Re: ot: 2.2 ghettoforge install systemctl Q
> On December 16, 2017 at 1:59 AM voy...@sbt.net.au wrote: > > > I've installed new Centos 7 with Dovecot 2.2 from ghettoforge and, used > /etc/dovecot from current Centos 6 Dovecot 2.1 > > I can start/stop Dovecot with dovecot / doveadm stop > > BUT when I tried 'systemctl' I get > > # systemctl status dovecot > ● dovecot.service - Dovecot IMAP/POP3 email server >Loaded: loaded (/usr/lib/systemd/system/dovecot.service; disabled; > vendor preset: disabled) >Active: inactive (dead) > Docs: man:dovecot(1) >http://wiki2.dovecot.org/ > > how do I fix this, or, do I need to fix it ? > > or maybe I need to pursue this on ghettoforge list > Try systemctl enable dovecot Aki
Re: 2.1 to 2.2 server migration Qs: sanity check, config ?
> On December 16, 2017 at 1:44 AM voy...@sbt.net.au wrote: > > > On Sat, December 16, 2017 2:34 am, Aki Tuomi wrote: > > Please read between the lines =) > > > at least you should remove autocreate plugin. > > Aki, thanks. > > I forgot to write this is meant as a plain vanilla pop/imap multi > user/multi domain server, no special requirements or deviations should be > needed > > > >> mail_gid = 2000 mail_location = maildir:/%Lh/Maildir/:INDEX=/%Lh/Maildir/ > >> > > > > The INDEX= is redundant. > > so I go from > mail_location = maildir:/%Lh/Maildir/:INDEX=/%Lh/Maildir/ > to > mail_location = maildir:/%Lh/Maildir/ > > you could use mail_location = maildir:~/Maildir You can use mail_home (or home) to specify homedir, such as /var/mail/%Ld/%Ln to get lowercase path. > > > >> private } > >> namespace { list = children location = > >> maildir:/%%Lh/Maildir/:INDEX=/%%Lh/Maildir/Shared/%%u > >> > > > > You should read https://wiki.dovecot.org/SharedMailboxes/Shared > > (not sure whether I might have tried shareing my mailbox across two > domains for myself once?...maybe that's why it's there... not sure) > > so I just remove this whole block: > > namespace { > type = shared > separator = / > prefix = Shared/%%u/ > location = maildir:/%%Lh/Maildir/:INDEX=/%%Lh/Maildir/Shared/%%u > # this namespace should handle its own subscriptions or not. > subscriptions = yes > list = children > } > > thanks again, sorry for dumb questions > > Voytek > No problem, it's better to ask than not. =) Aki
ot: 2.2 ghettoforge install systemctl Q
I've installed new Centos 7 with Dovecot 2.2 from ghettoforge and, used /etc/dovecot from current Centos 6 Dovecot 2.1 I can start/stop Dovecot with dovecot / doveadm stop BUT when I tried 'systemctl' I get # systemctl status dovecot ● dovecot.service - Dovecot IMAP/POP3 email server Loaded: loaded (/usr/lib/systemd/system/dovecot.service; disabled; vendor preset: disabled) Active: inactive (dead) Docs: man:dovecot(1) http://wiki2.dovecot.org/ how do I fix this, or, do I need to fix it ? or maybe I need to pursue this on ghettoforge list
Re: 2.1 to 2.2 server migration Qs: sanity check, config ?
