centos:mail_c7:dovecot_3

Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen angezeigt.

Link zu dieser Vergleichsansicht

Beide Seiten der vorigen Revision Vorhergehende Überarbeitung
Nächste Überarbeitung		 Vorhergehende Überarbeitung
centos:mail_c7:dovecot_3 [21.07.2014 21:01. ] – [10-logging.conf] djangocentos:mail_c7:dovecot_3 [18.11.2024 07:08. ] (aktuell) – Externe Bearbeitung 127.0.0.1
Zeile 1: Zeile 1:
-====== Logging und Fehlersuche ====== +====== Dovecot, Nachrichten auf dem Server mit SIEVE filtern ====== 
-Dovecot unterstützt uns bei der Fehlersuche mit aussagekräftigen Einträgen im Maillog unseres ServersZum Feinjustieren und individuellen Loggingverhalten bietet uns Dovecot mehrere Optionen.+{{:centos:mail_c7:dovecot-pigeonhole-logo.png?nolink&182 |BILD: Dovecot Pigeonhole Logo}}  
 +Zur Filtern von E-Mails auf IMAP-Servern wurde die Programmiersprache **SIEVE** konzipiert - die genaue Spezifikationen erfolgten hierzu im RFC 5228 und vielen Erweiterungen/Ergänzungen in weiteren **RFC**sDas Hauptaugenmerk von **SIEVE** liegt auf Einfachheit, Erweiterbarkeit, sowie auf Unabhängigkeit von der verwendeten Zugriffsart und Architektur wie auch dem verwendeten Betriebssystem. Sieve wurde spezifiziert, um den Usern die Möglichkeit zu bieten, bereits serverseitig auf einfache Art und Weise eigene Regeln zur Filterung von E-Mails zu definieren. Sieve-Scripte werden bereits während der Zustellung der eMail am IMAP-Server ausgeführt.
  
-===== dovecot.conf ===== +Weitere Hintergrundinformationen finden man unter anderem in dem [[http://de.wikipedia.org/wiki/Sieve|Wikipedia-Artikel zu SIEVE]]
-Rufen wir die Prozessliste auf, sehen wir je nach Auslastung unseres Servers einen oder mehrere Dovecot-Prozesse.  +\\ 
-   USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND +Die Unterstützung und Implementierung von **SIEVE** erfolgt über das Projekt **managesieve** von //Stefan Bosch//Detaillierte Informationen zum Protokoll **Managesieve** sowie zum RFC 5228 und den zahlreichen Erweiterungen RFCs findet man auf der [[http://pigeonhole.dovecot.org/|Projektseite]] von Stefan Bosch.
-   dovecot  19666  0.0  0.0  19204  2072 ?        S    18:40   0:00 dovecot/imap+
  
-Zieht jetzt ein Client mehr Ressourcen, als wir diesem zugestehen wollen, können wir so leider nicht ohne weiteres herausfindenwer das ist.+===== Installation ===== 
 +Am Einfachsten bedienen wir uns zur Installation des Paketes **dovecot-pigeonhole** eines aktuell gepflegten Dovecot-Repositorieswie z.B. dem Repository **[[http://repo.nausch.org/7/|repo.nausch.org]]**. Das dort enthaltene Paket wurde für den aktuellen Dovecot-release **//2.2.13//**((Stand Juli 2014)) gebaut.
  
-Über den Konfigurationsparameter **verbose_proctitle** können wir definieren, dass uns neben den üblichen +Die Installation des Paketes geht Dank des Repositories **[[http://repo.nausch.org/7/|repo.nausch.org]]** leicht von statten, benötigen wir hierzu lediglich den Befehl **yum**. 
-ps-Werten zusätzlich noch der Login-Name, die Client-IP-Adresse und auch noch der ausgeführte IMAP-Befehl angezeigt wird. +   # yum install dovecot-pigeonhole -y
-   USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND +
-   dovecot  19907 66.6  0.0  18860  1684 ?        S    18:45   0:00 dovecot/imap [django@mailserver.guru 10.0.0.20+
-   dovecot  19971  0.0  0.0  19204  2088 ?        S    18:46   0:00 dovecot/imap [django@nausch.org 109.43.1.83 IDLE]+
  
