Topic: Unable to connect to managesieve server
==== Required information ====
- iRedMail version: 0.8.4
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Linux/BSD distribution name and version: CentOS
- Related log if you're reporting an issue:
====
I had to restart our mail server the other day, and after reboot all webmail users are getting this error when trying to manage their roundcube filters:
Unable to connect to managesieve serverAs far as I'm aware no config files have changed... however I'm pasting them below just in case.
Output from /var/log/sieve.log:
May 15 09:40:16 lda(root): Fatal: setgid(501(vmail) from mail_gid setting) failed with euid=99(nobody), gid=99(nobody), egid=99(nobody): Operation not permitted (This binary should probably be called with process group set to 501(vmail) instead of 99(nobody))Roundcube managesieve conf:
<?php
// managesieve server port
$rcmail_config['managesieve_port'] = 4190;
// managesieve server address, default is localhost.
// Replacement variables supported in host name:
// %h - user's IMAP hostname
// %n - http hostname ($_SERVER['SERVER_NAME'])
// %d - domain (http hostname without the first part)
// For example %n = mail.domain.tld, %d = domain.tld
$rcmail_config['managesieve_host'] = "127.0.0.1";
// authentication method. Can be CRAM-MD5, DIGEST-MD5, PLAIN, LOGIN, EXTERNAL
// or none. Optional, defaults to best method supported by server.
$rcmail_config['managesieve_auth_type'] = null;
// Optional managesieve authentication identifier to be used as authorization proxy.
// Authenticate as a different user but act on behalf of the logged in user.
// Works with PLAIN and DIGEST-MD5 auth.
$rcmail_config['managesieve_auth_cid'] = null;
// Optional managesieve authentication password to be used for imap_auth_cid
$rcmail_config['managesieve_auth_pw'] = null;
// use or not TLS for managesieve server connection
// it's because I've problems with TLS and dovecot's managesieve plugin
// and it's not needed on localhost
$rcmail_config['managesieve_usetls'] = false;
// default contents of filters script (eg. default spam filter)
$rcmail_config['managesieve_default'] = "/var/www/roundcubemail/config/dovecot.sieve";
// The name of the script which will be used when there's no user script
$rcmail_config['managesieve_script_name'] = 'managesieve';
// Sieve RFC says that we should use UTF-8 endcoding for mailbox names,
// but some implementations does not covert UTF-8 to modified UTF-7.
// Defaults to UTF7-IMAP
$rcmail_config['managesieve_mbox_encoding'] = 'UTF-8';
// I need this because my dovecot (with listescape plugin) uses
// ':' delimiter, but creates folders with dot delimiter
$rcmail_config['managesieve_replace_delimiter'] = '';
// disabled sieve extensions (body, copy, date, editheader, encoded-character,
// envelope, environment, ereject, fileinto, ihave, imap4flags, index,
// mailbox, mboxmetadata, regex, reject, relational, servermetadata,
// spamtest, spamtestplus, subaddress, vacation, variables, virustest, etc.
// Note: not all extensions are implemented
$rcmail_config['managesieve_disabled_extensions'] = array();
// Enables debugging of conversation with sieve server. Logs it into <log_dir>/sieve
$rcmail_config['managesieve_debug'] = false;
// Enables features described in http://wiki.kolab.org/KEP:14
$rcmail_config['managesieve_kolab_master'] = false;
// Script name extension used for scripts including. Dovecot uses '.sieve',
// Cyrus uses '.siv'. Doesn't matter if you have managesieve_kolab_master disabled.
$rcmail_config['managesieve_filename_extension'] = '.sieve';
// List of reserved script names (without extension).
// Scripts listed here will be not presented to the user.
