{"id":639,"date":"2019-10-24T17:06:07","date_gmt":"2019-10-24T15:06:07","guid":{"rendered":"https:\/\/www.tiraquelibras.com\/blog\/?p=639"},"modified":"2021-02-02T11:10:01","modified_gmt":"2021-02-02T10:10:01","slug":"servidor-de-correo-configuracion-dovecot-sieve-managesieve-parte-7-15","status":"publish","type":"post","link":"https:\/\/blog.tiraquelibras.com\/?p=639","title":{"rendered":"Servidor de correo &#8211; Configuraci\u00f3n Dovecot, SIEVE, ManageSIEVE (parte 7)"},"content":{"rendered":"<p>Esta es una entrada dentro de la serie para la instalaci\u00f3n de un servidor de correo completo. \u00cdndice completo de contenidos pincha <a href=\"https:\/\/blog.tiraquelibras.com\/?p=601\" class=\"external external_icon\" rel=\"nofollow\" target=\"_blank\">aqu\u00ed<\/a>.<\/p>\n<hr \/>\n<p>En esta entrada vamos a configurar el servicio que gestiona las conexiones de lectura al buz\u00f3n y gestiona los filtros que cada usuario configura a nivel individual o el administrador a nivel global.<\/p>\n<hr \/>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_76 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Tabla de contenidos<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a0c9404277fa\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a0c9404277fa\"  aria-label=\"Alternar\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-1 external external_icon\" href=\"https:\/\/blog.tiraquelibras.com\/?p=639\/#Dovecot\"  rel=\"nofollow\" target=\"_blank\">Dovecot<\/a><ul class='ez-toc-list-level-2' ><li class='ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2 external external_icon\" href=\"https:\/\/blog.tiraquelibras.com\/?p=639\/#Configuracion\"  rel=\"nofollow\" target=\"_blank\">Configuraci\u00f3n<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3 external external_icon\" href=\"https:\/\/blog.tiraquelibras.com\/?p=639\/#Configuraciones_adicionales\"  rel=\"nofollow\" target=\"_blank\">Configuraciones adicionales<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4 external external_icon\" href=\"https:\/\/blog.tiraquelibras.com\/?p=639\/#Error_en_los_logs\"  rel=\"nofollow\" target=\"_blank\">Error en los logs<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-5 external external_icon\" href=\"https:\/\/blog.tiraquelibras.com\/?p=639\/#Sieve_y_ManageSIEVE\"  rel=\"nofollow\" target=\"_blank\">Sieve y ManageSIEVE<\/a><\/li><\/ul><\/nav><\/div>\n<h1><span class=\"ez-toc-section\" id=\"Dovecot\"><\/span>Dovecot<span class=\"ez-toc-section-end\"><\/span><\/h1>\n<h2><span class=\"ez-toc-section\" id=\"Configuracion\"><\/span>Configuraci\u00f3n<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Primero creamos el buz\u00f3n <strong>postmaster@tiraquelibras.com<\/strong> o un alias con esta misma direcci\u00f3n apuntando a otro buz\u00f3n que tengamos ya creado, sin importar que coincidan sus dominios. Podemos crear el buz\u00f3n accediendo a la interfaz web de gesti\u00f3n de la base de datos que hemos instalado en el servidor en una secci\u00f3n anterior. Para dirigirte a esta pincha <a href=\"https:\/\/blog.tiraquelibras.com\/?p=626\" class=\"external external_icon\" rel=\"nofollow\" target=\"_blank\">aqu\u00ed<\/a>.<\/p>\n<p>Copiamos todos los archivos de configuraci\u00f3n originales:<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"null\">sudo cp \/etc\/dovecot\/dovecot.conf \/etc\/dovecot\/dovecot.conf.orig\r\nsudo cp \/etc\/dovecot\/conf.d\/10-mail.conf \/etc\/dovecot\/conf.d\/10-mail.conf.orig\r\nsudo cp \/etc\/dovecot\/conf.d\/10-auth.conf \/etc\/dovecot\/conf.d\/10-auth.conf.orig\r\nsudo cp \/etc\/dovecot\/dovecot-sql.conf.ext \/etc\/dovecot\/dovecot-sql.conf.ext.orig\r\nsudo cp \/etc\/dovecot\/conf.d\/10-master.conf \/etc\/dovecot\/conf.d\/10-master.conf.orig\r\nsudo cp \/etc\/dovecot\/conf.d\/10-ssl.conf \/etc\/dovecot\/conf.d\/10-ssl.conf.orig\r\n<\/pre>\n<p>Editamos el archivo <strong><em>\/etc\/dovecot\/dovecot.conf <\/em><\/strong>y agregamos los protocolos:<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"null\">## Dovecot configuration file\r\n...