-Zum Aktivieren dieser Option tragen wir nun einfach ein **verbose_proctitle=yes** in der Konfigurationsdatei //**/etc/dovecot/dovecot.conf**// ein.+Was uns das Paket dovecot alles mit ins System bringt, zeigt uns der Befehl **rpm** mit der Option //**-qil**//
 +   # rpm -qil dovecot-pigeonhole 
 +<code>Name        : dovecot-pigeonhole 
 +Epoch       : 1 
 +Version     : 2.2.13 
 +Release     : 2.el7.centos 
 +Architecture: x86_64 
 +Install Date: Mon 04 Aug 2014 11:01:38 PM CEST 
 +Group       : System Environment/Daemons 
 +Size        : 1133200 
 +License     : MIT and LGPLv2 
 +Signature   : RSA/SHA1, Fri 01 Aug 2014 08:55:53 PM CEST, Key ID 60ecfb9e8195aea0 
 +Source RPM  : dovecot-2.2.13-2.el7.centos.src.rpm 
 +Build Date  : Fri 01 Aug 2014 08:52:54 PM CEST 
 +Build Host  : vml000200.dmz.nausch.org 
 +Relocations : (not relocatable) 
 +Packager    : Django <django@nausch.org> 
 +Vendor      : django 
 +URL         : http://www.dovecot.org/ 
 +Summary     : Sieve and managesieve plug-in for dovecot 
 +Description : 
 +This package provides sieve and managesieve plug-in for dovecot LDA. 
 +/etc/dovecot/conf.d/20-managesieve.conf 
 +/etc/dovecot/conf.d/90-sieve-extprograms.conf 
 +/etc/dovecot/conf.d/90-sieve.conf 
 +/usr/bin/sieve-dump 
 +/usr/bin/sieve-filter 
 +/usr/bin/sieve-test 
 +/usr/bin/sievec 
 +/usr/lib64/dovecot/lib90_sieve_plugin.so 
 +/usr/lib64/dovecot/settings/libmanagesieve_login_settings.so 
 +/usr/lib64/dovecot/settings/libmanagesieve_settings.so 
 +/usr/lib64/dovecot/sieve 
 +/usr/lib64/dovecot/sieve/lib90_sieve_extprograms_plugin.so 
 +/usr/libexec/dovecot/managesieve 
 +/usr/libexec/dovecot/managesieve-login 
 +/usr/share/doc/dovecot-2.2-pigeonhole-0.4.2 
 +/usr/share/doc/dovecot-2.2-pigeonhole-0.4.2/AUTHORS 
 +/usr/share/doc/dovecot-2.2-pigeonhole-0.4.2/COPYING 
 +/usr/share/doc/dovecot-2.2-pigeonhole-0.4.2/COPYING.LGPL 
 +/usr/share/doc/dovecot-2.2-pigeonhole-0.4.2/ChangeLog 
 +/usr/share/doc/dovecot-2.2-pigeonhole-0.4.2/INSTALL 
 +/usr/share/doc/dovecot-2.2-pigeonhole-0.4.2/NEWS 
 +/usr/share/doc/dovecot-2.2-pigeonhole-0.4.2/README 
 +/usr/share/doc/dovecot-2.2-pigeonhole-0.4.2/example-config 
 +/usr/share/doc/dovecot-2.2-pigeonhole-0.4.2/example-config/conf.d 
 +/usr/share/doc/dovecot-2.2-pigeonhole-0.4.2/example-config/conf.d/20-managesieve.conf 
 +/usr/share/doc/dovecot-2.2-pigeonhole-0.4.2/example-config/conf.d/90-sieve-extprograms.conf 
 +/usr/share/doc/dovecot-2.2-pigeonhole-0.4.2/example-config/conf.d/90-sieve.conf 
 +/usr/share/doc/dovecot-2.2-pigeonhole-0.4.2/sieve 
 +/usr/share/doc/dovecot-2.2-pigeonhole-0.4.2/sieve/script-location-dict.txt 
 +/usr/share/man/man1/sieve-dump.1.gz 
 +/usr/share/man/man1/sieve-filter.1.gz 
 +/usr/share/man/man1/sieve-test.1.gz 
 +/usr/share/man/man1/sievec.1.gz 
 +/usr/share/man/man1/sieved.1.gz 
 +/usr/share/man/man7/pigeonhole.7.gz 
 +</code> 
 + 
 +===== Konfiguration ===== 
 +Die Konfiguration vom Managesieve-Plugin **dovecot-pigeonhole** erfolgt über die drei Konfigurationsdateien //**20-managesieve.conf**//, //**90-sieve-extprograms.conf**// und //**90-sieve.conf**// im Verzeichnis //**/etc/dovecot/conf.d/**// 
 + 
 + 
 +==== 20-managesieve.conf ==== 
 +Auf welchem Port und welcher Adresse unser Managesieve-Logindaemon horchen soll wird in der datei //**/etc/dovecot/conf.d/20-managesieve.conf**// festgelegt. Da wir ausschließlich den aktuellen Port **4190** beschränken, geben wir den Port **2000** explizit **__nicht__** an. 
 +   # vim /etc/dovecot/conf.d/20-managesieve.conf 
 +<file bash /etc/dovecot/conf.d/20-managesieve.conf>## 
 +## ManageSieve specific settings 
 +## 
 + 
 +# Uncomment to enable managesieve protocol: 
 +#protocols $protocols sieve 
 + 
 +# Service definitions 
 + 
 +# Django : 2014-08-04 
 +# default: unset 
 +service managesieve-login { 
 +  inet_listener sieve { 
 +  address = 10.0.0.70  
 +  port = 4190 
 +  } 
 + 
 +  #inet_listener sieve_deprecated { 
 +  #  port = 2000 
 +  #} 
 + 
 +  # Number of connections to handle before starting a new process. Typically 
 +  # the only useful values are 0 (unlimited) or 1. 1 is more secure, but 0 
 +  # is faster. <doc/wiki/LoginProcess.txt> 
 +  #service_count = 1 
 + 
 +  # Number of processes to always keep waiting for more connections. 
 +  #process_min_avail = 0 
 + 
 +  # If you set service_count=0, you probably need to grow this. 
 +  #vsz_limit = 64M 
 +
 + 
 +#service managesieve { 
 +  # Max. number of ManageSieve processes (connections) 
 +  #process_limit = 1024 
 +#} 
 + 
 +# Service configuration 
 + 
 +protocol sieve { 
 +  # Maximum ManageSieve command line length in bytes. ManageSieve usually does 
 +  # not involve overly long command lines, so this setting will not normally 
 +  # need adjustment 
 +  #managesieve_max_line_length = 65536 
 + 
 +  # Maximum number of ManageSieve connections allowed for a user from each IP 
 +  # address. 
 +  # NOTE: The username is compared case-sensitively. 
 +  #mail_max_userip_connections = 10 
 + 
 +  # Space separated list of plugins to load (none known to be useful so far). 
 +  # Do NOT try to load IMAP plugins here. 
 +  #mail_plugins = 
 + 
 +  # MANAGESIEVE logout format string: 
 +  #  %i - total number of bytes read from client 
 +  #  %o - total number of bytes sent to client 
 +  #managesieve_logout_format = bytes=%i/%o 
 + 
 +  # To fool ManageSieve clients that are focused on CMU's timesieved you can 
 +  # specify the IMPLEMENTATION capability that Dovecot reports to clients. 
 +  # For example: 'Cyrus timsieved v2.2.13' 
 +  #managesieve_implementation_string = Dovecot Pigeonhole 
 + 
 +  # Explicitly specify the SIEVE and NOTIFY capability reported by the server 
 +  # before login. If left unassigned these will be reported dynamically 
 +  # according to what the Sieve interpreter supports by default (after login 
 +  # this may differ depending on the user). 
 +  #managesieve_sieve_capability = 
 +  #managesieve_notify_capability = 
 + 
 +  # The maximum number of compile errors that are returned to the client upon 
 +  # script upload or script verification. 
 +  #managesieve_max_compile_errors = 5 
 + 
 +  # Refer to 90-sieve.conf for script quota configuration and configuration of 
 +  # Sieve execution limits. 
 +
 +</file> 
 + 
 +==== 90-sieve-extprograms.conf ==== 
 +Mit Hilfe der Datei //**/etc/dovecot/conf.d/90-sieve-extprograms.conf**// könnte man noch externe Programme einbinden. Da wir aber darauf verzichten, brauchen wir keinerlei Änderungen vornehmen. 
 +   # cat /etc/dovecot/conf.d/90-sieve-extprograms.conf 
 +<file bash /etc/dovecot/conf.d/90-sieve-extprograms.conf># Sieve Extprograms plugin configuration 
 + 
 +# Don't forget to add the sieve_extprograms plugin to the sieve_plugins setting. 
 +# Also enable the extensions you need (one or more of vnd.dovecot.pipe, 
 +# vnd.dovecot.filter and vnd.dovecot.execute) by adding these   to the 
 +# sieve_extensions or sieve_global_extensions settings. Restricting these 
 +# extensions to a global context using sieve_global_extensions is recommended. 
 + 
 +plugin { 
 + 
 +  # The directory where the program sockets are located for the 
 +  # vnd.dovecot.pipe, vnd.dovecot.filter and vnd.dovecot.execute extension 
 +  # respectively. The name of each unix socket contained in that directory 
 +  # directly maps to a program-name referenced from the Sieve script. 
 +  #sieve_pipe_socket_dir = sieve-pipe 
 +  #sieve_filter_socket_dir = sieve-filter 
 +  #sieve_execute_socket_dir = sieve-execute 
 + 
 +  # The directory where the scripts are located for direct execution by the 
 +  # vnd.dovecot.pipe, vnd.dovecot.filter and vnd.dovecot.execute extension 
 +  # respectively. The name of each script contained in that directory 
 +  # directly maps to a program-name referenced from the Sieve script. 
