Re: Disable Dovecot LDA

[Remko Lodder]

If both postfix’ in your example are the same server, then that’s not possible 
indeed.
Consider it has one brain, so it has to decide: Do I know this domain or do I 
need to
send it upstream (either to the MX of the target domain, or to a configured 
relay).

In case it’s a domain postfix hosts, a delivery attempt will be made directly 
via LMTP/LDA.
It does not go out (since it’s known local). 

In case the domain is not hosted locally, it will be forwarded to a relay, and 
that has to decide
where to send it next. If your machine is the best known option for the target 
domain, then it
will be send there. But if that is the same postfix server, that’s an issue: 
because the domain is
not known locally ,and thus it should be rejected. Message = lost.

In case you have 2 postfix instances, where A is on the top side of your image, 
then it can be configured
to route all email to relay, and that has a configuration that send’s it to 
instance B (the bottom); that can have
configuration that treats the target domain as local, and thus starts an 
delivery attempt to LMTP/LDA.

Does that help a bit?

Cheers
Remko

> On 2 Apr 2020, at 21:29, Adam Raszkiewicz  wrote:
> 
> So there is no way to skip Postfix for incoming messages and go directly to 
> LMTP/LDA but I need two instances of Postfix in that case?
> 
> Regarding your second question - it is required to be complaint with Direct 
> Trust. 
> 
> Thanks,
> Adam
> 
> On 4/2/20, 3:07 PM, "dovecot on behalf of Juri Haberland" 
>  wrote:
> 
>On 02/04/2020 15:18, Adam Raszkiewicz wrote:
>> Desired flow looks like:
>> 
>> Dovecot -> Postfix --> Relay Server -┐
>> Dovecot <-- LMTP/LDA <-- Postfix <-┘
> 
>This mail flow cannot work with one Postfix instance. Either Postfix
>knows that "localdomain.com" is local and should be delivered to the
>LDA, in which case it won't be forwarded to the relay server, or Postfix
>does not know that "localdomain.com" is a local address and therefor
>forwards it the relay server, but than it will do that anytime it sees
>"localdomain.com".
> 
>Only possibility is to run two instances of Postfix.
> 
>The real question is:
>Why do you want this mail flow? Where is the benefit in sending a local
>mail out to a relay server only to get it back and deliver it?
> 
> 
>Cheers,
>  Juri
> 
> 

Re: Disable Dovecot LDA

[Adam Raszkiewicz]

So there is no way to skip Postfix for incoming messages and go directly to 
LMTP/LDA but I need two instances of Postfix in that case?

Regarding your second question - it is required to be complaint with Direct 
Trust. 

Thanks,
Adam

On 4/2/20, 3:07 PM, "dovecot on behalf of Juri Haberland" 
 wrote:

On 02/04/2020 15:18, Adam Raszkiewicz wrote:
> Desired flow looks like:
> 
> Dovecot -> Postfix --> Relay Server -┐
> Dovecot <-- LMTP/LDA <-- Postfix <-┘

This mail flow cannot work with one Postfix instance. Either Postfix
knows that "localdomain.com" is local and should be delivered to the
LDA, in which case it won't be forwarded to the relay server, or Postfix
does not know that "localdomain.com" is a local address and therefor
forwards it the relay server, but than it will do that anytime it sees
"localdomain.com".

Only possibility is to run two instances of Postfix.

The real question is:
Why do you want this mail flow? Where is the benefit in sending a local
mail out to a relay server only to get it back and deliver it?


Cheers,
  Juri

Re: Disable Dovecot LDA

[Juri Haberland]

On 02/04/2020 15:18, Adam Raszkiewicz wrote:
> Desired flow looks like:
> 
> Dovecot -> Postfix --> Relay Server -┐
> Dovecot <-- LMTP/LDA <-- Postfix <-┘

This mail flow cannot work with one Postfix instance. Either Postfix
knows that "localdomain.com" is local and should be delivered to the
LDA, in which case it won't be forwarded to the relay server, or Postfix
does not know that "localdomain.com" is a local address and therefor
forwards it the relay server, but than it will do that anytime it sees
"localdomain.com".

