Архивы: dovecot

устанавливаем поддержку sieve для dovecot

ставим необходимые пакеты
[cce]

root@mx1/var/spool/mail> pkg_info | grep sieve
dovecot-managesieve-0.11.13 Dovecot ManageSieve Server daemon
dovecot-sieve-1.2+0.1.19 A Sieve plugin for the Dovecot ‘deliver’ LDA
roundcube-sieverules-1.16 Roundcube webmail sieve plugin
root@mx1/var/spool/mail>
[/cce]

правим конфиг dovecot.conf
[cce]

root@mx1/var/spool/mail> cd /usr/local/etc
root@mx1/usr/local/etc> vim dovecot.conf
[/cce]

добавляем – исправляем
[cce]

protocols = pop3 pop3s imap imaps managesieve

protocol managesieve {
login_executable = /usr/local/libexec/dovecot/managesieve-login
mail_executable = /usr/local/libexec/dovecot/managesieve
managesieve_max_line_length = 65536
managesieve_logout_format = bytes=%i/%o
managesieve_implementation_string = dovecot
mail_debug=yes
}

protocol lda {

# Address to use when sending rejection mails.
postmaster_address = postmaster@site.com

# Hostname to use in various parts of sent mails, eg. in Message-Id.
# Default is the system’s real hostname.
hostname = mx1.site.com

mail_plugin_dir = /usr/local/lib/dovecot/lda
mail_plugins = sieve

# Support for dynamically loadable plugins. mail_plugins is a space separated
# list of plugins to load.
#mail_plugins =
#mail_plugin_dir = /usr/local/lib/dovecot/lda

# Binary to use for sending mails.
#sendmail_path = /usr/lib/sendmail
#sendmail_path = /usr/sbin/sendmail

# UNIX socket path to master authentication server to find users.
#auth_socket_path = /var/run/dovecot/auth-master

}

plugin {

quota = maildir
quota_rule = *:storage=1GB
# 10% of 1GB = 100MB
quota_rule2 = Trash:storage=10%%
# 20% of 1GB = 200MB
quota_rule3 = Spam:storage=20%%

sieve_dir = /var/spool/mail
sieve = /var/spool/mail/%u.sieve
}

[/cce]

перезапускам dovecot и смотрим …

[cce]

root@mx1/usr/local/etc> sockstat | grep 2000
dovecot managesiev 96181 4 tcp4 *:2000 *:*
dovecot managesiev 66644 4 tcp4 *:2000 *:*
dovecot managesiev 11738 4 tcp4 *:2000 *:*
root dovecot 45144 10 tcp4 *:2000 *:*
root@mx1/usr/local/etc>

[/cce]

все класс.

для редактирования правил я использую плагин для roundcube

[cce]

root@mx1/usr/local/etc> pkg_info | grep round
roundcube-0.7.2,1 Fully skinnable XHTML/CSS webmail written in PHP
roundcube-sieverules-1.16 Roundcube webmail sieve plugin
root@mx1/usr/local/etc>
[/cce]

плагин очень удобный и повзволяет без напряга строить разообразные правила.

 

 

 

получаем почту с gmail.com посредством fetchmail с поддержкой ssl

[cce lang=bash]
cd /etc/ssl/certs
wget -O Equifax_Secure_Certificate_Authority.pem \ https://www.geotrust.com/resources/root_certificates/certificates/Equifax_Secure_Certificate_Authority.cer –no-check-certificat

root@mx1/etc/ssl/certs> ls -l
total 8
lrwxrwxrwx 1 root wheel 11 Jan 27 2011 40e371fd.0 -> dovecot.pem
-rw-r–r– 1 root wheel 1143 May 21 2011 Equifax_Secure_Certificate_Authority.pem
-rw-r–r– 1 root wheel 1216 Jul 24 2009 dovecot.pem

openssl x509 -in Equifax_Secure_Certificate_Authority.pem -fingerprint -subject -issuer -serial -hash -noout

SHA1 Fingerprint=D2:32:09:AD:23:D3:14:23:21:74:E4:0D:7F:9D:62:13:97:86:63:3A
subject= /C=US/O=Equifax/OU=Equifax Secure Certificate Authority
issuer= /C=US/O=Equifax/OU=Equifax Secure Certificate Authority
serial=35DEF4CF
594f1775

c_rehash .

file 578d5c04.*
578d5c04.0: symbolic link to `Equifax_Secure_Certificate_Authority.pem’
root@mx1/etc/ssl/certs> ls -l
total 8
lrwxr-xr-x 1 root wheel 11 Jan 20 10:49 40e371fd.0 -> dovecot.pem
lrwxr-xr-x 1 root wheel 40 Jan 20 10:49 578d5c04.0 -> Equifax_Secure_Certificate_Authority.pem
-rw-r–r– 1 root wheel 1143 May 21 2011 Equifax_Secure_Certificate_Authority.pem
-rw-r–r– 1 root wheel 1216 Jul 24 2009 dovecot.pem
root@mx1/etc/ssl/certs>

[/cce]

c сертификатом закончили. теперь настраиваем для нужного пользователя .fetchmailrc

[cce lang=bash]

vvs@mx1~> ls -l .fetchmailrc
-rwx—— 1 vvs vvs 1426 Jan 20 10:54 .fetchmailrc
vvs@mx1~>

vvs@mx1~> cat .fetchmailrc
poll imap.gmail.com protocol IMAP
user “xxxx@gmail.com” is vvs@vs.kiev.ua here
password ‘XXXX’
options keep ssl sslfingerprint ’93:2E:0F:BA:58:EA:CD:CB:04:33:97:9D:23:2A:0A:77′ sslcertck sslcertpath /etc/ssl/certs
folder ‘Inbox’
fetchlimit 1
keep
ssl

[/cce]

проверяем

[cce lang = bash]

$fetchmail -v

vvs@mx1~> fetchmail -v
fetchmail: 6.3.20 querying imap.gmail.com (protocol IMAP) at Fri, 20 Jan 2012 11:01:27 +0200 (EET): poll started
Trying to connect to 173.194.66.108/993…connected.
fetchmail: Server certificate:
fetchmail: Issuer Organization: Google Inc
fetchmail: Issuer CommonName: Google Internet Authority
fetchmail: Subject CommonName: imap.gmail.com
fetchmail: imap.gmail.com key fingerprint: 93:2E:0F:BA:58:EA:CD:CB:04:33:97:9D:23:2A:0A:77
fetchmail: imap.gmail.com fingerprints match.
fetchmail: IMAP< * OK Gimap ready for requests from 188.40.73.210 g72if1216268wen.91
fetchmail: IMAP> A0001 CAPABILITY

[/cce]

ну и так делаее. сертификат прошел.

добавляем в crontab

[cce lang=bash]
#crontab -e -u vvs

*/3 * * * * /usr/local/bin/fetchmail -s
[/cce]

 

dovecot ssl сертификат

openssl req -new -x509 -nodes -out /tmp/public.pem -keyout /tmp/private.pem -days 3650
cp /tmp/public.pem /etc/ssl/certs/dovecot.pem
cp /tmp/private.pem /etc/ssl/private/dovecot.pem

сегодня наконец поапгрейтил dovecot & dovecot-sieve

[root@mx1]/usr/ports/mail/dovecot: pkg_info | grep dove
dovecot-1.1.11 Secure and compact IMAP and POP3 servers
dovecot-sieve-1.1.6 A Sieve plugin for the Dovecot ‘deliver’ LDA