 +  #sieve_pipe_bin_dir = /usr/lib/dovecot/sieve-pipe 
 +  #sieve_filter_bin_dir = /usr/lib/dovecot/sieve-filter 
 +  #sieve_execute_bin_dir = /usr/lib/dovecot/sieve-execute 
 +
 + 
 +# An example program service called 'do-something' to pipe messages to 
 +#service do-something { 
 +  # Define the executed script as parameter to the sieve service 
 +  #executable = script /usr/lib/dovecot/sieve-pipe/do-something.sh 
 + 
 +  # Use some unprivileged user for executing the program 
 +  #user = dovenull 
 + 
 +  # The unix socket located in the sieve_pipe_socket_dir (as defined in the  
 +  # plugin {} section above) 
 +  #unix_listener sieve-pipe/do-something { 
 +    # LDA/LMTP must have access 
 +  #  user = vmail   
 +  #  mode = 0600 
 +  #} 
 +#} 
 +</file> 
 + 
 +==== 90-sieve.conf ==== 
 +Die Einstellungen des Sieve-Plugins erfolgen mit Hilfe der Datei //**/etc/dovecot/conf.d/90-sieve.conf**//. Die Standard-Werte dort braucht man in aller Regel nicht abändern, somit begnügen wir uns mit der Ansicht der Datei. 
 +   # less /etc/dovecot/conf.d/90-sieve.conf 
 + 
 +<file bash /etc/dovecot/conf.d/90-sieve.conf>## 
 +## Settings for the Sieve interpreter 
 +## 
 + 
 +# Do not forget to enable the Sieve plugin in 15-lda.conf and 20-lmtp.conf 
 +# by adding it to the respective mail_plugins= settings. 
 + 
 +plugin { 
 +  # The path to the user's main active script. If ManageSieve is used, this the 
 +  # location of the symbolic link controlled by ManageSieve. 
 +  sieve = ~/.dovecot.sieve 
 + 
 +  # The default Sieve script when the user has none. This is a path to a global 
 +  # sieve script file, which gets executed ONLY if user's private Sieve script 
 +  # doesn't exist. Be sure to pre-compile this script manually using the sievec 
 +  # command line tool. 
 +  # --> See sieve_before fore executing scripts before the user's personal 
 +  #     script. 
 +  #sieve_default = /var/lib/dovecot/sieve/default.sieve 
 + 
 +  # Directory for :personal include scripts for the include extension. This 
 +  # is also where the ManageSieve service stores the user's scripts. 
 +  sieve_dir = ~/sieve 
 + 
 +  # Directory for :global include scripts for the include extension. 
 +  #sieve_global_dir = 
 + 
 +  # Path to a script file or a directory containing script files that need to be 
 +  # executed before the user's script. If the path points to a directory, all 
 +  # the Sieve scripts contained therein (with the proper .sieve extension) are 
 +  # executed. The order of execution within a directory is determined by the 
 +  # file names, using a normal 8bit per-character comparison. Multiple script 
 +  # file or directory paths can be specified by appending an increasing number. 
 +  #sieve_before = 
 +  #sieve_before2 = 
 +  #sieve_before3 = (etc...) 
 + 
 +  # Identical to sieve_before, only the specified scripts are executed after the 
 +  # user's script (only when keep is still in effect!). Multiple script file or 
 +  # directory paths can be specified by appending an increasing number. 
 +  #sieve_after = 
 +  #sieve_after2 = 
 +  #sieve_after2 = (etc...) 
 + 
 +  # Which Sieve language extensions are available to users. By default, all 
 +  # supported extensions are available, except for deprecated extensions or 
 +  # those that are still under development. Some system administrators may want 
 +  # to disable certain Sieve extensions or enable those that are not available 
 +  # by default. This setting can use '+' and '-' to specify differences relative 
 +  # to the default. For example `sieve_extensions = +imapflags' will enable the 
 +        # deprecated imapflags extension in addition to all extensions were already 
 +  # enabled by default. 
 +  #sieve_extensions = +notify +imapflags 
 + 
 +  # Which Sieve language extensions are ONLY available in global scripts. This 
 +  # can be used to restrict the use of certain Sieve extensions to administrator 
 +  # control, for instance when these extensions can cause security concerns. 
 +  # This setting has higher precedence than the `sieve_extensions' setting 
 +  # (above), meaning that the extensions enabled with this setting are never 
 +  # available to the user's personal script no matter what is specified for the 
 +  # `sieve_extensions' setting. The syntax of this setting is similar to the 
 +  # `sieve_extensions' setting, with the difference that extensions are 
 +  # enabled or disabled for exclusive use in global scripts. Currently, no 
 +  # extensions are marked as such by default. 
 +  #sieve_global_extensions = 
 + 
 +  # The Pigeonhole Sieve interpreter can have plugins of its own. Using this 
 +  # setting, the used plugins can be specified. Check the Dovecot wiki 
 +  # (wiki2.dovecot.org) or the pigeonhole website 
 +  # (http://pigeonhole.dovecot.org) for available plugins. 
 +        # The sieve_extprograms plugin is included in this release. 
 +  #sieve_plugins = 
 + 
 +  # The separator that is expected between the :user and :detail 
 +  # address parts introduced by the subaddress extension. This may 
 +  # also be a sequence of characters (e.g. '--'). The current 
 +  # implementation looks for the separator from the left of the 
 +  # localpart and uses the first one encountered. The :user part is 
 +  # left of the separator and the :detail part is right. This setting 
 +  # is also used by Dovecot's LMTP service. 
 +  #recipient_delimiter = + 
 + 
 +  # The maximum size of a Sieve script. The compiler will refuse to compile any 
 +  # script larger than this limit. If set to 0, no limit on the script size is 
 +  # enforced. 
 +  #sieve_max_script_size = 1M 
 + 
 +  # The maximum number of actions that can be performed during a single script 
 +  # execution. If set to 0, no limit on the total number of actions is enforced. 
 +  #sieve_max_actions = 32 
 + 
 +  # The maximum number of redirect actions that can be performed during a single 
 +  # script execution. If set to 0, no redirect actions are allowed. 
 +  #sieve_max_redirects = 4 
 + 
 +  # The maximum number of personal Sieve scripts a single user can have. If set 
 +  # to 0, no limit on the number of scripts is enforced. 
 +  # (Currently only relevant for ManageSieve) 
 +  #sieve_quota_max_scripts = 0 
 + 
 +  # The maximum amount of disk storage a single user's scripts may occupy. If 
 +  # set to 0, no limit on the used amount of disk storage is enforced. 
 +  # (Currently only relevant for ManageSieve) 
 +  #sieve_quota_max_storage = 0 
 +
 +</file> 
 + 
 +==== dovecot.conf ==== 
 +Zu guter letzt fügen wir noch das Protokoll oder exakter formuliert die Script-Sprache **sieve** zu den Protokollen hinzu, die unser Dovecot-Server zur Verfügung stellen soll. Per Default bietet unser Dovecot-Server bisher folgende Protokolle an: 
 +   # doveconf protocols 
 + 
 +   protocols = imap pop3 lmtp 
 + 
 +Die Erweiterung um **sieve** erfolgt in der Konfigurationsdatei //**/etc/dovecot/dovecot.conf**//.
    # vim /etc/dovecot/dovecot.conf    # vim /etc/dovecot/dovecot.conf
-<file bash /etc/dovecot/dovecot.conf>## Dovecot configuration file                                                                                                                                                     +<file bash /etc/dovecot/dovecot.conf>## Dovecot configuration file 
-                                                                                                                                                                                  + 
-# If you're in a hurry, see http://wiki2.dovecot.org/QuickConfiguration                                                                                                          +# If you're in a hurry, see http://wiki2.dovecot.org/QuickConfiguration
  