On Sat, December 16, 2017 2:34 am, Aki Tuomi wrote: > Please read between the lines =) > at least you should remove autocreate plugin. Aki, thanks. I forgot to write this is meant as a plain vanilla pop/imap multi user/multi domain server, no special requirements or deviations should be needed >> mail_gid = 2000 mail_location = maildir:/%Lh/Maildir/:INDEX=/%Lh/Maildir/ >> > > The INDEX= is redundant. so I go from mail_location = maildir:/%Lh/Maildir/:INDEX=/%Lh/Maildir/ to mail_location = maildir:/%Lh/Maildir/ >> private } >> namespace { list = children location = >> maildir:/%%Lh/Maildir/:INDEX=/%%Lh/Maildir/Shared/%%u >> > > You should read https://wiki.dovecot.org/SharedMailboxes/Shared (not sure whether I might have tried shareing my mailbox across two domains for myself once?...maybe that's why it's there... not sure) so I just remove this whole block: namespace { type = shared separator = / prefix = Shared/%%u/ location = maildir:/%%Lh/Maildir/:INDEX=/%%Lh/Maildir/Shared/%%u # this namespace should handle its own subscriptions or not. subscriptions = yes list = children } thanks again, sorry for dumb questions Voytek
Re: IMAP proxy
On Fri, December 15, 2017 3:21 pm, Aki Tuomi wrote: > >> On December 15, 2017 at 6:57 PM Gandalf Corvotempesta >>wrote: >> >> ... >> server would be proxied to the newer one automatically ? >> >> Any additional software or only a configuration change is required ? > > Return from passdb, 'proxy host=your-new-host port=143 ssl=starttls' > > Aki > Or masquerade all traffic to the new server with firewall rules: iptables -t nat -A PREROUTING -i ethX -p tcp -m tcp --dport 143 -j DNAT --to-destination 1.1.1.1 iptables -t nat -A POSTROUTING -d 1.1.1.1/32 -p tcp -m tcp --dport 143 -j MASQUERADE ethX --> interface where connections come from 1.1.1.1 --> new server IP address Maybe smth is wrong up there, didnt tested, but I think its cool. cheers. -- x9p | PGP : 0x03B50AF5EA4C8D80 / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: Dovecot path separator clarification
Am 15.12.2017 um 18:35 schrieb Davide Marchi: Hi Friends, On Debian Jessie and Dovecot 1:2.2.x using the default separator "/" (simply leave commented 10-mail.conf -> "#separator =") I've create for a vuser (from client) a subfolder Scuola/prova on server side, Dovecot create: ../Maildir/.Scuola.prova Here my question: why not ../Maildir/Scuola/prova ? The mailbox separator doesn't change the filesystem layout. See: https://wiki.dovecot.org/Namespaces#Hierarchy_separators -- Alex JOST
Dovecot path separator clarification
Hi Friends, On Debian Jessie and Dovecot 1:2.2.x using the default separator "/" (simply leave commented 10-mail.conf -> "#separator =") I've create for a vuser (from client) a subfolder Scuola/prova on server side, Dovecot create: ../Maildir/.Scuola.prova Here my question: why not ../Maildir/Scuola/prova ? Where I'm wrong? Many thanks! Davide
Question about imap (expunge response)
(This is not neccesarily about dovecot, but rather IMAP protocol) At https://drive.google.com/open?id=1j3oa5jYeSdiPbgaihq02K-u_vHbZLJZQ is fetchmail log from my sessinon with polish email provider "Wirtualna Polska" As you can se fetchmail logged "* 1 EXPUNGE" as a response to "STORE" command. According to https://tools.ietf.org/html/rfc3501#section-7.4.1 EXPUNGE must not be sent as response to STORE command. Am I right that their imap server is erroneous or am I missing something? KJ -- http://stopstopnop.pl/stop_stopnop.pl_o_nas.html Lonely men seek companionship. Lonely women sit at home and wait. They never meet.
