dsync and sieve again
Sami Ketola
sami at ketola.io
Mon Mar 1 12:59:11 EET 2021
Hi,
imapc does not sync sieve scripts. You need to use native doveadm protocol.
Sami
> On 25. Feb 2021, at 20.56, Edgaras Lukoševičius <edgaras.lukosevicius at gmail.com> wrote:
>
> Then what is a correct configuration? Because I was not able to get it to work.
>
> It is a simple setup using VirtualUsers, Maildir format, Home and Mail directories are separate as per documentation here https://wiki2.dovecot.org/VirtualUsers/Home, and here: https://doc.dovecot.org/configuration_manual/mail_location/
>
> Both of the hosts have exactly same versions, and exactly same configurations (except for hostnames of course)
>
> ManageSieve, and Sieve itself is working (tested), and while I was going through all the steps and configuration variations I have also enabled imap_sieve plugin.
>
> Directory layout on source.host.tld:
>
> /home/vmail/d/o/domin.tld/local
> ├── Maildir
> │ ├── cur
> │ ├── new
> │ ├── tmp
> │ ├── dovecot.index.log
> │ ├── dovecot.list.index.log
> │ ├── dovecot-uidlist
> │ ├── dovecot-uidvalidity
> │ ├── dovecot-uidvalidity.602d8428
> │ └── subscriptions
> └── sieve
> │ ├── script.sieve
> │ └── tmp
> └── .dovecot.sieve -> sieve/script.sieve
>
> I have tried to pull data from source: /usr/bin/dsync -Dv -o imapc_host=source.host.tld -o imapc_port=143 -o imapc_user=local at domain.tld -o imapc_password=123456789 sync -1 -R -f -u local at domain.tld imapc:
>
> I have also tried to push data to destination: /usr/bin/dsync -Dv -o imapc_host=destination.host.tld -o imapc_port=143 -o imapc_user=local at domain.tld -o imapc_password=123456789 sync -1 -f -u local at domain.tld imapc:
>
> Output of dsync is as follows:
>
>
> Debug: Loading modules from directory: /usr/lib64/dovecot
> Debug: Module loaded: /usr/lib64/dovecot/lib10_quota_plugin.so
> Debug: Module loaded: /usr/lib64/dovecot/lib20_quota_clone_plugin.so
> Debug: Module loaded: /usr/lib64/dovecot/lib20_zlib_plugin.so
> Debug: Loading modules from directory: /usr/lib64/dovecot/doveadm
> Debug: Module loaded: /usr/lib64/dovecot/doveadm/lib10_doveadm_quota_plugin.so
> Debug: Module loaded: /usr/lib64/dovecot/doveadm/lib10_doveadm_sieve_plugin.so
> ...
> dsync(edgaras at hoslinger.com): Debug: imapc(source.host.tld:143): Server capabilities: IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ STARTTLS AUTH=PLAIN AUTH=LOGIN
> dsync(edgaras at hoslinger.com): Debug: imapc(source.host.tld:143): Authenticating as local at domain.tld
> dsync(edgaras at hoslinger.com): Debug: imapc(source.host.tld:143): Server capabilities: IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS BINARY MOVE SNIPPET=FUZZY PREVIEW=FUZZY STATUS=SIZE SAVEDATE LITERAL+ NOTIFY SPECIAL-USE IMAPSIEVE=sieve://source.host.tld:4190 QUOTA
> ...
> dsync(local at domain.tld): Debug: doveadm-sieve: Iterating Sieve mailbox attributes
> dsync(local at domain.tld): Debug: sieve: Pigeonhole version 0.5.13 (cdd19fe3) initializing
> dsync(local at domain.tld): Debug: sieve: include: sieve_global is not set; it is currently not possible to include `:global' scripts.
> dsync(local at domain.tld): Debug: sieve: Sieve imapsieve plugin for Pigeonhole version 0.5.13 (cdd19fe3) loaded
> dsync(local at domain.tld): Debug: sieve: Sieve Extprograms plugin for Pigeonhole version 0.5.13 (cdd19fe3) loaded
> dsync(local at domain.tld): Debug: sieve: file storage: Using active Sieve script path: /home/vmail/d/o/domin.tld/local/.dovecot.sieve
> dsync(local at domain.tld): Debug: sieve: file storage: Using script storage path: /home/vmail/d/o/domin.tld/local/sieve
> dsync(local at domain.tld): Debug: sieve: file storage: Using permissions from /home/vmail/d/o/domin.tld/local/sieve: mode=0700 gid=-1
> dsync(local at domain.tld): Debug: sieve: file storage: Relative path to sieve storage in active link: sieve/
> dsync(local at domain.tld): Debug: sieve: file storage: sync: Synchronization active
> <end of sieve related logs>
> ...
> dsync(local at domain.tld): Debug: brain M: Import INBOX: Last common UID=0. Delayed expunges=
> dsync(local at domain.tld): Debug: brain M: Import INBOX: Saved UIDs:
> dsync(local at domain.tld): Debug: brain M: Import INBOX: Finish update: min_next_uid=1 min_first_recent_uid=1 min_highest_modseq=1 min_highest_pvt_modseq=0
> ...
