Per user sieve scripts - Githubissues

eqyiel commented 6 years ago

This is my proposed solution to #36.

It was a seamless change for me, but I'd recommend backing up your maildirs before trying it. The biggest change is making loginAccounts not system users.

So also beware if you're using loginAccounts as actual users (but I very much doubt that because their home dirs were previously set to /var/empty.

You'll end up with two new files for each domain: ${mailDirectory}/domain/passwd and ${mailDirectory}/domain/shadow.

Here's a relevant snippet from the logs showing the sieve script getting used:

Nov 18 15:27:17 maher.fyi dovecot[24424]: lmtp(ruben@maher.fyi): Debug: sieve: Pigeonhole version 0.4.20 (7cd71ba) initializing
Nov 18 15:27:17 maher.fyi dovecot[24424]: lmtp(ruben@maher.fyi): Debug: sieve: include: sieve_global is not set; it is currently not possible to include `:global' scripts.
Nov 18 15:27:17 maher.fyi dovecot[24424]: lmtp(ruben@maher.fyi): Debug: qMerNK29D1p0DQAAzVmk8w: sieve: file storage: Performing auto-detection
Nov 18 15:27:17 maher.fyi dovecot[24424]: lmtp(ruben@maher.fyi): Debug: qMerNK29D1p0DQAAzVmk8w: sieve: file storage: Root exists (/mnt/home/vmail/maher.fyi/ruben)
Nov 18 15:27:17 maher.fyi dovecot[24424]: lmtp(ruben@maher.fyi): Debug: qMerNK29D1p0DQAAzVmk8w: sieve: file storage: Storage path `/mnt/home/vmail/maher.fyi/ruben/sieve' not found
Nov 18 15:27:17 maher.fyi dovecot[24424]: lmtp(ruben@maher.fyi): Debug: qMerNK29D1p0DQAAzVmk8w: sieve: file storage: Active script path is unconfigured; using default (path=~/.dovecot.sieve)
Nov 18 15:27:17 maher.fyi dovecot[24424]: lmtp(ruben@maher.fyi): Debug: qMerNK29D1p0DQAAzVmk8w: sieve: file storage: Using Sieve script path: /mnt/home/vmail/maher.fyi/ruben/.dovecot.sieve
Nov 18 15:27:17 maher.fyi dovecot[24424]: lmtp(ruben@maher.fyi): Debug: qMerNK29D1p0DQAAzVmk8w: sieve: file script: Opened script `.dovecot' from `/mnt/home/vmail/maher.fyi/ruben/.dovecot.sieve'
Nov 18 15:27:17 maher.fyi dovecot[24424]: lmtp(ruben@maher.fyi): Debug: qMerNK29D1p0DQAAzVmk8w: sieve: file storage: Using Sieve script path: /var/lib/dovecot/sieve/before
Nov 18 15:27:17 maher.fyi dovecot[24424]: lmtp(ruben@maher.fyi): Debug: qMerNK29D1p0DQAAzVmk8w: sieve: file script: Opened script `before' from `/var/lib/dovecot/sieve/before'
Nov 18 15:27:17 maher.fyi dovecot[24424]: lmtp(ruben@maher.fyi): Debug: qMerNK29D1p0DQAAzVmk8w: sieve: Executed before user's personal Sieve script(1): /var/lib/dovecot/sieve/before
Nov 18 15:27:17 maher.fyi dovecot[24424]: lmtp(ruben@maher.fyi): Debug: qMerNK29D1p0DQAAzVmk8w: sieve: Using the following location for user's Sieve script: /mnt/home/vmail/maher.fyi/ruben/.dovecot.sieve
Nov 18 15:27:17 maher.fyi dovecot[24424]: lmtp(ruben@maher.fyi): Debug: Mailbox <lmtp DATA>: Opened mail UID=1 because: header Message-ID (Cache file is unusable)
Nov 18 15:27:17 maher.fyi dovecot[24424]: lmtp(ruben@maher.fyi): Debug: qMerNK29D1p0DQAAzVmk8w: sieve: Opening script 1 of 2 from `/var/lib/dovecot/sieve/before'
Nov 18 15:27:17 maher.fyi dovecot[24424]: lmtp(ruben@maher.fyi): Debug: qMerNK29D1p0DQAAzVmk8w: sieve: Loading script /var/lib/dovecot/sieve/before
Nov 18 15:27:17 maher.fyi dovecot[24424]: lmtp(ruben@maher.fyi): Debug: qMerNK29D1p0DQAAzVmk8w: sieve: Script binary /var/lib/dovecot/sieve/before.svbin successfully loaded
Nov 18 15:27:17 maher.fyi dovecot[24424]: lmtp(ruben@maher.fyi): Debug: qMerNK29D1p0DQAAzVmk8w: sieve: binary save: not saving binary /var/lib/dovecot/sieve/before.svbin, because it is already stored
Nov 18 15:27:17 maher.fyi dovecot[24424]: lmtp(ruben@maher.fyi): Debug: qMerNK29D1p0DQAAzVmk8w: sieve: Executing script from `/var/lib/dovecot/sieve/before.svbin'
Nov 18 15:27:17 maher.fyi dovecot[24424]: lmtp(ruben@maher.fyi): Debug: Mailbox <lmtp DATA>: Opened mail UID=1 because: header X-Spam (Cache file is unusable)
Nov 18 15:27:17 maher.fyi dovecot[24424]: lmtp(ruben@maher.fyi): Debug: qMerNK29D1p0DQAAzVmk8w: sieve: Opening script 2 of 2 from `/mnt/home/vmail/maher.fyi/ruben/.dovecot.sieve'
Nov 18 15:27:17 maher.fyi dovecot[24424]: lmtp(ruben@maher.fyi): Debug: qMerNK29D1p0DQAAzVmk8w: sieve: Loading script /mnt/home/vmail/maher.fyi/ruben/.dovecot.sieve
Nov 18 15:27:17 maher.fyi dovecot[24424]: lmtp(ruben@maher.fyi): Debug: qMerNK29D1p0DQAAzVmk8w: sieve: Script `.dovecot' from /mnt/home/vmail/maher.fyi/ruben/.dovecot.sieve successfully compiled
Nov 18 15:27:17 maher.fyi dovecot[24424]: lmtp(ruben@maher.fyi): Debug: qMerNK29D1p0DQAAzVmk8w: sieve: Executing script from `/mnt/home/vmail/maher.fyi/ruben/.dovecot.sieve'