 # "doveconf -n" command gives a clean output of the changed settings. Use it # "doveconf -n" command gives a clean output of the changed settings. Use it
Zeile 40: Zeile 350:
  
 # Protocols we want to be serving. # Protocols we want to be serving.
-#protocols = imap pop3 lmtp+# Django : 2014-08-04 
 +# Erweiterung um die Scriptsprache/Protokoll sieve 
 +# default: #protocols = imap pop3 lmtp 
 +protocols = imap pop3 lmtp sieve
  
 # A comma separated list of IPs or hosts where to listen in for connections.  # A comma separated list of IPs or hosts where to listen in for connections. 
Zeile 46: Zeile 359:
 # If you want to specify non-default ports or anything more complex, # If you want to specify non-default ports or anything more complex,
 # edit conf.d/master.conf. # edit conf.d/master.conf.
-#listen = *, ::+# Django : 2014-08-04 
 +# IPv6-Adressen deaktivieren, Server lauscht nur auf einem Netzwerkinterface 
 +# bzw. einer IPv4-Addresse 
 +# default: #listen = *, :: 
 +# listen = 10.0.0.70
  
 # Base directory where to store runtime data. # Base directory where to store runtime data.
Zeile 125: Zeile 442:
 </file> </file>
  
-Zum Aktivieren unserer Änderungen führen wir einen Reload unseres Daemon durch+==== 20-lmtp.conf ==== 
-   # systemctl reload dovecot.service+Da die definierten SIEVE-Regeln bei der Zustellung der Nachrichten ihre Arbeit verrichten, müssen wir bei den Konfigurationsparametern von **LMTP** das Plugin **sieve** mit aufnehmen
 +   # vim /etc/dovecot/conf.d/20-lmtp.conf 
 +<file bash /etc/dovecot/conf.d/20-lmtp.conf>## 
 +## LMTP specific settings 
 +##
  
-Im Maillog unseres Servers wird dieser Reload entsprechend vermerkt+# Support proxying to other LMTP/SMTP servers by performing passdb lookups
-   Jul 21 19:53:45 vml000070 dovecot: master: Warning: SIGHUP received - reloading configuration+#lmtp_proxy = no
  
-===== 10-logging.conf =====+# When recipient address includes the detail (e.g. user+detail), try to save 
 +# the mail to the detail mailbox. See also recipient_delimiter and 
 +# lda_mailbox_autocreate settings. 
 +#lmtp_save_to_detail_mailbox no
  
 +# Verify quota before replying to RCPT TO. This adds a small overhead.
 +#lmtp_rcpt_check_quota = no
  
 +protocol lmtp {
 +  # Space separated list of plugins to load (default is global mail_plugins).
 +  # Django : 2014-08-04
 +  # default:   #mail_plugins = $mail_plugins
 +  mail_plugins = $mail_plugins sieve
 +}
 +</file>
  
-   # /etc/dovecot/conf.d/10-logging.conf +===== Horde-Framework's Ingo ===== 
-<file bash /etc/dovecot/conf.d/10-logging.conf>## +Die notwendigen Konfigurationseinstellungen bei der Applikation **[[http://www.horde.org/apps/ingo|ingo]]** ist auf folgenden [[centos:mail_c6:horde_8#konfiguration_des_backend-_imap-server|Seite]] ausführlich beschrieben
-## Log destination. +===== Paketfilter Firewall ===== 
-##+Damit unsere Kunden mit Ihren Mailclients Verbindungen zum geöffneten Ports **4190** unseres Dovecot-Server aufbauen können, müssen wir für diese noch Änderungen am Paketfilter **firewalld** vornehmen
 +   firewall-cmd --permanent --zone=public --add-port=4190/tcp
  
-# Log file to use for error messages. "syslog" logs to syslog, +   success
-# /dev/stderr logs to stderr. +
-#log_path = syslog+
  
-# Log file to use for informational messages. Defaults to log_path. +Anschließend können wir den Firewall-Daemon einmal durchstarten und anschließend überprüfen, ob die Regeln auch entsprechend unserer Definition, gezogen haben.  
-#info_log_path =  +   firewall-cmd --reload
-# Log file to use for debug messages. Defaults to info_log_path+
-#debug_log_path = +
  
-# Syslog facility to use if you're logging to syslog. Usually if you don'+   success
-# want to use "mail", you'll use local0..local7. Also other standard +
-# facilities are supported. +
-#syslog_facility = mail+
  
-## +Abschließend prüfen wir noch, ob die Erweiterung unseres Paketfilter aktiv ist.  
-## Logging verbosity and debugging+   iptables -nvL IN_public_allow 
-##+<code>Chain IN_public_allow (1 references) 
 + pkts bytes target     prot opt in     out     source               destination          
 +    0     0 ACCEPT     tcp  --  *      *       10.0.0.80            10.0.0.70            tcp dpt:24 ctstate NEW 
 +        0 ACCEPT     tcp  --  *      *       0.0.0.0/           0.0.0.0/           tcp dpt:22 ctstate NEW 
 +    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/           0.0.0.0/           tcp dpt:110 ctstate NEW 
 +    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/           0.0.0.0/           tcp dpt:143 ctstate NEW 
 +    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/           0.0.0.0/           tcp dpt:995 ctstate NEW 
 +    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/           0.0.0.0/           tcp dpt:4190 ctstate NEW 
 +    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/           0.0.0.0/           tcp dpt:993 ctstate NEW 
 +</code>
  
-# Log unsuccessful authentication attempts and the reasons why they failed. +===== Aktivierung ==== 
-#auth_verbose no +Zum Aktivieren unserer Änderungen starten wir den Daemon nun einmal durch
-# Django : 2014-07-21 +   systemctl restart dovecot
-# Detaillierte Loginformationen zum positiven Authentifizierungsprozess  +
-# bzwim Fehlerfall mit Details zu den Fehlern +
-default: auth_verbose = no +
-auth_verbose = no+
  
-# In case of password mismatches, log the attempted passwordValid values are +Im Maillog wurde der Restart entsprechend dokumentiert
-no, plain and sha1. sha1 can be useful for detecting brute force password +   tail -n4 /var/log/maillog 
-# attempts vs. user simply trying the same password over and over again. +<code>Aug  4 23:41:47 vml000070 dovecot: anvil: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) 
-# You can also truncate the value to n chars by appending ":n" (e.gsha1:6). +Aug  4 23:41:47 vml000070 dovecot: log: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) 
-#auth_verbose_passwords = no+Aug  4 23:41:47 vml000070 dovecot: master: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) 
 +Aug  4 23:41:47 vml000070 dovecot: master: Dovecot v2.2.13 starting up for imap, pop3, lmtp, sieve (core dumps disabled
 +</code>
  
-# Even more verbose logging for debugging purposesShows for example SQL +Fragen wir den Serverstatus ab, finden wir nun auch den Dienst **sieve** bei den Protokollen
-queries+   systemctl status dovecot 
-#auth_debug = no +<code>dovecot.service - Dovecot IMAP/POP3 email server 
-# Django : 2014-07-21 +   Loaded: loaded (/usr/lib/systemd/system/dovecot.service; disabled) 
-# Detaillierte Debug-Loginformationen zum Authentifizierungsprozess inkl+   Activeactive (running) since Mon 2014-08-04 23:41:47 CEST; 2min 42s ago 
-# der SQL-Abfragen und deren Ergebnisse ins Logfile schreiben+  Process: 4156 ExecStartPre=/usr/libexec/dovecot/prestartscript (code=exited, status=0/SUCCESS) 
 + Main PID: 4161 (dovecot) 
 +   CGroup: /system.slice/dovecot.service 
 +           ├─4161 /usr/sbin/dovecot -
 +           ├─4165 dovecot/anvil [0 connections] 
 +           ├─4166 dovecot/log 
 +           └─4168 dovecot/config
  