Only possibility is to run two instances of Postfix.

The real question is:
Why do you want this mail flow? Where is the benefit in sending a local
mail out to a relay server only to get it back and deliver it?


Cheers,
  Juri

auth service stops responding

[Michael Redert]

Hi all,
I am running postfix with dovecot configured for local mail delivery.
Everything works as expected for a while, but after successfully
delivering ~250 mails, dovecot does not accept requests anymore and
mails start queueing up in the postfix mailqueue. After restarting
dovecot, another ~250 mails are processed and the problem occurs again.

The server is running ubuntu 18.04 with dovecot 2.2.33.2 and postfix
3.3.0 installed. Users are stored locally in /etc/dovecot/users.

Based on the log messages below and the output of netstat, it seems to
me, that the auth service is not accepting any requests on the
corresponding socket anymore.


Any help is very much appreciated!

Kind regards,
Michael


--- postfix error messages ---
Mar 28 09:36:13 srv postfix/lmtp[3850]: 2423F7A21C:
to=, relay=srv.mydomain.de[private/dovecot-lmtp],
delay=155, delays=0.01/0/0/155, dsn=4.3.0, status=deferred (host
srv.mydomain.de[private/dovecot-lmtp] said: 451 4.3.0
Internal error occurred. Refer to server log for
more information. (in reply to RCPT TO command))
Mar 28 09:38:48 srv postfix/lmtp[3850]: 45A0C7A2B5:
to=, relay=srv.mydomain.de[private/dovecot-lmtp],
delay=308, delays=0.01/153/0.02/155, dsn=4.3.0, status=deferred (host
srv.mydomain.de[private/dovecot-lmtp] said: 451 4.3.0
Internal error occurred. Refer to server log for
more information. (in reply to RCPT TO command))

-- dovecot error messages ---
Mar 28 09:36:13 lmtp(2631): user-lookup(sys...@mydomain.de)Error: userdb
lookup(sys...@mydomain.de): Request timed out
Mar 28 09:36:14 lmtp(2623): user-lookup(sys...@mydomain.de)Error: userdb
lookup(sys...@mydomain.de): Request timed out
Mar 28 09:38:48 lmtp(2631): user-lookup(sys...@mydomain.de)Error: userdb
lookup(sys...@mydomain.de): Connecting timed out
Mar 28 09:38:49 lmtp(2623): user-lookup(sys...@mydomain.de)Error: userdb
lookup(sys...@mydomain.de): Connecting timed out
Mar 28 09:41:23 lmtp(sys...@mydomain.de): Error: userdb
lookup(sys...@mydomain.de): Connecting timed out
Mar 28 09:41:24 lmtp(sys...@mydomain.de): Error: userdb
lookup(sys...@mydomain.de): Connecting timed out