Re: IMAP proxy
> On December 15, 2017 at 6:57 PM Gandalf Corvotempesta >wrote: > > > I'm migrating an old server to another old server (same dovecot > version in both servers) > The migration itself is straightforward, stop dovecot on the old > server, migrate everything via rsync, start dovecot to the new server. > > There is only one step left: change the dns configuration, pointing > from the old server to the newer one. > As most of domains are not managed by me and some other domains are > pointing to our server via IP, I can't simply change the A record or > wait for all users to change their domain configuration. > > TL;DR: is possible to use dovecot as IMAP proxy so that even after > changing our dns records, any user directly connecting to my old > server would be proxied to the newer one automatically ? > > Any additional software or only a configuration change is required ? Return from passdb, 'proxy host=your-new-host port=143 ssl=starttls' Aki
Re: sieve filter move wrong email to Junk folder
Thanks for all of your help. Now I modified my sieve script. Three things changes here: 1. if header :contains "X-Spam-Status" "YES, " { 2. if header :contains "subject" ["{SPAM?}"] { ##add the curly brackets 3. change the order. So send my Mailscanner labeled spam mail directlly to the junk folder. The first one try to avoid the BAYES_ trigger the rule. The 2nd one is for MailScanner labeled spam mail. So the final script: require "fileinto"; if header :contains "subject" ["{SPAM?}"] { fileinto "Junk"; stop; } if exists "X-Spam-Status" { if header :contains "X-Spam-Status" "YES, " { fileinto "Junk"; stop; } else { } } I'll see how this works. Gao On 2017-12-15 12:38 AM, Steffen Kaiser wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 15 Dec 2017, Bill Shirley wrote: This is what I use. Notice the comma: require "fileinto"; if header :contains "X-Spam-Status" "Yes," { fileinto "SystemFolders.SuspectedSpam"; stop; } I would even add the space: if header :contains "X-Spam-Status" "Yes, " { because the list of tests won't contain a space. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWjOKB8QnQQNheMxiAQIdeAgAyL+FDM/DE5J1sRkJ6P8MuIAT3Zx8zfPO Mljn/kswG551jyso2FfGqAw6et5uHrab3Wk22NxQVK6yR4ySZstr3RF9ICeuJVvs pNFzyvBf0BivihWZLMWiVum0/B0LfpW6T7B93Yvbl/JXei2C6+uy8Mk2zFo/5jWP lpKdIxWs/SMmsjFE2QccfP7Id1aUw+tYM+9P/fzc0/kGkNRs5UCodeo/e30opdvv tJ8QpwPV/873uhk9p5m2NB/0bi4i9Rg5VMC2ui5trVlyOR2q2WpYVZ1gV2tvVpEA B3QY8vrzDf9xb1zDoVi8hMDCqynZZGQ++nSfIux/7DBDJvvYx5sYKg== =sUdv -END PGP SIGNATURE-
IMAP proxy
I'm migrating an old server to another old server (same dovecot version in both servers) The migration itself is straightforward, stop dovecot on the old server, migrate everything via rsync, start dovecot to the new server. There is only one step left: change the dns configuration, pointing from the old server to the newer one. As most of domains are not managed by me and some other domains are pointing to our server via IP, I can't simply change the A record or wait for all users to change their domain configuration. TL;DR: is possible to use dovecot as IMAP proxy so that even after changing our dns records, any user directly connecting to my old server would be proxied to the newer one automatically ? Any additional software or only a configuration change is required ?
Re: Recommended tool for migrating IMAP servers
[..] Well, I've read the dsync documentation, but this warning has me a little worried: "Make sure destination is exactly as source, deleting/reverting any changes in destination if necessary" This is when you use the 'backup' option. Dsync then makes 1:1 copy of the source. If you use 'sync -1' option, it does not delete mails/folders from destination. Sami Ah, ok, for the next sync I will try Dsync! Many thanks again! davide
Re: 2.1 to 2.2 server migration Qs: sanity check, config ?