-# In case of password mismatches, log the passwords and used scheme so the +Aug 04 23:41:47 vml000070.dmz.nausch.org systemd[1]: Started Dovecot IMAP/POP3 email server
-# problem can be debuggedEnabling this also enables auth_debug+Aug 04 23:41:47 vml000070.dmz.nausch.org dovecot[4161]: master: Dovecot v2.2.13 starting up for imap, pop3, lmtp, sieve (core dumps disabled) 
-#auth_debug_passwords = no +</code>
-# Django 2014-07-21 +
-# Passwort zum Debuggen mitloggen? +
  
-# Enable mail process debugging. This can help you figure out why Dovecot +Fragen wir mit **netstat** die geöffneten Ports ab, sehen wir auch dort, dass unser Dovecot-Server nun auch auf Port **4190** bei der IP-Adresse **10.0.0.70** lauscht
-# isn't finding your mails+   netstat -tulpen | grep dovecot
-#mail_debug = no +
-# Django : 2014-07-21 +
-# Detailierte Loginformationen zur Verarbeitung der eMails durch Dovecot.+
  
-# Show protocol level SSL errors+   tcp        0      0 10.0.0.70:4190          0.0.0.0:              LISTEN      0          44593      4161/dovecot         
-#verbose_ssl = no +   tcp        0      0 10.0.0.70:993           0.0.0.0:              LISTEN      0          44656      4161/dovecot         
-# Django 2014-07-21 +   tcp        0      0 10.0.0.70:995           0.0.0.0:              LISTEN      0          44619      4161/dovecot         
-# SSL-Debugmode aktivieren+   tcp        0      0 10.0.0.70:110           0.0.0.0:              LISTEN      0          44618      4161/dovecot         
 +   tcp        0      0 10.0.0.70:143           0.0.0.0:              LISTEN      0          44655      4161/dovecot         
 +   tcp        0      0 10.0.0.70:24            0.0.0.0:              LISTEN      0          44628      4161/dovecot
  
-# mail_log plugin provides more event logging for mail processes. +===== Test ===== 
-plugin { +Unser ersten Funktionstest werden wir nun mit **SIEVE** via LMTP durchführen. Bei diesem folgenden Test nutzen wir die Authentifikations-Methode **PLAIN**. Die Anmeldedaten müssen dabei zum einen Base64 codiert werden und das Format **"\0<username>\0<password"** (mit **\0** als ASCII **NULL** Zeichen).  
-  # Events to log. Also available: flag_change append +   AUTHENTICATE "PLAIN" "<BASE64 codierte Anmeldedaten>"
-  #mail_log_events delete undelete expunge copy mailbox_delete mailbox_rename +
-  # Available fields: uid, box, msgid, from, subject, size, vsize, flags +
-  # size and vsize are available only for expunge and copy events+
-  #mail_log_fields = uid box msgid size +
-}+
  
-## +Zum Erstellen dieses Anmeldestrings nutzen wir einfach das script **sieve-auth-command.pl** von //Stephan Bosch//. 
-## Log formatting+   vim /usr/local/bin/sieve-auth-command.pl 
-##+<file perl /usr/local/bin/sieve-auth-command.pl>#!/usr/bin/perl 
 +# 
 +sieve-auth-command.pl 
 +--------------------- 
 +
 +# Generates ManageSieve AUTHENTICATE command for manually testing the protocol  
 +# using telnet or gnutls-cli (TLS) 
 +
 +# Usage: 
 +#   sieve-auth-command.pl <username> <password> 
 +
 +# Prints the AUTHENTICATE "PLAIN" "<encoded>" command on standard out.  
 +
 +# -- 
 +# Stephan Bosch, stephan@rename-it.nl 
 +#
  
-# Prefix for each line written to log file. % codes are in strftime(3) +use MIME::Base64;
-# format. +
-#log_timestamp = "%b %d %H:%M:%S " +
-# Django : 2014-07-21 +
-# default: unset +
-log_timestamp  = "%Y-%m-%d %H:%M:%S "+
  
-# Space-separated list of elements we want to log. The elements which have +use strict;
-# a non-empty variable value are joined together to form a comma-separated +
-# string. +
-#login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c +
-# Django : 2014-07-21 +
-# default: unset +
-# Folgende Parameter wurden aktiviert: +
-# %u         : User/Login-Namen  +
-# %m         : Authentication-Pethode +
-# %r         : Remote IP Adress +
-# %e         : Mail-Process-ID (imap/pop3) der post-login Verbindung +
-# %c         : "secured" String "SSL", "TLS"  +
-# %k         : SSL Protokoll und Cipher-Information   +
-# %{session} : Session-ID der Client-Verbindung +
-login_log_format_elements = user=<%u> method=%m rip=%r mpid=%e %c %k session=<%{session}>+
  
-# Login log format. %s contains login_log_format_elements string, %contains +my $username = shift; 
-# the data we want to log. +my $password shift;
-#login_log_format = %$: %s +
-  +
-# Log prefix for mail processes. See doc/wiki/Variables.txt for list of +
-# possible variables you can use. +
-#mail_log_prefix "%s(%u): "+
  
-# Format to use for logging mail deliveriesYou can use variables: +my $userpass = "\x00".$username."\x00".$password.""
-#  %- Delivery status message (e.g. "saved to INBOX") +my $encode=encode_base64($userpass); 
-#  %m - Message-ID + 
-#  %- Subject +$encode =~ s/^\s+//; 
-#  %f - From address +$encode =~ s/\s+$//; 
-#  %p - Physical size + 
-#  %w - Virtual size +print "AUTHENTICATE \"PLAIN\" \"$encode\"\r\n";
-#deliver_log_format = msgid=%m: %$+
 </file> </file>
  