> dsync(local at domain.tld): Debug: imapc(source.host.tld:143): Disconnected
> dsync(local at domain.tld): Debug: auth-master: conn unix:/var/run/dovecot/auth-userdb (pid=3284,uid=0): Disconnected: Connection closed (fd=10)
> ...
>
>
>
> Configuration on both hosts is as follows
>
> # 2.3.13 (89f716dc2): /etc/dovecot/dovecot.conf
> # Pigeonhole version 0.5.13 (cdd19fe3)
> # OS: Linux 3.10.0-1062.18.1.el7.x86_64 x86_64 CentOS Linux release 7.7.1908 (Core)
> # Hostname: destination.domain.tld
> # NOTE: Send doveconf -n output instead when asking for help.
> auth_anonymous_username = anonymous
> auth_cache_negative_ttl = 1 hours
> auth_cache_size = 0
> auth_cache_ttl = 1 hours
> auth_cache_verify_password_with_worker = no
> auth_debug = no
> auth_debug_passwords = no
> auth_default_realm =
> auth_failure_delay = 2 secs
> auth_gssapi_hostname =
> auth_krb5_keytab =
> auth_master_user_separator = *
> auth_mechanisms = plain login
> auth_policy_check_after_auth = yes
> auth_policy_check_before_auth = yes
> auth_policy_hash_mech = sha256
> auth_policy_hash_nonce =
> auth_policy_hash_truncate = 12
> auth_policy_log_only = no
> auth_policy_reject_on_fail = no
> auth_policy_report_after_auth = yes
> auth_policy_request_attributes = login=%{requested_username} pwhash=%{hashed_password} remote=%{rip} device_id=%{client_id} protocol=%s session_id=%{session}
> auth_policy_server_api_header =
> auth_policy_server_timeout_msecs = 2000
> auth_policy_server_url =
> auth_proxy_self =
> auth_realms =
> auth_socket_path = auth-userdb
> auth_ssl_require_client_cert = no
> auth_ssl_username_from_cert = no
> auth_stats = no
> auth_use_winbind = no
> auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
> auth_username_format = %Lu
> auth_username_translation =
> auth_verbose = no
> auth_verbose_passwords = no
> auth_winbind_helper_path = /usr/bin/ntlm_auth
> auth_worker_max_count = 500
> base_dir = /var/run/dovecot/
> config_cache_size = 1 M
> debug_log_path =
> default_client_limit = 1000
> default_idle_kill = 1 mins
> default_internal_group = dovecot
> default_internal_user = dovecot
> default_login_user = dovenull
> default_process_limit = 100
> default_vsz_limit = 256 M
> deliver_log_format = msgid=%m: %$
> dict_db_config =
> director_flush_socket =
> director_mail_servers =
> director_max_parallel_kicks = 100
> director_max_parallel_moves = 100
> director_output_buffer_size = 10 M
> director_ping_idle_timeout = 30 secs
> director_ping_max_timeout = 1 mins
> director_servers =
> director_user_expire = 15 mins
> director_user_kick_delay = 2 secs
> director_username_hash = %u
> disable_plaintext_auth = no
> dotlock_use_excl = yes
> doveadm_allowed_commands =
> doveadm_api_key =
> doveadm_http_rawlog_dir =
> doveadm_password =
> doveadm_port = 0
> doveadm_socket_path = doveadm-server
> doveadm_ssl = no
> doveadm_username = doveadm
> doveadm_worker_count = 0
> dsync_alt_char = _
> dsync_commit_msgs_interval = 100
> dsync_features =
> dsync_hashed_headers = Date Message-ID
> dsync_remote_cmd = ssh -l%{login} %{host} doveadm dsync-server -u%u -U
> first_valid_gid = 500
> first_valid_uid = 500
> haproxy_timeout = 3 secs
> haproxy_trusted_networks =
> hostname =
> imap_capability =
> imap_client_workarounds =
> imap_fetch_failure = disconnect-immediately
> imap_hibernate_timeout = 0
> imap_id_log =
> imap_id_retain = no
> imap_id_send = name *
> imap_idle_notify_interval = 2 mins
> imap_literal_minus = no
> imap_logout_format = in=%i out=%o deleted=%{deleted} expunged=%{expunged} trashed=%{trashed} hdr_count=%{fetch_hdr_count} hdr_bytes=%{fetch_hdr_bytes} body_count=%{fetch_body_count} body_bytes=%{fetch_body_bytes}
> imap_max_line_length = 64 k
> imap_metadata = no
> imap_urlauth_host =
> imap_urlauth_logout_format = in=%i out=%o
> imap_urlauth_port = 143
> imapc_cmd_timeout = 5 mins
> imapc_connection_retry_count = 1
> imapc_connection_retry_interval = 1 secs
> imapc_features =
> imapc_host =
> imapc_list_prefix =
> imapc_master_user =
> imapc_max_idle_time = 29 mins
> imapc_max_line_length = 0
> imapc_password =
> imapc_port = 143
> imapc_rawlog_dir =
> imapc_sasl_mechanisms =
> imapc_ssl = no
> imapc_ssl_verify = yes
> imapc_user =
> import_environment = TZ CORE_OUTOFMEM CORE_ERROR LISTEN_PID LISTEN_FDS
> info_log_path =
> instance_name = dovecot
> last_valid_gid = 0
> last_valid_uid = 0
> lda_mailbox_autocreate = no
> lda_mailbox_autosubscribe = no
> lda_original_recipient_header =
> libexec_dir = /usr/libexec/dovecot
> listen = *, ::
> lmtp_add_received_header = yes
> lmtp_client_workarounds =
> lmtp_hdr_delivery_address = final
> lmtp_proxy = no
> lmtp_proxy_rawlog_dir =
> lmtp_rawlog_dir =
> lmtp_rcpt_check_quota = no
> lmtp_save_to_detail_mailbox = no
> lmtp_user_concurrency_limit = 0
> lock_method = fcntl
> log_core_filter =
> log_debug =
> log_path = syslog
> log_timestamp = "%b %d %H:%M:%S "
> login_access_sockets =
> login_greeting = Server ready.
