Atmail KB: Sieve filters and @Mail

July 25, 2006

Sieve filters and @Mail

Sieve is a language that can be used to create filters for electronic mail. It is not tied to any particular operating system or mail architecture, so it can be used with @Mail-Exim. This document details how to do it.

- open up the Exim configure file (/usr/local/atmail/mailserver/configure), and find the following:

#
# Optionally, send the user an SMS message of the email-alert
sms_delivery:
driver = accept
domains = ${lookup mysql {MYSQL_SMSREPLY}{$value}}
condition = ${if

- below this, add the following:

sieve_deliver:
  driver = redirect
  domains = +local_domains
  local_part_suffix = "-*"
  local_part_suffix_optional
  sieve_subaddress = "${sg{$local_part_suffix}{^-}{}}"
  sieve_useraddress = "$local_part"
  require_files = ${lookup mysql{SELECT MailDir from Users where Account='${local_part}@${domain}'}}/sievefilter
  file = ${lookup mysql{SELECT MailDir from Users where Account='${local_part}@${domain}'}}/sievefilter
  check_ancestor
  user = atmail
  allow_filter
  file_transport = sieve_user
  reply_transport = mysql_autoreply
  verify = false

- then, find the following line:

mysql_autoreply:
driver = autoreply
headers = Content-Type: text/plain; charset=utf-8
to = ${sender_address}
from = ${sender_address}
reply_to = "${local_part}@${domain}"
subject = "AutoReply from ${local_part}@${domain}"
text = ${lookup mysql {MYSQL_AUTOREPLY}{$value}}
once = ${lookup mysql{SELECT concat(MailDir, "/autoreply.db") from Users where Account='${local_part}@${domain}'}}
once_repeat = 1d
once_file_size = 500K

- below this, add the following:

sieve_user:
  driver = appendfile
  directory = ${lookup mysql{SELECT MailDir from Users where Account='${local_part}@${domain}'}}/${sg{$address_file}{^inbox}{}}
  maildir_format
  delivery_date_add
  envelope_to_add
  return_path_add
  mode = 0600

- you can then add Sieve filter files to a user's Maildir. The Maildir is located in /usr/local/atmail/users, and is prefixed by the first two letters of an account. For example, the user foo@bar.com will have a sieve filter file at: /usr/local/atmail/users/f/o/foo@bar.com/sievefilter. Note that the sieve filter file needs to have the filename 'sievefilter'.

- a basic howto for Sieve filters can be found at: http://wiki.fastmail.fm/index.php/BasicSieve. Examples can be found at: http://wiki.fastmail.fm/index.php/SieveExamples. Below is a sample Sieve filter for moving emails to the Spam folder when they contain the string "foobar" in the headers:

# Sieve Filter
require ["fileinto"];
if  header :contains "testing.com" {
fileinto ".Spam";
stop;
}

Notes:
- the "# Sieve filter" line at the beginning of each file is imperative
- IMAP folders need to be identified with a leading "." character

Comments (0)

Filed under: Exim — John Contad @ 4:02 am

July 21, 2006

Converting SSL certificate into .pem format for POP3/IMAP

Question: I have an SSL certificate signed by Verisign for my SSL Webserver. I would like to use the same certificate for my POP3/IMAP server using @Mail via SSL.

How can I used the certificate files generated from my SSL provider? This is required so users will not receive a security popup message when connecting via SSL, since the connection will be trusted automatically.

Answer: Obtain the certficiate.key and certificate.crt files that are generated by your SSL provider, these can be used to create the .pem format the POP3/IMAP server require when running via SSL.

The .pem format for certificates are simply a combination of the public and private keys of the certificate, which are required by the mail-server of @Mail.

To generate:

# cat certificate.key certificate.crt > /usr/local/atmail/mailserver/share/imapd.pem

# cat certificate.key certificate.crt > /usr/local/atmail/mailserver/share/pop3d.pem

Next, restart the @Mail services:

# /etc/init.d/atmailserver restart

Users can now connect via SSL POP3/IMAP with your SSL certificate from your provider ( e.g Verisign, Thawte, Comodo SSL, etc )

Next, to use the same certificate when users connect via SMTP, follow the TLS install guide at: http://kb.atmail.com/view_article.php?num=345

Then define in the /usr/local/atmail/mailserver/configure

tls_certificate=/usr/local/atmail/mailserver/server.crt
tls_privatekey=/usr/local/atmail/mailserver/server.key

Point these paths to your certificate files on disk.

To avoid any security warnings the domain-name users connect via SSL POP3/IMAP must match the domain the certificate has been approved for.

Comments (2)

Filed under: Encryption — Ben Duncan @ 8:39 am

July 5, 2006

MySQL / authmysqlrc pitfalls

Pitfall #1: Setting the password for the mysql account which @Mail uses to a string which begins with "#".

This causes the rest of the password to be effectively commented out in /usr/local/atmail/mailserver/etc/authmysqlrc .

Error messages (in /var/log/maillog on linux) indicate that courier fails to authenticate with mysql.

Pitfall #2: trailing spaces in authmysqlrc MYSQLCONFIG section:

#
# The server name, userid, and password used to log in.
MYSQL_SERVER localhost
MYSQL_USERNAME root
MYSQL_PASSWORD yourpassword
MYSQL_DATABASE atmail

This causes courier to report that it can't connect to the mysql server.

Summary: Watch out for trailing spaces in authmysqlrc, and don't set your mysql password to anything that starts with a "#".

Comments (0)

Filed under: Database — Corey Bissaillon @ 10:10 pm

Knowledge Base Search:

Categories: