«
»

Managing Dovecot Sieve scripts with Horde-Ingo

June 19, 2008, 3:14 pm

I finally got around to getting sieve working with dovecot which was pretty easy. Next, I wanted to be able to manage the sieve rules via the Horde-Ingo webmail interface. This seemed like it should be an easy and common thing to do, however, it ended up taking a couple of days to sift through the rather poor hored/ingo docs, email back and forth on the mailing list, and do a lot of trial and error. (mostly error).

Finally, I found a solution that works…. here it is (Assuming you already have dovecot-sieve working):

Software:

Debian etch
Dovecot 1.0.13 (with dovecot common)
Horde 3.2-RC2
Ingo 1.2-RC2

Step 1: Setup proper permissions

For Ingo to be able to write out sieve scripts, the apache user needs permissions to write to the Maildir folders.
I did this by simply adding the www-data user to the vmail group.

:# adduser www-data vmail
:# /etc/init.d/apache2 restart

This will give www-data permissions to write to the Maildir folders (owned by vmail:vmail) but if we just let Ingo create the scripts from scratch, they will be owned by www-data:www-data and vmail won’t be able to use them.

To correct this, just make sure you create an empty .dovecot.sieve when the user’s Maildir folder is created.

I handled this by adding:

touch $2/Maildir/.dovecot.sieve

to my /usr/bin/maildirmake script.

Step 2: Setup Ingo Backend

In the horde/ingo/config directory, there is a file called backends.php. This file by default contains a bunch of different entries that tell Ingo how to store the mail filters.

For Ingo to actually work, there should only be one entry in this file (as I’m told). So for starters, just delete all of the entries in this file.

Now that we have a clean backends.php, we need to add an entry to tell Ingo where and how to save our .dovecot.sieve scripts.

There are many options for storage but the simplest for our purposes is to just use the filesystem.
To enable this, add the following entry to the file

$backends['dovecot'] = array(
    'driver' => 'vfs',
    'hordeauth' => true,
    'params' => array(
        'filename' => '.dovecot.sieve',
        'vfsroot' => '/var/vmail',
        'vfs_path' => '/example.com/%u/Maildir',
        'vfstype' => 'file'
    ),
    'script' => 'sieve',
    'scriptparams' => array(),
);

This should all be pretty self-explanatory, but you’ll notice on line 7, we’re hardcoding the domain. This is because Ingo will expand %u as the user, but it does not currently expand any variable as the domain. (i.e. %d)

See Domain Workaround Below

That’s it. If you now log into horde and create/edit filters, they should be saved to the .dovecot.sieve file in the user’s Maildir. Pretty simple, and now documented. :)

Enjoy.

Share this post:
  • Digg
  • Google Bookmarks
  • DZone
  • Slashdot
  • del.icio.us
  • StumbleUpon
  • Facebook
Category: linux  |  Comment (RSS)  |  Trackback

14 Comments

  1. martin:

    Works fine for me. Thanks.

    Is there a workaround available for the missing domainvariable? That would be great.

    July 2, 2008, 3:56 am

  2. ecuapac:

    Workaround for Virtual Domains:

    Hi, I’ve altered the backend.php in order to get the virtual domain name that way:

    $__user = $_SESSION['imp']['user'];
    $__domain = substr($__user, strpos($__user, ‘@’) + 1);

    $backends['dovecot'] = array(
    ‘driver’ => ‘vfs’,
    ‘hordeauth’ => true,
    ‘params’ => array(
    ‘filename’ => ‘.dovecot.sieve’,
    ‘vfsroot’ => ‘/var/mail’,
    ‘vfs_path’ => ‘/’.$__domain.’/%u/’,
    ‘vfstype’ => ‘file’
    ),
    ’script’ => ’sieve’,
    ’scriptparams’ => array(),
    );

    Regards!

    July 31, 2008, 4:07 am

  3. jdoklovic:

    Thanks for posting the workaround!

    July 31, 2008, 9:58 am

  4. Aleksey:

    Hi,

    I think it is better and more secure to use Dovecot ManageSieve Server.

    Please look at http://wiki.dovecot.org/LDA/Sieve and http://wiki.dovecot.org/ManageSieve
    In Debian and Ubuntu Linux ManageSieve is already compiled-in.

    Ingo backends.php will be the same as for Cyrus CMU sieve:

    $backends['sieve'] = array(
    ‘driver’ => ‘timsieved’,
    ‘preferred’ => ‘localhost’,
    ‘hordeauth’ => full,
    ‘params’ => array(
    ‘hostspec’ => ‘localhost’,
    ‘logintype’ => ‘PLAIN’,
    ‘usetls’ => false,
    ‘port’ => 2000,
    ’scriptname’ => ‘ingo’,
    ),
    ’script’ => ’sieve’,
    ’scriptparams’ => array(),
    ’shares’ => false
    );

    If you have any questions about Dovecot ManageSieve configuration just let me know.

