Managing Dovecot Sieve scripts with Horde-Ingo
I finally got around to getting sieve working with dovecot which was pretty easy. Next, I wanted to be able to manage the sieve rules via the Horde-Ingo webmail interface. This seemed like it should be an easy and common thing to do, however, it ended up taking a couple of days to sift through the rather poor hored/ingo docs, email back and forth on the mailing list, and do a lot of trial and error. (mostly error).
Finally, I found a solution that works…. here it is (Assuming you already have dovecot-sieve working):
Software:
Debian etch
Dovecot 1.0.13 (with dovecot common)
Horde 3.2-RC2
Ingo 1.2-RC2
Step 1: Setup proper permissions
For Ingo to be able to write out sieve scripts, the apache user needs permissions to write to the Maildir folders.
I did this by simply adding the www-data user to the vmail group.
:# adduser www-data vmail :# /etc/init.d/apache2 restart
This will give www-data permissions to write to the Maildir folders (owned by vmail:vmail) but if we just let Ingo create the scripts from scratch, they will be owned by www-data:www-data and vmail won’t be able to use them.
To correct this, just make sure you create an empty .dovecot.sieve when the user’s Maildir folder is created.
I handled this by adding:
touch $2/Maildir/.dovecot.sieve
to my /usr/bin/maildirmake script.
Step 2: Setup Ingo Backend
In the horde/ingo/config directory, there is a file called backends.php. This file by default contains a bunch of different entries that tell Ingo how to store the mail filters.
For Ingo to actually work, there should only be one entry in this file (as I’m told). So for starters, just delete all of the entries in this file.
Now that we have a clean backends.php, we need to add an entry to tell Ingo where and how to save our .dovecot.sieve scripts.
There are many options for storage but the simplest for our purposes is to just use the filesystem.
To enable this, add the following entry to the file
$backends['dovecot'] = array( 'driver' => 'vfs', 'hordeauth' => true, 'params' => array( 'filename' => '.dovecot.sieve', 'vfsroot' => '/var/vmail', 'vfs_path' => '/example.com/%u/Maildir', 'vfstype' => 'file' ), 'script' => 'sieve', 'scriptparams' => array(), );
This should all be pretty self-explanatory, but you’ll notice on line 7, we’re hardcoding the domain. This is because Ingo will expand %u as the user, but it does not currently expand any variable as the domain. (i.e. %d)
That’s it. If you now log into horde and create/edit filters, they should be saved to the .dovecot.sieve file in the user’s Maildir. Pretty simple, and now documented. 
Enjoy.
martin:
Works fine for me. Thanks.
Is there a workaround available for the missing domainvariable? That would be great.
July 2, 2008, 3:56 amecuapac:
Workaround for Virtual Domains:
Hi, I’ve altered the backend.php in order to get the virtual domain name that way:
$__user = $_SESSION['imp']['user'];
$__domain = substr($__user, strpos($__user, ‘@’) + 1);
$backends['dovecot'] = array(
‘driver’ => ‘vfs’,
‘hordeauth’ => true,
‘params’ => array(
‘filename’ => ‘.dovecot.sieve’,
‘vfsroot’ => ‘/var/mail’,
‘vfs_path’ => ‘/’.$__domain.’/%u/’,
‘vfstype’ => ‘file’
),
’script’ => ’sieve’,
’scriptparams’ => array(),
);
Regards!
July 31, 2008, 4:07 amjdoklovic:
Thanks for posting the workaround!
July 31, 2008, 9:58 amAleksey:
Hi,
I think it is better and more secure to use Dovecot ManageSieve Server.
Please look at http://wiki.dovecot.org/LDA/Sieve and http://wiki.dovecot.org/ManageSieve
In Debian and Ubuntu Linux ManageSieve is already compiled-in.
Ingo backends.php will be the same as for Cyrus CMU sieve:
$backends['sieve'] = array(
‘driver’ => ‘timsieved’,
‘preferred’ => ‘localhost’,
‘hordeauth’ => full,
‘params’ => array(
‘hostspec’ => ‘localhost’,
‘logintype’ => ‘PLAIN’,
‘usetls’ => false,
‘port’ => 2000,
’scriptname’ => ‘ingo’,
),
’script’ => ’sieve’,
’scriptparams’ => array(),
’shares’ => false
);
If you have any questions about Dovecot ManageSieve configuration just let me know.
