Sieve (mail filtering language)

Sieve is a programming language that can be used to create filters for email. It owes its creation to the CMU Cyrus Project, creators of Cyrus IMAP server.

From Wikipedia, the free encyclopedia

* * * The guide is already outdated as of November 2018,
and still the guide can be used on servers without Directadmin or for your personal purposes.
Check the link for other similar guides* * *

Used software and its versions

DirectAdmin: 1.42.1
Exim: 4.80.1
dovecot: 2.1.15
RoundCube webmail: 0.8.5
dovecot-2.1-pigeonhole-0.3.3

1. Configuring Dovecot

Go to http://pigeonhole.dovecot.org/download.html and find a proper version of pigeonhole for your dovecot version.

Pigeonhole is the name of the project that adds support for the Sieve language  (RFC 5228) and the ManageSieve protocol (RFC 5804) to the Dovecot Secure IMAP Server. In the literal sense, a pigeonhole is a a hole or recess inside a dovecot for pigeons to nest in. It is, however, also the name for one of a series of small, open compartments in a cabinet used for filing or sorting mail. As a verb, it describes the act of putting an item into one of those pigeonholes. The name `Pigeonhole' therefore well describes an important part of the functionality that this project adds to Dovecot: sorting and filing e-mail messages.

So let's get and install it:

cd /usr/local/src
wget http://www.rename-it.nl/dovecot/2.1/dovecot-2.1-pigeonhole-0.3.3.tar.gz
tar -zxvf dovecot-2.1-pigeonhole-0.3.3.tar.gz
cd dovecot-2.1-pigeonhole-0.3.3
./configure --prefix=/usr
make && make install

Note, you might need to re-build pigeonhole after every dovecot upgrading or/and reinstalling.

Now we ready to update dovecot settings, but firstly make sure you've got a backup copy of its configs:

cd /etc/
cp dovecot.conf dovecot.conf-bak

Then open /etc/dovecot.conf for editing (with nano, vi, mcedit, etc), and add the following lines to the right bottom of the file:

service managesieve-login {
  inet_listener sieve {
    port = 4190
  }
  service_count = 1
  process_min_avail = 1
  vsz_limit = 64M
}
service managesieve {
  process_limit = 10
}
protocol sieve {
    managesieve_max_line_length = 65536
    managesieve_implementation_string = dovecot
    log_path = /var/log/dovecot-sieve-errors.log
    info_log_path = /var/log/dovecot-sieve.log
}
plugin {
    sieve = ~/.dovecot.sieve
    sieve_global_path = /var/lib/dovecot/sieve/default.sieve
    sieve_dir = ~/sieve
    sieve_global_dir = /var/lib/dovecot/sieve/global/
}
protocol lda {
    mail_plugins = $mail_plugins sieve
    postmaster_address = postmaster@domain.com
    hostname = server.domain.com
    auth_socket_path = /var/run/dovecot/auth-master
    log_path = /var/log/dovecot-lda-errors.log
    info_log_path = /var/log/dovecot-lda.log
}
protocol lmtp {
    mail_plugins = $mail_plugins sieve
    log_path = /var/log/dovecot-lmtp-errors.log
    info_log_path = /var/log/dovecot-lmtp.log
}

After that, find there a line

protocols = imap pop3

and add lmtp sieve to its end, so it would look like this:

protocols = imap pop3 lmtp sieve

Then find auth section:

service auth {
  user = root
}

and make it to look something like this:

service auth {
  user = root
  unix_listener auth-master {
    user = mail
    group = mail
    mode = 0664
  }
}

Now we should create some logs (it's up to you to setup rotation of these logs):

touch /var/log/dovecot-debug.log /var/log/dovecot-lda.log /var/log/dovecot-lmtp.log /var/log/dovecot-sieve.log /var/log/dovecot-lda-errors.log /var/log/dovecot-lmtp-errors.log /var/log/dovecot-sieve-errors.log

chown mail:mail /var/log/dovecot-debug.log /var/log/dovecot-lda.log /var/log/dovecot-lmtp.log /var/log/dovecot-sieve.log /var/log/dovecot-lda-errors.log /var/log/dovecot-lmtp-errors.log /var/log/dovecot-sieve-errors.log

chmod 660 /var/log/dovecot-debug.log /var/log/dovecot-lda.log /var/log/dovecot-lmtp.log /var/log/dovecot-sieve.log /var/log/dovecot-lda-errors.log /var/log/dovecot-lmtp-errors.log /var/log/dovecot-sieve-errors.log