Please read between the lines =) at least you should remove autocreate plugin. > On December 15, 2017 at 4:47 PM voy...@sbt.net.au wrote: > > > I have an old Centos 6 running dovecot 2.1.17 with Postfix 2.1x, mysql > virtual domains, in the process of setting a new Centos 7 to migrate, > copied /etc/dovecot, made some minor edits to get rid of errors, added > Letsencrypt in place of self certified certs, it seems to work, using mail > client I can log on StartSSL/110/143, TLS/995/993 with no visible errors > when login on > > is there any other sanity checks I should do ? before I start putting > users on it ? > > attaching dovecot.conf at the end, appreciate any suggestion or correction > > I see a lot of these warning, are they benign? > > #grep Warning /var/log/dovecot.log | wc > 7411026900 > # wc /var/log/dovecot.log > 174 2299 19716 /var/log/dovecot.log > > > Dec 16 00:57:12 auth: Warning: auth client 0 disconnected with 1 pending > requests: Connection reset by peer > Dec 16 00:57:52 auth: Warning: auth client 0 disconnected with 1 pending > requests: EOF > Dec 16 00:57:59 auth: Warning: auth client 0 disconnected with 1 pending > requests: Connection reset by peer > > ( as I've re used an old host name, I can see some users already trying to > connect, they must've never removed this server name when it was shut > down, perhaps they're generating these errors, repeatedly logging on ?) > > # doveadm who > username # proto (pids) (ips) > f...@aaa.com.au 1 imap (9047) (35.196.255.170) > se...@aaa.com.au 1 imap (9056) (104.196.21.108) > ei...@aaa.com.au 1 imap (9062) (35.196.255.170) > f...@aa.com.au2 imap (9240 9044) (203.194.43.48 35.196.255.170) > s...@aa.com.au 2 imap (9248 9063) (203.194.43.48 35.185.44.87) > post...@aa.com.au 1 imap (9057) (104.196.178.232) > ei...@aa.com.au 2 imap (9244 9050) (203.194.43.48 35.196.255.170) > se...@aa.com.au 2 imap (9055 9242) (104.196.21.108 203.194.43.48) > s...@aaa.com.au 1 imap (9054) (35.185.44.87) > > > doveconf -n -c /etc/dovecot/test/dovecot.conf > > /etc/dovecot/test/dovecot.conf.new > > # cat dovecot.conf.new > > # 2.2.33.2 (d6601f4ec): /etc/dovecot/test/dovecot.conf > # Pigeonhole version 0.4.21 (92477967) > # OS: Linux 3.10.0-693.11.1.el7.x86_64 x86_64 CentOS Linux release > 7.4.1708 (Core) > auth_master_user_separator = * > auth_mechanisms = PLAIN LOGIN > dict { > acl = mysql:/etc/dovecot/dovecot-share-folder.conf > quotadict = mysql:/etc/dovecot/dovecot-used-quota.conf > } > first_valid_uid = 2000 > last_valid_uid = 2000 > listen = * > log_path = /var/log/dovecot.log > mail_gid = 2000 > mail_location = maildir:/%Lh/Maildir/:INDEX=/%Lh/Maildir/ The INDEX= is redundant. > mail_plugins = quota > mail_uid = 2000 > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope encoded-character > vacation subaddress comparator-i;ascii-numeric relational regex imap4flags > copy include variables body enotify environment mailbox date index ihave > duplicate mime foreverypart extracttext > namespace { > inbox = yes > location = > prefix = > separator = / > type = private > } > namespace { > list = children > location = maildir:/%%Lh/Maildir/:INDEX=/%%Lh/Maildir/Shared/%%u You should read https://wiki.dovecot.org/SharedMailboxes/Shared > prefix = Shared/%%u/ > separator = / > subscriptions = yes > type = shared > } > passdb { > args = /etc/dovecot/dovecot-mysql.conf > driver = sql > } > passdb { > args = /etc/dovecot/dovecot-master-users-password > driver = passwd-file > master = yes > } > plugin { > acl = vfile > acl_shared_dict = proxy::acl > auth_socket_path = /var/run/dovecot/auth-master > autocreate = INBOX > autocreate2 = Sent > autocreate3 = Trash > autocreate4 = Drafts > autocreate5 = Junk > autosubscribe = INBOX > autosubscribe2 = Sent > autosubscribe3 = Trash > autosubscribe4 = Drafts > autosubscribe5 = Junk autocreate & autosubscribe should be converted into namespace { mailbox INBOX { auto = subscribe # (or just create if subscribing is not required) } } > quota = dict:user::proxy::quotadict > quota_rule = *:storage=1G > quota_warning = storage=85%% quota-warning 85 %u > quota_warning2 = storage=90%% quota-warning 90 %u > quota_warning3 = storage=95%% quota-warning 95 %u > sieve = /%Lh/sieve/dovecot.sieve > sieve_dir = /%Lh/sieve > sieve_global_dir = /var/vmail/sieve > sieve_global_path = /var/vmail/sieve/dovecot.sieve > } > protocols = pop3 imap sieve > service auth { > unix_listener /var/spool/postfix/dovecot-auth { > group = postfix > mode = 0666 > user = postfix > } This could be mode = 0600 > unix_listener auth-master { > group = vmail > mode = 0666 > user = vmail > } > unix_listener auth-userdb { > group = vmail > mode = 0660 > user = vmail > } > } You sure you need
Re: Mail-crypt plugin clarification
> On December 15, 2017 at 2:29 AM Joseph Tamwrote: > > > Aki Tuomi writes: > > > Dovecot does support making it difficult to prevent access to the stored > > mail. > > Those who have had problems understanding the documentation might find > this unintended double-negative ironically funny. > Indeed. Although we are open to improvements for the documentation, or even pointing out where it's wrong. > > You can, with suitable workflows, ensure that the user's emails are not > > readable by anyone but the user. Of course the only way to be fully > > sure is to use end-to-end encryption, ... > > "Ensure" (or OP: "impossible") are very high standards of privacy. > If the OP really means it, then since a third party has control over > the (virtual or real) hardware, the server should never have access to > private keys or decrypted data. (We're in agreement I think.) > You are quite right. The mail-crypt plugin cannot provide absolute guarantees that the data won't be accessible by sufficiently determined adversary, due to the fact that the keys are indeed on the server, or accessible by the server. > If the OP lowers their standards to "inconvenient" to gain access, > then the plugin is enough. It will keep the honest admin honest. > > > ... like PGP or S/MIME, but this does go a long way to prevent admin access > > to user's email. > > Don't ignore metadata; who/when/where (and headers?) could reveal much > information. > > Joseph Tam It's always all about who you are guarding against. I'd say that against your hosting provide, mail crypt can provide reasonable safeguards, especially if the storage is not on the same device. The weak point is, as you point out, key management and handling, and special attention should be paid to this and I suggest clearly outlining the threats you are planning on mitigating and how the solution(s) you use achieve this. Aki
2.1 to 2.2 server migration Qs: sanity check, config ?