-Die benutzen Variablen in der Konfigurationsdatei //**/etc/dovecot/conf.d/10-logging.conf**// sind im [[http://wiki2.dovecot.org/Variables|Dovecot Wiki]] ausführlich beschrieben.+Um das Script einfach ausführen zu können versehen wir nun noch die Datei-Rechte mit  einem **x**. 
 +   # chmod +x /usr/local/bin/sieve-auth-command.pl 
 + 
 +Für unseren User **django@nausch.org** mit dem Passwort **Dj4n90_d3r_G33k!** erstellen wir nun unseren Anmeldestring. 
 +   $ sieve-auth-command.pl django@nausch.org Dj4n90_d3r_G33k! 
 + 
 +   AUTHENTICATE "PLAIN" "AGRqYW5nb0BuYXVzY2gub3JnAERqNG45MF9kM3JfRzMzayE=" 
 + 
 +Diesen Anmeldestring verwenden wir nun bei unserem ersten Test. Bei diesem SIEVE-Test via **telnet** sind die Eingaben am testenden Client in der Farbe <html><font style="color: rgb(0, 0, 255)">blau</font></html> und die Rückmeldungen unseres Dovecot-Servers in der Farbe <html><font style="color: rgb(0, 255, 0)">grün</font></html> gekennzeichnet. Die Ausgaben des Befehls **telnet** sind in der Farbe <html><font style="color: rgb(0, 0, 0)">schwarz</font></html> eingefärbt. 
 + 
 +Als erstes bauen wir eine Verbindung zu unserem Dovecot-Server zum **ManageSieve-Port** **4190** auf und melden uns mit unserem zuvor generierten Anmeldestring am Server an. 
 + 
 +<html><pre class="code"> 
 +<font style="color: rgb(0, 0, 255)">$ telnet 10.0.0.70 4190</font> 
 +<font style="color: rgb(0, 0, 0)">Trying 10.0.0.70... 
 +Connected to 10.0.0.70. 
 +Escape character is '^]'.</font> 
 +<font style="color: rgb(0, 255, 0)">&nbsp;"IMPLEMENTATION" "Dovecot Pigeonhole" 
 +&nbsp;"SIEVE" "fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave" 
 +&nbsp;"NOTIFY" "mailto" 
 +&nbsp;"SASL" "PLAIN LOGIN DIGEST-MD5 CRAM-MD5" 
 +&nbsp;"STARTTLS" 
 +&nbsp;"VERSION" "1.0" 
 +&nbsp;OK "Dovecot ready."</font> 
 +<font style="color: rgb(0, 0, 255)">AUTHENTICATE "PLAIN" "AGRqYW5nb0BuYXVzY2gub3JnAERqNG45MF9kM3JfRzMzayE="</font> 
 +<font style="color: rgb(0, 255, 0)">&nbsp;OK "Logged in."</font> 
 +</pre></html> 
 + 
 +Als erste Aktion fragen wir ab, welche SIEVE-Scruipte auf dem Server vorhanden sind. Da bis dato noch keine Scripte hinterlegt wurden, sit die Antwort des Servers natürlich etwas spartanisch, nämlich leer. 
 + 
 +<html><pre class="code"> 
 +<font style="color: rgb(0, 0, 255)">LISTSCRIPTS</font> 
 +<font style="color: rgb(0, 255, 0)">&nbsp;OK "Listscripts completed."</font> 
 +</pre></html> 
 + 
 +Nun wollen wir unser erstes SIEVE Script anlegen. Mit Hilfe dieses Scriptes werden alle Nachrichten sofort gelöscht, sobald diese im Betreff das Wörtchen **p0rn** enthält und der Postfix-MTA die Nachricht via **LMTP** an unseren Backend-server Dovecot übergibt. Das entsprechende Script könnte nun wie folgt aussehen. 
 + 
 +<code>if header :comparator "i;ascii-casemap" :contains "Subject" "p0rn" 
 +    discard; 
 +    stop; 
 +
 +</code> 
 + 
 +Das script hat insgesamt 96-Zeichen (gefolgt von einem abschließendem **CR**). Zusammen ergibt das also 97 Zeichen. Mit dem Befehl **PUTSCRIPT** laden wir nun dieses script zum Server hoch. 
 + 
 +<html><pre class="code"> 
 +<font style="color: rgb(0, 0, 255)">PUTSCRIPT "erste_sieve-regel_zum_testen" {97+} 
 +if header :comparator "i;ascii-casemap" :contains "Subject" "p0rn" 
 +    discard; 
 +    stop; 
 +}</font> 
 +<font style="color: rgb(0, 255, 0)">&nbsp;OK "PUTSCRIPT completed."</font> 
 +</pre></html> 
 + 
 +Fragen wir nun erneut ab, welche Scripte auf dem Server vorliegen, sehen wir auch unser erstes Testscript **erste_sieve-regel_zum_testen**. 
 + 
 +<html><pre class="code"> 
 +<font style="color: rgb(0, 0, 255)">LISTSCRIPTS</font> 
 +<font style="color: rgb(0, 255, 0)">&nbsp;"erste_sieve-regel_zum_testen" 
 +&nbsp;OK "Listscripts completed."</font> 
 +</pre></html> 
 + 
 +Zum Scharfschalten des Scripts wird der Befehl **SETACTIVE** verwendet. 
 + 
 +<html><pre class="code"> 
 +<font style="color: rgb(0, 0, 255)">SETACTIVE "erste_sieve-regel_zum_testen"</font> 
 +<font style="color: rgb(0, 255, 0)">&nbsp;OK "Setactive completed."</font> 
 +</pre></html> 
 + 
 +Fragen wir nun erneut die Liste des SIEVE-Scripte ab, sehen wir ein **ACTIVE** hinter dem Scriptnamen **erste_sieve-regel_zum_testen**; d.h. dieses Script ist nunmehr aktiv. 
 + 
 +<html><pre class="code"> 
 +<font style="color: rgb(0, 0, 255)">LISTSCRIPTS</font> 
 +<font style="color: rgb(0, 255, 0)">&nbsp;"erste_sieve-regel_zum_testen" ACTIVE 
 +&nbsp;OK "Listscripts completed."</font> 
 +</pre></html> 
 + 
 +Wollen wir ein script Herunterladen verwenden wir den Befehl **GETSCRIPT**. 
 + 
 +<html><pre class="code"> 
 +<font style="color: rgb(0, 0, 255)">GETSCRIPT "erste_sieve-regel_zum_testen"</font> 
 +<font style="color: rgb(0, 255, 0)">&nbsp;{97} 
 +&nbsp;if header :comparator "i;ascii-casemap" :contains "Subject" "p0rn" 
 +     discard; 
 +     stop; 
 +&nbsp;
 +&nbsp;OK "Getscript completed."</font> 
 +</pre></html> 
 + 
 +Zu guter Letzt melden wir uns nun von unserem Server mit dem Befehl **LOGOUT** wieder ab. 
 + 
 + 
 +<html><pre class="code"> 
 +<font style="color: rgb(0, 0, 255)">LOGOUT</font> 
 +<font style="color: rgb(0, 255, 0)">&nbsp;OK "Logout completed."</font> 
 +<font style="color: rgb(0, 0, 0)">Connection closed by foreign host.</font> 
 +</pre></html> 
 + 
 +Im Verzeischnis des Users **django@nausch.org** finden wir nun auch das Verzeichnis //**/srv/vmail/nausch.org/django/sieve**// in dem die SIEVE-Scripte abgelegt werden.  
 + 
 +<code>/srv/vmail/nausch.org/django/ 
 +├── .dovecot.sieve -> sieve/erste_sieve-regel_zum_testen.sieve 
 +├── Maildir/ 
 +│   ├── cur/ 
 +│   │   └── 1407189625.M304698P4532.vml000070.dmz.nausch.org,S=409,W=422:2, 
 +│   ├── dovecot.index.cache 
 +│   ├── dovecot.index.log 
 +│   ├── dovecot.mailbox.log 
 +│   ├── dovecot-uidlist 
 +│   ├── dovecot-uidvalidity 
 +│   ├── dovecot-uidvalidity.53dfa2ad 
 +│   ├── .Drafts/ 
 +│   │   ├── cur/ 
 +│   │   ├── dovecot.index.log 
 +│   │   ├── dovecot-uidlist 
 +│   │   ├── maildirfolder 
