Announcement

Collapse
No announcement yet.

Error Invalid sieve credentials

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Error Invalid sieve credentials

    When I click on Filter from within OX GUI, I get the following:
    Code:
    SEVERE: MAIL_FILTER-0002 Category=3 Message=Invalid sieve credentials exceptionID=1508791926-3
    MAIL_FILTER-0002 Category=3 Message=Invalid sieve credentials exceptionID=1508791926-3
    ...
    Caused by: com.openexchange.jsieve.exceptions.OXSieveHandlerInvalidCredentialsException: Authentication failed
            at com.openexchange.jsieve.SieveHandler.initializeConnection(SieveHandler.java:319)
            at com.openexchange.mailfilter.ajax.actions.MailfilterAction.actionConfig(MailfilterAction.java:164)

    I am using dovecot virtual users, and postfix with a submission port of 587.


    1. Sieve is working:

    Code:
    # telnet localhost 2000
    Trying 127.0.0.1...
    Connected to localhost.
    2. Also mail.filter appears to be working:

    Code:
    [root@server1 sbin]# ./listbundles | grep mail
    bundlename: com.openexchange.mail.filter status: ACTIVE
    [root@server1 sbin]#
    3. Displaying a list of users gives:

    Code:
    [root@server1 sbin]# listuser -A oxadmin -P xxxxxxxxx -c 1
    Id Name     Displayname      Email
     3 test test admin   test@domain.com
     2 oxadmin  OX Admin         oxadmin@domain.com
     4 user1 john citizen user1@domain.com
    [root@server1 sbin]#
    4. I set these up with the following OX user parameters:
    --imaplogin user1@domain.com
    --imapserver 127.0.0.1:143
    --smtpserver 127.0.0.1:587

    5. The /opt/open-xchange/etc/groupware/mailfilter.properties
    shows:
    Code:
    SIEVE_LOGIN_TYPE=global
    SIEVE_CREDSRC=imapLogin
    SIEVE_SERVER=127.0.0.1
    SIEVE_PORT=2000
    SCRIPT_NAME=Open-Xchange
    SIEVE_AUTH_ENC=UTF-8
    NON_RFC_COMPLIANT_TLS_REGEX=^Cyrus.*v([0-1]\\.[0-9].*|2\\.[0-2].*|2\\.3\\.[0-9]|2\\.3\\.[0-9][^0-9].*)$
    TLS=false
    VACATION_DOMAINS=
    com.openexchange.mail.filter.connectionTimeout=30000

    6. The /opt/open-xchange/etc/groupware/mail.properties
    shows:
    Code:
    com.openexchange.mail.loginSource=mail
    com.openexchange.mail.passwordSource=session
    com.openexchange.mail.mailServerSource=user
    com.openexchange.mail.transportServerSource=user
    com.openexchange.mail.masterPassword=secret
    com.openexchange.mail.mailServer=172.17.0.2:143
    com.openexchange.mail.transportServer=172.17.0.2:587
    com.openexchange.mail.defaultMailProvider=imap
    mail.mime.charset=UTF-8
    com.openexchange.mail.maxNumOfConnections=0
    com.openexchange.mail.mailFetchLimit=1000
    com.openexchange.mail.attachmentDisplaySizeLimit=8192
    com.openexchange.mail.mailAccessCacheShrinkerSeconds=3
    com.openexchange.mail.mailAccessCacheIdleSeconds=7
    com.openexchange.mail.quoteLineColors=#a14044,#917722,#599351,#516193,#666666
    com.openexchange.mail.userFlagsEnabled=true
    com.openexchange.mail.partModifierImpl=com.openexchange.mail.partmodifier.DummyPartModifier
    com.openexchange.mail.allowNestedDefaultFolderOnAltNamespace=false
    com.openexchange.mail.ignoreSubscription=false
    com.openexchange.mail.supportSubscription=true
    com.openexchange.mail.allowNestedDefaultFolderOnAltNamespace=false
    com.openexchange.mail.ignoreSubscription=false
    com.openexchange.mail.supportSubscription=true
    com.openexchange.mail.defaultSeparator=/
    com.openexchange.mail.watcherEnabled=true
    com.openexchange.mail.watcherFrequency=10000
    com.openexchange.mail.watcherTime=60000
    com.openexchange.mail.watcherShallClose=false
    com.openexchange.mail.JavaMailProperties=/opt/open-xchange/etc/groupware/javamail.properties
    com.openexchange.mail.phishingHeader=
    com.openexchange.mail.adminMailLoginEnabled=false