\r\n# Enable installed protocols\r\n!include_try \/usr\/share\/dovecot\/protocols.d\/*.protocol\r\nprotocols = imap pop3 lmtp\r\n...\r\npostmaster_address=postmaster@tiraquelibras.com\r\n<\/pre>\n<p>Editamos el archivo <strong><em>\/etc\/dovecot\/conf.d\/10-mail.conf<\/em><\/strong> que controla como Dovecot interact\u00faa con el sistema de ficheros del servidor para almacenar y acceder a los mensajes:<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"null\">...\r\nmail_location = maildir:\/var\/mail\/vhosts\/%d\/%n\/\r\n...\r\nmail_privileged_group = mail\r\n...\r\n<\/pre>\n<p>Creamos el directorio para almacenar los dominios y buzones:<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"null\">sudo mkdir -p \/var\/mail\/vhosts\/<\/pre>\n<p>Creamos el grupo <strong><em>vmail<\/em><\/strong> con ID <strong><em>5000<\/em><\/strong> y el usuario <strong><em>vmail<\/em><\/strong> que agregamos al grupo <strong><em>vmail<\/em><\/strong> creado. Este usuario del sistema leer\u00e1 los mails del servidor:<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"null\">sudo groupadd -g 5000 vmail\r\n\r\nsudo useradd -g vmail -u 5000 vmail -d \/var\/mail<\/pre>\n<p>Cambiamos los permisos del directorio creado anteriormente para almacenar los dominios y buzones:<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"null\">sudo chown -R vmail:vmail \/var\/mail<\/pre>\n<p>Ahora editamos el archivo <strong><em>\/etc\/dovecot\/conf.d\/10-auth.conf<\/em><\/strong>:<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"null\">...\r\ndisable_plaintext_auth = yes\r\n...\r\nauth_mechanisms = plain login\r\n...\r\n!include auth-system.conf.ext\r\n...\r\n!include auth-sql.conf.ext\r\n...\r\n<\/pre>\n<p>Ahora editamos el directorio <strong><em>\/etc\/dovecot\/conf.d\/auth-sql.conf.ext<\/em><\/strong> para indicar la informaci\u00f3n de autenticaci\u00f3n y almacenamiento.<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"null\">...\r\npassdb {\r\n  driver = sql\r\n  args = \/etc\/dovecot\/dovecot-sql.conf.ext\r\n}\r\n...\r\n#userdb {\r\n#  driver = sql\r\n#  args = \/etc\/dovecot\/dovecot-sql.conf.ext\r\n#}\r\n...\r\nuserdb {\r\n  driver = static\r\n  args = uid=vmail gid=vmail home=\/var\/mail\/vhosts\/%d\/%n\r\n}\r\n...\r\n<\/pre>\n<p>Actualizamos el archivo <strong><em>\/etc\/dovecot\/dovecot-sql.conf.ext<\/em><\/strong> con la informaci\u00f3n de conexi\u00f3n del MySQL.<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"null\">...\r\ndriver = mysql\r\n...\r\nconnect = host=127.0.0.1 dbname=mailserver user=mailuser password=mailuserpass\r\n...\r\ndefault_pass_scheme = PLAIN-MD5\r\n...\r\npassword_query = SELECT email as user, password FROM virtual_users WHERE email='%u' and active='1';\r\n...\r\n<\/pre>\n<p><span style=\"color: #ff0000;\"><strong>OJO<\/strong><\/span>, si queremos que los alias se usen como login tambi\u00e9n deberemos de cambiar la password_query con el siguiente contenido, pero yo no lo configur\u00e9 en mi entorno:<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"null\">password_query = SELECT email as user, password FROM virtual_users WHERE email=(SELECT destination FROM virtual_aliases WHERE source = '%u' and active='1') and active='1';<\/pre>\n<p>Cambiamos el propietario y grupo del directorio <strong><em>\/etc\/dovecot<\/em><\/strong> \u00a0por <strong><em>vmail<\/em><\/strong> y <strong><em>dovecot <\/em><\/strong>con el comando:<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"null\">sudo chown -R vmail:dovecot \/etc\/dovecot<\/pre>\n<p>Ahora los permisos con:<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"null\">sudo chmod -R o-rwx \/etc\/dovecot<\/pre>\n<p>Editamos el archivo <strong><em>\/etc\/dovecot\/conf.d\/10-master.conf<\/em><\/strong> en donde deshabilitamos el desencriptado IMAP y POP3 indicando los puertos de los protocolos a valor <strong><em>0<\/em><\/strong>. Descomentamos las variables <strong><em>port <\/em><\/strong>\u00a0y <strong><em>ssl:<\/em><\/strong><\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"null\">...