From 69b66d55bc337c06031232040f1ff154bae067c0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andr=C3=A9=20Stein?= Date: Fri, 29 Apr 2016 15:24:10 +0200 Subject: [PATCH 1/2] Configure dovecot's managesieve plugin when the environment variable ENABLE_MANAGE_SIEVE has been set. Adapted README and updated tests. The functionality has successfully been tested using the Sieve Thunderbird plugin. --- Dockerfile | 4 ++-- Makefile | 1 + README.md | 5 +++++ target/start-mailserver.sh | 7 +++++++ test/tests.bats | 10 ++++++++++ 5 files changed, 25 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 74a9fdf0..74abe533 100644 --- a/Dockerfile +++ b/Dockerfile @@ -5,7 +5,7 @@ MAINTAINER Thomas VIAL RUN DEBIAN_FRONTEND=noninteractive apt-get update -q --fix-missing && \ apt-get -y upgrade && \ apt-get -y install --no-install-recommends \ - postfix dovecot-core dovecot-imapd dovecot-pop3d dovecot-sieve gamin amavisd-new spamassassin razor pyzor \ + postfix dovecot-core dovecot-imapd dovecot-pop3d dovecot-sieve dovecot-managesieved gamin amavisd-new spamassassin razor pyzor \ clamav clamav-daemon libnet-dns-perl libmail-spf-perl bzip2 file gzip p7zip unzip arj rsyslog \ opendkim opendkim-tools opendmarc curl fail2ban ed iptables && \ curl -sk http://neuro.debian.net/lists/trusty.de-m.libre > /etc/apt/sources.list.d/neurodebian.sources.list && \ @@ -74,6 +74,6 @@ RUN curl -s https://letsencrypt.org/certs/lets-encrypt-x1-cross-signed.pem > /et ADD target/bin/generate-ssl-certificate target/bin/generate-dkim-config target/start-mailserver.sh /usr/local/bin/ RUN chmod +x /usr/local/bin/* -EXPOSE 25 587 143 993 110 995 +EXPOSE 25 587 143 993 110 995 4190 CMD /usr/local/bin/start-mailserver.sh diff --git a/Makefile b/Makefile index f0b50cd5..4c960288 100644 --- a/Makefile +++ b/Makefile @@ -23,6 +23,7 @@ run: -e SA_TAG2=2.0 \ -e SA_KILL=3.0 \ -e SASL_PASSWD=testing \ + -e ENABLE_MANAGE_SIEVE=1 \ -h mail.my-domain.com -t $(NAME) sleep 20 docker run -d --name mail_pop3 \ diff --git a/README.md b/README.md index ad26d14f..54e7239e 100644 --- a/README.md +++ b/README.md @@ -113,6 +113,11 @@ If you enable Fail2Ban, don't forget to add the following lines to your `docker- Otherwise, `iptables` won't be able to ban IPs. +##### ENABLE_MANAGE_SIEVE + + - **empty** => Managesieve service disabled + - 1 => Enables Managesieve on port 4190 + ##### SA_TAG - **2.0** => add spam info headers if at, or above that level diff --git a/target/start-mailserver.sh b/target/start-mailserver.sh index 223ab9d8..4d44c0ae 100644 --- a/target/start-mailserver.sh +++ b/target/start-mailserver.sh @@ -23,6 +23,7 @@ if [ -f /tmp/docker-mailserver/postfix-accounts.cf ]; then cp -a /usr/share/dovecot/protocols.d /etc/dovecot/ # Disable pop3 (it will be eventually enabled later in the script, if requested) mv /etc/dovecot/protocols.d/pop3d.protocol /etc/dovecot/protocols.d/pop3d.protocol.disab + mv /etc/dovecot/protocols.d/managesieved.protocol /etc/dovecot/protocols.d/managesieved.protocol.disab sed -i -e 's/#ssl = yes/ssl = yes/g' /etc/dovecot/conf.d/10-master.conf sed -i -e 's/#port = 993/port = 993/g' /etc/dovecot/conf.d/10-master.conf sed -i -e 's/#port = 995/port = 995/g' /etc/dovecot/conf.d/10-master.conf @@ -234,6 +235,12 @@ echo "Starting daemons" cron /etc/init.d/rsyslog start +# Enable Managesieve service by setting the symlink +# to the configuration file Dovecot will actually find +if [ "$ENABLE_MANAGE_SIEVE" = 1 ]; then + mv /etc/dovecot/protocols.d/managesieved.protocol.disab /etc/dovecot/protocols.d/managesieved.protocol +fi + if [ "$SMTP_ONLY" != 1 ]; then # Here we are starting sasl and imap, not pop3 because it's disabled by default echo " * Starting dovecot services" diff --git a/test/tests.bats b/test/tests.bats index 7f3772d2..0141beec 100644 --- a/test/tests.bats +++ b/test/tests.bats @@ -419,3 +419,13 @@ [ "$status" -eq 0 ] [ "$output" = 1 ] } + +@test "checking manage sieve: server is ready when ENABLE_MANAGE_SIEVE has been set" { + run docker exec mail /bin/bash -c "nc -z 0.0.0.0 4190" + [ "$status" -eq 0 ] +} + +@test "checking manage sieve: disabled per default" { + run docker exec mail_pop3 /bin/bash -c "nc -z 0.0.0.0 4190" + [ "$status" -ne 0 ] +} From 9f63fa2ef45a29b7562078386cdd99282cd0ab68 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andr=C3=A9=20Stein?= Date: Fri, 29 Apr 2016 17:09:48 +0200 Subject: [PATCH 2/2] Rename environment variable ENABLE_MANAGE_SIEVE to ENABLE_MANAGESIEVE. --- Makefile | 2 +- README.md | 2 +- target/start-mailserver.sh | 2 +- test/tests.bats | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Makefile b/Makefile index 4c960288..cf470aa9 100644 --- a/Makefile +++ b/Makefile @@ -23,7 +23,7 @@ run: -e SA_TAG2=2.0 \ -e SA_KILL=3.0 \ -e SASL_PASSWD=testing \ - -e ENABLE_MANAGE_SIEVE=1 \ + -e ENABLE_MANAGESIEVE=1 \ -h mail.my-domain.com -t $(NAME) sleep 20 docker run -d --name mail_pop3 \ diff --git a/README.md b/README.md index 54e7239e..4a7100cb 100644 --- a/README.md +++ b/README.md @@ -113,7 +113,7 @@ If you enable Fail2Ban, don't forget to add the following lines to your `docker- Otherwise, `iptables` won't be able to ban IPs. -##### ENABLE_MANAGE_SIEVE +##### ENABLE_MANAGESIEVE - **empty** => Managesieve service disabled - 1 => Enables Managesieve on port 4190 diff --git a/target/start-mailserver.sh b/target/start-mailserver.sh index 4d44c0ae..ca0be0f3 100644 --- a/target/start-mailserver.sh +++ b/target/start-mailserver.sh @@ -237,7 +237,7 @@ cron # Enable Managesieve service by setting the symlink # to the configuration file Dovecot will actually find -if [ "$ENABLE_MANAGE_SIEVE" = 1 ]; then +if [ "$ENABLE_MANAGESIEVE" = 1 ]; then mv /etc/dovecot/protocols.d/managesieved.protocol.disab /etc/dovecot/protocols.d/managesieved.protocol fi diff --git a/test/tests.bats b/test/tests.bats index 0141beec..4a6eaf51 100644 --- a/test/tests.bats +++ b/test/tests.bats @@ -420,7 +420,7 @@ [ "$output" = 1 ] } -@test "checking manage sieve: server is ready when ENABLE_MANAGE_SIEVE has been set" { +@test "checking manage sieve: server is ready when ENABLE_MANAGESIEVE has been set" { run docker exec mail /bin/bash -c "nc -z 0.0.0.0 4190" [ "$status" -eq 0 ] }