linux 4.15.0-42-generic x86_64 Ubuntu 18.04.1 LTS
>>     auth_default_realm = masked
>>     auth_master_user_separator = *
>>     auth_mechanisms = plain login scram-sha-1
>>     default_vsz_limit = 4 G
>>     doveadm_worker_count = 8
>>     log_path = /dev/stderr
>>     mail_attachment_dir = /var/mail/sis
>>     mail_attachment_hash = %{sha256}
>>     mail_location = mdbox:~/mdbox
>>     managesieve_notify_capability = mailto
>>     managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext vacation-seconds imapsieve vnd.dovecot.imapsieve
>>     mdbox_rotate_size = 128 M
>>     namespace inbox {
>>       inbox = yes
>>       location =
>>       mailbox Drafts {
>>         auto = subscribe
>>         special_use = \Drafts
>>       }
>>       mailbox Junk {
>>         auto = subscribe
>>         special_use = \Junk
>>       }
>>       mailbox Sent {
>>         auto = subscribe
>>         special_use = \Sent
>>       }
>>       mailbox Trash {
>>         auto = subscribe
>>         special_use = \Trash
>>       }
>>       prefix =
>>     }
>>     passdb {
>>       args = username_format=%n /etc/dovecot/passwd.masterusers
>>       driver = passwd-file
>>       master = yes
>>       pass = yes
>>     }
>>     passdb {
>>       args = username_format=%n /etc/dovecot/passwd
>>       driver = passwd-file
>>     }
>>     plugin {
>>       imapsieve_mailbox1_before = file:/etc/dovecot/sieve/learn-spam.sieve
>>       imapsieve_mailbox1_cause = COPY FLAG
>>       imapsieve_mailbox1_name = Junk
>>       imapsieve_mailbox2_before = file:/etc/dovecot/sieve/learn-ham.sieve
>>       imapsieve_mailbox2_causes = COPY
>>       imapsieve_mailbox2_from = Junk
>>       imapsieve_mailbox2_name = *
>>       sieve = ~/dovecot.sieve
>>       sieve_after = /etc/dovecot/sieve/after
>>       sieve_dir = ~/sieve
>>       sieve_extensions = +vacation-seconds
>>       sieve_global_extensions = +vnd.dovecot.pipe
>>       sieve_pipe_bin_dir = /etc/dovecot/sieve
>>       sieve_plugins = sieve_imapsieve sieve_extprograms
>>       sieve_vacation_default_period = 1d
>>       sieve_vacation_max_period = 30d
>>       sieve_vacation_min_period = 1d
>>     }
>>     protocols = imap lmtp sieve
>>     service auth {
>>       unix_listener /var/spool/postfix/private/dovecot-auth {
>>         group = postfix
>>         mode = 0600
>>         user = postfix
>>       }
>>     }
>>     service imap-login {
>>       inet_listener imap {
>>         port = 143
>>       }
>>       inet_listener imaps {
>>         port = 993
>>         ssl = yes
>>       }
>>       process_limit = 128
>>     }
>>     service lmtp {
>>       unix_listener /var/spool/postfix/private/dovecot-lmtp {
>>         group = postfix
>>         mode = 0600
>>         user = postfix
>>       }
>>     }
>>     service managesieve-login {
>>       inet_listener sieve {
>>         port = 4190
>>         ssl = yes
>>       }
>>       service_count = 1
>>     }
>>     service managesieve {
>>       process_limit = 256
>>     }
>>     ssl_cert = </masked/path/to/server.crt
>>     ssl_key =  # hidden, use -P to show it
>>     userdb {
>>       args = uid=vmail gid=vmail home=/var/mail/users/%n
>>       driver = static
>>     }
>>     verbose_proctitle = yes
>>     protocol lmtp {
>>       mail_plugins = " sieve notify push_notification"
>>       ssl = no
>>     }
>>     protocol imap {
>>       mail_plugins = " imap_sieve"
>>     }
>>     protocol sieve {
>>       mail_debug = yes
>>       managesieve_max_line_length = 65536
>>     }
>>
>>
>> --Dominik
>>
>>
>> On 1/11/19 9:44 AM, Aki Tuomi wrote:
>>> On 10.1.2019 18.28, Dominik Menke wrote:
>>>> I've missed a part at the end:
>>>>
>>>>> This leads me to my question: How do I force Dovecot to print at
>>>>> least a STARTTLS line after a client connects to port 4190? Looking
>>>>
>>>> ... at the default configuration files in /etc/dovecot/conf.d/ I don't
>>>> see an obvious difference.
>>>>
>>>>
>>>> --Dominik
>>> Can you provide output of `doveconf -n`
>>> Aki
>>

More information about the dovecot mailing list