Server side mail filtering with Horde – Ingo and Sieve

 

 

The Horde Groupware Webmail Edition provides a very convenient tool to manage filter rules for incoming emails.

The application is called Ingo and is already included in the webmail edition installation.

You can easily build rules to store incoming emails in different folders, redirect and so on.

newfilter

I assume that you already have a working mail server (dovecot + unix user accounts are used in my example) and Horde Groupware Webmail Edition installed. If not, check out my tutorial.

The server side filtering will be done by Sieve. The managesieve  service will make it possible to connect with Ingo to create, edit, enable and delete filter rules.

Installing needed packages
apt-get install dovecot-sieve dovecot-managesieved php-net-sieve

 

Activate sieve and managesieve in dovecot.conf

vim /etc/dovecot/dovecot.conf

 


# protocol sieve must be enabled
protocols = imap sieve
plugin {
 sieve = ~/.dovecot.sieve 
 sieve_global_path = /var/lib/dovecot/sieve/default.sieve 
 sieve_dir = ~/sieve 
 sieve_global_dir = /var/lib/dovecot/sieve/ 
}
service managesieve-login {
 inet_listener sieve { 
 port = 4190 
 address = 127.0.0.1
 #I only allow connections from localhost 
 }
 service_count = 1 
 process_min_avail = 1 
 vsz_limit = 64M 
}
service managesieve {
 process_limit = 10 
}
protocol lda {
mail_plugins = " sieve"
postmaster_address = postmaster@yourdomain.com
} 

 

Check the dovecot wiki  to understand the different parameters. Note that my configuration is done in dovecot.conf but you could also include the config.d/ folder and add you parameters there.

 

Restarting dovecot
service dovecot restart

Checking syslog for error messages

tail -f /var/log/syslog

 

If you see any dovecot errors, try to find out the cause and fix your dovecot.conf file.

You can use dovecot –n to see the configuration enabled for dovecot.

Let’s see if managesieve is listening at 4190
telnet 127.0.0.1 4190

 


Trying 127.0.0.1...
Escape character is '^]'.
 
"IMPLEMENTATION" "Dovecot (Ubuntu) Pigeonhole"
"SIEVE" "fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave"
"SASL" "PLAIN"to"
 
"STARTTLS"
"VERSION" "1.0"
OK "Dovecot (Ubuntu) ready."

 

We can see that managesieve is listening at port 4190 and it’s ready for Ingo to connect.

Now we need to configure Ingo to connect to Sieve.

Move to your-hordemail-directory/ingo/config and create backends.local.php
cp backends.php backends.local.php

Don’t change backends.php as this file will be overwritten when updating Horde.

 vim backends.local.php

Find the below section and set ‘disabled’ => false to true


/* IMAP Example */
$backends['imap'] = array(
// ENABLED by default
'disabled' => true,
'transport' => array(
Ingo::RULE_ALL => array(
'driver' => 'null',
'params' => array(),
),
),
'script' => array(
Ingo::RULE_ALL => array(
'driver' => 'imap',
'params' => array(),
),
),
'shares' => false
);
 

Find the Sieve section and change ‘disabled’ => true to false and make sure that parameters are set as in the below example.

/* Sieve Example */
$backends['sieve'] = array(
// Disabled by default
'disabled' => false,
'transport' => array(
Ingo::RULE_ALL => array(
'driver' => 'timsieved',
'params' => array(
// NOTE: Ingo by default sends only the bare Horde username
// for authentication. Sieve servers generally need both the
// username and domain. See the 'transport_auth' hook for
// an example on how to change the Ingo default behavior. 
// Hostname of the timsieved server
'hostspec' => 'localhost',
// Login type of the server
'logintype' => 'PLAIN',
// Enable/disable TLS encryption
'usetls' => true,
// Port number of the timsieved server
'port' => 4190,
// Name of the sieve script
'scriptname' => 'ingo',
// Enable debugging. The sieve protocol communication is
// logged with the DEBUG level.
'debug' => false,
),
),
),
'script' => array(
Ingo::RULE_ALL => array(
'driver' => 'sieve',
'params' => array(
// If true, use the deprecated 'imapflags' extension to set
// flag status instead of the newer, standardized
// 'imap4flags'.
// 'imapflags' => true, 
// If true, use the deprecated 'notify' extension instead of
// the newer, standardized 'enotify'.
// 'notify' => true, 
// If using Dovecot or any other Sieve implementation that
// requires folder names to be UTF-8 encoded, set this
// parameter to true.
'utf8' => false,
),
),
),
'shares' => false
);

 

Now we need to create hooks.local.php
cp hooks.php.dist hooks.local.php

Don’t change hooks.php.dist as this file will be overwritten when updating Horde.

Enable the following part in hooks.local.php
  public function transport_auth($driver)
 {
    switch ($driver) {
    case 'timsieved':
    // Example #1: Use full Horde username for  password.
    // This is generally needed for sieve servers.
    $full_user = $GLOBALS['registry']->getAuth(null);
    return array(
    'euser' => $full_user,
    'username' => $full_user
    );
    }
 }
After that we write the Ingo configuration file with the following options

ingoconfig

ingoconfig1

You can also manually write the file. It should look like that:

vim config.php
 <?php
 
/* CONFIG START. DO NOT CHANGE ANYTHING IN OR AFTER THIS LINE. */
// $Id: 48143d14ef06c07f36427fe5b43981641bdbfdb1 $
$conf['storage']['driver'] = 'prefs';
$conf['rules']['userheader'] = true;
$conf['spam']['header'] = 'X-Spam-Level';
$conf['spam']['char'] = '*';
$conf['spam']['compare'] = 'string';
/* CONFIG END. DO NOT CHANGE ANYTHING IN OR BEFORE THIS LINE. */

 

All the setup is done and we can create a  filter rule.

ingotest

Horde should confirm the new rule once saved.

ingostatus
Congratulations, you are now able to filter your emails in an effective and flexible way.

8 thoughts on “Server side mail filtering with Horde – Ingo and Sieve”

  1. Thanks for the article, really helped me get this set up for myself. One correction to your article though, in the hooks script, you need to change case ‘foo’ to case ‘timsieved’ in order for that hook to fire properly. Probably doesn’t make a difference if your login is only the user portion of your email address, but when your login is the full email address, that change is necessary for sieve to work.

    1. You are right; it does not make a difference if you login with the user name. I updated the article like you suggested.
      Thanks for bringing that up.

  2. Also, don’t miss to uncomment } twice in hooks.local.php – otherwise you will get a blank horde login page.

  3. Thanks for the article, helped me to enable the filter in mail and when i create vacation message via horde webmail auto response message is not triggered. I have postfixadmin installed with vacation enabled with roundcube vacation plugin in the same server which works nice. Is there any thing i miss to trigger auto response message.

    Thnk You

    1. Hi Murali!

      Please check your logs to see if sieve did detect the settings.

      cat /var/log/syslog | grep sieve

      You should find a line like this:
      Mar 21 12:23:45 yourhost dovecot: lda(tester): sieve: msgid=<CAOt_8qziWBZPJsV1_7fHYeTPADTat=ceMBP1nStLfqtSdF_nxw@mail.gmail.com>: sent vacation response to <tester@gmail.com>

      Hope that helps!

  4. Hi,

    How can I setup the Horde Dovecot Managesieve backend on a different host??? I’ve tried to put my remote host on hostspec but withou success.

    Thank you.

    Thank you

    1. Hi,

      Has been a long time that I did not look into that. I’m a little rusted to be honest. I would suggest asking a sieve mailing group. The experts will serve you better.

      Rgs,

Comments are closed.