\r\nservice imap-login {\r\n  inet_listener imap {\r\n    port = 0\r\n  }\r\n  inet_listener imaps {\r\n    port = 993\r\n    ssl = yes\r\n  }\r\n  ...\r\n}\r\n...\r\nservice pop3-login {\r\n  inet_listener pop3 {\r\n    port = 0\r\n  }\r\n  inet_listener pop3s {\r\n    port = 995\r\n    ssl = yes\r\n  }\r\n}\r\n...\r\n<\/pre>\n<p>Y ahora el servicio <strong><em>lmtp<\/em><\/strong>:<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"null\">...\r\nservice lmtp {\r\n  unix_listener \/var\/spool\/postfix\/private\/dovecot-lmtp {\r\n    #mode = 0666i\r\n    mode = 0600\r\n    user = postfix\r\n    group = postfix\r\n  }\r\n...\r\n}\r\n<\/pre>\n<p>Ahora el servicio <strong><em>auth<\/em><\/strong>:<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"null\">...\r\nservice auth {\r\n  ...\r\n  unix_listener \/var\/spool\/postfix\/private\/auth {\r\n    mode = 0660\r\n    user = postfix\r\n    group = postfix\r\n  }\r\n\r\n  unix_listener auth-userdb {\r\n    mode = 0600\r\n    user = vmail\r\n  }\r\n...\r\n  user = dovecot\r\n}\r\n...\r\n<\/pre>\n<p>Y ahora el <strong><em>auth-worker<\/em><\/strong>:<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"null\">...\r\nservice auth-worker {\r\n  ...\r\n  user = vmail\r\n}\r\n<\/pre>\n<p>Para finalizar editamos el archivo <strong><em>\/etc\/dovecot\/conf.d\/10-ssl.conf<\/em><\/strong> para requerir SSL y agregar la ubicaci\u00f3n de los certificados SSL, adem\u00e1s de deshabilitar el protocolo <strong>SSLv3<\/strong> <span style=\"color: #ff0000;\"><strong>MUY INSEGURO<\/strong><\/span>:<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"null\">...\r\n# SSL\/TLS support: yes, no, required. &lt;doc\/wiki\/SSL.txt&gt;\r\nssl = required\r\n... \t\r\nssl_cert = &lt;\/etc\/letsencrypt\/live\/correu2.yeloquehay.com\/fullchain.pem\r\nssl_key = &lt;\/etc\/letsencrypt\/live\/correu2.yeloquehay.com\/privkey.pem\r\n\u2026\r\n# SSL protocols to use\r\n#ssl_protocols = !SSLv3\r\nssl_protocols = !SSLv3\r\n\u2026\r\n<\/pre>\n<p>Configuramos un log personalizado para Dovecot en el archivo <strong><em>\/etc\/dovecot\/conf.d\/10-logging.conf<\/em><\/strong> con los siguientes cambios:<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"null\">\u2026\r\n# Log file to use for error messages. \"syslog\" logs to syslog,\r\n# \/dev\/stderr logs to stderr.\r\n#log_path = syslog\r\nlog_path = \/var\/log\/dovecot.log\r\n\u2026\r\n# mail_log plugin provides more event logging for mail processes.\r\nplugin {\r\n  # Events to log. Also available: flag_change append\r\n  mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename\r\n  # Available fields: uid, box, msgid, from, subject, size, vsize, flags\r\n  # size and vsize are available only for expunge and copy events.\r\n  mail_log_fields = uid box msgid size\r\n}\r\n\r\n##\r\n## Log formatting.\r\n##\r\n\r\n# Prefix for each line written to log file. % codes are in strftime(3)\r\n# format.\r\n###log_timestamp = \"%b %d %H:%M:%S \"\r\nlog_timestamp = \"%Y-%m-%d %H:%M:%S \"\r\n\r\n# Space-separated list of elements we want to log. The elements which have\r\n# a non-empty variable value are joined together to form a comma-separated\r\n# string.