eqyiel commented 6 years ago

I don't think the Travis failure is related to this change?

r-raymond commented 6 years ago

I think you need to rename vmailUIDStart which is set in /test/intern.nix. Renaming that should fix the error.

eqyiel commented 6 years ago

This is working for me:

Nov 19 06:58:46 maher.fyi dovecot[7412]: lmtp(ruben@maher.fyi): Debug: sieve: Pigeonhole version 0.4.20 (7cd71ba) initializing
Nov 19 06:58:46 maher.fyi dovecot[7412]: lmtp(ruben@maher.fyi): Debug: sieve: include: sieve_global is not set; it is currently not possible to include `:global' scripts.
Nov 19 06:58:46 maher.fyi dovecot[7412]: lmtp(ruben@maher.fyi): Debug: MAXWF/6XEFrRHQAAzVmk8w: sieve: file storage: Storage path `/mnt/home/vmail/maher.fyi/ruben/sieve' not found
Nov 19 06:58:46 maher.fyi dovecot[7412]: lmtp(ruben@maher.fyi): Debug: MAXWF/6XEFrRHQAAzVmk8w: sieve: file storage: Sieve storage path `/mnt/home/vmail/maher.fyi/ruben/sieve' not found, but the active script `/mnt/home/vmail/maher.fyi/ruben/.dovecot.sieve' is a regular file, so this is used for backwards compatibility.
Nov 19 06:58:46 maher.fyi dovecot[7412]: lmtp(ruben@maher.fyi): Debug: MAXWF/6XEFrRHQAAzVmk8w: sieve: file storage: Using Sieve script path: /mnt/home/vmail/maher.fyi/ruben/.dovecot.sieve
Nov 19 06:58:46 maher.fyi dovecot[7412]: lmtp(ruben@maher.fyi): Debug: MAXWF/6XEFrRHQAAzVmk8w: sieve: file script: Opened script `.dovecot' from `/mnt/home/vmail/maher.fyi/ruben/.dovecot.sieve'
Nov 19 06:58:46 maher.fyi dovecot[7412]: lmtp(ruben@maher.fyi): Debug: MAXWF/6XEFrRHQAAzVmk8w: sieve: file storage: Using Sieve script path: /var/lib/dovecot/sieve/before
Nov 19 06:58:46 maher.fyi dovecot[7412]: lmtp(ruben@maher.fyi): Debug: MAXWF/6XEFrRHQAAzVmk8w: sieve: file script: Opened script `before' from `/var/lib/dovecot/sieve/before'
Nov 19 06:58:46 maher.fyi dovecot[7412]: lmtp(ruben@maher.fyi): Debug: MAXWF/6XEFrRHQAAzVmk8w: sieve: Executed before user's personal Sieve script(1): /var/lib/dovecot/sieve/before
Nov 19 06:58:46 maher.fyi dovecot[7412]: lmtp(ruben@maher.fyi): Debug: MAXWF/6XEFrRHQAAzVmk8w: sieve: Using the following location for user's Sieve script: /mnt/home/vmail/maher.fyi/ruben/.dovecot.sieve
Nov 19 06:58:46 maher.fyi dovecot[7412]: lmtp(ruben@maher.fyi): Debug: Mailbox <lmtp DATA>: Opened mail UID=1 because: header Message-ID (Cache file is unusable)
Nov 19 06:58:46 maher.fyi dovecot[7412]: lmtp(ruben@maher.fyi): Debug: MAXWF/6XEFrRHQAAzVmk8w: sieve: Opening script 1 of 2 from `/var/lib/dovecot/sieve/before'
Nov 19 06:58:46 maher.fyi dovecot[7412]: lmtp(ruben@maher.fyi): Debug: MAXWF/6XEFrRHQAAzVmk8w: sieve: Loading script /var/lib/dovecot/sieve/before