> login_log_format = %$: %s
> login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c session=<%{session}>
> login_plugin_dir = /usr/lib64/dovecot/login
> login_plugins =
> login_proxy_max_disconnect_delay = 0
> login_proxy_max_reconnects = 3
> login_proxy_notify_path = proxy-notify
> login_proxy_timeout = 30 secs
> login_source_ips =
> login_trusted_networks =
> mail_access_groups = vmail
> mail_always_cache_fields =
> mail_attachment_detection_options =
> mail_attachment_dir =
> mail_attachment_fs = sis posix
> mail_attachment_hash = %{sha1}
> mail_attachment_min_size = 128 k
> mail_attribute_dict = file:~/dovecot-attributes
> mail_cache_fields = flags
> mail_cache_max_size = 1 G
> mail_cache_min_mail_count = 0
> mail_cache_purge_continued_percentage = 200
> mail_cache_purge_delete_percentage = 20
> mail_cache_purge_header_continue_count = 4
> mail_cache_purge_min_size = 32 k
> mail_cache_record_max_size = 64 k
> mail_cache_unaccessed_field_drop = 30 days
> mail_chroot =
> mail_debug = no
> mail_fsync = optimized
> mail_full_filesystem_access = no
> mail_gid =
> mail_home =
> mail_index_log2_max_age = 2 days
> mail_index_log_rotate_max_size = 1 M
> mail_index_log_rotate_min_age = 5 mins
> mail_index_log_rotate_min_size = 32 k
> mail_index_rewrite_max_log_bytes = 128 k
> mail_index_rewrite_min_log_bytes = 8 k
> mail_location = maildir:%h/Maildir
> mail_log_prefix = "%s(%u)<%{pid}><%{session}>: "
> mail_max_keyword_length = 50
> mail_max_lock_timeout = 0
> mail_max_userip_connections = 10
> mail_never_cache_fields = imap.envelope
> mail_nfs_index = no
> mail_nfs_storage = no
> mail_plugin_dir = /usr/lib64/dovecot
> mail_plugins = quota quota_clone zlib
> mail_prefetch_count = 0
> mail_privileged_group =
> mail_save_crlf = no
> mail_server_admin =
> mail_server_comment =
> mail_shared_explicit_inbox = no
> mail_sort_max_read_count = 0
> mail_temp_dir = /tmp
> mail_temp_scan_interval = 1 weeks
> mail_uid =
> mail_vsize_bg_after_count = 0
> mailbox_idle_check_interval = 30 secs
> mailbox_list_index = yes
> mailbox_list_index_include_inbox = no
> mailbox_list_index_very_dirty_syncs = no
> maildir_broken_filename_sizes = no
> maildir_copy_with_hardlinks = yes
> maildir_empty_new = no
> maildir_stat_dirs = no
> maildir_very_dirty_syncs = no
> managesieve_client_workarounds =
> managesieve_implementation_string = Dovecot Pigeonhole
> managesieve_logout_format = bytes=%i/%o
> managesieve_max_compile_errors = 5
> managesieve_max_line_length = 64 k
> managesieve_notify_capability = mailto
> managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext imapsieve vnd.dovecot.imapsieve
> master_user_separator =
> mbox_dirty_syncs = yes
> mbox_dotlock_change_timeout = 2 mins
> mbox_lazy_writes = yes
> mbox_lock_timeout = 5 mins
> mbox_md5 = apop3d
> mbox_min_index_size = 0
> mbox_read_locks = fcntl
> mbox_very_dirty_syncs = no
> mbox_write_locks = dotlock fcntl
> mdbox_preallocate_space = no
> mdbox_rotate_interval = 0
> mdbox_rotate_size = 10 M
> metric auth_request_finished {
> description =
> exporter =
> exporter_include = name hostname timestamps categories fields
> fields =
> filter = event = auth_request_finished
> group_by = policy_result
> }
> metric imap_command_finished {
> description =
> exporter =
> exporter_include = name hostname timestamps categories fields
> fields =
> filter = event = imap_command_finished
> group_by = cmd_name tagged_reply_state
> }
> metric mail_index_recreated {
> description =
> exporter =
> exporter_include = name hostname timestamps categories fields
> fields =
> filter = event = mail_index_recreated
> group_by =
> }
> metric server_connection_connected {
> description =
> exporter =
> exporter_include = name hostname timestamps categories fields
> fields =
> filter = event = server_connection_connected
> group_by =
> }
> metric sieve_action_finished {
> description =