\r\nlogin_log_format_elements = user=&lt;%u&gt; method=%m rip=%r lip=%l mpid=%e %c\r\n\r\n# Login log format. %s contains login_log_format_elements string, %$ contains\r\n# the data we want to log.\r\nlogin_log_format = %$: %s\r\n\r\n# Log prefix for mail processes. See doc\/wiki\/Variables.txt for list of\r\n# possible variables you can use.\r\nmail_log_prefix = \"%s(%u): \"\r\n\r\n# Format to use for logging mail deliveries. See doc\/wiki\/Variables.txt for\r\n# list of all variables you can use. Some of the common ones include:\r\n#  %$ - Delivery status message (e.g. \"saved to INBOX\")\r\n#  %m - Message-ID\r\n#  %s - Subject\r\n#  %f - From address\r\n#  %p - Physical size\r\n#  %w - Virtual size\r\n###deliver_log_format = msgid=%m: %$\r\n###deliver_log_format = msgid=%m: %$ : Subject: %s\r\ndeliver_log_format = Message-ID: %m - Subject: %s - From: %f - Size: %p - Status: %$\r\n<\/pre>\n<p>Ahora los eventos de Dovecot se escriben en el fichero <strong><em>\/var\/log\/dovecot.log<\/em><\/strong><\/p>\n<h2><\/h2>\n<h2><span class=\"ez-toc-section\" id=\"Configuraciones_adicionales\"><\/span>Configuraciones adicionales<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Subscribimos los directorios por defecto en el archivo <strong><em>\/etc\/dovecot\/conf.d\/15-<\/em><\/strong> <strong><em>mailboxes.conf:<\/em><\/strong><\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"null\">\u2026\r\n  mailbox Drafts {\r\n    special_use = \\Drafts\r\n    auto = subscribe\r\n  }\r\n\r\n#  mailbox Junk {\r\n#    special_use = \\Junk\r\n#  }\r\n mailbox Spam {\r\n     special_use = \\Junk\r\n     auto = subscribe\r\n  }\r\n\r\n  mailbox Trash {\r\n    special_use = \\Trash\r\n    auto = subscribe\r\n  }\r\n\u2026\r\n  mailbox Sent {\r\n    special_use = \\Sent\r\n    auto = subscribe\r\n  }\r\n#  mailbox \"Sent Messages\" {\r\n#    special_use = \\Sent\r\n#  }\r\n\u2026\t\r\n<\/pre>\n<p>En el archivo <strong><em>\/etc\/dovecot\/conf.d\/20-imap.conf<\/em><\/strong> cambiamos:<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"null\">\u2026\r\nimap_logout_format = in=%i out=%o\r\n\u2026\r\nprotocol imap {\r\n\u2026\r\n  mail_plugins = $mail_plugins mail_log notify\r\n  # Maximum number of IMAP connections allowed for a user from each IP address.\r\n  # NOTE: The username is compared case-sensitively.\r\n  mail_max_userip_connections = 10\r\n}\r\n<\/pre>\n<p>En el archivo <strong><em>\/etc\/dovecot\/conf.d\/20-pop3.conf<\/em><\/strong> cambiamos:<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"null\">...\r\npop3_logout_format = top=%t\/%p, retr=%r\/%b, del=%d\/%m, size=%s, deleted=%{deleted_bytes}\r\n\u2026\r\nprotocol pop3 {\r\n\u2026\r\n mail_plugins = $mail_plugins mail_log notify\r\n  # Maximum number of POP3 connections allowed for a user from each IP address.\r\n  # NOTE: The username is compared case-sensitively.\r\n  mail_max_userip_connections = 10\r\n}\r\n<\/pre>\n<p>Reiniciamos Dovecot con:<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"null\">sudo systemctl restart dovecot<\/pre>\n<h2><\/h2>\n<h2><span class=\"ez-toc-section\" id=\"Error_en_los_logs\"><\/span>Error en los logs<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Para evitar este tipo de errores en los logs del archivo <strong><em>auth.log<\/em><\/strong>:<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"null\">Oct  1 09:58:01 h2847530 auth: pam_unix(dovecot:auth): authentication failure; logname= uid=5000 euid=5000 tty=doveco\r\nOct  1 09:58:04 h2847530 auth: pam_unix(dovecot:auth): check pass; user unknown\r\nOct  1 09:58:04 h2847530 auth: pam_unix(dovecot:auth): authentication failure; logname= uid=5000 euid=5000 tty=doveco\r\nOct  1 09:58:08 h2847530 auth: pam_unix(dovecot:auth): check pass; user unknown\r\n<\/pre>\n<p>Tenemos que editar el archivo <strong><em>\/etc\/dovecot\/conf.d\/auth-system.conf.ext<\/em><\/strong>. Primero hacemos una copia:<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"null\">cp \/etc\/dovecot\/conf.d\/auth-system.conf.ext \/etc\/dovecot\/conf.d\/auth-system.conf.ext.orig<\/pre>\n<p>Luego lo editamos y comentamos las siguientes l\u00edneas:<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"null\">\u2026\r\n###passdb {\r\n###  driver = pam\r\n  # [session=yes] [setcred=yes] [failure_show_msg=yes] [max_requests=&lt;n&gt;]\r\n  # [cache_key=&lt;key&gt;] [&lt;service name&gt;]\r\n  #args = dovecot\r\n###}\r\n\u2026\r\n###userdb {\r\n  # &lt;doc\/wiki\/AuthDatabase.Passwd.txt&gt;\r\n###  driver = passwd\r\n  # [blocking=no]\r\n  #args =\r\n\r\n  # Override fields from passwd\r\n  #override_fields = home=\/home\/virtual\/%u\r\n###}\r\n\u2026\r\n<\/pre>\n<p>Reiniciamos Dovecot y ya se solucionar\u00eda:<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"null\">systemctl restart dovecot<\/pre>\n<hr \/>\n<h1><span class=\"ez-toc-section\" id=\"Sieve_y_ManageSIEVE\"><\/span>Sieve y ManageSIEVE<span class=\"ez-toc-section-end\"><\/span><\/h1>\n<p>Instalamos los paquetes necesarios:<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"null\">apt-get install dovecot-sieve dovecot-managesieved<\/pre>\n<p>Habilitamos los plugins de Dovecot en el archivo <strong><em>\/etc\/dovecot\/conf.d\/20-lmtp.conf<\/em><\/strong><\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"null\">protocol lmtp {\r\n  # Space separated list of plugins to load (default is global mail_plugins).\r\n  #mail_plugins = $mail_plugins\r\n  portmaster_address = postmaster@yeloquehay.com\r\n  mail_plugins = $mail_plugins sieve\r\n}\r\n<\/pre>\n<p>Ahora editamos el archivo <strong><em>\/etc\/dovecot\/conf.d\/90-sieve.conf<\/em><\/strong>:<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"null\">plugin {\r\n   sieve = ~\/.dovecot.sieve\r\n   sieve_global_path = \/var\/lib\/dovecot\/sieve\/default.sieve\r\n   sieve_dir = ~\/sieve\r\n   sieve_global_dir = \/var\/lib\/dovecot\/sieve\/\r\n}\r\n<\/pre>\n<p>Y para finalizar en el archivo <strong><em>\/etc\/dovecot\/dovecot.conf<\/em><\/strong> agregamos lo siguiente:<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"null\">\u2026\r\n# Enable installed protocols\r\n\u2026\r\nprotocols = imap pop3 lmtp sieve\r\n\u2026\r\n<\/pre>\n<p>Archivo <strong><em>\/etc\/dovecot\/conf.d\/20-managesieve.conf<\/em><\/strong><\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"null\">\u2026\r\nservice managesieve-login {\r\n  inet_listener sieve {\r\n    port = 4190\r\n  }\r\n  inet_listener sieve_deprecated {\r\n    port = 2000\r\n  }\r\n  # Number of connections to handle before starting a new process. Typically\r\n  # the only useful values are 0 (unlimited) or 1. 1 is more secure, but 0\r\n  # is faster. &lt;doc\/wiki\/LoginProcess.txt&gt;\r\n  #service_count = 1\r\n  # Number of processes to always keep waiting for more connections.\r\n  #process_min_avail = 0\r\n  # If you set service_count=0, you probably need to grow this.\r\n  #vsz_limit = 64M\r\n}\r\nservice managesieve {\r\n  # Max. number of ManageSieve processes (connections)\r\n  process_limit = 1024\r\n}\r\n\u2026\r\n<\/pre>\n<p>Si hacemos un telnet al puerto de SIEVE 4190 vemos todos los comandos habilitados para este servicio:<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"null\"># telnet X.X.X.X 4190\r\nTrying 81.169.229.19...\r\nConnected to 81.169.229.19.\r\nEscape character is '^]'.\r\n\"IMPLEMENTATION\" \"Dovecot Pigeonhole\"\r\n\"SIEVE\" \"fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext\"\r\n\"NOTIFY\" \"mailto\"\r\n\"SASL\" \"\"\r\n\"STARTTLS\"\r\n\"VERSION\" \"1.0\"\r\nOK \"Dovecot ready.