--- relevant netstat output when dovecot hangs 
root@srv:~# netstat | grep dovecot | sort
unix  2  [ ] STREAM CONNECTED 1449174
/var/run/dovecot/auth-userdb
unix  2  [ ] STREAM CONNECTED 1449995
/var/run/dovecot/auth-userdb
unix  2  [ ] STREAM CONNECTING    0
/var/run/dovecot/auth-userdb
unix  2  [ ] STREAM CONNECTING    0
/var/run/dovecot/auth-userdb
unix  2  [ ] STREAM CONNECTING    0
/var/run/dovecot/auth-userdb
unix  2  [ ] STREAM CONNECTING    0
/var/run/dovecot/auth-userdb
unix  2  [ ] STREAM CONNECTING    0
/var/run/dovecot/auth-userdb
unix  2  [ ] STREAM CONNECTING    0
/var/run/dovecot/auth-userdb
unix  2  [ ] STREAM CONNECTING    0
/var/run/dovecot/auth-userdb
unix  2  [ ] STREAM CONNECTING    0
/var/run/dovecot/auth-userdb
unix  2  [ ] STREAM CONNECTING    0
/var/run/dovecot/auth-userdb
unix  2  [ ] STREAM CONNECTING    0
/var/run/dovecot/auth-userdb
unix  3  [ ] STREAM CONNECTED 1468180
/var/run/dovecot/config
unix  3  [ ] STREAM CONNECTED 1468267
/var/run/dovecot/config
unix  3  [ ] STREAM CONNECTED 1468271
/var/run/dovecot/config
unix  3  [ ] STREAM CONNECTED 1469651
/var/run/dovecot/config
unix  3  [ ] STREAM CONNECTED 1470606
/var/spool/postfix/private/dovecot-lmtp
unix  3  [ ] STREAM CONNECTED 1470614
/var/spool/postfix/private/dovecot-lmtp
unix  3  [ ] STREAM CONNECTING    0
/var/run/dovecot/auth-userdb
unix  3  [ ] STREAM CONNECTING    0
/var/run/dovecot/auth-userdb

--- dovecot configuration 
root@srv:~# dovecot -n
# 2.2.33.2 (d6601f4ec): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.21 (92477967)
doveconf: Warning: SSLv2 not supported by OpenSSL. Please consider
removing it from ssl_protocols.
# OS: Linux 4.19.75-meson64 aarch64 Ubuntu 18.04.4 LTS
auth_debug = yes
auth_username_format = %n
auth_verbose = yes
debug_log_path = /var/log/dovecot-info.log
default_client_limit = 16
default_process_limit = 32
first_valid_uid = 1000
hostname = mail.mydomain.de
info_log_path = /var/log/dovecot-info.log
lda_mailbox_autocreate = yes
listen = *
lock_method = dotlock
log_path = /var/log/dovecot.log
mail_debug = yes
mail_fsync = always
mail_location = mbox:~/mail:INBOX=/var/mail/%u
mail_privileged_group = mail
mmap_disable = yes
namespace {
  inbox = yes
  location =
  mailbox {
    special_use = \Drafts
    name = Drafts
  }
  mailbox {
    special_use = \Junk
    name = Junk
  }
  mailbox {
    special_use = \Sent
    name = Sent
  }
  mailbox {
    special_use = \Sent
    name = Sent Messages
  }
  mailbox {
    special_use = \Trash
    name = Trash
  }
  prefix =
  

Re: Disable Dovecot LDA

[Jerry]

On Thu, 2 Apr 2020 13:18:14 +, Adam Raszkiewicz stated:
>Desired flow looks like:
>
>Dovecot -> Postfix --> Relay Server -┐
>Dovecot <-- LMTP/LDA <-- Postfix <-┘
>
>Top part of that flow works fine - a message will get to the relay
>server and it will be send back to the postfix for a local delivery
>but then it will start to loop back to the relay server instead hand
>over to LMTP/LDA. 
>
>For some reason Postfix  doesn't know that a...@localdomain.com is
>located on Dovecot and it will try to send it back to the relay
>server. I have the same problem explained here:
>https://serverfault.com/questions/1010325/postfix-via-relay-server-and-lmtp-configuration-for-incoming-delivery-to-local-m
>
>Thanks for any help!
>~Adam
>
>On 4/1/20, 6:45 PM, "dovecot on behalf of Dauser Martin Johannes"
> wrote:
>
>On Dienstag, 31. März 2020 21:14:26 CEST Adam Raszkiewicz wrote:
>> But then it loops again when get back to the postfix as an
>> incoming message (doesn't know that a...@localdomain.com is
>> located on that Dovecot)  
>+
>> Is there any way to disable Dovecot LDA? I want to always send
>> email via postfix and relay server even it will be a local
>> delivery within the Dovecot server
>>
>>Thanks,
>>Adam  
>
>Why should a disabled LDA or a relayhost help in this matter?
> Honestly, who is sending what to where anyway? 
>
>I mean Dovecot is an IMAP-Server: It receives emails from Postfix
> and mailclients connect to Dovecot to get these mails. When a
> mailclient sends an email it connects to Postfix not to Dovecot, so a
> delivery "within Dovecot" isn't really happening. Dovecot's LDA has
> options to send (bounce) mails back to Postfix. I guess loops occur
> there? 
>WHO doesn't know that a...@localdomain.com is located on Dovecot
> -- Dovecot itself (= unknown recipient or perhaps permission problems
> while saving the mail) or Postfix (= no transport to Dovecot)? 
>
>Martin