    August 17, 2008, 4:05 pm

  5. Frames:

    Y’all guys rock. Just a few comments for those who want to try …

    1. Ingo 1.1 does not seem to support the file vfstype.

    2. For the less experienced cats, “=>” must be substituted by “=>” (no quotes) on step 2 in this tutorial.

    3. Aleksey’s solution works like a charm and it’s quite easy to implement.

    4. I’d also change backticks ’ by single ticks ‘ (or whatever their name is) in Aleksey’s example.

    5. Managesieve is not included in Ubuntu until 8.10 (Intrepid).

    Thanks for such a wonderful post (and comments). Installing a full fledged mail server with webmail and sync capabilities is not easy, starting with all the options available and all the scattered info. I was about to throw the towell in favor of GMail + ScheduleWorld or the like, and now I only have to learn LDAP for addressbooks instead of MySQL.

    But that’s another story …

    January 11, 2009, 5:51 pm

  6. Frames:

    Oops! WordPress comments seem to have “corrected” the characters in item 2 above. Hopefully, you’ll know what I meant.

    January 11, 2009, 5:52 pm

  7. Markus Majer:

    Hi there..

    >> Managesieve is not included in Ubuntu?
    Look here: https://bugs.launchpad.net/ubuntu/+source/dovecot/+bug/129630

    “This has been included in dovecot for intrepid. Thanks for the bug report.”

    Aleksey was right.. PS: Aleksey could you also provide the dovecot.conf part of your managesieve configuration? I didn’t get it working perhaps my failure is on dovecots side..

    February 22, 2009, 7:20 pm

  8. Aleksey:

    Hello!
    My dovecot.conf:

    protocols = imap imaps pop3 pop3s managesieve
    disable_plaintext_auth = no
    log_timestamp = “%Y-%m-%d %H:%M:%S ”
    ssl_cert_file = /etc/ssl/certs/example_com.crt
    ssl_key_file = /etc/ssl/private/example_com.key
    login_greeting = Server ready.
    mail_location = maildir:/var/spool/vmail/%d/%n
    mail_uid = 1001
    mail_gid = 1001
    mail_privileged_group = vmail
    first_valid_uid = 1001
    last_valid_uid = 1001
    first_valid_gid = 1001
    last_valid_gid = 1001
    protocol imap {
    mail_plugins = quota imap_quota
    imap_client_workarounds = delay-newmail
    }
    protocol pop3 {
    pop3_uidl_format = %08Xu%08Xv
    mail_plugins = quota
    pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
    }
    protocol lda {
    postmaster_address = postmaster@example.com
    mail_plugins = quota cmusieve
    }
    protocol managesieve {
    listen = localhost:2000
    sieve = /var/spool/sieve/%d/%n/.dovecot.sieve
    sieve_storage = /var/spool/sieve/%d/%n
    }
    auth default {
    auth_username_format = %Lu
    mechanisms = plain login
    passdb sql {
    args = /etc/dovecot/dovecot-sql.conf
    }
    userdb sql {
    args = /etc/dovecot/dovecot-sql.conf
    }
    userdb prefetch {
    }
    user = nobody
    socket listen {
    master {
    path = /var/run/dovecot/auth-master
    mode = 0660
    user = vmail
    group = vmail
    }
    client {
    path = /var/spool/postfix/private/auth
    mode = 0660
    user = postfix
    group = postfix
    }
    }
    }
    dict {
    }
    plugin {
    quota = maildir
    sieve = /var/spool/sieve/%d/%n/.dovecot.sieve
    }

    May 27, 2009, 6:22 am

  9. taunusstein.net:

    @Aleksey: Managesieve does not work:

    {293}ingo: line 4: error: require command: unknown Sieve capability ‘imapflags’. ingo: line 14: error: unknown command ‘addflag’ (only reported once at first occurence). ingo: line 16: error: unknown command ‘removeflag’ (only reported once at first occurence). ingo: error: validation failed.

    July 19, 2009, 5:04 am

  10. Martin:

    Hello,

    with Debian Lenny dovecot-managesieve-horde-ingo is working. I mostly followed http://workaround.org/ispmail/lenny/server-side-sieve-filtering . One user has posted a ingo configuration in the comment section which worked for me. It’s the same configuration that Aleksey posted, but with tls – this also works for me.

    best regards

    Martin

    September 13, 2009, 4:26 am

  11. newsieve:

    Hi,
    how can the backend.php been enabled ? In Horde I have a running ingo, but no sieve backend.
    Thanks for your help in advance.

    December 28, 2009, 11:38 am

  12. maildirmake script:

    Dear ALL,

    I use centos 5.4. Installed dovecot from source but I could not find maildirmake command. Could any one advice me about this?

    March 21, 2010, 5:37 am

  13. don:

    New to this…trying to put together a Release Management system for WordpressMU. Can you guys help in any way. Can you point me to any books and tutorial or which software I should consider configuring for the job. CHEERS.

    May 18, 2010, 7:33 am

  14. firefix:

    Please help:
    My ingo (Horde frontend) by some users says when they trying to put some extra emails in whitelist or blacklist:
    There was an error activating the script. The driver said: (QUOTA) “Quota exceeded”
    The rest I got working. I see that the size of the .dovecot.sieve file is 99.865 bytes. I don’t use quota for Maildir. Please let me know how to increase that quota. I was searching everywhere – haven’t found.

    June 7, 2010, 6:13 am

Leave a comment