 +│   │   ├── new/ 
 +│   │   └── tmp/ 
 +│   ├── new/ 
 +│   ├── .Sent/ 
 +│   │   ├── cur/ 
 +│   │   ├── dovecot.index.log 
 +│   │   ├── dovecot-uidlist 
 +│   │   ├── maildirfolder 
 +│   │   ├── new/ 
 +│   │   └── tmp/ 
 +│   ├── subscriptions 
 +│   └── tmp/ 
 +└── sieve/ 
 +    ├── erste_sieve-regel_zum_testen.sieve 
 +    └── tmp/ 
 +</code> 
 + 
 +Das aktive Script erkennen wir an dem symlink //**.dovecot.sieve**// im **HOME**-Verzeichnis des Users. 
 +   # ll /srv/vmail/nausch.org/django/.dovecot.sieve  
 + 
 +   lrwxrwxrwx 1 vmail vmail 40 Aug  5 13:01 /srv/vmail/nausch.org/django/.dovecot.sieve -> sieve/erste_sieve-regel_zum_testen.sieve 
 + 
 +Im Maillog wurden unsere SIEVE-Script Aktivitäten mit Hilfe des Mail-Plugins **ManageSieve** dokumentiert. 
 +<code>Aug  5 12:58:29 vml000070 dovecot: managesieve-login: Login: user=<django@nausch.org>, method=PLAIN, rip=10.0.0.70, mpid=5212, secured, session=<4sFTvN//sAAKAABG> 
 +Aug  5 12:58:29 vml000070 dovecot: managesieve(django@nausch.org): Debug: Effective uid=10000, gid=10000, home=/srv/vmail/nausch.org/django 
 +Aug  5 12:58:29 vml000070 dovecot: managesieve(django@nausch.org): Debug: Namespace inbox: type=private, prefix=INBOX/, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:/srv/vmail/nausch.org/django/Maildir 
 +Aug  5 12:58:29 vml000070 dovecot: managesieve(django@nausch.org): Debug: maildir++: root=/srv/vmail/nausch.org/django/Maildir, index=, indexpvt=, control=, inbox=/srv/vmail/nausch.org/django/Maildir, alt= 
 +Aug  5 12:58:29 vml000070 dovecot: managesieve(django@nausch.org): Debug: Namespace : type=private, prefix=, sep=, inbox=no, hidden=yes, list=no, subscriptions=no location=fail::LAYOUT=none 
 +Aug  5 12:58:29 vml000070 dovecot: managesieve(django@nausch.org): Debug: none: root=, index=, indexpvt=, control=, inbox=, alt= 
 +Aug  5 12:58:29 vml000070 dovecot: managesieve(django@nausch.org): Debug: sieve: Pigeonhole version 0.4.2 initializing 
 +Aug  5 12:58:29 vml000070 dovecot: managesieve(django@nausch.org): Debug: sieve: include: sieve_global_dir is not set; it is currently not possible to include `:global' scripts. 
 +Aug  5 12:58:29 vml000070 dovecot: managesieve(django@nausch.org): Debug: sieve-storage: using active sieve script path: /srv/vmail/nausch.org/django/.dovecot.sieve 
 +Aug  5 12:58:29 vml000070 dovecot: managesieve(django@nausch.org): Debug: sieve-storage: using sieve script storage directory: /srv/vmail/nausch.org/django/sieve 
 +Aug  5 12:58:29 vml000070 dovecot: managesieve(django@nausch.org): Debug: sieve-storage: using permissions from /srv/vmail/nausch.org/django/sieve: mode=0700 gid=-1 
 +Aug  5 12:58:29 vml000070 dovecot: managesieve(django@nausch.org): Debug: sieve-storage: relative path to sieve storage in active link: sieve/ 
 +Aug  5 12:59:09 vml000070 dovecot: managesieve(django@nausch.org): Disconnected: Logged out bytes=6/41 
 +Aug  5 12:59:25 vml000070 dovecot: master: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) 
 +Aug  5 12:59:25 vml000070 dovecot: imap-login: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) 
 +Aug  5 12:59:25 vml000070 dovecot: anvil: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) 
 +Aug  5 12:59:25 vml000070 dovecot: log: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) 
 +Aug  5 13:00:00 vml000070 dovecot: master: Dovecot v2.2.13 starting up for imap, pop3, lmtp, sieve (core dumps disabled) 
 +Aug  5 13:00:18 vml000070 dovecot: managesieve-login: Login: user=<django@nausch.org>, method=PLAIN, rip=10.0.0.70, mpid=5262, secured, session=<4prRwt//sQAKAABG> 
 +Aug  5 13:00:18 vml000070 dovecot: managesieve(django@nausch.org): Debug: Effective uid=10000, gid=10000, home=/srv/vmail/nausch.org/django 
 +Aug  5 13:00:18 vml000070 dovecot: managesieve(django@nausch.org): Debug: Namespace inbox: type=private, prefix=INBOX/, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:/srv/vmail/nausch.org/django/Maildir 
 +Aug  5 13:00:18 vml000070 dovecot: managesieve(django@nausch.org): Debug: maildir++: root=/srv/vmail/nausch.org/django/Maildir, index=, indexpvt=, control=, inbox=/srv/vmail/nausch.org/django/Maildir, alt= 
 +Aug  5 13:00:18 vml000070 dovecot: managesieve(django@nausch.org): Debug: Namespace : type=private, prefix=, sep=, inbox=no, hidden=yes, list=no, subscriptions=no location=fail::LAYOUT=none 
 +Aug  5 13:00:18 vml000070 dovecot: managesieve(django@nausch.org): Debug: none: root=, index=, indexpvt=, control=, inbox=, alt= 
 +Aug  5 13:00:18 vml000070 dovecot: managesieve(django@nausch.org): Debug: sieve: Pigeonhole version 0.4.2 initializing 
 +Aug  5 13:00:18 vml000070 dovecot: managesieve(django@nausch.org): Debug: sieve: include: sieve_global_dir is not set; it is currently not possible to include `:global' scripts. 
 +Aug  5 13:00:18 vml000070 dovecot: managesieve(django@nausch.org): Debug: sieve-storage: using active sieve script path: /srv/vmail/nausch.org/django/.dovecot.sieve 
 +Aug  5 13:00:18 vml000070 dovecot: managesieve(django@nausch.org): Debug: sieve-storage: using sieve script storage directory: /srv/vmail/nausch.org/django/sieve 
 +Aug  5 13:00:18 vml000070 dovecot: managesieve(django@nausch.org): Debug: sieve-storage: permission lookup failed from /srv/vmail/nausch.org/django/sieve 
 +Aug  5 13:00:18 vml000070 dovecot: managesieve(django@nausch.org): Debug: sieve-storage: created storage directory /srv/vmail/nausch.org/django/sieve/tmp 
 +Aug  5 13:00:18 vml000070 dovecot: managesieve(django@nausch.org): Debug: sieve-storage: relative path to sieve storage in active link: sieve/ 
 +Aug  5 13:02:09 vml000070 dovecot: managesieve(django@nausch.org): Disconnected: Logged out bytes=276/385 
 +</code> 
 + 
 +Zum Abschluß unseres Tests liefern wir nun eine Nachricht via **LMTP** bei unserem Dovecot-Server ein. 
 + 
 +<html><pre class="code"> 
 +<font style="color: rgb(0, 0, 255)">$ telnet 10.0.0.70 24</font> 
 +<font style="color: rgb(0, 0, 0)">Trying 10.0.0.70... 