This question really belongs on the 'postfix' forum. Have you read
 or better still,
. The "postfinger" tool
is the best way.

-- 
Jerry


pgpddSbXQSgBz.pgp
Description: OpenPGP digital signature

Re: Sieve with links?

[@lbutlr]

On 02 Apr 2020, at 06:27, Sami Ketola  wrote:
> if you do cat /usr/local/virtual/user@domain/.active_sieve does it follow the 
> symlink correctly?

Yes.

On 02 Apr 2020, at 05:03, Aki Tuomi  wrote:
> And what is the "default sieve file"?

The system-code one that runs for all users.

# cat /usr/lib/dovecot/sieve/default.sieve
require "fileinto";
if header :contains "X-spam-flag" "YES" {
 fileinto "Junk”;
}



-- 
"Are you pondering what I'm pondering?"
"I think so, Brain, but I find scratching just makes it worse.”

Re: Disable Dovecot LDA

[Adam Raszkiewicz]

Desired flow looks like:

Dovecot -> Postfix --> Relay Server -┐
Dovecot <-- LMTP/LDA <-- Postfix <-┘

Top part of that flow works fine - a message will get to the relay server and 
it will be send back to the postfix for a local delivery but then
it will start to loop back to the relay server instead hand over to LMTP/LDA. 

For some reason Postfix  doesn't know that a...@localdomain.com is located on 
Dovecot and it will try to send it back to the relay server.
I have the same problem explained here: 
https://serverfault.com/questions/1010325/postfix-via-relay-server-and-lmtp-configuration-for-incoming-delivery-to-local-m

Thanks for any help!
~Adam

On 4/1/20, 6:45 PM, "dovecot on behalf of Dauser Martin Johannes" 
 wrote:

On Dienstag, 31. März 2020 21:14:26 CEST Adam Raszkiewicz wrote:
> But then it loops again when get back to the postfix as an incoming 
message
> (doesn't know that a...@localdomain.com is located on that Dovecot)
+
> Is there any way to disable Dovecot LDA? I want to always send email via 
> postfix and relay server even it will be a local delivery within the 
Dovecot
> server
>
>Thanks,
>Adam

Why should a disabled LDA or a relayhost help in this matter? Honestly, who 
is 
sending what to where anyway? 

I mean Dovecot is an IMAP-Server: It receives emails from Postfix and 
mailclients connect to Dovecot to get these mails. When a mailclient sends 
an 
email it connects to Postfix not to Dovecot, so a delivery "within Dovecot" 
isn't really happening. Dovecot's LDA has options to send (bounce) mails 
back 
to Postfix. I guess loops occur there?

WHO doesn't know that a...@localdomain.com is located on Dovecot -- Dovecot 
itself (= unknown recipient or perhaps permission problems while saving the 
mail) or Postfix (= no transport to Dovecot)? 

Martin

Re: Sieve with links?