Nov 19 06:58:46 maher.fyi dovecot[7412]: lmtp(ruben@maher.fyi): Debug: MAXWF/6XEFrRHQAAzVmk8w: sieve: Script binary /var/lib/dovecot/sieve/before.svbin successfully loaded
Nov 19 06:58:46 maher.fyi dovecot[7412]: lmtp(ruben@maher.fyi): Debug: MAXWF/6XEFrRHQAAzVmk8w: sieve: binary save: not saving binary /var/lib/dovecot/sieve/before.svbin, because it is already stored
Nov 19 06:58:46 maher.fyi dovecot[7412]: lmtp(ruben@maher.fyi): Debug: MAXWF/6XEFrRHQAAzVmk8w: sieve: Executing script from `/var/lib/dovecot/sieve/before.svbin'
Nov 19 06:58:46 maher.fyi dovecot[7412]: lmtp(ruben@maher.fyi): Debug: Mailbox <lmtp DATA>: Opened mail UID=1 because: header X-Spam (Cache file is unusable)
Nov 19 06:58:46 maher.fyi dovecot[7412]: lmtp(ruben@maher.fyi): Debug: MAXWF/6XEFrRHQAAzVmk8w: sieve: Opening script 2 of 2 from `/mnt/home/vmail/maher.fyi/ruben/.dovecot.sieve'
Nov 19 06:58:46 maher.fyi dovecot[7412]: lmtp(ruben@maher.fyi): Debug: MAXWF/6XEFrRHQAAzVmk8w: sieve: Loading script /mnt/home/vmail/maher.fyi/ruben/.dovecot.sieve
Nov 19 06:58:46 maher.fyi dovecot[7412]: lmtp(ruben@maher.fyi): Debug: MAXWF/6XEFrRHQAAzVmk8w: sieve: file script: Sieve binary `/mnt/home/vmail/maher.fyi/ruben/.dovecot.svbin' is not newer than the Sieve script `/mnt/home/vmail/maher.fyi/ruben/.dovecot.sieve' (2017-11-18 15:27:17.887555309 <= 2017-11-19 06:58:30.746982653)
Nov 19 06:58:46 maher.fyi dovecot[7412]: lmtp(ruben@maher.fyi): Debug: MAXWF/6XEFrRHQAAzVmk8w: sieve: binary up-to-date: script metadata indicates that binary /mnt/home/vmail/maher.fyi/ruben/.dovecot.svbin is not up-to-date
Nov 19 06:58:46 maher.fyi dovecot[7412]: lmtp(ruben@maher.fyi): Debug: MAXWF/6XEFrRHQAAzVmk8w: sieve: Script binary /mnt/home/vmail/maher.fyi/ruben/.dovecot.svbin is not up-to-date
Nov 19 06:58:46 maher.fyi dovecot[7412]: lmtp(ruben@maher.fyi): Debug: MAXWF/6XEFrRHQAAzVmk8w: sieve: Script `.dovecot' from /mnt/home/vmail/maher.fyi/ruben/.dovecot.sieve successfully compiled
Nov 19 06:58:46 maher.fyi dovecot[7412]: lmtp(ruben@maher.fyi): Debug: MAXWF/6XEFrRHQAAzVmk8w: sieve: Executing script from `/mnt/home/vmail/maher.fyi/ruben/.dovecot.sieve'
Nov 19 06:58:46 maher.fyi dovecot[7412]: lmtp(ruben@maher.fyi): Debug: Mailbox <lmtp DATA>: Opened mail UID=1 because: header list-id (Cache file is unusable)
Nov 19 06:58:46 maher.fyi dovecot[7412]: lmtp(ruben@maher.fyi): Debug: INBOX: Mailbox opened because: lib-lda delivery
Nov 19 06:58:46 maher.fyi dovecot[7412]: lmtp(ruben@maher.fyi): Debug: Mailbox <lmtp DATA>: Opened mail UID=1 because: copying
Nov 19 06:58:46 maher.fyi dovecot[7412]: lmtp(ruben@maher.fyi): MAXWF/6XEFrRHQAAzVmk8w: sieve: msgid=<874lprz5z6.fsf@ayanami.maher.fyi>: stored mail into mailbox 'INBOX'
Nov 19 06:58:46 maher.fyi dovecot[7412]: lmtp(7633): Disconnect from local: Successful quit