 +Connected to 10.0.0.70. 
 +Escape character is '^]'.</font> 
 +<font style="color: rgb(0, 255, 0)">&nbsp;220 imap.nausch.org Dovecot ready.</font> 
 +<font style="color: rgb(0, 0, 255)">LHLO mx01.nausch.org</font> 
 +<font style="color: rgb(0, 255, 0)">&nbsp;250-imap.nausch.org 
 +&nbsp;250-8BITMIME 
 +&nbsp;250-ENHANCEDSTATUSCODES 
 +&nbsp;250 PIPELINING</font> 
 +<font style="color: rgb(0, 0, 255)">mail from:&lt;michael@nausch.org&gt;</font> 
 +<font style="color: rgb(0, 255, 0)">&nbsp;250 2.1.0 OK</font> 
 +<font style="color: rgb(0, 0, 255)">rcpt to:&lt;django@nausch.org&gt;</font> 
 +<font style="color: rgb(0, 255, 0)">&nbsp;250 2.1.5 OK</font> 
 +<font style="color: rgb(0, 0, 255)">DATA</font> 
 +<font style="color: rgb(0, 255, 0)">&nbsp;354 OK</font> 
 +<font style="color: rgb(0, 0, 255)">From: Michael Nausch <michael@nausch.org> 
 +To: Django [BOfH] <django@nausch.org> 
 +SubjectHaben Du Interesse an p0rn? 
 +Date: Mon, 21 Jul 2014 09:00:36 -0000 
 + 
 +HI,      
 +wenn Du haben willst lot of p0rn, Du mir sagen. 
 +Ich habe sehr viel davon. 
 + 
 +ttyl 
 +Bazibua 
 +.</font> 
 +<font style="color: rgb(0, 255, 0)">&nbsp;250 2.0.0 <django@nausch.org> fs6GLxrC4FO0FAAAOs1BfA Saved</font> 
 +<font style="color: rgb(0, 0, 255)">quit</font> 
 +<font style="color: rgb(0, 255, 0)">&nbsp;221 2.0.0 OK</font> 
 +<font style="color: rgb(0, 0, 0)">Connection closed by foreign host.</font> 
 +</pre></html> 
 + 
 + 
 +Im Maillog sehen wir nun, dass die Nachricht nicht zugestellt, sonder gelöscht wurde **marked message to be discarded if not explicitly delivered (discard action)**. 
 + 
 +<code>Aug  5 13:38:02 vml000070 dovecot: lmtp(5300): Debug: none: root=, index=, indexpvt=, control=, inbox=, alt= 
 +Aug  5 13:38:02 vml000070 dovecot: lmtp(5300): Connect from 10.0.0.80 
 +Aug  5 13:38:24 vml000070 dovecot: lmtp(5300): Debug: Loading modules from directory: /usr/lib64/dovecot 
 +Aug  5 13:38:24 vml000070 dovecot: lmtp(5300): Debug: Module loaded: /usr/lib64/dovecot/lib90_sieve_plugin.so 
 +Aug  5 13:38:24 vml000070 dovecot: lmtp(5300): Debug: auth input: django@nausch.org uid=10000 gid=10000 home=/srv/vmail/nausch.org/django 
 +Aug  5 13:39:59 vml000070 dovecot: lmtp(5300, django@nausch.org): Debug: Effective uid=10000, gid=10000, home=/srv/vmail/nausch.org/django 
 +Aug  5 13:39:59 vml000070 dovecot: lmtp(5300, django@nausch.org): Debug: Namespace inbox: type=private, prefix=INBOX/, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:/srv/vmail/nausch.org/django/Maildir 
 +Aug  5 13:39:59 vml000070 dovecot: lmtp(5300, django@nausch.org): Debug: maildir++: root=/srv/vmail/nausch.org/django/Maildir, index=, indexpvt=, control=, inbox=/srv/vmail/nausch.org/django/Maildir, alt= 
 +Aug  5 13:39:59 vml000070 dovecot: lmtp(5300, django@nausch.org): Debug: Namespace : type=private, prefix=, sep=, inbox=no, hidden=yes, list=no, subscriptions=no location=fail::LAYOUT=none 
 +Aug  5 13:39:59 vml000070 dovecot: lmtp(5300, django@nausch.org): Debug: none: root=, index=, indexpvt=, control=, inbox=, alt= 
 +Aug  5 13:39:59 vml000070 dovecot: lmtp(5300, django@nausch.org): Debug: sieve: Pigeonhole version 0.4.2 initializing 
 +Aug  5 13:39:59 vml000070 dovecot: lmtp(5300, django@nausch.org): Debug: sieve: include: sieve_global_dir is not set; it is currently not possible to include `:global' scripts. 
 +Aug  5 13:39:59 vml000070 dovecot: lmtp(5300, django@nausch.org): Debug: fs6GLxrC4FO0FAAAOs1BfA: sieve: using the following location for user's Sieve script: /srv/vmail/nausch.org/django/.dovecot.sieve;name=main script 
 +Aug  5 13:39:59 vml000070 dovecot: lmtp(5300, django@nausch.org): Debug: fs6GLxrC4FO0FAAAOs1BfA: sieve: loading script /srv/vmail/nausch.org/django/.dovecot.sieve;name=main script 
 +Aug  5 13:39:59 vml000070 dovecot: lmtp(5300, django@nausch.org): Debug: fs6GLxrC4FO0FAAAOs1BfA: sieve: script `main script' from /srv/vmail/nausch.org/django/.dovecot.sieve;name=main script successfully compiled 
 +Aug  5 13:39:59 vml000070 dovecot: lmtp(5300, django@nausch.org): Debug: fs6GLxrC4FO0FAAAOs1BfA: sieve: executing script from /srv/vmail/nausch.org/django/.dovecot.sieve;name=main script 
 +Aug  5 13:39:59 vml000070 dovecot: lmtp(5300, django@nausch.org): fs6GLxrC4FO0FAAAOs1BfA: sieve: msgid=unspecified: marked message to be discarded if not explicitly delivered (discard action) 
 +Aug  5 13:40:03 vml000070 dovecot: lmtp(5300): Disconnect from 10.0.0.80: Successful quit 
 +</code> 
 + 
 + 
 + 
 + 
 + 
 + 
 + 
 +Im Verzeichnis des Users **django@nausch.org** sehen wir keine neue Nachricht, da diese mit Hilfe des SIEVE-scriptes sofort gelöscht wurde. 
 +<code>/srv/vmail/nausch.org/django/ 
 +├── .dovecot.sieve -> sieve/erste_sieve-regel_zum_testen.sieve 
 +├── .dovecot.svbin 
 +├── Maildir/ 
 +│   ├── cur/ 
 +│   │   └── 1407189625.M304698P4532.vml000070.dmz.nausch.org,S=409,W=422:2, 
 +│   ├── dovecot.index.cache 
 +│   ├── dovecot.index.log 
 +│   ├── dovecot.mailbox.log 
 +│   ├── dovecot-uidlist 
 +│   ├── dovecot-uidvalidity 
 +│   ├── dovecot-uidvalidity.53dfa2ad 
 +│   ├── .Drafts/ 
 +│   │   ├── cur/ 
 +│   │   ├── dovecot.index.log 
 +│   │   ├── dovecot-uidlist 
 +│   │   ├── maildirfolder 
 +│   │   ├── new/ 
 +│   │   └── tmp/ 
 +│   ├── new/ 
 +│   ├── .Sent/ 
 +│   │   ├── cur/ 
 +│   │   ├── dovecot.index.log 
 +│   │   ├── dovecot-uidlist 
 +│   │   ├── maildirfolder 
 +│   │   ├── new/ 
 +│   │   └── tmp/ 
 +│   ├── subscriptions 
 +│   └── tmp/ 
 +└── sieve/ 
 +    ├── erste_sieve-regel_zum_testen.sieve 
 +    └── tmp/ 
 +</code> 
 + 
 +===== Test ===== 
 +//... in Bearbeitung (Vorankündigung)! ...// 
 +====== Links ====== 
 +  * **[[centos:mail_c7:start|Zurück zum Kapitel >>Mailserverinstallation unter CentOS 7<<]]** 
 +  * **[[wiki:start|Zurück zu >>Projekte und Themenkapitel<<]]** 
 +  * **[[http://dokuwiki.nausch.org/doku.php/|Zurück zur Startseite]]**
  
  
  • centos/mail_c7/dovecot_3.1405976478.txt.gz
  • Zuletzt geändert: 21.07.2014 21:01.
  • von django