[Sami Ketola]

> On 2 Apr 2020, at 14.02, @lbutlr  wrote:
> 
> On 02 Apr 2020, at 03:48, Aki Tuomi  wrote:
>> On 2.4.2020 11.07, @lbutlr wrote:
>>> Is there any reason that a .active_sieve file would not load because it is 
>>> a symbolic link? The target of the link is readable by the mail user, but 
>>> instead of getting the trace for the .active_sieve file, I only get the 
>>> trace for the default sieve file.
>> 
>> Does `doveadm sieve list` show it as active script?
> 
> Users are all virtual, so not sure who much that matters.
> 
> # doveadm sieve list  
> doveadm(root): Error: Couldn't drop privileges: User is missing UID (see 
> mail_uid setting)
> 
> # sudo -u vmail doveadm sieve list
> spamassassin ACTIVE
> 
> # doveadm sieve list -u user@domain
> doveadm(user@domain): Warning: sieve: file storage: Active sieve script 
> symlink /usr/local/virtual/user@domain/.active_sieve is no symlink.
> spamassassin ACTIVE
> 
> # ls -ls /usr/local/virtual/user@domain/.active_sieve
> 0 lrwxr-xr-x  1 root  vmail  50 Apr  2 04:58 .active_sieve -> 
> /usr/local/virtual/otheruser@domain/.sieve/listid
> 
> # ls -lsH  /usr/local/virtual/user@domain/.active_sieve
> 8 -rw-r--r--  2 vmail  vmail  1863 Apr  2 01:58 .active_sieve
> 

if you do cat /usr/local/virtual/user@domain/.active_sieve does it follow the 
symlink correctly?

Sami

"auth_cache_verify_password_with_worker = yes" does not work with proxy

[Theo Pannen]

Hello,

i use a proxy only configuration with version 2.2.22 (Ubuntu 16.04) and have 
now transferred it to version 2.3.10. This works as before.

But as soon as i use "auth_cache_verify_password_with_worker = yes", it does 
not work anymore.
The first login still works, but from the second one, where the answer comes 
from the cache, there is an error. The login is still accepted but dovecot 
searches the mailbox locally. 

The configuration for cache and proxy (from dovecot -n):

auth_cache_verify_password_with_worker = yes
auth_cache_negative_ttl = 0
auth_cache_size = 64 M

passdb {
  args = /etc/dovecot/dovecot-sql.conf.ext
  driver = sql
}

The sql from /etc/dovecot/dovecot-sql.conf.ext:

password_query = SELECT pwdCrypt AS password, \
NULL AS nopassword, \
'MyMasterUser' AS master, \
'MyMasterPass' AS pass, \
ipv4address AS host, \
'%u' AS destuser, \
'Y' AS proxy \
  FROM mailbox \
  WHERE user = '%u' AND activeFlg = '1' LIMIT 1


The logfile extracts with "auth_cache_verify_password_with_worker = yes":

- First Login from mail.log (work's)