> exporter =
> exporter_include = name hostname timestamps categories fields
> fields =
> filter = event = sieve_action_finished
> group_by = action_name
> }
> metric sieve_runtime_script_finished {
> description =
> exporter =
> exporter_include = name hostname timestamps categories fields
> fields =
> filter = event = sieve_runtime_script_finished
> group_by =
> }
> mmap_disable = no
> namespace inbox {
> disabled = no
> hidden = no
> ignore_on_failure = no
> inbox = yes
> list = yes
> location =
> mailbox Drafts {
> auto = subscribe
> autoexpunge = 0
> autoexpunge_max_mails = 0
> comment =
> driver =
> special_use = \Drafts
> }
> mailbox Junk {
> auto = subscribe
> autoexpunge = 0
> autoexpunge_max_mails = 0
> comment =
> driver =
> special_use = \Junk
> }
> mailbox Sent {
> auto = subscribe
> autoexpunge = 0
> autoexpunge_max_mails = 0
> comment =
> driver =
> special_use = \Sent
> }
> mailbox "Sent Messages" {
> auto = no
> autoexpunge = 0
> autoexpunge_max_mails = 0
> comment =
> driver =
> special_use = \Sent
> }
> mailbox Trash {
> auto = subscribe
> autoexpunge = 0
> autoexpunge_max_mails = 0
> comment =
> driver =
> special_use = \Trash
> }
> order = 0
> prefix =
> separator = /
> subscriptions = yes
> type = private
> }
> old_stats_carbon_interval = 30 secs
> old_stats_carbon_name =
> old_stats_carbon_server =
> old_stats_command_min_time = 1 mins
> old_stats_domain_min_time = 12 hours
> old_stats_ip_min_time = 12 hours
> old_stats_memory_limit = 16 M
> old_stats_session_min_time = 15 mins
> old_stats_user_min_time = 1 hours
> passdb {
> args = /etc/dovecot/master-users
> auth_verbose = default
> default_fields =
> deny = no
> driver = passwd-file
> master = yes
> mechanisms =
> name =
> override_fields =
> pass = yes
> result_failure = continue
> result_internalfail = continue
> result_success = return-ok
> skip = never
> username_filter =
> }
> passdb {
> args = /etc/dovecot/dovecot-sql.conf.ext
> auth_verbose = default
> default_fields =
> deny = no
> driver = sql
> master = no
> mechanisms =
> name =
> override_fields =
> pass = no
> result_failure = continue
> result_internalfail = continue
> result_success = return-ok
> skip = never
> username_filter =
> }
> plugin {
> imapsieve_url = sieve://destination.domain.tld:4190
> quota = count:Mailbox quota
> quota_clone_dict = redis:host=127.0.0.1:port=6379
> quota_grace = 5%%
> quota_max_mail_size = 50M
> quota_rule3 = INBOX.Trash:storage=+100%%
> quota_status_nouser = DUNNO
> quota_status_overquota = 552 5.2.2 Mailbox is full
> quota_status_success = DUNNO
> quota_vsizes = yes
> quota_warning = storage=80%% quota-warning 80 %u
> quota_warning2 = storage=95%% quota-warning 95 %u
> sieve = file:~/sieve;active=~/.dovecot.sieve
> sieve_plugins = sieve_imapsieve sieve_extprograms
> }
> pop3_client_workarounds =
> pop3_delete_type = default
> pop3_deleted_flag =
> pop3_enable_last = no
> pop3_fast_size_lookups = no
> pop3_lock_session = no
> pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s
> pop3_no_flag_updates = no
> pop3_reuse_xuidl = no
> pop3_save_uidl = no
> pop3_uidl_duplicates = allow
> pop3_uidl_format = %08Xu%08Xv
> pop3c_features =
> pop3c_host =
> pop3c_master_user =
> pop3c_password =
> pop3c_port = 110
> pop3c_quick_received_date = no
> pop3c_rawlog_dir =
> pop3c_ssl = no
> pop3c_ssl_verify = yes
> pop3c_user = %u
> postmaster_address = postmaster at domain.tld
> protocols = imap lmtp pop3 sieve
> quota_full_tempfail = no
> rawlog_dir =
> recipient_delimiter = +
> rejection_reason = Your message to <%t> was automatically rejected:%n%r
> rejection_subject = Rejected: %s
> replication_dsync_parameters = -d -N -l 30 -U
> replication_full_sync_interval = 1 days
> replication_max_conns = 10
> replicator_host = replicator
> replicator_port = 0
> sendmail_path = /usr/sbin/sendmail
> service aggregator {
> chroot = .