$rcmail_config['managesieve_filename_exceptions'] = array();
?>My dovecot conf:
# 2.0.18: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-279.14.1.el6.x86_64 x86_64 CentOS release 6.3 (Final)
auth_mechanisms = plain PLAIN LOGIN
auth_worker_max_count = 512
default_process_limit = 1024
dict {
acl = mysql:/etc/dovecot/dovecot-share-folder.conf
expire = db:/var/lib/dovecot/expire/expire.db
quotadict = mysql:/etc/dovecot/dovecot-used-quota.conf
}
disable_plaintext_auth = no
dotlock_use_excl = no
first_valid_uid = 501
last_valid_uid = 501
listen = *
lock_method = dotlock
log_path = /var/log/dovecot.log
mail_fsync = always
mail_gid = 501
mail_location = maildir:/%Lh/Maildir/:INDEX=/var/indexes/%Ld/%Lu/
mail_max_userip_connections = 1024
mail_nfs_index = yes
mail_nfs_storage = yes
mail_plugins = stats
mail_uid = 501
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave
mmap_disable = yes
namespace {
inbox = yes
location =
prefix =
separator = /
type = private
}
namespace {
list = children
location = maildir:/%%Lh/Maildir/:INDEX=/%%Lh/Maildir/Shared/%%u
prefix = Shared/%%u/
separator = /
subscriptions = yes
type = shared
}
passdb {
args = /etc/dovecot/dovecot-ldap.conf
driver = ldap
}
plugin {
acl = vfile
acl_shared_dict = proxy::acl
auth_socket_path = /var/run/dovecot/auth-master
autocreate = INBOX
autocreate2 = Sent
autocreate3 = Trash
autocreate4 = Drafts
autocreate5 = Junk
autosubscribe = INBOX
autosubscribe2 = Sent
autosubscribe3 = Trash
autosubscribe4 = Drafts
autosubscribe5 = Junk
expire = Trash 7 Trash/* 7 Junk 30
expire_dict = proxy::expire
quota = dict:user::proxy::quotadict
quota_rule = *:storage=1G
quota_warning = storage=85%% quota-warning 85 %u
quota_warning2 = storage=90%% quota-warning 90 %u
quota_warning3 = storage=95%% quota-warning 95 %u
sieve = /%Lh/sieve/dovecot.sieve
sieve_dir = /%Lh/sieve
sieve_global_dir = /var/vmail/sieve
sieve_global_path = /var/vmail/sieve/dovecot.sieve
}
protocols = imap pop3 sieve
service anvil {
client_limit = 8192
}
service auth {
client_limit = 8192
unix_listener /var/spool/postfix/dovecot-auth {
group = postfix
mode = 0666
user = postfix
}
unix_listener auth-master {
group = vmail
mode = 0666
user = vmail
}
unix_listener auth-userdb {
group = vmail
mode = 0660
user = vmail
}
}
service dict {
unix_listener dict {
group = vmail
mode = 0660
user = vmail
}
}
service quota-warning {
executable = script /usr/local/bin/dovecot-quota-warning.sh
unix_listener quota-warning {
group = vmail
mode = 0660
user = vmail
}
}
ssl_ca = </root/certs/ssl247/intermediate_certificate.crt
ssl_cert = </root/certs/ssl247/mail.orphans.co.uk.crt
ssl_key = </root/certs/mail.orphans.co.uk.key
userdb {
args = /etc/dovecot/dovecot-ldap.conf
driver = ldap
}
protocol lda {
auth_socket_path = /var/run/dovecot/auth-master
info_log_path = /var/log/dovecot-deliver.log
lda_mailbox_autocreate = yes
log_path = /var/log/dovecot-lda-errors.log
mail_plugins = quota sieve autocreate
}
protocol imap {
imap_client_workarounds = tb-extra-mailbox-sep
mail_max_userip_connections = 1024
mail_plugins = quota imap_quota autocreate
}
protocol pop3 {
mail_plugins = quota
pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
pop3_uidl_format = %08Xu%08Xv
}Check to see managesieve is listening:
root@tay ~ # netstat -alnp | grep 4190
tcp 0 0 0.0.0.0:4190 0.0.0.0:* LISTEN 14222/dovecotAny ideas?
----
Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.