    7. The /etc/dovecot.conf
    shows (in part):

    Code:
    protocol managesieve {
      listen = localhost:2000
            login_executable = /usr/libexec/dovecot/managesieve-login
            mail_executable = /usr/libexec/dovecot/managesieve
            managesieve_max_line_length = 65536
    managesieve_logout_format = bytes ( in=%i : out=%o )
            managesieve_implementation_string = dovecot
    }
    
    protocol lda {
      postmaster_address = user1@domain.com
      mail_plugins = sieve quota
      mail_plugin_dir = /usr/lib/dovecot/lda
      auth_socket_path = /var/run/dovecot/auth-master
    }
    
    plugin {
      quota = maildir
    ## Sieve
      sieve_global_path = /var/vmail/globalsieverc
      sieve_global_dir = /var/vmail/mailfilters
      sieve_dir = /var/vmail/%d/%n/Maildir/
      sieve = /var/vmail/%d/%n/Maildir/.dovecot.sieve
      sieve_maxscriptsize = 128
    }
    8. the file /etc/pam.d/dovecot
    gives
    -----
    Code:
    #%PAM-1.0
    auth       required     pam_nologin.so
    auth       include      system-auth
    account    include      system-auth
    session    include      system-auth
    [root@server1 ~]#

    9. Edit /etc/sysconfig/saslauthd
    gives
    ----
    Code:
    SOCKETDIR=/var/run/saslauthd
    MECH=shadow
    FLAGS=
    MECH_OPTIONS="127.0.0.1"

    10. The command saslauthd -v
    ------------
    gives:
    Code:
    [root@server1 ~]# saslauthd -v
    saslauthd 2.1.22
    authentication mechanisms: getpwent kerberos5 pam rimap shadow ldap

    11. The Log file /var/log/open-xchange/open-xchange.log.0
    shows:

    Code:
    Dec 7, 2010 4:06:37 PM com.openexchange.mailfilter.ajax.AJAXServlet doGet
    SEVERE: MAIL_FILTER-0002 Category=3 Message=Invalid sieve credentials exceptionID=-1635387879-3
    MAIL_FILTER-0002 Category=3 Message=Invalid sieve credentials exceptionID=-1635387879-3
            at com.openexchange.mailfilter.ajax.actions.MailfilterAction.actionConfig(MailfilterAction.java:176)
            at com.openexchange.mailfilter.ajax.actions.MailfilterAction.actionConfig(MailfilterAction.java:101)
            at com.openexchange.mailfilter.ajax.actions.AbstractAction.action(AbstractAction.java:79)
            at com.openexchange.mailfilter.ajax.AJAXServlet.doGet(AJAXServlet.java:132)
            at javax.servlet.http.HttpServlet.service(HttpServlet.java:596)
            at javax.servlet.http.HttpServlet.service(HttpServlet.java:689)
            at com.openexchange.ajp13.najp.AJPv13RequestHandlerImpl.doServletService(AJPv13RequestHandlerImpl.java:504)
            at com.openexchange.ajp13.AJPv13Request.response(AJPv13Request.java:129)
            at com.openexchange.ajp13.najp.AJPv13RequestHandlerImpl.createResponse(AJPv13RequestHandlerImpl.java:316)
            at com.openexchange.ajp13.najp.AJPv13ConnectionImpl.createResponse(AJPv13ConnectionImpl.java:207)
            at com.openexchange.ajp13.najp.AJPv13Task.call(AJPv13Task.java:346)
            at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334)
            at java.util.concurrent.FutureTask.run(FutureTask.java:166)
            at com.openexchange.threadpool.internal.CustomThreadPoolExecutor$Worker.runTask(CustomThreadPoolExecutor.java:738)
            at com.openexchange.threadpool.internal.CustomThreadPoolExecutor$Worker.run(CustomThreadPoolExecutor.java:764)
            at java.lang.Thread.run(Thread.java:636)
    Caused by: com.openexchange.jsieve.exceptions.OXSieveHandlerInvalidCredentialsException: Authentication failed
            at com.openexchange.jsieve.SieveHandler.initializeConnection(SieveHandler.java:319)
            at com.openexchange.mailfilter.ajax.actions.MailfilterAction.actionConfig(MailfilterAction.java:164)
            ... 15 more
    Dec 7, 2010 4:06:57 PM com.openexchange.login.internal.LoginPerformer logLogout
    INFO: Logout  Context:1(1,defaultcontext) User:4(user1) Session:7e9e13ddb99447398c92e6e8dbb55587
    [root@server1 ~]#

