Portál AbcLinuxu, 10. listopadu 2025 17:03


Dotaz: Jak na Dovecot LDA aneb Jak na Sieve?

2.4.2011 18:05 Filgy
Jak na Dovecot LDA aneb Jak na Sieve?
Přečteno: 1811×
Odpovědět | Admin

Zdravím vespolek, před nějakou dobou jsem si poskládal domácí server, který kromě jiného nyní plní funkci i malého mail serveru. Nyní funguje tak, že je postaven na Postfixu a Dovecotu + webová nádstavba Roundcube (uživatelé v MySQL). Mým cílem je ukecat Dovecot, aby fungoval jako LDA a aby respektoval pravidla dle Sieve. níže příkládám obsah konfiguračních souborů Postfixu a Dovecotu:

dovecot.conf

base_dir = /var/run/dovecot/
#mail_debug=yes
protocols = imap managesieve

listen = *

disable_plaintext_auth = no

shutdown_clients = yes

#ssl_cert_file = /etc/ssl/cert.pem
#ssl_key_file = /etc/ssl/cert.key
#ssl_ca_file = /etc/ssl/root.crt
#ssl = no
ssl_verify_client_cert = no

login_dir = /var/run/dovecot/login
login_chroot = yes
login_user = dovecot
login_process_size = 64

#mail_location = maildir:~/.maildir
mail_location = maildir:/home/mails/%n@%d

auth_executable = /usr/lib/dovecot/dovecot-auth
auth_process_size = 256

protocol imap {
	imap_client_workarounds = outlook-idle
	mail_plugins = quota imap_quota
}

#protocol pop3 {
#	mail_plugins = quota
#}

protocol lda {
	postmaster_address = admin@example.com
	mail_plugins = quota sieve
	mail_plugin_dir = /usr/lib/dovecot/modules/lda
	sendmail_path = /usr/lib/sendmail
	auth_socket_path = /var/run/dovecot/auth-master
	mail_debug=yes
}

protocol managesieve {
	managesieve_logout_format = bytes ( in=%i : out=%o )
	mail_debug=yes
	listen = *:2000
}

auth default {
	mechanisms = plain
	
	passdb sql {
		args = /etc/dovecot/sql.conf
	}

	userdb sql {
		args = /etc/dovecot/sql.conf
	}

	user = root

	socket listen {
		master {
			path = /var/run/dovecot/auth-master
			mode = 0600
			user = mailsystem
			group = mailsystem
		}
		
		client {
			path = /var/spool/postfix/private/auth
			mode = 0660
			user = postfix
			group = postfix
		}
	}
}

plugin {
#	quota = maildir: User quota
#	quota_rule = *:storage=0

	sieve_global_path = /home/mail/global.sieve
	sieve_before = /home/mail/global.sieve

#	sieve=~/.dovecot.sieve
#	sieve_dir=~/sieve
	sieve = /home/mail/%n@%d/sieve/dovecot.sieve
}

master.conf

#
# Postfix master process configuration file.  For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp      inet  n       -       -       -       -       smtpd
#submission inet n       -       -       -       -       smtpd
#  -o smtpd_tls_security_level=encrypt
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#smtps     inet  n       -       -       -       -       smtpd
#  -o smtpd_tls_wrappermode=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#628       inet  n       -       -       -       -       qmqpd
pickup    fifo  n       -       -       60      1       pickup
cleanup   unix  n       -       -       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
#qmgr     fifo  n       -       -       300     1       oqmgr
tlsmgr    unix  -       -       -       1000?   1       tlsmgr
rewrite   unix  -       -       -       -       -       trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
flush     unix  n       -       -       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       -       -       -       smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay     unix  -       -       -       -       -       smtp
	-o smtp_fallback_relay=
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
retry     unix  -       -       -       -       -       error
discard   unix  -       -       -       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       -       -       -       lmtp
anvil     unix  -       -       -       -       1       anvil
scache    unix  -       -       -       -       1       scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#
# ====================================================================
#
# Recent Cyrus versions can use the existing "lmtp" master.cf entry.
#
# Specify in cyrus.conf:
#   lmtp    cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
#
# Specify in main.cf one or more of the following:
#  mailbox_transport = lmtp:inet:localhost
#  virtual_transport = lmtp:inet:localhost
#
# ====================================================================
#
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
#
#cyrus     unix  -       n       n       -       -       pipe
#  user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
#
# ====================================================================
# Old example of delivery via Cyrus.
#
#old-cyrus unix  -       n       n       -       -       pipe
#  flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
#
# ====================================================================
#
# See the Postfix UUCP_README file for configuration details.
#
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix	-	n	n	-	2	pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman   unix  -       n       n       -       -       pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}

main.cf

mynetworks = 127.0.0.0/8, 10.0.0.0/24

# Jmenna adresa serveru
myhostname = machine.example.com

# Pouzije se pokud je odesilatel pouze lokalnim uzivatelem
myorigin = $mydomain

# Uvitaci text serveru
smtpd_banner = $myhostname ESMTP $mail_name

# Bude poslouchat na všech rozhranich
inet_interfaces = all

# Bude komunikovat jak na ipv4 tak na ipv6
inet_protocols = all

# Vraci seznam vsech aliasu pro lokalni uzivatele
alias_maps = mysql:/etc/postfix/mysql/aliases.cf

# Nastaveni pro aliasu pro virtualni uzivatele a je zde pridan i domenovy kos a e-mailove adresy spadajici mimo domenovy kos
virtual_maps = mysql:/etc/postfix/mysql/virtual.cf mysql:/etc/postfix/mysql/email.cf mysql:/etc/postfix/mysql/trash.cf

# Mnozina moznost urcujici jak se ktere emaily budou dorucovat
transport_maps = mysql:/etc/postfix/mysql/transport.cf

# Urcuje platne prijemce mailu pro lokalni uzivatele
local_recipient_maps = $alias_maps $virtual_mailbox_maps unix:passwd.byname

# Chybovy stav pokud lokalni uzivatel neexistuje
unknown_local_recipient_reject_code = 550

# Znaci jak se bude ukladat posta lokalnich uzivatelu
home_mailbox = Maildir/

# Cesta k mistu, kde budou mailboxy virtualnich uzivatelu. Kompletni cesna k mailboxu vznikne tim, 
# ze se k virtual_mailbox_base pridat cast maildir v databazi u uzivatele
virtual_mailbox_base = /home/mails

# Je seznam virtualnich uzivatelu
virtual_mailbox_maps = mysql:/etc/postfix/mysql/virtual-maps.cf

# Mapovani iud a gid na skutecneho uzivatele/skupinu, pod kterym se e-mail doruci
virtual_uid_maps = mysql:/etc/postfix/mysql/virtual-uid.cf
virtual_gid_maps = mysql:/etc/postfix/mysql/virtual-gid.cf



#smtpd_recipient_restrictions = check_recipient_access mysql:/etc/postfix/mysql/recipient.cf, reject_unknown_sender_domain, permit_mynetworks, permit_sasl_authenticated, check_relay_domains, reject

smtpd_recipient_restrictions = 
	permit_mynetworks,
	reject_non_fqdn_recipient,
	reject_unknown_recipient_domain,
	check_recipient_access mysql:/etc/postfix/mysql/recipient.cf,
	reject_unauth_destination,
	permit

smtpd_sender_restrictions = 
	permit_mynetworks,
	reject_non_fqdn_sender,
	reject_unknown_sender_domain,
	permit
#	reject_non_fqdn_sender,
#	reject_uknown_sender_domain,
#	check_sender_access mysql:/etc/postfix/mysql/recipient.cf,
#	permit


#
queue_directory = /var/spool/postfix

#
command_directory = /usr/sbin

#
daemon_directory = /usr/lib/postfix


#mail_spool_directory = /var/spool/mail
mail_spool_directory = /home/mails

debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:usr/X11R6/bin xxgdb $daemon_directory/$process_name $process_id & sleep 5

sendmail_path = /usr/sbin/sendmail
newaliasses_path = /usr/bin/newaliasses
mailq_path = /usr/bin/mailq
setgid_group = postdrop

#html_directory = /usr/share/doc/postfix-2.5.5/html
manpage_directory = /usr/share/man
sample_directory = /etc/postfix
#readme_directory = /usr/share/doc/postfix-2.5.5/readme

message_size_limit = 504857600
mailbox_size_limit = 9504857600
virtual_mailbox_limit = 9504857600

dovecot_destination_recipient_limit = 1

smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
#smtpd_use_tls = yes
smtpd_use_tls = no

#smtpd_tls_key_file = /etc/ssl/cert.key
#smtpd_tls_cert_file = /etc/ssl/cert.pem
#smtpd_tls_CAfile = /etc/ssl/ca.pem
tls_random_source = dev:/dev/urandom

smtpd_tls_loglevel = 2
smtpd_tls_auth_only = yes

disable_vrfy_command = yes

Opravdu si s tím už nevím rady a proto bych Vás rád poprosil o pomoc, nebo aspoň nakopnutí správným směrem (ideálně něco aktuálního :D)

Předem děkuji za jakoukoliv odpověď)

Nástroje: Začni sledovat (0) ?Zašle upozornění na váš email při vložení nového komentáře.

