doc:appunti:linux:sa:postfix_spamassassin_clamav_dovecot
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
doc:appunti:linux:sa:postfix_spamassassin_clamav_dovecot [2022/09/30 09:38] – [Dovecot Local Delivery Agent] niccolo | doc:appunti:linux:sa:postfix_spamassassin_clamav_dovecot [2023/10/30 10:09] (current) – [Enable SSL, imaps and pop3s] niccolo | ||
---|---|---|---|
Line 176: | Line 176: | ||
Once restarted the **dovecot.service**, | Once restarted the **dovecot.service**, | ||
+ | |||
+ | ==== Client connections are being dropped ==== | ||
+ | |||
+ | You may encounter wanring messages like these into the mail log: | ||
+ | |||
+ | < | ||
+ | dovecot: master: Warning: service(imap-login): | ||
+ | </ | ||
+ | |||
+ | To increase the number of process that are allowed to spawn, edit the **/ | ||
+ | |||
+ | < | ||
+ | default_process_limit = 200 | ||
+ | </ | ||
+ | |||
===== SpamAssassin Filter ===== | ===== SpamAssassin Filter ===== | ||
Line 209: | Line 224: | ||
* **clamdscan** | * **clamdscan** | ||
* **clamav-freshclam** | * **clamav-freshclam** | ||
+ | * **libclamunrar9** (non-free package to scan inside RAR archives) | ||
Periodic download (update) of viruses database is performed by the **clamav-freshclam.service**, | Periodic download (update) of viruses database is performed by the **clamav-freshclam.service**, | ||
Line 251: | Line 267: | ||
mailbox_command = / | mailbox_command = / | ||
</ | </ | ||
+ | |||
+ | ==== Error stats-writer Broken pipe ==== | ||
**WARNING**: | **WARNING**: | ||
Line 278: | Line 296: | ||
* [[https:// | * [[https:// | ||
+ | ==== Error Command output: Aborted ==== | ||
+ | |||
+ | Another subtle error with Dovecot LDA can be reported generically into the Postfix log as: | ||
+ | |||
+ | < | ||
+ | postfix/ | ||
+ | status=bounced (Command died with status 134: | ||
+ | "/ | ||
+ | Command output: Aborted ) | ||
+ | </ | ||
+ | |||
+ | To get some hints about the problem you can enable logging in Dovecot LDA; you can add the following in **/ | ||
+ | |||
+ | < | ||
+ | protocol lda { | ||
+ | ... | ||
+ | log_path = / | ||
+ | info_log_path = / | ||
+ | } | ||
+ | </ | ||
+ | |||
+ | and create the log files with suitable permissions (in my case the LDA is executed with user's privileges, so I made it world-writable). | ||
+ | |||
+ | < | ||
+ | lda(username)< | ||
+ | exec:/ | ||
+ | Execution timed out (> 10000 msecs) | ||
+ | lda(username)< | ||
+ | exec:/ | ||
+ | Forcibly terminated with signal 15 | ||
+ | lda(username)< | ||
+ | output stream (temp iostream in / | ||
+ | for (program client seekable output)) is missing error handling | ||
+ | lda(username)< | ||
+ | Raw backtrace: / | ||
+ | </ | ||
+ | |||
+ | There was a problem with **the filter program responding too slowly**. It is possible to change the **exec timeout**, in this case for the **filter** extension, just add the following in **/ | ||
+ | |||
+ | < | ||
+ | plugin { | ||
+ | ... | ||
+ | # Change the default timeout (10 seconds) for the filter extension. | ||
+ | sieve_filter_exec_timeout = 60s | ||
+ | |||
+ | # Change the default timeout (10 seconds) for the execute extension. | ||
+ | sieve_execute_exec_timeout = 60s | ||
+ | } | ||
+ | </ | ||
+ | |||
+ | ==== Error Unable to flush stdout ==== | ||
+ | |||
+ | FIXME This error message has an unwknown origin. | ||
+ | |||
+ | < | ||
+ | postfix/ | ||
+ | status=bounced (Command died with status 134: | ||
+ | "/ | ||
+ | Command output: Aborted Unable to flush stdout: Broken pipe ) | ||
+ | </ | ||
===== Sieve filtering ===== | ===== Sieve filtering ===== | ||
Line 338: | Line 416: | ||
<code bash> | <code bash> | ||
#!/bin/sh | #!/bin/sh | ||
- | / | + | / |
</ | </ | ||
+ | |||
+ | Notice that we set two timeouts on spamassassin client, one to connect to the daemon and one to get the result. If the daemon does not respond timely, the message is passed unchanged. Beware that **the timeouts should be lower** than the one specified into the **Dovecot LDA Sieve Extprograms plugin** configuration. | ||
==== How to Test an User's Sieve Filter File ==== | ==== How to Test an User's Sieve Filter File ==== | ||
Line 387: | Line 467: | ||
terminated with non-zero exit code 127 | terminated with non-zero exit code 127 | ||
</ | </ | ||
+ | |||
+ | FIXME How to handle errors in filter external commands? The default action is to send a **non-delivery notification**, | ||
==== Multiple Sieve Scripts ==== | ==== Multiple Sieve Scripts ==== | ||
Line 905: | Line 987: | ||
Subject: Attenzione: mailbox quasi piena | Subject: Attenzione: mailbox quasi piena | ||
Date: $DATE | Date: $DATE | ||
+ | Content-Type: | ||
+ | Content-Transfer-Encoding: | ||
La tua mailbox è quasi piena; lo spazio occupato ha superato il ${ARG1}%. | La tua mailbox è quasi piena; lo spazio occupato ha superato il ${ARG1}%. |
doc/appunti/linux/sa/postfix_spamassassin_clamav_dovecot.txt · Last modified: 2023/10/30 10:09 by niccolo