This is How to create default empty sieve rule (Thanks to user defomaz)

mkdir /var/lib/dovecot/sieve/
touch /var/lib/dovecot/sieve/default.sieve
sievec /var/lib/dovecot/sieve/default.sieve
chown mail:mail /var/lib/dovecot/sieve/* -R

And the following permissions you'll probably need for default rules:

# ls -la /var/lib/dovecot/sieve
total 16
drwxrwxr-x 3 mail mail 4096 Feb  9 19:46 .
drwxr-x--x 3 root root 4096 Feb  9 20:00 ..
-rw-rw-r-- 1 mail mail    0 Feb  9 19:31 default.sieve
-rw-rw-r-- 1 mail mail  124 Feb  9 19:46 default.svbin
drwxr-xr-x 2 mail mail 4096 Feb  9 19:25 global

We've finished with Dovecot, let's restart it and test it. With the following commands you should see something like that comes bellow (if you see something completely different, then re-check your steps):

# ps aux | grep -v grep | grep managesieve-login
dovecot  20372  0.0  0.1  44608  2988 ?        S    16:53   0:00 dovecot/managesieve-login

and this

# netstat -an | grep LISTEN | grep :4190
tcp        0      0 0.0.0.0:4190                0.0.0.0:*                   LISTEN

2. Configuring Roundcube for using managesieve plugin

cd /var/www/html/roundcube/plugins/managesieve/
cp config.inc.php.dist config.inc.php

Open /var/www/html/roundcube/plugins/managesieve/config.inc.php find lines

// managesieve server port
$rcmail_config['managesieve_port'] = 2000;

update it look like this (change port from 2000 to 4190)

// managesieve server port
$rcmail_config['managesieve_port'] = 4190;

The Pigeonhole ManageSieve service now binds to TCP port 4190 by default due to the IANA port assignment for the ManageSieve service

Then open /var/www/html/roundcube/config/main.inc.php

And find line

$rcmail_config['plugins'] = array('password');

Replace it with (or add ,'managesieve')

$rcmail_config['plugins'] = array('password','managesieve');

Now it's the right time to make sure RoundCube can connect to Sieve service, so open Roundcube in your browser http://domain.com/roundcube/ -> Personal Settings -> Filters -> Add filter

If you do not see any error message there, then it's OK and RounCube seems to be able to connect to Sieve service of Dovecot. So let's create a simple filter to make sure the things work ok, and later we will use this rule for a full check of our settings:

Note, you might loose these changes (made in  /var/www/html/roundcube/config/main.inc.php and /var/www/html/roundcube/plugins/managesieve/config.inc.php) on Roundcube upgrading with custombuild script. So it's up to you to protect it from overwriting (see link to "Using custom configs Roundcube" at the bottom of this How-To for details).

2. Configuring Exim for using Dovecot Deliver (LDA)

cd /etc
cp exim.conf exim.conf-bak

Open /etc/exim.conf fir editing, find the lines

address_reply:
  driver = autoreply

add after them

dovecot_virtual_delivery:
   driver = pipe
   command = /usr/libexec/dovecot/deliver -d $local_part@$domain -f $sender_address -a $original_local_part@$original_domain
   message_prefix =
   message_suffix =
   delivery_date_add
   envelope_to_add
   return_path_add
   log_output
   user = "${lookup{$domain}lsearch* {/etc/virtual/domainowners}{$value}}"
   group = mail
   temp_errors = 64 : 69 : 70: 71 : 72 : 73 : 74 : 75 : 78

Find the line

transport = virtual_localdelivery

Replace it with

#transport = virtual_localdelivery
transport = dovecot_virtual_delivery

Restart Exim and send an email in order to check the filters!

# cat /var/log/dovecot-lda.log
Apr 08 17:45:55 lda(po4ta@domain.ru): Info: sieve: msgid=<66523BD3B58443CC93FAEED102FCE7E2@VDS54.RU>: stored mail into mailbox 'INBOX.@vds54-ru'

That's it!

Some usefull links:

• Dovecot LDA with Exim
• Pigeonhole Installation
• Roundcube ManageSieve Readme
• Sieve Support for Dovecot
  
• Using custom configs Roundcube

Need help?!

Do you want our assistance to install and configure Exim/Dovecot/Sieve/Managesieve/Roundcube on your server?

CONTACT US FOR DETAILS!

We're ready to help you!