Odpovědi

3.4.2011 21:35 Filgy
Rozbalit Rozbalit vše Re: Jak na Dovecot LDA aneb Jak na Sieve?
Odpovědět | | Sbalit | Link | Blokovat | Admin
Vypadá to, že si nejspíš odpovím sám, kdyby někdo měl náhodou stejnej problém)

Po čistém reinstalu postfixu i dovecotu vše funguje s těmito konfiguráky:

main.cf 
myhostname = machine.example.com

myorigin = $mydomain

mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 10.0.0.0/24

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)

inet_interfaces = all

inet_protocols = all

biff = no

mailbox_command = /usr/lib/dovecot/deliver
virtual_transport = dovecot
dovecot_destination_recipient_limit = 1

virtual_mailbox_base = /home/mails

virtual_mailbox_maps = mysql:/etc/postfix/mysql/virtual-maps.cf

virtual_uid_maps = mysql:/etc/postfix/mysql/virtual-uid.cf
virtual_gid_maps = mysql:/etc/postfix/mysql/virtual-gid.cf

home_mailbox = Maildir/

message_size_limit = 504857600
mailbox_size_limit = 9504857600
virtual_mailbox_limit = 9504857600

recipient_delimiter = +


alias_maps = mysql:/etc/postfix/mysql/aliases.cf

virtual_maps = mysql:/etc/postfix/mysql/virtual.cf mysql:/etc/postfix/mysql/email.cf mysql:/etc/postfix/mysql/trash.cf

transport_maps = mysql:/etc/postfix/mysql/transport.cf

local_recipient_maps = $alias_maps $virtual_mailbox_maps unix:passwd.byname

readme_directory = /usr/share/doc/postfix

html_directory = /usr/share/doc/postfix/html

smtpd_use_tls=no

smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_use_tls = no

disable_vrfy_command = yes




smtpd_recipient_restrictions =
        permit_mynetworks,
        reject_non_fqdn_recipient,
        reject_unknown_recipient_domain,
        check_recipient_access mysql:/etc/postfix/mysql/recipient.cf,
        reject_unauth_destination,
        permit

smtpd_sender_restrictions =
        permit_mynetworks,
        reject_non_fqdn_sender,
        reject_unknown_sender_domain,
        permit
master.cf 
smtp      inet  n       -       -       -       -       smtpd
pickup    fifo  n       -       -       60      1       pickup
cleanup   unix  n       -       -       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
tlsmgr    unix  -       -       -       1000?   1       tlsmgr
rewrite   unix  -       -       -       -       -       trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
flush     unix  n       -       -       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       -       -       -       smtp
relay     unix  -       -       -       -       -       smtp
	-o smtp_fallback_relay=
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
retry     unix  -       -       -       -       -       error
discard   unix  -       -       -       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       -       -       -       lmtp
anvil     unix  -       -       -       -       1       anvil
scache    unix  -       -       -       -       1       scache
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}

dovecot   unix  -       n       n       -       -       pipe
  flags=DRhu user=mailsystem:mailsystem argv=/usr/lib/dovecot/deliver -f ${sender} -d ${recipient}
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix	-	n	n	-	2	pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman   unix  -       n       n       -       -       pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}
dovecot.conf 
protocols = imap managesieve

shutdown_clients = yes

ssl_verify_client_cert = no

login_dir = /var/run/dovecot/login

login_chroot = yes

login_user = dovecot

login_process_size = 64

mail_location = maildir:/home/mails/%n@%d

mail_uid = 1004

mail_gid = 1007

mail_privileged_group = mailsystem

mail_debug = yes

protocol imap {

  mail_plugins = quota imap_quota

  mail_plugin_dir = /usr/lib/dovecot/modules/imap

  imap_client_workarounds = outlook-idle

}

protocol pop3 {

  pop3_uidl_format = %08Xu%08Xv

}

protocol managesieve {

  login_executable = /usr/lib/dovecot/managesieve-login

  mail_executable = /usr/lib/dovecot/managesieve

  managesieve_logout_format = bytes=%i/%o

  managesieve_implementation_string = Dovecot

}

protocol lda {

  postmaster_address = admin@example.com

  hostname = machine.example.com

  mail_plugins = quota sieve

  mail_plugin_dir = /usr/lib/dovecot/modules/lda

  rejection_subject = Rejected: %s

  rejection_reason = Your message to <%t> was automatically rejected:%n%r

  auth_socket_path = /var/run/dovecot/auth-master

}

auth_executable = /usr/lib/dovecot/dovecot-auth

auth_process_size = 256

auth default {

  mechanisms = plain

  passdb sql {

    args = /etc/dovecot/sql.conf

  }

  userdb sql {

    args = /etc/dovecot/sql.conf

  }

  user = root

  socket listen {

    master {

      path = /var/run/dovecot/auth-master

      mode = 0600

      user = mailsystem

      group = mailsystem

    }

    client {

      path = /var/spool/postfix/private/auth

      mode = 0660

      user = postfix

      group = postfix

    }

  }

}

plugin {

  sieve = /home/mails/%n@%d/sieve/dovecot.sieve

  sieve_dir=/home/mails/%n@%d/sieve

  sieve_before= /home/mail/global.sieve

}
Přesto jakékoliv připomínky/návrhy na vylepšení rád uvítám)

Založit nové vláknoNahoru

Tiskni Sdílej: Linkuj Jaggni to Vybrali.sme.sk Google Del.icio.us Facebook

ISSN 1214-1267, (c) 1999-2007 Stickfish s.r.o.