I have an old Centos 6 running dovecot 2.1.17 with Postfix 2.1x, mysql virtual domains, in the process of setting a new Centos 7 to migrate, copied /etc/dovecot, made some minor edits to get rid of errors, added Letsencrypt in place of self certified certs, it seems to work, using mail client I can log on StartSSL/110/143, TLS/995/993 with no visible errors when login on is there any other sanity checks I should do ? before I start putting users on it ? attaching dovecot.conf at the end, appreciate any suggestion or correction I see a lot of these warning, are they benign? #grep Warning /var/log/dovecot.log | wc 7411026900 # wc /var/log/dovecot.log 174 2299 19716 /var/log/dovecot.log Dec 16 00:57:12 auth: Warning: auth client 0 disconnected with 1 pending requests: Connection reset by peer Dec 16 00:57:52 auth: Warning: auth client 0 disconnected with 1 pending requests: EOF Dec 16 00:57:59 auth: Warning: auth client 0 disconnected with 1 pending requests: Connection reset by peer ( as I've re used an old host name, I can see some users already trying to connect, they must've never removed this server name when it was shut down, perhaps they're generating these errors, repeatedly logging on ?) # doveadm who username # proto (pids) (ips) f...@aaa.com.au 1 imap (9047) (35.196.255.170) se...@aaa.com.au 1 imap (9056) (104.196.21.108) ei...@aaa.com.au 1 imap (9062) (35.196.255.170) f...@aa.com.au2 imap (9240 9044) (203.194.43.48 35.196.255.170) s...@aa.com.au 2 imap (9248 9063) (203.194.43.48 35.185.44.87) post...@aa.com.au 1 imap (9057) (104.196.178.232) ei...@aa.com.au 2 imap (9244 9050) (203.194.43.48 35.196.255.170) se...@aa.com.au 2 imap (9055 9242) (104.196.21.108 203.194.43.48) s...@aaa.com.au 1 imap (9054) (35.185.44.87) doveconf -n -c /etc/dovecot/test/dovecot.conf > /etc/dovecot/test/dovecot.conf.new # cat dovecot.conf.new # 2.2.33.2 (d6601f4ec): /etc/dovecot/test/dovecot.conf # Pigeonhole version 0.4.21 (92477967) # OS: Linux 3.10.0-693.11.1.el7.x86_64 x86_64 CentOS Linux release 7.4.1708 (Core) auth_master_user_separator = * auth_mechanisms = PLAIN LOGIN dict { acl = mysql:/etc/dovecot/dovecot-share-folder.conf quotadict = mysql:/etc/dovecot/dovecot-used-quota.conf } first_valid_uid = 2000 last_valid_uid = 2000 listen = * log_path = /var/log/dovecot.log mail_gid = 2000 mail_location = maildir:/%Lh/Maildir/:INDEX=/%Lh/Maildir/ mail_plugins = quota mail_uid = 2000 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext namespace { inbox = yes location = prefix = separator = / type = private } namespace { list = children location = maildir:/%%Lh/Maildir/:INDEX=/%%Lh/Maildir/Shared/%%u prefix = Shared/%%u/ separator = / subscriptions = yes type = shared } passdb { args = /etc/dovecot/dovecot-mysql.conf driver = sql } passdb { args = /etc/dovecot/dovecot-master-users-password driver = passwd-file master = yes } plugin { acl = vfile acl_shared_dict = proxy::acl auth_socket_path = /var/run/dovecot/auth-master autocreate = INBOX autocreate2 = Sent autocreate3 = Trash autocreate4 = Drafts autocreate5 = Junk autosubscribe = INBOX autosubscribe2 = Sent autosubscribe3 = Trash autosubscribe4 = Drafts autosubscribe5 = Junk quota = dict:user::proxy::quotadict quota_rule = *:storage=1G quota_warning = storage=85%% quota-warning 85 %u quota_warning2 = storage=90%% quota-warning 90 %u quota_warning3 = storage=95%% quota-warning 95 %u sieve = /%Lh/sieve/dovecot.sieve sieve_dir = /%Lh/sieve sieve_global_dir = /var/vmail/sieve sieve_global_path = /var/vmail/sieve/dovecot.sieve } protocols = pop3 imap sieve service auth { unix_listener /var/spool/postfix/dovecot-auth { group = postfix mode = 0666 user = postfix } unix_listener auth-master { group = vmail mode = 0666 user = vmail } unix_listener auth-userdb { group = vmail mode = 0660 user = vmail } } service dict { unix_listener dict { group = vmail mode = 0660 user = vmail } } service imap-login { process_limit = 500 service_count = 1 } service pop3-login { service_count = 1 } service quota-warning { executable = script /usr/local/bin/dovecot-quota-warning.sh unix_listener quota-warning { group = vmail mode = 0660 user = vmail } } ssl = required ssl_cert =