    Any help would be appreciated.

    Regards
    Rolf
    Last edited by Guest; 12-07-2010, 09:06 AM.

  • #2
    Hello Rolf,

    could you please download http://www.rename-it.nl/dovecot/util...uth-command.pl and try to authenticate via telnet.
    The perl script generates the auth command which must be pasted into the telnet session. The first parameter is the username (in your case user1@domain.com) and the second parameter is the password (the same like you typed into the OX login according to your setup).
    If you encounter the same error, then the system isn't configured correctly. Most probably because you use different settings for imap and sieve login. imap is set to "mail", but sieve is set to "imapLogin". So if it works with imap and sieve is located on the the same imap server I would start there.

    Furthermore it may help to have the mail.log too.

    Regards,

    Dennis

    Comment


    • #3
      Hi Dennis

      Thank you very much for your help. Your last point, lead to a sequence of actions that produced a solution to this problem.

      1. I looked at the log file at /var/log/maillog. It shows:


      Code:
      Dec  9 12:41:52 server1 dovecot: IMAP(user1@domain.com): Disconnected: Logged out bytes=96/819
      Dec  9 12:41:54 server1 dovecot: auth-worker(default): sql(user1@domain.com,127.0.0.1): Password query failed: Unknown column 'disablesieve' in 'where clause'
      Dec  9 12:42:01 server1 dovecot: IMAP(user1@domain.com): Disconnected: Logged out bytes=1883/7597
      Dec  9 12:42:01 server1 dovecot: managesieve-login: Aborted login (auth failed, 1 attempts): user=<user1@domain.com>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured
      [root@server1 ~]#

      2. I looked again at the file /etc/dovecot.conf. It showed(in part):


      Code:
      passdb sql {
          # Path for SQL configuration file, see doc/dovecot-sql-example.conf
          args = /etc/dovecot-sql.conf
        }
      3. I then looked at /etc/dovecot-sql.conf. It showed:


      Code:
      driver = mysql
      connect = host=localhost dbname=dbispconfig user=ispconfig password=4ca94bef9943203508xkfa688322b3c7
      default_pass_scheme = CRYPT
      
      password_query = SELECT password FROM mail_user WHERE email = '%u' AND disable%L = 'n'
      user_query = SELECT email as user, maildir as home, CONCAT(maildir, '/Maildir') as mail, uid, gid, CONCAT('maildir:storage=', quota) AS quota, CONCAT(maildir, '/.sieve') as sieve FROM mail_user WHERE email = '%u' AND disable%Ls = 'n'

      I checked with phpmyadmin and found "mail_user" did not have a column disablesieve, so now I was on track to fixing it.


      4. I then changed /etc/dovecot-sql.conf to look like:


      Code:
      driver = mysql
      connect = host=localhost dbname=dbispconfig user=ispconfig password=4ca94bef9943203508xkfa688322b3c7
      default_pass_scheme = CRYPT
      
      password_query = SELECT password FROM mail_user WHERE email = '%u' AND disableimap = 'n' AND disablepop3 = 'n' AND disabledeliver = 'n' AND disablesmtp = 'n'
      user_query = SELECT email as user, maildir as home, CONCAT(maildir, '/Maildir') as mail, uid, gid, CONCAT('maildir:storage=', quota) AS quota, CONCAT(maildir, '/.dovecot.sieve') as sieve FROM mail_user WHERE email = '%u'

      5. Reboot server and everything worked sweet.


      Regards
      Rolf

      Comment

      Working...
      X