> client_limit = 0
> drop_priv_before_exec = no
> executable = aggregator
> extra_groups =
> fifo_listener replication-notify-fifo {
> group =
> mode = 0600
> user =
> }
> group =
> idle_kill = 0
> privileged_group =
> process_limit = 0
> process_min_avail = 0
> protocol =
> service_count = 0
> type =
> unix_listener replication-notify {
> group =
> mode = 0600
> user =
> }
> user = $default_internal_user
> vsz_limit = 18446744073709551615 B
> }
> service anvil {
> chroot = empty
> client_limit = 10000
> drop_priv_before_exec = no
> executable = anvil
> extra_groups =
> group =
> idle_kill = 4294967295 secs
> privileged_group =
> process_limit = 1
> process_min_avail = 1
> protocol =
> service_count = 0
> type = anvil
> unix_listener anvil-auth-penalty {
> group =
> mode = 0600
> user =
> }
> unix_listener anvil {
> group =
> mode = 0600
> user =
> }
> user = $default_internal_user
> vsz_limit = 18446744073709551615 B
> }
> service auth-worker {
> chroot =
> client_limit = 1
> drop_priv_before_exec = no
> executable = auth -w
> extra_groups =
> group =
> idle_kill = 0
> privileged_group =
> process_limit = 0
> process_min_avail = 0
> protocol =
> service_count = 1
> type =
> unix_listener auth-worker {
> group =
> mode = 0600
> user = $default_internal_user
> }
> user =
> vsz_limit = 18446744073709551615 B
> }
> service auth {
> chroot =
> client_limit = 5000
> drop_priv_before_exec = no
> executable = auth
> extra_groups =
> group =
> idle_kill = 0
> privileged_group =
> process_limit = 1
> process_min_avail = 0
> protocol =
> service_count = 0
> type =
> unix_listener auth-client {
> group =
> mode = 0600
> user = $default_internal_user
> }
> unix_listener auth-login {
> group =
> mode = 0600
> user = $default_internal_user
> }
> unix_listener auth-master {
> group =
> mode = 0600
> user =
> }
> unix_listener auth-userdb {
> group =
> mode = 0666
> user = $default_internal_user
> }
> unix_listener login/login {
> group =
> mode = 0666
> user =
> }
> unix_listener token-login/tokenlogin {
> group =
> mode = 0666
> user =
> }
> user = $default_internal_user
> vsz_limit = 18446744073709551615 B
> }
> service config {
> chroot =
> client_limit = 0
> drop_priv_before_exec = no
> executable = config
> extra_groups =
> group =
> idle_kill = 4294967295 secs
> privileged_group =
> process_limit = 0
> process_min_avail = 0
> protocol =
> service_count = 0
> type = config
> unix_listener config {
> group =
> mode = 0600
> user =
> }
> user =
> vsz_limit = 18446744073709551615 B
> }
> service dict-async {
> chroot =
> client_limit = 0
> drop_priv_before_exec = no
> executable = dict
> extra_groups =
> group =
> idle_kill = 0
> privileged_group =
> process_limit = 0
> process_min_avail = 0
> protocol =
> service_count = 0
> type =
> unix_listener dict-async {
> group = $default_internal_group
> mode = 0660
> user =
> }
> user = $default_internal_user
> vsz_limit = 18446744073709551615 B
> }
> service dict {
> chroot =
> client_limit = 1
> drop_priv_before_exec = no
> executable = dict
> extra_groups =
> group =
> idle_kill = 0
> privileged_group =
> process_limit = 0
> process_min_avail = 0
> protocol =
> service_count = 0
> type =
> unix_listener dict {
> group = vmail
> mode = 0600
> user = vmail
> }
> user = $default_internal_user
> vsz_limit = 18446744073709551615 B
> }
> service director {
> chroot = .
> client_limit = 0
> drop_priv_before_exec = no
> executable = director
> extra_groups =
> fifo_listener login/proxy-notify {
> group =
> mode = 00
> user =
> }
> group =
> idle_kill = 4294967295 secs
> inet_listener {
> address =
> haproxy = no
> port = 0
> reuse_port = no
> ssl = no
> }
> privileged_group =
> process_limit = 1
> process_min_avail = 0
> protocol =
> service_count = 0
> type =
> unix_listener director-admin {
> group =
> mode = 0600
> user =
> }
> unix_listener director-userdb {
> group =
> mode = 0600
> user =
> }
> unix_listener login/director {
> group =
> mode = 00
> user =
> }
> user = $default_internal_user
> vsz_limit = 18446744073709551615 B
> }
> service dns-client {
> chroot =
> client_limit = 1
> drop_priv_before_exec = no
> executable = dns-client
> extra_groups =
> group =
> idle_kill = 0
> privileged_group =
> process_limit = 0
> process_min_avail = 0
> protocol =
> service_count = 0
> type =
> unix_listener dns-client {
> group =
> mode = 0666
> user =
> }
> unix_listener login/dns-client {
> group =
> mode = 0666
> user =
> }
> user = $default_internal_user
> vsz_limit = 18446744073709551615 B
> }
> service doveadm {
> chroot =
> client_limit = 1
> drop_priv_before_exec = no
> executable = doveadm-server
> extra_groups = $default_internal_group
> group =
> idle_kill = 0
> inet_listener doveadm-server {
> address =
> haproxy = no
> port = 12345
> reuse_port = no
> ssl = no
> }
> privileged_group =
> process_limit = 0
> process_min_avail = 0
> protocol =
> service_count = 1
> type =
> unix_listener doveadm-server {
> group =
> mode = 0600
> user =
> }
> user =
> vsz_limit = 18446744073709551615 B
> }
> service health-check {
> chroot =
> client_limit = 1
> drop_priv_before_exec = yes
> executable = script -p health-check.sh
> extra_groups =
> group =
> idle_kill = 0
> privileged_group =
> process_limit = 0
> process_min_avail = 0
> protocol =
> service_count = 0
> type =
> user = $default_internal_user
> vsz_limit = 18446744073709551615 B
> }
> service imap-hibernate {
> chroot =
> client_limit = 0
> drop_priv_before_exec = no
> executable = imap-hibernate
> extra_groups =
> group =
> idle_kill = 0
> privileged_group =
> process_limit = 0
> process_min_avail = 0
> protocol = imap
> service_count = 0
> type =
> unix_listener imap-hibernate {
> group = $default_internal_group
> mode = 0660
> user =
> }
> user = $default_internal_user
> vsz_limit = 18446744073709551615 B
> }
> service imap-login {
> chroot = login
> client_limit = 0
> drop_priv_before_exec = no
> executable = imap-login
> extra_groups =
> group =
> idle_kill = 0
> inet_listener imap-dsync {
> address =
> haproxy = no
> port = 1143
> reuse_port = no
> ssl = no
> }
> inet_listener imap {
> address =
> haproxy = no
> port = 143
> reuse_port = no
> ssl = no
> }
> inet_listener imaps {
> address =
> haproxy = no
> port = 993
> reuse_port = no
> ssl = yes
> }
> privileged_group =
> process_limit = 300
> process_min_avail = 1
> protocol = imap
> service_count = 1
> type = login
> user = $default_login_user
> vsz_limit = 18446744073709551615 B
> }
> service imap-urlauth-login {
> chroot = token-login
> client_limit = 0
> drop_priv_before_exec = no
> executable = imap-urlauth-login
> extra_groups =
> group =
> idle_kill = 0
> privileged_group =
> process_limit = 0
> process_min_avail = 0
> protocol = imap
> service_count = 1
> type = login
> unix_listener imap-urlauth {
> group =
> mode = 0666
> user =
> }
> user = $default_login_user
> vsz_limit = 18446744073709551615 B
> }
> service imap-urlauth-worker {
> chroot =
> client_limit = 1
> drop_priv_before_exec = no
> executable = imap-urlauth-worker
> extra_groups = $default_internal_group
> group =
> idle_kill = 0
> privileged_group =
> process_limit = 1024
> process_min_avail = 0
> protocol = imap
> service_count = 1
> type =
> unix_listener imap-urlauth-worker {
> group =
> mode = 0600
> user = $default_internal_user
> }
> user =
> vsz_limit = 18446744073709551615 B
> }
> service imap-urlauth {
> chroot =
> client_limit = 1
> drop_priv_before_exec = no
> executable = imap-urlauth
> extra_groups =
> group =
> idle_kill = 0
> privileged_group =
> process_limit = 1024
> process_min_avail = 0
> protocol = imap
> service_count = 1
> type =
> unix_listener token-login/imap-urlauth {
> group =
> mode = 0666
> user =
> }
> user = $default_internal_user
> vsz_limit = 18446744073709551615 B
> }
> service imap {
> chroot =
> client_limit = 1
> drop_priv_before_exec = no
> executable = imap
> extra_groups = $default_internal_group
> group =
> idle_kill = 0
> privileged_group =
> process_limit = 1024
> process_min_avail = 0
> protocol = imap
> service_count = 1
> type =
> unix_listener imap-master {
> group =
> mode = 0600
> user =
> }
> unix_listener login/imap {
> group =
> mode = 0666
> user =
> }
> user =
> vsz_limit = 18446744073709551615 B
> }
> service indexer-worker {
> chroot =
> client_limit = 1
> drop_priv_before_exec = no
> executable = indexer-worker
> extra_groups = $default_internal_group
> group =
> idle_kill = 0
> privileged_group =
> process_limit = 10
> process_min_avail = 0
> protocol =
> service_count = 0
> type =
> unix_listener indexer-worker {
> group =
> mode = 0600
> user = $default_internal_user
> }
> user =
> vsz_limit = 18446744073709551615 B
> }
> service indexer {
> chroot =
> client_limit = 0
> drop_priv_before_exec = no
> executable = indexer
> extra_groups =
> group =
> idle_kill = 0
> privileged_group =
> process_limit = 1
> process_min_avail = 0
> protocol =
> service_count = 0
> type =
> unix_listener indexer {
> group =
> mode = 0666
> user =
> }
> user = $default_internal_user
> vsz_limit = 18446744073709551615 B
> }
> service ipc {
> chroot = empty
> client_limit = 0
> drop_priv_before_exec = no
> executable = ipc
> extra_groups =
> group =
> idle_kill = 0
> privileged_group =
> process_limit = 1
> process_min_avail = 0
> protocol =
> service_count = 0
> type =
> unix_listener ipc {
> group =
> mode = 0600
> user = $default_internal_user
> }
> unix_listener login/ipc-proxy {
> group =
> mode = 0600
> user = $default_login_user
> }
