At a loss with antispan and imap_sieve
Hi, It seems I can’t google my way out of this one. I’m trying to set up spam/ham learning but getting nowhere. I tried Johannes Berg Antispam plugin, and syslog shows: Sep 20 22:22:06 proefmail imap: antispam: running mailtrain backend program /usr/lib/dovecot/retrain.sh Sep 20 22:22:06 proefmail imap: antispam: running mailtrain backend program /usr/lib/dovecot/retrain.sh Sep 20 22:22:06 proefmail imap: antispam: running mailtrain backend program parameter 1 /mail/klaas Sep 20 22:22:06 proefmail imap: antispam: running mailtrain backend program parameter 2 ham The file retrain.sh is simply: #!/bin/sh echo hi >> debug.log ...with debug.log being an empty world-writeable file in /usr/lib/dovecot. Absolutely nothing happens. The file debug.log is not even touched. But when I remove retrain.sh there’s an error logged so up until then, *something* happens. After this I tried imap_sieve, following the wiki on dovecot.org, but again nothing happens. My imap.log says: Info: sieve: pipe action: piped message to program `retrain.sh’ But again debug.log is untouched. I’m fresh out of ideas here. Any help would be most welcome. I’m on Debian in virtual machine, Postfix delivering mail to Dovecot LMTP delivering to virtual maildirs, bogofilter for scanning incoming mail. Sieve does work for moving incoming spam to the spam mailbox. Cheers and thanks, Ferenc
Re: At a loss with antispan and imap_sieve
"Aki Tuomi" schreef op 21 september 2020 06:23: >> On 21/09/2020 00:37 Ferenc wrote: >> >> Hi, >> >> It seems I can’t google my way out of this one. I’m trying to set up >> spam/ham learning but getting >> nowhere. >> >> I tried Johannes Berg Antispam plugin, and syslog shows: >> >> Sep 20 22:22:06 proefmail imap: antispam: running mailtrain backend program >> /usr/lib/dovecot/retrain.sh >> Sep 20 22:22:06 proefmail imap: antispam: running mailtrain backend program >> /usr/lib/dovecot/retrain.sh >> Sep 20 22:22:06 proefmail imap: antispam: running mailtrain backend program >> parameter 1 /mail/klaas >> Sep 20 22:22:06 proefmail imap: antispam: running mailtrain backend program >> parameter 2 ham >> >> The file retrain.sh is simply: >> >> #!/bin/sh >> echo hi >> debug.log >> >> ...with debug.log being an empty world-writeable file in /usr/lib/dovecot. >> >> Absolutely nothing happens. The file debug.log is not even touched. But when >> I remove retrain.sh >> there’s an error logged so up >> until then, *something* happens. >> >> After this I tried imap_sieve, following the wiki on dovecot.org, but again >> nothing happens. My >> imap.log says: >> Info: sieve: pipe action: piped message to program `retrain.sh’ >> >> But again debug.log is untouched. >> >> I’m fresh out of ideas here. Any help would be most welcome. >> >> I’m on Debian in virtual machine, Postfix delivering mail to Dovecot LMTP >> delivering to virtual >> maildirs, bogofilter for scanning incoming mail. Sieve does work for moving >> incoming spam to the >> spam mailbox. >> >> Cheers and thanks, >> >> Ferenc > > Hi! > > Those scripts are not ran as root, so you can't actually write to > /usr/lib/dovecot, you should > probably use some writable location. Hi Aki, Thanks for your quick reply! I tried /tmp/debug.log, world-writeable, but no dice. > https://doc.dovecot.org/configuration_manual/howto/antispam_with_sieve I followed the setup here. I think it works up until the external script is called (pipe :copy "sa-learn-ham.sh"). That's why I tried echo hi >> /tmp/file. I guessed the scripts run as vmail, my virtual mail user, so I tried sudo -u vmail retrain.sh. This works. I can see the sieve script run in the log but my guess is the external script never runs. I'd like to try strace to see where things go when calling the external script but I don't know where to even start putting strace -o. Ferenc
[SOLVED] Re: At a loss with antispan and imap_sieve
"Aki Tuomi" schreef op 21 september 2020 10:21: > Ferenc, are you using systemd? If so, then you will discover under /tmp some > private temporary > directories, one of them is for dovecot, and your debug log is probably under > there. That was it. I didn't know that. With this it was quickly solved. It was a simple typo of course. Retraining is working now, I went with the antispam plugin. Many thanks to Aki and thanks too to the other people offering help. Ferenc
Catchall with UserDB?
Hi! I've set up Postfix with virtual users. I wanted to get Dovecot and LMTP up and running with Passwd-file UserDB, which they do, but I can't figure out how to make use of a catch-all. Currently, mail to j...@example.com needs Joe to be in the Passwd-file. I would like any...@example.com to go to Joe's mailbox, or actually mail to @example.com should go to Joe. But what do I put in the Passwd-file? I need this for several domains. Like @somedomain.org should go to j...@example.com and @anydomain.net to j...@example.com. I've googled myself silly but I cannot find the it. Everybody is hooked on a sql userdb which seems like overkill to me. With Postfix doing local delivery this is rather trivial. With Dovecot LDA I got it working by using virtual_alias_maps and the right parameters in master.cf. But with LMTP I'm stumped. cheers, Ferenc
Re: Catchall with UserDB?
>> On 15/03/2020 02:32 Ferenc < dove...@bezemkast.nl> wrote:
>>
>> Hi!
