Solved Mail filtering not working with postfix+dovecot

natharran

Member

Reaction score: 7
Messages: 39

Hello,

I've had a Postix + Dovecot2 mail server running for some time. So far, my clients have been managing their emails via my Roundcube installation or their own client programs. But now I'm trying to implement a server-side Sieve filtering and I'm stuck.

I've installed a mail/dovecot2-pigeonhole port and configured dovecot according to this howto (with some minor system-dependent changes). I've also installed an appropriate plugin to Roundcube. These are my sieve rules for dovecot (in 10-sieve.conf):
Code:
service managesieve-login {
  inet_listener sieve {
  port = 4190
  }
}

service managesieve {
}

protocol sieve {
  managesieve_max_line_length = 65536
  managesieve_implementation_string = dovecot
  log_path = /var/log/dovecot-sieve-errors.log
  info_log_path = /var/log/dovecot-sieve.log
}

plugin {
  sieve = ~/.dovecot.sieve
  sieve_global_path = /usr/local/etc/dovecot/sieve/default.sieve
  sieve_dir = ~/.sieve
  sieve_global_dir = /usr/local/etc/dovecot/sieve/global
}

lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes

protocol lda {
  mail_plugins = $mail_plugins autocreate sieve quota
  #postmaster_address = <my_address>
  hostname = <my_hostname>
  auth_socket_path = /var/run/dovecot/auth-master
  log_path = /var/log/dovecot-lda-errors.log
  info_log_path = /var/log/dovecot-lda.log
}

protocol lmtp {
  mail_plugins = $mail_plugins autocreate sieve quota
  log_path = /var/log/dovecot-lmtp-errors.log
  info_log_path = /var/log/dovecot-lmtp.log
}
note - the hostname in my config file is set correctly and lmtp and sieve protocols are allowed in dovecot.conf.

Now, what happens is that when a client creates / modifies a filter via Roundcube, the filter is stored in their home (virtual mailbox) folder correctly (according to the plugin section in config file above). But when an email is being delivered, their rules are ignored completely and everything just goes into their Inbox.

I believe that the problem lies in the fact that emails are not delivered via dovecot at all. Part of my postfix main.cf follows:

Code:
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_authenticated_header = no
smtpd_sasl_security_options = noanonymous
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination

#virtual_transport = dovecot
virtual_mailbox_domains = /usr/local/etc/postfix/vhosts
virtual_mailbox_base = /var/mail/vhosts
virtual_mailbox_maps = hash:/usr/local/etc/postfix/vmailbox
virtual_minimum_uid = 100
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
virtual_alias_maps = hash:/usr/local/etc/postfix/virtual

However, when I try to make postfix deliver emails via dovecot according to their official manual I keep running into weird obstacles.

If I simply set
Code:
virtual_transport = dovecot
in main.cf I get an error saying
Code:
Apr 11 00:20:31 universe postfix/qmgr[30794]: warning: connect to transport private/dovecot: Connection refused

If I also set
Code:
dovecot   unix  -       n       n       -       -       pipe
  flags=DRhu user=vmailbox:vmailbox argv=/usr/local/libexec/dovecot/dovecot-lda -f ${sender} -d ${recipient}
in master.cf, as suggested, things get event more funny:
Code:
Apr 11 00:24:44 universe postfix/smtpd[30892]: initializing the server-side TLS engine
Apr 11 00:24:44 universe postfix/smtpd[30892]: connect from localhost[127.0.0.1]
Apr 11 00:24:44 universe postfix/smtpd[30892]: lost connection after CONNECT from localhost[127.0.0.1]
Apr 11 00:24:44 universe postfix/smtpd[30892]: disconnect from localhost[127.0.0.1] commands=0/0

There is nothing at all in log files defined in 10-sieve.conf (they exist and both vmailbox user and dovecot group can write there).

I tried modifying the virtual_transport parameter to
Code:
virtual_transport = lmtp:unix:private/dovecot
as suggested in a few howtos, no success there, adding
Code:
dovecot_destination_recipient_limit = 1
also didn't help.

The sieve service is listening at 4190 as it should:
Code:
netstat -anp tcp | grep 4190
tcp4  0  0 *.4190  *.*  LISTEN

Firewall shouldn't block it, since Roundcube connects to Dovecot locally (allowed) and neither ipfw.today nor security contain a single mention about it.

I don't know what else to do. At this point, clients can create / modify / delete their filters, but since Postfix apparently won't use Dovecot to deliver emails, these are bypassed and everything goes to Inbox.

I'll greatly appreciate any help.

Thank you.
 
OP
N

natharran

Member

Reaction score: 7
Messages: 39

Well, it's solved. I had no idea that the sequence of parameters in main.cf and master.cf matters that much.

I moved the virtual_transport parameter in main.cf to the end of virtual mailbox section so it now reads:
Code:
virtual_mailbox_domains = /usr/local/etc/postfix/vhosts
virtual_mailbox_base = /var/mail/vhosts
virtual_mailbox_maps = hash:/usr/local/etc/postfix/vmailbox
virtual_minimum_uid = 100
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
virtual_alias_maps = hash:/usr/local/etc/postfix/virtual
dovecot_destination_recipient_limit = 1
virtual_transport = dovecot

I also moved the "dovecot" line in master.cf after all other lines stating "unix". Even the two whitespaces at the beginning of the "flags" line matter! (seriously, postfix gives the following fatal error if they're not there):
Code:
/usr/local/sbin/postconf: fatal: file /usr/local/etc/postfix/master.cf: line 67: bad field count
postfix/postfix-script: fatal: cannot execute /usr/local/sbin/postconf!

Never before have I encountered a software so sensitive...

Anyway, I hope this helps people in similar situation.

Cheers ;).
 
Top