Apr  2 12:27:11 mf-19 dovecot: auth: Debug: client in: 
AUTH#0111#011PLAIN#011service=imap#011secured=tls#011session=6fZiPkyiWHJSZMhl#011lip=178.254.4.122#011rip=93.200.174.28#011lport=143#011rport=29272#011local_name=mf-19.1blu.de#011ssl_cipher=TLS_AES_128_GCM_SHA256#011ssl_cipher_bits=128#011ssl_pfs=KxANY#011ssl_protocol=TLSv1.3
Apr  2 12:27:11 mf-19 dovecot: auth: Debug: client passdb out: CONT#0111
Apr  2 12:27:11 mf-19 dovecot: auth: Debug: client in: CONT
Apr  2 12:27:11 mf-19 dovecot: auth: Debug: 
sql(testuser,93.200.174.28,<6fZiPkyiWHJSZMhl>): Performing passdb lookup
Apr  2 12:27:11 mf-19 dovecot: auth: Debug: 
sql(testuser,93.200.174.28,<6fZiPkyiWHJSZMhl>): cache miss
Apr  2 12:27:11 mf-19 dovecot: auth-worker(18978): Debug: Loading modules from 
directory: /usr/lib/dovecot/modules/auth
Apr  2 12:27:11 mf-19 dovecot: auth-worker(18978): Debug: Module loaded: 
/usr/lib/dovecot/modules/auth/lib20_auth_var_expand_crypt.so
Apr  2 12:27:11 mf-19 dovecot: auth-worker(18978): Debug: Module loaded: 
/usr/lib/dovecot/modules/auth/libdriver_mysql.so
Apr  2 12:27:11 mf-19 dovecot: auth-worker(18978): Debug: conn unix:auth-worker 
(pid=18976,uid=109): Server accepted connection (fd=16)
Apr  2 12:27:11 mf-19 dovecot: auth-worker(18978): Debug: conn unix:auth-worker 
(pid=18976,uid=109): Sending version handshake
Apr  2 12:27:11 mf-19 dovecot: auth-worker(18978): Debug: conn unix:auth-worker 
(pid=18976,uid=109): auth-worker<1>: Handling PASSV request
Apr  2 12:27:11 mf-19 dovecot: auth-worker(18978): Debug: 
sql(testuser,93.200.174.28,<6fZiPkyiWHJSZMhl>): Performing passdb lookup
Apr  2 12:27:11 mf-19 dovecot: auth-worker(18978): Debug: 
sql(testuser,93.200.174.28,<6fZiPkyiWHJSZMhl>): query: SELECT pwdCrypt AS 
password, NULL AS nopassword, 'MyMasterUser' AS master, 'MyMasterPass' AS pass, 
ipv4address AS host, 'testuser' AS destuser, 'Y' AS proxy FROMmailbox WHERE 
user = 'testuser' AND activeFlg = '1' LIMIT 1
Apr  2 12:27:11 mf-19 dovecot: auth-worker(18978): Debug: 
sql(testuser,93.200.174.28,<6fZiPkyiWHJSZMhl>): Finished passdb lookup
Apr  2 12:27:11 mf-19 dovecot: auth-worker(18978): Debug: conn unix:auth-worker 
(pid=18976,uid=109): auth-worker<1>: Finished
Apr  2 12:27:11 mf-19 dovecot: auth: Debug: 
sql(testuser,93.200.174.28,<6fZiPkyiWHJSZMhl>): Finished passdb lookup
Apr  2 12:27:11 mf-19 dovecot: auth: Debug: 
auth(testuser,93.200.174.28,<6fZiPkyiWHJSZMhl>): Auth request finished
Apr  2 12:27:11 mf-19 dovecot: auth: Debug: client passdb out: 
OK#0111#011user=testuser#011master=MyMasterUser#011pass=#011host=10.1.2.3#011destuser=testuser#011proxy
Apr  2 12:27:11 mf-19 dovecot: imap-login: proxy(testuser): started proxying to 
10.1.2.3:143 (master MyMasterUser): user=, method=PLAIN, 
rip=93.200.174.28, lip=178.254.4.122, TLS, session=<6fZiPkyiWHJSZMhl>


- Further logins from mail.log (searches locally):

Apr  2 12:27:18 mf-19 dovecot: auth: Debug: client in: 
AUTH#0111#011PLAIN#011service=imap#011secured=tls#011session=L4PQPkyi7plSZMhl#011lip=178.254.4.122#011rip=93.200.174.28#011lport=143#011rport=39406#011local_name=mf-19.1blu.de#011ssl_cipher=TLS_AES_128_GCM_SHA256#011ssl_cipher_bits=128#011ssl_pfs=KxANY#011ssl_protocol=TLSv1.3
Apr  2 12:27:18 mf-19 dovecot: auth: Debug: client passdb out: CONT#0111
Apr  2 12:27:18 mf-19 dovecot: auth: Debug: client in: CONT
Apr  2 12:27:18 mf-19 dovecot: auth: Debug: 
sql(testuser,93.200.174.28,): Performing passdb lookup
Apr  2 12:27:18 mf-19 dovecot: auth: Debug: 
sql(testuser,93.200.174.28,): cache hit: 
#011master=MyMasterUser#011pass=MyMasterPass#011host=10.1.2.3#011destuser=testuser#011proxy=Y
Apr  2 12:27:18 mf-19 dovecot: auth: Debug: 
sql(testuser,93.200.174.28,): cache: validating password on 
worker
Apr  2 12:27:18 mf-19 dovecot: 

Re: Sieve with links?