\"\r\n<\/pre>\n<p>Vemos la informaci\u00f3n que hace referencia a SIEVE:<\/p>\n<blockquote><p>\u00abIMPLEMENTATION\u00bb \u00abDovecot Pigeonhole\u00bb<\/p>\n<p>\u00abSIEVE\u00bb \u00abfileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext\u00bb<\/p><\/blockquote>\n<p><span style=\"color: #ff0000;\"><strong>IMPORTANTE<\/strong><\/span>, para que los filtros SIEVE funcionen, sobre todo al redireccionar o reenviar emails, debemos de cambiar los permisos del directorio de Postfix<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"null\">chmod 755 -R \/etc\/postfix<\/pre>\n<p>Creamos el archivo <strong>SIEVE<\/strong> para las <em><strong>reglas globales<\/strong><\/em>que afectar\u00e1n a todos los mensajes que cumplan los requisitos indicados.<\/p>\n<p>Creamos el directorio:<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"null\">mkdir \/var\/lib\/dovecot\/sieve<\/pre>\n<p>Ahora el archivo dentro del directorio anterior<strong><em>\u00a0\/var\/lib\/dovecot\/sieve\/default.sieve<\/em><\/strong> con el siguiente contenido:<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"null\">require \"fileinto\";\r\nif header :contains \"X-Spam-Flag\" \"YES\" {\r\n  fileinto \"Junk\";\r\n}\r\n<\/pre>\n<p>Con esto conseguimos que los mensajes con la cabecera de SPAM se entreguen en el directorio pertinente.<\/p>\n<p>Cambiamos el propietario del archivo<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"null\">chown -R vmail:vmail \/var\/lib\/dovecot<\/pre>\n<p>Compilamos el archivo SIEVE para que se aplique correctamente<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"null\">sievec \/var\/lib\/dovecot\/sieve\/default.sieve<\/pre>\n<p>En este archivo podemos configurar reenv\u00edos a otros buzones, rechazos, almacenar en un directorio determinado, respuesta a mensajes, respuesta de no disponible, &#8230; indicando determinados patrones que se den en las cabeceras de los mensajes que reciba nuestra plataforma.<\/p>\n<hr \/>\n<p>\u00cdndice general pincha <a href=\"https:\/\/blog.tiraquelibras.com\/?p=601\" class=\"external external_icon\" rel=\"nofollow\" target=\"_blank\">aqu\u00ed<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Esta es una entrada dentro de la serie para la instalaci\u00f3n de un servidor de correo completo. \u00cdndice completo de contenidos pincha aqu\u00ed. En esta<span class=\"read-more-link\"><a class=\"read-more\" href=\"https:\/\/blog.tiraquelibras.com\/?p=639\">Read More<\/a><\/span><\/p>\n","protected":false},"author":1,"featured_media":640,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[10,22],"tags":[69,71,70],"class_list":["post-639","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-sistemas","category-ti","tag-dovecot","tag-filtros","tag-sieve"],"post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/blog.tiraquelibras.com\/index.php?rest_route=\/wp\/v2\/posts\/639","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.tiraquelibras.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.tiraquelibras.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.tiraquelibras.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.tiraquelibras.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=639"}],"version-history":[{"count":0,"href":"https:\/\/blog.tiraquelibras.com\/index.php?rest_route=\/wp\/v2\/posts\/639\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.tiraquelibras.com\/index.php?rest_route=\/wp\/v2\/media\/640"}],"wp:attachment":[{"href":"https:\/\/blog.tiraquelibras.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=639"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.tiraquelibras.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=639"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.tiraquelibras.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=639"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}