> user = $default_internal_user
> vsz_limit = 18446744073709551615 B
> }
> service lmtp {
> chroot =
> client_limit = 1
> drop_priv_before_exec = no
> executable = lmtp
> extra_groups = $default_internal_group
> group =
> idle_kill = 0
> inet_listener lmtp {
> address =
> haproxy = no
> port = 24
> reuse_port = no
> ssl = no
> }
> privileged_group =
> process_limit = 0
> process_min_avail = 5
> protocol = lmtp
> service_count = 0
> type =
> unix_listener lmtp {
> group =
> mode = 0666
> user =
> }
> user =
> vsz_limit = 18446744073709551615 B
> }
> service log {
> chroot =
> client_limit = 0
> drop_priv_before_exec = no
> executable = log
> extra_groups =
> group =
> idle_kill = 4294967295 secs
> privileged_group =
> process_limit = 1
> process_min_avail = 0
> protocol =
> service_count = 0
> type = log
> unix_listener log-errors {
> group =
> mode = 0600
> user =
> }
> user =
> vsz_limit = 18446744073709551615 B
> }
> service managesieve-login {
> chroot = login
> client_limit = 0
> drop_priv_before_exec = no
> executable = managesieve-login
> extra_groups =
> group =
> idle_kill = 0
> inet_listener sieve {
> address =
> haproxy = no
> port = 4190
> reuse_port = no
> ssl = yes
> }
> privileged_group =
> process_limit = 0
> process_min_avail = 5
> protocol = sieve
> service_count = 1
> type = login
> user = $default_login_user
> vsz_limit = 18446744073709551615 B
> }
> service managesieve {
> chroot =
> client_limit = 1
> drop_priv_before_exec = no
> executable = managesieve
> extra_groups =
> group =
> idle_kill = 0
> privileged_group =
> process_limit = 0
> process_min_avail = 0
> protocol = sieve
> service_count = 1
> type =
> unix_listener login/sieve {
> group =
> mode = 0666
> user =
> }
> user =
> vsz_limit = 18446744073709551615 B
> }
> service old-stats {
> chroot = empty
> client_limit = 0
> drop_priv_before_exec = no
> executable = old-stats
> extra_groups =
> fifo_listener old-stats-mail {
> group =
> mode = 0600
> user =
> }
> fifo_listener old-stats-user {
> group =
> mode = 0600
> user =
> }
> group =
> idle_kill = 4294967295 secs
> privileged_group =
> process_limit = 1
> process_min_avail = 0
> protocol =
> service_count = 0
> type =
> unix_listener old-stats {
> group =
> mode = 0600
> user =
> }
> user = $default_internal_user
> vsz_limit = 18446744073709551615 B
> }
> service pop3-login {
> chroot = login
> client_limit = 0
> drop_priv_before_exec = no
> executable = pop3-login
> extra_groups =
> group =
> idle_kill = 0
> inet_listener pop3-dsync {
> address =
> haproxy = no
> port = 1110
> reuse_port = no
> ssl = no
> }
> inet_listener pop3 {
> address =
> haproxy = no
> port = 110
> reuse_port = no
> ssl = no
> }
> inet_listener pop3s {
> address =
> haproxy = no
> port = 995
> reuse_port = no
> ssl = yes
> }
> privileged_group =
> process_limit = 300
> process_min_avail = 1
> protocol = pop3
> service_count = 1
> type = login
> user = $default_login_user
> vsz_limit = 18446744073709551615 B
> }
> service pop3 {
> chroot =
> client_limit = 1
> drop_priv_before_exec = no
> executable = pop3
> extra_groups = $default_internal_group
> group =
> idle_kill = 0
> privileged_group =
> process_limit = 1024
> process_min_avail = 0
> protocol = pop3
> service_count = 1
> type =
> unix_listener login/pop3 {
> group =
> mode = 0666
> user =
> }
> user =
> vsz_limit = 18446744073709551615 B
> }
> service quota-warning {
> chroot =
> client_limit = 0
> drop_priv_before_exec = no
> executable = script /usr/local/bin/quota-warning.sh
> extra_groups =
> group =
> idle_kill = 0
> privileged_group =
> process_limit = 0
> process_min_avail = 0
> protocol =
> service_count = 0
> type =
> unix_listener quota-warning {
> group =
> mode = 0600
> user =
> }
> user =
> vsz_limit = 18446744073709551615 B
> }
> service replicator {
> chroot =
> client_limit = 0
> drop_priv_before_exec = no
> executable = replicator
> extra_groups =
> group =
> idle_kill = 4294967295 secs
> privileged_group =
> process_limit = 1
> process_min_avail = 0
> protocol =
> service_count = 0
> type =
> unix_listener replicator-doveadm {
> group =
> mode = 00
> user = $default_internal_user
> }
> unix_listener replicator {
> group =
> mode = 0600
> user = $default_internal_user
> }
> user =
> vsz_limit = 18446744073709551615 B
> }
> service stats {
> chroot =
> client_limit = 3000
> drop_priv_before_exec = no
> executable = stats
> extra_groups =
> group =
> idle_kill = 4294967295 secs
> inet_listener http {
> address =
> haproxy = no
> port = 9166
> reuse_port = no
> ssl = no
> }
> privileged_group =
> process_limit = 1
> process_min_avail = 0
> protocol =
> service_count = 0
> type =
> unix_listener stats-reader {
> group =
> mode = 0600
> user =
> }
> unix_listener stats-writer {