August 17, 2008, 4:05 pmFrames:
Y’all guys rock. Just a few comments for those who want to try …
1. Ingo 1.1 does not seem to support the file vfstype.
2. For the less experienced cats, “=>” must be substituted by “=>” (no quotes) on step 2 in this tutorial.
3. Aleksey’s solution works like a charm and it’s quite easy to implement.
4. I’d also change backticks ’ by single ticks ‘ (or whatever their name is) in Aleksey’s example.
5. Managesieve is not included in Ubuntu until 8.10 (Intrepid).
Thanks for such a wonderful post (and comments). Installing a full fledged mail server with webmail and sync capabilities is not easy, starting with all the options available and all the scattered info. I was about to throw the towell in favor of GMail + ScheduleWorld or the like, and now I only have to learn LDAP for addressbooks instead of MySQL.
But that’s another story …
January 11, 2009, 5:51 pmFrames:
Oops! WordPress comments seem to have “corrected” the characters in item 2 above. Hopefully, you’ll know what I meant.
January 11, 2009, 5:52 pmMarkus Majer:
Hi there..
>> Managesieve is not included in Ubuntu?
Look here: https://bugs.launchpad.net/ubuntu/+source/dovecot/+bug/129630
“This has been included in dovecot for intrepid. Thanks for the bug report.”
Aleksey was right.. PS: Aleksey could you also provide the dovecot.conf part of your managesieve configuration? I didn’t get it working perhaps my failure is on dovecots side..
February 22, 2009, 7:20 pmAleksey:
Hello!
My dovecot.conf:
protocols = imap imaps pop3 pop3s managesieve
May 27, 2009, 6:22 amdisable_plaintext_auth = no
log_timestamp = “%Y-%m-%d %H:%M:%S ”
ssl_cert_file = /etc/ssl/certs/example_com.crt
ssl_key_file = /etc/ssl/private/example_com.key
login_greeting = Server ready.
mail_location = maildir:/var/spool/vmail/%d/%n
mail_uid = 1001
mail_gid = 1001
mail_privileged_group = vmail
first_valid_uid = 1001
last_valid_uid = 1001
first_valid_gid = 1001
last_valid_gid = 1001
protocol imap {
mail_plugins = quota imap_quota
imap_client_workarounds = delay-newmail
}
protocol pop3 {
pop3_uidl_format = %08Xu%08Xv
mail_plugins = quota
pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
}
protocol lda {
postmaster_address = postmaster@example.com
mail_plugins = quota cmusieve
}
protocol managesieve {
listen = localhost:2000
sieve = /var/spool/sieve/%d/%n/.dovecot.sieve
sieve_storage = /var/spool/sieve/%d/%n
}
auth default {
auth_username_format = %Lu
mechanisms = plain login
passdb sql {
args = /etc/dovecot/dovecot-sql.conf
}
userdb sql {
args = /etc/dovecot/dovecot-sql.conf
}
userdb prefetch {
}
user = nobody
socket listen {
master {
path = /var/run/dovecot/auth-master
mode = 0660
user = vmail
group = vmail
}
client {
path = /var/spool/postfix/private/auth
mode = 0660
user = postfix
group = postfix
}
}
}
dict {
}
plugin {
quota = maildir
sieve = /var/spool/sieve/%d/%n/.dovecot.sieve
}
taunusstein.net:
@Aleksey: Managesieve does not work:
{293}ingo: line 4: error: require command: unknown Sieve capability ‘imapflags’. ingo: line 14: error: unknown command ‘addflag’ (only reported once at first occurence). ingo: line 16: error: unknown command ‘removeflag’ (only reported once at first occurence). ingo: error: validation failed.
July 19, 2009, 5:04 amMartin:
Hello,
with Debian Lenny dovecot-managesieve-horde-ingo is working. I mostly followed http://workaround.org/ispmail/lenny/server-side-sieve-filtering . One user has posted a ingo configuration in the comment section which worked for me. It’s the same configuration that Aleksey posted, but with tls – this also works for me.
best regards
Martin
September 13, 2009, 4:26 amnewsieve:
Hi,
December 28, 2009, 11:38 amhow can the backend.php been enabled ? In Horde I have a running ingo, but no sieve backend.
Thanks for your help in advance.