I'll do the vmail UID rename thing in another PR.

r-raymond commented 6 years ago

That looks great! Let me ask you though is there any reason to put the sieve scripts into the mail folders? It seems to me as this makes things more complicated because we have to manually create all the folders for domains and users. I'm asking because I always tried to not touch /var/vmail, and let dovecot do its thing.

eqyiel commented 6 years ago

@r-raymond yeah I felt a bit gross trying to match up the permissions with what dovecot would have created.

eqyiel commented 6 years ago

Alright, I rebased and changed it so that it doesn't touch mailDirectory.

Here's an example of what the sieve dir looks like:

root@maher> ls -lha /var/sieve
total 20K
drwxrwx---  2 vmail           vmail 4.0K Nov 20 08:50 .
drwxr-xr-x 11 root            root  4.0K Nov 20 08:44 ..
-rw-r--r--  1 r@rkm.id.au     vmail   35 Nov 20 08:46 r@rkm.id.au.sieve
-rw-r--r--  1 ruben@maher.fyi vmail  339 Nov 20 08:46 ruben@maher.fyi.sieve
-rw-r--r--  1 ruben@maher.fyi vmail  323 Nov 20 08:50 ruben@maher.fyi.svbin

.svbin is the compiled script. I've set the permissions to 770 so that the virtual users can get access to this dir through their group.

I've moved the sieve key into the a plugin section after seeing this message:

Nov 20 08:44:36 maher.fyi dovecot[11682]: doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:94: sieve has been moved into plugin {} section
Nov 20 08:44:36 maher.fyi dovecot[11682]: config: Warning: NOTE: You can get a new clean config file with: doveconf -n > dovecot-new.conf

@r-raymond Thanks for helping me to keep it simple!

r-raymond commented 6 years ago

I have to thank you for being so patient with my nagging :)

eqyiel commented 6 years ago

Thanks for taking the initiative to organise this repo!

On 20 November 2017 4:42:32 pm ACDT, Robin Raymond notifications@github.com wrote:

I have to thank you for being so patient with my nagging :)

-- You are receiving this because you authored the thread. Reply to this email directly or view it on GitHub: https://github.com/r-raymond/nixos-mailserver/pull/37#issuecomment-345600939

r-raymond / nixos-mailserver

Per user sieve scripts #37