> group = $default_internal_group
> mode = 0660
> user =
> }
> user = $default_internal_user
> vsz_limit = 18446744073709551615 B
> }
> service submission-login {
> chroot = login
> client_limit = 0
> drop_priv_before_exec = no
> executable = submission-login
> extra_groups =
> group =
> idle_kill = 0
> inet_listener submission {
> address =
> haproxy = no
> port = 587
> reuse_port = no
> ssl = no
> }
> privileged_group =
> process_limit = 0
> process_min_avail = 0
> protocol = submission
> service_count = 1
> type = login
> user = $default_login_user
> vsz_limit = 18446744073709551615 B
> }
> service submission {
> chroot =
> client_limit = 1
> drop_priv_before_exec = no
> executable = submission
> extra_groups = $default_internal_group
> group =
> idle_kill = 0
> privileged_group =
> process_limit = 1024
> process_min_avail = 0
> protocol = submission
> service_count = 1
> type =
> unix_listener login/submission {
> group =
> mode = 0666
> user =
> }
> user =
> vsz_limit = 18446744073709551615 B
> }
> service tcpwrap {
> chroot =
> client_limit = 1
> drop_priv_before_exec = no
> executable = tcpwrap
> extra_groups =
> group =
> idle_kill = 0
> privileged_group =
> process_limit = 0
> process_min_avail = 0
> protocol =
> service_count = 0
> type =
> user = $default_internal_user
> vsz_limit = 18446744073709551615 B
> }
> shutdown_clients = yes
> ssl = yes
> ssl_alt_cert =
> ssl_alt_key =
> ssl_ca =
> ssl_cert = </etc/pki/tls/certs/domain.tld.crt
> ssl_cert_username_field = commonName
> ssl_cipher_list = ALL:!kRSA:!SRP:!kDHd:!DSS:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW at STRENGTH
> ssl_client_ca_dir =
> ssl_client_ca_file =
> ssl_client_cert =
> ssl_client_key =
> ssl_client_require_valid_cert = yes
> ssl_crypto_device =
> ssl_curve_list =
> ssl_dh = # hidden, use -P to show it
> ssl_key = # hidden, use -P to show it
> ssl_key_password =
> ssl_min_protocol = TLSv1
> ssl_options =
> ssl_prefer_server_ciphers = no
> ssl_require_crl = yes
> ssl_verify_client_cert = no
> state_dir = /var/lib/dovecot
> stats_http_rawlog_dir =
> stats_writer_socket_path = stats-writer
> submission_client_workarounds =
> submission_host =
> submission_logout_format = in=%i out=%o
> submission_max_mail_size = 0
> submission_max_recipients = 0
> submission_relay_command_timeout = 5 mins
> submission_relay_connect_timeout = 30 secs
> submission_relay_host =
> submission_relay_master_user =
> submission_relay_max_idle_time = 29 mins
> submission_relay_password =
> submission_relay_port = 25
> submission_relay_rawlog_dir =
> submission_relay_ssl = no
> submission_relay_ssl_verify = yes
> submission_relay_trusted = no
> submission_relay_user =
> submission_ssl = no
> submission_timeout = 30 secs
> syslog_facility = mail
> userdb {
> args = /etc/dovecot/dovecot-sql.conf.ext
> auth_verbose = default
> default_fields =
> driver = sql
> name =
> override_fields =
> result_failure = continue
> result_internalfail = continue
> result_success = return-ok
> skip = never
> }
> valid_chroot_dirs =
> verbose_proctitle = no
> verbose_ssl = no
> version_ignore = no
> protocol lmtp {
> mail_plugins = quota quota_clone zlib sieve notify
> }
> protocol lda {
> mail_plugins = quota quota_clone zlib sieve
> postmaster_address = postmaster at domain.tld
> }
> protocol imap {
> imap_client_workarounds = delay-newmail tb-extra-mailbox-sep
> mail_max_userip_connections = 50
> mail_plugins = quota quota_clone zlib imap_quota notify
> }
> protocol sieve {
> mail_max_userip_connections = 10
> }
> protocol pop3 {
> mail_plugins = quota quota_clone zlib
> pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
> pop3_enable_last = yes
> }
> protocol doveadm {
> mail_plugins = quota quota_clone zlib
> }
>
>
> On 2021-02-22 16:33, Sami Ketola wrote:
>>
>>> On 17. Feb 2021, at 23.53, Edgaras Lukoševičius <edgaras.lukosevicius at gmail.com> wrote:
>>>
>>> Hi,
>>>
>>> I'm starting to wonder if dsync is supposed to sync sieve scripts at all? Or should it work only as a part of replicator? Because I was not able to get it working on multiple Dovecot and Pigeon versions, and I see lots of replication/dsync and sieve related questions in the mailing list.
>>>
>>> I'm trying to get it to work using latest versions on http://repo.dovecot.org/ce-2.3-latest repo.
>>>
>>> The versions I am testing at the moment are:
>>> - Dovecot 2.3.13 (89f716dc2)
>>> - Pigeonhole 0.5.13 (cdd19fe3)
>>>
>>> It's a straightforward setup, nothing fancy. So the question is - is it supposed to work at all without replicator?
>>>
>> It does sync sieve scripts as long as you have the plugin installed in both ends and have correct configuration
>> regarding sieve script location.
>>
>> Sami
>>
More information about the dovecot
mailing list