Re: sieve filter move wrong email to Junk folder
On 12/15/2017 02:36 PM, Alex JOST wrote: Am 14.12.2017 um 18:47 schrieb Gao: I use a sieve filter to move spam email to user's Junk folder: # cat spam_to_junk.sieve require "fileinto"; if exists "X-Spam-Status" { if header :contains "X-Spam-Status" "YES" { fileinto "Junk"; stop; } else { } } if header :contains "subject" ["SPAM?"] { fileinto "Junk"; stop; } Most time this filter works fine but occasionally it move non-spam in to Junk folder. Here is an example, this email is from dovecot mailling list and it end up in my Junk folder. Mailllog and header here. Would someone help me to figure out what went wrong here? X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,BAYES_00 autolearn=ham version=3.3.2, No AFAIK, header matching is case-insensitive. That's why 'YES' matches 'BAYES' and triggers the action. So any spammer might simply add a Header "X-Spam-Status: No" and the Mail gets into the INBOX ? Thats why my exim / spamasssassin combination adds the header "X-Spam-Status:" with all the various checks and if and only if the score is above e.g. 5 points it additionally adds the header "X-Spam-Flag: YES" . Ham mail is not affected with this "X-Spam-Flag". My global sieve filter only checks for the existance of the header line - not the value. I think this can't be circumvented by the spammers. Regards, Olaf -- Karlsruher Institut für Technologie (KIT) ATIS - Abt. Technische Infrastruktur, Fakultät für Informatik Dipl.-Geophys. Olaf Hopp - Leitung IT-Dienste - Am Fasanengarten 5, Gebäude 50.34, Raum 009 76131 Karlsruhe Telefon: +49 721 608-43973 Fax: +49 721 608-46699 E-Mail: olaf.h...@kit.edu atis.informatik.kit.edu www.kit.edu KIT – Die Forschungsuniversität in der Helmholtz-Gemeinschaft Das KIT ist seit 2010 als familiengerechte Hochschule zertifiziert. smime.p7s Description: S/MIME Cryptographic Signature
Re: sieve filter move wrong email to Junk folder
Am 14.12.2017 um 18:47 schrieb Gao: I use a sieve filter to move spam email to user's Junk folder: # cat spam_to_junk.sieve require "fileinto"; if exists "X-Spam-Status" { if header :contains "X-Spam-Status" "YES" { fileinto "Junk"; stop; } else { } } if header :contains "subject" ["SPAM?"] { fileinto "Junk"; stop; } Most time this filter works fine but occasionally it move non-spam in to Junk folder. Here is an example, this email is from dovecot mailling list and it end up in my Junk folder. Mailllog and header here. Would someone help me to figure out what went wrong here? X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,BAYES_00 autolearn=ham version=3.3.2, No AFAIK, header matching is case-insensitive. That's why 'YES' matches 'BAYES' and triggers the action. -- Alex JOST
Re: sieve filter move wrong email to Junk folder
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 15 Dec 2017, Bill Shirley wrote: This is what I use. Notice the comma: require "fileinto"; if header :contains "X-Spam-Status" "Yes," { fileinto "SystemFolders.SuspectedSpam"; stop; } I would even add the space: if header :contains "X-Spam-Status" "Yes, " { because the list of tests won't contain a space. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWjOKB8QnQQNheMxiAQIdeAgAyL+FDM/DE5J1sRkJ6P8MuIAT3Zx8zfPO Mljn/kswG551jyso2FfGqAw6et5uHrab3Wk22NxQVK6yR4ySZstr3RF9ICeuJVvs pNFzyvBf0BivihWZLMWiVum0/B0LfpW6T7B93Yvbl/JXei2C6+uy8Mk2zFo/5jWP lpKdIxWs/SMmsjFE2QccfP7Id1aUw+tYM+9P/fzc0/kGkNRs5UCodeo/e30opdvv tJ8QpwPV/873uhk9p5m2NB/0bi4i9Rg5VMC2ui5trVlyOR2q2WpYVZ1gV2tvVpEA B3QY8vrzDf9xb1zDoVi8hMDCqynZZGQ++nSfIux/7DBDJvvYx5sYKg== =sUdv -END PGP SIGNATURE-