The following article is part 6 of the mailserver set-up with virtual users and domains using Postfix and Dovecot series. It covers the steps used to set-up server-side email filtering with Dovecot Sieve and Roundcube on a CentOS 6 VPS
At the end of this article you will end up having the ability to set-up your own server-side mail filter rules and automatically deliver emails to specific maildir based on a filter rule.
What is all this about?
The project behind this is known as Pigeonhole. It’s great because it adds support for the Sieve language (RFC 5228) and the ManageSieve protocol (RFC 5804) to the Dovecot Secure IMAP Server. Additionally, one can easily manage these filter rules via Roundcube’s web interface.
UPDATE THE SYSTEM
Before proceeding any further, make sure you are in a screen session and check if your CentOS Linux VPS is fully up-to-date by running:
## screen -U -S sieve-screen ## yum update
ENABLE DOVECOT MANAGE-SIEVE
In order to enable ManageSieve protocol in Dovecot we need to install the dovecot-pigeonhole package using ‘yum’
## yum install dovecot-pigeonhole
Once the package is installed, navigate to dovecot’s configuration directory in /etc/dovecot and edit the main configuration file dovecot.conf
## cd /etc/dovecot ## vim dovecot.conf
set protocols to
protocols = imap lmtp sieve
add auth-master unix-listener to service auth
service auth {
unix_listener auth-client {
group = postfix
mode = 0660
user = postfix
}
unix_listener auth-master {
group = vmail
mode = 0660
user = vmail
}
user = root
}
and add the following to the end of the configuration file:
service managesieve-login {
inet_listener sieve {
port = 4190
}
}
service managesieve {
}
protocol sieve {
managesieve_max_line_length = 65536
managesieve_implementation_string = dovecot
log_path = /var/log/dovecot-sieve-errors.log
info_log_path = /var/log/dovecot-sieve.log
}
plugin {
sieve = ~/dovecot.sieve
sieve_global_path = /etc/dovecot/sieve/default.sieve
sieve_dir = ~/sieve
sieve_global_dir = /etc/dovecot/sieve/global/
}
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
protocol lda {
mail_plugins = $mail_plugins autocreate sieve quota
postmaster_address = postmaster@mydomain.com
hostname = mail.mydomain.com
auth_socket_path = /var/run/dovecot/auth-master
log_path = /var/log/dovecot-lda-errors.log
info_log_path = /var/log/dovecot-lda.log
}
protocol lmtp {
mail_plugins = $mail_plugins autocreate sieve quota
log_path = /var/log/dovecot-lmtp-errors.log
info_log_path = /var/log/dovecot-lmtp.log
}
set-up some necessary stuff
## touch /var/log/{dovecot-lda-errors.log,dovecot-lda.log}
## touch /var/log/{dovecot-sieve-errors.log,dovecot-sieve.log}
## touch /var/log/{dovecot-lmtp-errors.log,dovecot-lmtp.log}
## mkdir -p /etc/dovecot/sieve/global
## chown vmail: -R /etc/dovecot/sieve
## chown vmail:mail /var/log/dovecot-*
restart dovecot for the changes to take effect
## service dovecot restart
verify manage-sieve is exposed on port 4190
## netstat -tunlp | grep :4190
SET-UP GLOBAL SPAM FILTERS
Next step is to actually test the server-side filter by setting up a global SPAM sieve filter rule in /etc/dovecot/sieve/default.sieve. This rule should match all emails marked as SPAM by SpamAssassin and move them to the Spam maildir. So, create the following:
## vim /etc/dovecot/sieve/default.sieve
and add the sieve rules below
require ["fileinto"];
# rule:[SPAM]
if header :contains "X-Spam-Flag" "YES" {
fileinto "Spam";
}
# rule:[SPAM2]
elsif header :matches "Subject" ["*money*","*Viagra*","Cialis"] {
fileinto "Spam";
}
SET-UP POSTFIX DELIVERY
for this to work we need to edit two Postfix configuration files. Start with editing /etc/postfix/main.cf
## vim /etc/postfix/main.cf
and change/add the following
virtual_transport = dovecot dovecot_destination_recipient_limit = 1
next open /etc/postfix/master.cf and add the following to the end of the file
dovecot unix - n n - - pipe
flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -f ${sender} -d ${recipient}
restart postfix for the changes to take effect
## service postfix restart
with all that in place, send an email to some email account on the server using the subject below
XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X
the email should be flagged as SPAM by SpamAssassin and moved to the Spam maildir by Dovecot LDA
ENABLE SIEVE PLUGIN IN ROUNDCUBE
to be able to manage server-side filter rules through Roundcube, we need to enable the manage-sieve plugin by editing few configuration files.
change to Roundcube’s document root in /var/www/html/roundcube/
## cd /var/www/html/roundcube/
edit Roundcube’s main configuration file and set the following:
## vim +/PLUGINS config/main.inc.php
...
$rcmail_config['plugins'] = array('managesieve');
next, proceed with changing to /var/www/html/roundcube/plugins/managesieve/
## cd plugins/managesieve/
copy the default configuration file and set the following:
## cp config.inc.php.dist config.inc.php ## vim config.inc.php ... $rcmail_config['managesieve_port'] = 4190; ... $rcmail_config['managesieve_default'] = '/etc/dovecot/sieve/default.sieve';
now you can login to your Roundcube WebMail, navigate to Settings > Filters and create new filter sets and/or filter rules.
Implementing server-side email filtering to the mailserver set-up with virtual users and domains using Postfix and Dovecot adds another great and useful feature. Now you can easily filter and organize your emails.
Of course, if you are one of our Linux VPS Hosting customers, you don’t have to do any of this, simply ask our admins, sit back and relax. Our admins will set this up for you immediately.
PS. If you liked this post please share it with your friends on the social networks using the buttons on the left or simply leave a reply below. Thanks.
I’ve been stucked on getting sieve to run and searching forums with no luck until i found your tutorial.
I re-check all my config based on your tutorial and finally get it working.
Thank You Very Much.
Can you explain the lines:
dovecot unix – n n – – pipe
flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -f ${sender} -d ${recipient}
Everything is working without these lines. Adding them seems to break my relaying settings.
More information about this you can find at http://wiki.dovecot.org/LDA/Postfix. Thanks.
Hi,
I have set up postfix and dovecot using mysql virtual domains and emails. I am using ‘local_transport = virtual’ in my postfix main.cf and its working fine. To setup managesieve, whever I try to change to ‘virtual_transport = dovecot’. It starts giving error ‘Diagnostic-Code: x-unix; user unknown’ when email is sent to a local inbox.
Please help.
Thanks
Did you check your log file/s?
In my installation, everything works as long as the user does NOT have a filter set up using Roundcube.
I have a /etc/dovecot/sieve/domain-before.sieve file that files the spam mail to the Junk folder.
If a user does not have (private) filters, everything is fine. The spam gets moved to the Junk folder.
As soon as a user creates ANY filter (even something irelevant to the spam) the commands in domain-before.sieve are ignored.
Is there something I have to add/change?
What RoundCube plugin do you use? Do you see any error messages in the log file ?
when I’m following your instruction on Centos, I get the following errors.
I Can’t restart dovecot. The Error is below:
Starting Dovecot Imap: Fatal: service(auth) User doesn’t exist: vmail (See service auth { unix_listener /var/run/dovecot/auth-master { user } } setting)
I Guess I don’t have user vmail . How to create it correctly? or what user should I use instead?
Create the user with this command: useradd vmail
Thanks for the post!!
After configuration of Sieve it was not working, I got the error “failed to store into mailbox ‘Spam’: Unknown namespace” in /var/log/dovecot-sieve-errors.log
By changing fileinto “Spam”; to fileinto “INBOX.Spam”; in /etc/dovecot/sieve/default.sieve it worked.
Hope this helps anybody.
Googling wrong keywords for 2 weeks and finally found your tutorial. You are a hero. #seriuosly