[Aki Tuomi]

On 2.4.2020 14.02, @lbutlr wrote:
> On 02 Apr 2020, at 03:48, Aki Tuomi  wrote:
>> On 2.4.2020 11.07, @lbutlr wrote:
>>> Is there any reason that a .active_sieve file would not load because it is 
>>> a symbolic link? The target of the link is readable by the mail user, but 
>>> instead of getting the trace for the .active_sieve file, I only get the 
>>> trace for the default sieve file.
>> Does `doveadm sieve list` show it as active script?
> Users are all virtual, so not sure who much that matters.
>
> # doveadm sieve list  
> doveadm(root): Error: Couldn't drop privileges: User is missing UID (see 
> mail_uid setting)
>
> # sudo -u vmail doveadm sieve list
> spamassassin ACTIVE
>
> # doveadm sieve list -u user@domain
> doveadm(user@domain): Warning: sieve: file storage: Active sieve script 
> symlink /usr/local/virtual/user@domain/.active_sieve is no symlink.
> spamassassin ACTIVE
>
> # ls -ls /usr/local/virtual/user@domain/.active_sieve
> 0 lrwxr-xr-x  1 root  vmail  50 Apr  2 04:58 .active_sieve -> 
> /usr/local/virtual/otheruser@domain/.sieve/listid
>
> # ls -lsH  /usr/local/virtual/user@domain/.active_sieve
> 8 -rw-r--r--  2 vmail  vmail  1863 Apr  2 01:58 .active_sieve
>
>
>
And what is the "default sieve file"?

Aki

Re: Sieve with links?

[@lbutlr]

On 02 Apr 2020, at 03:48, Aki Tuomi  wrote:
> On 2.4.2020 11.07, @lbutlr wrote:
>> Is there any reason that a .active_sieve file would not load because it is a 
>> symbolic link? The target of the link is readable by the mail user, but 
>> instead of getting the trace for the .active_sieve file, I only get the 
>> trace for the default sieve file.
> 
> Does `doveadm sieve list` show it as active script?

Users are all virtual, so not sure who much that matters.

# doveadm sieve list  
doveadm(root): Error: Couldn't drop privileges: User is missing UID (see 
mail_uid setting)

# sudo -u vmail doveadm sieve list
spamassassin ACTIVE

# doveadm sieve list -u user@domain
doveadm(user@domain): Warning: sieve: file storage: Active sieve script symlink 
/usr/local/virtual/user@domain/.active_sieve is no symlink.
spamassassin ACTIVE

# ls -ls /usr/local/virtual/user@domain/.active_sieve
0 lrwxr-xr-x  1 root  vmail  50 Apr  2 04:58 .active_sieve -> 
/usr/local/virtual/otheruser@domain/.sieve/listid

# ls -lsH  /usr/local/virtual/user@domain/.active_sieve
8 -rw-r--r--  2 vmail  vmail  1863 Apr  2 01:58 .active_sieve



-- 
Rule 1: To every rule there is an exception.

Re: Sieve with links?

[Aki Tuomi]

On 2.4.2020 11.07, @lbutlr wrote:
> Is there any reason that a .active_sieve file would not load because it is a 
> symbolic link? The target of the link is readable by the mail user, but 
> instead of getting the trace for the .active_sieve file, I only get the trace 
> for the default sieve file.
>
>

Does `doveadm sieve list` show it as active script?

Aki

Sieve with links?

[@lbutlr]

Is there any reason that a .active_sieve file would not load because it is a 
symbolic link? The target of the link is readable by the mail user, but instead 
of getting the trace for the .active_sieve file, I only get the trace for the 
default sieve file.


-- 
'Winners never talk about glorious victories. That's because they're
the ones who see what the battlefield looks like afterwards. It's
only the losers who have glorious victories.' --Small Gods