>>
>> I've set up Postfix with virtual users. I wanted to get Dovecot and LMTP up
>> and running with
>> Passwd-file UserDB, which they do, but I can't figure out how to make use of
>> a catch-all.
8<8<8<8<8<8<8<8<
>
> You do it in postfix using virtual alias, just like before.
> ---
> Aki Tuomi
Could you tell me where to find how I do this? I've looked at
https://doc.dovecot.org/configuration_manual/protocols/lmtp_server/.
With Dovecot-LDA I got virtual aliases working by using the -d ${user} flag in
Postfix' master.cf. So /usr/lib/dovecot/dovecot-lda gets called with what
Postfix thinks is the user in the -d flag. This worked. But I don't know how to
pass ${user} to the lmtp -d flag?
I'm on Debian in a virtualbox vm.
Thanks & cheers,
Ferenc
Sieve duplicates
Hi list, I have Sieve scripts that unintentionally duplicate e-mails. My dovecot version is 2.3.4.1 (f79e8e7e4), Pigeonhole version 0.5.4 on Linux 5.4.189-2-pve x86_64 Debian 10.13. My scripts get called on an imap COPY action (imapsieve extension). The mail is fed to an external script (spam/ham training) via a pipe :copy action (vnd.dovecot.pipe extension). An header is added to keep track of what happened (editheader extension). I use "if header :contains” for my (simple) logic. If contains header X, do this, add header Y. If contains header Y, do that, add header X. I end each "if” part with keep; and stop; commands. Simple versions of this script, without the if-then construct, seem to work ok. As soon as I try to use if-then-else I find a duplicate of the processed e-mail; one that seems to be untouched, one that appears to have been processed. I hope I’m making myself clear… # without if-then require … pipe :copy … addheader … keep; # with if-then require … if header :contains pipe :copy … addheader … keep; stop; if not exists pipe :copy … addheader … keep; stop; keep; The scripts get called from for instance imapsieve_mailbox1_before. Cheers, Ferenc
Sieve duplicates
Hi list, I’m trying this again from a different account because of lots of SPF warnings. I have Sieve scripts that duplicate e-mails. I don’t want that. My dovecot version is 2.3.4.1 (f79e8e7e4), Pigeonhole version 0.5.4 on Linux 5.4.189-2-pve x86_64 Debian 10.13. My scripts get called on an imap COPY action (imapsieve extension). The mail is fed to an external script (spam/ham training or retraining) via a pipe :copy action (vnd.dovecot.pipe extension). An header is added to keep track of what happened (editheader extension). I use "if header :contains” for my (simple) logic. If contains header X, do this, add header Y. If contains header Y, do that, add header X. I end each "if” part with “keep;" and “stop;” commands. Simple versions of the scripts, without the if-then construct, seem to work ok with imapsieve. As soon as I try to use if-then-else I find a duplicate of the processed e-mail; the original mail seems to be untouched, the duplicate appears to have been processed. With macos mail not all duplicates show up but with Roundcube webmail I can see them all. The scripts are like this: # without if-then require … pipe :copy … addheader … keep; # with if-then require … if header :contains pipe :copy … addheader … keep; stop; if not exists pipe :copy … addheader … keep; stop; keep; The scripts get called from “imapsieve_mailbox1_before” for example. Cheers, Ferenc
Re: Sieve duplicates
Hey, thanks, I will try to upgrade. > Op 28 dec. 2022, om 14:36 heeft Stephan Bosch het > volgende geschreven: > > Ugh.. I remember several bugs related to this and your version is ancient. I > suggest you try to upgrade. > > On 20-12-2022 00:18, Ferenc wrote: >> Hi list, >> >> I’m trying this again from a different account because of lots of SPF >> warnings. >> >> I have Sieve scripts that duplicate e-mails. I don’t want that. My dovecot >> version is 2.3.4.1 (f79e8e7e4), Pigeonhole version 0.5.4 on Linux >> 5.4.189-2-pve x86_64 Debian 10.13.
GSSAPI vs group check
Dear All,
Is it possible to make any authorization (eg. checking of group
membership) in case of GSSAPI authentication?
Our dovecot authenticates the users against PAM and GSSAPI. In the PAM
file I'm able to check if a user is a member of a selected (e.g
mailreader) group. If the user is member, he can login otherwise not
(see below). If the user has a valid Kerberos ticket and he tries to
login via GSSAPI, I can't restrict him if he is not a member of the
selected group.
How can I overcome this issue?
My config:
passdb {
driver = pam
# [session=yes] [setcred=yes] [failure_show_msg=yes] [max_requests=]
# [cache_key=] []
#args = dovecot
}
userdb {
#
driver = passwd
# [blocking=no]
#args =
# Override fields from passwd
#override_fields = home=/home/virtual/%u
}
...in PAM file:
auth [success=1 default=ignore] pam_succeed_if.so user ingroup
mailreader
auth [success=ignore default=2] pam_succeed_if.so user ingroup
admins
auth [success=ignore default=1] pam_succeed_if.so uid >= 1000
auth [success=3 default=ignore] pam_winbind.so krb5_auth
krb5_ccache_type=FILE cached_login
auth [success=ignore default=1] pam_succeed_if.so uid < 1000
auth [success=1 default=ignore] pam_unix.so nullok_secure
try_first_pass
auth requisite pam_deny.so
auth required pam_permit.so
Thank you.
Br,
Ákos
